bmaeuser/pfsense-analytics
1
0
Fork 0
mirror of https://github.com/lephisto/pfsense-analytics.git synced 2025-12-06 04:19:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Initial Adjustments for Graylog4 and Elasticsearch 7

Browse Source
This commit is contained in:
Bastian Mäuser
2021-02-21 02:28:26 +01:00
parent 1fcf407b1d
commit b58de6c874
8 changed files with 3847 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
Elasticsearch_pfsense_custom_template/pfsense_custom_template_es7.json Normal file
View File

@@ -0,0 +1,92 @@
{
"order": -1,
"index_patterns": [
"pfsense_*"
],
"settings": {
"index": {
"analysis": {
"analyzer": {
"analyzer_keyword": {
"filter": "lowercase",
"tokenizer": "keyword"
}
}
}
}
},
"mappings": {
"_source": {
"enabled": true
},
"dynamic_templates": [
{
"internal_fields": {
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string",
"match": "gl2_*"
}
},
{
"store_generic": {
"mapping": {
"type": "keyword"
},
"match_mapping_type": "string"
}
}
],
"properties": {
"src_location": {
"type": "geo_point"
},
"gl2_processing_timestamp": {
"format": "uuuu-MM-dd HH:mm:ss.SSS",
"type": "date"
},
"gl2_accounted_message_size": {
"type": "long"
},
"dst_location": {
"type": "geo_point"
},
"gl2_receive_timestamp": {
"format": "uuuu-MM-dd HH:mm:ss.SSS",
"type": "date"
},
"full_message": {
"fielddata": false,
"analyzer": "standard",
"type": "text"
},
"streams": {
"type": "keyword"
},
"dest_ip_geolocation": {
"copy_to": "dst_location",
"type": "text"
},
"src_ip_geolocation": {
"copy_to": "src_location",
"type": "text"
},
"source": {
"fielddata": true,
"analyzer": "analyzer_keyword",
"type": "text"
},
"message": {
"fielddata": false,
"analyzer": "standard",
"type": "text"
},
"timestamp": {
"format": "uuuu-MM-dd HH:mm:ss.SSS",
"type": "date"
}
}
},
"aliases": {}
}