This repository has been archived by the owner on Dec 13, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathsns-web.template.json
118 lines (118 loc) · 5.08 KB
/
sns-web.template.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
{
"index_patterns": "stormshield-sns-web-*",
"settings": {
"index.number_of_shards": 1,
"index.number_of_replicas": 0,
"index.refresh_interval": "30s",
"analysis": {
"analyzer": {
"search_engine_query_analyzer": {
"filter": ["asciifolding", "lowercase", "stop_main_languages"],
"tokenizer": "letter"
}
},
"filter": {
"stop_main_languages": {
"type": "stop",
"stopwords": ["_english_", "_french_", "_italian_", "_german_", "_spanish_"]
}
}
}
},
"mappings": {
"_doc": {
"properties": {
"action": {"type": "keyword"},
"arg": {"type": "keyword"},
"cat_site": {"type": "keyword"},
"confid": {"type": "keyword"},
"contentpolicy": {"type": "keyword"},
"domain": {"type": "keyword"},
"dst": {"type": "keyword"},
"dstcontinent": {"type": "keyword"},
"dstcountry": {"type": "keyword"},
"dst_geoip": {"type": "object", "properties": {
"area_code": {"type": "long"},
"city_name": {"type": "keyword"},
"continent_code": {"type": "keyword"},
"country_code2": {"type": "keyword"},
"country_code3": {"type": "keyword"},
"country_name": {"type": "keyword"},
"dma_code": {"type": "long"},
"ip": {"type": "keyword"},
"latitude": {"type": "long"},
"location": {"type": "geo_point"},
"longitude": {"type": "long"},
"postal_code": {"type": "keyword"},
"real_region_name": {"type": "keyword"},
"region_code": {"type": "keyword"},
"region_name": {"type": "keyword"},
"timezone": {"type": "keyword"}
}},
"dsthostrep": {"type": "long"},
"dstiprep": {"type": "keyword"},
"dstname": {"type": "keyword"},
"dstport": {"type": "long"},
"dstportname": {"type": "keyword"},
"duration": {"type": "double"},
"filename": {"type": "keyword"},
"filetype": {"type": "keyword"},
"fw": {"type": "keyword"},
"hash": {"type": "keyword"},
"internal_product": {"type": "keyword"},
"ipv": {"type": "keyword"},
"logtype": {"type": "keyword"},
"modsrc": {"type": "keyword"},
"modsrcport": {"type": "keyword"},
"msg": {"type": "keyword"},
"op": {"type": "keyword"},
"origdst": {"type": "keyword"},
"origdstport": {"type": "keyword"},
"pri": {"type": "long"},
"proto": {"type": "keyword"},
"rcvd": {"type": "long"},
"result": {"type": "keyword"},
"risk": {"type": "long"},
"ruleid": {"type": "long"},
"rulename": {"type": "keyword"},
"sandboxing": {"type": "keyword"},
"search_engine_query":{"type": "text", "index": "true", "fielddata": true, "analyzer": "search_engine_query_analyzer"},
"sent": {"type": "long"},
"slotlevel": {"type": "long"},
"src": {"type": "keyword"},
"srccontinent": {"type": "keyword"},
"srccountry": {"type": "keyword"},
"src_geoip": {"type": "object", "properties": {
"area_code": {"type": "long"},
"city_name": {"type": "keyword"},
"continent_code": {"type": "keyword"},
"country_code2": {"type": "keyword"},
"country_code3": {"type": "keyword"},
"country_name": {"type": "keyword"},
"dma_code": {"type": "long"},
"ip": {"type": "keyword"},
"latitude": {"type": "long"},
"location": {"type": "geo_point"},
"longitude": {"type": "long"},
"postal_code": {"type": "keyword"},
"real_region_name": {"type": "keyword"},
"region_code": {"type": "keyword"},
"region_name": {"type": "keyword"},
"timezone": {"type": "keyword"}
}},
"srchostrep": {"type": "long"},
"srciprep": {"type": "keyword"},
"srcmac": {"type": "keyword"},
"srcname": {"type": "keyword"},
"srcport": {"type": "long"},
"srcportname": {"type": "keyword"},
"startime": {"type": "keyword"},
"type": {"type": "keyword"},
"tz": {"type": "keyword"},
"urlruleid": {"type": "long"},
"user": {"type": "keyword"},
"virus": {"type": "keyword"}
}
}
}
}