{ "test-index-syslog4": { "mappings": { "type-syslog": {

1. {
2. "test-index-syslog4": {
3. "mappings": {
4. "type-syslog": {
5. "properties": {
6. "@time_day": {
7. "type": "long"
8. },
9. "@time_day_of_week": {
10. "type": "long"
11. },
12. "@time_hour": {
13. "type": "long"
14. },
15. "@time_min": {
16. "type": "long"
17. },
18. "@time_month": {
19. "type": "long"
20. },
21. "@time_offset": {
22. "type": "string"
23. },
24. "@time_sec": {
25. "type": "long"
26. },
27. "@time_year": {
28. "type": "long"
29. },
30. "DstCity": {
31. "type": "string"
32. },
33. "DstCountry": {
34. "type": "string",
35. "index": "not_analyzed",
36. "doc_values": true,
37. "fielddata": {
38. "format": "doc_values"
39. }
40. },
41. "DstIP": {
42. "type": "ip",
43. "doc_values": true,
44. "fielddata": {
45. "format": "doc_values"
46. }
47. },
48. "DstIPstr": {
49. "type": "string",
50. "index": "not_analyzed"
51. },
52. "DstInterface": {
53. "type": "string"
54. },
55. "DstLongLat": {
56. "type": "string"
57. },
58. "DstPort": {
59. "type": "string",
60. "index": "not_analyzed",
61. "doc_values": true,
62. "fielddata": {
63. "format": "doc_values"
64. }
65. },
66. "DstState": {
67. "type": "string"
68. },
69. "EventID": {
70. "type": "string"
71. },
72. "EventReceivedTime": {
73. "type": "date",
74. "format": "yyyy-MM-dd HH:mm:ss"
75. },
76. "EventTime": {
77. "type": "date",
78. "format": "yyyy-MM-dd HH:mm:ss"
79. },
80. "GroupName": {
81. "type": "string"
82. },
83. "Hostname": {
84. "type": "string",
85. "index": "not_analyzed"
86. },
87. "InputType1": {
88. "type": "string"
89. },
90. "InputType2": {
91. "type": "string"
92. },
93. "InputType3": {
94. "type": "string"
95. },
96. "Message": {
97. "type": "string",
98. "index": "not_analyzed"
99. },
100. "MessageSourceAddress": {
101. "type": "string"
102. },
103. "Protocol": {
104. "type": "string"
105. },
106. "Severity": {
107. "type": "string"
108. },
109. "SeverityValue": {
110. "type": "long"
111. },
112. "SourceModuleName": {
113. "type": "string"
114. },
115. "SourceModuleType": {
116. "type": "string"
117. },
118. "SourceName": {
119. "type": "string"
120. },
121. "SrcCity": {
122. "type": "string"
123. },
124. "SrcCountry": {
125. "type": "string",
126. "index": "not_analyzed",
127. "doc_values": true,
128. "fielddata": {
129. "format": "doc_values"
130. }
131. },
132. "SrcIP": {
133. "type": "ip",
134. "doc_values": true,
135. "fielddata": {
136. "format": "doc_values"
137. }
138. },
139. "SrcIPstr": {
140. "type": "string",
141. "index": "not_analyzed"
142. },
143. "SrcInterface": {
144. "type": "string"
145. },
146. "SrcLongLat": {
147. "type": "string"
148. },
149. "SrcPort": {
150. "type": "string",
151. "index": "not_analyzed",
152. "doc_values": true,
153. "fielddata": {
154. "format": "doc_values"
155. }
156. },
157. "SrcState": {
158. "type": "string"
159. },
160. "SyslogFacility": {
161. "type": "string"
162. },
163. "SyslogFacilityValue": {
164. "type": "long"
165. },
166. "SyslogSeverity": {
167. "type": "string"
168. },
169. "SyslogSeverityValue": {
170. "type": "long"
171. },
172. "TunnelGroup": {
173. "type": "string"
174. },
175. "UserName": {
176. "type": "string"
177. },
178. "eventClass": {
179. "type": "string"
180. },
181. "ignoreFlag": {
182. "type": "string"
183. }
184. }
185. }
186. }
187. }
188. }