ralphm/udplog.json

## udplog.json
{
    "template": "udplog-*",
    "settings": {
        "index.refresh_interval" : "5s",
        "number_of_shards": 5,
        "analysis" : {
            "filter": {
                "compound_word": {
                    "type": "word_delimiter",
                    "preserve_original": true
                },
                "dotted": {
                    "patterns": [
                        "([^.]+)"
                    ],
                    "preserve_original": 1,
                    "type": "pattern_capture"
                },
                "slashed": {
                    "patterns": [
                        "([^/]+)"
                    ],
                    "preserve_original": 1,
                    "type": "pattern_capture"
                }
            },
            "tokenizer": {
                "domain_name": {
                    "type": "path_hierarchy",
                    "delimiter": ".",
                    "reverse": true

                },
                "module_path": {
                    "type": "path_hierarchy",
                    "delimiter": "."
                }
            },
            "analyzer": {
                "domain": {
                    "filter": [
                        "dotted",
                        "compound_word",
                        "lowercase",
                        "unique"
                    ],
                    "tokenizer": "domain_name"
                },
                "filename": {
                    "filter": [
                        "slashed",
                        "compound_word",
                        "unique"
                    ],
                    "tokenizer": "path_hierarchy"
                },
                "module": {
                    "filter": [
                        "dotted",
                        "compound_word",
                        "unique"
                    ],
                    "tokenizer": "module_path"
                },
                "keyword_lower": {
                    "filter": [
                        "lowercase"
                    ],
                    "tokenizer": "keyword"
                }
            }
        }
    },
    "mappings": {
        "_default_": {
            "_all": {
                "enabled": true
            },
            "dynamic_templates": [
                {
                    "string_fields": {
                        "mapping": {
                            "fields": {
                                "raw": {
                                    "ignore_above": 256,
                                    "index": "not_analyzed",
                                    "type": "string"
                                }
                            },
                            "index": "analyzed",
                            "omit_norms": true,
                            "type": "string"
                        },
                        "match": "*",
                        "match_mapping_type": "string"
                    }
                }
            ],
            "properties": {
                "@timestamp": {
                    "format": "dateOptionalTime",
                    "type": "date"
                },
                "@version": {
                    "index": "not_analyzed",
                    "type": "string"
                },
                "appname":
                {
                    "index": "not_analyzed",
                    "type": "string"
                },
                "category":
                {
                    "index": "not_analyzed",
                    "type": "string"
                },
                "excText":
                {
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "excType":
                {
                    "index_analyzer": "module",
                    "search_analyzer": "keyword",
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "excValue":
                {
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "facility":
                {
                    "index": "not_analyzed",
                    "type": "string"
                },
                "filename":
                {
                    "index_analyzer": "filename",
                    "search_analyzer": "keyword",
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "funcName":
                {
                    "index_analyzer": "module",
                    "search_analyzer": "keyword",
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "hostname":
                {
                    "index_analyzer": "domain",
                    "search_analyzer": "keyword_lower",
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "isError": {
                    "type": "boolean"
                },
                "lineno":
                {
                    "type": "long"
                },
                "logLevel":
                {
                    "index_analyzer": "keyword_lower",
                    "search_analyzer": "keyword_lower",
                    "type": "string"
                },
                "logName":
                {
                    "index_analyzer": "module",
                    "search_analyzer": "keyword",
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "message":
                {
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "pid":
                {
                    "type": "long"
                },
                "system":
                {
                    "type": "string",
                    "fields": {
                        "raw": {
                            "ignore_above": 256,
                            "index": "not_analyzed",
                            "type": "string"
                        }
                    }
                },
                "timestamp":
                {
                    "type": "double"
                }
            }
        }
    }
}
	{
	"template": "udplog-*",
	"settings": {
	"index.refresh_interval" : "5s",
	"number_of_shards": 5,
	"analysis" : {
	"filter": {
	"compound_word": {
	"type": "word_delimiter",
	"preserve_original": true
	},
	"dotted": {
	"patterns": [
	"([^.]+)"
	],
	"preserve_original": 1,
	"type": "pattern_capture"
	},
	"slashed": {
	"patterns": [
	"([^/]+)"
	],
	"preserve_original": 1,
	"type": "pattern_capture"
	}
	},
	"tokenizer": {
	"domain_name": {
	"type": "path_hierarchy",
	"delimiter": ".",
	"reverse": true

	},
	"module_path": {
	"type": "path_hierarchy",
	"delimiter": "."
	}
	},
	"analyzer": {
	"domain": {
	"filter": [
	"dotted",
	"compound_word",
	"lowercase",
	"unique"
	],
	"tokenizer": "domain_name"
	},
	"filename": {
	"filter": [
	"slashed",
	"compound_word",
	"unique"
	],
	"tokenizer": "path_hierarchy"
	},
	"module": {
	"filter": [
	"dotted",
	"compound_word",
	"unique"
	],
	"tokenizer": "module_path"
	},
	"keyword_lower": {
	"filter": [
	"lowercase"
	],
	"tokenizer": "keyword"
	}
	}
	}
	},
	"mappings": {
	"_default_": {
	"_all": {
	"enabled": true
	},
	"dynamic_templates": [
	{
	"string_fields": {
	"mapping": {
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	},
	"index": "analyzed",
	"omit_norms": true,
	"type": "string"
	},
	"match": "*",
	"match_mapping_type": "string"
	}
	}
	],
	"properties": {
	"@timestamp": {
	"format": "dateOptionalTime",
	"type": "date"
	},
	"@version": {
	"index": "not_analyzed",
	"type": "string"
	},
	"appname":
	{
	"index": "not_analyzed",
	"type": "string"
	},
	"category":
	{
	"index": "not_analyzed",
	"type": "string"
	},
	"excText":
	{
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"excType":
	{
	"index_analyzer": "module",
	"search_analyzer": "keyword",
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"excValue":
	{
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"facility":
	{
	"index": "not_analyzed",
	"type": "string"
	},
	"filename":
	{
	"index_analyzer": "filename",
	"search_analyzer": "keyword",
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"funcName":
	{
	"index_analyzer": "module",
	"search_analyzer": "keyword",
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"hostname":
	{
	"index_analyzer": "domain",
	"search_analyzer": "keyword_lower",
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"isError": {
	"type": "boolean"
	},
	"lineno":
	{
	"type": "long"
	},
	"logLevel":
	{
	"index_analyzer": "keyword_lower",
	"search_analyzer": "keyword_lower",
	"type": "string"
	},
	"logName":
	{
	"index_analyzer": "module",
	"search_analyzer": "keyword",
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"message":
	{
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"pid":
	{
	"type": "long"
	},
	"system":
	{
	"type": "string",
	"fields": {
	"raw": {
	"ignore_above": 256,
	"index": "not_analyzed",
	"type": "string"
	}
	}
	},
	"timestamp":
	{
	"type": "double"
	}
	}
	}
	}
	}