logstash-output-elasticsearch 11.2.1-java → 11.3.1-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (16) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +16 -0
  3. data/lib/logstash/outputs/elasticsearch/data_stream_support.rb +42 -8
  4. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-6x.json +925 -180
  5. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-7x.json +926 -184
  6. data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-8x.json +3695 -0
  7. data/lib/logstash/outputs/elasticsearch/templates/ecs-v8/elasticsearch-7x.json +5777 -0
  8. data/lib/logstash/outputs/elasticsearch/templates/ecs-v8/elasticsearch-8x.json +5782 -0
  9. data/lib/logstash/outputs/elasticsearch.rb +11 -2
  10. data/logstash-output-elasticsearch.gemspec +2 -1
  11. data/spec/integration/outputs/data_stream_spec.rb +7 -0
  12. data/spec/integration/outputs/templates_spec.rb +100 -65
  13. data/spec/unit/outputs/elasticsearch/data_stream_support_spec.rb +52 -4
  14. data/spec/unit/outputs/elasticsearch/template_manager_spec.rb +6 -0
  15. data/spec/unit/outputs/elasticsearch_spec.rb +22 -1
  16. metadata +19 -2
data/lib/logstash/outputs/elasticsearch/templates/ecs-v1/elasticsearch-6x.json CHANGED
@@ -5,7 +5,7 @@
5
5
  "mappings": {
6
6
  "_doc": {
7
7
  "_meta": {
8
- "version": "1.5.0"
8
+ "version": "1.10.0"
9
9
  },
10
10
  "date_detection": false,
11
11
  "dynamic_templates": [
@@ -25,6 +25,14 @@
25
25
  },
26
26
  "agent": {
27
27
  "properties": {
28
+ "build": {
29
+ "properties": {
30
+ "original": {
31
+ "ignore_above": 1024,
32
+ "type": "keyword"
33
+ }
34
+ }
35
+ },
28
36
  "ephemeral_id": {
29
37
  "ignore_above": 1024,
30
38
  "type": "keyword"
@@ -47,27 +55,6 @@
47
55
  }
48
56
  }
49
57
  },
50
- "as": {
51
- "properties": {
52
- "number": {
53
- "type": "long"
54
- },
55
- "organization": {
56
- "properties": {
57
- "name": {
58
- "fields": {
59
- "text": {
60
- "norms": false,
61
- "type": "text"
62
- }
63
- },
64
- "ignore_above": 1024,
65
- "type": "keyword"
66
- }
67
- }
68
- }
69
- }
70
- },
71
58
  "client": {
72
59
  "properties": {
73
60
  "address": {
@@ -108,6 +95,10 @@
108
95
  "ignore_above": 1024,
109
96
  "type": "keyword"
110
97
  },
98
+ "continent_code": {
99
+ "ignore_above": 1024,
100
+ "type": "keyword"
101
+ },
111
102
  "continent_name": {
112
103
  "ignore_above": 1024,
113
104
  "type": "keyword"
@@ -127,6 +118,10 @@
127
118
  "ignore_above": 1024,
128
119
  "type": "keyword"
129
120
  },
121
+ "postal_code": {
122
+ "ignore_above": 1024,
123
+ "type": "keyword"
124
+ },
130
125
  "region_iso_code": {
131
126
  "ignore_above": 1024,
132
127
  "type": "keyword"
@@ -134,6 +129,10 @@
134
129
  "region_name": {
135
130
  "ignore_above": 1024,
136
131
  "type": "keyword"
132
+ },
133
+ "timezone": {
134
+ "ignore_above": 1024,
135
+ "type": "keyword"
137
136
  }
138
137
  }
139
138
  },
@@ -164,6 +163,10 @@
164
163
  "ignore_above": 1024,
165
164
  "type": "keyword"
166
165
  },
166
+ "subdomain": {
167
+ "ignore_above": 1024,
168
+ "type": "keyword"
169
+ },
167
170
  "top_level_domain": {
168
171
  "ignore_above": 1024,
169
172
  "type": "keyword"
@@ -221,6 +224,10 @@
221
224
  },
222
225
  "ignore_above": 1024,
223
226
  "type": "keyword"
227
+ },
228
+ "roles": {
229
+ "ignore_above": 1024,
230
+ "type": "keyword"
224
231
  }
225
232
  }
226
233
  }
@@ -233,6 +240,10 @@
233
240
  "id": {
234
241
  "ignore_above": 1024,
235
242
  "type": "keyword"
243
+ },
244
+ "name": {
245
+ "ignore_above": 1024,
246
+ "type": "keyword"
236
247
  }
237
248
  }
238
249
  },
@@ -260,6 +271,18 @@
260
271
  }
261
272
  }
262
273
  },
274
+ "project": {
275
+ "properties": {
276
+ "id": {
277
+ "ignore_above": 1024,
278
+ "type": "keyword"
279
+ },
280
+ "name": {
281
+ "ignore_above": 1024,
282
+ "type": "keyword"
283
+ }
284
+ }
285
+ },
263
286
  "provider": {
264
287
  "ignore_above": 1024,
265
288
  "type": "keyword"
@@ -267,27 +290,14 @@
267
290
  "region": {
268
291
  "ignore_above": 1024,
269
292
  "type": "keyword"
270
- }
271
- }
272
- },
273
- "code_signature": {
274
- "properties": {
275
- "exists": {
276
- "type": "boolean"
277
- },
278
- "status": {
279
- "ignore_above": 1024,
280
- "type": "keyword"
281
- },
282
- "subject_name": {
283
- "ignore_above": 1024,
284
- "type": "keyword"
285
- },
286
- "trusted": {
287
- "type": "boolean"
288
293
  },
289
- "valid": {
290
- "type": "boolean"
294
+ "service": {
295
+ "properties": {
296
+ "name": {
297
+ "ignore_above": 1024,
298
+ "type": "keyword"
299
+ }
300
+ }
291
301
  }
292
302
  }
293
303
  },
@@ -322,6 +332,22 @@
322
332
  }
323
333
  }
324
334
  },
335
+ "data_stream": {
336
+ "properties": {
337
+ "dataset": {
338
+ "ignore_above": 1024,
339
+ "type": "keyword"
340
+ },
341
+ "namespace": {
342
+ "ignore_above": 1024,
343
+ "type": "keyword"
344
+ },
345
+ "type": {
346
+ "ignore_above": 1024,
347
+ "type": "keyword"
348
+ }
349
+ }
350
+ },
325
351
  "destination": {
326
352
  "properties": {
327
353
  "address": {
@@ -362,6 +388,10 @@
362
388
  "ignore_above": 1024,
363
389
  "type": "keyword"
364
390
  },
391
+ "continent_code": {
392
+ "ignore_above": 1024,
393
+ "type": "keyword"
394
+ },
365
395
  "continent_name": {
366
396
  "ignore_above": 1024,
367
397
  "type": "keyword"
@@ -381,6 +411,10 @@
381
411
  "ignore_above": 1024,
382
412
  "type": "keyword"
383
413
  },
414
+ "postal_code": {
415
+ "ignore_above": 1024,
416
+ "type": "keyword"
417
+ },
384
418
  "region_iso_code": {
385
419
  "ignore_above": 1024,
386
420
  "type": "keyword"
@@ -388,6 +422,10 @@
388
422
  "region_name": {
389
423
  "ignore_above": 1024,
390
424
  "type": "keyword"
425
+ },
426
+ "timezone": {
427
+ "ignore_above": 1024,
428
+ "type": "keyword"
391
429
  }
392
430
  }
393
431
  },
@@ -418,6 +456,10 @@
418
456
  "ignore_above": 1024,
419
457
  "type": "keyword"
420
458
  },
459
+ "subdomain": {
460
+ "ignore_above": 1024,
461
+ "type": "keyword"
462
+ },
421
463
  "top_level_domain": {
422
464
  "ignore_above": 1024,
423
465
  "type": "keyword"
@@ -475,6 +517,10 @@
475
517
  },
476
518
  "ignore_above": 1024,
477
519
  "type": "keyword"
520
+ },
521
+ "roles": {
522
+ "ignore_above": 1024,
523
+ "type": "keyword"
478
524
  }
479
525
  }
480
526
  }
@@ -487,6 +533,10 @@
487
533
  "exists": {
488
534
  "type": "boolean"
489
535
  },
536
+ "signing_id": {
537
+ "ignore_above": 1024,
538
+ "type": "keyword"
539
+ },
490
540
  "status": {
491
541
  "ignore_above": 1024,
492
542
  "type": "keyword"
@@ -495,6 +545,10 @@
495
545
  "ignore_above": 1024,
496
546
  "type": "keyword"
497
547
  },
548
+ "team_id": {
549
+ "ignore_above": 1024,
550
+ "type": "keyword"
551
+ },
498
552
  "trusted": {
499
553
  "type": "boolean"
500
554
  },
@@ -520,6 +574,10 @@
520
574
  "sha512": {
521
575
  "ignore_above": 1024,
522
576
  "type": "keyword"
577
+ },
578
+ "ssdeep": {
579
+ "ignore_above": 1024,
580
+ "type": "keyword"
523
581
  }
524
582
  }
525
583
  },
@@ -533,6 +591,10 @@
533
591
  },
534
592
  "pe": {
535
593
  "properties": {
594
+ "architecture": {
595
+ "ignore_above": 1024,
596
+ "type": "keyword"
597
+ },
536
598
  "company": {
537
599
  "ignore_above": 1024,
538
600
  "type": "keyword"
@@ -545,6 +607,10 @@
545
607
  "ignore_above": 1024,
546
608
  "type": "keyword"
547
609
  },
610
+ "imphash": {
611
+ "ignore_above": 1024,
612
+ "type": "keyword"
613
+ },
548
614
  "original_file_name": {
549
615
  "ignore_above": 1024,
550
616
  "type": "keyword"
@@ -736,6 +802,10 @@
736
802
  "ignore_above": 1024,
737
803
  "type": "keyword"
738
804
  },
805
+ "reason": {
806
+ "ignore_above": 1024,
807
+ "type": "keyword"
808
+ },
739
809
  "reference": {
740
810
  "ignore_above": 1024,
741
811
  "type": "keyword"
@@ -783,6 +853,10 @@
783
853
  "exists": {
784
854
  "type": "boolean"
785
855
  },
856
+ "signing_id": {
857
+ "ignore_above": 1024,
858
+ "type": "keyword"
859
+ },
786
860
  "status": {
787
861
  "ignore_above": 1024,
788
862
  "type": "keyword"
@@ -791,6 +865,10 @@
791
865
  "ignore_above": 1024,
792
866
  "type": "keyword"
793
867
  },
868
+ "team_id": {
869
+ "ignore_above": 1024,
870
+ "type": "keyword"
871
+ },
794
872
  "trusted": {
795
873
  "type": "boolean"
796
874
  },
@@ -846,6 +924,10 @@
846
924
  "sha512": {
847
925
  "ignore_above": 1024,
848
926
  "type": "keyword"
927
+ },
928
+ "ssdeep": {
929
+ "ignore_above": 1024,
930
+ "type": "keyword"
849
931
  }
850
932
  }
851
933
  },
@@ -884,6 +966,10 @@
884
966
  },
885
967
  "pe": {
886
968
  "properties": {
969
+ "architecture": {
970
+ "ignore_above": 1024,
971
+ "type": "keyword"
972
+ },
887
973
  "company": {
888
974
  "ignore_above": 1024,
889
975
  "type": "keyword"
@@ -896,6 +982,10 @@
896
982
  "ignore_above": 1024,
897
983
  "type": "keyword"
898
984
  },
985
+ "imphash": {
986
+ "ignore_above": 1024,
987
+ "type": "keyword"
988
+ },
899
989
  "original_file_name": {
900
990
  "ignore_above": 1024,
901
991
  "type": "keyword"
@@ -926,41 +1016,112 @@
926
1016
  "uid": {
927
1017
  "ignore_above": 1024,
928
1018
  "type": "keyword"
929
- }
930
- }
931
- },
932
- "geo": {
933
- "properties": {
934
- "city_name": {
935
- "ignore_above": 1024,
936
- "type": "keyword"
937
- },
938
- "continent_name": {
939
- "ignore_above": 1024,
940
- "type": "keyword"
941
- },
942
- "country_iso_code": {
943
- "ignore_above": 1024,
944
- "type": "keyword"
945
- },
946
- "country_name": {
947
- "ignore_above": 1024,
948
- "type": "keyword"
949
- },
950
- "location": {
951
- "type": "geo_point"
952
- },
953
- "name": {
954
- "ignore_above": 1024,
955
- "type": "keyword"
956
- },
957
- "region_iso_code": {
958
- "ignore_above": 1024,
959
- "type": "keyword"
960
1019
  },
961
- "region_name": {
962
- "ignore_above": 1024,
963
- "type": "keyword"
1020
+ "x509": {
1021
+ "properties": {
1022
+ "alternative_names": {
1023
+ "ignore_above": 1024,
1024
+ "type": "keyword"
1025
+ },
1026
+ "issuer": {
1027
+ "properties": {
1028
+ "common_name": {
1029
+ "ignore_above": 1024,
1030
+ "type": "keyword"
1031
+ },
1032
+ "country": {
1033
+ "ignore_above": 1024,
1034
+ "type": "keyword"
1035
+ },
1036
+ "distinguished_name": {
1037
+ "ignore_above": 1024,
1038
+ "type": "keyword"
1039
+ },
1040
+ "locality": {
1041
+ "ignore_above": 1024,
1042
+ "type": "keyword"
1043
+ },
1044
+ "organization": {
1045
+ "ignore_above": 1024,
1046
+ "type": "keyword"
1047
+ },
1048
+ "organizational_unit": {
1049
+ "ignore_above": 1024,
1050
+ "type": "keyword"
1051
+ },
1052
+ "state_or_province": {
1053
+ "ignore_above": 1024,
1054
+ "type": "keyword"
1055
+ }
1056
+ }
1057
+ },
1058
+ "not_after": {
1059
+ "type": "date"
1060
+ },
1061
+ "not_before": {
1062
+ "type": "date"
1063
+ },
1064
+ "public_key_algorithm": {
1065
+ "ignore_above": 1024,
1066
+ "type": "keyword"
1067
+ },
1068
+ "public_key_curve": {
1069
+ "ignore_above": 1024,
1070
+ "type": "keyword"
1071
+ },
1072
+ "public_key_exponent": {
1073
+ "doc_values": false,
1074
+ "index": false,
1075
+ "type": "long"
1076
+ },
1077
+ "public_key_size": {
1078
+ "type": "long"
1079
+ },
1080
+ "serial_number": {
1081
+ "ignore_above": 1024,
1082
+ "type": "keyword"
1083
+ },
1084
+ "signature_algorithm": {
1085
+ "ignore_above": 1024,
1086
+ "type": "keyword"
1087
+ },
1088
+ "subject": {
1089
+ "properties": {
1090
+ "common_name": {
1091
+ "ignore_above": 1024,
1092
+ "type": "keyword"
1093
+ },
1094
+ "country": {
1095
+ "ignore_above": 1024,
1096
+ "type": "keyword"
1097
+ },
1098
+ "distinguished_name": {
1099
+ "ignore_above": 1024,
1100
+ "type": "keyword"
1101
+ },
1102
+ "locality": {
1103
+ "ignore_above": 1024,
1104
+ "type": "keyword"
1105
+ },
1106
+ "organization": {
1107
+ "ignore_above": 1024,
1108
+ "type": "keyword"
1109
+ },
1110
+ "organizational_unit": {
1111
+ "ignore_above": 1024,
1112
+ "type": "keyword"
1113
+ },
1114
+ "state_or_province": {
1115
+ "ignore_above": 1024,
1116
+ "type": "keyword"
1117
+ }
1118
+ }
1119
+ },
1120
+ "version_number": {
1121
+ "ignore_above": 1024,
1122
+ "type": "keyword"
1123
+ }
1124
+ }
964
1125
  }
965
1126
  }
966
1127
  },
@@ -980,31 +1141,37 @@
980
1141
  }
981
1142
  }
982
1143
  },
983
- "hash": {
1144
+ "host": {
984
1145
  "properties": {
985
- "md5": {
986
- "ignore_above": 1024,
987
- "type": "keyword"
988
- },
989
- "sha1": {
1146
+ "architecture": {
990
1147
  "ignore_above": 1024,
991
1148
  "type": "keyword"
992
1149
  },
993
- "sha256": {
994
- "ignore_above": 1024,
995
- "type": "keyword"
1150
+ "cpu": {
1151
+ "properties": {
1152
+ "usage": {
1153
+ "scaling_factor": 1000,
1154
+ "type": "scaled_float"
1155
+ }
1156
+ }
996
1157
  },
997
- "sha512": {
998
- "ignore_above": 1024,
999
- "type": "keyword"
1000
- }
1001
- }
1002
- },
1003
- "host": {
1004
- "properties": {
1005
- "architecture": {
1006
- "ignore_above": 1024,
1007
- "type": "keyword"
1158
+ "disk": {
1159
+ "properties": {
1160
+ "read": {
1161
+ "properties": {
1162
+ "bytes": {
1163
+ "type": "long"
1164
+ }
1165
+ }
1166
+ },
1167
+ "write": {
1168
+ "properties": {
1169
+ "bytes": {
1170
+ "type": "long"
1171
+ }
1172
+ }
1173
+ }
1174
+ }
1008
1175
  },
1009
1176
  "domain": {
1010
1177
  "ignore_above": 1024,
@@ -1016,6 +1183,10 @@
1016
1183
  "ignore_above": 1024,
1017
1184
  "type": "keyword"
1018
1185
  },
1186
+ "continent_code": {
1187
+ "ignore_above": 1024,
1188
+ "type": "keyword"
1189
+ },
1019
1190
  "continent_name": {
1020
1191
  "ignore_above": 1024,
1021
1192
  "type": "keyword"
@@ -1035,6 +1206,10 @@
1035
1206
  "ignore_above": 1024,
1036
1207
  "type": "keyword"
1037
1208
  },
1209
+ "postal_code": {
1210
+ "ignore_above": 1024,
1211
+ "type": "keyword"
1212
+ },
1038
1213
  "region_iso_code": {
1039
1214
  "ignore_above": 1024,
1040
1215
  "type": "keyword"
@@ -1042,6 +1217,10 @@
1042
1217
  "region_name": {
1043
1218
  "ignore_above": 1024,
1044
1219
  "type": "keyword"
1220
+ },
1221
+ "timezone": {
1222
+ "ignore_above": 1024,
1223
+ "type": "keyword"
1045
1224
  }
1046
1225
  }
1047
1226
  },
@@ -1064,6 +1243,30 @@
1064
1243
  "ignore_above": 1024,
1065
1244
  "type": "keyword"
1066
1245
  },
1246
+ "network": {
1247
+ "properties": {
1248
+ "egress": {
1249
+ "properties": {
1250
+ "bytes": {
1251
+ "type": "long"
1252
+ },
1253
+ "packets": {
1254
+ "type": "long"
1255
+ }
1256
+ }
1257
+ },
1258
+ "ingress": {
1259
+ "properties": {
1260
+ "bytes": {
1261
+ "type": "long"
1262
+ },
1263
+ "packets": {
1264
+ "type": "long"
1265
+ }
1266
+ }
1267
+ }
1268
+ }
1269
+ },
1067
1270
  "os": {
1068
1271
  "properties": {
1069
1272
  "family": {
@@ -1098,6 +1301,10 @@
1098
1301
  "ignore_above": 1024,
1099
1302
  "type": "keyword"
1100
1303
  },
1304
+ "type": {
1305
+ "ignore_above": 1024,
1306
+ "type": "keyword"
1307
+ },
1101
1308
  "version": {
1102
1309
  "ignore_above": 1024,
1103
1310
  "type": "keyword"
@@ -1164,6 +1371,10 @@
1164
1371
  },
1165
1372
  "ignore_above": 1024,
1166
1373
  "type": "keyword"
1374
+ },
1375
+ "roles": {
1376
+ "ignore_above": 1024,
1377
+ "type": "keyword"
1167
1378
  }
1168
1379
  }
1169
1380
  }
@@ -1193,10 +1404,18 @@
1193
1404
  "bytes": {
1194
1405
  "type": "long"
1195
1406
  },
1407
+ "id": {
1408
+ "ignore_above": 1024,
1409
+ "type": "keyword"
1410
+ },
1196
1411
  "method": {
1197
1412
  "ignore_above": 1024,
1198
1413
  "type": "keyword"
1199
1414
  },
1415
+ "mime_type": {
1416
+ "ignore_above": 1024,
1417
+ "type": "keyword"
1418
+ },
1200
1419
  "referrer": {
1201
1420
  "ignore_above": 1024,
1202
1421
  "type": "keyword"
@@ -1225,6 +1444,10 @@
1225
1444
  "bytes": {
1226
1445
  "type": "long"
1227
1446
  },
1447
+ "mime_type": {
1448
+ "ignore_above": 1024,
1449
+ "type": "keyword"
1450
+ },
1228
1451
  "status_code": {
1229
1452
  "type": "long"
1230
1453
  }
@@ -1236,27 +1459,19 @@
1236
1459
  }
1237
1460
  }
1238
1461
  },
1239
- "interface": {
1240
- "properties": {
1241
- "alias": {
1242
- "ignore_above": 1024,
1243
- "type": "keyword"
1244
- },
1245
- "id": {
1246
- "ignore_above": 1024,
1247
- "type": "keyword"
1248
- },
1249
- "name": {
1250
- "ignore_above": 1024,
1251
- "type": "keyword"
1252
- }
1253
- }
1254
- },
1255
1462
  "labels": {
1256
1463
  "type": "object"
1257
1464
  },
1258
1465
  "log": {
1259
1466
  "properties": {
1467
+ "file": {
1468
+ "properties": {
1469
+ "path": {
1470
+ "ignore_above": 1024,
1471
+ "type": "keyword"
1472
+ }
1473
+ }
1474
+ },
1260
1475
  "level": {
1261
1476
  "ignore_above": 1024,
1262
1477
  "type": "keyword"
@@ -1445,6 +1660,10 @@
1445
1660
  "ignore_above": 1024,
1446
1661
  "type": "keyword"
1447
1662
  },
1663
+ "continent_code": {
1664
+ "ignore_above": 1024,
1665
+ "type": "keyword"
1666
+ },
1448
1667
  "continent_name": {
1449
1668
  "ignore_above": 1024,
1450
1669
  "type": "keyword"
@@ -1464,6 +1683,10 @@
1464
1683
  "ignore_above": 1024,
1465
1684
  "type": "keyword"
1466
1685
  },
1686
+ "postal_code": {
1687
+ "ignore_above": 1024,
1688
+ "type": "keyword"
1689
+ },
1467
1690
  "region_iso_code": {
1468
1691
  "ignore_above": 1024,
1469
1692
  "type": "keyword"
@@ -1471,6 +1694,10 @@
1471
1694
  "region_name": {
1472
1695
  "ignore_above": 1024,
1473
1696
  "type": "keyword"
1697
+ },
1698
+ "timezone": {
1699
+ "ignore_above": 1024,
1700
+ "type": "keyword"
1474
1701
  }
1475
1702
  }
1476
1703
  },
@@ -1560,6 +1787,10 @@
1560
1787
  "ignore_above": 1024,
1561
1788
  "type": "keyword"
1562
1789
  },
1790
+ "type": {
1791
+ "ignore_above": 1024,
1792
+ "type": "keyword"
1793
+ },
1563
1794
  "version": {
1564
1795
  "ignore_above": 1024,
1565
1796
  "type": "keyword"
@@ -1588,41 +1819,57 @@
1588
1819
  }
1589
1820
  }
1590
1821
  },
1591
- "organization": {
1822
+ "orchestrator": {
1592
1823
  "properties": {
1593
- "id": {
1824
+ "api_version": {
1594
1825
  "ignore_above": 1024,
1595
1826
  "type": "keyword"
1596
1827
  },
1597
- "name": {
1598
- "fields": {
1599
- "text": {
1600
- "norms": false,
1601
- "type": "text"
1828
+ "cluster": {
1829
+ "properties": {
1830
+ "name": {
1831
+ "ignore_above": 1024,
1832
+ "type": "keyword"
1833
+ },
1834
+ "url": {
1835
+ "ignore_above": 1024,
1836
+ "type": "keyword"
1837
+ },
1838
+ "version": {
1839
+ "ignore_above": 1024,
1840
+ "type": "keyword"
1602
1841
  }
1603
- },
1842
+ }
1843
+ },
1844
+ "namespace": {
1604
1845
  "ignore_above": 1024,
1605
1846
  "type": "keyword"
1606
- }
1607
- }
1608
- },
1609
- "os": {
1610
- "properties": {
1611
- "family": {
1847
+ },
1848
+ "organization": {
1612
1849
  "ignore_above": 1024,
1613
1850
  "type": "keyword"
1614
1851
  },
1615
- "full": {
1616
- "fields": {
1617
- "text": {
1618
- "norms": false,
1619
- "type": "text"
1852
+ "resource": {
1853
+ "properties": {
1854
+ "name": {
1855
+ "ignore_above": 1024,
1856
+ "type": "keyword"
1857
+ },
1858
+ "type": {
1859
+ "ignore_above": 1024,
1860
+ "type": "keyword"
1620
1861
  }
1621
- },
1862
+ }
1863
+ },
1864
+ "type": {
1622
1865
  "ignore_above": 1024,
1623
1866
  "type": "keyword"
1624
- },
1625
- "kernel": {
1867
+ }
1868
+ }
1869
+ },
1870
+ "organization": {
1871
+ "properties": {
1872
+ "id": {
1626
1873
  "ignore_above": 1024,
1627
1874
  "type": "keyword"
1628
1875
  },
@@ -1635,14 +1882,6 @@
1635
1882
  },
1636
1883
  "ignore_above": 1024,
1637
1884
  "type": "keyword"
1638
- },
1639
- "platform": {
1640
- "ignore_above": 1024,
1641
- "type": "keyword"
1642
- },
1643
- "version": {
1644
- "ignore_above": 1024,
1645
- "type": "keyword"
1646
1885
  }
1647
1886
  }
1648
1887
  },
@@ -1700,30 +1939,6 @@
1700
1939
  }
1701
1940
  }
1702
1941
  },
1703
- "pe": {
1704
- "properties": {
1705
- "company": {
1706
- "ignore_above": 1024,
1707
- "type": "keyword"
1708
- },
1709
- "description": {
1710
- "ignore_above": 1024,
1711
- "type": "keyword"
1712
- },
1713
- "file_version": {
1714
- "ignore_above": 1024,
1715
- "type": "keyword"
1716
- },
1717
- "original_file_name": {
1718
- "ignore_above": 1024,
1719
- "type": "keyword"
1720
- },
1721
- "product": {
1722
- "ignore_above": 1024,
1723
- "type": "keyword"
1724
- }
1725
- }
1726
- },
1727
1942
  "process": {
1728
1943
  "properties": {
1729
1944
  "args": {
@@ -1738,6 +1953,10 @@
1738
1953
  "exists": {
1739
1954
  "type": "boolean"
1740
1955
  },
1956
+ "signing_id": {
1957
+ "ignore_above": 1024,
1958
+ "type": "keyword"
1959
+ },
1741
1960
  "status": {
1742
1961
  "ignore_above": 1024,
1743
1962
  "type": "keyword"
@@ -1746,6 +1965,10 @@
1746
1965
  "ignore_above": 1024,
1747
1966
  "type": "keyword"
1748
1967
  },
1968
+ "team_id": {
1969
+ "ignore_above": 1024,
1970
+ "type": "keyword"
1971
+ },
1749
1972
  "trusted": {
1750
1973
  "type": "boolean"
1751
1974
  },
@@ -1798,6 +2021,10 @@
1798
2021
  "sha512": {
1799
2022
  "ignore_above": 1024,
1800
2023
  "type": "keyword"
2024
+ },
2025
+ "ssdeep": {
2026
+ "ignore_above": 1024,
2027
+ "type": "keyword"
1801
2028
  }
1802
2029
  }
1803
2030
  },
@@ -1825,6 +2052,10 @@
1825
2052
  "exists": {
1826
2053
  "type": "boolean"
1827
2054
  },
2055
+ "signing_id": {
2056
+ "ignore_above": 1024,
2057
+ "type": "keyword"
2058
+ },
1828
2059
  "status": {
1829
2060
  "ignore_above": 1024,
1830
2061
  "type": "keyword"
@@ -1833,6 +2064,10 @@
1833
2064
  "ignore_above": 1024,
1834
2065
  "type": "keyword"
1835
2066
  },
2067
+ "team_id": {
2068
+ "ignore_above": 1024,
2069
+ "type": "keyword"
2070
+ },
1836
2071
  "trusted": {
1837
2072
  "type": "boolean"
1838
2073
  },
@@ -1885,6 +2120,10 @@
1885
2120
  "sha512": {
1886
2121
  "ignore_above": 1024,
1887
2122
  "type": "keyword"
2123
+ },
2124
+ "ssdeep": {
2125
+ "ignore_above": 1024,
2126
+ "type": "keyword"
1888
2127
  }
1889
2128
  }
1890
2129
  },
@@ -1898,6 +2137,38 @@
1898
2137
  "ignore_above": 1024,
1899
2138
  "type": "keyword"
1900
2139
  },
2140
+ "pe": {
2141
+ "properties": {
2142
+ "architecture": {
2143
+ "ignore_above": 1024,
2144
+ "type": "keyword"
2145
+ },
2146
+ "company": {
2147
+ "ignore_above": 1024,
2148
+ "type": "keyword"
2149
+ },
2150
+ "description": {
2151
+ "ignore_above": 1024,
2152
+ "type": "keyword"
2153
+ },
2154
+ "file_version": {
2155
+ "ignore_above": 1024,
2156
+ "type": "keyword"
2157
+ },
2158
+ "imphash": {
2159
+ "ignore_above": 1024,
2160
+ "type": "keyword"
2161
+ },
2162
+ "original_file_name": {
2163
+ "ignore_above": 1024,
2164
+ "type": "keyword"
2165
+ },
2166
+ "product": {
2167
+ "ignore_above": 1024,
2168
+ "type": "keyword"
2169
+ }
2170
+ }
2171
+ },
1901
2172
  "pgid": {
1902
2173
  "type": "long"
1903
2174
  },
@@ -1948,6 +2219,10 @@
1948
2219
  },
1949
2220
  "pe": {
1950
2221
  "properties": {
2222
+ "architecture": {
2223
+ "ignore_above": 1024,
2224
+ "type": "keyword"
2225
+ },
1951
2226
  "company": {
1952
2227
  "ignore_above": 1024,
1953
2228
  "type": "keyword"
@@ -1960,6 +2235,10 @@
1960
2235
  "ignore_above": 1024,
1961
2236
  "type": "keyword"
1962
2237
  },
2238
+ "imphash": {
2239
+ "ignore_above": 1024,
2240
+ "type": "keyword"
2241
+ },
1963
2242
  "original_file_name": {
1964
2243
  "ignore_above": 1024,
1965
2244
  "type": "keyword"
@@ -2060,6 +2339,10 @@
2060
2339
  "ignore_above": 1024,
2061
2340
  "type": "keyword"
2062
2341
  },
2342
+ "hosts": {
2343
+ "ignore_above": 1024,
2344
+ "type": "keyword"
2345
+ },
2063
2346
  "ip": {
2064
2347
  "type": "ip"
2065
2348
  },
@@ -2153,6 +2436,10 @@
2153
2436
  "ignore_above": 1024,
2154
2437
  "type": "keyword"
2155
2438
  },
2439
+ "continent_code": {
2440
+ "ignore_above": 1024,
2441
+ "type": "keyword"
2442
+ },
2156
2443
  "continent_name": {
2157
2444
  "ignore_above": 1024,
2158
2445
  "type": "keyword"
@@ -2172,6 +2459,10 @@
2172
2459
  "ignore_above": 1024,
2173
2460
  "type": "keyword"
2174
2461
  },
2462
+ "postal_code": {
2463
+ "ignore_above": 1024,
2464
+ "type": "keyword"
2465
+ },
2175
2466
  "region_iso_code": {
2176
2467
  "ignore_above": 1024,
2177
2468
  "type": "keyword"
@@ -2179,6 +2470,10 @@
2179
2470
  "region_name": {
2180
2471
  "ignore_above": 1024,
2181
2472
  "type": "keyword"
2473
+ },
2474
+ "timezone": {
2475
+ "ignore_above": 1024,
2476
+ "type": "keyword"
2182
2477
  }
2183
2478
  }
2184
2479
  },
@@ -2209,6 +2504,10 @@
2209
2504
  "ignore_above": 1024,
2210
2505
  "type": "keyword"
2211
2506
  },
2507
+ "subdomain": {
2508
+ "ignore_above": 1024,
2509
+ "type": "keyword"
2510
+ },
2212
2511
  "top_level_domain": {
2213
2512
  "ignore_above": 1024,
2214
2513
  "type": "keyword"
@@ -2266,6 +2565,10 @@
2266
2565
  },
2267
2566
  "ignore_above": 1024,
2268
2567
  "type": "keyword"
2568
+ },
2569
+ "roles": {
2570
+ "ignore_above": 1024,
2571
+ "type": "keyword"
2269
2572
  }
2270
2573
  }
2271
2574
  }
@@ -2347,6 +2650,10 @@
2347
2650
  "ignore_above": 1024,
2348
2651
  "type": "keyword"
2349
2652
  },
2653
+ "continent_code": {
2654
+ "ignore_above": 1024,
2655
+ "type": "keyword"
2656
+ },
2350
2657
  "continent_name": {
2351
2658
  "ignore_above": 1024,
2352
2659
  "type": "keyword"
@@ -2366,6 +2673,10 @@
2366
2673
  "ignore_above": 1024,
2367
2674
  "type": "keyword"
2368
2675
  },
2676
+ "postal_code": {
2677
+ "ignore_above": 1024,
2678
+ "type": "keyword"
2679
+ },
2369
2680
  "region_iso_code": {
2370
2681
  "ignore_above": 1024,
2371
2682
  "type": "keyword"
@@ -2373,6 +2684,10 @@
2373
2684
  "region_name": {
2374
2685
  "ignore_above": 1024,
2375
2686
  "type": "keyword"
2687
+ },
2688
+ "timezone": {
2689
+ "ignore_above": 1024,
2690
+ "type": "keyword"
2376
2691
  }
2377
2692
  }
2378
2693
  },
@@ -2403,6 +2718,10 @@
2403
2718
  "ignore_above": 1024,
2404
2719
  "type": "keyword"
2405
2720
  },
2721
+ "subdomain": {
2722
+ "ignore_above": 1024,
2723
+ "type": "keyword"
2724
+ },
2406
2725
  "top_level_domain": {
2407
2726
  "ignore_above": 1024,
2408
2727
  "type": "keyword"
@@ -2460,8 +2779,20 @@
2460
2779
  },
2461
2780
  "ignore_above": 1024,
2462
2781
  "type": "keyword"
2463
- }
2464
- }
2782
+ },
2783
+ "roles": {
2784
+ "ignore_above": 1024,
2785
+ "type": "keyword"
2786
+ }
2787
+ }
2788
+ }
2789
+ }
2790
+ },
2791
+ "span": {
2792
+ "properties": {
2793
+ "id": {
2794
+ "ignore_above": 1024,
2795
+ "type": "keyword"
2465
2796
  }
2466
2797
  }
2467
2798
  },
@@ -2510,6 +2841,28 @@
2510
2841
  "reference": {
2511
2842
  "ignore_above": 1024,
2512
2843
  "type": "keyword"
2844
+ },
2845
+ "subtechnique": {
2846
+ "properties": {
2847
+ "id": {
2848
+ "ignore_above": 1024,
2849
+ "type": "keyword"
2850
+ },
2851
+ "name": {
2852
+ "fields": {
2853
+ "text": {
2854
+ "norms": false,
2855
+ "type": "text"
2856
+ }
2857
+ },
2858
+ "ignore_above": 1024,
2859
+ "type": "keyword"
2860
+ },
2861
+ "reference": {
2862
+ "ignore_above": 1024,
2863
+ "type": "keyword"
2864
+ }
2865
+ }
2513
2866
  }
2514
2867
  }
2515
2868
  }
@@ -2572,6 +2925,112 @@
2572
2925
  "supported_ciphers": {
2573
2926
  "ignore_above": 1024,
2574
2927
  "type": "keyword"
2928
+ },
2929
+ "x509": {
2930
+ "properties": {
2931
+ "alternative_names": {
2932
+ "ignore_above": 1024,
2933
+ "type": "keyword"
2934
+ },
2935
+ "issuer": {
2936
+ "properties": {
2937
+ "common_name": {
2938
+ "ignore_above": 1024,
2939
+ "type": "keyword"
2940
+ },
2941
+ "country": {
2942
+ "ignore_above": 1024,
2943
+ "type": "keyword"
2944
+ },
2945
+ "distinguished_name": {
2946
+ "ignore_above": 1024,
2947
+ "type": "keyword"
2948
+ },
2949
+ "locality": {
2950
+ "ignore_above": 1024,
2951
+ "type": "keyword"
2952
+ },
2953
+ "organization": {
2954
+ "ignore_above": 1024,
2955
+ "type": "keyword"
2956
+ },
2957
+ "organizational_unit": {
2958
+ "ignore_above": 1024,
2959
+ "type": "keyword"
2960
+ },
2961
+ "state_or_province": {
2962
+ "ignore_above": 1024,
2963
+ "type": "keyword"
2964
+ }
2965
+ }
2966
+ },
2967
+ "not_after": {
2968
+ "type": "date"
2969
+ },
2970
+ "not_before": {
2971
+ "type": "date"
2972
+ },
2973
+ "public_key_algorithm": {
2974
+ "ignore_above": 1024,
2975
+ "type": "keyword"
2976
+ },
2977
+ "public_key_curve": {
2978
+ "ignore_above": 1024,
2979
+ "type": "keyword"
2980
+ },
2981
+ "public_key_exponent": {
2982
+ "doc_values": false,
2983
+ "index": false,
2984
+ "type": "long"
2985
+ },
2986
+ "public_key_size": {
2987
+ "type": "long"
2988
+ },
2989
+ "serial_number": {
2990
+ "ignore_above": 1024,
2991
+ "type": "keyword"
2992
+ },
2993
+ "signature_algorithm": {
2994
+ "ignore_above": 1024,
2995
+ "type": "keyword"
2996
+ },
2997
+ "subject": {
2998
+ "properties": {
2999
+ "common_name": {
3000
+ "ignore_above": 1024,
3001
+ "type": "keyword"
3002
+ },
3003
+ "country": {
3004
+ "ignore_above": 1024,
3005
+ "type": "keyword"
3006
+ },
3007
+ "distinguished_name": {
3008
+ "ignore_above": 1024,
3009
+ "type": "keyword"
3010
+ },
3011
+ "locality": {
3012
+ "ignore_above": 1024,
3013
+ "type": "keyword"
3014
+ },
3015
+ "organization": {
3016
+ "ignore_above": 1024,
3017
+ "type": "keyword"
3018
+ },
3019
+ "organizational_unit": {
3020
+ "ignore_above": 1024,
3021
+ "type": "keyword"
3022
+ },
3023
+ "state_or_province": {
3024
+ "ignore_above": 1024,
3025
+ "type": "keyword"
3026
+ }
3027
+ }
3028
+ },
3029
+ "version_number": {
3030
+ "ignore_above": 1024,
3031
+ "type": "keyword"
3032
+ }
3033
+ }
2575
3034
  }
2576
3035
  }
2577
3036
  },
@@ -2632,6 +3091,112 @@
2632
3091
  "subject": {
2633
3092
  "ignore_above": 1024,
2634
3093
  "type": "keyword"
3094
+ },
3095
+ "x509": {
3096
+ "properties": {
3097
+ "alternative_names": {
3098
+ "ignore_above": 1024,
3099
+ "type": "keyword"
3100
+ },
3101
+ "issuer": {
3102
+ "properties": {
3103
+ "common_name": {
3104
+ "ignore_above": 1024,
3105
+ "type": "keyword"
3106
+ },
3107
+ "country": {
3108
+ "ignore_above": 1024,
3109
+ "type": "keyword"
3110
+ },
3111
+ "distinguished_name": {
3112
+ "ignore_above": 1024,
3113
+ "type": "keyword"
3114
+ },
3115
+ "locality": {
3116
+ "ignore_above": 1024,
3117
+ "type": "keyword"
3118
+ },
3119
+ "organization": {
3120
+ "ignore_above": 1024,
3121
+ "type": "keyword"
3122
+ },
3123
+ "organizational_unit": {
3124
+ "ignore_above": 1024,
3125
+ "type": "keyword"
3126
+ },
3127
+ "state_or_province": {
3128
+ "ignore_above": 1024,
3129
+ "type": "keyword"
3130
+ }
3131
+ }
3132
+ },
3133
+ "not_after": {
3134
+ "type": "date"
3135
+ },
3136
+ "not_before": {
3137
+ "type": "date"
3138
+ },
3139
+ "public_key_algorithm": {
3140
+ "ignore_above": 1024,
3141
+ "type": "keyword"
3142
+ },
3143
+ "public_key_curve": {
3144
+ "ignore_above": 1024,
3145
+ "type": "keyword"
3146
+ },
3147
+ "public_key_exponent": {
3148
+ "doc_values": false,
3149
+ "index": false,
3150
+ "type": "long"
3151
+ },
3152
+ "public_key_size": {
3153
+ "type": "long"
3154
+ },
3155
+ "serial_number": {
3156
+ "ignore_above": 1024,
3157
+ "type": "keyword"
3158
+ },
3159
+ "signature_algorithm": {
3160
+ "ignore_above": 1024,
3161
+ "type": "keyword"
3162
+ },
3163
+ "subject": {
3164
+ "properties": {
3165
+ "common_name": {
3166
+ "ignore_above": 1024,
3167
+ "type": "keyword"
3168
+ },
3169
+ "country": {
3170
+ "ignore_above": 1024,
3171
+ "type": "keyword"
3172
+ },
3173
+ "distinguished_name": {
3174
+ "ignore_above": 1024,
3175
+ "type": "keyword"
3176
+ },
3177
+ "locality": {
3178
+ "ignore_above": 1024,
3179
+ "type": "keyword"
3180
+ },
3181
+ "organization": {
3182
+ "ignore_above": 1024,
3183
+ "type": "keyword"
3184
+ },
3185
+ "organizational_unit": {
3186
+ "ignore_above": 1024,
3187
+ "type": "keyword"
3188
+ },
3189
+ "state_or_province": {
3190
+ "ignore_above": 1024,
3191
+ "type": "keyword"
3192
+ }
3193
+ }
3194
+ },
3195
+ "version_number": {
3196
+ "ignore_above": 1024,
3197
+ "type": "keyword"
3198
+ }
3199
+ }
2635
3200
  }
2636
3201
  }
2637
3202
  },
@@ -2718,6 +3283,10 @@
2718
3283
  "ignore_above": 1024,
2719
3284
  "type": "keyword"
2720
3285
  },
3286
+ "subdomain": {
3287
+ "ignore_above": 1024,
3288
+ "type": "keyword"
3289
+ },
2721
3290
  "top_level_domain": {
2722
3291
  "ignore_above": 1024,
2723
3292
  "type": "keyword"
@@ -2730,10 +3299,130 @@
2730
3299
  },
2731
3300
  "user": {
2732
3301
  "properties": {
3302
+ "changes": {
3303
+ "properties": {
3304
+ "domain": {
3305
+ "ignore_above": 1024,
3306
+ "type": "keyword"
3307
+ },
3308
+ "email": {
3309
+ "ignore_above": 1024,
3310
+ "type": "keyword"
3311
+ },
3312
+ "full_name": {
3313
+ "fields": {
3314
+ "text": {
3315
+ "norms": false,
3316
+ "type": "text"
3317
+ }
3318
+ },
3319
+ "ignore_above": 1024,
3320
+ "type": "keyword"
3321
+ },
3322
+ "group": {
3323
+ "properties": {
3324
+ "domain": {
3325
+ "ignore_above": 1024,
3326
+ "type": "keyword"
3327
+ },
3328
+ "id": {
3329
+ "ignore_above": 1024,
3330
+ "type": "keyword"
3331
+ },
3332
+ "name": {
3333
+ "ignore_above": 1024,
3334
+ "type": "keyword"
3335
+ }
3336
+ }
3337
+ },
3338
+ "hash": {
3339
+ "ignore_above": 1024,
3340
+ "type": "keyword"
3341
+ },
3342
+ "id": {
3343
+ "ignore_above": 1024,
3344
+ "type": "keyword"
3345
+ },
3346
+ "name": {
3347
+ "fields": {
3348
+ "text": {
3349
+ "norms": false,
3350
+ "type": "text"
3351
+ }
3352
+ },
3353
+ "ignore_above": 1024,
3354
+ "type": "keyword"
3355
+ },
3356
+ "roles": {
3357
+ "ignore_above": 1024,
3358
+ "type": "keyword"
3359
+ }
3360
+ }
3361
+ },
2733
3362
  "domain": {
2734
3363
  "ignore_above": 1024,
2735
3364
  "type": "keyword"
2736
3365
  },
3366
+ "effective": {
3367
+ "properties": {
3368
+ "domain": {
3369
+ "ignore_above": 1024,
3370
+ "type": "keyword"
3371
+ },
3372
+ "email": {
3373
+ "ignore_above": 1024,
3374
+ "type": "keyword"
3375
+ },
3376
+ "full_name": {
3377
+ "fields": {
3378
+ "text": {
3379
+ "norms": false,
3380
+ "type": "text"
3381
+ }
3382
+ },
3383
+ "ignore_above": 1024,
3384
+ "type": "keyword"
3385
+ },
3386
+ "group": {
3387
+ "properties": {
3388
+ "domain": {
3389
+ "ignore_above": 1024,
3390
+ "type": "keyword"
3391
+ },
3392
+ "id": {
3393
+ "ignore_above": 1024,
3394
+ "type": "keyword"
3395
+ },
3396
+ "name": {
3397
+ "ignore_above": 1024,
3398
+ "type": "keyword"
3399
+ }
3400
+ }
3401
+ },
3402
+ "hash": {
3403
+ "ignore_above": 1024,
3404
+ "type": "keyword"
3405
+ },
3406
+ "id": {
3407
+ "ignore_above": 1024,
3408
+ "type": "keyword"
3409
+ },
3410
+ "name": {
3411
+ "fields": {
3412
+ "text": {
3413
+ "norms": false,
3414
+ "type": "text"
3415
+ }
3416
+ },
3417
+ "ignore_above": 1024,
3418
+ "type": "keyword"
3419
+ },
3420
+ "roles": {
3421
+ "ignore_above": 1024,
3422
+ "type": "keyword"
3423
+ }
3424
+ }
3425
+ },
2737
3426
  "email": {
2738
3427
  "ignore_above": 1024,
2739
3428
  "type": "keyword"
@@ -2781,6 +3470,70 @@
2781
3470
  },
2782
3471
  "ignore_above": 1024,
2783
3472
  "type": "keyword"
3473
+ },
3474
+ "roles": {
3475
+ "ignore_above": 1024,
3476
+ "type": "keyword"
3477
+ },
3478
+ "target": {
3479
+ "properties": {
3480
+ "domain": {
3481
+ "ignore_above": 1024,
3482
+ "type": "keyword"
3483
+ },
3484
+ "email": {
3485
+ "ignore_above": 1024,
3486
+ "type": "keyword"
3487
+ },
3488
+ "full_name": {
3489
+ "fields": {
3490
+ "text": {
3491
+ "norms": false,
3492
+ "type": "text"
3493
+ }
3494
+ },
3495
+ "ignore_above": 1024,
3496
+ "type": "keyword"
3497
+ },
3498
+ "group": {
3499
+ "properties": {
3500
+ "domain": {
3501
+ "ignore_above": 1024,
3502
+ "type": "keyword"
3503
+ },
3504
+ "id": {
3505
+ "ignore_above": 1024,
3506
+ "type": "keyword"
3507
+ },
3508
+ "name": {
3509
+ "ignore_above": 1024,
3510
+ "type": "keyword"
3511
+ }
3512
+ }
3513
+ },
3514
+ "hash": {
3515
+ "ignore_above": 1024,
3516
+ "type": "keyword"
3517
+ },
3518
+ "id": {
3519
+ "ignore_above": 1024,
3520
+ "type": "keyword"
3521
+ },
3522
+ "name": {
3523
+ "fields": {
3524
+ "text": {
3525
+ "norms": false,
3526
+ "type": "text"
3527
+ }
3528
+ },
3529
+ "ignore_above": 1024,
3530
+ "type": "keyword"
3531
+ },
3532
+ "roles": {
3533
+ "ignore_above": 1024,
3534
+ "type": "keyword"
3535
+ }
3536
+ }
2784
3537
  }
2785
3538
  }
2786
3539
  },
@@ -2842,6 +3595,10 @@
2842
3595
  "ignore_above": 1024,
2843
3596
  "type": "keyword"
2844
3597
  },
3598
+ "type": {
3599
+ "ignore_above": 1024,
3600
+ "type": "keyword"
3601
+ },
2845
3602
  "version": {
2846
3603
  "ignore_above": 1024,
2847
3604
  "type": "keyword"
@@ -2854,18 +3611,6 @@
2854
3611
  }
2855
3612
  }
2856
3613
  },
2857
- "vlan": {
2858
- "properties": {
2859
- "id": {
2860
- "ignore_above": 1024,
2861
- "type": "keyword"
2862
- },
2863
- "name": {
2864
- "ignore_above": 1024,
2865
- "type": "keyword"
2866
- }
2867
- }
2868
- },
2869
3614
  "vulnerability": {
2870
3615
  "properties": {
2871
3616
  "category": {