CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-15 21:52:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c0c01f0d17fe6c9e3cf45b1fe9136d5c4ea1650f
securityonion/salt/elasticsearch/templates/component/ecs/netflow.json
Wes a59eda319e Remove security subfield
2023-07-18 19:00:50 +00:00

1423 lines
39 KiB
JSON
Raw Blame History

{
"_meta": {
"documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-base.html",
"ecs_version": "1.12.2"
},
"template": {
"mappings": {
"properties": {
"netflow": {
"properties": {
"absolute_error": {
"type": "double"
},
"address_pool_high_threshold": {
"type": "long"
},
"address_pool_low_threshold": {
"type": "long"
},
"address_port_mapping_high_threshold": {
"type": "long"
},
"address_port_mapping_low_threshold": {
"type": "long"
},
"address_port_mapping_per_user_high_threshold": {
"type": "long"
},
"anonymization_flags": {
"type": "long"
},
"anonymization_technique": {
"type": "long"
},
"application_category_name": {
"ignore_above": 1024,
"type": "keyword"
},
"application_description": {
"ignore_above": 1024,
"type": "keyword"
},
"application_group_name": {
"ignore_above": 1024,
"type": "keyword"
},
"application_id": {
"type": "short"
},
"application_name": {
"ignore_above": 1024,
"type": "keyword"
},
"application_sub_category_name": {
"ignore_above": 1024,
"type": "keyword"
},
"bgp_destination_as_number": {
"type": "long"
},
"bgp_next_adjacent_as_number": {
"type": "long"
},
"bgp_next_hop_ipv4_address": {
"type": "ip"
},
"bgp_next_hop_ipv6_address": {
"type": "ip"
},
"bgp_prev_adjacent_as_number": {
"type": "long"
},
"bgp_source_as_number": {
"type": "long"
},
"bgp_validity_state": {
"type": "short"
},
"biflow_direction": {
"type": "short"
},
"class_id": {
"type": "long"
},
"class_name": {
"ignore_above": 1024,
"type": "keyword"
},
"classification_engine_id": {
"type": "short"
},
"collection_time_milliseconds": {
"type": "date"
},
"collector_certificate": {
"type": "short"
},
"collector_ipv4_address": {
"type": "ip"
},
"collector_ipv6_address": {
"type": "ip"
},
"collector_transport_port": {
"type": "long"
},
"common_properties_id": {
"type": "long"
},
"confidence_level": {
"type": "double"
},
"connection_sum_duration_seconds": {
"type": "long"
},
"connection_transaction_id": {
"type": "long"
},
"data_link_frame_section": {
"type": "short"
},
"data_link_frame_size": {
"type": "long"
},
"data_link_frame_type": {
"type": "long"
},
"data_records_reliability": {
"type": "boolean"
},
"delta_flow_count": {
"type": "long"
},
"destination_ipv4_address": {
"type": "ip"
},
"destination_ipv4_prefix": {
"type": "ip"
},
"destination_ipv4_prefix_length": {
"type": "short"
},
"destination_ipv6_address": {
"type": "ip"
},
"destination_ipv6_prefix": {
"type": "ip"
},
"destination_ipv6_prefix_length": {
"type": "short"
},
"destination_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"destination_transport_port": {
"type": "long"
},
"digest_hash_value": {
"type": "long"
},
"distinct_count_of_destination_ip_address": {
"type": "long"
},
"distinct_count_of_destination_ipv4_address": {
"type": "long"
},
"distinct_count_of_destination_ipv6_address": {
"type": "long"
},
"distinct_count_of_source_ip_address": {
"type": "long"
},
"distinct_count_of_source_ipv4_address": {
"type": "long"
},
"distinct_count_of_source_ipv6_address": {
"type": "long"
},
"dot1q_customer_dei": {
"type": "boolean"
},
"dot1q_customer_destination_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"dot1q_customer_priority": {
"type": "short"
},
"dot1q_customer_source_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"dot1q_customer_vlan_id": {
"type": "long"
},
"dot1q_dei": {
"type": "boolean"
},
"dot1q_priority": {
"type": "short"
},
"dot1q_service_instance_id": {
"type": "long"
},
"dot1q_service_instance_priority": {
"type": "short"
},
"dot1q_service_instance_tag": {
"type": "short"
},
"dot1q_vlan_id": {
"type": "long"
},
"dropped_layer2_octet_delta_count": {
"type": "long"
},
"dropped_layer2_octet_total_count": {
"type": "long"
},
"dropped_octet_delta_count": {
"type": "long"
},
"dropped_octet_total_count": {
"type": "long"
},
"dropped_packet_delta_count": {
"type": "long"
},
"dropped_packet_total_count": {
"type": "long"
},
"dst_traffic_index": {
"type": "long"
},
"egress_broadcast_packet_total_count": {
"type": "long"
},
"egress_interface": {
"type": "long"
},
"egress_interface_type": {
"type": "long"
},
"egress_physical_interface": {
"type": "long"
},
"egress_unicast_packet_total_count": {
"type": "long"
},
"egress_vrfid": {
"type": "long"
},
"encrypted_technology": {
"ignore_above": 1024,
"type": "keyword"
},
"engine_id": {
"type": "short"
},
"engine_type": {
"type": "short"
},
"ethernet_header_length": {
"type": "short"
},
"ethernet_payload_length": {
"type": "long"
},
"ethernet_total_length": {
"type": "long"
},
"ethernet_type": {
"type": "long"
},
"export_interface": {
"type": "long"
},
"export_protocol_version": {
"type": "short"
},
"export_sctp_stream_id": {
"type": "long"
},
"export_transport_protocol": {
"type": "short"
},
"exported_flow_record_total_count": {
"type": "long"
},
"exported_message_total_count": {
"type": "long"
},
"exported_octet_total_count": {
"type": "long"
},
"exporter": {
"properties": {
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"source_id": {
"type": "long"
},
"timestamp": {
"type": "date"
},
"uptime_millis": {
"type": "long"
},
"version": {
"type": "long"
}
}
},
"exporter_certificate": {
"type": "short"
},
"exporter_ipv4_address": {
"type": "ip"
},
"exporter_ipv6_address": {
"type": "ip"
},
"exporter_transport_port": {
"type": "long"
},
"exporting_process_id": {
"type": "long"
},
"external_address_realm": {
"type": "short"
},
"firewall_event": {
"type": "short"
},
"flags_and_sampler_id": {
"type": "long"
},
"flow_active_timeout": {
"type": "long"
},
"flow_direction": {
"type": "short"
},
"flow_duration_microseconds": {
"type": "long"
},
"flow_duration_milliseconds": {
"type": "long"
},
"flow_end_delta_microseconds": {
"type": "long"
},
"flow_end_microseconds": {
"type": "date"
},
"flow_end_milliseconds": {
"type": "date"
},
"flow_end_nanoseconds": {
"type": "date"
},
"flow_end_reason": {
"type": "short"
},
"flow_end_seconds": {
"type": "date"
},
"flow_end_sys_up_time": {
"type": "long"
},
"flow_id": {
"type": "long"
},
"flow_idle_timeout": {
"type": "long"
},
"flow_key_indicator": {
"type": "long"
},
"flow_label_ipv6": {
"type": "long"
},
"flow_sampling_time_interval": {
"type": "long"
},
"flow_sampling_time_spacing": {
"type": "long"
},
"flow_selected_flow_delta_count": {
"type": "long"
},
"flow_selected_octet_delta_count": {
"type": "long"
},
"flow_selected_packet_delta_count": {
"type": "long"
},
"flow_selector_algorithm": {
"type": "long"
},
"flow_start_delta_microseconds": {
"type": "long"
},
"flow_start_microseconds": {
"type": "date"
},
"flow_start_milliseconds": {
"type": "date"
},
"flow_start_nanoseconds": {
"type": "date"
},
"flow_start_seconds": {
"type": "date"
},
"flow_start_sys_up_time": {
"type": "long"
},
"forwarding_status": {
"type": "short"
},
"fragment_flags": {
"type": "short"
},
"fragment_identification": {
"type": "long"
},
"fragment_offset": {
"type": "long"
},
"global_address_mapping_high_threshold": {
"type": "long"
},
"gre_key": {
"type": "long"
},
"hash_digest_output": {
"type": "boolean"
},
"hash_flow_domain": {
"type": "long"
},
"hash_initialiser_value": {
"type": "long"
},
"hash_ip_payload_offset": {
"type": "long"
},
"hash_ip_payload_size": {
"type": "long"
},
"hash_output_range_max": {
"type": "long"
},
"hash_output_range_min": {
"type": "long"
},
"hash_selected_range_max": {
"type": "long"
},
"hash_selected_range_min": {
"type": "long"
},
"http_content_type": {
"ignore_above": 1024,
"type": "keyword"
},
"http_message_version": {
"ignore_above": 1024,
"type": "keyword"
},
"http_reason_phrase": {
"ignore_above": 1024,
"type": "keyword"
},
"http_request_host": {
"ignore_above": 1024,
"type": "keyword"
},
"http_request_method": {
"ignore_above": 1024,
"type": "keyword"
},
"http_request_target": {
"ignore_above": 1024,
"type": "keyword"
},
"http_status_code": {
"type": "long"
},
"http_user_agent": {
"ignore_above": 1024,
"type": "keyword"
},
"icmp_code_ipv4": {
"type": "short"
},
"icmp_code_ipv6": {
"type": "short"
},
"icmp_type_code_ipv4": {
"type": "long"
},
"icmp_type_code_ipv6": {
"type": "long"
},
"icmp_type_ipv4": {
"type": "short"
},
"icmp_type_ipv6": {
"type": "short"
},
"igmp_type": {
"type": "short"
},
"ignored_data_record_total_count": {
"type": "long"
},
"ignored_layer2_frame_total_count": {
"type": "long"
},
"ignored_layer2_octet_total_count": {
"type": "long"
},
"ignored_octet_total_count": {
"type": "long"
},
"ignored_packet_total_count": {
"type": "long"
},
"information_element_data_type": {
"type": "short"
},
"information_element_description": {
"ignore_above": 1024,
"type": "keyword"
},
"information_element_id": {
"type": "long"
},
"information_element_index": {
"type": "long"
},
"information_element_name": {
"ignore_above": 1024,
"type": "keyword"
},
"information_element_range_begin": {
"type": "long"
},
"information_element_range_end": {
"type": "long"
},
"information_element_semantics": {
"type": "short"
},
"information_element_units": {
"type": "long"
},
"ingress_broadcast_packet_total_count": {
"type": "long"
},
"ingress_interface": {
"type": "long"
},
"ingress_interface_type": {
"type": "long"
},
"ingress_multicast_packet_total_count": {
"type": "long"
},
"ingress_physical_interface": {
"type": "long"
},
"ingress_unicast_packet_total_count": {
"type": "long"
},
"ingress_vrfid": {
"type": "long"
},
"initiator_octets": {
"type": "long"
},
"initiator_packets": {
"type": "long"
},
"interface_description": {
"ignore_above": 1024,
"type": "keyword"
},
"interface_name": {
"ignore_above": 1024,
"type": "keyword"
},
"intermediate_process_id": {
"type": "long"
},
"internal_address_realm": {
"type": "short"
},
"ip_class_of_service": {
"type": "short"
},
"ip_diff_serv_code_point": {
"type": "short"
},
"ip_header_length": {
"type": "short"
},
"ip_header_packet_section": {
"type": "short"
},
"ip_next_hop_ipv4_address": {
"type": "ip"
},
"ip_next_hop_ipv6_address": {
"type": "ip"
},
"ip_payload_length": {
"type": "long"
},
"ip_payload_packet_section": {
"type": "short"
},
"ip_precedence": {
"type": "short"
},
"ip_sec_spi": {
"type": "long"
},
"ip_total_length": {
"type": "long"
},
"ip_ttl": {
"type": "short"
},
"ip_version": {
"type": "short"
},
"ipv4_ihl": {
"type": "short"
},
"ipv4_options": {
"type": "long"
},
"ipv4_router_sc": {
"type": "ip"
},
"ipv6_extension_headers": {
"type": "long"
},
"is_multicast": {
"type": "short"
},
"layer2_frame_delta_count": {
"type": "long"
},
"layer2_frame_total_count": {
"type": "long"
},
"layer2_octet_delta_count": {
"type": "long"
},
"layer2_octet_delta_sum_of_squares": {
"type": "long"
},
"layer2_octet_total_count": {
"type": "long"
},
"layer2_octet_total_sum_of_squares": {
"type": "long"
},
"layer2_segment_id": {
"type": "long"
},
"layer2packet_section_data": {
"type": "short"
},
"layer2packet_section_offset": {
"type": "long"
},
"layer2packet_section_size": {
"type": "long"
},
"line_card_id": {
"type": "long"
},
"lower_ci_limit": {
"type": "double"
},
"max_bib_entries": {
"type": "long"
},
"max_entries_per_user": {
"type": "long"
},
"max_export_seconds": {
"type": "date"
},
"max_flow_end_microseconds": {
"type": "date"
},
"max_flow_end_milliseconds": {
"type": "date"
},
"max_flow_end_nanoseconds": {
"type": "date"
},
"max_flow_end_seconds": {
"type": "date"
},
"max_fragments_pending_reassembly": {
"type": "long"
},
"max_session_entries": {
"type": "long"
},
"max_subscribers": {
"type": "long"
},
"maximum_ip_total_length": {
"type": "long"
},
"maximum_layer2_total_length": {
"type": "long"
},
"maximum_ttl": {
"type": "short"
},
"message_md5_checksum": {
"type": "short"
},
"message_scope": {
"type": "short"
},
"metering_process_id": {
"type": "long"
},
"metro_evc_id": {
"ignore_above": 1024,
"type": "keyword"
},
"metro_evc_type": {
"type": "short"
},
"mib_capture_time_semantics": {
"type": "short"
},
"mib_context_engine_id": {
"type": "short"
},
"mib_context_name": {
"ignore_above": 1024,
"type": "keyword"
},
"mib_index_indicator": {
"type": "long"
},
"mib_module_name": {
"ignore_above": 1024,
"type": "keyword"
},
"mib_object_description": {
"ignore_above": 1024,
"type": "keyword"
},
"mib_object_identifier": {
"type": "short"
},
"mib_object_name": {
"ignore_above": 1024,
"type": "keyword"
},
"mib_object_syntax": {
"ignore_above": 1024,
"type": "keyword"
},
"mib_object_value_bits": {
"type": "short"
},
"mib_object_value_counter": {
"type": "long"
},
"mib_object_value_gauge": {
"type": "long"
},
"mib_object_value_integer": {
"type": "long"
},
"mib_object_value_ip_address": {
"type": "ip"
},
"mib_object_value_octet_string": {
"type": "short"
},
"mib_object_value_oid": {
"type": "short"
},
"mib_object_value_time_ticks": {
"type": "long"
},
"mib_object_value_unsigned": {
"type": "long"
},
"mib_sub_identifier": {
"type": "long"
},
"min_export_seconds": {
"type": "date"
},
"min_flow_start_microseconds": {
"type": "date"
},
"min_flow_start_milliseconds": {
"type": "date"
},
"min_flow_start_nanoseconds": {
"type": "date"
},
"min_flow_start_seconds": {
"type": "date"
},
"minimum_ip_total_length": {
"type": "long"
},
"minimum_layer2_total_length": {
"type": "long"
},
"minimum_ttl": {
"type": "short"
},
"mobile_imsi": {
"ignore_above": 1024,
"type": "keyword"
},
"mobile_msisdn": {
"ignore_above": 1024,
"type": "keyword"
},
"monitoring_interval_end_milli_seconds": {
"type": "date"
},
"monitoring_interval_start_milli_seconds": {
"type": "date"
},
"mpls_label_stack_depth": {
"type": "long"
},
"mpls_label_stack_length": {
"type": "long"
},
"mpls_label_stack_section": {
"type": "short"
},
"mpls_label_stack_section10": {
"type": "short"
},
"mpls_label_stack_section2": {
"type": "short"
},
"mpls_label_stack_section3": {
"type": "short"
},
"mpls_label_stack_section4": {
"type": "short"
},
"mpls_label_stack_section5": {
"type": "short"
},
"mpls_label_stack_section6": {
"type": "short"
},
"mpls_label_stack_section7": {
"type": "short"
},
"mpls_label_stack_section8": {
"type": "short"
},
"mpls_label_stack_section9": {
"type": "short"
},
"mpls_payload_length": {
"type": "long"
},
"mpls_payload_packet_section": {
"type": "short"
},
"mpls_top_label_exp": {
"type": "short"
},
"mpls_top_label_ipv4_address": {
"type": "ip"
},
"mpls_top_label_ipv6_address": {
"type": "ip"
},
"mpls_top_label_prefix_length": {
"type": "short"
},
"mpls_top_label_stack_section": {
"type": "short"
},
"mpls_top_label_ttl": {
"type": "short"
},
"mpls_top_label_type": {
"type": "short"
},
"mpls_vpn_route_distinguisher": {
"type": "short"
},
"multicast_replication_factor": {
"type": "long"
},
"nat_event": {
"type": "short"
},
"nat_instance_id": {
"type": "long"
},
"nat_originating_address_realm": {
"type": "short"
},
"nat_pool_id": {
"type": "long"
},
"nat_pool_name": {
"ignore_above": 1024,
"type": "keyword"
},
"nat_quota_exceeded_event": {
"type": "long"
},
"nat_threshold_event": {
"type": "long"
},
"nat_type": {
"type": "short"
},
"new_connection_delta_count": {
"type": "long"
},
"next_header_ipv6": {
"type": "short"
},
"not_sent_flow_total_count": {
"type": "long"
},
"not_sent_layer2_octet_total_count": {
"type": "long"
},
"not_sent_octet_total_count": {
"type": "long"
},
"not_sent_packet_total_count": {
"type": "long"
},
"observation_domain_id": {
"type": "long"
},
"observation_domain_name": {
"ignore_above": 1024,
"type": "keyword"
},
"observation_point_id": {
"type": "long"
},
"observation_point_type": {
"type": "short"
},
"observation_time_microseconds": {
"type": "date"
},
"observation_time_milliseconds": {
"type": "date"
},
"observation_time_nanoseconds": {
"type": "date"
},
"observation_time_seconds": {
"type": "date"
},
"observed_flow_total_count": {
"type": "long"
},
"octet_delta_count": {
"type": "long"
},
"octet_delta_sum_of_squares": {
"type": "long"
},
"octet_total_count": {
"type": "long"
},
"octet_total_sum_of_squares": {
"type": "long"
},
"opaque_octets": {
"type": "short"
},
"original_exporter_ipv4_address": {
"type": "ip"
},
"original_exporter_ipv6_address": {
"type": "ip"
},
"original_flows_completed": {
"type": "long"
},
"original_flows_initiated": {
"type": "long"
},
"original_flows_present": {
"type": "long"
},
"original_observation_domain_id": {
"type": "long"
},
"p2p_technology": {
"ignore_above": 1024,
"type": "keyword"
},
"packet_delta_count": {
"type": "long"
},
"packet_total_count": {
"type": "long"
},
"padding_octets": {
"type": "short"
},
"payload_length_ipv6": {
"type": "long"
},
"port_id": {
"type": "long"
},
"port_range_end": {
"type": "long"
},
"port_range_num_ports": {
"type": "long"
},
"port_range_start": {
"type": "long"
},
"port_range_step_size": {
"type": "long"
},
"post_destination_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"post_dot1q_customer_vlan_id": {
"type": "long"
},
"post_dot1q_vlan_id": {
"type": "long"
},
"post_ip_class_of_service": {
"type": "short"
},
"post_ip_diff_serv_code_point": {
"type": "short"
},
"post_ip_precedence": {
"type": "short"
},
"post_layer2_octet_delta_count": {
"type": "long"
},
"post_layer2_octet_total_count": {
"type": "long"
},
"post_mcast_layer2_octet_delta_count": {
"type": "long"
},
"post_mcast_layer2_octet_total_count": {
"type": "long"
},
"post_mcast_octet_delta_count": {
"type": "long"
},
"post_mcast_octet_total_count": {
"type": "long"
},
"post_mcast_packet_delta_count": {
"type": "long"
},
"post_mcast_packet_total_count": {
"type": "long"
},
"post_mpls_top_label_exp": {
"type": "short"
},
"post_napt_destination_transport_port": {
"type": "long"
},
"post_napt_source_transport_port": {
"type": "long"
},
"post_nat_destination_ipv4_address": {
"type": "ip"
},
"post_nat_destination_ipv6_address": {
"type": "ip"
},
"post_nat_source_ipv4_address": {
"type": "ip"
},
"post_nat_source_ipv6_address": {
"type": "ip"
},
"post_octet_delta_count": {
"type": "long"
},
"post_octet_total_count": {
"type": "long"
},
"post_packet_delta_count": {
"type": "long"
},
"post_packet_total_count": {
"type": "long"
},
"post_source_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"post_vlan_id": {
"type": "long"
},
"private_enterprise_number": {
"type": "long"
},
"protocol_identifier": {
"type": "short"
},
"pseudo_wire_control_word": {
"type": "long"
},
"pseudo_wire_destination_ipv4_address": {
"type": "ip"
},
"pseudo_wire_id": {
"type": "long"
},
"pseudo_wire_type": {
"type": "long"
},
"relative_error": {
"type": "double"
},
"responder_octets": {
"type": "long"
},
"responder_packets": {
"type": "long"
},
"rfc3550_jitter_microseconds": {
"type": "long"
},
"rfc3550_jitter_milliseconds": {
"type": "long"
},
"rfc3550_jitter_nanoseconds": {
"type": "long"
},
"rtp_sequence_number": {
"type": "long"
},
"sampler_id": {
"type": "short"
},
"sampler_mode": {
"type": "short"
},
"sampler_name": {
"ignore_above": 1024,
"type": "keyword"
},
"sampler_random_interval": {
"type": "long"
},
"sampling_algorithm": {
"type": "short"
},
"sampling_flow_interval": {
"type": "long"
},
"sampling_flow_spacing": {
"type": "long"
},
"sampling_interval": {
"type": "long"
},
"sampling_packet_interval": {
"type": "long"
},
"sampling_packet_space": {
"type": "long"
},
"sampling_population": {
"type": "long"
},
"sampling_probability": {
"type": "double"
},
"sampling_size": {
"type": "long"
},
"sampling_time_interval": {
"type": "long"
},
"sampling_time_space": {
"type": "long"
},
"section_exported_octets": {
"type": "long"
},
"section_offset": {
"type": "long"
},
"selection_sequence_id": {
"type": "long"
},
"selector_algorithm": {
"type": "long"
},
"selector_id": {
"type": "long"
},
"selector_id_total_flows_observed": {
"type": "long"
},
"selector_id_total_flows_selected": {
"type": "long"
},
"selector_id_total_pkts_observed": {
"type": "long"
},
"selector_id_total_pkts_selected": {
"type": "long"
},
"selector_name": {
"ignore_above": 1024,
"type": "keyword"
},
"session_scope": {
"type": "short"
},
"source_ipv4_address": {
"type": "ip"
},
"source_ipv4_prefix": {
"type": "ip"
},
"source_ipv4_prefix_length": {
"type": "short"
},
"source_ipv6_address": {
"type": "ip"
},
"source_ipv6_prefix": {
"type": "ip"
},
"source_ipv6_prefix_length": {
"type": "short"
},
"source_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"source_transport_port": {
"type": "long"
},
"source_transport_ports_limit": {
"type": "long"
},
"src_traffic_index": {
"type": "long"
},
"sta_ipv4_address": {
"type": "ip"
},
"sta_mac_address": {
"ignore_above": 1024,
"type": "keyword"
},
"system_init_time_milliseconds": {
"type": "date"
},
"tcp_ack_total_count": {
"type": "long"
},
"tcp_acknowledgement_number": {
"type": "long"
},
"tcp_control_bits": {
"type": "long"
},
"tcp_destination_port": {
"type": "long"
},
"tcp_fin_total_count": {
"type": "long"
},
"tcp_header_length": {
"type": "short"
},
"tcp_options": {
"type": "long"
},
"tcp_psh_total_count": {
"type": "long"
},
"tcp_rst_total_count": {
"type": "long"
},
"tcp_sequence_number": {
"type": "long"
},
"tcp_source_port": {
"type": "long"
},
"tcp_syn_total_count": {
"type": "long"
},
"tcp_urg_total_count": {
"type": "long"
},
"tcp_urgent_pointer": {
"type": "long"
},
"tcp_window_scale": {
"type": "long"
},
"tcp_window_size": {
"type": "long"
},
"template_id": {
"type": "long"
},
"total_length_ipv4": {
"type": "long"
},
"transport_octet_delta_count": {
"type": "long"
},
"transport_packet_delta_count": {
"type": "long"
},
"tunnel_technology": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"udp_destination_port": {
"type": "long"
},
"udp_message_length": {
"type": "long"
},
"udp_source_port": {
"type": "long"
},
"upper_ci_limit": {
"type": "double"
},
"user_name": {
"ignore_above": 1024,
"type": "keyword"
},
"value_distribution_method": {
"type": "short"
},
"virtual_station_interface_id": {
"type": "short"
},
"virtual_station_interface_name": {
"ignore_above": 1024,
"type": "keyword"
},
"virtual_station_name": {
"ignore_above": 1024,
"type": "keyword"
},
"virtual_station_uuid": {
"type": "short"
},
"vlan_id": {
"type": "long"
},
"vpn_identifier": {
"type": "short"
},
"vr_fname": {
"ignore_above": 1024,
"type": "keyword"
},
"wlan_channel_id": {
"type": "short"
},
"wlan_ssid": {
"ignore_above": 1024,
"type": "keyword"
},
"wtp_mac_address": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink