Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
132 lines (132 sloc) 2.84 KB
PUT /_template/monitoring
{
"version": 1,
"index_patterns": [
"monitoring"
],
"settings": {
"index": {
"number_of_shards": "1",
"number_of_replicas": "0"
},
"analysis": {
"normalizer": {
"lc_normalizer": {
"type": "custom",
"char_filter": [],
"filter": [
"lowercase"
]
}
}
}
},
"mappings": {
"events": {
"properties": {
"datetime_received": {
"type": "date",
"format": "strict_date_time||strict_date_time_no_millis"
},
"datetime_reported": {
"type": "date",
"format": "strict_date_time||strict_date_time_no_millis"
},
"src_host": {
"type": "keyword"
},
"src_format": {
"type": "keyword"
},
"device": {
"type": "keyword",
"normalizer": "lc_normalizer"
},
"indicator": {
"type": "keyword",
"normalizer": "lc_normalizer"
},
"device_indicator_join": {
"type": "join",
"relations": {
"device": "indicator"
}
},
"state": {
"type": "byte"
},
"last_received_state_change": {
"type": "date",
"format": "strict_date_time||strict_date_time_no_millis"
},
"state_count": {
"type": "long"
},
"output": {
"type": "text"
},
"ack": {
"type": "boolean"
}
},
"dynamic_templates": [
{
"type_ip": {
"match_pattern": "regex",
"match": "^(ip_.*|.*_ip|ip)$",
"mapping": {
"type": "ip"
}
}
},
{
"type_keyword": {
"match_pattern": "regex",
"match": "^(kw|device)_.*$",
"mapping": {
"type": "keyword",
"normalizer": "lc_normalizer"
}
}
},
{
"type_text": {
"match_pattern": "regex",
"match": "^text_.*$",
"mapping": {
"type": "text"
}
}
},
{
"type_long": {
"match_pattern": "regex",
"match": "^long_.*$",
"mapping": {
"type": "long"
}
}
},
{
"type_double": {
"match_pattern": "regex",
"match": "^double_.*$",
"mapping": {
"type": "double"
}
}
},
{
"not_indexed": {
"match_pattern": "regex",
"match": "^.+$",
"mapping": {
"type": "text",
"index": false
}
}
}
]
}
}
}
You can’t perform that action at this time.