logstash-output-elasticsearch 11.2.0-java → 11.3.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +14 -0
  3. data/lib/logstash/outputs/elasticsearch/http_client/pool.rb +4 -4
  4. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-6x.json +925 -180
  5. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-7x.json +926 -184
  6. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-8x.json +3695 -0
  7. data/lib/logstash/outputs/elasticsearch/templates/ecs-v8/elasticsearch-7x.json +5777 -0
  8. data/lib/logstash/outputs/elasticsearch/templates/ecs-v8/elasticsearch-8x.json +5782 -0
  9. data/lib/logstash/outputs/elasticsearch.rb +6 -1
  10. data/logstash-output-elasticsearch.gemspec +1 -1
  11. data/spec/integration/outputs/templates_spec.rb +100 -65
  12. data/spec/unit/outputs/elasticsearch/template_manager_spec.rb +6 -0
  13. metadata +5 -2
data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-7x.json CHANGED
@@ -4,7 +4,7 @@
4
4
  ],
5
5
  "mappings": {
6
6
  "_meta": {
7
- "version": "1.5.0"
7
+ "version": "1.10.0"
8
8
  },
9
9
  "date_detection": false,
10
10
  "dynamic_templates": [
@@ -24,6 +24,14 @@
24
24
  },
25
25
  "agent": {
26
26
  "properties": {
27
+ "build": {
28
+ "properties": {
29
+ "original": {
30
+ "ignore_above": 1024,
31
+ "type": "keyword"
32
+ }
33
+ }
34
+ },
27
35
  "ephemeral_id": {
28
36
  "ignore_above": 1024,
29
37
  "type": "keyword"
@@ -46,27 +54,6 @@
46
54
  }
47
55
  }
48
56
  },
49
- "as": {
50
- "properties": {
51
- "number": {
52
- "type": "long"
53
- },
54
- "organization": {
55
- "properties": {
56
- "name": {
57
- "fields": {
58
- "text": {
59
- "norms": false,
60
- "type": "text"
61
- }
62
- },
63
- "ignore_above": 1024,
64
- "type": "keyword"
65
- }
66
- }
67
- }
68
- }
69
- },
70
57
  "client": {
71
58
  "properties": {
72
59
  "address": {
@@ -107,6 +94,10 @@
107
94
  "ignore_above": 1024,
108
95
  "type": "keyword"
109
96
  },
97
+ "continent_code": {
98
+ "ignore_above": 1024,
99
+ "type": "keyword"
100
+ },
110
101
  "continent_name": {
111
102
  "ignore_above": 1024,
112
103
  "type": "keyword"
@@ -126,6 +117,10 @@
126
117
  "ignore_above": 1024,
127
118
  "type": "keyword"
128
119
  },
120
+ "postal_code": {
121
+ "ignore_above": 1024,
122
+ "type": "keyword"
123
+ },
129
124
  "region_iso_code": {
130
125
  "ignore_above": 1024,
131
126
  "type": "keyword"
@@ -133,6 +128,10 @@
133
128
  "region_name": {
134
129
  "ignore_above": 1024,
135
130
  "type": "keyword"
131
+ },
132
+ "timezone": {
133
+ "ignore_above": 1024,
134
+ "type": "keyword"
136
135
  }
137
136
  }
138
137
  },
@@ -163,6 +162,10 @@
163
162
  "ignore_above": 1024,
164
163
  "type": "keyword"
165
164
  },
165
+ "subdomain": {
166
+ "ignore_above": 1024,
167
+ "type": "keyword"
168
+ },
166
169
  "top_level_domain": {
167
170
  "ignore_above": 1024,
168
171
  "type": "keyword"
@@ -220,6 +223,10 @@
220
223
  },
221
224
  "ignore_above": 1024,
222
225
  "type": "keyword"
226
+ },
227
+ "roles": {
228
+ "ignore_above": 1024,
229
+ "type": "keyword"
223
230
  }
224
231
  }
225
232
  }
@@ -232,6 +239,10 @@
232
239
  "id": {
233
240
  "ignore_above": 1024,
234
241
  "type": "keyword"
242
+ },
243
+ "name": {
244
+ "ignore_above": 1024,
245
+ "type": "keyword"
235
246
  }
236
247
  }
237
248
  },
@@ -259,6 +270,18 @@
259
270
  }
260
271
  }
261
272
  },
273
+ "project": {
274
+ "properties": {
275
+ "id": {
276
+ "ignore_above": 1024,
277
+ "type": "keyword"
278
+ },
279
+ "name": {
280
+ "ignore_above": 1024,
281
+ "type": "keyword"
282
+ }
283
+ }
284
+ },
262
285
  "provider": {
263
286
  "ignore_above": 1024,
264
287
  "type": "keyword"
@@ -266,27 +289,14 @@
266
289
  "region": {
267
290
  "ignore_above": 1024,
268
291
  "type": "keyword"
269
- }
270
- }
271
- },
272
- "code_signature": {
273
- "properties": {
274
- "exists": {
275
- "type": "boolean"
276
- },
277
- "status": {
278
- "ignore_above": 1024,
279
- "type": "keyword"
280
- },
281
- "subject_name": {
282
- "ignore_above": 1024,
283
- "type": "keyword"
284
- },
285
- "trusted": {
286
- "type": "boolean"
287
292
  },
288
- "valid": {
289
- "type": "boolean"
293
+ "service": {
294
+ "properties": {
295
+ "name": {
296
+ "ignore_above": 1024,
297
+ "type": "keyword"
298
+ }
299
+ }
290
300
  }
291
301
  }
292
302
  },
@@ -321,6 +331,19 @@
321
331
  }
322
332
  }
323
333
  },
334
+ "data_stream": {
335
+ "properties": {
336
+ "dataset": {
337
+ "type": "constant_keyword"
338
+ },
339
+ "namespace": {
340
+ "type": "constant_keyword"
341
+ },
342
+ "type": {
343
+ "type": "constant_keyword"
344
+ }
345
+ }
346
+ },
324
347
  "destination": {
325
348
  "properties": {
326
349
  "address": {
@@ -361,6 +384,10 @@
361
384
  "ignore_above": 1024,
362
385
  "type": "keyword"
363
386
  },
387
+ "continent_code": {
388
+ "ignore_above": 1024,
389
+ "type": "keyword"
390
+ },
364
391
  "continent_name": {
365
392
  "ignore_above": 1024,
366
393
  "type": "keyword"
@@ -380,6 +407,10 @@
380
407
  "ignore_above": 1024,
381
408
  "type": "keyword"
382
409
  },
410
+ "postal_code": {
411
+ "ignore_above": 1024,
412
+ "type": "keyword"
413
+ },
383
414
  "region_iso_code": {
384
415
  "ignore_above": 1024,
385
416
  "type": "keyword"
@@ -387,6 +418,10 @@
387
418
  "region_name": {
388
419
  "ignore_above": 1024,
389
420
  "type": "keyword"
421
+ },
422
+ "timezone": {
423
+ "ignore_above": 1024,
424
+ "type": "keyword"
390
425
  }
391
426
  }
392
427
  },
@@ -417,6 +452,10 @@
417
452
  "ignore_above": 1024,
418
453
  "type": "keyword"
419
454
  },
455
+ "subdomain": {
456
+ "ignore_above": 1024,
457
+ "type": "keyword"
458
+ },
420
459
  "top_level_domain": {
421
460
  "ignore_above": 1024,
422
461
  "type": "keyword"
@@ -474,6 +513,10 @@
474
513
  },
475
514
  "ignore_above": 1024,
476
515
  "type": "keyword"
516
+ },
517
+ "roles": {
518
+ "ignore_above": 1024,
519
+ "type": "keyword"
477
520
  }
478
521
  }
479
522
  }
@@ -486,6 +529,10 @@
486
529
  "exists": {
487
530
  "type": "boolean"
488
531
  },
532
+ "signing_id": {
533
+ "ignore_above": 1024,
534
+ "type": "keyword"
535
+ },
489
536
  "status": {
490
537
  "ignore_above": 1024,
491
538
  "type": "keyword"
@@ -494,6 +541,10 @@
494
541
  "ignore_above": 1024,
495
542
  "type": "keyword"
496
543
  },
544
+ "team_id": {
545
+ "ignore_above": 1024,
546
+ "type": "keyword"
547
+ },
497
548
  "trusted": {
498
549
  "type": "boolean"
499
550
  },
@@ -519,6 +570,10 @@
519
570
  "sha512": {
520
571
  "ignore_above": 1024,
521
572
  "type": "keyword"
573
+ },
574
+ "ssdeep": {
575
+ "ignore_above": 1024,
576
+ "type": "keyword"
522
577
  }
523
578
  }
524
579
  },
@@ -532,6 +587,10 @@
532
587
  },
533
588
  "pe": {
534
589
  "properties": {
590
+ "architecture": {
591
+ "ignore_above": 1024,
592
+ "type": "keyword"
593
+ },
535
594
  "company": {
536
595
  "ignore_above": 1024,
537
596
  "type": "keyword"
@@ -544,6 +603,10 @@
544
603
  "ignore_above": 1024,
545
604
  "type": "keyword"
546
605
  },
606
+ "imphash": {
607
+ "ignore_above": 1024,
608
+ "type": "keyword"
609
+ },
547
610
  "original_file_name": {
548
611
  "ignore_above": 1024,
549
612
  "type": "keyword"
@@ -735,6 +798,10 @@
735
798
  "ignore_above": 1024,
736
799
  "type": "keyword"
737
800
  },
801
+ "reason": {
802
+ "ignore_above": 1024,
803
+ "type": "keyword"
804
+ },
738
805
  "reference": {
739
806
  "ignore_above": 1024,
740
807
  "type": "keyword"
@@ -782,6 +849,10 @@
782
849
  "exists": {
783
850
  "type": "boolean"
784
851
  },
852
+ "signing_id": {
853
+ "ignore_above": 1024,
854
+ "type": "keyword"
855
+ },
785
856
  "status": {
786
857
  "ignore_above": 1024,
787
858
  "type": "keyword"
@@ -790,6 +861,10 @@
790
861
  "ignore_above": 1024,
791
862
  "type": "keyword"
792
863
  },
864
+ "team_id": {
865
+ "ignore_above": 1024,
866
+ "type": "keyword"
867
+ },
793
868
  "trusted": {
794
869
  "type": "boolean"
795
870
  },
@@ -845,6 +920,10 @@
845
920
  "sha512": {
846
921
  "ignore_above": 1024,
847
922
  "type": "keyword"
923
+ },
924
+ "ssdeep": {
925
+ "ignore_above": 1024,
926
+ "type": "keyword"
848
927
  }
849
928
  }
850
929
  },
@@ -883,6 +962,10 @@
883
962
  },
884
963
  "pe": {
885
964
  "properties": {
965
+ "architecture": {
966
+ "ignore_above": 1024,
967
+ "type": "keyword"
968
+ },
886
969
  "company": {
887
970
  "ignore_above": 1024,
888
971
  "type": "keyword"
@@ -895,6 +978,10 @@
895
978
  "ignore_above": 1024,
896
979
  "type": "keyword"
897
980
  },
981
+ "imphash": {
982
+ "ignore_above": 1024,
983
+ "type": "keyword"
984
+ },
898
985
  "original_file_name": {
899
986
  "ignore_above": 1024,
900
987
  "type": "keyword"
@@ -925,41 +1012,112 @@
925
1012
  "uid": {
926
1013
  "ignore_above": 1024,
927
1014
  "type": "keyword"
928
- }
929
- }
930
- },
931
- "geo": {
932
- "properties": {
933
- "city_name": {
934
- "ignore_above": 1024,
935
- "type": "keyword"
936
- },
937
- "continent_name": {
938
- "ignore_above": 1024,
939
- "type": "keyword"
940
- },
941
- "country_iso_code": {
942
- "ignore_above": 1024,
943
- "type": "keyword"
944
- },
945
- "country_name": {
946
- "ignore_above": 1024,
947
- "type": "keyword"
948
- },
949
- "location": {
950
- "type": "geo_point"
951
- },
952
- "name": {
953
- "ignore_above": 1024,
954
- "type": "keyword"
955
- },
956
- "region_iso_code": {
957
- "ignore_above": 1024,
958
- "type": "keyword"
959
1015
  },
960
- "region_name": {
961
- "ignore_above": 1024,
962
- "type": "keyword"
1016
+ "x509": {
1017
+ "properties": {
1018
+ "alternative_names": {
1019
+ "ignore_above": 1024,
1020
+ "type": "keyword"
1021
+ },
1022
+ "issuer": {
1023
+ "properties": {
1024
+ "common_name": {
1025
+ "ignore_above": 1024,
1026
+ "type": "keyword"
1027
+ },
1028
+ "country": {
1029
+ "ignore_above": 1024,
1030
+ "type": "keyword"
1031
+ },
1032
+ "distinguished_name": {
1033
+ "ignore_above": 1024,
1034
+ "type": "keyword"
1035
+ },
1036
+ "locality": {
1037
+ "ignore_above": 1024,
1038
+ "type": "keyword"
1039
+ },
1040
+ "organization": {
1041
+ "ignore_above": 1024,
1042
+ "type": "keyword"
1043
+ },
1044
+ "organizational_unit": {
1045
+ "ignore_above": 1024,
1046
+ "type": "keyword"
1047
+ },
1048
+ "state_or_province": {
1049
+ "ignore_above": 1024,
1050
+ "type": "keyword"
1051
+ }
1052
+ }
1053
+ },
1054
+ "not_after": {
1055
+ "type": "date"
1056
+ },
1057
+ "not_before": {
1058
+ "type": "date"
1059
+ },
1060
+ "public_key_algorithm": {
1061
+ "ignore_above": 1024,
1062
+ "type": "keyword"
1063
+ },
1064
+ "public_key_curve": {
1065
+ "ignore_above": 1024,
1066
+ "type": "keyword"
1067
+ },
1068
+ "public_key_exponent": {
1069
+ "doc_values": false,
1070
+ "index": false,
1071
+ "type": "long"
1072
+ },
1073
+ "public_key_size": {
1074
+ "type": "long"
1075
+ },
1076
+ "serial_number": {
1077
+ "ignore_above": 1024,
1078
+ "type": "keyword"
1079
+ },
1080
+ "signature_algorithm": {
1081
+ "ignore_above": 1024,
1082
+ "type": "keyword"
1083
+ },
1084
+ "subject": {
1085
+ "properties": {
1086
+ "common_name": {
1087
+ "ignore_above": 1024,
1088
+ "type": "keyword"
1089
+ },
1090
+ "country": {
1091
+ "ignore_above": 1024,
1092
+ "type": "keyword"
1093
+ },
1094
+ "distinguished_name": {
1095
+ "ignore_above": 1024,
1096
+ "type": "keyword"
1097
+ },
1098
+ "locality": {
1099
+ "ignore_above": 1024,
1100
+ "type": "keyword"
1101
+ },
1102
+ "organization": {
1103
+ "ignore_above": 1024,
1104
+ "type": "keyword"
1105
+ },
1106
+ "organizational_unit": {
1107
+ "ignore_above": 1024,
1108
+ "type": "keyword"
1109
+ },
1110
+ "state_or_province": {
1111
+ "ignore_above": 1024,
1112
+ "type": "keyword"
1113
+ }
1114
+ }
1115
+ },
1116
+ "version_number": {
1117
+ "ignore_above": 1024,
1118
+ "type": "keyword"
1119
+ }
1120
+ }
963
1121
  }
964
1122
  }
965
1123
  },
@@ -979,42 +1137,52 @@
979
1137
  }
980
1138
  }
981
1139
  },
982
- "hash": {
983
- "properties": {
984
- "md5": {
985
- "ignore_above": 1024,
986
- "type": "keyword"
987
- },
988
- "sha1": {
989
- "ignore_above": 1024,
990
- "type": "keyword"
991
- },
992
- "sha256": {
993
- "ignore_above": 1024,
994
- "type": "keyword"
995
- },
996
- "sha512": {
997
- "ignore_above": 1024,
998
- "type": "keyword"
999
- }
1000
- }
1001
- },
1002
1140
  "host": {
1003
1141
  "properties": {
1004
1142
  "architecture": {
1005
1143
  "ignore_above": 1024,
1006
1144
  "type": "keyword"
1007
1145
  },
1008
- "domain": {
1009
- "ignore_above": 1024,
1010
- "type": "keyword"
1011
- },
1012
- "geo": {
1146
+ "cpu": {
1147
+ "properties": {
1148
+ "usage": {
1149
+ "scaling_factor": 1000,
1150
+ "type": "scaled_float"
1151
+ }
1152
+ }
1153
+ },
1154
+ "disk": {
1155
+ "properties": {
1156
+ "read": {
1157
+ "properties": {
1158
+ "bytes": {
1159
+ "type": "long"
1160
+ }
1161
+ }
1162
+ },
1163
+ "write": {
1164
+ "properties": {
1165
+ "bytes": {
1166
+ "type": "long"
1167
+ }
1168
+ }
1169
+ }
1170
+ }
1171
+ },
1172
+ "domain": {
1173
+ "ignore_above": 1024,
1174
+ "type": "keyword"
1175
+ },
1176
+ "geo": {
1013
1177
  "properties": {
1014
1178
  "city_name": {
1015
1179
  "ignore_above": 1024,
1016
1180
  "type": "keyword"
1017
1181
  },
1182
+ "continent_code": {
1183
+ "ignore_above": 1024,
1184
+ "type": "keyword"
1185
+ },
1018
1186
  "continent_name": {
1019
1187
  "ignore_above": 1024,
1020
1188
  "type": "keyword"
@@ -1034,6 +1202,10 @@
1034
1202
  "ignore_above": 1024,
1035
1203
  "type": "keyword"
1036
1204
  },
1205
+ "postal_code": {
1206
+ "ignore_above": 1024,
1207
+ "type": "keyword"
1208
+ },
1037
1209
  "region_iso_code": {
1038
1210
  "ignore_above": 1024,
1039
1211
  "type": "keyword"
@@ -1041,6 +1213,10 @@
1041
1213
  "region_name": {
1042
1214
  "ignore_above": 1024,
1043
1215
  "type": "keyword"
1216
+ },
1217
+ "timezone": {
1218
+ "ignore_above": 1024,
1219
+ "type": "keyword"
1044
1220
  }
1045
1221
  }
1046
1222
  },
@@ -1063,6 +1239,30 @@
1063
1239
  "ignore_above": 1024,
1064
1240
  "type": "keyword"
1065
1241
  },
1242
+ "network": {
1243
+ "properties": {
1244
+ "egress": {
1245
+ "properties": {
1246
+ "bytes": {
1247
+ "type": "long"
1248
+ },
1249
+ "packets": {
1250
+ "type": "long"
1251
+ }
1252
+ }
1253
+ },
1254
+ "ingress": {
1255
+ "properties": {
1256
+ "bytes": {
1257
+ "type": "long"
1258
+ },
1259
+ "packets": {
1260
+ "type": "long"
1261
+ }
1262
+ }
1263
+ }
1264
+ }
1265
+ },
1066
1266
  "os": {
1067
1267
  "properties": {
1068
1268
  "family": {
@@ -1097,6 +1297,10 @@
1097
1297
  "ignore_above": 1024,
1098
1298
  "type": "keyword"
1099
1299
  },
1300
+ "type": {
1301
+ "ignore_above": 1024,
1302
+ "type": "keyword"
1303
+ },
1100
1304
  "version": {
1101
1305
  "ignore_above": 1024,
1102
1306
  "type": "keyword"
@@ -1163,6 +1367,10 @@
1163
1367
  },
1164
1368
  "ignore_above": 1024,
1165
1369
  "type": "keyword"
1370
+ },
1371
+ "roles": {
1372
+ "ignore_above": 1024,
1373
+ "type": "keyword"
1166
1374
  }
1167
1375
  }
1168
1376
  }
@@ -1192,10 +1400,18 @@
1192
1400
  "bytes": {
1193
1401
  "type": "long"
1194
1402
  },
1403
+ "id": {
1404
+ "ignore_above": 1024,
1405
+ "type": "keyword"
1406
+ },
1195
1407
  "method": {
1196
1408
  "ignore_above": 1024,
1197
1409
  "type": "keyword"
1198
1410
  },
1411
+ "mime_type": {
1412
+ "ignore_above": 1024,
1413
+ "type": "keyword"
1414
+ },
1199
1415
  "referrer": {
1200
1416
  "ignore_above": 1024,
1201
1417
  "type": "keyword"
@@ -1224,6 +1440,10 @@
1224
1440
  "bytes": {
1225
1441
  "type": "long"
1226
1442
  },
1443
+ "mime_type": {
1444
+ "ignore_above": 1024,
1445
+ "type": "keyword"
1446
+ },
1227
1447
  "status_code": {
1228
1448
  "type": "long"
1229
1449
  }
@@ -1235,27 +1455,19 @@
1235
1455
  }
1236
1456
  }
1237
1457
  },
1238
- "interface": {
1239
- "properties": {
1240
- "alias": {
1241
- "ignore_above": 1024,
1242
- "type": "keyword"
1243
- },
1244
- "id": {
1245
- "ignore_above": 1024,
1246
- "type": "keyword"
1247
- },
1248
- "name": {
1249
- "ignore_above": 1024,
1250
- "type": "keyword"
1251
- }
1252
- }
1253
- },
1254
1458
  "labels": {
1255
1459
  "type": "object"
1256
1460
  },
1257
1461
  "log": {
1258
1462
  "properties": {
1463
+ "file": {
1464
+ "properties": {
1465
+ "path": {
1466
+ "ignore_above": 1024,
1467
+ "type": "keyword"
1468
+ }
1469
+ }
1470
+ },
1259
1471
  "level": {
1260
1472
  "ignore_above": 1024,
1261
1473
  "type": "keyword"
@@ -1444,6 +1656,10 @@
1444
1656
  "ignore_above": 1024,
1445
1657
  "type": "keyword"
1446
1658
  },
1659
+ "continent_code": {
1660
+ "ignore_above": 1024,
1661
+ "type": "keyword"
1662
+ },
1447
1663
  "continent_name": {
1448
1664
  "ignore_above": 1024,
1449
1665
  "type": "keyword"
@@ -1463,6 +1679,10 @@
1463
1679
  "ignore_above": 1024,
1464
1680
  "type": "keyword"
1465
1681
  },
1682
+ "postal_code": {
1683
+ "ignore_above": 1024,
1684
+ "type": "keyword"
1685
+ },
1466
1686
  "region_iso_code": {
1467
1687
  "ignore_above": 1024,
1468
1688
  "type": "keyword"
@@ -1470,6 +1690,10 @@
1470
1690
  "region_name": {
1471
1691
  "ignore_above": 1024,
1472
1692
  "type": "keyword"
1693
+ },
1694
+ "timezone": {
1695
+ "ignore_above": 1024,
1696
+ "type": "keyword"
1473
1697
  }
1474
1698
  }
1475
1699
  },
@@ -1559,6 +1783,10 @@
1559
1783
  "ignore_above": 1024,
1560
1784
  "type": "keyword"
1561
1785
  },
1786
+ "type": {
1787
+ "ignore_above": 1024,
1788
+ "type": "keyword"
1789
+ },
1562
1790
  "version": {
1563
1791
  "ignore_above": 1024,
1564
1792
  "type": "keyword"
@@ -1587,41 +1815,57 @@
1587
1815
  }
1588
1816
  }
1589
1817
  },
1590
- "organization": {
1818
+ "orchestrator": {
1591
1819
  "properties": {
1592
- "id": {
1820
+ "api_version": {
1593
1821
  "ignore_above": 1024,
1594
1822
  "type": "keyword"
1595
1823
  },
1596
- "name": {
1597
- "fields": {
1598
- "text": {
1599
- "norms": false,
1600
- "type": "text"
1824
+ "cluster": {
1825
+ "properties": {
1826
+ "name": {
1827
+ "ignore_above": 1024,
1828
+ "type": "keyword"
1829
+ },
1830
+ "url": {
1831
+ "ignore_above": 1024,
1832
+ "type": "keyword"
1833
+ },
1834
+ "version": {
1835
+ "ignore_above": 1024,
1836
+ "type": "keyword"
1601
1837
  }
1602
- },
1838
+ }
1839
+ },
1840
+ "namespace": {
1603
1841
  "ignore_above": 1024,
1604
1842
  "type": "keyword"
1605
- }
1606
- }
1607
- },
1608
- "os": {
1609
- "properties": {
1610
- "family": {
1843
+ },
1844
+ "organization": {
1611
1845
  "ignore_above": 1024,
1612
1846
  "type": "keyword"
1613
1847
  },
1614
- "full": {
1615
- "fields": {
1616
- "text": {
1617
- "norms": false,
1618
- "type": "text"
1848
+ "resource": {
1849
+ "properties": {
1850
+ "name": {
1851
+ "ignore_above": 1024,
1852
+ "type": "keyword"
1853
+ },
1854
+ "type": {
1855
+ "ignore_above": 1024,
1856
+ "type": "keyword"
1619
1857
  }
1620
- },
1858
+ }
1859
+ },
1860
+ "type": {
1621
1861
  "ignore_above": 1024,
1622
1862
  "type": "keyword"
1623
- },
1624
- "kernel": {
1863
+ }
1864
+ }
1865
+ },
1866
+ "organization": {
1867
+ "properties": {
1868
+ "id": {
1625
1869
  "ignore_above": 1024,
1626
1870
  "type": "keyword"
1627
1871
  },
@@ -1634,14 +1878,6 @@
1634
1878
  },
1635
1879
  "ignore_above": 1024,
1636
1880
  "type": "keyword"
1637
- },
1638
- "platform": {
1639
- "ignore_above": 1024,
1640
- "type": "keyword"
1641
- },
1642
- "version": {
1643
- "ignore_above": 1024,
1644
- "type": "keyword"
1645
1881
  }
1646
1882
  }
1647
1883
  },
@@ -1699,30 +1935,6 @@
1699
1935
  }
1700
1936
  }
1701
1937
  },
1702
- "pe": {
1703
- "properties": {
1704
- "company": {
1705
- "ignore_above": 1024,
1706
- "type": "keyword"
1707
- },
1708
- "description": {
1709
- "ignore_above": 1024,
1710
- "type": "keyword"
1711
- },
1712
- "file_version": {
1713
- "ignore_above": 1024,
1714
- "type": "keyword"
1715
- },
1716
- "original_file_name": {
1717
- "ignore_above": 1024,
1718
- "type": "keyword"
1719
- },
1720
- "product": {
1721
- "ignore_above": 1024,
1722
- "type": "keyword"
1723
- }
1724
- }
1725
- },
1726
1938
  "process": {
1727
1939
  "properties": {
1728
1940
  "args": {
@@ -1737,6 +1949,10 @@
1737
1949
  "exists": {
1738
1950
  "type": "boolean"
1739
1951
  },
1952
+ "signing_id": {
1953
+ "ignore_above": 1024,
1954
+ "type": "keyword"
1955
+ },
1740
1956
  "status": {
1741
1957
  "ignore_above": 1024,
1742
1958
  "type": "keyword"
@@ -1745,6 +1961,10 @@
1745
1961
  "ignore_above": 1024,
1746
1962
  "type": "keyword"
1747
1963
  },
1964
+ "team_id": {
1965
+ "ignore_above": 1024,
1966
+ "type": "keyword"
1967
+ },
1748
1968
  "trusted": {
1749
1969
  "type": "boolean"
1750
1970
  },
@@ -1797,6 +2017,10 @@
1797
2017
  "sha512": {
1798
2018
  "ignore_above": 1024,
1799
2019
  "type": "keyword"
2020
+ },
2021
+ "ssdeep": {
2022
+ "ignore_above": 1024,
2023
+ "type": "keyword"
1800
2024
  }
1801
2025
  }
1802
2026
  },
@@ -1824,6 +2048,10 @@
1824
2048
  "exists": {
1825
2049
  "type": "boolean"
1826
2050
  },
2051
+ "signing_id": {
2052
+ "ignore_above": 1024,
2053
+ "type": "keyword"
2054
+ },
1827
2055
  "status": {
1828
2056
  "ignore_above": 1024,
1829
2057
  "type": "keyword"
@@ -1832,6 +2060,10 @@
1832
2060
  "ignore_above": 1024,
1833
2061
  "type": "keyword"
1834
2062
  },
2063
+ "team_id": {
2064
+ "ignore_above": 1024,
2065
+ "type": "keyword"
2066
+ },
1835
2067
  "trusted": {
1836
2068
  "type": "boolean"
1837
2069
  },
@@ -1884,6 +2116,10 @@
1884
2116
  "sha512": {
1885
2117
  "ignore_above": 1024,
1886
2118
  "type": "keyword"
2119
+ },
2120
+ "ssdeep": {
2121
+ "ignore_above": 1024,
2122
+ "type": "keyword"
1887
2123
  }
1888
2124
  }
1889
2125
  },
@@ -1897,6 +2133,38 @@
1897
2133
  "ignore_above": 1024,
1898
2134
  "type": "keyword"
1899
2135
  },
2136
+ "pe": {
2137
+ "properties": {
2138
+ "architecture": {
2139
+ "ignore_above": 1024,
2140
+ "type": "keyword"
2141
+ },
2142
+ "company": {
2143
+ "ignore_above": 1024,
2144
+ "type": "keyword"
2145
+ },
2146
+ "description": {
2147
+ "ignore_above": 1024,
2148
+ "type": "keyword"
2149
+ },
2150
+ "file_version": {
2151
+ "ignore_above": 1024,
2152
+ "type": "keyword"
2153
+ },
2154
+ "imphash": {
2155
+ "ignore_above": 1024,
2156
+ "type": "keyword"
2157
+ },
2158
+ "original_file_name": {
2159
+ "ignore_above": 1024,
2160
+ "type": "keyword"
2161
+ },
2162
+ "product": {
2163
+ "ignore_above": 1024,
2164
+ "type": "keyword"
2165
+ }
2166
+ }
2167
+ },
1900
2168
  "pgid": {
1901
2169
  "type": "long"
1902
2170
  },
@@ -1947,6 +2215,10 @@
1947
2215
  },
1948
2216
  "pe": {
1949
2217
  "properties": {
2218
+ "architecture": {
2219
+ "ignore_above": 1024,
2220
+ "type": "keyword"
2221
+ },
1950
2222
  "company": {
1951
2223
  "ignore_above": 1024,
1952
2224
  "type": "keyword"
@@ -1959,6 +2231,10 @@
1959
2231
  "ignore_above": 1024,
1960
2232
  "type": "keyword"
1961
2233
  },
2234
+ "imphash": {
2235
+ "ignore_above": 1024,
2236
+ "type": "keyword"
2237
+ },
1962
2238
  "original_file_name": {
1963
2239
  "ignore_above": 1024,
1964
2240
  "type": "keyword"
@@ -2059,6 +2335,10 @@
2059
2335
  "ignore_above": 1024,
2060
2336
  "type": "keyword"
2061
2337
  },
2338
+ "hosts": {
2339
+ "ignore_above": 1024,
2340
+ "type": "keyword"
2341
+ },
2062
2342
  "ip": {
2063
2343
  "type": "ip"
2064
2344
  },
@@ -2152,6 +2432,10 @@
2152
2432
  "ignore_above": 1024,
2153
2433
  "type": "keyword"
2154
2434
  },
2435
+ "continent_code": {
2436
+ "ignore_above": 1024,
2437
+ "type": "keyword"
2438
+ },
2155
2439
  "continent_name": {
2156
2440
  "ignore_above": 1024,
2157
2441
  "type": "keyword"
@@ -2171,6 +2455,10 @@
2171
2455
  "ignore_above": 1024,
2172
2456
  "type": "keyword"
2173
2457
  },
2458
+ "postal_code": {
2459
+ "ignore_above": 1024,
2460
+ "type": "keyword"
2461
+ },
2174
2462
  "region_iso_code": {
2175
2463
  "ignore_above": 1024,
2176
2464
  "type": "keyword"
@@ -2178,6 +2466,10 @@
2178
2466
  "region_name": {
2179
2467
  "ignore_above": 1024,
2180
2468
  "type": "keyword"
2469
+ },
2470
+ "timezone": {
2471
+ "ignore_above": 1024,
2472
+ "type": "keyword"
2181
2473
  }
2182
2474
  }
2183
2475
  },
@@ -2208,6 +2500,10 @@
2208
2500
  "ignore_above": 1024,
2209
2501
  "type": "keyword"
2210
2502
  },
2503
+ "subdomain": {
2504
+ "ignore_above": 1024,
2505
+ "type": "keyword"
2506
+ },
2211
2507
  "top_level_domain": {
2212
2508
  "ignore_above": 1024,
2213
2509
  "type": "keyword"
@@ -2265,6 +2561,10 @@
2265
2561
  },
2266
2562
  "ignore_above": 1024,
2267
2563
  "type": "keyword"
2564
+ },
2565
+ "roles": {
2566
+ "ignore_above": 1024,
2567
+ "type": "keyword"
2268
2568
  }
2269
2569
  }
2270
2570
  }
@@ -2346,6 +2646,10 @@
2346
2646
  "ignore_above": 1024,
2347
2647
  "type": "keyword"
2348
2648
  },
2649
+ "continent_code": {
2650
+ "ignore_above": 1024,
2651
+ "type": "keyword"
2652
+ },
2349
2653
  "continent_name": {
2350
2654
  "ignore_above": 1024,
2351
2655
  "type": "keyword"
@@ -2365,6 +2669,10 @@
2365
2669
  "ignore_above": 1024,
2366
2670
  "type": "keyword"
2367
2671
  },
2672
+ "postal_code": {
2673
+ "ignore_above": 1024,
2674
+ "type": "keyword"
2675
+ },
2368
2676
  "region_iso_code": {
2369
2677
  "ignore_above": 1024,
2370
2678
  "type": "keyword"
@@ -2372,6 +2680,10 @@
2372
2680
  "region_name": {
2373
2681
  "ignore_above": 1024,
2374
2682
  "type": "keyword"
2683
+ },
2684
+ "timezone": {
2685
+ "ignore_above": 1024,
2686
+ "type": "keyword"
2375
2687
  }
2376
2688
  }
2377
2689
  },
@@ -2402,7 +2714,11 @@
2402
2714
  "ignore_above": 1024,
2403
2715
  "type": "keyword"
2404
2716
  },
2405
- "top_level_domain": {
2717
+ "subdomain": {
2718
+ "ignore_above": 1024,
2719
+ "type": "keyword"
2720
+ },
2721
+ "top_level_domain": {
2406
2722
  "ignore_above": 1024,
2407
2723
  "type": "keyword"
2408
2724
  },
@@ -2459,11 +2775,23 @@
2459
2775
  },
2460
2776
  "ignore_above": 1024,
2461
2777
  "type": "keyword"
2778
+ },
2779
+ "roles": {
2780
+ "ignore_above": 1024,
2781
+ "type": "keyword"
2462
2782
  }
2463
2783
  }
2464
2784
  }
2465
2785
  }
2466
2786
  },
2787
+ "span": {
2788
+ "properties": {
2789
+ "id": {
2790
+ "ignore_above": 1024,
2791
+ "type": "keyword"
2792
+ }
2793
+ }
2794
+ },
2467
2795
  "tags": {
2468
2796
  "ignore_above": 1024,
2469
2797
  "type": "keyword"
@@ -2509,6 +2837,28 @@
2509
2837
  "reference": {
2510
2838
  "ignore_above": 1024,
2511
2839
  "type": "keyword"
2840
+ },
2841
+ "subtechnique": {
2842
+ "properties": {
2843
+ "id": {
2844
+ "ignore_above": 1024,
2845
+ "type": "keyword"
2846
+ },
2847
+ "name": {
2848
+ "fields": {
2849
+ "text": {
2850
+ "norms": false,
2851
+ "type": "text"
2852
+ }
2853
+ },
2854
+ "ignore_above": 1024,
2855
+ "type": "keyword"
2856
+ },
2857
+ "reference": {
2858
+ "ignore_above": 1024,
2859
+ "type": "keyword"
2860
+ }
2861
+ }
2512
2862
  }
2513
2863
  }
2514
2864
  }
@@ -2571,6 +2921,112 @@
2571
2921
  "supported_ciphers": {
2572
2922
  "ignore_above": 1024,
2573
2923
  "type": "keyword"
2924
+ },
2925
+ "x509": {
2926
+ "properties": {
2927
+ "alternative_names": {
2928
+ "ignore_above": 1024,
2929
+ "type": "keyword"
2930
+ },
2931
+ "issuer": {
2932
+ "properties": {
2933
+ "common_name": {
2934
+ "ignore_above": 1024,
2935
+ "type": "keyword"
2936
+ },
2937
+ "country": {
2938
+ "ignore_above": 1024,
2939
+ "type": "keyword"
2940
+ },
2941
+ "distinguished_name": {
2942
+ "ignore_above": 1024,
2943
+ "type": "keyword"
2944
+ },
2945
+ "locality": {
2946
+ "ignore_above": 1024,
2947
+ "type": "keyword"
2948
+ },
2949
+ "organization": {
2950
+ "ignore_above": 1024,
2951
+ "type": "keyword"
2952
+ },
2953
+ "organizational_unit": {
2954
+ "ignore_above": 1024,
2955
+ "type": "keyword"
2956
+ },
2957
+ "state_or_province": {
2958
+ "ignore_above": 1024,
2959
+ "type": "keyword"
2960
+ }
2961
+ }
2962
+ },
2963
+ "not_after": {
2964
+ "type": "date"
2965
+ },
2966
+ "not_before": {
2967
+ "type": "date"
2968
+ },
2969
+ "public_key_algorithm": {
2970
+ "ignore_above": 1024,
2971
+ "type": "keyword"
2972
+ },
2973
+ "public_key_curve": {
2974
+ "ignore_above": 1024,
2975
+ "type": "keyword"
2976
+ },
2977
+ "public_key_exponent": {
2978
+ "doc_values": false,
2979
+ "index": false,
2980
+ "type": "long"
2981
+ },
2982
+ "public_key_size": {
2983
+ "type": "long"
2984
+ },
2985
+ "serial_number": {
2986
+ "ignore_above": 1024,
2987
+ "type": "keyword"
2988
+ },
2989
+ "signature_algorithm": {
2990
+ "ignore_above": 1024,
2991
+ "type": "keyword"
2992
+ },
2993
+ "subject": {
2994
+ "properties": {
2995
+ "common_name": {
2996
+ "ignore_above": 1024,
2997
+ "type": "keyword"
2998
+ },
2999
+ "country": {
3000
+ "ignore_above": 1024,
3001
+ "type": "keyword"
3002
+ },
3003
+ "distinguished_name": {
3004
+ "ignore_above": 1024,
3005
+ "type": "keyword"
3006
+ },
3007
+ "locality": {
3008
+ "ignore_above": 1024,
3009
+ "type": "keyword"
3010
+ },
3011
+ "organization": {
3012
+ "ignore_above": 1024,
3013
+ "type": "keyword"
3014
+ },
3015
+ "organizational_unit": {
3016
+ "ignore_above": 1024,
3017
+ "type": "keyword"
3018
+ },
3019
+ "state_or_province": {
3020
+ "ignore_above": 1024,
3021
+ "type": "keyword"
3022
+ }
3023
+ }
3024
+ },
3025
+ "version_number": {
3026
+ "ignore_above": 1024,
3027
+ "type": "keyword"
3028
+ }
3029
+ }
2574
3030
  }
2575
3031
  }
2576
3032
  },
@@ -2631,6 +3087,112 @@
2631
3087
  "subject": {
2632
3088
  "ignore_above": 1024,
2633
3089
  "type": "keyword"
3090
+ },
3091
+ "x509": {
3092
+ "properties": {
3093
+ "alternative_names": {
3094
+ "ignore_above": 1024,
3095
+ "type": "keyword"
3096
+ },
3097
+ "issuer": {
3098
+ "properties": {
3099
+ "common_name": {
3100
+ "ignore_above": 1024,
3101
+ "type": "keyword"
3102
+ },
3103
+ "country": {
3104
+ "ignore_above": 1024,
3105
+ "type": "keyword"
3106
+ },
3107
+ "distinguished_name": {
3108
+ "ignore_above": 1024,
3109
+ "type": "keyword"
3110
+ },
3111
+ "locality": {
3112
+ "ignore_above": 1024,
3113
+ "type": "keyword"
3114
+ },
3115
+ "organization": {
3116
+ "ignore_above": 1024,
3117
+ "type": "keyword"
3118
+ },
3119
+ "organizational_unit": {
3120
+ "ignore_above": 1024,
3121
+ "type": "keyword"
3122
+ },
3123
+ "state_or_province": {
3124
+ "ignore_above": 1024,
3125
+ "type": "keyword"
3126
+ }
3127
+ }
3128
+ },
3129
+ "not_after": {
3130
+ "type": "date"
3131
+ },
3132
+ "not_before": {
3133
+ "type": "date"
3134
+ },
3135
+ "public_key_algorithm": {
3136
+ "ignore_above": 1024,
3137
+ "type": "keyword"
3138
+ },
3139
+ "public_key_curve": {
3140
+ "ignore_above": 1024,
3141
+ "type": "keyword"
3142
+ },
3143
+ "public_key_exponent": {
3144
+ "doc_values": false,
3145
+ "index": false,
3146
+ "type": "long"
3147
+ },
3148
+ "public_key_size": {
3149
+ "type": "long"
3150
+ },
3151
+ "serial_number": {
3152
+ "ignore_above": 1024,
3153
+ "type": "keyword"
3154
+ },
3155
+ "signature_algorithm": {
3156
+ "ignore_above": 1024,
3157
+ "type": "keyword"
3158
+ },
3159
+ "subject": {
3160
+ "properties": {
3161
+ "common_name": {
3162
+ "ignore_above": 1024,
3163
+ "type": "keyword"
3164
+ },
3165
+ "country": {
3166
+ "ignore_above": 1024,
3167
+ "type": "keyword"
3168
+ },
3169
+ "distinguished_name": {
3170
+ "ignore_above": 1024,
3171
+ "type": "keyword"
3172
+ },
3173
+ "locality": {
3174
+ "ignore_above": 1024,
3175
+ "type": "keyword"
3176
+ },
3177
+ "organization": {
3178
+ "ignore_above": 1024,
3179
+ "type": "keyword"
3180
+ },
3181
+ "organizational_unit": {
3182
+ "ignore_above": 1024,
3183
+ "type": "keyword"
3184
+ },
3185
+ "state_or_province": {
3186
+ "ignore_above": 1024,
3187
+ "type": "keyword"
3188
+ }
3189
+ }
3190
+ },
3191
+ "version_number": {
3192
+ "ignore_above": 1024,
3193
+ "type": "keyword"
3194
+ }
3195
+ }
2634
3196
  }
2635
3197
  }
2636
3198
  },
@@ -2717,6 +3279,10 @@
2717
3279
  "ignore_above": 1024,
2718
3280
  "type": "keyword"
2719
3281
  },
3282
+ "subdomain": {
3283
+ "ignore_above": 1024,
3284
+ "type": "keyword"
3285
+ },
2720
3286
  "top_level_domain": {
2721
3287
  "ignore_above": 1024,
2722
3288
  "type": "keyword"
@@ -2729,10 +3295,130 @@
2729
3295
  },
2730
3296
  "user": {
2731
3297
  "properties": {
3298
+ "changes": {
3299
+ "properties": {
3300
+ "domain": {
3301
+ "ignore_above": 1024,
3302
+ "type": "keyword"
3303
+ },
3304
+ "email": {
3305
+ "ignore_above": 1024,
3306
+ "type": "keyword"
3307
+ },
3308
+ "full_name": {
3309
+ "fields": {
3310
+ "text": {
3311
+ "norms": false,
3312
+ "type": "text"
3313
+ }
3314
+ },
3315
+ "ignore_above": 1024,
3316
+ "type": "keyword"
3317
+ },
3318
+ "group": {
3319
+ "properties": {
3320
+ "domain": {
3321
+ "ignore_above": 1024,
3322
+ "type": "keyword"
3323
+ },
3324
+ "id": {
3325
+ "ignore_above": 1024,
3326
+ "type": "keyword"
3327
+ },
3328
+ "name": {
3329
+ "ignore_above": 1024,
3330
+ "type": "keyword"
3331
+ }
3332
+ }
3333
+ },
3334
+ "hash": {
3335
+ "ignore_above": 1024,
3336
+ "type": "keyword"
3337
+ },
3338
+ "id": {
3339
+ "ignore_above": 1024,
3340
+ "type": "keyword"
3341
+ },
3342
+ "name": {
3343
+ "fields": {
3344
+ "text": {
3345
+ "norms": false,
3346
+ "type": "text"
3347
+ }
3348
+ },
3349
+ "ignore_above": 1024,
3350
+ "type": "keyword"
3351
+ },
3352
+ "roles": {
3353
+ "ignore_above": 1024,
3354
+ "type": "keyword"
3355
+ }
3356
+ }
3357
+ },
2732
3358
  "domain": {
2733
3359
  "ignore_above": 1024,
2734
3360
  "type": "keyword"
2735
3361
  },
3362
+ "effective": {
3363
+ "properties": {
3364
+ "domain": {
3365
+ "ignore_above": 1024,
3366
+ "type": "keyword"
3367
+ },
3368
+ "email": {
3369
+ "ignore_above": 1024,
3370
+ "type": "keyword"
3371
+ },
3372
+ "full_name": {
3373
+ "fields": {
3374
+ "text": {
3375
+ "norms": false,
3376
+ "type": "text"
3377
+ }
3378
+ },
3379
+ "ignore_above": 1024,
3380
+ "type": "keyword"
3381
+ },
3382
+ "group": {
3383
+ "properties": {
3384
+ "domain": {
3385
+ "ignore_above": 1024,
3386
+ "type": "keyword"
3387
+ },
3388
+ "id": {
3389
+ "ignore_above": 1024,
3390
+ "type": "keyword"
3391
+ },
3392
+ "name": {
3393
+ "ignore_above": 1024,
3394
+ "type": "keyword"
3395
+ }
3396
+ }
3397
+ },
3398
+ "hash": {
3399
+ "ignore_above": 1024,
3400
+ "type": "keyword"
3401
+ },
3402
+ "id": {
3403
+ "ignore_above": 1024,
3404
+ "type": "keyword"
3405
+ },
3406
+ "name": {
3407
+ "fields": {
3408
+ "text": {
3409
+ "norms": false,
3410
+ "type": "text"
3411
+ }
3412
+ },
3413
+ "ignore_above": 1024,
3414
+ "type": "keyword"
3415
+ },
3416
+ "roles": {
3417
+ "ignore_above": 1024,
3418
+ "type": "keyword"
3419
+ }
3420
+ }
3421
+ },
2736
3422
  "email": {
2737
3423
  "ignore_above": 1024,
2738
3424
  "type": "keyword"
@@ -2780,6 +3466,70 @@
2780
3466
  },
2781
3467
  "ignore_above": 1024,
2782
3468
  "type": "keyword"
3469
+ },
3470
+ "roles": {
3471
+ "ignore_above": 1024,
3472
+ "type": "keyword"
3473
+ },
3474
+ "target": {
3475
+ "properties": {
3476
+ "domain": {
3477
+ "ignore_above": 1024,
3478
+ "type": "keyword"
3479
+ },
3480
+ "email": {
3481
+ "ignore_above": 1024,
3482
+ "type": "keyword"
3483
+ },
3484
+ "full_name": {
3485
+ "fields": {
3486
+ "text": {
3487
+ "norms": false,
3488
+ "type": "text"
3489
+ }
3490
+ },
3491
+ "ignore_above": 1024,
3492
+ "type": "keyword"
3493
+ },
3494
+ "group": {
3495
+ "properties": {
3496
+ "domain": {
3497
+ "ignore_above": 1024,
3498
+ "type": "keyword"
3499
+ },
3500
+ "id": {
3501
+ "ignore_above": 1024,
3502
+ "type": "keyword"
3503
+ },
3504
+ "name": {
3505
+ "ignore_above": 1024,
3506
+ "type": "keyword"
3507
+ }
3508
+ }
3509
+ },
3510
+ "hash": {
3511
+ "ignore_above": 1024,
3512
+ "type": "keyword"
3513
+ },
3514
+ "id": {
3515
+ "ignore_above": 1024,
3516
+ "type": "keyword"
3517
+ },
3518
+ "name": {
3519
+ "fields": {
3520
+ "text": {
3521
+ "norms": false,
3522
+ "type": "text"
3523
+ }
3524
+ },
3525
+ "ignore_above": 1024,
3526
+ "type": "keyword"
3527
+ },
3528
+ "roles": {
3529
+ "ignore_above": 1024,
3530
+ "type": "keyword"
3531
+ }
3532
+ }
2783
3533
  }
2784
3534
  }
2785
3535
  },
@@ -2841,6 +3591,10 @@
2841
3591
  "ignore_above": 1024,
2842
3592
  "type": "keyword"
2843
3593
  },
3594
+ "type": {
3595
+ "ignore_above": 1024,
3596
+ "type": "keyword"
3597
+ },
2844
3598
  "version": {
2845
3599
  "ignore_above": 1024,
2846
3600
  "type": "keyword"
@@ -2853,18 +3607,6 @@
2853
3607
  }
2854
3608
  }
2855
3609
  },
2856
- "vlan": {
2857
- "properties": {
2858
- "id": {
2859
- "ignore_above": 1024,
2860
- "type": "keyword"
2861
- },
2862
- "name": {
2863
- "ignore_above": 1024,
2864
- "type": "keyword"
2865
- }
2866
- }
2867
- },
2868
3610
  "vulnerability": {
2869
3611
  "properties": {
2870
3612
  "category": {