Skip to content

Instantly share code, notes, and snippets.

@nickwallen

nickwallen/example-index-template.json

Last active October 13, 2016 20:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save nickwallen/8158e736742d331b67c34e8f389ba775 to your computer and use it in GitHub Desktop.
Save nickwallen/8158e736742d331b67c34e8f389ba775 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
example-index-template.json
{
"template": "sensor1_index*",
"mappings": {
"sensor1_doc": {
"_timestamp": {
"enabled": true
},
"properties": {
"timestamp": {
"type": "date",
"format": "epoch_millis"
},
"ip_src_addr": {
"type": "ip"
},
"ip_src_port": {
"type": "integer"
},
"ip_dst_addr": {
"type": "ip"
},
"ip_dst_port": {
"type": "integer"
}
}
}
}
}
@nickwallen
Copy link
Author

nickwallen commented Oct 13, 2016
edited

This is an example index template for a new sensor called 'sensor1'.

  • The template will apply to any indices that are named sensor1_index*.
  • The index has one document type that must be named sensor1_doc.
  • The index is expected to contain timestamps.
  • The properties section defines the types of each field. I have defined the 5 common fields that most sensors contain.
  • Additional fields can be added following the 5 that are already defined.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment