Skip to content

Instantly share code, notes, and snippets.

@fenneh

fenneh/apm-7.2.0.json

Created October 16, 2020 17:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save fenneh/9d503554b919a44fba67023070d05a87 to your computer and use it in GitHub Desktop.
Save fenneh/9d503554b919a44fba67023070d05a87 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
apm-7.2.0.json
{
"order": 1,
"index_patterns": [
"apm-7.2.0*"
],
"settings": {
"index": {
"codec": "best_compression",
"mapping": {
"total_fields": {
"limit": "2000"
}
},
"refresh_interval": "5s",
"number_of_routing_shards": "30",
"number_of_shards": "1",
"query": {
"default_field": [
"message",
"tags",
"agent.ephemeral_id",
"agent.id",
"agent.name",
"agent.type",
"agent.version",
"client.address",
"client.domain",
"client.geo.city_name",
"client.geo.continent_name",
"client.geo.country_iso_code",
"client.geo.country_name",
"client.geo.name",
"client.geo.region_iso_code",
"client.geo.region_name",
"client.mac",
"client.user.email",
"client.user.full_name",
"client.user.group.id",
"client.user.group.name",
"client.user.hash",
"client.user.id",
"client.user.name",
"cloud.account.id",
"cloud.availability_zone",
"cloud.instance.id",
"cloud.instance.name",
"cloud.machine.type",
"cloud.provider",
"cloud.region",
"container.id",
"container.image.name",
"container.image.tag",
"container.name",
"container.runtime",
"destination.address",
"destination.domain",
"destination.geo.city_name",
"destination.geo.continent_name",
"destination.geo.country_iso_code",
"destination.geo.country_name",
"destination.geo.name",
"destination.geo.region_iso_code",
"destination.geo.region_name",
"destination.mac",
"destination.user.email",
"destination.user.full_name",
"destination.user.group.id",
"destination.user.group.name",
"destination.user.hash",
"destination.user.id",
"destination.user.name",
"ecs.version",
"error.code",
"error.id",
"error.message",
"event.action",
"event.category",
"event.dataset",
"event.hash",
"event.id",
"event.kind",
"event.module",
"event.original",
"event.outcome",
"event.timezone",
"event.type",
"file.device",
"file.extension",
"file.gid",
"file.group",
"file.inode",
"file.mode",
"file.owner",
"file.path",
"file.target_path",
"file.type",
"file.uid",
"geo.city_name",
"geo.continent_name",
"geo.country_iso_code",
"geo.country_name",
"geo.name",
"geo.region_iso_code",
"geo.region_name",
"group.id",
"group.name",
"host.architecture",
"host.geo.city_name",
"host.geo.continent_name",
"host.geo.country_iso_code",
"host.geo.country_name",
"host.geo.name",
"host.geo.region_iso_code",
"host.geo.region_name",
"host.hostname",
"host.id",
"host.mac",
"host.name",
"host.os.family",
"host.os.full",
"host.os.kernel",
"host.os.name",
"host.os.platform",
"host.os.version",
"host.type",
"host.user.email",
"host.user.full_name",
"host.user.group.id",
"host.user.group.name",
"host.user.hash",
"host.user.id",
"host.user.name",
"http.request.body.content",
"http.request.method",
"http.request.referrer",
"http.response.body.content",
"http.version",
"log.level",
"log.original",
"network.application",
"network.community_id",
"network.direction",
"network.iana_number",
"network.name",
"network.protocol",
"network.transport",
"network.type",
"observer.geo.city_name",
"observer.geo.continent_name",
"observer.geo.country_iso_code",
"observer.geo.country_name",
"observer.geo.name",
"observer.geo.region_iso_code",
"observer.geo.region_name",
"observer.hostname",
"observer.mac",
"observer.os.family",
"observer.os.full",
"observer.os.kernel",
"observer.os.name",
"observer.os.platform",
"observer.os.version",
"observer.serial_number",
"observer.type",
"observer.vendor",
"observer.version",
"organization.id",
"organization.name",
"os.family",
"os.full",
"os.kernel",
"os.name",
"os.platform",
"os.version",
"process.args",
"process.executable",
"process.name",
"process.title",
"process.working_directory",
"server.address",
"server.domain",
"server.geo.city_name",
"server.geo.continent_name",
"server.geo.country_iso_code",
"server.geo.country_name",
"server.geo.name",
"server.geo.region_iso_code",
"server.geo.region_name",
"server.mac",
"server.user.email",
"server.user.full_name",
"server.user.group.id",
"server.user.group.name",
"server.user.hash",
"server.user.id",
"server.user.name",
"service.ephemeral_id",
"service.id",
"service.name",
"service.state",
"service.type",
"service.version",
"source.address",
"source.domain",
"source.geo.city_name",
"source.geo.continent_name",
"source.geo.country_iso_code",
"source.geo.country_name",
"source.geo.name",
"source.geo.region_iso_code",
"source.geo.region_name",
"source.mac",
"source.user.email",
"source.user.full_name",
"source.user.group.id",
"source.user.group.name",
"source.user.hash",
"source.user.id",
"source.user.name",
"url.domain",
"url.fragment",
"url.full",
"url.original",
"url.password",
"url.path",
"url.query",
"url.scheme",
"url.username",
"user.email",
"user.full_name",
"user.group.id",
"user.group.name",
"user.hash",
"user.id",
"user.name",
"user_agent.device.name",
"user_agent.name",
"user_agent.original",
"user_agent.os.family",
"user_agent.os.full",
"user_agent.os.kernel",
"user_agent.os.name",
"user_agent.os.platform",
"user_agent.os.version",
"user_agent.version",
"agent.hostname",
"error.type",
"timeseries.instance",
"cloud.project.id",
"host.os.build",
"host.os.codename",
"kubernetes.pod.name",
"kubernetes.pod.uid",
"kubernetes.namespace",
"kubernetes.node.name",
"kubernetes.replicaset.name",
"kubernetes.deployment.name",
"kubernetes.statefulset.name",
"kubernetes.container.name",
"kubernetes.container.image",
"processor.name",
"processor.event",
"url.scheme",
"url.full",
"url.domain",
"url.path",
"url.query",
"url.fragment",
"http.version",
"http.request.method",
"service.name",
"service.version",
"service.environment",
"service.language.name",
"service.language.version",
"service.runtime.name",
"service.runtime.version",
"service.framework.name",
"service.framework.version",
"transaction.id",
"transaction.type",
"trace.id",
"parent.id",
"agent.name",
"agent.version",
"agent.ephemeral_id",
"container.id",
"kubernetes.namespace",
"kubernetes.node.name",
"kubernetes.pod.name",
"kubernetes.pod.uid",
"host.architecture",
"host.hostname",
"host.os.platform",
"process.args",
"process.title",
"observer.listening",
"observer.hostname",
"observer.version",
"observer.type",
"user.name",
"user.id",
"user.email",
"text",
"user_agent.original",
"user_agent.name",
"user_agent.version",
"user_agent.device.name",
"user_agent.os.platform",
"user_agent.os.name",
"user_agent.os.full",
"user_agent.os.family",
"user_agent.os.version",
"user_agent.os.kernel",
"error.id",
"error.culprit",
"error.grouping_key",
"error.exception.code",
"error.exception.message",
"error.exception.module",
"error.exception.type",
"error.log.level",
"error.log.logger_name",
"error.log.message",
"error.log.param_message",
"sourcemap.service.name",
"sourcemap.service.version",
"sourcemap.bundle_filepath",
"view spans",
"span.id",
"span.name",
"span.type",
"span.subtype",
"span.action",
"text",
"transaction.name",
"transaction.result",
"fields.*"
]
}
}
},
"mappings": {
"_meta": {
"beat": "apm",
"version": "7.2.0"
},
"_source": {
"enabled": true
},
"dynamic_templates": [
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"container.labels": {
"path_match": "container.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"fields": {
"path_match": "fields.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"docker.container.labels": {
"path_match": "docker.container.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "boolean"
},
"match_mapping_type": "boolean"
}
},
{
"labels": {
"path_match": "labels.*",
"mapping": {
"scaling_factor": 1000000,
"type": "scaled_float"
},
"match_mapping_type": "*"
}
},
{
"transaction.marks": {
"path_match": "transaction.marks.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"transaction.marks.*.*": {
"path_match": "transaction.marks.*.*",
"mapping": {
"scaling_factor": 1000000,
"type": "scaled_float"
},
"match_mapping_type": "*"
}
},
{
"strings_as_keyword": {
"mapping": {
"ignore_above": 1024,
"type": "keyword"
},
"match_mapping_type": "string"
}
}
],
"properties": {
"container": {
"dynamic": false,
"properties": {
"image": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"tag": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"labels": {
"type": "object"
}
}
},
"kubernetes": {
"dynamic": false,
"properties": {
"container": {
"properties": {
"image": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"node": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"pod": {
"properties": {
"uid": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"statefulset": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"namespace": {
"ignore_above": 1024,
"type": "keyword"
},
"annotations": {
"type": "object"
},
"replicaset": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"deployment": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"labels": {
"type": "object"
}
}
},
"parent": {
"dynamic": false,
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"server": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"packets": {
"type": "long"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"agent": {
"dynamic": false,
"properties": {
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"ephemeral_id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"log": {
"properties": {
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"level": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"view spans": {
"ignore_above": 1024,
"type": "keyword"
},
"destination": {
"properties": {
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"experimental": {
"dynamic": true,
"type": "object"
},
"source": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"ip": {
"type": "ip"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"packets": {
"type": "long"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"error": {
"dynamic": false,
"properties": {
"exception": {
"properties": {
"code": {
"ignore_above": 1024,
"type": "keyword"
},
"module": {
"ignore_above": 1024,
"type": "keyword"
},
"handled": {
"type": "boolean"
},
"message": {
"norms": false,
"type": "text"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"culprit": {
"ignore_above": 1024,
"type": "keyword"
},
"code": {
"ignore_above": 1024,
"type": "keyword"
},
"log": {
"properties": {
"level": {
"ignore_above": 1024,
"type": "keyword"
},
"logger_name": {
"ignore_above": 1024,
"type": "keyword"
},
"message": {
"norms": false,
"type": "text"
},
"param_message": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"message": {
"norms": false,
"type": "text"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"grouping_key": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"network": {
"properties": {
"forwarded_ip": {
"type": "ip"
},
"protocol": {
"ignore_above": 1024,
"type": "keyword"
},
"community_id": {
"ignore_above": 1024,
"type": "keyword"
},
"application": {
"ignore_above": 1024,
"type": "keyword"
},
"bytes": {
"type": "long"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"transport": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"iana_number": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
},
"direction": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"docker": {
"properties": {
"container": {
"properties": {
"labels": {
"type": "object"
}
}
}
}
},
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"cloud": {
"properties": {
"availability_zone": {
"ignore_above": 1024,
"type": "keyword"
},
"instance": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"provider": {
"ignore_above": 1024,
"type": "keyword"
},
"machine": {
"properties": {
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"project": {
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"region": {
"ignore_above": 1024,
"type": "keyword"
},
"account": {
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"observer": {
"dynamic": false,
"properties": {
"listening": {
"ignore_above": 1024,
"type": "keyword"
},
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"vendor": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"serial_number": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"version_major": {
"type": "byte"
}
}
},
"trace": {
"dynamic": false,
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"file": {
"properties": {
"owner": {
"ignore_above": 1024,
"type": "keyword"
},
"extension": {
"ignore_above": 1024,
"type": "keyword"
},
"gid": {
"ignore_above": 1024,
"type": "keyword"
},
"mtime": {
"type": "date"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"target_path": {
"ignore_above": 1024,
"type": "keyword"
},
"mode": {
"ignore_above": 1024,
"type": "keyword"
},
"inode": {
"ignore_above": 1024,
"type": "keyword"
},
"uid": {
"ignore_above": 1024,
"type": "keyword"
},
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"size": {
"type": "long"
},
"ctime": {
"type": "date"
},
"device": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"ecs": {
"properties": {
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"timeseries": {
"properties": {
"instance": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"related": {
"properties": {
"ip": {
"type": "ip"
}
}
},
"host": {
"dynamic": false,
"properties": {
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"build": {
"ignore_above": 1024,
"type": "keyword"
},
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"codename": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"containerized": {
"type": "boolean"
},
"ip": {
"type": "ip"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"architecture": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"client": {
"dynamic": false,
"properties": {
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"event": {
"properties": {
"severity": {
"type": "long"
},
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"risk_score": {
"type": "float"
},
"kind": {
"ignore_above": 1024,
"type": "keyword"
},
"created": {
"type": "date"
},
"timezone": {
"ignore_above": 1024,
"type": "keyword"
},
"module": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"type": "date"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"duration": {
"type": "long"
},
"risk_score_norm": {
"type": "float"
},
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"end": {
"type": "date"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"category": {
"ignore_above": 1024,
"type": "keyword"
},
"dataset": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"outcome": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"user_agent": {
"dynamic": false,
"properties": {
"original": {
"ignore_above": 1024,
"fields": {
"text": {
"norms": false,
"type": "text"
}
},
"type": "keyword"
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"device": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"timestamp": {
"properties": {
"us": {
"type": "long"
}
}
},
"process": {
"dynamic": false,
"properties": {
"args": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"type": "date"
},
"working_directory": {
"ignore_above": 1024,
"type": "keyword"
},
"pid": {
"type": "long"
},
"thread": {
"properties": {
"id": {
"type": "long"
}
}
},
"title": {
"ignore_above": 1024,
"type": "keyword"
},
"executable": {
"ignore_above": 1024,
"type": "keyword"
},
"ppid": {
"type": "long"
}
}
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"sourcemap": {
"dynamic": false,
"properties": {
"bundle_filepath": {
"ignore_above": 1024,
"type": "keyword"
},
"service": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"message": {
"norms": false,
"type": "text"
},
"processor": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"event": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"url": {
"dynamic": false,
"properties": {
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"password": {
"ignore_above": 1024,
"type": "keyword"
},
"fragment": {
"ignore_above": 1024,
"type": "keyword"
},
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"scheme": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"query": {
"ignore_above": 1024,
"type": "keyword"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"username": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"labels": {
"dynamic": true,
"type": "object"
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
},
"@timestamp": {
"type": "date"
},
"system": {
"properties": {
"process": {
"properties": {
"memory": {
"properties": {
"rss": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"size": {
"type": "long"
}
}
},
"cpu": {
"properties": {
"total": {
"properties": {
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
}
}
}
}
},
"memory": {
"properties": {
"actual": {
"properties": {
"free": {
"type": "long"
}
}
},
"total": {
"type": "long"
}
}
},
"cpu": {
"properties": {
"total": {
"properties": {
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
}
}
}
}
},
"service": {
"dynamic": false,
"properties": {
"environment": {
"ignore_above": 1024,
"type": "keyword"
},
"framework": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"runtime": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"language": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"state": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"ephemeral_id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"organization": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"http": {
"dynamic": false,
"properties": {
"request": {
"properties": {
"referrer": {
"ignore_above": 1024,
"type": "keyword"
},
"headers": {
"type": "object",
"enabled": false
},
"method": {
"ignore_above": 1024,
"type": "keyword"
},
"bytes": {
"type": "long"
},
"body": {
"properties": {
"bytes": {
"type": "long"
},
"content": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"response": {
"properties": {
"headers": {
"type": "object",
"enabled": false
},
"status_code": {
"type": "long"
},
"bytes": {
"type": "long"
},
"finished": {
"type": "boolean"
},
"body": {
"properties": {
"bytes": {
"type": "long"
},
"content": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"fields": {
"type": "object"
},
"user": {
"dynamic": false,
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"transaction": {
"dynamic": false,
"properties": {
"duration": {
"properties": {
"us": {
"type": "long"
}
}
},
"result": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword",
"fields": {
"text": {
"norms": false,
"type": "text"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"marks": {
"dynamic": true,
"type": "object",
"properties": {
"*": {
"properties": {
"*": {
"dynamic": true,
"type": "object"
}
}
}
}
},
"span_count": {
"properties": {
"dropped": {
"type": "long"
}
}
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"sampled": {
"type": "boolean"
}
}
},
"span": {
"dynamic": false,
"properties": {
"duration": {
"properties": {
"us": {
"type": "long"
}
}
},
"subtype": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"properties": {
"us": {
"type": "long"
}
}
},
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"sync": {
"type": "boolean"
}
}
}
},
"date_detection": false
},
"aliases": {}
}
Raw
apm-server.json
{
"order": 1,
"index_patterns": [
"apm-*"
],
"settings": {
"index": {
"codec": "best_compression",
"mapping": {
"total_fields": {
"limit": "2000"
}
},
"refresh_interval": "5s",
"number_of_routing_shards": "30",
"number_of_shards": "1",
"query": {
"default_field": [
"message",
"tags",
"agent.ephemeral_id",
"agent.id",
"agent.name",
"agent.type",
"agent.version",
"client.address",
"client.domain",
"client.geo.city_name",
"client.geo.continent_name",
"client.geo.country_iso_code",
"client.geo.country_name",
"client.geo.name",
"client.geo.region_iso_code",
"client.geo.region_name",
"client.mac",
"client.user.email",
"client.user.full_name",
"client.user.group.id",
"client.user.group.name",
"client.user.hash",
"client.user.id",
"client.user.name",
"cloud.account.id",
"cloud.availability_zone",
"cloud.instance.id",
"cloud.instance.name",
"cloud.machine.type",
"cloud.provider",
"cloud.region",
"container.id",
"container.image.name",
"container.image.tag",
"container.name",
"container.runtime",
"destination.address",
"destination.domain",
"destination.geo.city_name",
"destination.geo.continent_name",
"destination.geo.country_iso_code",
"destination.geo.country_name",
"destination.geo.name",
"destination.geo.region_iso_code",
"destination.geo.region_name",
"destination.mac",
"destination.user.email",
"destination.user.full_name",
"destination.user.group.id",
"destination.user.group.name",
"destination.user.hash",
"destination.user.id",
"destination.user.name",
"ecs.version",
"error.code",
"error.id",
"error.message",
"event.action",
"event.category",
"event.dataset",
"event.hash",
"event.id",
"event.kind",
"event.module",
"event.original",
"event.outcome",
"event.timezone",
"event.type",
"file.device",
"file.extension",
"file.gid",
"file.group",
"file.inode",
"file.mode",
"file.owner",
"file.path",
"file.target_path",
"file.type",
"file.uid",
"geo.city_name",
"geo.continent_name",
"geo.country_iso_code",
"geo.country_name",
"geo.name",
"geo.region_iso_code",
"geo.region_name",
"group.id",
"group.name",
"host.architecture",
"host.geo.city_name",
"host.geo.continent_name",
"host.geo.country_iso_code",
"host.geo.country_name",
"host.geo.name",
"host.geo.region_iso_code",
"host.geo.region_name",
"host.hostname",
"host.id",
"host.mac",
"host.name",
"host.os.family",
"host.os.full",
"host.os.kernel",
"host.os.name",
"host.os.platform",
"host.os.version",
"host.type",
"host.user.email",
"host.user.full_name",
"host.user.group.id",
"host.user.group.name",
"host.user.hash",
"host.user.id",
"host.user.name",
"http.request.body.content",
"http.request.method",
"http.request.referrer",
"http.response.body.content",
"http.version",
"log.level",
"log.original",
"network.application",
"network.community_id",
"network.direction",
"network.iana_number",
"network.name",
"network.protocol",
"network.transport",
"network.type",
"observer.geo.city_name",
"observer.geo.continent_name",
"observer.geo.country_iso_code",
"observer.geo.country_name",
"observer.geo.name",
"observer.geo.region_iso_code",
"observer.geo.region_name",
"observer.hostname",
"observer.mac",
"observer.os.family",
"observer.os.full",
"observer.os.kernel",
"observer.os.name",
"observer.os.platform",
"observer.os.version",
"observer.serial_number",
"observer.type",
"observer.vendor",
"observer.version",
"organization.id",
"organization.name",
"os.family",
"os.full",
"os.kernel",
"os.name",
"os.platform",
"os.version",
"process.args",
"process.executable",
"process.name",
"process.title",
"process.working_directory",
"server.address",
"server.domain",
"server.geo.city_name",
"server.geo.continent_name",
"server.geo.country_iso_code",
"server.geo.country_name",
"server.geo.name",
"server.geo.region_iso_code",
"server.geo.region_name",
"server.mac",
"server.user.email",
"server.user.full_name",
"server.user.group.id",
"server.user.group.name",
"server.user.hash",
"server.user.id",
"server.user.name",
"service.ephemeral_id",
"service.id",
"service.name",
"service.state",
"service.type",
"service.version",
"source.address",
"source.domain",
"source.geo.city_name",
"source.geo.continent_name",
"source.geo.country_iso_code",
"source.geo.country_name",
"source.geo.name",
"source.geo.region_iso_code",
"source.geo.region_name",
"source.mac",
"source.user.email",
"source.user.full_name",
"source.user.group.id",
"source.user.group.name",
"source.user.hash",
"source.user.id",
"source.user.name",
"url.domain",
"url.fragment",
"url.full",
"url.original",
"url.password",
"url.path",
"url.query",
"url.scheme",
"url.username",
"user.email",
"user.full_name",
"user.group.id",
"user.group.name",
"user.hash",
"user.id",
"user.name",
"user_agent.device.name",
"user_agent.name",
"user_agent.original",
"user_agent.os.family",
"user_agent.os.full",
"user_agent.os.kernel",
"user_agent.os.name",
"user_agent.os.platform",
"user_agent.os.version",
"user_agent.version",
"agent.hostname",
"error.type",
"timeseries.instance",
"cloud.project.id",
"host.os.build",
"host.os.codename",
"kubernetes.pod.name",
"kubernetes.pod.uid",
"kubernetes.namespace",
"kubernetes.node.name",
"kubernetes.replicaset.name",
"kubernetes.deployment.name",
"kubernetes.statefulset.name",
"kubernetes.container.name",
"kubernetes.container.image",
"processor.name",
"processor.event",
"url.scheme",
"url.full",
"url.domain",
"url.path",
"url.query",
"url.fragment",
"http.version",
"http.request.method",
"service.name",
"service.version",
"service.environment",
"service.language.name",
"service.language.version",
"service.runtime.name",
"service.runtime.version",
"service.framework.name",
"service.framework.version",
"transaction.id",
"transaction.type",
"trace.id",
"parent.id",
"agent.name",
"agent.version",
"agent.ephemeral_id",
"container.id",
"kubernetes.namespace",
"kubernetes.node.name",
"kubernetes.pod.name",
"kubernetes.pod.uid",
"host.architecture",
"host.hostname",
"host.os.platform",
"process.args",
"process.title",
"observer.listening",
"observer.hostname",
"observer.version",
"observer.type",
"user.name",
"user.id",
"user.email",
"text",
"user_agent.original",
"user_agent.name",
"user_agent.version",
"user_agent.device.name",
"user_agent.os.platform",
"user_agent.os.name",
"user_agent.os.full",
"user_agent.os.family",
"user_agent.os.version",
"user_agent.os.kernel",
"error.id",
"error.culprit",
"error.grouping_key",
"error.exception.code",
"error.exception.message",
"error.exception.module",
"error.exception.type",
"error.log.level",
"error.log.logger_name",
"error.log.message",
"error.log.param_message",
"sourcemap.service.name",
"sourcemap.service.version",
"sourcemap.bundle_filepath",
"view spans",
"span.id",
"span.name",
"span.type",
"span.subtype",
"span.action",
"text",
"transaction.name",
"transaction.result",
"fields.*"
]
}
}
},
"mappings": {
"_meta": {
"beat": "apm",
"version": "7.2.0"
},
"_source": {
"enabled": true
},
"dynamic_templates": [
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"container.labels": {
"path_match": "container.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"fields": {
"path_match": "fields.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"docker.container.labels": {
"path_match": "docker.container.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "boolean"
},
"match_mapping_type": "boolean"
}
},
{
"labels": {
"path_match": "labels.*",
"mapping": {
"scaling_factor": 1000000,
"type": "scaled_float"
},
"match_mapping_type": "*"
}
},
{
"transaction.marks": {
"path_match": "transaction.marks.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"transaction.marks.*.*": {
"path_match": "transaction.marks.*.*",
"mapping": {
"scaling_factor": 1000000,
"type": "scaled_float"
},
"match_mapping_type": "*"
}
},
{
"strings_as_keyword": {
"mapping": {
"ignore_above": 1024,
"type": "keyword"
},
"match_mapping_type": "string"
}
}
],
"date_detection": false,
"properties": {
"container": {
"dynamic": false,
"properties": {
"image": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"tag": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"labels": {
"type": "object"
}
}
},
"kubernetes": {
"dynamic": false,
"properties": {
"container": {
"properties": {
"image": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"node": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"pod": {
"properties": {
"uid": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"statefulset": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"namespace": {
"ignore_above": 1024,
"type": "keyword"
},
"annotations": {
"type": "object"
},
"replicaset": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"labels": {
"type": "object"
},
"deployment": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"parent": {
"dynamic": false,
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"server": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"packets": {
"type": "long"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"agent": {
"dynamic": false,
"properties": {
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"ephemeral_id": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"view spans": {
"ignore_above": 1024,
"type": "keyword"
},
"log": {
"properties": {
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"level": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"destination": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"experimental": {
"dynamic": true,
"type": "object"
},
"source": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"ip": {
"type": "ip"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"error": {
"dynamic": false,
"properties": {
"exception": {
"properties": {
"code": {
"ignore_above": 1024,
"type": "keyword"
},
"module": {
"ignore_above": 1024,
"type": "keyword"
},
"handled": {
"type": "boolean"
},
"message": {
"norms": false,
"type": "text"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"culprit": {
"ignore_above": 1024,
"type": "keyword"
},
"code": {
"ignore_above": 1024,
"type": "keyword"
},
"log": {
"properties": {
"level": {
"ignore_above": 1024,
"type": "keyword"
},
"logger_name": {
"ignore_above": 1024,
"type": "keyword"
},
"message": {
"norms": false,
"type": "text"
},
"param_message": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"grouping_key": {
"ignore_above": 1024,
"type": "keyword"
},
"message": {
"norms": false,
"type": "text"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"network": {
"properties": {
"community_id": {
"ignore_above": 1024,
"type": "keyword"
},
"protocol": {
"ignore_above": 1024,
"type": "keyword"
},
"forwarded_ip": {
"type": "ip"
},
"application": {
"ignore_above": 1024,
"type": "keyword"
},
"bytes": {
"type": "long"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"transport": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"iana_number": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
},
"direction": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"docker": {
"properties": {
"container": {
"properties": {
"labels": {
"type": "object"
}
}
}
}
},
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"cloud": {
"properties": {
"availability_zone": {
"ignore_above": 1024,
"type": "keyword"
},
"instance": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"provider": {
"ignore_above": 1024,
"type": "keyword"
},
"machine": {
"properties": {
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"project": {
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"region": {
"ignore_above": 1024,
"type": "keyword"
},
"account": {
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"observer": {
"dynamic": false,
"properties": {
"listening": {
"ignore_above": 1024,
"type": "keyword"
},
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"vendor": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"serial_number": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"version_major": {
"type": "byte"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"trace": {
"dynamic": false,
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"file": {
"properties": {
"owner": {
"ignore_above": 1024,
"type": "keyword"
},
"extension": {
"ignore_above": 1024,
"type": "keyword"
},
"gid": {
"ignore_above": 1024,
"type": "keyword"
},
"mtime": {
"type": "date"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"target_path": {
"ignore_above": 1024,
"type": "keyword"
},
"mode": {
"ignore_above": 1024,
"type": "keyword"
},
"inode": {
"ignore_above": 1024,
"type": "keyword"
},
"uid": {
"ignore_above": 1024,
"type": "keyword"
},
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"size": {
"type": "long"
},
"ctime": {
"type": "date"
},
"device": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"ecs": {
"properties": {
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"timeseries": {
"properties": {
"instance": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"related": {
"properties": {
"ip": {
"type": "ip"
}
}
},
"host": {
"dynamic": false,
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"build": {
"ignore_above": 1024,
"type": "keyword"
},
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"codename": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"containerized": {
"type": "boolean"
},
"ip": {
"type": "ip"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"architecture": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"client": {
"dynamic": false,
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"packets": {
"type": "long"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"event": {
"properties": {
"severity": {
"type": "long"
},
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"risk_score": {
"type": "float"
},
"timezone": {
"ignore_above": 1024,
"type": "keyword"
},
"created": {
"type": "date"
},
"kind": {
"ignore_above": 1024,
"type": "keyword"
},
"module": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"type": "date"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"duration": {
"type": "long"
},
"risk_score_norm": {
"type": "float"
},
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"end": {
"type": "date"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"category": {
"ignore_above": 1024,
"type": "keyword"
},
"dataset": {
"ignore_above": 1024,
"type": "keyword"
},
"outcome": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"user_agent": {
"dynamic": false,
"properties": {
"original": {
"ignore_above": 1024,
"type": "keyword",
"fields": {
"text": {
"norms": false,
"type": "text"
}
}
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"device": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"timestamp": {
"properties": {
"us": {
"type": "long"
}
}
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"process": {
"dynamic": false,
"properties": {
"args": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"type": "date"
},
"pid": {
"type": "long"
},
"working_directory": {
"ignore_above": 1024,
"type": "keyword"
},
"thread": {
"properties": {
"id": {
"type": "long"
}
}
},
"title": {
"ignore_above": 1024,
"type": "keyword"
},
"executable": {
"ignore_above": 1024,
"type": "keyword"
},
"ppid": {
"type": "long"
}
}
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"sourcemap": {
"dynamic": false,
"properties": {
"bundle_filepath": {
"ignore_above": 1024,
"type": "keyword"
},
"service": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"message": {
"norms": false,
"type": "text"
},
"processor": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"event": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"url": {
"dynamic": false,
"properties": {
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"fragment": {
"ignore_above": 1024,
"type": "keyword"
},
"password": {
"ignore_above": 1024,
"type": "keyword"
},
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"scheme": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"query": {
"ignore_above": 1024,
"type": "keyword"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"username": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"labels": {
"dynamic": true,
"type": "object"
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
},
"system": {
"properties": {
"process": {
"properties": {
"memory": {
"properties": {
"rss": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"size": {
"type": "long"
}
}
},
"cpu": {
"properties": {
"total": {
"properties": {
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
}
}
}
}
},
"memory": {
"properties": {
"actual": {
"properties": {
"free": {
"type": "long"
}
}
},
"total": {
"type": "long"
}
}
},
"cpu": {
"properties": {
"total": {
"properties": {
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
}
}
}
}
},
"@timestamp": {
"type": "date"
},
"service": {
"dynamic": false,
"properties": {
"environment": {
"ignore_above": 1024,
"type": "keyword"
},
"framework": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"runtime": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"language": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"state": {
"ignore_above": 1024,
"type": "keyword"
},
"ephemeral_id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"organization": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"http": {
"dynamic": false,
"properties": {
"request": {
"properties": {
"referrer": {
"ignore_above": 1024,
"type": "keyword"
},
"headers": {
"type": "object",
"enabled": false
},
"method": {
"ignore_above": 1024,
"type": "keyword"
},
"bytes": {
"type": "long"
},
"body": {
"properties": {
"bytes": {
"type": "long"
},
"content": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"response": {
"properties": {
"headers": {
"type": "object",
"enabled": false
},
"status_code": {
"type": "long"
},
"bytes": {
"type": "long"
},
"finished": {
"type": "boolean"
},
"body": {
"properties": {
"bytes": {
"type": "long"
},
"content": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"fields": {
"type": "object"
},
"user": {
"dynamic": false,
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"transaction": {
"dynamic": false,
"properties": {
"duration": {
"properties": {
"us": {
"type": "long"
}
}
},
"result": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword",
"fields": {
"text": {
"norms": false,
"type": "text"
}
}
},
"marks": {
"dynamic": true,
"type": "object",
"properties": {
"*": {
"properties": {
"*": {
"dynamic": true,
"type": "object"
}
}
}
}
},
"span_count": {
"properties": {
"dropped": {
"type": "long"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"sampled": {
"type": "boolean"
}
}
},
"span": {
"dynamic": false,
"properties": {
"duration": {
"properties": {
"us": {
"type": "long"
}
}
},
"subtype": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"properties": {
"us": {
"type": "long"
}
}
},
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"sync": {
"type": "boolean"
}
}
}
}
},
"aliases": {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment