From b9da9f04af48a933d25ad2c5fcbac54fb981d5dc Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Mon, 3 Feb 2020 12:18:43 +0000
Subject: [PATCH] adjust default field

---
 docker/elk/logstash/dist/elasticsearch-template-es7x.json | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/docker/elk/logstash/dist/elasticsearch-template-es7x.json b/docker/elk/logstash/dist/elasticsearch-template-es7x.json
index 71793ff7..41e5c801 100644
--- a/docker/elk/logstash/dist/elasticsearch-template-es7x.json
+++ b/docker/elk/logstash/dist/elasticsearch-template-es7x.json
@@ -3,9 +3,12 @@
   "version" : 60001,
   "settings" : {
     "index.refresh_interval" : "5s",
-    "number_of_shards": 1,
+    "number_of_shards" : 1,
     "index.number_of_replicas" : "0",
-    "index.mapping.total_fields.limit": "2000"
+    "index.mapping.total_fields.limit" : "2000",
+    "index.query": {
+      "default_field": "fields.*"
+     }
   },
   "mappings" : {
     "dynamic_templates" : [ {