ankitdevnalkar
/ mapping from July index
Created
August 4, 2021 06:13
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "cloud-audit-aws-2021.07" : { | |
| "mappings" : { | |
| "_meta" : { | |
| "beat" : "filebeat", | |
| "version" : "7.9.1" | |
| }, | |
| "dynamic_templates" : [ | |
| { | |
| "labels" : { |
ankitdevnalkar
/ ingest_pipeline
Created
August 4, 2021 06:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "signals-aws-cloudtrail" : { | |
| "description" : "Pipeline for AWS CloudTrail Logs", | |
| "processors" : [ | |
| { | |
| "rename" : { | |
| "field" : "message", | |
| "target_field" : "event.original" | |
| } | |
| }, | |
| { |
ankitdevnalkar
/ debug_logs
Created
June 3, 2021 16:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [2021-06-03T21:51:07,374][DEBUG][logstash.javapipeline ] Starting pipeline {:pipeline_id=>"main"} | |
| [2021-06-03T21:51:07,383][DEBUG][logstash.outputs.elasticsearch][main] Normalizing http path {:path=>nil, :normalized=>nil} | |
| [2021-06-03T21:51:07,403][WARN ][logstash.outputs.elasticsearch][main] ** WARNING ** Detected UNSAFE options in elasticsearch output configuration! | |
| ** WARNING ** You have enabled encryption but DISABLED certificate verification. | |
| ** WARNING ** To make sure your data is secure change :ssl_certificate_verification to true | |
| [2021-06-03T21:51:07,413][INFO ][logstash.outputs.elasticsearch][main] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[https://elastic:xxxxxx@es_host:9200/]}} | |
| [2021-06-03T21:51:07,418][DEBUG][logstash.outputs.elasticsearch][main] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>https://elastic:xxxxxx@es_host:9200/, :path=>"/"} | |
| [2021-06-03T21:51:07,468][WARN ][logstash.outputs.elasticsearch][main] Restored connection |
ankitdevnalkar
/ azure_index_mapping
Last active
May 3, 2021 13:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "cloud-audit-azure-2021.04" : { | |
| "mappings" : { | |
| "properties" : { | |
| "@timestamp" : { | |
| "type" : "date" | |
| }, | |
| "@version" : { | |
| "type" : "text", | |
| "fields" : { |
ankitdevnalkar
/ gist:4cc274bc204f394beaec90ec968b3460
Created
May 2, 2021 17:00
ingest_pipeline_in_use
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _ingest/pipeline/signals-azure-activitylogs-pipeline | |
| { | |
| "description" : "Pipeline for parsing azure activity logs.", | |
| "processors" : [ | |
| { | |
| "rename" : { | |
| "field" : "azure", | |
| "target_field" : "azure-eventhub", | |
| "ignore_missing" : true | |
| } |
ankitdevnalkar
/ gist:6d884eed329ccf2b0e036047b9d55e9e
Created
April 29, 2021 07:26
azure-index-mapping
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _template/cloud-audit-azure | |
| { | |
| "index_patterns": "cloud-audit-azure*", | |
| "version" : 50001, | |
| "settings" : { | |
| "index.refresh_interval" : "5s" | |
| }, | |
| "mappings" : { | |
| "properties" : { | |
| "@timestamp" : { |
ankitdevnalkar
/ gist:6fbc7fcfe5c60a4d45f0be118f6ae04a
Created
April 28, 2021 20:55
ingest pipeline for Azure activity log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _ingest/pipeline/my-azure-activity-log | |
| { | |
| "my-azure-activitylogs-azure-shared-pipeline" : { | |
| "description" : "Pipeline for parsing azure activity logs.", | |
| "processors" : [ | |
| { | |
| "set" : { | |
| "field" : "cloud.provider", | |
| "value" : "azure" | |
| } |
ankitdevnalkar
/ extensions_temp_backup.txt
Created
April 12, 2020 07:04
— forked from hackerscrolls/extensions_temp_backup.txt
Common temp and backup extensions for files and directories by twitter.com/hackerscrolls
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .0 | |
| .1 | |
| .2 | |
| .3 | |
| .tar | |
| .tgz | |
| .zip | |
| .tar.gz | |
| .rar | |
| .cache |