API tools faq
paste
Advertisement
Guest User

mapping

a guest
Aug 4th, 2016
157
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 33.63 KB | None | 0 0
raw download clone embed print report
  1. [root@log01 ~]# curl http://localhost:9200/winlogbeat-2016.08.01/_mapping?pretty
  2. {
  3. "winlogbeat-2016.08.01" : {
  4. "mappings" : {
  5. "wineventlog" : {
  6. "properties" : {
  7. "@timestamp" : {
  8. "type" : "date",
  9. "format" : "strict_date_optional_time||epoch_millis"
  10. },
  11. "@version" : {
  12. "type" : "string"
  13. },
  14. "activity_id" : {
  15. "type" : "string"
  16. },
  17. "beat" : {
  18. "properties" : {
  19. "hostname" : {
  20. "type" : "string"
  21. },
  22. "name" : {
  23. "type" : "string"
  24. }
  25. }
  26. },
  27. "computer_name" : {
  28. "type" : "string"
  29. },
  30. "event_data" : {
  31. "properties" : {
  32. "AccessList" : {
  33. "type" : "string"
  34. },
  35. "AccessList_Translated" : {
  36. "type" : "string"
  37. },
  38. "AccessMask" : {
  39. "type" : "string"
  40. },
  41. "AccessReason" : {
  42. "type" : "string"
  43. },
  44. "AccountDomain" : {
  45. "type" : "string"
  46. },
  47. "AccountExpires" : {
  48. "type" : "string"
  49. },
  50. "AccountName" : {
  51. "type" : "string"
  52. },
  53. "AccountSessionIdentifier" : {
  54. "type" : "string"
  55. },
  56. "AdapterName" : {
  57. "type" : "string"
  58. },
  59. "AdapterSuffixName" : {
  60. "type" : "string"
  61. },
  62. "AdditionalInfo" : {
  63. "type" : "string"
  64. },
  65. "AdditionalInfo2" : {
  66. "type" : "string"
  67. },
  68. "Address" : {
  69. "type" : "string"
  70. },
  71. "AddressLength" : {
  72. "type" : "string"
  73. },
  74. "AlertDesc" : {
  75. "type" : "string"
  76. },
  77. "AlgorithmName" : {
  78. "type" : "string"
  79. },
  80. "AllowedToDelegateTo" : {
  81. "type" : "string"
  82. },
  83. "AppCorrelationID" : {
  84. "type" : "string"
  85. },
  86. "AppPoolID" : {
  87. "type" : "string"
  88. },
  89. "Application" : {
  90. "type" : "string"
  91. },
  92. "AuditPolicyChanges" : {
  93. "type" : "string"
  94. },
  95. "AuditSourceName" : {
  96. "type" : "string"
  97. },
  98. "AuthenticationPackageName" : {
  99. "type" : "string"
  100. },
  101. "AuthenticationProvider" : {
  102. "type" : "string"
  103. },
  104. "AuthenticationServer" : {
  105. "type" : "string"
  106. },
  107. "AuthenticationType" : {
  108. "type" : "string"
  109. },
  110. "Binary" : {
  111. "type" : "string"
  112. },
  113. "BitlockerUserInputTime" : {
  114. "type" : "string"
  115. },
  116. "BootMode" : {
  117. "type" : "string"
  118. },
  119. "BootType" : {
  120. "type" : "string"
  121. },
  122. "BuildVersion" : {
  123. "type" : "string"
  124. },
  125. "CalledStationID" : {
  126. "type" : "string"
  127. },
  128. "CallingStationID" : {
  129. "type" : "string"
  130. },
  131. "Caption" : {
  132. "type" : "string"
  133. },
  134. "CategoryId" : {
  135. "type" : "string"
  136. },
  137. "ChainLoggingRate" : {
  138. "type" : "string"
  139. },
  140. "ChainingCountFailure" : {
  141. "type" : "string"
  142. },
  143. "ChainingCountRequests" : {
  144. "type" : "string"
  145. },
  146. "ChainingCountSuccess" : {
  147. "type" : "string"
  148. },
  149. "ClientAddress" : {
  150. "type" : "string"
  151. },
  152. "ClientIPAddress" : {
  153. "type" : "string"
  154. },
  155. "ClientName" : {
  156. "type" : "string"
  157. },
  158. "ClientRealm" : {
  159. "type" : "string"
  160. },
  161. "ComputerAccountChange" : {
  162. "type" : "string"
  163. },
  164. "Context" : {
  165. "type" : "string"
  166. },
  167. "CorruptionActionState" : {
  168. "type" : "string"
  169. },
  170. "DCName" : {
  171. "type" : "string"
  172. },
  173. "DSName" : {
  174. "type" : "string"
  175. },
  176. "DSObjectName" : {
  177. "type" : "string"
  178. },
  179. "DSType" : {
  180. "type" : "string"
  181. },
  182. "DestinationDRA" : {
  183. "type" : "string"
  184. },
  185. "Detail" : {
  186. "type" : "string"
  187. },
  188. "DeviceName" : {
  189. "type" : "string"
  190. },
  191. "DeviceNameLength" : {
  192. "type" : "string"
  193. },
  194. "DeviceObject" : {
  195. "type" : "string"
  196. },
  197. "DeviceTime" : {
  198. "type" : "date",
  199. "format" : "strict_date_optional_time||epoch_millis"
  200. },
  201. "DeviceVersionMajor" : {
  202. "type" : "string"
  203. },
  204. "DeviceVersionMinor" : {
  205. "type" : "string"
  206. },
  207. "DirtyPages" : {
  208. "type" : "string"
  209. },
  210. "DisplayName" : {
  211. "type" : "string"
  212. },
  213. "DnsHostName" : {
  214. "type" : "string"
  215. },
  216. "DnsServerList" : {
  217. "type" : "string"
  218. },
  219. "DriveName" : {
  220. "type" : "string"
  221. },
  222. "DriverName" : {
  223. "type" : "string"
  224. },
  225. "DriverNameLength" : {
  226. "type" : "string"
  227. },
  228. "Dummy" : {
  229. "type" : "string"
  230. },
  231. "DwordVal" : {
  232. "type" : "string"
  233. },
  234. "EAPType" : {
  235. "type" : "string"
  236. },
  237. "EndUSN" : {
  238. "type" : "string"
  239. },
  240. "Endpoint" : {
  241. "type" : "string"
  242. },
  243. "EngineName" : {
  244. "type" : "string"
  245. },
  246. "EngineVersion" : {
  247. "type" : "string"
  248. },
  249. "EntryCount" : {
  250. "type" : "string"
  251. },
  252. "Error" : {
  253. "type" : "string"
  254. },
  255. "ErrorCode" : {
  256. "type" : "string"
  257. },
  258. "ErrorDescription" : {
  259. "type" : "string"
  260. },
  261. "ErrorDetails" : {
  262. "type" : "string"
  263. },
  264. "ErrorState" : {
  265. "type" : "string"
  266. },
  267. "EventSourceId" : {
  268. "type" : "string"
  269. },
  270. "ExtendedQuarantineState" : {
  271. "type" : "string"
  272. },
  273. "ExtensionId" : {
  274. "type" : "string"
  275. },
  276. "ExtensionName" : {
  277. "type" : "string"
  278. },
  279. "ExtraInfo" : {
  280. "type" : "string"
  281. },
  282. "FailureId" : {
  283. "type" : "string"
  284. },
  285. "FailureName" : {
  286. "type" : "string"
  287. },
  288. "FailureNameLength" : {
  289. "type" : "string"
  290. },
  291. "FailureReason" : {
  292. "type" : "string"
  293. },
  294. "FailureReason_Translated" : {
  295. "type" : "string"
  296. },
  297. "FinalStatus" : {
  298. "type" : "string"
  299. },
  300. "FromFolder" : {
  301. "type" : "string"
  302. },
  303. "FullyQualifiedSubjectMachineName" : {
  304. "type" : "string"
  305. },
  306. "FullyQualifiedSubjectUserName" : {
  307. "type" : "string"
  308. },
  309. "GPOList" : {
  310. "type" : "string"
  311. },
  312. "Group" : {
  313. "type" : "string"
  314. },
  315. "HandleId" : {
  316. "type" : "string"
  317. },
  318. "HiveName" : {
  319. "type" : "string"
  320. },
  321. "HiveNameLength" : {
  322. "type" : "string"
  323. },
  324. "HomeDirectory" : {
  325. "type" : "string"
  326. },
  327. "HomePath" : {
  328. "type" : "string"
  329. },
  330. "HostName" : {
  331. "type" : "string"
  332. },
  333. "IdleImplementation" : {
  334. "type" : "string"
  335. },
  336. "IdleStateCount" : {
  337. "type" : "string"
  338. },
  339. "ImagePath" : {
  340. "type" : "string"
  341. },
  342. "ImpersonationLevel" : {
  343. "type" : "string"
  344. },
  345. "ImpersonationLevel_Translated" : {
  346. "type" : "string"
  347. },
  348. "IpAddress" : {
  349. "type" : "string"
  350. },
  351. "IpPort" : {
  352. "type" : "string"
  353. },
  354. "Ipaddress" : {
  355. "type" : "string"
  356. },
  357. "KeyFilePath" : {
  358. "type" : "string"
  359. },
  360. "KeyLength" : {
  361. "type" : "string"
  362. },
  363. "KeyName" : {
  364. "type" : "string"
  365. },
  366. "KeyType" : {
  367. "type" : "string"
  368. },
  369. "KeysUpdated" : {
  370. "type" : "string"
  371. },
  372. "LastBootGood" : {
  373. "type" : "string"
  374. },
  375. "LastShutdownGood" : {
  376. "type" : "string"
  377. },
  378. "LastUpdated" : {
  379. "type" : "date",
  380. "format" : "strict_date_optional_time||epoch_millis"
  381. },
  382. "ListenerAdapterProtocol" : {
  383. "type" : "string"
  384. },
  385. "LmPackageName" : {
  386. "type" : "string"
  387. },
  388. "LoggingResult" : {
  389. "type" : "string"
  390. },
  391. "LogonGuid" : {
  392. "type" : "string"
  393. },
  394. "LogonHours" : {
  395. "type" : "string"
  396. },
  397. "LogonID" : {
  398. "type" : "string"
  399. },
  400. "LogonProcessName" : {
  401. "type" : "string"
  402. },
  403. "LogonType" : {
  404. "type" : "string"
  405. },
  406. "LogonType_Translated" : {
  407. "type" : "string"
  408. },
  409. "MachineInventory" : {
  410. "type" : "string"
  411. },
  412. "MajorVersion" : {
  413. "type" : "string"
  414. },
  415. "MasterKeyId" : {
  416. "type" : "string"
  417. },
  418. "MaximumPerformancePercent" : {
  419. "type" : "string"
  420. },
  421. "MemberName" : {
  422. "type" : "string"
  423. },
  424. "MemberSid" : {
  425. "type" : "string"
  426. },
  427. "Message" : {
  428. "type" : "string"
  429. },
  430. "MinimumPerformancePercent" : {
  431. "type" : "string"
  432. },
  433. "MinimumThrottlePercent" : {
  434. "type" : "string"
  435. },
  436. "MinorVersion" : {
  437. "type" : "string"
  438. },
  439. "Minutes" : {
  440. "type" : "string"
  441. },
  442. "NASIPv4Address" : {
  443. "type" : "string"
  444. },
  445. "NASIPv6Address" : {
  446. "type" : "string"
  447. },
  448. "NASIdentifier" : {
  449. "type" : "string"
  450. },
  451. "NASPort" : {
  452. "type" : "string"
  453. },
  454. "NASPortType" : {
  455. "type" : "string"
  456. },
  457. "NamingContext" : {
  458. "type" : "string"
  459. },
  460. "NetworkPolicyName" : {
  461. "type" : "string"
  462. },
  463. "NewObjectDN" : {
  464. "type" : "string"
  465. },
  466. "NewProcessId" : {
  467. "type" : "string"
  468. },
  469. "NewProcessName" : {
  470. "type" : "string"
  471. },
  472. "NewSd" : {
  473. "type" : "string"
  474. },
  475. "NewSize" : {
  476. "type" : "string"
  477. },
  478. "NewState" : {
  479. "type" : "string"
  480. },
  481. "NewTime" : {
  482. "type" : "date",
  483. "format" : "strict_date_optional_time||epoch_millis"
  484. },
  485. "NewUacValue" : {
  486. "type" : "string"
  487. },
  488. "NominalFrequency" : {
  489. "type" : "string"
  490. },
  491. "Number" : {
  492. "type" : "string"
  493. },
  494. "NumberOfGroupPolicyObjects" : {
  495. "type" : "string"
  496. },
  497. "ObjId" : {
  498. "type" : "string"
  499. },
  500. "ObjectClass" : {
  501. "type" : "string"
  502. },
  503. "ObjectGUID" : {
  504. "type" : "string"
  505. },
  506. "ObjectName" : {
  507. "type" : "string"
  508. },
  509. "ObjectServer" : {
  510. "type" : "string"
  511. },
  512. "ObjectType" : {
  513. "type" : "string"
  514. },
  515. "OldObjectDN" : {
  516. "type" : "string"
  517. },
  518. "OldSd" : {
  519. "type" : "string"
  520. },
  521. "OldTime" : {
  522. "type" : "date",
  523. "format" : "strict_date_optional_time||epoch_millis"
  524. },
  525. "OldUacValue" : {
  526. "type" : "string"
  527. },
  528. "OpCorrelationID" : {
  529. "type" : "string"
  530. },
  531. "Operation" : {
  532. "type" : "string"
  533. },
  534. "OperationType" : {
  535. "type" : "string"
  536. },
  537. "Options" : {
  538. "type" : "string"
  539. },
  540. "OriginalSize" : {
  541. "type" : "string"
  542. },
  543. "PID" : {
  544. "type" : "string"
  545. },
  546. "PackageName" : {
  547. "type" : "string"
  548. },
  549. "PasswordLastSet" : {
  550. "type" : "string"
  551. },
  552. "PerformanceImplementation" : {
  553. "type" : "string"
  554. },
  555. "PreAuthType" : {
  556. "type" : "string"
  557. },
  558. "PreviousTime" : {
  559. "type" : "date",
  560. "format" : "strict_date_optional_time||epoch_millis"
  561. },
  562. "PrimaryGroupId" : {
  563. "type" : "string"
  564. },
  565. "PrivilegeList" : {
  566. "type" : "string"
  567. },
  568. "ProcessID" : {
  569. "type" : "string"
  570. },
  571. "ProcessId" : {
  572. "type" : "string"
  573. },
  574. "ProcessName" : {
  575. "type" : "string"
  576. },
  577. "ProcessingMode" : {
  578. "type" : "string"
  579. },
  580. "ProcessingTimeInMilliseconds" : {
  581. "type" : "string"
  582. },
  583. "ProfileChanged" : {
  584. "type" : "string"
  585. },
  586. "ProfilePath" : {
  587. "type" : "string"
  588. },
  589. "Profiles" : {
  590. "type" : "string"
  591. },
  592. "Properties" : {
  593. "type" : "string"
  594. },
  595. "Protocol" : {
  596. "type" : "string"
  597. },
  598. "ProviderName" : {
  599. "type" : "string"
  600. },
  601. "ProxyPolicyName" : {
  602. "type" : "string"
  603. },
  604. "PuaCount" : {
  605. "type" : "string"
  606. },
  607. "PuaPolicyId" : {
  608. "type" : "string"
  609. },
  610. "QfeVersion" : {
  611. "type" : "string"
  612. },
  613. "QuarantineHelpURL" : {
  614. "type" : "string"
  615. },
  616. "QuarantineSessionID" : {
  617. "type" : "string"
  618. },
  619. "QuarantineSessionIdentifier" : {
  620. "type" : "string"
  621. },
  622. "QuarantineState" : {
  623. "type" : "string"
  624. },
  625. "QuarantineSystemHealthResult" : {
  626. "type" : "string"
  627. },
  628. "QueryName" : {
  629. "type" : "string"
  630. },
  631. "Reason" : {
  632. "type" : "string"
  633. },
  634. "ReasonCode" : {
  635. "type" : "string"
  636. },
  637. "RecoveryKeyId" : {
  638. "type" : "string"
  639. },
  640. "RecoveryReason" : {
  641. "type" : "string"
  642. },
  643. "RecoveryServer" : {
  644. "type" : "string"
  645. },
  646. "RelativeTargetName" : {
  647. "type" : "string"
  648. },
  649. "ResourceAttributes" : {
  650. "type" : "string"
  651. },
  652. "ResourceManager" : {
  653. "type" : "string"
  654. },
  655. "RestrictedSidCount" : {
  656. "type" : "string"
  657. },
  658. "ReturnCode" : {
  659. "type" : "string"
  660. },
  661. "RuleAttr" : {
  662. "type" : "string"
  663. },
  664. "RuleId" : {
  665. "type" : "string"
  666. },
  667. "RuleName" : {
  668. "type" : "string"
  669. },
  670. "SMBShare" : {
  671. "type" : "string"
  672. },
  673. "SamAccountName" : {
  674. "type" : "string"
  675. },
  676. "ScriptPath" : {
  677. "type" : "string"
  678. },
  679. "Sent UpdateServer" : {
  680. "type" : "string"
  681. },
  682. "Server" : {
  683. "type" : "string"
  684. },
  685. "ServerID" : {
  686. "type" : "string"
  687. },
  688. "ServerURL" : {
  689. "type" : "string"
  690. },
  691. "Service" : {
  692. "type" : "string"
  693. },
  694. "ServiceName" : {
  695. "type" : "string"
  696. },
  697. "ServicePrincipalNames" : {
  698. "type" : "string"
  699. },
  700. "ServiceSid" : {
  701. "type" : "string"
  702. },
  703. "ServiceType" : {
  704. "type" : "string"
  705. },
  706. "ServiceVersion" : {
  707. "type" : "string"
  708. },
  709. "SessionID" : {
  710. "type" : "string"
  711. },
  712. "SessionId" : {
  713. "type" : "string"
  714. },
  715. "SessionName" : {
  716. "type" : "string"
  717. },
  718. "ShareLocalPath" : {
  719. "type" : "string"
  720. },
  721. "ShareName" : {
  722. "type" : "string"
  723. },
  724. "ShutdownActionType" : {
  725. "type" : "string"
  726. },
  727. "ShutdownEventCode" : {
  728. "type" : "string"
  729. },
  730. "ShutdownReason" : {
  731. "type" : "string"
  732. },
  733. "SidHistory" : {
  734. "type" : "string"
  735. },
  736. "SignatureVersion" : {
  737. "type" : "string"
  738. },
  739. "SourceAddr" : {
  740. "type" : "string"
  741. },
  742. "SourceDRA" : {
  743. "type" : "string"
  744. },
  745. "SourceHandleId" : {
  746. "type" : "string"
  747. },
  748. "SourceProcessId" : {
  749. "type" : "string"
  750. },
  751. "SpVersion" : {
  752. "type" : "string"
  753. },
  754. "StartTime" : {
  755. "type" : "date",
  756. "format" : "strict_date_optional_time||epoch_millis"
  757. },
  758. "StartType" : {
  759. "type" : "string"
  760. },
  761. "StartUSN" : {
  762. "type" : "string"
  763. },
  764. "Status" : {
  765. "type" : "string"
  766. },
  767. "StatusCode" : {
  768. "type" : "string"
  769. },
  770. "Status_Translated" : {
  771. "type" : "string"
  772. },
  773. "StopTime" : {
  774. "type" : "date",
  775. "format" : "strict_date_optional_time||epoch_millis"
  776. },
  777. "SubStatus" : {
  778. "type" : "string"
  779. },
  780. "SubStatus_Translated" : {
  781. "type" : "string"
  782. },
  783. "SubcategoryGuid" : {
  784. "type" : "string"
  785. },
  786. "SubcategoryId" : {
  787. "type" : "string"
  788. },
  789. "SubjectDomainName" : {
  790. "type" : "string"
  791. },
  792. "SubjectLogonId" : {
  793. "type" : "string"
  794. },
  795. "SubjectMachineName" : {
  796. "type" : "string"
  797. },
  798. "SubjectMachineSID" : {
  799. "type" : "string"
  800. },
  801. "SubjectUserName" : {
  802. "type" : "string"
  803. },
  804. "SubjectUserSid" : {
  805. "type" : "string"
  806. },
  807. "SupportInfo1" : {
  808. "type" : "string"
  809. },
  810. "SupportInfo2" : {
  811. "type" : "string"
  812. },
  813. "TSId" : {
  814. "type" : "string"
  815. },
  816. "Target" : {
  817. "type" : "string"
  818. },
  819. "TargetDomainName" : {
  820. "type" : "string"
  821. },
  822. "TargetHandleId" : {
  823. "type" : "string"
  824. },
  825. "TargetInfo" : {
  826. "type" : "string"
  827. },
  828. "TargetLogonGuid" : {
  829. "type" : "string"
  830. },
  831. "TargetLogonId" : {
  832. "type" : "string"
  833. },
  834. "TargetProcessId" : {
  835. "type" : "string"
  836. },
  837. "TargetRealm" : {
  838. "type" : "string"
  839. },
  840. "TargetServerName" : {
  841. "type" : "string"
  842. },
  843. "TargetSid" : {
  844. "type" : "string"
  845. },
  846. "TargetUserName" : {
  847. "type" : "string"
  848. },
  849. "TargetUserSid" : {
  850. "type" : "string"
  851. },
  852. "Targetname" : {
  853. "type" : "string"
  854. },
  855. "TaskContentNew" : {
  856. "type" : "string"
  857. },
  858. "TaskName" : {
  859. "type" : "string"
  860. },
  861. "TicketEncryptionType" : {
  862. "type" : "string"
  863. },
  864. "TicketOptions" : {
  865. "type" : "string"
  866. },
  867. "TimeSource" : {
  868. "type" : "string"
  869. },
  870. "ToFolder" : {
  871. "type" : "string"
  872. },
  873. "TokenElevationType" : {
  874. "type" : "string"
  875. },
  876. "TransactionId" : {
  877. "type" : "string"
  878. },
  879. "TransmittedServices" : {
  880. "type" : "string"
  881. },
  882. "Type" : {
  883. "type" : "string"
  884. },
  885. "URL" : {
  886. "type" : "string"
  887. },
  888. "UpdatePath" : {
  889. "type" : "string"
  890. },
  891. "User" : {
  892. "type" : "string"
  893. },
  894. "UserAccountControl" : {
  895. "type" : "string"
  896. },
  897. "UserParameters" : {
  898. "type" : "string"
  899. },
  900. "UserPrincipalName" : {
  901. "type" : "string"
  902. },
  903. "UserSid" : {
  904. "type" : "string"
  905. },
  906. "UserWorkstations" : {
  907. "type" : "string"
  908. },
  909. "VMId" : {
  910. "type" : "string"
  911. },
  912. "VMIdLen" : {
  913. "type" : "string"
  914. },
  915. "VMName" : {
  916. "type" : "string"
  917. },
  918. "VMNameLen" : {
  919. "type" : "string"
  920. },
  921. "Version" : {
  922. "type" : "string"
  923. },
  924. "VolumeId" : {
  925. "type" : "string"
  926. },
  927. "Workstation" : {
  928. "type" : "string"
  929. },
  930. "WorkstationName" : {
  931. "type" : "string"
  932. },
  933. "param1" : {
  934. "type" : "string"
  935. },
  936. "param10" : {
  937. "type" : "string"
  938. },
  939. "param11" : {
  940. "type" : "string"
  941. },
  942. "param12" : {
  943. "type" : "string"
  944. },
  945. "param13" : {
  946. "type" : "string"
  947. },
  948. "param14" : {
  949. "type" : "string"
  950. },
  951. "param15" : {
  952. "type" : "string"
  953. },
  954. "param16" : {
  955. "type" : "string"
  956. },
  957. "param17" : {
  958. "type" : "string"
  959. },
  960. "param18" : {
  961. "type" : "string"
  962. },
  963. "param19" : {
  964. "type" : "string"
  965. },
  966. "param2" : {
  967. "type" : "date",
  968. "format" : "yyyy/MM/dd HH:mm:ss||yyyy/MM/dd||epoch_millis"
  969. },
  970. "param20" : {
  971. "type" : "string"
  972. },
  973. "param21" : {
  974. "type" : "string"
  975. },
  976. "param3" : {
  977. "type" : "string"
  978. },
  979. "param4" : {
  980. "type" : "string"
  981. },
  982. "param5" : {
  983. "type" : "string"
  984. },
  985. "param6" : {
  986. "type" : "string"
  987. },
  988. "param7" : {
  989. "type" : "string"
  990. },
  991. "param8" : {
  992. "type" : "string"
  993. },
  994. "param9" : {
  995. "type" : "string"
  996. },
  997. "string0" : {
  998. "type" : "string"
  999. }
  1000. }
  1001. },
  1002. "event_id" : {
  1003. "type" : "long"
  1004. },
  1005. "host" : {
  1006. "type" : "string"
  1007. },
  1008. "keywords" : {
  1009. "type" : "string"
  1010. },
  1011. "level" : {
  1012. "type" : "string"
  1013. },
  1014. "log_name" : {
  1015. "type" : "string"
  1016. },
  1017. "message" : {
  1018. "type" : "string"
  1019. },
  1020. "message_error" : {
  1021. "type" : "string"
  1022. },
  1023. "opcode" : {
  1024. "type" : "string"
  1025. },
  1026. "process_id" : {
  1027. "type" : "long"
  1028. },
  1029. "provider_guid" : {
  1030. "type" : "string"
  1031. },
  1032. "record_number" : {
  1033. "type" : "string"
  1034. },
  1035. "source_name" : {
  1036. "type" : "string"
  1037. },
  1038. "tags" : {
  1039. "type" : "string"
  1040. },
  1041. "task" : {
  1042. "type" : "string"
  1043. },
  1044. "thread_id" : {
  1045. "type" : "long"
  1046. },
  1047. "type" : {
  1048. "type" : "string"
  1049. },
  1050. "user" : {
  1051. "properties" : {
  1052. "domain" : {
  1053. "type" : "string"
  1054. },
  1055. "identifier" : {
  1056. "type" : "string"
  1057. },
  1058. "name" : {
  1059. "type" : "string"
  1060. },
  1061. "type" : {
  1062. "type" : "string"
  1063. }
  1064. }
  1065. },
  1066. "user_data" : {
  1067. "properties" : {
  1068. "AddServiceStatus" : {
  1069. "type" : "string"
  1070. },
  1071. "AppName" : {
  1072. "type" : "string"
  1073. },
  1074. "Channel" : {
  1075. "type" : "string"
  1076. },
  1077. "Dependency" : {
  1078. "type" : "string"
  1079. },
  1080. "DeviceId" : {
  1081. "type" : "string"
  1082. },
  1083. "DeviceInstanceID" : {
  1084. "type" : "string"
  1085. },
  1086. "DriverDescription" : {
  1087. "type" : "string"
  1088. },
  1089. "DriverFileName" : {
  1090. "type" : "string"
  1091. },
  1092. "DriverName" : {
  1093. "type" : "string"
  1094. },
  1095. "DriverProvider" : {
  1096. "type" : "string"
  1097. },
  1098. "DriverVersion" : {
  1099. "type" : "string"
  1100. },
  1101. "EventID" : {
  1102. "type" : "string"
  1103. },
  1104. "FinalStatus" : {
  1105. "type" : "string"
  1106. },
  1107. "InstallStatus" : {
  1108. "type" : "string"
  1109. },
  1110. "IsDriverOEM" : {
  1111. "type" : "string"
  1112. },
  1113. "MinimumFxVersion" : {
  1114. "type" : "string"
  1115. },
  1116. "Namespace" : {
  1117. "type" : "string"
  1118. },
  1119. "PrimaryService" : {
  1120. "type" : "string"
  1121. },
  1122. "ProcessID" : {
  1123. "type" : "string"
  1124. },
  1125. "ProvidersInHost" : {
  1126. "type" : "string"
  1127. },
  1128. "PublisherID" : {
  1129. "type" : "string"
  1130. },
  1131. "QuotaName" : {
  1132. "type" : "string"
  1133. },
  1134. "QuotaThreshold" : {
  1135. "type" : "string"
  1136. },
  1137. "QuotaValue" : {
  1138. "type" : "string"
  1139. },
  1140. "RebootOption" : {
  1141. "type" : "string"
  1142. },
  1143. "RmSessionId" : {
  1144. "type" : "string"
  1145. },
  1146. "ServiceName" : {
  1147. "type" : "string"
  1148. },
  1149. "SetupClass" : {
  1150. "type" : "string"
  1151. },
  1152. "SubjectDomainName" : {
  1153. "type" : "string"
  1154. },
  1155. "SubjectUserName" : {
  1156. "type" : "string"
  1157. },
  1158. "UTCStartTime" : {
  1159. "type" : "date",
  1160. "format" : "strict_date_optional_time||epoch_millis"
  1161. },
  1162. "UpdateService" : {
  1163. "type" : "string"
  1164. },
  1165. "UpgradeDevice" : {
  1166. "type" : "string"
  1167. },
  1168. "binaryData" : {
  1169. "type" : "string"
  1170. },
  1171. "binaryDataSize" : {
  1172. "type" : "string"
  1173. },
  1174. "param1" : {
  1175. "type" : "string"
  1176. },
  1177. "param2" : {
  1178. "type" : "string"
  1179. },
  1180. "param3" : {
  1181. "type" : "string"
  1182. },
  1183. "xml_name" : {
  1184. "type" : "string"
  1185. }
  1186. }
  1187. },
  1188. "version" : {
  1189. "type" : "long"
  1190. }
  1191. }
  1192. }
  1193. }
  1194. }
  1195. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!