Guest User

Squid demo index for HCP Hortonworks

a guest
May 9th, 2019
87
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. PUT squid
  2. {
  3. "template": "squid_index*",
  4. "settings": {},
  5. "mappings": {
  6. "squid_doc": {
  7. "dynamic_templates": [
  8. {
  9. "geo_location_point": {
  10. "match": "enrichments:geo:*:location_point",
  11. "match_mapping_type": "*",
  12. "mapping": {
  13. "type": "geo_point"
  14. }
  15. }
  16. },
  17. {
  18. "geo_country": {
  19. "match": "enrichments:geo:*:country",
  20. "match_mapping_type": "*",
  21. "mapping": {
  22. "type": "keyword"
  23. }
  24. }
  25. },
  26. {
  27. "geo_city": {
  28. "match": "enrichments:geo:*:city",
  29. "match_mapping_type": "*",
  30. "mapping": {
  31. "type": "keyword"
  32. }
  33. }
  34. },
  35. {
  36. "geo_location_id": {
  37. "match": "enrichments:geo:*:locID",
  38. "match_mapping_type": "*",
  39. "mapping": {
  40. "type": "keyword"
  41. }
  42. }
  43. },
  44. {
  45. "geo_dma_code": {
  46. "match": "enrichments:geo:*:dmaCode",
  47. "match_mapping_type": "*",
  48. "mapping": {
  49. "type": "keyword"
  50. }
  51. }
  52. },
  53. {
  54. "geo_postal_code": {
  55. "match": "enrichments:geo:*:postalCode",
  56. "match_mapping_type": "*",
  57. "mapping": {
  58. "type": "keyword"
  59. }
  60. }
  61. },
  62. {
  63. "geo_latitude": {
  64. "match": "enrichments:geo:*:latitude",
  65. "match_mapping_type": "*",
  66. "mapping": {
  67. "type": "float"
  68. }
  69. }
  70. },
  71. {
  72. "geo_longitude": {
  73. "match": "enrichments:geo:*:longitude",
  74. "match_mapping_type": "*",
  75. "mapping": {
  76. "type": "float"
  77. }
  78. }
  79. },
  80. {
  81. "timestamps": {
  82. "match": "*:ts",
  83. "match_mapping_type": "*",
  84. "mapping": {
  85. "type": "date",
  86. "format": "epoch_millis"
  87. }
  88. }
  89. },
  90. {
  91. "threat_triage_score": {
  92. "mapping": {
  93. "type": "float"
  94. },
  95. "match": "threat:triage:*score",
  96. "match_mapping_type": "*"
  97. }
  98. },
  99. {
  100. "threat_triage_reason": {
  101. "mapping": {
  102. "type": "text",
  103. "fielddata": "true"
  104. },
  105. "match": "threat:triage:rules:*:reason",
  106. "match_mapping_type": "*"
  107. }
  108. }
  109. ],
  110. "properties": {
  111. "action": {
  112. "type": "keyword"
  113. },
  114. "bytes": {
  115. "type": "long"
  116. },
  117. "code": {
  118. "type": "long"
  119. },
  120. "domain_without_subdomains": {
  121. "type": "keyword"
  122. },
  123. "elapsed": {
  124. "type": "long"
  125. },
  126. "full_hostname": {
  127. "type": "keyword"
  128. },
  129. "guid": {
  130. "type": "keyword"
  131. },
  132. "ip_dst_addr": {
  133. "type": "ip"
  134. },
  135. "ip_src_addr": {
  136. "type": "ip"
  137. },
  138. "is_alert": {
  139. "type": "keyword"
  140. },
  141. "is_potential_typosquat": {
  142. "type": "boolean"
  143. },
  144. "method": {
  145. "type": "keyword"
  146. },
  147. "original_text": {
  148. "type": "text"
  149. },
  150. "source:type": {
  151. "type": "keyword"
  152. },
  153. "timestamp": {
  154. "type": "date",
  155. "format": "epoch_millis"
  156. },
  157. "url": {
  158. "type": "keyword"
  159. },
  160. "alert": {
  161. "type": "nested"
  162. }
  163. }
  164. }
  165. }
  166. }
RAW Paste Data