logstash-output-elasticsearch 11.2.0-java → 11.3.0-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +14 -0
  3. data/lib/logstash/outputs/elasticsearch/http_client/pool.rb +4 -4
  4. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-6x.json +925 -180
  5. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-7x.json +926 -184
  6. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-8x.json +3695 -0
  7. data/lib/logstash/outputs/elasticsearch/templates/ecs-v8/elasticsearch-7x.json +5777 -0
  8. data/lib/logstash/outputs/elasticsearch/templates/ecs-v8/elasticsearch-8x.json +5782 -0
  9. data/lib/logstash/outputs/elasticsearch.rb +6 -1
  10. data/logstash-output-elasticsearch.gemspec +1 -1
  11. data/spec/integration/outputs/templates_spec.rb +100 -65
  12. data/spec/unit/outputs/elasticsearch/template_manager_spec.rb +6 -0
  13. metadata +5 -2
data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-7x.json CHANGED
@@ -4,7 +4,7 @@
4
4
  ],
5
5
  "mappings": {
6
6
  "_meta": {
7
- "version": "1.5.0"
7
+ "version": "1.10.0"
8
8
  },
9
9
  "date_detection": false,
10
10
  "dynamic_templates": [
@@ -24,6 +24,14 @@
24
24
  },
25
25
  "agent": {
26
26
  "properties": {
27
+ "build": {
28
+ "properties": {
29
+ "original": {
30
+ "ignore_above": 1024,
31
+ "type": "keyword"
32
+ }
33
+ }
34
+ },
27
35
  "ephemeral_id": {
28
36
  "ignore_above": 1024,
29
37
  "type": "keyword"
@@ -46,27 +54,6 @@
46
54
  }
47
55
  }
48
56
  },
49
- "as": {
50
- "properties": {
51
- "number": {
52
- "type": "long"
53
- },
54
- "organization": {
55
- "properties": {
56
- "name": {
57
- "fields": {
58
- "text": {
59
- "norms": false,
60
- "type": "text"
61
- }
62
- },
63
- "ignore_above": 1024,
64
- "type": "keyword"
65
- }
66
- }
67
- }
68
- }
69
- },
70
57
  "client": {
71
58
  "properties": {
72
59
  "address": {
@@ -107,6 +94,10 @@
107
94
  "ignore_above": 1024,
108
95
  "type": "keyword"
109
96
  },
97
+ "continent_code": {
98
+ "ignore_above": 1024,
99
+ "type": "keyword"
100
+ },
110
101
  "continent_name": {
111
102
  "ignore_above": 1024,
112
103
  "type": "keyword"
@@ -126,6 +117,10 @@
126
117
  "ignore_above": 1024,
127
118
  "type": "keyword"
128
119
  },
120
+ "postal_code": {
121
+ "ignore_above": 1024,
122
+ "type": "keyword"
123
+ },
129
124
  "region_iso_code": {
130
125
  "ignore_above": 1024,
131
126
  "type": "keyword"
@@ -133,6 +128,10 @@
133
128
  "region_name": {
134
129
  "ignore_above": 1024,
135
130
  "type": "keyword"
131
+ },
132
+ "timezone": {
133
+ "ignore_above": 1024,
134
+ "type": "keyword"
136
135
  }
137
136
  }
138
137
  },
@@ -163,6 +162,10 @@
163
162
  "ignore_above": 1024,
164
163
  "type": "keyword"
165
164
  },
165
+ "subdomain": {
166
+ "ignore_above": 1024,
167
+ "type": "keyword"
168
+ },
166
169
  "top_level_domain": {
167
170
  "ignore_above": 1024,
168
171
  "type": "keyword"
@@ -220,6 +223,10 @@
220
223
  },
221
224
  "ignore_above": 1024,
222
225
  "type": "keyword"
226
+ },
227
+ "roles": {
228
+ "ignore_above": 1024,
229
+ "type": "keyword"
223
230
  }
224
231
  }
225
232
  }
@@ -232,6 +239,10 @@
232
239
  "id": {
233
240
  "ignore_above": 1024,
234
241
  "type": "keyword"
242
+ },
243
+ "name": {
244
+ "ignore_above": 1024,
245
+ "type": "keyword"
235
246
  }
236
247
  }
237
248
  },
@@ -259,6 +270,18 @@
259
270
  }
260
271
  }
261
272
  },
273
+ "project": {
274
+ "properties": {
275
+ "id": {
276
+ "ignore_above": 1024,
277
+ "type": "keyword"
278
+ },
279
+ "name": {
280
+ "ignore_above": 1024,
281
+ "type": "keyword"
282
+ }
283
+ }
284
+ },
262
285
  "provider": {
263
286
  "ignore_above": 1024,
264
287
  "type": "keyword"
@@ -266,27 +289,14 @@
266
289
  "region": {
267
290
  "ignore_above": 1024,
268
291
  "type": "keyword"
269
- }
270
- }
271
- },
272
- "code_signature": {
273
- "properties": {
274
- "exists": {
275
- "type": "boolean"
276
- },
277
- "status": {
278
- "ignore_above": 1024,
279
- "type": "keyword"
280
- },
281
- "subject_name": {
282
- "ignore_above": 1024,
283
- "type": "keyword"
284
- },
285
- "trusted": {
286
- "type": "boolean"
287
292
  },
288
- "valid": {
289
- "type": "boolean"
293
+ "service": {
294
+ "properties": {
295
+ "name": {
296
+ "ignore_above": 1024,
297
+ "type": "keyword"
298
+ }
299
+ }
290
300
  }
291
301
  }
292
302
  },
@@ -321,6 +331,19 @@
321
331
  }
322
332
  }
323
333
  },
334
+ "data_stream": {
335
+ "properties": {
336
+ "dataset": {
337
+ "type": "constant_keyword"
338
+ },
339
+ "namespace": {
340
+ "type": "constant_keyword"
341
+ },
342
+ "type": {
343
+ "type": "constant_keyword"
344
+ }
345
+ }
346
+ },
324
347
  "destination": {
325
348
  "properties": {
326
349
  "address": {
@@ -361,6 +384,10 @@
361
384
  "ignore_above": 1024,
362
385
  "type": "keyword"
363
386
  },
387
+ "continent_code": {
388
+ "ignore_above": 1024,
389
+ "type": "keyword"
390
+ },
364
391
  "continent_name": {
365
392
  "ignore_above": 1024,
366
393
  "type": "keyword"
@@ -380,6 +407,10 @@
380
407
  "ignore_above": 1024,
381
408
  "type": "keyword"
382
409
  },
410
+ "postal_code": {
411
+ "ignore_above": 1024,
412
+ "type": "keyword"
413
+ },
383
414
  "region_iso_code": {
384
415
  "ignore_above": 1024,
385
416
  "type": "keyword"
@@ -387,6 +418,10 @@
387
418
  "region_name": {
388
419
  "ignore_above": 1024,
389
420
  "type": "keyword"
421
+ },
422
+ "timezone": {
423
+ "ignore_above": 1024,
424
+ "type": "keyword"
390
425
  }
391
426
  }
392
427
  },
@@ -417,6 +452,10 @@
417
452
  "ignore_above": 1024,
418
453
  "type": "keyword"
419
454
  },
455
+ "subdomain": {
456
+ "ignore_above": 1024,
457
+ "type": "keyword"
458
+ },
420
459
  "top_level_domain": {
421
460
  "ignore_above": 1024,
422
461
  "type": "keyword"
@@ -474,6 +513,10 @@
474
513
  },
475
514
  "ignore_above": 1024,
476
515
  "type": "keyword"
516
+ },
517
+ "roles": {
518
+ "ignore_above": 1024,
519
+ "type": "keyword"
477
520
  }
478
521
  }
479
522
  }
@@ -486,6 +529,10 @@
486
529
  "exists": {
487
530
  "type": "boolean"
488
531
  },
532
+ "signing_id": {
533
+ "ignore_above": 1024,
534
+ "type": "keyword"
535
+ },
489
536
  "status": {
490
537
  "ignore_above": 1024,
491
538
  "type": "keyword"
@@ -494,6 +541,10 @@
494
541
  "ignore_above": 1024,
495
542
  "type": "keyword"
496
543
  },
544
+ "team_id": {
545
+ "ignore_above": 1024,
546
+ "type": "keyword"
547
+ },
497
548
  "trusted": {
498
549
  "type": "boolean"
499
550
  },
@@ -519,6 +570,10 @@
519
570
  "sha512": {
520
571
  "ignore_above": 1024,
521
572
  "type": "keyword"
573
+ },
574
+ "ssdeep": {
575
+ "ignore_above": 1024,
576
+ "type": "keyword"
522
577
  }
523
578
  }
524
579
  },
@@ -532,6 +587,10 @@
532
587
  },
533
588
  "pe": {
534
589
  "properties": {
590
+ "architecture": {
591
+ "ignore_above": 1024,
592
+ "type": "keyword"
593
+ },
535
594
  "company": {
536
595
  "ignore_above": 1024,
537
596
  "type": "keyword"
@@ -544,6 +603,10 @@
544
603
  "ignore_above": 1024,
545
604
  "type": "keyword"
546
605
  },
606
+ "imphash": {
607
+ "ignore_above": 1024,
608
+ "type": "keyword"
609
+ },
547
610
  "original_file_name": {
548
611
  "ignore_above": 1024,
549
612
  "type": "keyword"
@@ -735,6 +798,10 @@
735
798
  "ignore_above": 1024,
736
799
  "type": "keyword"
737
800
  },
801
+ "reason": {
802
+ "ignore_above": 1024,
803
+ "type": "keyword"
804
+ },
738
805
  "reference": {
739
806
  "ignore_above": 1024,
740
807
  "type": "keyword"
@@ -782,6 +849,10 @@
782
849
  "exists": {
783
850
  "type": "boolean"
784
851
  },
852
+ "signing_id": {
853
+ "ignore_above": 1024,
854
+ "type": "keyword"
855
+ },
785
856
  "status": {
786
857
  "ignore_above": 1024,
787
858
  "type": "keyword"
@@ -790,6 +861,10 @@
790
861
  "ignore_above": 1024,
791
862
  "type": "keyword"
792
863
  },
864
+ "team_id": {
865
+ "ignore_above": 1024,
866
+ "type": "keyword"
867
+ },
793
868
  "trusted": {
794
869
  "type": "boolean"
795
870
  },
@@ -845,6 +920,10 @@
845
920
  "sha512": {
846
921
  "ignore_above": 1024,
847
922
  "type": "keyword"
923
+ },
924
+ "ssdeep": {
925
+ "ignore_above": 1024,
926
+ "type": "keyword"
848
927
  }
849
928
  }
850
929
  },
@@ -883,6 +962,10 @@
883
962
  },
884
963
  "pe": {
885
964
  "properties": {
965
+ "architecture": {
966
+ "ignore_above": 1024,
967
+ "type": "keyword"
968
+ },
886
969
  "company": {
887
970
  "ignore_above": 1024,
888
971
  "type": "keyword"
@@ -895,6 +978,10 @@
895
978
  "ignore_above": 1024,
896
979
  "type": "keyword"
897
980
  },
981
+ "imphash": {
982
+ "ignore_above": 1024,
983
+ "type": "keyword"
984
+ },
898
985
  "original_file_name": {
899
986
  "ignore_above": 1024,
900
987
  "type": "keyword"
@@ -925,41 +1012,112 @@
925
1012
  "uid": {
926
1013
  "ignore_above": 1024,
927
1014
  "type": "keyword"
928
- }
929
- }
930
- },
931
- "geo": {
932
- "properties": {
933
- "city_name": {
934
- "ignore_above": 1024,
935
- "type": "keyword"
936
- },
937
- "continent_name": {
938
- "ignore_above": 1024,
939
- "type": "keyword"
940
- },
941
- "country_iso_code": {
942
- "ignore_above": 1024,
943
- "type": "keyword"
944
- },
945
- "country_name": {
946
- "ignore_above": 1024,
947
- "type": "keyword"
948
- },
949
- "location": {
950
- "type": "geo_point"
951
- },
952
- "name": {
953
- "ignore_above": 1024,
954
- "type": "keyword"
955
- },
956
- "region_iso_code": {
957
- "ignore_above": 1024,
958
- "type": "keyword"
959
1015
  },
960
- "region_name": {
961
- "ignore_above": 1024,
962
- "type": "keyword"
1016
+ "x509": {
1017
+ "properties": {
1018
+ "alternative_names": {
1019
+ "ignore_above": 1024,
1020
+ "type": "keyword"
1021
+ },
1022
+ "issuer": {
1023
+ "properties": {
1024
+ "common_name": {
1025
+ "ignore_above": 1024,
1026
+ "type": "keyword"
1027
+ },
1028
+ "country": {
1029
+ "ignore_above": 1024,
1030
+ "type": "keyword"
1031
+ },
1032
+ "distinguished_name": {
1033
+ "ignore_above": 1024,
1034
+ "type": "keyword"
1035
+ },
1036
+ "locality": {
1037
+ "ignore_above": 1024,
1038
+ "type": "keyword"
1039
+ },
1040
+ "organization": {
1041
+ "ignore_above": 1024,
1042
+ "type": "keyword"
1043
+ },
1044
+ "organizational_unit": {
1045
+ "ignore_above": 1024,
1046
+ "type": "keyword"
1047
+ },
1048
+ "state_or_province": {
1049
+ "ignore_above": 1024,
1050
+ "type": "keyword"
1051
+ }
1052
+ }
1053
+ },
1054
+ "not_after": {
1055
+ "type": "date"
1056
+ },
1057
+ "not_before": {
1058
+ "type": "date"
1059
+ },
1060
+ "public_key_algorithm": {
1061
+ "ignore_above": 1024,
1062
+ "type": "keyword"
1063
+ },
1064
+ "public_key_curve": {
1065
+ "ignore_above": 1024,
1066
+ "type": "keyword"
1067
+ },
1068
+ "public_key_exponent": {
1069
+ "doc_values": false,
1070
+ "index": false,
1071
+ "type": "long"
1072
+ },
1073
+ "public_key_size": {
1074
+ "type": "long"
1075
+ },
1076
+ "serial_number": {
1077
+ "ignore_above": 1024,
1078
+ "type": "keyword"
1079
+ },
1080
+ "signature_algorithm": {
1081
+ "ignore_above": 1024,
1082
+ "type": "keyword"
1083
+ },
1084
+ "subject": {
1085
+ "properties": {
1086
+ "common_name": {
1087
+ "ignore_above": 1024,
1088
+ "type": "keyword"
1089
+ },
1090
+ "country": {
1091
+ "ignore_above": 1024,
1092
+ "type": "keyword"
1093
+ },
1094
+ "distinguished_name": {
1095
+ "ignore_above": 1024,
1096
+ "type": "keyword"
1097
+ },
1098
+ "locality": {
1099
+ "ignore_above": 1024,
1100
+ "type": "keyword"
1101
+ },
1102
+ "organization": {
1103
+ "ignore_above": 1024,
1104
+ "type": "keyword"
1105
+ },
1106
+ "organizational_unit": {
1107
+ "ignore_above": 1024,
1108
+ "type": "keyword"
1109
+ },
1110
+ "state_or_province": {
1111
+ "ignore_above": 1024,
1112
+ "type": "keyword"
1113
+ }
1114
+ }
1115
+ },
1116
+ "version_number": {
1117
+ "ignore_above": 1024,
1118
+ "type": "keyword"
1119
+ }
1120
+ }
963
1121
  }
964
1122
  }
965
1123
  },
@@ -979,42 +1137,52 @@
979
1137
  }
980
1138
  }
981
1139
  },
982
- "hash": {
983
- "properties": {
984
- "md5": {
985
- "ignore_above": 1024,
986
- "type": "keyword"
987
- },
988
- "sha1": {
989
- "ignore_above": 1024,
990
- "type": "keyword"
991
- },
992
- "sha256": {
993
- "ignore_above": 1024,
994
- "type": "keyword"
995
- },
996
- "sha512": {
997
- "ignore_above": 1024,
998
- "type": "keyword"
999
- }
1000
- }
1001
- },
1002
1140
  "host": {
1003
1141
  "properties": {
1004
1142
  "architecture": {
1005
1143
  "ignore_above": 1024,
1006
1144
  "type": "keyword"
1007
1145
  },
1008
- "domain": {
1009
- "ignore_above": 1024,
1010
- "type": "keyword"
1011
- },
1012
- "geo": {
1146
+ "cpu": {
1147
+ "properties": {
1148
+ "usage": {
1149
+ "scaling_factor": 1000,
1150
+ "type": "scaled_float"
1151
+ }
1152
+ }
1153
+ },
1154
+ "disk": {
1155
+ "properties": {
1156
+ "read": {
1157
+ "properties": {
1158
+ "bytes": {
1159
+ "type": "long"
1160
+ }
1161
+ }
1162
+ },
1163
+ "write": {
1164
+ "properties": {
1165
+ "bytes": {
1166
+ "type": "long"
1167
+ }
1168
+ }
1169
+ }
1170
+ }
1171
+ },
1172
+ "domain": {
1173
+ "ignore_above": 1024,
1174
+ "type": "keyword"
1175
+ },
1176
+ "geo": {
1013
1177
  "properties": {
1014
1178
  "city_name": {
1015
1179
  "ignore_above": 1024,
1016
1180
  "type": "keyword"
1017
1181
  },
1182
+ "continent_code": {
1183
+ "ignore_above": 1024,
1184
+ "type": "keyword"
1185
+ },
1018
1186
  "continent_name": {
1019
1187
  "ignore_above": 1024,
1020
1188
  "type": "keyword"
@@ -1034,6 +1202,10 @@
1034
1202
  "ignore_above": 1024,
1035
1203
  "type": "keyword"
1036
1204
  },
1205
+ "postal_code": {
1206
+ "ignore_above": 1024,
1207
+ "type": "keyword"
1208
+ },
1037
1209
  "region_iso_code": {
1038
1210
  "ignore_above": 1024,
1039
1211
  "type": "keyword"
@@ -1041,6 +1213,10 @@
1041
1213
  "region_name": {
1042
1214
  "ignore_above": 1024,
1043
1215
  "type": "keyword"
1216
+ },
1217
+ "timezone": {
1218
+ "ignore_above": 1024,
1219
+ "type": "keyword"
1044
1220
  }
1045
1221
  }
1046
1222
  },
@@ -1063,6 +1239,30 @@
1063
1239
  "ignore_above": 1024,
1064
1240
  "type": "keyword"
1065
1241
  },
1242
+ "network": {
1243
+ "properties": {
1244
+ "egress": {
1245
+ "properties": {
1246
+ "bytes": {
1247
+ "type": "long"
1248
+ },
1249
+ "packets": {
1250
+ "type": "long"
1251
+ }
1252
+ }
1253
+ },
1254
+ "ingress": {
1255
+ "properties": {
1256
+ "bytes": {
1257
+ "type": "long"
1258
+ },
1259
+ "packets": {
1260
+ "type": "long"
1261
+ }
1262
+ }
1263
+ }
1264
+ }
1265
+ },
1066
1266
  "os": {
1067
1267
  "properties": {
1068
1268
  "family": {
@@ -1097,6 +1297,10 @@
1097
1297
  "ignore_above": 1024,
1098
1298
  "type": "keyword"
1099
1299
  },
1300
+ "type": {
1301
+ "ignore_above": 1024,
1302
+ "type": "keyword"
1303
+ },
1100
1304
  "version": {
1101
1305
  "ignore_above": 1024,
1102
1306
  "type": "keyword"
@@ -1163,6 +1367,10 @@
1163
1367
  },
1164
1368
  "ignore_above": 1024,
1165
1369
  "type": "keyword"
1370
+ },
1371
+ "roles": {
1372
+ "ignore_above": 1024,
1373
+ "type": "keyword"
1166
1374
  }
1167
1375
  }
1168
1376
  }
@@ -1192,10 +1400,18 @@
1192
1400
  "bytes": {
1193
1401
  "type": "long"
1194
1402
  },
1403
+ "id": {
1404
+ "ignore_above": 1024,
1405
+ "type": "keyword"
1406
+ },
1195
1407
  "method": {
1196
1408
  "ignore_above": 1024,
1197
1409
  "type": "keyword"
1198
1410
  },
1411
+ "mime_type": {
1412
+ "ignore_above": 1024,
1413
+ "type": "keyword"
1414
+ },
1199
1415
  "referrer": {
1200
1416
  "ignore_above": 1024,
1201
1417
  "type": "keyword"
@@ -1224,6 +1440,10 @@
1224
1440
  "bytes": {
1225
1441
  "type": "long"
1226
1442
  },
1443
+ "mime_type": {
1444
+ "ignore_above": 1024,
1445
+ "type": "keyword"
1446
+ },
1227
1447
  "status_code": {
1228
1448
  "type": "long"
1229
1449
  }
@@ -1235,27 +1455,19 @@
1235
1455
  }
1236
1456
  }
1237
1457
  },
1238
- "interface": {
1239
- "properties": {
1240
- "alias": {
1241
- "ignore_above": 1024,
1242
- "type": "keyword"
1243
- },
1244
- "id": {
1245
- "ignore_above": 1024,
1246
- "type": "keyword"
1247
- },
1248
- "name": {
1249
- "ignore_above": 1024,
1250
- "type": "keyword"
1251
- }
1252
- }
1253
- },
1254
1458
  "labels": {
1255
1459
  "type": "object"
1256
1460
  },
1257
1461
  "log": {
1258
1462
  "properties": {
1463
+ "file": {
1464
+ "properties": {
1465
+ "path": {
1466
+ "ignore_above": 1024,
1467
+ "type": "keyword"
1468
+ }
1469
+ }
1470
+ },
1259
1471
  "level": {
1260
1472
  "ignore_above": 1024,
1261
1473
  "type": "keyword"
@@ -1444,6 +1656,10 @@
1444
1656
  "ignore_above": 1024,
1445
1657
  "type": "keyword"
1446
1658
  },
1659
+ "continent_code": {
1660
+ "ignore_above": 1024,
1661
+ "type": "keyword"
1662
+ },
1447
1663
  "continent_name": {
1448
1664
  "ignore_above": 1024,
1449
1665
  "type": "keyword"
@@ -1463,6 +1679,10 @@
1463
1679
  "ignore_above": 1024,
1464
1680
  "type": "keyword"
1465
1681
  },
1682
+ "postal_code": {
1683
+ "ignore_above": 1024,
1684
+ "type": "keyword"
1685
+ },
1466
1686
  "region_iso_code": {
1467
1687
  "ignore_above": 1024,
1468
1688
  "type": "keyword"
@@ -1470,6 +1690,10 @@
1470
1690
  "region_name": {
1471
1691
  "ignore_above": 1024,
1472
1692
  "type": "keyword"
1693
+ },
1694
+ "timezone": {
1695
+ "ignore_above": 1024,
1696
+ "type": "keyword"
1473
1697
  }
1474
1698
  }
1475
1699
  },
@@ -1559,6 +1783,10 @@
1559
1783
  "ignore_above": 1024,
1560
1784
  "type": "keyword"
1561
1785
  },
1786
+ "type": {
1787
+ "ignore_above": 1024,
1788
+ "type": "keyword"
1789
+ },
1562
1790
  "version": {
1563
1791
  "ignore_above": 1024,
1564
1792
  "type": "keyword"
@@ -1587,41 +1815,57 @@
1587
1815
  }
1588
1816
  }
1589
1817
  },
1590
- "organization": {
1818
+ "orchestrator": {
1591
1819
  "properties": {
1592
- "id": {
1820
+ "api_version": {
1593
1821
  "ignore_above": 1024,
1594
1822
  "type": "keyword"
1595
1823
  },
1596
- "name": {
1597
- "fields": {
1598
- "text": {
1599
- "norms": false,
1600
- "type": "text"
1824
+ "cluster": {
1825
+ "properties": {
1826
+ "name": {
1827
+ "ignore_above": 1024,
1828
+ "type": "keyword"
1829
+ },
1830
+ "url": {
1831
+ "ignore_above": 1024,
1832
+ "type": "keyword"
1833
+ },
1834
+ "version": {
1835
+ "ignore_above": 1024,
1836
+ "type": "keyword"
1601
1837
  }
1602
- },
1838
+ }
1839
+ },
1840
+ "namespace": {
1603
1841
  "ignore_above": 1024,
1604
1842
  "type": "keyword"
1605
- }
1606
- }
1607
- },
1608
- "os": {
1609
- "properties": {
1610
- "family": {
1843
+ },
1844
+ "organization": {
1611
1845
  "ignore_above": 1024,
1612
1846
  "type": "keyword"
1613
1847
  },
1614
- "full": {
1615
- "fields": {
1616
- "text": {
1617
- "norms": false,
1618
- "type": "text"
1848
+ "resource": {
1849
+ "properties": {
1850
+ "name": {
1851
+ "ignore_above": 1024,
1852
+ "type": "keyword"
1853
+ },
1854
+ "type": {
1855
+ "ignore_above": 1024,
1856
+ "type": "keyword"
1619
1857
  }
1620
- },
1858
+ }
1859
+ },
1860
+ "type": {
1621
1861
  "ignore_above": 1024,
1622
1862
  "type": "keyword"
1623
- },
1624
- "kernel": {
1863
+ }
1864
+ }
1865
+ },
1866
+ "organization": {
1867
+ "properties": {
1868
+ "id": {
1625
1869
  "ignore_above": 1024,
1626
1870
  "type": "keyword"
1627
1871
  },
@@ -1634,14 +1878,6 @@
1634
1878
  },
1635
1879
  "ignore_above": 1024,
1636
1880
  "type": "keyword"
1637
- },
1638
- "platform": {
1639
- "ignore_above": 1024,
1640
- "type": "keyword"
1641
- },
1642
- "version": {
1643
- "ignore_above": 1024,
1644
- "type": "keyword"
1645
1881
  }
1646
1882
  }
1647
1883
  },
@@ -1699,30 +1935,6 @@
1699
1935
  }
1700
1936
  }
1701
1937
  },
1702
- "pe": {
1703
- "properties": {
1704
- "company": {
1705
- "ignore_above": 1024,
1706
- "type": "keyword"
1707
- },
1708
- "description": {
1709
- "ignore_above": 1024,
1710
- "type": "keyword"
1711
- },
1712
- "file_version": {
1713
- "ignore_above": 1024,
1714
- "type": "keyword"
1715
- },
1716
- "original_file_name": {
1717
- "ignore_above": 1024,
1718
- "type": "keyword"
1719
- },
1720
- "product": {
1721
- "ignore_above": 1024,
1722
- "type": "keyword"
1723
- }
1724
- }
1725
- },
1726
1938
  "process": {
1727
1939
  "properties": {
1728
1940
  "args": {
@@ -1737,6 +1949,10 @@
1737
1949
  "exists": {
1738
1950
  "type": "boolean"
1739
1951
  },
1952
+ "signing_id": {
1953
+ "ignore_above": 1024,
1954
+ "type": "keyword"
1955
+ },
1740
1956
  "status": {
1741
1957
  "ignore_above": 1024,
1742
1958
  "type": "keyword"
@@ -1745,6 +1961,10 @@
1745
1961
  "ignore_above": 1024,
1746
1962
  "type": "keyword"
1747
1963
  },
1964
+ "team_id": {
1965
+ "ignore_above": 1024,
1966
+ "type": "keyword"
1967
+ },
1748
1968
  "trusted": {
1749
1969
  "type": "boolean"
1750
1970
  },
@@ -1797,6 +2017,10 @@
1797
2017
  "sha512": {
1798
2018
  "ignore_above": 1024,
1799
2019
  "type": "keyword"
2020
+ },
2021
+ "ssdeep": {
2022
+ "ignore_above": 1024,
2023
+ "type": "keyword"
1800
2024
  }
1801
2025
  }
1802
2026
  },
@@ -1824,6 +2048,10 @@
1824
2048
  "exists": {
1825
2049
  "type": "boolean"
1826
2050
  },
2051
+ "signing_id": {
2052
+ "ignore_above": 1024,
2053
+ "type": "keyword"
2054
+ },
1827
2055
  "status": {
1828
2056
  "ignore_above": 1024,
1829
2057
  "type": "keyword"
@@ -1832,6 +2060,10 @@
1832
2060
  "ignore_above": 1024,
1833
2061
  "type": "keyword"
1834
2062
  },
2063
+ "team_id": {
2064
+ "ignore_above": 1024,
2065
+ "type": "keyword"
2066
+ },
1835
2067
  "trusted": {
1836
2068
  "type": "boolean"
1837
2069
  },
@@ -1884,6 +2116,10 @@
1884
2116
  "sha512": {
1885
2117
  "ignore_above": 1024,
1886
2118
  "type": "keyword"
2119
+ },
2120
+ "ssdeep": {
2121
+ "ignore_above": 1024,
2122
+ "type": "keyword"
1887
2123
  }
1888
2124
  }
1889
2125
  },
@@ -1897,6 +2133,38 @@
1897
2133
  "ignore_above": 1024,
1898
2134
  "type": "keyword"
1899
2135
  },
2136
+ "pe": {
2137
+ "properties": {
2138
+ "architecture": {
2139
+ "ignore_above": 1024,
2140
+ "type": "keyword"
2141
+ },
2142
+ "company": {
2143
+ "ignore_above": 1024,
2144
+ "type": "keyword"
2145
+ },
2146
+ "description": {
2147
+ "ignore_above": 1024,
2148
+ "type": "keyword"
2149
+ },
2150
+ "file_version": {
2151
+ "ignore_above": 1024,
2152
+ "type": "keyword"
2153
+ },
2154
+ "imphash": {
2155
+ "ignore_above": 1024,
2156
+ "type": "keyword"
2157
+ },
2158
+ "original_file_name": {
2159
+ "ignore_above": 1024,
2160
+ "type": "keyword"
2161
+ },
2162
+ "product": {
2163
+ "ignore_above": 1024,
2164
+ "type": "keyword"
2165
+ }
2166
+ }
2167
+ },
1900
2168
  "pgid": {
1901
2169
  "type": "long"
1902
2170
  },
@@ -1947,6 +2215,10 @@
1947
2215
  },
1948
2216
  "pe": {
1949
2217
  "properties": {
2218
+ "architecture": {
2219
+ "ignore_above": 1024,
2220
+ "type": "keyword"
2221
+ },
1950
2222
  "company": {
1951
2223
  "ignore_above": 1024,
1952
2224
  "type": "keyword"
@@ -1959,6 +2231,10 @@
1959
2231
  "ignore_above": 1024,
1960
2232
  "type": "keyword"
1961
2233
  },
2234
+ "imphash": {
2235
+ "ignore_above": 1024,
2236
+ "type": "keyword"
2237
+ },
1962
2238
  "original_file_name": {
1963
2239
  "ignore_above": 1024,
1964
2240
  "type": "keyword"
@@ -2059,6 +2335,10 @@
2059
2335
  "ignore_above": 1024,
2060
2336
  "type": "keyword"
2061
2337
  },
2338
+ "hosts": {
2339
+ "ignore_above": 1024,
2340
+ "type": "keyword"
2341
+ },
2062
2342
  "ip": {
2063
2343
  "type": "ip"
2064
2344
  },
@@ -2152,6 +2432,10 @@
2152
2432
  "ignore_above": 1024,
2153
2433
  "type": "keyword"
2154
2434
  },
2435
+ "continent_code": {
2436
+ "ignore_above": 1024,
2437
+ "type": "keyword"
2438
+ },
2155
2439
  "continent_name": {
2156
2440
  "ignore_above": 1024,
2157
2441
  "type": "keyword"
@@ -2171,6 +2455,10 @@
2171
2455
  "ignore_above": 1024,
2172
2456
  "type": "keyword"
2173
2457
  },
2458
+ "postal_code": {
2459
+ "ignore_above": 1024,
2460
+ "type": "keyword"
2461
+ },
2174
2462
  "region_iso_code": {
2175
2463
  "ignore_above": 1024,
2176
2464
  "type": "keyword"
@@ -2178,6 +2466,10 @@
2178
2466
  "region_name": {
2179
2467
  "ignore_above": 1024,
2180
2468
  "type": "keyword"
2469
+ },
2470
+ "timezone": {
2471
+ "ignore_above": 1024,
2472
+ "type": "keyword"
2181
2473
  }
2182
2474
  }
2183
2475
  },
@@ -2208,6 +2500,10 @@
2208
2500
  "ignore_above": 1024,
2209
2501
  "type": "keyword"
2210
2502
  },
2503
+ "subdomain": {
2504
+ "ignore_above": 1024,
2505
+ "type": "keyword"
2506
+ },
2211
2507
  "top_level_domain": {
2212
2508
  "ignore_above": 1024,
2213
2509
  "type": "keyword"
@@ -2265,6 +2561,10 @@
2265
2561
  },
2266
2562
  "ignore_above": 1024,
2267
2563
  "type": "keyword"
2564
+ },
2565
+ "roles": {
2566
+ "ignore_above": 1024,
2567
+ "type": "keyword"
2268
2568
  }
2269
2569
  }
2270
2570
  }
@@ -2346,6 +2646,10 @@
2346
2646
  "ignore_above": 1024,
2347
2647
  "type": "keyword"
2348
2648
  },
2649
+ "continent_code": {
2650
+ "ignore_above": 1024,
2651
+ "type": "keyword"
2652
+ },
2349
2653
  "continent_name": {
2350
2654
  "ignore_above": 1024,
2351
2655
  "type": "keyword"
@@ -2365,6 +2669,10 @@
2365
2669
  "ignore_above": 1024,
2366
2670
  "type": "keyword"
2367
2671
  },
2672
+ "postal_code": {
2673
+ "ignore_above": 1024,
2674
+ "type": "keyword"
2675
+ },
2368
2676
  "region_iso_code": {
2369
2677
  "ignore_above": 1024,
2370
2678
  "type": "keyword"
@@ -2372,6 +2680,10 @@
2372
2680
  "region_name": {
2373
2681
  "ignore_above": 1024,
2374
2682
  "type": "keyword"
2683
+ },
2684
+ "timezone": {
2685
+ "ignore_above": 1024,
2686
+ "type": "keyword"
2375
2687
  }
2376
2688
  }
2377
2689
  },
@@ -2402,7 +2714,11 @@
2402
2714
  "ignore_above": 1024,
2403
2715
  "type": "keyword"
2404
2716
  },
2405
- "top_level_domain": {
2717
+ "subdomain": {
2718
+ "ignore_above": 1024,
2719
+ "type": "keyword"
2720
+ },
2721
+ "top_level_domain": {
2406
2722
  "ignore_above": 1024,
2407
2723
  "type": "keyword"
2408
2724
  },
@@ -2459,11 +2775,23 @@
2459
2775
  },
2460
2776
  "ignore_above": 1024,
2461
2777
  "type": "keyword"
2778
+ },
2779
+ "roles": {
2780
+ "ignore_above": 1024,
2781
+ "type": "keyword"
2462
2782
  }
2463
2783
  }
2464
2784
  }
2465
2785
  }
2466
2786
  },
2787
+ "span": {
2788
+ "properties": {
2789
+ "id": {
2790
+ "ignore_above": 1024,
2791
+ "type": "keyword"
2792
+ }
2793
+ }
2794
+ },
2467
2795
  "tags": {
2468
2796
  "ignore_above": 1024,
2469
2797
  "type": "keyword"
@@ -2509,6 +2837,28 @@
2509
2837
  "reference": {
2510
2838
  "ignore_above": 1024,
2511
2839
  "type": "keyword"
2840
+ },
2841
+ "subtechnique": {
2842
+ "properties": {
2843
+ "id": {
2844
+ "ignore_above": 1024,
2845
+ "type": "keyword"
2846
+ },
2847
+ "name": {
2848
+ "fields": {
2849
+ "text": {
2850
+ "norms": false,
2851
+ "type": "text"
2852
+ }
2853
+ },
2854
+ "ignore_above": 1024,
2855
+ "type": "keyword"
2856
+ },
2857
+ "reference": {
2858
+ "ignore_above": 1024,
2859
+ "type": "keyword"
2860
+ }
2861
+ }
2512
2862
  }
2513
2863
  }
2514
2864
  }
@@ -2571,6 +2921,112 @@
2571
2921
  "supported_ciphers": {
2572
2922
  "ignore_above": 1024,
2573
2923
  "type": "keyword"
2924
+ },
2925
+ "x509": {
2926
+ "properties": {
2927
+ "alternative_names": {
2928
+ "ignore_above": 1024,
2929
+ "type": "keyword"
2930
+ },
2931
+ "issuer": {
2932
+ "properties": {
2933
+ "common_name": {
2934
+ "ignore_above": 1024,
2935
+ "type": "keyword"
2936
+ },
2937
+ "country": {
2938
+ "ignore_above": 1024,
2939
+ "type": "keyword"
2940
+ },
2941
+ "distinguished_name": {
2942
+ "ignore_above": 1024,
2943
+ "type": "keyword"
2944
+ },
2945
+ "locality": {
2946
+ "ignore_above": 1024,
2947
+ "type": "keyword"
2948
+ },
2949
+ "organization": {
2950
+ "ignore_above": 1024,
2951
+ "type": "keyword"
2952
+ },
2953
+ "organizational_unit": {
2954
+ "ignore_above": 1024,
2955
+ "type": "keyword"
2956
+ },
2957
+ "state_or_province": {
2958
+ "ignore_above": 1024,
2959
+ "type": "keyword"
2960
+ }
2961
+ }
2962
+ },
2963
+ "not_after": {
2964
+ "type": "date"
2965
+ },
2966
+ "not_before": {
2967
+ "type": "date"
2968
+ },
2969
+ "public_key_algorithm": {
2970
+ "ignore_above": 1024,
2971
+ "type": "keyword"
2972
+ },
2973
+ "public_key_curve": {
2974
+ "ignore_above": 1024,
2975
+ "type": "keyword"
2976
+ },
2977
+ "public_key_exponent": {
2978
+ "doc_values": false,
2979
+ "index": false,
2980
+ "type": "long"
2981
+ },
2982
+ "public_key_size": {
2983
+ "type": "long"
2984
+ },
2985
+ "serial_number": {
2986
+ "ignore_above": 1024,
2987
+ "type": "keyword"
2988
+ },
2989
+ "signature_algorithm": {
2990
+ "ignore_above": 1024,
2991
+ "type": "keyword"
2992
+ },
2993
+ "subject": {
2994
+ "properties": {
2995
+ "common_name": {
2996
+ "ignore_above": 1024,
2997
+ "type": "keyword"
2998
+ },
2999
+ "country": {
3000
+ "ignore_above": 1024,
3001
+ "type": "keyword"
3002
+ },
3003
+ "distinguished_name": {
3004
+ "ignore_above": 1024,
3005
+ "type": "keyword"
3006
+ },
3007
+ "locality": {
3008
+ "ignore_above": 1024,
3009
+ "type": "keyword"
3010
+ },
3011
+ "organization": {
3012
+ "ignore_above": 1024,
3013
+ "type": "keyword"
3014
+ },
3015
+ "organizational_unit": {
3016
+ "ignore_above": 1024,
3017
+ "type": "keyword"
3018
+ },
3019
+ "state_or_province": {
3020
+ "ignore_above": 1024,
3021
+ "type": "keyword"
3022
+ }
3023
+ }
3024
+ },
3025
+ "version_number": {
3026
+ "ignore_above": 1024,
3027
+ "type": "keyword"
3028
+ }
3029
+ }
2574
3030
  }
2575
3031
  }
2576
3032
  },
@@ -2631,6 +3087,112 @@
2631
3087
  "subject": {
2632
3088
  "ignore_above": 1024,
2633
3089
  "type": "keyword"
3090
+ },
3091
+ "x509": {
3092
+ "properties": {
3093
+ "alternative_names": {
3094
+ "ignore_above": 1024,
3095
+ "type": "keyword"
3096
+ },
3097
+ "issuer": {
3098
+ "properties": {
3099
+ "common_name": {
3100
+ "ignore_above": 1024,
3101
+ "type": "keyword"
3102
+ },
3103
+ "country": {
3104
+ "ignore_above": 1024,
3105
+ "type": "keyword"
3106
+ },
3107
+ "distinguished_name": {
3108
+ "ignore_above": 1024,
3109
+ "type": "keyword"
3110
+ },
3111
+ "locality": {
3112
+ "ignore_above": 1024,
3113
+ "type": "keyword"
3114
+ },
3115
+ "organization": {
3116
+ "ignore_above": 1024,
3117
+ "type": "keyword"
3118
+ },
3119
+ "organizational_unit": {
3120
+ "ignore_above": 1024,
3121
+ "type": "keyword"
3122
+ },
3123
+ "state_or_province": {
3124
+ "ignore_above": 1024,
3125
+ "type": "keyword"
3126
+ }
3127
+ }
3128
+ },
3129
+ "not_after": {
3130
+ "type": "date"
3131
+ },
3132
+ "not_before": {
3133
+ "type": "date"
3134
+ },
3135
+ "public_key_algorithm": {
3136
+ "ignore_above": 1024,
3137
+ "type": "keyword"
3138
+ },
3139
+ "public_key_curve": {
3140
+ "ignore_above": 1024,
3141
+ "type": "keyword"
3142
+ },
3143
+ "public_key_exponent": {
3144
+ "doc_values": false,
3145
+ "index": false,
3146
+ "type": "long"
3147
+ },
3148
+ "public_key_size": {
3149
+ "type": "long"
3150
+ },
3151
+ "serial_number": {
3152
+ "ignore_above": 1024,
3153
+ "type": "keyword"
3154
+ },
3155
+ "signature_algorithm": {
3156
+ "ignore_above": 1024,
3157
+ "type": "keyword"
3158
+ },
3159
+ "subject": {
3160
+ "properties": {
3161
+ "common_name": {
3162
+ "ignore_above": 1024,
3163
+ "type": "keyword"
3164
+ },
3165
+ "country": {
3166
+ "ignore_above": 1024,
3167
+ "type": "keyword"
3168
+ },
3169
+ "distinguished_name": {
3170
+ "ignore_above": 1024,
3171
+ "type": "keyword"
3172
+ },
3173
+ "locality": {
3174
+ "ignore_above": 1024,
3175
+ "type": "keyword"
3176
+ },
3177
+ "organization": {
3178
+ "ignore_above": 1024,
3179
+ "type": "keyword"
3180
+ },
3181
+ "organizational_unit": {
3182
+ "ignore_above": 1024,
3183
+ "type": "keyword"
3184
+ },
3185
+ "state_or_province": {
3186
+ "ignore_above": 1024,
3187
+ "type": "keyword"
3188
+ }
3189
+ }
3190
+ },
3191
+ "version_number": {
3192
+ "ignore_above": 1024,
3193
+ "type": "keyword"
3194
+ }
3195
+ }
2634
3196
  }
2635
3197
  }
2636
3198
  },
@@ -2717,6 +3279,10 @@
2717
3279
  "ignore_above": 1024,
2718
3280
  "type": "keyword"
2719
3281
  },
3282
+ "subdomain": {
3283
+ "ignore_above": 1024,
3284
+ "type": "keyword"
3285
+ },
2720
3286
  "top_level_domain": {
2721
3287
  "ignore_above": 1024,
2722
3288
  "type": "keyword"
@@ -2729,10 +3295,130 @@
2729
3295
  },
2730
3296
  "user": {
2731
3297
  "properties": {
3298
+ "changes": {
3299
+ "properties": {
3300
+ "domain": {
3301
+ "ignore_above": 1024,
3302
+ "type": "keyword"
3303
+ },
3304
+ "email": {
3305
+ "ignore_above": 1024,
3306
+ "type": "keyword"
3307
+ },
3308
+ "full_name": {
3309
+ "fields": {
3310
+ "text": {
3311
+ "norms": false,
3312
+ "type": "text"
3313
+ }
3314
+ },
3315
+ "ignore_above": 1024,
3316
+ "type": "keyword"
3317
+ },
3318
+ "group": {
3319
+ "properties": {
3320
+ "domain": {
3321
+ "ignore_above": 1024,
3322
+ "type": "keyword"
3323
+ },
3324
+ "id": {
3325
+ "ignore_above": 1024,
3326
+ "type": "keyword"
3327
+ },
3328
+ "name": {
3329
+ "ignore_above": 1024,
3330
+ "type": "keyword"
3331
+ }
3332
+ }
3333
+ },
3334
+ "hash": {
3335
+ "ignore_above": 1024,
3336
+ "type": "keyword"
3337
+ },
3338
+ "id": {
3339
+ "ignore_above": 1024,
3340
+ "type": "keyword"
3341
+ },
3342
+ "name": {
3343
+ "fields": {
3344
+ "text": {
3345
+ "norms": false,
3346
+ "type": "text"
3347
+ }
3348
+ },
3349
+ "ignore_above": 1024,
3350
+ "type": "keyword"
3351
+ },
3352
+ "roles": {
3353
+ "ignore_above": 1024,
3354
+ "type": "keyword"
3355
+ }
3356
+ }
3357
+ },
2732
3358
  "domain": {
2733
3359
  "ignore_above": 1024,
2734
3360
  "type": "keyword"
2735
3361
  },
3362
+ "effective": {
3363
+ "properties": {
3364
+ "domain": {
3365
+ "ignore_above": 1024,
3366
+ "type": "keyword"
3367
+ },
3368
+ "email": {
3369
+ "ignore_above": 1024,
3370
+ "type": "keyword"
3371
+ },
3372
+ "full_name": {
3373
+ "fields": {
3374
+ "text": {
3375
+ "norms": false,
3376
+ "type": "text"
3377
+ }
3378
+ },
3379
+ "ignore_above": 1024,
3380
+ "type": "keyword"
3381
+ },
3382
+ "group": {
3383
+ "properties": {
3384
+ "domain": {
3385
+ "ignore_above": 1024,
3386
+ "type": "keyword"
3387
+ },
3388
+ "id": {
3389
+ "ignore_above": 1024,
3390
+ "type": "keyword"
3391
+ },
3392
+ "name": {
3393
+ "ignore_above": 1024,
3394
+ "type": "keyword"
3395
+ }
3396
+ }
3397
+ },
3398
+ "hash": {
3399
+ "ignore_above": 1024,
3400
+ "type": "keyword"
3401
+ },
3402
+ "id": {
3403
+ "ignore_above": 1024,
3404
+ "type": "keyword"
3405
+ },
3406
+ "name": {
3407
+ "fields": {
3408
+ "text": {
3409
+ "norms": false,
3410
+ "type": "text"
3411
+ }
3412
+ },
3413
+ "ignore_above": 1024,
3414
+ "type": "keyword"
3415
+ },
3416
+ "roles": {
3417
+ "ignore_above": 1024,
3418
+ "type": "keyword"
3419
+ }
3420
+ }
3421
+ },
2736
3422
  "email": {
2737
3423
  "ignore_above": 1024,
2738
3424
  "type": "keyword"
@@ -2780,6 +3466,70 @@
2780
3466
  },
2781
3467
  "ignore_above": 1024,
2782
3468
  "type": "keyword"
3469
+ },
3470
+ "roles": {
3471
+ "ignore_above": 1024,
3472
+ "type": "keyword"
3473
+ },
3474
+ "target": {
3475
+ "properties": {
3476
+ "domain": {
3477
+ "ignore_above": 1024,
3478
+ "type": "keyword"
3479
+ },
3480
+ "email": {
3481
+ "ignore_above": 1024,
3482
+ "type": "keyword"
3483
+ },
3484
+ "full_name": {
3485
+ "fields": {
3486
+ "text": {
3487
+ "norms": false,
3488
+ "type": "text"
3489
+ }
3490
+ },
3491
+ "ignore_above": 1024,
3492
+ "type": "keyword"
3493
+ },
3494
+ "group": {
3495
+ "properties": {
3496
+ "domain": {
3497
+ "ignore_above": 1024,
3498
+ "type": "keyword"
3499
+ },
3500
+ "id": {
3501
+ "ignore_above": 1024,
3502
+ "type": "keyword"
3503
+ },
3504
+ "name": {
3505
+ "ignore_above": 1024,
3506
+ "type": "keyword"
3507
+ }
3508
+ }
3509
+ },
3510
+ "hash": {
3511
+ "ignore_above": 1024,
3512
+ "type": "keyword"
3513
+ },
3514
+ "id": {
3515
+ "ignore_above": 1024,
3516
+ "type": "keyword"
3517
+ },
3518
+ "name": {
3519
+ "fields": {
3520
+ "text": {
3521
+ "norms": false,
3522
+ "type": "text"
3523
+ }
3524
+ },
3525
+ "ignore_above": 1024,
3526
+ "type": "keyword"
3527
+ },
3528
+ "roles": {
3529
+ "ignore_above": 1024,
3530
+ "type": "keyword"
3531
+ }
3532
+ }
2783
3533
  }
2784
3534
  }
2785
3535
  },
@@ -2841,6 +3591,10 @@
2841
3591
  "ignore_above": 1024,
2842
3592
  "type": "keyword"
2843
3593
  },
3594
+ "type": {
3595
+ "ignore_above": 1024,
3596
+ "type": "keyword"
3597
+ },
2844
3598
  "version": {
2845
3599
  "ignore_above": 1024,
2846
3600
  "type": "keyword"
@@ -2853,18 +3607,6 @@
2853
3607
  }
2854
3608
  }
2855
3609
  },
2856
- "vlan": {
2857
- "properties": {
2858
- "id": {
2859
- "ignore_above": 1024,
2860
- "type": "keyword"
2861
- },
2862
- "name": {
2863
- "ignore_above": 1024,
2864
- "type": "keyword"
2865
- }
2866
- }
2867
- },
2868
3610
  "vulnerability": {
2869
3611
  "properties": {
2870
3612
  "category": {