orciniusorsa/networklog template Secret

## networklog template
{
    "order": 10,
    "index_patterns": [
        "networklog-*"
    ],
    "settings": {
        "index": {
            "lifecycle": {
                "name": "networklog",
                "rollover_alias": "networklog"
            },
            "refresh_interval": "5s",
            "number_of_shards": "1",
            "number_of_replicas": "0",
            "query": {
                "default_field": [
                    "message",
                    "tags",
                    "host.ip",
                    "host.name",
                    "user.name",
                    "client.ip",
                    "client.nat.ip",
                    "event.code",
                    "event.action",
                    "event.duration",
                    "source.bytes",
                    "source.packets",
                    "destination.bytes",
                    "destination.packets",
                    "network.protocol",
                    "mikrotik.syslog_date",
                    "log.syslog.facility.name",
                    "log.syslog.facility.mnemonic",
                    "log.level",
                    "log.syslog.severity.code"
                ]
            }
        }
    },
    "mappings": {
        "date_detection": false,
        "properties": {
            "mikrotik": {
                "properties": {
                    "syslog_date": {
                        "type": "date"
                    }
                }
            },
            "@timestamp": {
                "type": "date"
            },
            "message": {
                "norms": false,
                "type": "text"
            },
            "log": {
                "properties": {
                    "level": {
                        "ignore_above": 1024,
                        "type": "keyword"
                    },
                    "syslog": {
                        "properties": {
                            "severity": {
                                "properties": {
                                    "code": {
                                        "type": "long"
                                    }
                                }
                            },
                            "facility": {
                                "properties": {
                                    "code": {
                                        "type": "long"
                                    },
                                    "name": {
                                        "ignore_above": 1024,
                                        "type": "keyword"
                                    }
                                }
                            }
                        }
                    }
                }
            },
            "event": {
                "properties": {
                    "code": {
                        "ignore_above": 1024,
                        "type": "keyword"
                    },
                    "duration": {
                        "type": "long"
                    },
                    "action": {
                        "ignore_above": 1024,
                        "type": "keyword"
                    }
                }
            },
            "host": {
                "properties": {
                    "name": {
                        "ignore_above": 1024,
                        "type": "keyword",
                        "fields": {
                            "text": {
                                "norms": false,
                                "type": "text"
                            }
                        }
                    },
                    "ip": {
                        "type": "ip"
                    }
                }
            },
            "user": {
                "properties": {
                    "name": {
                        "ignore_above": 1024,
                        "fields": {
                            "text": {
                                "norms": false,
                                "type": "text"
                            }
                        },
                        "type": "keyword"
                    }
                }
            },
            "client": {
                "properties": {
                    "nat": {
                        "properties": {
                            "ip": {
                                "type": "ip"
                            }
                        }
                    },
                    "ip": {
                        "type": "ip"
                    }
                }
            },
            "source": {
                "properties": {
                    "packets": {
                        "type": "long"
                    },
                    "bytes": {
                        "type": "long"
                    }
                }
            },
            "destination": {
                "properties": {
                    "packets": {
                        "type": "long"
                    },
                    "bytes": {
                        "type": "long"
                    }
                }
            },
            "network": {
                "properties": {
                    "protocol": {
                        "ignore_above": 1024,
                        "type": "keyword"
                    }
                }
            }
        }
    },
    "aliases": {}
}
	{
	"order": 10,
	"index_patterns": [
	"networklog-*"
	],
	"settings": {
	"index": {
	"lifecycle": {
	"name": "networklog",
	"rollover_alias": "networklog"
	},
	"refresh_interval": "5s",
	"number_of_shards": "1",
	"number_of_replicas": "0",
	"query": {
	"default_field": [
	"message",
	"tags",
	"host.ip",
	"host.name",
	"user.name",
	"client.ip",
	"client.nat.ip",
	"event.code",
	"event.action",
	"event.duration",
	"source.bytes",
	"source.packets",
	"destination.bytes",
	"destination.packets",
	"network.protocol",
	"mikrotik.syslog_date",
	"log.syslog.facility.name",
	"log.syslog.facility.mnemonic",
	"log.level",
	"log.syslog.severity.code"
	]
	}
	}
	},
	"mappings": {
	"date_detection": false,
	"properties": {
	"mikrotik": {
	"properties": {
	"syslog_date": {
	"type": "date"
	}
	}
	},
	"@timestamp": {
	"type": "date"
	},
	"message": {
	"norms": false,
	"type": "text"
	},
	"log": {
	"properties": {
	"level": {
	"ignore_above": 1024,
	"type": "keyword"
	},
	"syslog": {
	"properties": {
	"severity": {
	"properties": {
	"code": {
	"type": "long"
	}
	}
	},
	"facility": {
	"properties": {
	"code": {
	"type": "long"
	},
	"name": {
	"ignore_above": 1024,
	"type": "keyword"
	}
	}
	}
	}
	}
	}
	},
	"event": {
	"properties": {
	"code": {
	"ignore_above": 1024,
	"type": "keyword"
	},
	"duration": {
	"type": "long"
	},
	"action": {
	"ignore_above": 1024,
	"type": "keyword"
	}
	}
	},
	"host": {
	"properties": {
	"name": {
	"ignore_above": 1024,
	"type": "keyword",
	"fields": {
	"text": {
	"norms": false,
	"type": "text"
	}
	}
	},
	"ip": {
	"type": "ip"
	}
	}
	},
	"user": {
	"properties": {
	"name": {
	"ignore_above": 1024,
	"fields": {
	"text": {
	"norms": false,
	"type": "text"
	}
	},
	"type": "keyword"
	}
	}
	},
	"client": {
	"properties": {
	"nat": {
	"properties": {
	"ip": {
	"type": "ip"
	}
	}
	},
	"ip": {
	"type": "ip"
	}
	}
	},
	"source": {
	"properties": {
	"packets": {
	"type": "long"
	},
	"bytes": {
	"type": "long"
	}
	}
	},
	"destination": {
	"properties": {
	"packets": {
	"type": "long"
	},
	"bytes": {
	"type": "long"
	}
	}
	},
	"network": {
	"properties": {
	"protocol": {
	"ignore_above": 1024,
	"type": "keyword"
	}
	}
	}
	}
	},
	"aliases": {}
	}