Skip to content

Instantly share code, notes, and snippets.

@bornatalebi

bornatalebi/mktik mapping

Created October 31, 2020 09:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bornatalebi/260675346c7c0a65fc09f76881479558 to your computer and use it in GitHub Desktop.
Save bornatalebi/260675346c7c0a65fc09f76881479558 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
mktik mapping
{
"mappings": {
"_doc": {
"properties": {
"@timestamp": {
"type": "date"
},
"@version": {
"type": "keyword"
},
"acquired_ip": {
"type": "ip"
},
"action": {
"type": "text"
},
"address_pool": {
"type": "keyword"
},
"agent": {
"properties": {
"ephemeral_id": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"hostname": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"id": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"name": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"type": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"version": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
},
"ap_ssid": {
"type": "keyword"
},
"chain": {
"type": "keyword"
},
"date": {
"type": "keyword"
},
"disconnect_reason": {
"type": "text"
},
"dst_port": {
"type": "keyword"
},
"ecs": {
"properties": {
"version": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
},
"host": {
"properties": {
"architecture": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"containerized": {
"type": "boolean"
},
"hostname": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"id": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"ip": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"mac": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"name": {
"type": "keyword",
"ignore_above": 1024
},
"os": {
"properties": {
"codename": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"family": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"kernel": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"name": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"platform": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"version": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
}
}
},
"host_adress": {
"type": "keyword"
},
"in_interface": {
"type": "keyword"
},
"input": {
"properties": {
"type": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
},
"interface": {
"type": "keyword"
},
"item": {
"type": "text"
},
"length": {
"type": "short"
},
"link_state": {
"type": "keyword"
},
"local_address": {
"type": "ip"
},
"log": {
"properties": {
"source": {
"properties": {
"address": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
}
}
}
},
"mac_address": {
"type": "keyword"
},
"message": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"method": {
"type": "keyword"
},
"out_interface": {
"type": "keyword"
},
"protocol": {
"type": "keyword"
},
"released_ip": {
"type": "ip"
},
"remote_address": {
"type": "ip"
},
"signal_strength": {
"type": "byte"
},
"src_port": {
"type": "keyword"
},
"time": {
"type": "keyword"
},
"topic1": {
"type": "keyword"
},
"topic2": {
"type": "keyword"
},
"topic3": {
"type": "keyword"
},
"user": {
"type": "keyword"
},
"wifi_state": {
"type": "keyword"
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment