Skip to content

Instantly share code, notes, and snippets.

@Howard-Chang

Howard-Chang/log_doc

Last active March 23, 2018 13:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Howard-Chang/808ed0f4c64c528051f284cee3ac0634 to your computer and use it in GitHub Desktop.
Save Howard-Chang/808ed0f4c64c528051f284cee3ac0634 to your computer and use it in GitHub Desktop.
Download ZIP
log_doc
Raw
log_doc
PUT /_template/logstash
{
"template": "logstash-*",
"order": 1,
"settings": {
"index": {
"refresh_interval": "5s"
}
},
"mappings": {
"default": {
"_all": {
"norms": false,
"enabled": true
},
"properties": {
"IPV4_SRC_ADDR": { "type": "ip"},
"IPV4_DST_ADDR": { "type": "ip"},
"PROTOCOL": { "type": "integer"}
}
}
}
}
----------------------------------
version 6.0 up:
PUT _template/logstash
{
"index_patterns": ["logstash-*"],
"settings": {
"number_of_shards": 5
},
"mappings": {
"doc": {
"_source": {
"enabled": true
},
"properties": {
"IPV4_SRC_ADDR": { "type": "ip"},
"IPV4_DST_ADDR": { "type": "ip"},
"PROTOCOL": { "type": "integer"}
}
}
}
}
---------------------------------------------------------
curl -H "Content-Type: application/json" -X GET 192.168.0.159:9200/_template/logstash?pretty -d "{ \"index_patterns\": \"ntopng-*\", \"order\": 1, \"settings\": { \"index\": { \"refresh_interval\": \"5s\" } }, \"mappings\": { \"default\": { \"properties\": { \"IPV4_SRC_ADDR\": { \"type\": \"ip\"}, \"IPV4_DST_ADDR\": { \"type\": \"ip\"}, \"PROTOCOL\": { \"type\": \"integer\"} } } } }"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment