API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 17th, 2017
224
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.37 KB | None | 0 0
raw download clone embed print report
  1. {
  2. "filebeat-6.0.0": {
  3. "order": 1,
  4. "index_patterns": [
  5. "filebeat-6.0.0-*"
  6. ],
  7. "settings": {
  8. "index": {
  9. "number_of_shards": "3",
  10. "mapping": {
  11. "total_fields": {
  12. "limit": "10000"
  13. }
  14. },
  15. "refresh_interval": "5s"
  16. }
  17. },
  18. "mappings": {
  19. "doc": {
  20. "_meta": {
  21. "version": "6.0.0"
  22. },
  23. "date_detection": false,
  24. "dynamic_templates": [
  25. {
  26. "fields": {
  27. "mapping": {
  28. "type": "keyword"
  29. },
  30. "match_mapping_type": "string",
  31. "path_match": "fields.*"
  32. }
  33. },
  34. {
  35. "docker.container.labels": {
  36. "mapping": {
  37. "type": "keyword"
  38. },
  39. "match_mapping_type": "string",
  40. "path_match": "docker.container.labels.*"
  41. }
  42. },
  43. {
  44. "strings_as_keyword": {
  45. "mapping": {
  46. "ignore_above": 1024,
  47. "type": "keyword"
  48. },
  49. "match_mapping_type": "string"
  50. }
  51. }
  52. ],
  53. "properties": {
  54. "tags": {
  55. "type": "keyword",
  56. "ignore_above": 1024
  57. },
  58. "fields": {
  59. "type": "object"
  60. },
  61. "kubernetes": {
  62. "properties": {
  63. "pod": {
  64. "properties": {
  65. "name": {
  66. "type": "keyword",
  67. "ignore_above": 1024
  68. }
  69. }
  70. },
  71. "namespace": {
  72. "type": "keyword",
  73. "ignore_above": 1024
  74. },
  75. "labels": {
  76. "type": "object"
  77. },
  78. "annotations": {
  79. "type": "object"
  80. },
  81. "container": {
  82. "properties": {
  83. "name": {
  84. "type": "keyword",
  85. "ignore_above": 1024
  86. },
  87. "image": {
  88. "type": "keyword",
  89. "ignore_above": 1024
  90. }
  91. }
  92. }
  93. }
  94. },
  95. "offset": {
  96. "type": "long"
  97. },
  98. "auditd": {
  99. "properties": {
  100. "log": {
  101. "properties": {
  102. "old_auid": {
  103. "type": "keyword",
  104. "ignore_above": 1024
  105. },
  106. "new_auid": {
  107. "type": "keyword",
  108. "ignore_above": 1024
  109. },
  110. "new_ses": {
  111. "type": "keyword",
  112. "ignore_above": 1024
  113. },
  114. "sequence": {
  115. "type": "long"
  116. },
  117. "item": {
  118. "type": "keyword",
  119. "ignore_above": 1024
  120. },
  121. "a0": {
  122. "type": "keyword",
  123. "ignore_above": 1024
  124. },
  125. "res": {
  126. "type": "keyword",
  127. "ignore_above": 1024
  128. },
  129. "pid": {
  130. "type": "keyword",
  131. "ignore_above": 1024
  132. },
  133. "ppid": {
  134. "type": "keyword",
  135. "ignore_above": 1024
  136. },
  137. "items": {
  138. "type": "keyword",
  139. "ignore_above": 1024
  140. },
  141. "record_type": {
  142. "type": "keyword",
  143. "ignore_above": 1024
  144. },
  145. "old_ses": {
  146. "type": "keyword",
  147. "ignore_above": 1024
  148. },
  149. "acct": {
  150. "type": "keyword",
  151. "ignore_above": 1024
  152. },
  153. "geoip": {
  154. "properties": {
  155. "continent_name": {
  156. "type": "keyword",
  157. "ignore_above": 1024
  158. },
  159. "city_name": {
  160. "type": "keyword",
  161. "ignore_above": 1024
  162. },
  163. "region_name": {
  164. "type": "keyword",
  165. "ignore_above": 1024
  166. },
  167. "country_iso_code": {
  168. "type": "keyword",
  169. "ignore_above": 1024
  170. },
  171. "location": {
  172. "type": "geo_point"
  173. }
  174. }
  175. }
  176. }
  177. }
  178. }
  179. },
  180. "mysql": {
  181. "properties": {
  182. "slowlog": {
  183. "properties": {
  184. "rows_sent": {
  185. "type": "long"
  186. },
  187. "rows_examined": {
  188. "type": "long"
  189. },
  190. "timestamp": {
  191. "type": "long"
  192. },
  193. "query": {
  194. "type": "keyword",
  195. "ignore_above": 1024
  196. },
  197. "id": {
  198. "type": "long"
  199. },
  200. "host": {
  201. "type": "keyword",
  202. "ignore_above": 1024
  203. },
  204. "query_time": {
  205. "properties": {
  206. "sec": {
  207. "type": "float"
  208. }
  209. }
  210. },
  211. "lock_time": {
  212. "properties": {
  213. "sec": {
  214. "type": "float"
  215. }
  216. }
  217. },
  218. "user": {
  219. "type": "keyword",
  220. "ignore_above": 1024
  221. },
  222. "ip": {
  223. "type": "keyword",
  224. "ignore_above": 1024
  225. }
  226. }
  227. },
  228. "error": {
  229. "properties": {
  230. "timestamp": {
  231. "type": "keyword",
  232. "ignore_above": 1024
  233. },
  234. "thread_id": {
  235. "type": "long"
  236. },
  237. "level": {
  238. "type": "keyword",
  239. "ignore_above": 1024
  240. },
  241. "message": {
  242. "type": "text",
  243. "norms": false
  244. }
  245. }
  246. }
  247. }
  248. },
  249. "nginx": {
  250. "properties": {
  251. "access": {
  252. "properties": {
  253. "body_sent": {
  254. "properties": {
  255. "bytes": {
  256. "type": "long"
  257. }
  258. }
  259. },
  260. "referrer": {
  261. "type": "keyword",
  262. "ignore_above": 1024
  263. },
  264. "user_agent": {
  265. "properties": {
  266. "os_name": {
  267. "ignore_above": 1024,
  268. "type": "keyword"
  269. },
  270. "name": {
  271. "type": "keyword",
  272. "ignore_above": 1024
  273. },
  274. "os": {
  275. "type": "keyword",
  276. "ignore_above": 1024
  277. },
  278. "os_major": {
  279. "type": "long"
  280. },
  281. "patch": {
  282. "type": "keyword",
  283. "ignore_above": 1024
  284. },
  285. "os_minor": {
  286. "type": "long"
  287. },
  288. "device": {
  289. "type": "keyword",
  290. "ignore_above": 1024
  291. },
  292. "major": {
  293. "type": "long"
  294. },
  295. "minor": {
  296. "type": "long"
  297. }
  298. }
  299. },
  300. "remote_ip": {
  301. "type": "keyword",
  302. "ignore_above": 1024
  303. },
  304. "method": {
  305. "type": "keyword",
  306. "ignore_above": 1024
  307. },
  308. "url": {
  309. "type": "keyword",
  310. "ignore_above": 1024
  311. },
  312. "http_version": {
  313. "type": "keyword",
  314. "ignore_above": 1024
  315. },
  316. "response_code": {
  317. "type": "long"
  318. },
  319. "geoip": {
  320. "properties": {
  321. "continent_name": {
  322. "type": "keyword",
  323. "ignore_above": 1024
  324. },
  325. "country_iso_code": {
  326. "ignore_above": 1024,
  327. "type": "keyword"
  328. },
  329. "location": {
  330. "type": "geo_point"
  331. },
  332. "region_name": {
  333. "type": "keyword",
  334. "ignore_above": 1024
  335. },
  336. "city_name": {
  337. "type": "keyword",
  338. "ignore_above": 1024
  339. }
  340. }
  341. },
  342. "user_name": {
  343. "type": "keyword",
  344. "ignore_above": 1024
  345. },
  346. "agent": {
  347. "type": "text",
  348. "norms": false
  349. }
  350. }
  351. },
  352. "error": {
  353. "properties": {
  354. "tid": {
  355. "type": "long"
  356. },
  357. "connection_id": {
  358. "type": "long"
  359. },
  360. "message": {
  361. "type": "text",
  362. "norms": false
  363. },
  364. "level": {
  365. "type": "keyword",
  366. "ignore_above": 1024
  367. },
  368. "pid": {
  369. "type": "long"
  370. }
  371. }
  372. }
  373. }
  374. },
  375. "docker": {
  376. "properties": {
  377. "container": {
  378. "properties": {
  379. "id": {
  380. "type": "keyword",
  381. "ignore_above": 1024
  382. },
  383. "image": {
  384. "ignore_above": 1024,
  385. "type": "keyword"
  386. },
  387. "name": {
  388. "type": "keyword",
  389. "ignore_above": 1024
  390. },
  391. "labels": {
  392. "type": "object"
  393. }
  394. }
  395. }
  396. }
  397. },
  398. "icinga": {
  399. "properties": {
  400. "debug": {
  401. "properties": {
  402. "facility": {
  403. "type": "keyword",
  404. "ignore_above": 1024
  405. },
  406. "severity": {
  407. "type": "keyword",
  408. "ignore_above": 1024
  409. },
  410. "message": {
  411. "type": "text",
  412. "norms": false
  413. }
  414. }
  415. },
  416. "main": {
  417. "properties": {
  418. "facility": {
  419. "type": "keyword",
  420. "ignore_above": 1024
  421. },
  422. "severity": {
  423. "type": "keyword",
  424. "ignore_above": 1024
  425. },
  426. "message": {
  427. "type": "text",
  428. "norms": false
  429. }
  430. }
  431. },
  432. "startup": {
  433. "properties": {
  434. "facility": {
  435. "type": "keyword",
  436. "ignore_above": 1024
  437. },
  438. "severity": {
  439. "type": "keyword",
  440. "ignore_above": 1024
  441. },
  442. "message": {
  443. "type": "text",
  444. "norms": false
  445. }
  446. }
  447. }
  448. }
  449. },
  450. "system": {
  451. "properties": {
  452. "syslog": {
  453. "properties": {
  454. "timestamp": {
  455. "type": "keyword",
  456. "ignore_above": 1024
  457. },
  458. "hostname": {
  459. "type": "keyword",
  460. "ignore_above": 1024
  461. },
  462. "program": {
  463. "type": "keyword",
  464. "ignore_above": 1024
  465. },
  466. "pid": {
  467. "ignore_above": 1024,
  468. "type": "keyword"
  469. },
  470. "message": {
  471. "type": "keyword",
  472. "ignore_above": 1024
  473. }
  474. }
  475. },
  476. "auth": {
  477. "properties": {
  478. "sudo": {
  479. "properties": {
  480. "user": {
  481. "type": "keyword",
  482. "ignore_above": 1024
  483. },
  484. "command": {
  485. "type": "keyword",
  486. "ignore_above": 1024
  487. },
  488. "error": {
  489. "type": "keyword",
  490. "ignore_above": 1024
  491. },
  492. "tty": {
  493. "type": "keyword",
  494. "ignore_above": 1024
  495. },
  496. "pwd": {
  497. "type": "keyword",
  498. "ignore_above": 1024
  499. }
  500. }
  501. },
  502. "useradd": {
  503. "properties": {
  504. "name": {
  505. "type": "keyword",
  506. "ignore_above": 1024
  507. },
  508. "uid": {
  509. "type": "long"
  510. },
  511. "gid": {
  512. "type": "long"
  513. },
  514. "home": {
  515. "type": "keyword",
  516. "ignore_above": 1024
  517. },
  518. "shell": {
  519. "type": "keyword",
  520. "ignore_above": 1024
  521. }
  522. }
  523. },
  524. "groupadd": {
  525. "properties": {
  526. "name": {
  527. "type": "keyword",
  528. "ignore_above": 1024
  529. },
  530. "gid": {
  531. "type": "long"
  532. }
  533. }
  534. },
  535. "program": {
  536. "type": "keyword",
  537. "ignore_above": 1024
  538. },
  539. "message": {
  540. "type": "keyword",
  541. "ignore_above": 1024
  542. },
  543. "pid": {
  544. "type": "long"
  545. },
  546. "user": {
  547. "type": "keyword",
  548. "ignore_above": 1024
  549. },
  550. "ssh": {
  551. "properties": {
  552. "signature": {
  553. "type": "keyword",
  554. "ignore_above": 1024
  555. },
  556. "geoip": {
  557. "properties": {
  558. "location": {
  559. "type": "geo_point"
  560. },
  561. "continent_name": {
  562. "type": "keyword",
  563. "ignore_above": 1024
  564. },
  565. "city_name": {
  566. "type": "keyword",
  567. "ignore_above": 1024
  568. },
  569. "region_name": {
  570. "type": "keyword",
  571. "ignore_above": 1024
  572. },
  573. "country_iso_code": {
  574. "type": "keyword",
  575. "ignore_above": 1024
  576. }
  577. }
  578. },
  579. "event": {
  580. "type": "keyword",
  581. "ignore_above": 1024
  582. },
  583. "method": {
  584. "type": "keyword",
  585. "ignore_above": 1024
  586. },
  587. "ip": {
  588. "type": "ip"
  589. },
  590. "dropped_ip": {
  591. "type": "ip"
  592. },
  593. "port": {
  594. "type": "long"
  595. }
  596. }
  597. },
  598. "timestamp": {
  599. "type": "keyword",
  600. "ignore_above": 1024
  601. },
  602. "hostname": {
  603. "type": "keyword",
  604. "ignore_above": 1024
  605. }
  606. }
  607. }
  608. }
  609. },
  610. "beat": {
  611. "properties": {
  612. "name": {
  613. "type": "keyword",
  614. "ignore_above": 1024
  615. },
  616. "hostname": {
  617. "type": "keyword",
  618. "ignore_above": 1024
  619. },
  620. "timezone": {
  621. "type": "keyword",
  622. "ignore_above": 1024
  623. },
  624. "version": {
  625. "type": "keyword",
  626. "ignore_above": 1024
  627. }
  628. }
  629. },
  630. "error": {
  631. "properties": {
  632. "type": {
  633. "type": "keyword",
  634. "ignore_above": 1024
  635. },
  636. "message": {
  637. "type": "text",
  638. "norms": false
  639. },
  640. "code": {
  641. "type": "long"
  642. }
  643. }
  644. },
  645. "message": {
  646. "type": "text",
  647. "norms": false
  648. },
  649. "read_timestamp": {
  650. "type": "keyword",
  651. "ignore_above": 1024
  652. },
  653. "fileset": {
  654. "properties": {
  655. "module": {
  656. "type": "keyword",
  657. "ignore_above": 1024
  658. },
  659. "name": {
  660. "type": "keyword",
  661. "ignore_above": 1024
  662. }
  663. }
  664. },
  665. "apache2": {
  666. "properties": {
  667. "error": {
  668. "properties": {
  669. "pid": {
  670. "type": "long"
  671. },
  672. "tid": {
  673. "type": "long"
  674. },
  675. "module": {
  676. "type": "keyword",
  677. "ignore_above": 1024
  678. },
  679. "level": {
  680. "type": "keyword",
  681. "ignore_above": 1024
  682. },
  683. "client": {
  684. "type": "keyword",
  685. "ignore_above": 1024
  686. },
  687. "message": {
  688. "type": "text",
  689. "norms": false
  690. }
  691. }
  692. },
  693. "access": {
  694. "properties": {
  695. "user_agent": {
  696. "properties": {
  697. "major": {
  698. "type": "long"
  699. },
  700. "patch": {
  701. "type": "keyword",
  702. "ignore_above": 1024
  703. },
  704. "os": {
  705. "type": "keyword",
  706. "ignore_above": 1024
  707. },
  708. "os_major": {
  709. "type": "long"
  710. },
  711. "os_minor": {
  712. "type": "long"
  713. },
  714. "os_name": {
  715. "type": "keyword",
  716. "ignore_above": 1024
  717. },
  718. "device": {
  719. "type": "keyword",
  720. "ignore_above": 1024
  721. },
  722. "minor": {
  723. "type": "long"
  724. },
  725. "name": {
  726. "type": "keyword",
  727. "ignore_above": 1024
  728. }
  729. }
  730. },
  731. "method": {
  732. "type": "keyword",
  733. "ignore_above": 1024
  734. },
  735. "url": {
  736. "type": "keyword",
  737. "ignore_above": 1024
  738. },
  739. "http_version": {
  740. "type": "keyword",
  741. "ignore_above": 1024
  742. },
  743. "body_sent": {
  744. "properties": {
  745. "bytes": {
  746. "type": "long"
  747. }
  748. }
  749. },
  750. "agent": {
  751. "norms": false,
  752. "type": "text"
  753. },
  754. "geoip": {
  755. "properties": {
  756. "continent_name": {
  757. "type": "keyword",
  758. "ignore_above": 1024
  759. },
  760. "country_iso_code": {
  761. "type": "keyword",
  762. "ignore_above": 1024
  763. },
  764. "location": {
  765. "type": "geo_point"
  766. },
  767. "region_name": {
  768. "type": "keyword",
  769. "ignore_above": 1024
  770. },
  771. "city_name": {
  772. "type": "keyword",
  773. "ignore_above": 1024
  774. }
  775. }
  776. },
  777. "remote_ip": {
  778. "type": "keyword",
  779. "ignore_above": 1024
  780. },
  781. "user_name": {
  782. "type": "keyword",
  783. "ignore_above": 1024
  784. },
  785. "response_code": {
  786. "type": "long"
  787. },
  788. "referrer": {
  789. "ignore_above": 1024,
  790. "type": "keyword"
  791. }
  792. }
  793. }
  794. }
  795. },
  796. "redis": {
  797. "properties": {
  798. "log": {
  799. "properties": {
  800. "pid": {
  801. "type": "long"
  802. },
  803. "role": {
  804. "ignore_above": 1024,
  805. "type": "keyword"
  806. },
  807. "level": {
  808. "type": "keyword",
  809. "ignore_above": 1024
  810. },
  811. "message": {
  812. "type": "text",
  813. "norms": false
  814. }
  815. }
  816. },
  817. "slowlog": {
  818. "properties": {
  819. "cmd": {
  820. "type": "keyword",
  821. "ignore_above": 1024
  822. },
  823. "duration": {
  824. "properties": {
  825. "us": {
  826. "type": "long"
  827. }
  828. }
  829. },
  830. "id": {
  831. "type": "long"
  832. },
  833. "key": {
  834. "type": "keyword",
  835. "ignore_above": 1024
  836. },
  837. "args": {
  838. "type": "keyword",
  839. "ignore_above": 1024
  840. }
  841. }
  842. }
  843. }
  844. },
  845. "@timestamp": {
  846. "type": "date"
  847. },
  848. "meta": {
  849. "properties": {
  850. "cloud": {
  851. "properties": {
  852. "machine_type": {
  853. "ignore_above": 1024,
  854. "type": "keyword"
  855. },
  856. "availability_zone": {
  857. "type": "keyword",
  858. "ignore_above": 1024
  859. },
  860. "project_id": {
  861. "type": "keyword",
  862. "ignore_above": 1024
  863. },
  864. "region": {
  865. "type": "keyword",
  866. "ignore_above": 1024
  867. },
  868. "provider": {
  869. "type": "keyword",
  870. "ignore_above": 1024
  871. },
  872. "instance_id": {
  873. "type": "keyword",
  874. "ignore_above": 1024
  875. },
  876. "instance_name": {
  877. "type": "keyword",
  878. "ignore_above": 1024
  879. }
  880. }
  881. }
  882. }
  883. },
  884. "source": {
  885. "type": "keyword",
  886. "ignore_above": 1024
  887. },
  888. "prospector": {
  889. "properties": {
  890. "type": {
  891. "type": "keyword",
  892. "ignore_above": 1024
  893. }
  894. }
  895. }
  896. }
  897. }
  898. },
  899. "aliases": {}
  900. }
  901. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!