mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-29 03:38:51 +00:00
49 lines
1.2 KiB
JSON
49 lines
1.2 KiB
JSON
{
|
|
"index_patterns" : "logstash-*",
|
|
"version" : 60001,
|
|
"settings" : {
|
|
"index.refresh_interval" : "5s",
|
|
"number_of_shards" : 1,
|
|
"index.number_of_replicas" : "0",
|
|
"index.mapping.total_fields.limit" : "2000",
|
|
"index.query": {
|
|
"default_field": "fields.*"
|
|
}
|
|
},
|
|
"mappings" : {
|
|
"dynamic_templates" : [ {
|
|
"message_field" : {
|
|
"path_match" : "message",
|
|
"match_mapping_type" : "string",
|
|
"mapping" : {
|
|
"type" : "text",
|
|
"norms" : false
|
|
}
|
|
}
|
|
}, {
|
|
"string_fields" : {
|
|
"match" : "*",
|
|
"match_mapping_type" : "string",
|
|
"mapping" : {
|
|
"type" : "text", "norms" : false,
|
|
"fields" : {
|
|
"keyword" : { "type": "keyword", "ignore_above": 256 }
|
|
}
|
|
}
|
|
}
|
|
} ],
|
|
"properties" : {
|
|
"@timestamp": { "type": "date"},
|
|
"@version": { "type": "keyword"},
|
|
"geoip" : {
|
|
"dynamic": true,
|
|
"properties" : {
|
|
"ip": { "type": "ip" },
|
|
"location" : { "type" : "geo_point" },
|
|
"latitude" : { "type" : "half_float" },
|
|
"longitude" : { "type" : "half_float" }
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|