arch.plugin.x-pack-template-resources.8.17.2.source-code.ecs@mappings.json Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of x-pack-template-resources Show documentation
Show all versions of x-pack-template-resources Show documentation
Elasticsearch subproject :x-pack:plugin:core:template-resources
{
"template": {
"mappings": {
"dynamic_templates": [
{
"ecs_timestamp": {
"mapping": {
"ignore_malformed": false,
"type": "date"
},
"match": "@timestamp"
}
},
{
"ecs_message_match_only_text": {
"mapping": {
"type": "match_only_text"
},
"path_match": [
"message",
"*.message"
],
"unmatch_mapping_type": "object"
}
},
{
"ecs_non_indexed_keyword": {
"mapping": {
"type": "keyword",
"index": false,
"doc_values": false
},
"path_match": [
"*event.original"
]
}
},
{
"ecs_non_indexed_long": {
"mapping": {
"type": "long",
"index": false,
"doc_values": false
},
"path_match": [
"*.x509.public_key_exponent"
]
}
},
{
"ecs_ip": {
"mapping": {
"type": "ip"
},
"path_match": [
"ip",
"*.ip",
"*_ip"
],
"match_mapping_type": "string"
}
},
{
"ecs_wildcard": {
"mapping": {
"type": "wildcard"
},
"path_match": [
"*.io.text",
"*.message_id",
"*registry.data.strings",
"*url.path"
],
"unmatch_mapping_type": "object"
}
},
{
"ecs_path_match_wildcard_and_match_only_text": {
"mapping": {
"fields": {
"text": {
"type": "match_only_text"
}
},
"type": "wildcard"
},
"path_match": [
"*.body.content",
"*url.full",
"*url.original"
],
"unmatch_mapping_type": "object"
}
},
{
"ecs_match_wildcard_and_match_only_text": {
"mapping": {
"fields": {
"text": {
"type": "match_only_text"
}
},
"type": "wildcard"
},
"match": [
"*command_line",
"*stack_trace"
],
"unmatch_mapping_type": "object"
}
},
{
"ecs_path_match_keyword_and_match_only_text": {
"mapping": {
"fields": {
"text": {
"type": "match_only_text"
}
},
"type": "keyword"
},
"path_match": [
"*.title",
"*.executable",
"*.name",
"*.working_directory",
"*.full_name",
"*file.path",
"*file.target_path",
"*os.full",
"*email.subject",
"*vulnerability.description",
"*user_agent.original"
],
"unmatch_mapping_type": "object"
}
},
{
"ecs_date": {
"mapping": {
"type": "date"
},
"path_match": [
"*.timestamp",
"*_timestamp",
"*.not_after",
"*.not_before",
"*.accessed",
"created",
"*.created",
"*.installed",
"*.creation_date",
"*.ctime",
"*.mtime",
"ingested",
"*.ingested",
"*.start",
"*.end",
"*.indicator.first_seen",
"*.indicator.last_seen",
"*.indicator.modified_at",
"*threat.enrichments.matched.occurred"
],
"unmatch_mapping_type": "object"
}
},
{
"ecs_path_match_float": {
"mapping": {
"type": "float"
},
"path_match": [
"*.score.*",
"*_score*"
],
"path_unmatch": "*.version",
"unmatch_mapping_type": "object"
}
},
{
"ecs_usage_double_scaled_float": {
"mapping": {
"type": "scaled_float",
"scaling_factor": 1000
},
"path_match": "*.usage",
"match_mapping_type": ["double", "long", "string"]
}
},
{
"ecs_geo_point": {
"mapping": {
"type": "geo_point"
},
"path_match": [
"*.geo.location"
]
}
},
{
"ecs_flattened": {
"mapping": {
"type": "flattened"
},
"path_match": [
"*structured_data",
"*exports",
"*imports"
],
"match_mapping_type": "object"
}
},
{
"all_strings_to_keywords": {
"mapping": {
"ignore_above": 1024,
"type": "keyword"
},
"match_mapping_type": "string"
}
}
]
}
},
"_meta": {
"description": "dynamic mappings based on ECS, installed by x-pack",
"managed": true
},
"version": ${xpack.stack.template.version},
"deprecated": ${xpack.stack.template.deprecated}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy