Created
March 17, 2020 10:48
-
-
Save terrandfw/f4a474644ef5f6df5abba7b4d93e3f9f to your computer and use it in GitHub Desktop.
Audit Beat Mapping
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "auditbeat-7.4.2-2020.03.11" : { | |
| "mappings" : { | |
| "properties" : { | |
| "@timestamp" : { | |
| "type" : "date" | |
| }, | |
| "@version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "agent" : { | |
| "properties" : { | |
| "ephemeral_id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "hostname" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "type" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "client" : { | |
| "properties" : { | |
| "bytes" : { | |
| "type" : "long" | |
| }, | |
| "ip" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "packets" : { | |
| "type" : "long" | |
| }, | |
| "port" : { | |
| "type" : "long" | |
| } | |
| } | |
| }, | |
| "destination" : { | |
| "properties" : { | |
| "bytes" : { | |
| "type" : "long" | |
| }, | |
| "ip" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "packets" : { | |
| "type" : "long" | |
| }, | |
| "port" : { | |
| "type" : "long" | |
| } | |
| } | |
| }, | |
| "ecs" : { | |
| "properties" : { | |
| "version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "error" : { | |
| "properties" : { | |
| "message" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "event" : { | |
| "properties" : { | |
| "action" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "category" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "dataset" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "duration" : { | |
| "type" : "long" | |
| }, | |
| "end" : { | |
| "type" : "date" | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "kind" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "module" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "origin" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "outcome" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "start" : { | |
| "type" : "date" | |
| }, | |
| "type" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "fields" : { | |
| "properties" : { | |
| "env" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "file" : { | |
| "properties" : { | |
| "ctime" : { | |
| "type" : "date" | |
| }, | |
| "inode" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "mtime" : { | |
| "type" : "date" | |
| }, | |
| "owner" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "path" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "size" : { | |
| "type" : "long" | |
| }, | |
| "type" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "uid" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "flow" : { | |
| "properties" : { | |
| "complete" : { | |
| "type" : "boolean" | |
| }, | |
| "final" : { | |
| "type" : "boolean" | |
| } | |
| } | |
| }, | |
| "group" : { | |
| "properties" : { | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "hash" : { | |
| "properties" : { | |
| "sha1" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "host" : { | |
| "properties" : { | |
| "architecture" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "containerized" : { | |
| "type" : "boolean" | |
| }, | |
| "hostname" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "ip" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "mac" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "os" : { | |
| "properties" : { | |
| "build" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "codename" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "family" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "kernel" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "platform" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "message" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "network" : { | |
| "properties" : { | |
| "bytes" : { | |
| "type" : "long" | |
| }, | |
| "community_id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "direction" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "packets" : { | |
| "type" : "long" | |
| }, | |
| "transport" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "type" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "process" : { | |
| "properties" : { | |
| "args" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "created" : { | |
| "type" : "date" | |
| }, | |
| "entity_id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "executable" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "hash" : { | |
| "properties" : { | |
| "sha1" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "pid" : { | |
| "type" : "long" | |
| }, | |
| "ppid" : { | |
| "type" : "long" | |
| }, | |
| "start" : { | |
| "type" : "date" | |
| }, | |
| "working_directory" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "server" : { | |
| "properties" : { | |
| "bytes" : { | |
| "type" : "long" | |
| }, | |
| "ip" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "packets" : { | |
| "type" : "long" | |
| }, | |
| "port" : { | |
| "type" : "long" | |
| } | |
| } | |
| }, | |
| "service" : { | |
| "properties" : { | |
| "type" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "source" : { | |
| "properties" : { | |
| "bytes" : { | |
| "type" : "long" | |
| }, | |
| "domain" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "ip" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "packets" : { | |
| "type" : "long" | |
| }, | |
| "port" : { | |
| "type" : "long" | |
| } | |
| } | |
| }, | |
| "system" : { | |
| "properties" : { | |
| "audit" : { | |
| "properties" : { | |
| "host" : { | |
| "properties" : { | |
| "architecture" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "boottime" : { | |
| "type" : "date" | |
| }, | |
| "containerized" : { | |
| "type" : "boolean" | |
| }, | |
| "hostname" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "ip" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "mac" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "os" : { | |
| "properties" : { | |
| "codename" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "family" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "kernel" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "platform" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "timezone" : { | |
| "properties" : { | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "offset" : { | |
| "properties" : { | |
| "sec" : { | |
| "type" : "long" | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "uptime" : { | |
| "type" : "long" | |
| } | |
| } | |
| }, | |
| "package" : { | |
| "properties" : { | |
| "arch" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "entity_id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "installtime" : { | |
| "type" : "date" | |
| }, | |
| "license" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "release" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "size" : { | |
| "type" : "long" | |
| }, | |
| "summary" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "url" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "socket" : { | |
| "properties" : { | |
| "egid" : { | |
| "type" : "long" | |
| }, | |
| "euid" : { | |
| "type" : "long" | |
| }, | |
| "gid" : { | |
| "type" : "long" | |
| }, | |
| "internal_version" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "kernel_sock_address" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "uid" : { | |
| "type" : "long" | |
| } | |
| } | |
| }, | |
| "user" : { | |
| "properties" : { | |
| "dir" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "gid" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "group" : { | |
| "properties" : { | |
| "gid" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "password" : { | |
| "properties" : { | |
| "last_changed" : { | |
| "type" : "date" | |
| }, | |
| "type" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "shell" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "uid" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "user_information" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "tags" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "user" : { | |
| "properties" : { | |
| "effective" : { | |
| "properties" : { | |
| "group" : { | |
| "properties" : { | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "entity_id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "group" : { | |
| "properties" : { | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "name" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| }, | |
| "saved" : { | |
| "properties" : { | |
| "group" : { | |
| "properties" : { | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "id" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "terminal" : { | |
| "type" : "text", | |
| "fields" : { | |
| "keyword" : { | |
| "type" : "keyword", | |
| "ignore_above" : 256 | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment