SENSSOFT-217: Updated mappings
Project: http://git-wip-us.apache.org/repos/asf/incubator-senssoft/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-senssoft/commit/e976976f Tree: http://git-wip-us.apache.org/repos/asf/incubator-senssoft/tree/e976976f Diff: http://git-wip-us.apache.org/repos/asf/incubator-senssoft/diff/e976976f Branch: refs/heads/asf-site Commit: e976976f70279dfd6bea3b4529021861aa134e5f Parents: f30bf2a Author: msb3399 <mbe...@draper.com> Authored: Tue Jul 25 17:35:05 2017 -0400 Committer: msb3399 <mbe...@draper.com> Committed: Tue Jul 25 17:35:05 2017 -0400 ---------------------------------------------------------------------- docker/logstash/config/logstash-userale.conf | 23 +- docker/logstash/templates/userale.json | 308 +++++++++++----------- 2 files changed, 160 insertions(+), 171 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-senssoft/blob/e976976f/docker/logstash/config/logstash-userale.conf ---------------------------------------------------------------------- diff --git a/docker/logstash/config/logstash-userale.conf b/docker/logstash/config/logstash-userale.conf index 77bee34..a16c434 100644 --- a/docker/logstash/config/logstash-userale.conf +++ b/docker/logstash/config/logstash-userale.conf @@ -26,29 +26,14 @@ input { ## Add your filters / logstash plugins configuration here filter { - # mutate { - # remove_field => [ "message", "@version", "@timestamp"] - # } + mutate { + remove_field => [ "message", "@version", "headers"] + } grok { match => [ "useraleVersion", "(?<major_ver>\d+).(?<minor_ver>\d+)(.(?<patch_ver>\d+))?" ] match => [ "toolVersion", "(?<tool_major_ver>\d+).(?<tool_minor_ver>\d+)(.(?<tool_patch_ver>\d+))?" ] } - - # dns { - # add_field => [ "hostname", "%{host}" ] - # } - - # dns { - # resolve => [ "host" ] - # action => [ "replace" ] - # } - - # geoip { - # source => "host" - # database => "/usr/share/logstash/GeoIP/GeoIP.dat" - # target => "geoip" - # } } output { @@ -56,8 +41,6 @@ output { elasticsearch { hosts => "elasticsearch1:9200" index => "userale" - # user => "elastic" - # password => "changeme" document_type => "logs" manage_template => true template_overwrite => true http://git-wip-us.apache.org/repos/asf/incubator-senssoft/blob/e976976f/docker/logstash/templates/userale.json ---------------------------------------------------------------------- diff --git a/docker/logstash/templates/userale.json b/docker/logstash/templates/userale.json index e5d8f91..8e64f75 100644 --- a/docker/logstash/templates/userale.json +++ b/docker/logstash/templates/userale.json @@ -1,157 +1,163 @@ { - "template" : "userale", - "order" : 1, - "settings" : { - "number_of_shards" : 1, - "number_of_replicas" : 0, - "index.refresh_interval" : "5s" - }, - "mappings" : { - "_default_" : { - "_all" : { - "enabled" : false - }, - "properties" : { - "geoip" : { - "properties" : { - "ip" : { - "type" : "ip" - }, - "country_code2" : { - - "type" : "keyword" - }, - "country_code3" : { - - "type" : "keyword" - }, - "country_name" : { - - "type" : "keyword" - }, - "continent_code" : { - - "type" : "keyword" - }, - "region_name" : { - - "type" : "keyword" - }, - "city_name" : { - - "type" : "keyword" - }, - "postal_code" : { - - "type" : "keyword" - }, - "latitude" : { - "type" : "float" - }, - "longitude" : { - "type" : "float" - }, - "dma_code" : { - "type" : "integer" - }, - "area_code" : { - "type" : "long" - }, - "timezone" : { - - "type" : "keyword" - }, - "real_region_name" : { - - "type" : "keyword" - }, - "location" : { - "doc_values" : true, - "type" : "geo_point" - } - } - } - } + "template": "userale", + "order": 1, + "settings": + { + "number_of_shards": 1, + "number_of_replicas": 0, + "index.refresh_interval": "5s" }, - "logs" : { - "properties" : { - "userAction" : { - "type" : "boolean" - }, - "type" : { - - "type" : "keyword" - }, - "clientTime" : { - "type" : "date", - "format" : "strict_date_optional_time||epoch_millis" - }, - "target" : { - - "type" : "keyword" - }, - "path" : { - - "type" : "keyword" - }, - "details" : { - "type" : "object", - "properties" : { - "source" : { - "type" : "keyword" - } - } - }, - "location" : { - "type" : "object", - "properties" : { - "x" : { - "type" : "integer" + "mappings": + { + "_default_": + { + "_all": + { + "enabled": false }, - "y" : { - "type" : "integer" - } - } - }, - "userId" : { - - "type" : "keyword" - }, - "session" : { - - "type" : "keyword" - }, - "toolName" : { - - "type" : "keyword" }, - "toolVersion" : { - - "type" : "keyword" - }, - "useraleVersion" : { - - "type" : "keyword" - }, - "major_ver" : { - "type" : "integer" - }, - "minor_ver" : { - "type" : "integer" - }, - "patch_ver" : { - "type" : "integer" - }, - "tool_major_ver" : { - "type" : "integer" - }, - "tool_minor_ver" : { - "type" : "integer" - }, - "tool_patch_ver" : { - "type" : "integer" + "logs": + { + "properties": + { + "userAction": + { + "type": "boolean" + }, + "type": + { + "type": "keyword" + }, + "clientTime": + { + "type": "date", + "format": "strict_date_optional_time||epoch_millis" + }, + "target": + { + "type": "keyword" + }, + "count": + { + "type": "integer" + }, + "logType": + { + "type": "keyword" + }, + "targetChange": + { + "type": "boolean" + }, + "typeChange": + { + "type": "boolean" + }, + "path": + { + "type": "keyword" + }, + "details": + { + "properties": + { + "alt": + { + "type": "boolean" + }, + "clicks": + { + "type": "integer" + }, + "ctrl": + { + "type": "boolean" + }, + "meta": + { + "type": "boolean" + }, + "shift": + { + "type": "boolean" + }, + "window": + { + "type": "boolean" + }, + "x": + { + "type": "integer" + }, + "y": + { + "type": "integer" + }, + "z": + { + "type": "integer" + } + } + }, + "location": + { + "properties": + { + "x": + { + "type": "integer" + }, + "y": + { + "type": "integer" + } + } + }, + "userId": + { + "type": "keyword" + }, + "session": + { + "type": "keyword" + }, + "toolName": + { + "type": "keyword" + }, + "toolVersion": + { + "type": "keyword" + }, + "useraleVersion": + { + "type": "keyword" + }, + "major_ver": + { + "type": "integer" + }, + "minor_ver": + { + "type": "integer" + }, + "patch_ver": + { + "type": "integer" + }, + "tool_major_ver": + { + "type": "integer" + }, + "tool_minor_ver": + { + "type": "integer" + }, + "tool_patch_ver": + { + "type": "integer" + } + } } - } } - } -} \ No newline at end of file +} \ No newline at end of file
