This repository has been archived by the owner on Dec 13, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
ses-network.template.json
67 lines (67 loc) · 2.8 KB
/
ses-network.template.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
{
"index_patterns": "stormshield-ses-network-*",
"settings": {
"index.number_of_shards": 1,
"index.number_of_replicas": 0,
"index.refresh_interval": "30s"
},
"mappings": {
"_doc": {
"properties": {
"action": {"type": "keyword"},
"dst": {"type": "keyword"},
"dst_geoip": {"type": "object", "properties": {
"area_code": {"type": "long"},
"city_name": {"type": "keyword"},
"continent_code": {"type": "keyword"},
"country_code2": {"type": "keyword"},
"country_code3": {"type": "keyword"},
"country_name": {"type": "keyword"},
"dma_code": {"type": "long"},
"ip": {"type": "keyword"},
"latitude": {"type": "long"},
"location": {"type": "geo_point"},
"longitude": {"type": "long"},
"postal_code": {"type": "keyword"},
"real_region_name": {"type": "keyword"},
"region_code": {"type": "keyword"},
"region_name": {"type": "keyword"},
"timezone": {"type": "keyword"}
}},
"dstport": {"type": "long"},
"dstportname": {"type": "keyword"},
"hostip": {"type": "keyword"},
"hostname": {"type": "keyword"},
"internal_product": {"type": "keyword"},
"logtype": {"type": "keyword"},
"proto1": {"type": "keyword"},
"proto2": {"type": "keyword"},
"src": {"type": "keyword"},
"src_geoip": {"type": "object", "properties": {
"area_code": {"type": "long"},
"city_name": {"type": "keyword"},
"continent_code": {"type": "keyword"},
"country_code2": {"type": "keyword"},
"country_code3": {"type": "keyword"},
"country_name": {"type": "keyword"},
"dma_code": {"type": "long"},
"ip": {"type": "keyword"},
"latitude": {"type": "long"},
"location": {"type": "geo_point"},
"longitude": {"type": "long"},
"postal_code": {"type": "keyword"},
"real_region_name": {"type": "keyword"},
"region_code": {"type": "keyword"},
"region_name": {"type": "keyword"},
"timezone": {"type": "keyword"}
}},
"srcmac": {"type": "keyword"},
"srcport": {"type": "long"},
"srcportname": {"type": "keyword"},
"status": {"type": "keyword"},
"type": {"type": "keyword"},
"user": {"type": "keyword"}
}
}
}
}