Skip to content

Instantly share code, notes, and snippets.

@jehuty0shift
Created September 10, 2019 16:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jehuty0shift/4fa45e03987a3fa9c9cfe97ebab6bf21 to your computer and use it in GitHub Desktop.
Save jehuty0shift/4fa45e03987a3fa9c9cfe97ebab6bf21 to your computer and use it in GitHub Desktop.
{
"_meta": {
"beat": "metricbeat",
"version": "7.3.1"
},
"dynamic_templates": [
{
"labels": {
"path_match": "labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"container.labels": {
"path_match": "container.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"fields": {
"path_match": "fields.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"docker.container.labels": {
"path_match": "docker.container.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"docker.cpu.core.*.pct": {
"path_match": "docker.cpu.core.*.pct",
"mapping": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"match_mapping_type": "*"
}
},
{
"docker.cpu.core.*.ticks": {
"path_match": "docker.cpu.core.*.ticks",
"mapping": {
"type": "long"
},
"match_mapping_type": "long"
}
},
{
"docker.event.actor.attributes": {
"path_match": "docker.event.actor.attributes.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"docker.image.labels": {
"path_match": "docker.image.labels.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"system.process.env": {
"path_match": "system.process.env.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"system.process.cgroup.cpuacct.percpu": {
"path_match": "system.process.cgroup.cpuacct.percpu.*",
"mapping": {
"type": "long"
},
"match_mapping_type": "long"
}
},
{
"system.raid.disks.states.*": {
"path_match": "system.raid.disks.states.*",
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
},
{
"traefik.health.response.status_codes.*": {
"path_match": "traefik.health.response.status_codes.*",
"mapping": {
"type": "long"
},
"match_mapping_type": "long"
}
},
{
"strings_as_keyword": {
"mapping": {
"ignore_above": 1024,
"type": "keyword"
},
"match_mapping_type": "string"
}
}
],
"date_detection": false,
"properties": {
"container": {
"properties": {
"image": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"tag": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"labels": {
"type": "object"
}
}
},
"server": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"packets": {
"type": "long"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"agent": {
"properties": {
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"ephemeral_id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"log": {
"properties": {
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"level": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"traefik": {
"properties": {
"health": {
"properties": {
"response": {
"properties": {
"status_codes": {
"properties": {
"*": {
"type": "object"
}
}
},
"count": {
"type": "long"
},
"avg_time": {
"properties": {
"us": {
"type": "long"
}
}
}
}
},
"uptime": {
"properties": {
"sec": {
"type": "long"
}
}
}
}
}
}
},
"destination": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"source": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"ip": {
"type": "ip"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"error": {
"properties": {
"code": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"message": {
"norms": false,
"type": "text"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"network": {
"properties": {
"community_id": {
"ignore_above": 1024,
"type": "keyword"
},
"protocol": {
"ignore_above": 1024,
"type": "keyword"
},
"forwarded_ip": {
"type": "ip"
},
"application": {
"ignore_above": 1024,
"type": "keyword"
},
"bytes": {
"type": "long"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"transport": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
},
"iana_number": {
"ignore_above": 1024,
"type": "keyword"
},
"direction": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"docker": {
"properties": {
"container": {
"properties": {
"size": {
"properties": {
"rw": {
"type": "long"
},
"root_fs": {
"type": "long"
}
}
},
"created": {
"type": "date"
},
"ip_addresses": {
"type": "ip"
},
"command": {
"ignore_above": 1024,
"type": "keyword"
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
},
"labels": {
"type": "object"
},
"status": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"healthcheck": {
"properties": {
"failingstreak": {
"type": "long"
},
"event": {
"properties": {
"end_date": {
"type": "date"
},
"output": {
"ignore_above": 1024,
"type": "keyword"
},
"exit_code": {
"type": "long"
},
"start_date": {
"type": "date"
}
}
},
"status": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"diskio": {
"properties": {
"summary": {
"properties": {
"ops": {
"type": "long"
},
"rate": {
"type": "long"
},
"bytes": {
"type": "long"
}
}
},
"total": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"read": {
"properties": {
"ops": {
"type": "long"
},
"rate": {
"type": "long"
},
"bytes": {
"type": "long"
}
}
},
"reads": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"writes": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"write": {
"properties": {
"ops": {
"type": "long"
},
"rate": {
"type": "long"
},
"bytes": {
"type": "long"
}
}
}
}
},
"image": {
"properties": {
"size": {
"properties": {
"virtual": {
"type": "long"
},
"regular": {
"type": "long"
}
}
},
"created": {
"type": "date"
},
"id": {
"properties": {
"parent": {
"ignore_above": 1024,
"type": "keyword"
},
"current": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
},
"labels": {
"type": "object"
}
}
},
"memory": {
"properties": {
"fail": {
"properties": {
"count": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
},
"rss": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"total": {
"type": "long"
}
}
},
"usage": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"total": {
"type": "long"
},
"max": {
"type": "long"
}
}
},
"commit": {
"properties": {
"total": {
"type": "long"
},
"peak": {
"type": "long"
}
}
},
"limit": {
"type": "long"
},
"private_working_set": {
"properties": {
"total": {
"type": "long"
}
}
}
}
},
"cpu": {
"properties": {
"core": {
"properties": {
"*": {
"properties": {
"pct": {
"type": "object"
},
"ticks": {
"type": "object"
}
}
}
}
},
"total": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
},
"system": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"kernel": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"user": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
}
}
},
"event": {
"properties": {
"actor": {
"properties": {
"attributes": {
"type": "object"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"from": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"status": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"network": {
"properties": {
"in": {
"properties": {
"bytes": {
"type": "long"
},
"dropped": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"errors": {
"type": "long"
},
"packets": {
"type": "long"
}
}
},
"inbound": {
"properties": {
"bytes": {
"type": "long"
},
"dropped": {
"type": "long"
},
"errors": {
"type": "long"
},
"packets": {
"type": "long"
}
}
},
"outbound": {
"properties": {
"bytes": {
"type": "long"
},
"dropped": {
"type": "long"
},
"errors": {
"type": "long"
},
"packets": {
"type": "long"
}
}
},
"interface": {
"ignore_above": 1024,
"type": "keyword"
},
"out": {
"properties": {
"bytes": {
"type": "long"
},
"dropped": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"errors": {
"type": "long"
},
"packets": {
"type": "long"
}
}
}
}
},
"info": {
"properties": {
"images": {
"type": "long"
},
"containers": {
"properties": {
"running": {
"type": "long"
},
"stopped": {
"type": "long"
},
"total": {
"type": "long"
},
"paused": {
"type": "long"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"cloud": {
"properties": {
"availability_zone": {
"ignore_above": 1024,
"type": "keyword"
},
"instance": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"provider": {
"ignore_above": 1024,
"type": "keyword"
},
"machine": {
"properties": {
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"region": {
"ignore_above": 1024,
"type": "keyword"
},
"account": {
"properties": {
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"observer": {
"properties": {
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"vendor": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"serial_number": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"file": {
"properties": {
"owner": {
"ignore_above": 1024,
"type": "keyword"
},
"extension": {
"ignore_above": 1024,
"type": "keyword"
},
"gid": {
"ignore_above": 1024,
"type": "keyword"
},
"mtime": {
"type": "date"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"target_path": {
"ignore_above": 1024,
"type": "keyword"
},
"inode": {
"ignore_above": 1024,
"type": "keyword"
},
"mode": {
"ignore_above": 1024,
"type": "keyword"
},
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"uid": {
"ignore_above": 1024,
"type": "keyword"
},
"size": {
"type": "long"
},
"ctime": {
"type": "date"
},
"device": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"related": {
"properties": {
"ip": {
"type": "ip"
}
}
},
"ecs": {
"properties": {
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"timeseries": {
"properties": {
"instance": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"postgresql": {
"properties": {
"database": {
"properties": {
"temporary": {
"properties": {
"bytes": {
"type": "long"
},
"files": {
"type": "long"
}
}
},
"blocks": {
"properties": {
"hit": {
"type": "long"
},
"read": {
"type": "long"
},
"time": {
"properties": {
"read": {
"properties": {
"ms": {
"type": "long"
}
}
},
"write": {
"properties": {
"ms": {
"type": "long"
}
}
}
}
}
}
},
"stats_reset": {
"type": "date"
},
"number_of_backends": {
"type": "long"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"conflicts": {
"type": "long"
},
"oid": {
"type": "long"
},
"transactions": {
"properties": {
"rollback": {
"type": "long"
},
"commit": {
"type": "long"
}
}
},
"rows": {
"properties": {
"inserted": {
"type": "long"
},
"deleted": {
"type": "long"
},
"returned": {
"type": "long"
},
"updated": {
"type": "long"
},
"fetched": {
"type": "long"
}
}
},
"deadlocks": {
"type": "long"
}
}
},
"activity": {
"properties": {
"database": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"oid": {
"type": "long"
}
}
},
"application_name": {
"ignore_above": 1024,
"type": "keyword"
},
"waiting": {
"type": "boolean"
},
"backend_start": {
"type": "date"
},
"query": {
"ignore_above": 1024,
"type": "keyword"
},
"transaction_start": {
"type": "date"
},
"client": {
"properties": {
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
}
}
},
"query_start": {
"type": "date"
},
"pid": {
"type": "long"
},
"state": {
"ignore_above": 1024,
"type": "keyword"
},
"state_change": {
"type": "date"
},
"user": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"type": "long"
}
}
}
}
},
"bgwriter": {
"properties": {
"buffers": {
"properties": {
"checkpoints": {
"type": "long"
},
"backend": {
"type": "long"
},
"clean": {
"type": "long"
},
"clean_full": {
"type": "long"
},
"backend_fsync": {
"type": "long"
},
"allocated": {
"type": "long"
}
}
},
"stats_reset": {
"type": "date"
},
"checkpoints": {
"properties": {
"requested": {
"type": "long"
},
"times": {
"properties": {
"write": {
"properties": {
"ms": {
"type": "float"
}
}
},
"sync": {
"properties": {
"ms": {
"type": "float"
}
}
}
}
},
"scheduled": {
"type": "long"
}
}
}
}
},
"statement": {
"properties": {
"database": {
"properties": {
"oid": {
"type": "long"
}
}
},
"query": {
"properties": {
"memory": {
"properties": {
"shared": {
"properties": {
"hit": {
"type": "long"
},
"read": {
"type": "long"
},
"dirtied": {
"type": "long"
},
"written": {
"type": "long"
}
}
},
"temp": {
"properties": {
"read": {
"type": "long"
},
"written": {
"type": "long"
}
}
},
"local": {
"properties": {
"hit": {
"type": "long"
},
"read": {
"type": "long"
},
"dirtied": {
"type": "long"
},
"written": {
"type": "long"
}
}
}
}
},
"calls": {
"type": "long"
},
"id": {
"type": "long"
},
"text": {
"ignore_above": 1024,
"type": "keyword"
},
"time": {
"properties": {
"total": {
"properties": {
"ms": {
"type": "float"
}
}
},
"min": {
"properties": {
"ms": {
"type": "float"
}
}
},
"max": {
"properties": {
"ms": {
"type": "float"
}
}
},
"mean": {
"properties": {
"ms": {
"type": "long"
}
}
},
"stddev": {
"properties": {
"ms": {
"type": "long"
}
}
}
}
},
"rows": {
"type": "long"
}
}
},
"user": {
"properties": {
"id": {
"type": "long"
}
}
}
}
}
}
},
"host": {
"properties": {
"geo": {
"properties": {
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"build": {
"ignore_above": 1024,
"type": "keyword"
},
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"codename": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"containerized": {
"type": "boolean"
},
"ip": {
"type": "ip"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"architecture": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"beat": {
"properties": {
"stats": {
"properties": {
"runtime": {
"properties": {
"goroutines": {
"type": "long"
}
}
},
"libbeat": {
"properties": {
"output": {
"properties": {
"read": {
"properties": {
"bytes": {
"type": "long"
},
"errors": {
"type": "long"
}
}
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"write": {
"properties": {
"bytes": {
"type": "long"
},
"errors": {
"type": "long"
}
}
},
"events": {
"properties": {
"batches": {
"type": "long"
},
"duplicates": {
"type": "long"
},
"total": {
"type": "long"
},
"dropped": {
"type": "long"
},
"toomany": {
"type": "long"
},
"active": {
"type": "long"
},
"failed": {
"type": "long"
},
"acked": {
"type": "long"
}
}
}
}
}
}
},
"uptime": {
"properties": {
"ms": {
"type": "long"
}
}
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"state": {
"properties": {
"output": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"management": {
"properties": {
"enabled": {
"type": "boolean"
}
}
},
"module": {
"properties": {
"count": {
"type": "long"
}
}
},
"queue": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"type": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"client": {
"properties": {
"geo": {
"properties": {
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"bytes": {
"type": "long"
},
"ip": {
"type": "ip"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"packets": {
"type": "long"
}
}
},
"event": {
"properties": {
"severity": {
"type": "long"
},
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"risk_score": {
"type": "float"
},
"created": {
"type": "date"
},
"kind": {
"ignore_above": 1024,
"type": "keyword"
},
"timezone": {
"ignore_above": 1024,
"type": "keyword"
},
"module": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"type": "date"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"duration": {
"type": "long"
},
"risk_score_norm": {
"type": "float"
},
"action": {
"ignore_above": 1024,
"type": "keyword"
},
"end": {
"type": "date"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"category": {
"ignore_above": 1024,
"type": "keyword"
},
"dataset": {
"ignore_above": 1024,
"type": "keyword"
},
"outcome": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"user_agent": {
"properties": {
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"device": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"process": {
"properties": {
"args": {
"ignore_above": 1024,
"type": "keyword"
},
"pgid": {
"type": "long"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"start": {
"type": "date"
},
"pid": {
"type": "long"
},
"working_directory": {
"ignore_above": 1024,
"type": "keyword"
},
"thread": {
"properties": {
"id": {
"type": "long"
}
}
},
"title": {
"ignore_above": 1024,
"type": "keyword"
},
"executable": {
"ignore_above": 1024,
"type": "keyword"
},
"ppid": {
"type": "long"
}
}
},
"os": {
"properties": {
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"nginx": {
"properties": {
"stubstatus": {
"properties": {
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"current": {
"type": "long"
},
"waiting": {
"type": "long"
},
"accepts": {
"type": "long"
},
"handled": {
"type": "long"
},
"writing": {
"type": "long"
},
"dropped": {
"type": "long"
},
"active": {
"type": "long"
},
"reading": {
"type": "long"
},
"requests": {
"type": "long"
}
}
}
}
},
"message": {
"norms": false,
"type": "text"
},
"url": {
"properties": {
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"fragment": {
"ignore_above": 1024,
"type": "keyword"
},
"password": {
"ignore_above": 1024,
"type": "keyword"
},
"original": {
"ignore_above": 1024,
"type": "keyword"
},
"scheme": {
"ignore_above": 1024,
"type": "keyword"
},
"port": {
"type": "long"
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"query": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"ignore_above": 1024,
"type": "keyword"
},
"username": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
},
"labels": {
"type": "object"
},
"system": {
"properties": {
"diskio": {
"properties": {
"read": {
"properties": {
"bytes": {
"type": "long"
},
"count": {
"type": "long"
},
"time": {
"type": "long"
}
}
},
"iostat": {
"properties": {
"request": {
"properties": {
"avg_size": {
"type": "float"
}
}
},
"service_time": {
"type": "float"
},
"read": {
"properties": {
"request": {
"properties": {
"merges_per_sec": {
"type": "float"
},
"per_sec": {
"type": "float"
}
}
},
"await": {
"type": "float"
},
"per_sec": {
"properties": {
"bytes": {
"type": "float"
}
}
}
}
},
"busy": {
"type": "float"
},
"await": {
"type": "float"
},
"write": {
"properties": {
"request": {
"properties": {
"merges_per_sec": {
"type": "float"
},
"per_sec": {
"type": "float"
}
}
},
"await": {
"type": "float"
},
"per_sec": {
"properties": {
"bytes": {
"type": "float"
}
}
}
}
},
"queue": {
"properties": {
"avg_size": {
"type": "float"
}
}
}
}
},
"io": {
"properties": {
"time": {
"type": "long"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"serial_number": {
"ignore_above": 1024,
"type": "keyword"
},
"write": {
"properties": {
"bytes": {
"type": "long"
},
"count": {
"type": "long"
},
"time": {
"type": "long"
}
}
}
}
},
"process": {
"properties": {
"summary": {
"properties": {
"running": {
"type": "long"
},
"total": {
"type": "long"
},
"stopped": {
"type": "long"
},
"idle": {
"type": "long"
},
"zombie": {
"type": "long"
},
"dead": {
"type": "long"
},
"sleeping": {
"type": "long"
},
"unknown": {
"type": "long"
}
}
},
"cmdline": {
"ignore_above": 2048,
"type": "keyword"
},
"memory": {
"properties": {
"rss": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"bytes": {
"type": "long"
}
}
},
"size": {
"type": "long"
},
"share": {
"type": "long"
}
}
},
"cpu": {
"properties": {
"start_time": {
"type": "date"
},
"total": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"value": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"system": {
"properties": {
"ticks": {
"type": "long"
}
}
},
"user": {
"properties": {
"ticks": {
"type": "long"
}
}
}
}
},
"state": {
"ignore_above": 1024,
"type": "keyword"
},
"cgroup": {
"properties": {
"blkio": {
"properties": {
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"total": {
"properties": {
"bytes": {
"type": "long"
},
"ios": {
"type": "long"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"memory": {
"properties": {
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"mem": {
"properties": {
"failures": {
"type": "long"
},
"usage": {
"properties": {
"max": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"bytes": {
"type": "long"
}
}
},
"limit": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
},
"stats": {
"properties": {
"inactive_anon": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"cache": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"rss_huge": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"mapped_file": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"swap": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"unevictable": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"active_anon": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"pages_in": {
"type": "long"
},
"page_faults": {
"type": "long"
},
"hierarchical_memory_limit": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"pages_out": {
"type": "long"
},
"inactive_file": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"rss": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"hierarchical_memsw_limit": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"major_page_faults": {
"type": "long"
},
"active_file": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
},
"memsw": {
"properties": {
"failures": {
"type": "long"
},
"usage": {
"properties": {
"max": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"bytes": {
"type": "long"
}
}
},
"limit": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
},
"kmem_tcp": {
"properties": {
"failures": {
"type": "long"
},
"usage": {
"properties": {
"max": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"bytes": {
"type": "long"
}
}
},
"limit": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
},
"kmem": {
"properties": {
"failures": {
"type": "long"
},
"usage": {
"properties": {
"max": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"bytes": {
"type": "long"
}
}
},
"limit": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"cpu": {
"properties": {
"cfs": {
"properties": {
"shares": {
"type": "long"
},
"period": {
"properties": {
"us": {
"type": "long"
}
}
},
"quota": {
"properties": {
"us": {
"type": "long"
}
}
}
}
},
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"rt": {
"properties": {
"period": {
"properties": {
"us": {
"type": "long"
}
}
},
"runtime": {
"properties": {
"us": {
"type": "long"
}
}
}
}
},
"stats": {
"properties": {
"periods": {
"type": "long"
},
"throttled": {
"properties": {
"ns": {
"type": "long"
},
"periods": {
"type": "long"
}
}
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"cpuacct": {
"properties": {
"path": {
"ignore_above": 1024,
"type": "keyword"
},
"total": {
"properties": {
"ns": {
"type": "long"
}
}
},
"stats": {
"properties": {
"system": {
"properties": {
"ns": {
"type": "long"
}
}
},
"user": {
"properties": {
"ns": {
"type": "long"
}
}
}
}
},
"percpu": {
"type": "object"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"env": {
"type": "object"
},
"fd": {
"properties": {
"limit": {
"properties": {
"hard": {
"type": "long"
},
"soft": {
"type": "long"
}
}
},
"open": {
"type": "long"
}
}
}
}
},
"memory": {
"properties": {
"hugepages": {
"properties": {
"total": {
"type": "long"
},
"default_size": {
"type": "long"
},
"surplus": {
"type": "long"
},
"reserved": {
"type": "long"
},
"used": {
"properties": {
"pct": {
"type": "long"
},
"bytes": {
"type": "long"
}
}
},
"free": {
"type": "long"
}
}
},
"actual": {
"properties": {
"used": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"bytes": {
"type": "long"
}
}
},
"free": {
"type": "long"
}
}
},
"total": {
"type": "long"
},
"swap": {
"properties": {
"total": {
"type": "long"
},
"used": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"bytes": {
"type": "long"
}
}
},
"free": {
"type": "long"
}
}
},
"used": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"bytes": {
"type": "long"
}
}
},
"free": {
"type": "long"
}
}
},
"cpu": {
"properties": {
"total": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"system": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"cores": {
"type": "long"
},
"softirq": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"steal": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"idle": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"irq": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"iowait": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"user": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
},
"nice": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
},
"norm": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
}
}
}
}
},
"filesystem": {
"properties": {
"device_name": {
"ignore_above": 1024,
"type": "keyword"
},
"total": {
"type": "long"
},
"mount_point": {
"ignore_above": 1024,
"type": "keyword"
},
"free_files": {
"type": "long"
},
"available": {
"type": "long"
},
"files": {
"type": "long"
},
"used": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"bytes": {
"type": "long"
}
}
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"free": {
"type": "long"
}
}
},
"network": {
"properties": {
"in": {
"properties": {
"bytes": {
"type": "long"
},
"dropped": {
"type": "long"
},
"packets": {
"type": "long"
},
"errors": {
"type": "long"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"out": {
"properties": {
"bytes": {
"type": "long"
},
"dropped": {
"type": "long"
},
"packets": {
"type": "long"
},
"errors": {
"type": "long"
}
}
}
}
},
"uptime": {
"properties": {
"duration": {
"properties": {
"ms": {
"type": "long"
}
}
}
}
},
"core": {
"properties": {
"system": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"softirq": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"idle": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"steal": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"irq": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"id": {
"type": "long"
},
"iowait": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"user": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
},
"nice": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"ticks": {
"type": "long"
}
}
}
}
},
"entropy": {
"properties": {
"pct": {
"scaling_factor": 1000,
"type": "scaled_float"
},
"available_bits": {
"type": "long"
}
}
},
"load": {
"properties": {
"1": {
"scaling_factor": 100,
"type": "scaled_float"
},
"cores": {
"type": "long"
},
"15": {
"scaling_factor": 100,
"type": "scaled_float"
},
"5": {
"scaling_factor": 100,
"type": "scaled_float"
},
"norm": {
"properties": {
"1": {
"scaling_factor": 100,
"type": "scaled_float"
},
"15": {
"scaling_factor": 100,
"type": "scaled_float"
},
"5": {
"scaling_factor": 100,
"type": "scaled_float"
}
}
}
}
},
"fsstat": {
"properties": {
"total_files": {
"type": "long"
},
"count": {
"type": "long"
},
"total_size": {
"properties": {
"total": {
"type": "long"
},
"used": {
"type": "long"
},
"free": {
"type": "long"
}
}
}
}
},
"socket": {
"properties": {
"summary": {
"properties": {
"all": {
"properties": {
"listening": {
"type": "long"
},
"count": {
"type": "long"
}
}
},
"tcp": {
"properties": {
"all": {
"properties": {
"listening": {
"type": "long"
},
"established": {
"type": "long"
},
"time_wait": {
"type": "long"
},
"count": {
"type": "long"
},
"orphan": {
"type": "long"
},
"close_wait": {
"type": "long"
}
}
},
"memory": {
"type": "long"
}
}
},
"udp": {
"properties": {
"all": {
"properties": {
"count": {
"type": "long"
}
}
},
"memory": {
"type": "long"
}
}
}
}
},
"process": {
"properties": {
"cmdline": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"remote": {
"properties": {
"port": {
"type": "long"
},
"etld_plus_one": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"host": {
"ignore_above": 1024,
"type": "keyword"
},
"host_error": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"local": {
"properties": {
"port": {
"type": "long"
},
"ip": {
"type": "ip"
}
}
}
}
},
"raid": {
"properties": {
"sync_action": {
"ignore_above": 1024,
"type": "keyword"
},
"disks": {
"properties": {
"total": {
"type": "long"
},
"active": {
"type": "long"
},
"failed": {
"type": "long"
},
"spare": {
"type": "long"
},
"states": {
"properties": {
"*": {
"type": "object"
}
}
}
}
},
"level": {
"ignore_above": 1024,
"type": "keyword"
},
"blocks": {
"properties": {
"total": {
"type": "long"
},
"synced": {
"type": "long"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"status": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"@timestamp": {
"type": "date"
},
"service": {
"properties": {
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"address": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"state": {
"ignore_above": 1024,
"type": "keyword"
},
"ephemeral_id": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"organization": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"metricset": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"http": {
"properties": {
"request": {
"properties": {
"referrer": {
"ignore_above": 1024,
"type": "keyword"
},
"method": {
"ignore_above": 1024,
"type": "keyword"
},
"bytes": {
"type": "long"
},
"body": {
"properties": {
"bytes": {
"type": "long"
},
"content": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"response": {
"properties": {
"status_code": {
"type": "long"
},
"bytes": {
"type": "long"
},
"body": {
"properties": {
"bytes": {
"type": "long"
},
"content": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"fields": {
"type": "object"
},
"user": {
"properties": {
"full_name": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"email": {
"ignore_above": 1024,
"type": "keyword"
},
"hash": {
"ignore_above": 1024,
"type": "keyword"
},
"group": {
"properties": {
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment