CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-14 12:11:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebcef8adbd11b91a5bbcfec0865dde1d1c8cb7ea
securityonion/salt/elasticsearch/templates/component/ecs/cyberark.json
Wes a59eda319e Remove security subfield
2023-07-18 19:00:50 +00:00

305 lines
9.8 KiB
JSON
Raw Blame History

{
"_meta": {
"documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-base.html",
"ecs_version": "1.12.2"
},
"template": {
"mappings": {
"properties": {
"cyberarkpas": {
"properties": {
"audit": {
"properties": {
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"ca_properties": {
"properties": {
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"cpm_disabled": {
"ignore_above": 1024,
"type": "keyword"
},
"cpm_error_details": {
"ignore_above": 1024,
"type": "keyword"
},
"cpm_status": {
"ignore_above": 1024,
"type": "keyword"
},
"creation_method": {
"ignore_above": 1024,
"type": "keyword"
},
"customer": {
"ignore_above": 1024,
"type": "keyword"
},
"database": {
"ignore_above": 1024,
"type": "keyword"
},
"device_type": {
"ignore_above": 1024,
"type": "keyword"
},
"dual_account_status": {
"ignore_above": 1024,
"type": "keyword"
},
"group_name": {
"ignore_above": 1024,
"type": "keyword"
},
"in_process": {
"ignore_above": 1024,
"type": "keyword"
},
"index": {
"ignore_above": 1024,
"type": "keyword"
},
"last_fail_date": {
"ignore_above": 1024,
"type": "keyword"
},
"last_success_change": {
"ignore_above": 1024,
"type": "keyword"
},
"last_success_reconciliation": {
"ignore_above": 1024,
"type": "keyword"
},
"last_success_verification": {
"ignore_above": 1024,
"type": "keyword"
},
"last_task": {
"ignore_above": 1024,
"type": "keyword"
},
"logon_domain": {
"ignore_above": 1024,
"type": "keyword"
},
"other": {
"type": "flattened"
},
"policy_id": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"ignore_above": 1024,
"type": "keyword"
},
"privcloud": {
"ignore_above": 1024,
"type": "keyword"
},
"reset_immediately": {
"ignore_above": 1024,
"type": "keyword"
},
"retries_count": {
"ignore_above": 1024,
"type": "keyword"
},
"sequence_id": {
"ignore_above": 1024,
"type": "keyword"
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
},
"user_dn": {
"ignore_above": 1024,
"type": "keyword"
},
"user_name": {
"ignore_above": 1024,
"type": "keyword"
},
"virtual_username": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"category": {
"ignore_above": 1024,
"type": "keyword"
},
"desc": {
"ignore_above": 1024,
"type": "keyword"
},
"extra_details": {
"properties": {
"ad_process_id": {
"ignore_above": 1024,
"type": "keyword"
},
"ad_process_name": {
"ignore_above": 1024,
"type": "keyword"
},
"application_type": {
"ignore_above": 1024,
"type": "keyword"
},
"command": {
"ignore_above": 1024,
"type": "keyword"
},
"connection_component_id": {
"ignore_above": 1024,
"type": "keyword"
},
"dst_host": {
"ignore_above": 1024,
"type": "keyword"
},
"logon_account": {
"ignore_above": 1024,
"type": "keyword"
},
"managed_account": {
"ignore_above": 1024,
"type": "keyword"
},
"other": {
"type": "flattened"
},
"process_id": {
"ignore_above": 1024,
"type": "keyword"
},
"process_name": {
"ignore_above": 1024,
"type": "keyword"
},
"protocol": {
"ignore_above": 1024,
"type": "keyword"
},
"psmid": {
"ignore_above": 1024,
"type": "keyword"
},
"session_duration": {
"ignore_above": 1024,
"type": "keyword"
},
"session_id": {
"ignore_above": 1024,
"type": "keyword"
},
"src_host": {
"ignore_above": 1024,
"type": "keyword"
},
"username": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"file": {
"ignore_above": 1024,
"type": "keyword"
},
"gateway_station": {
"type": "ip"
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"iso_timestamp": {
"type": "date"
},
"issuer": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"doc_values": false,
"ignore_above": 4096,
"index": false,
"type": "keyword"
},
"message": {
"ignore_above": 1024,
"type": "keyword"
},
"message_id": {
"ignore_above": 1024,
"type": "keyword"
},
"product": {
"ignore_above": 1024,
"type": "keyword"
},
"pvwa_details": {
"type": "flattened"
},
"raw": {
"doc_values": false,
"ignore_above": 4096,
"index": false,
"type": "keyword"
},
"reason": {
"norms": false,
"type": "text"
},
"rfc5424": {
"type": "boolean"
},
"safe": {
"ignore_above": 1024,
"type": "keyword"
},
"severity": {
"ignore_above": 1024,
"type": "keyword"
},
"source_user": {
"ignore_above": 1024,
"type": "keyword"
},
"station": {
"type": "ip"
},
"target_user": {
"ignore_above": 1024,
"type": "keyword"
},
"timestamp": {
"ignore_above": 1024,
"type": "keyword"
},
"vendor": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink