Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update template to version 5.x (#73)

Browse Source 
* Update template to Elasticsearch 5.x

* Update template to Elasticsearch 5.x

I think _all field is no longer needed from ES 5.x because of the search all field execution if _all is disabled
This commit is contained in:
Anh Le
2018-06-30 13:25:29 -07:00
committed by Austin Taylor
parent 9a08acb2d6
commit 3ac9a8156a
1 changed files with 16 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
elasticsearch/logstash-vulnwhisperer-template.json
View File

@ -21,8 +21,7 @@
"mappings": {
"_default_": {
"_all": {
"enabled": true,
"norms": false
"enabled": false
},
"dynamic_templates": [
{
@ -57,73 +56,58 @@
"type": "integer"
},
"last_updated": {
"type": "date",
"doc_values": true
"type": "date"
},
"geoip": {
"dynamic": true,
"type": "object",
"properties": {
"ip": {
"type": "ip",
"doc_values": true
"type": "ip"
},
"latitude": {
"type": "float",
"doc_values": true
"type": "float"
},
"location": {
"type": "geo_point",
"doc_values": true
"type": "geo_point"
},
"longitude": {
"type": "float",
"doc_values": true
"type": "float"
}
}
},
"risk_score": {
"type": "float"
},
"source": {
"index": "not_analyzed",
"type": "string"
"source": {
"type": "keyword"
},
"synopsis": {
"index": "not_analyzed",
"type": "string"
"type": "keyword"
},
"see_also": {
"index": "not_analyzed",
"type": "string"
"type": "keyword"
},
"@timestamp": {
"type": "date",
"doc_values": true
"type": "date"
},
"cve": {
"index": "not_analyzed",
"type": "string"
"type": "keyword"
},
"solution": {
"index": "not_analyzed",
"type": "string"
"type": "keyword"
},
"port": {
"index": "not_analyzed",
"type": "integer"
},
"host": {
"type": "string"
"type": "text"
},
"@version": {
"index": "not_analyzed",
"type": "string",
"doc_values": true
"type": "keyword"
},
"risk": {
"index": "not_analyzed",
"type": "string"
"type": "keyword"
},
"assign_ip": {
"type": "ip"