mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-02 01:27:27 -04:00
49 lines
1.3 KiB
JSON
49 lines
1.3 KiB
JSON
{
|
|
"template" : "logstash-*",
|
|
"version" : 50001,
|
|
"settings" : {
|
|
"index.refresh_interval" : "5s",
|
|
"index.number_of_shards" : "1",
|
|
"index.number_of_replicas" : "0"
|
|
},
|
|
"mappings" : {
|
|
"_default_" : {
|
|
"_all" : {"enabled" : true, "norms" : false},
|
|
"dynamic_templates" : [ {
|
|
"message_field" : {
|
|
"path_match" : "message",
|
|
"match_mapping_type" : "string",
|
|
"mapping" : {
|
|
"type" : "text",
|
|
"norms" : false
|
|
}
|
|
}
|
|
}, {
|
|
"string_fields" : {
|
|
"match" : "*",
|
|
"match_mapping_type" : "string",
|
|
"mapping" : {
|
|
"type" : "text", "norms" : false,
|
|
"fields" : {
|
|
"keyword" : { "type": "keyword", "ignore_above": 256 }
|
|
}
|
|
}
|
|
}
|
|
} ],
|
|
"properties" : {
|
|
"@timestamp": { "type": "date", "include_in_all": false },
|
|
"@version": { "type": "keyword", "include_in_all": false },
|
|
"geoip" : {
|
|
"dynamic": true,
|
|
"properties" : {
|
|
"ip": { "type": "ip" },
|
|
"location" : { "type" : "geo_point" },
|
|
"latitude" : { "type" : "half_float" },
|
|
"longitude" : { "type" : "half_float" }
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|