Instantly share code, notes, and snippets.

Embed
What would you like to do?
{
"aliases": {
".all": {}
},
"mappings": {
"_default_": {
"_all": {
"enabled": false
},
"_meta": {
"version": "2018.04.30.0"
},
"_source": {
"enabled": false
},
"date_detection": false,
"dynamic_templates": [
{
"aushape_generic_nested_fields": {
"mapping": {
"index": true,
"type": "text"
},
"path_match": "aushape.data.*.*.*"
}
},
{
"aushape_generic_fields": {
"mapping": {
"index": true,
"type": "text"
},
"path_match": "aushape.data.*.*"
}
},
{
"aushape_generic_records": {
"mapping": {
"type": "object"
},
"path_match": "aushape.data.*"
}
},
{
"message_field": {
"mapping": {
"index": true,
"norms": false,
"type": "text"
},
"match": "message",
"match_mapping_type": "string"
}
},
{
"string_fields": {
"mapping": {
"fields": {
"raw": {
"ignore_above": 256,
"index": false,
"type": "keyword"
}
},
"index": true,
"norms": true,
"type": "text"
},
"match": "*",
"match_mapping_type": "string"
}
}
],
"properties": {
"@timestamp": {
"doc_values": true,
"fields": {
"raw": {
"doc_values": true,
"ignore_above": 256,
"index": true,
"type": "keyword"
}
},
"format": "yyyy-MM-dd HH:mm:ss,SSSZ||yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ||yyyy-MM-dd'T'HH:mm:ssZ||dateOptionalTime",
"index": true,
"type": "date"
},
"file": {
"doc_values": false,
"fields": {
"raw": {
"doc_values": true,
"ignore_above": 256,
"index": true,
"type": "keyword"
}
},
"index": true,
"norms": true,
"type": "text"
},
"geoip": {
"dynamic": true,
"properties": {
"location": {
"type": "geo_point"
}
},
"type": "object"
},
"hostname": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"ipaddr4": {
"doc_values": true,
"fields": {
"raw": {
"doc_values": true,
"ignore_above": 256,
"index": true,
"type": "keyword"
}
},
"index": true,
"type": "ip"
},
"ipaddr6": {
"doc_values": true,
"index": true,
"type": "ip"
},
"level": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"message": {
"doc_values": false,
"index": true,
"norms": false,
"type": "text"
},
"namespace_name": {
"doc_values": false,
"index": true,
"type": "keyword"
},
"namespace_uuid": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"offset": {
"doc_values": true,
"index": true,
"type": "long"
},
"pid": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"service": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"systemd": {
"properties": {
"k": {
"properties": {
"KERNEL_DEVICE": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"KERNEL_SUBSYSTEM": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"UDEV_DEVLINK": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"UDEV_DEVNODE": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"UDEV_SYSNAME": {
"doc_values": true,
"index": true,
"type": "keyword"
}
}
},
"t": {
"properties": {
"AUDIT_LOGINUID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"AUDIT_SESSION": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"BOOT_ID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"CAP_EFFECTIVE": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"CMDLINE": {
"doc_values": true,
"index": true,
"norms": false,
"type": "keyword"
},
"COMM": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"EXE": {
"doc_values": true,
"index": true,
"norms": false,
"type": "keyword"
},
"GID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"HOSTNAME": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"MACHINE_ID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"PID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SELINUX_CONTEXT": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SOURCE_REALTIME_TIMESTAMP": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSTEMD_CGROUP": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSTEMD_OWNER_UID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSTEMD_SESSION": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSTEMD_SLICE": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSTEMD_UNIT": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSTEMD_USER_UNIT": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"TRANSPORT": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"UID": {
"doc_values": true,
"index": true,
"type": "keyword"
}
}
},
"u": {
"properties": {
"CODE_FILE": {
"doc_values": true,
"index": true,
"norms": false,
"type": "keyword"
},
"CODE_FUNCTION": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"CODE_LINE": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"ERRNO": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"MESSAGE_ID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"RESULT": {
"doc_values": true,
"index": true,
"norms": false,
"type": "keyword"
},
"SYSLOG_FACILITY": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSLOG_IDENTIFIER": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"SYSLOG_PID": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"UNIT": {
"doc_values": true,
"index": true,
"type": "keyword"
}
}
}
}
},
"tags": {
"analyzer": "whitespace",
"doc_values": false,
"index": true,
"type": "text"
},
"template": {
"properties": {
"context": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"digest": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"host_id": {
"doc_values": true,
"index": true,
"type": "long"
},
"host_name": {
"doc_values": true,
"index": true,
"type": "keyword"
},
"name": {
"doc_values": true,
"index": true,
"type": "keyword"
}
}
},
"viaq_msg_id": {
"doc_values": true,
"index": true,
"type": "keyword"
}
}
}
},
"order": 20,
"settings": {
"index.refresh_interval": "5s"
},
"template": "project.foreman-*"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment