Nicer demo (#120)

- Remove annoying errors with timestamp - Add reasonable defaults for full-text search
QuesmaOrg · May 15, 2024 · b9798f2 · b9798f2
1 parent 87b536e
commit b9798f2
Showing 1 changed file with 3 additions and 5 deletions.
diff --git a/docker/quesma/config/hydrolix-demo.yml b/docker/quesma/config/hydrolix-demo.yml
@@ -15,6 +15,8 @@ indexes:
       timestamp:
         source: "@timestamp"
         target: "reqTimeSec"
+    fullTextFields: [ "city", "reqHost", "reqMethod", "reqPath",  "UA", "state", "rspContentType" ]
+
   siem:
     enabled: true
     ignoredFields:
@@ -23,9 +25,5 @@ indexes:
       "botData": true
       "userRiskData": true
       "clientData": true
-    fullTextFields: [ "country" ]
-    aliases:
-      timestamp:
-        source: "@timestamp"
-        target: "timestamp"
+    fullTextFields: [ "city", "country", "host", "method", "path", "ruleMessage", "UA" ]