flows_mapping.json

{"situ_2013-07-11":{"mappings":{"flow":{"_all":{"enabled":false},"properties":{"bytes":{"type":"long"},"creation":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"dstAS":{"type":"integer"},"dstCountry":{"type":"keyword"},"dstIP":{"type":"ip","index_options":"freqs"},"dstLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"dstPort":{"type":"integer"},"duration":{"type":"scaled_float","scaling_factor":1000},"flowAppBytes":{"type":"long"},"flowAppDstBytes":{"type":"long"},"flowAppSrcBytes":{"type":"long"},"flowDirection":{"type":"keyword"},"flowDstAppBytes":{"type":"long"},"flowDstBytes":{"type":"long"},"flowDstPackets":{"type":"long"},"flowFlags":{"type":"keyword"},"flowLtime":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"flowPackets":{"type":"long"},"flowPcr":{"type":"scaled_float","scaling_factor":1000},"flowSite":{"type":"keyword"},"flowSrcAppBytes":{"type":"long"},"flowSrcBytes":{"type":"long"},"flowSrcPackets":{"type":"long"},"handled":{"type":"boolean"},"isDstLocal":{"type":"boolean"},"isSrcLocal":{"type":"boolean"},"maliciousnessScore":{"type":"scaled_float","scaling_factor":1000},"proto":{"type":"keyword"},"raw":{"type":"text","index_options":"docs","fields":{"search":{"type":"text","norms":false}}},"score":{"type":"scaled_float","scaling_factor":1000},"scores":{"properties":{"name":{"type":"keyword"},"score":{"type":"scaled_float","scaling_factor":1000}}},"sourceName":{"type":"keyword","index_options":"freqs"},"sourceType":{"type":"keyword","index_options":"freqs"},"srcAS":{"type":"integer"},"srcCountry":{"type":"keyword"},"srcIP":{"type":"ip","index_options":"freqs"},"srcId":{"type":"keyword"},"srcLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"srcPort":{"type":"integer"},"stime":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"uid":{"type":"keyword"},"uuid":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}}}},"_default_":{"_all":{"enabled":false},"properties":{"bytes":{"type":"long"},"creation":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"dstAS":{"type":"integer"},"dstCountry":{"type":"keyword"},"dstIP":{"type":"ip","index_options":"freqs"},"dstLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"dstPort":{"type":"integer"},"duration":{"type":"scaled_float","scaling_factor":1000},"handled":{"type":"boolean"},"isDstLocal":{"type":"boolean"},"isSrcLocal":{"type":"boolean"},"maliciousnessScore":{"type":"scaled_float","scaling_factor":1000},"proto":{"type":"keyword"},"raw":{"type":"text","index_options":"docs","fields":{"search":{"type":"text","norms":false}}},"score":{"type":"scaled_float","scaling_factor":1000},"scores":{"properties":{"name":{"type":"keyword"},"score":{"type":"scaled_float","scaling_factor":1000}}},"sourceName":{"type":"keyword","index_options":"freqs"},"sourceType":{"type":"keyword","index_options":"freqs"},"srcAS":{"type":"integer"},"srcCountry":{"type":"keyword"},"srcIP":{"type":"ip","index_options":"freqs"},"srcId":{"type":"keyword"},"srcLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"srcPort":{"type":"integer"},"stime":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"uid":{"type":"keyword"}}},"alert":{"_all":{"enabled":false},"properties":{"bytes":{"type":"long"},"creation":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"dstAS":{"type":"integer"},"dstCountry":{"type":"keyword"},"dstIP":{"type":"ip","index_options":"freqs"},"dstLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"dstPort":{"type":"integer"},"duration":{"type":"scaled_float","scaling_factor":1000},"handled":{"type":"boolean"},"idsSignature":{"type":"keyword","fields":{"search":{"type":"text","norms":false}}},"isDstLocal":{"type":"boolean"},"isSrcLocal":{"type":"boolean"},"maliciousnessScore":{"type":"scaled_float","scaling_factor":1000},"proto":{"type":"keyword"},"raw":{"type":"text","index_options":"docs","fields":{"search":{"type":"text","norms":false}}},"score":{"type":"scaled_float","scaling_factor":1000},"scores":{"properties":{"name":{"type":"keyword"},"score":{"type":"scaled_float","scaling_factor":1000}}},"sourceName":{"type":"keyword","index_options":"freqs"},"sourceType":{"type":"keyword","index_options":"freqs"},"srcAS":{"type":"integer"},"srcCountry":{"type":"keyword"},"srcIP":{"type":"ip","index_options":"freqs"},"srcId":{"type":"keyword"},"srcLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"srcPort":{"type":"integer"},"stime":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"uid":{"type":"keyword"}}},"firewall":{"_all":{"enabled":false},"properties":{"bytes":{"type":"long"},"creation":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"dstAS":{"type":"integer"},"dstCountry":{"type":"keyword"},"dstIP":{"type":"ip","index_options":"freqs"},"dstLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"dstPort":{"type":"integer"},"duration":{"type":"scaled_float","scaling_factor":1000},"fwAaaUser":{"type":"keyword"},"fwAcl":{"type":"keyword"},"fwAction":{"type":"keyword"},"fwAvgRate":{"type":"long"},"fwBackplaneLink":{"type":"keyword"},"fwBurstRate":{"type":"long"},"fwCode":{"type":"long"},"fwCommand":{"type":"keyword"},"fwConnId":{"type":"long"},"fwCummulativeTotalCount":{"type":"long"},"fwDenyFlowLimit":{"type":"long"},"fwDirection":{"type":"keyword"},"fwDstIf":{"type":"keyword"},"fwDstSvc":{"type":"integer"},"fwFile":{"type":"keyword"},"fwFragOffset":{"type":"long"},"fwFragSize":{"type":"long"},"fwFromPriv":{"type":"integer"},"fwId":{"type":"keyword"},"fwIf":{"type":"keyword"},"fwInUse":{"type":"long"},"fwMaxAvgRate":{"type":"long"},"fwMaxBurstRate":{"type":"long"},"fwMostUsed":{"type":"long"},"fwObject":{"type":"keyword"},"fwPriority":{"type":"byte"},"fwRateId":{"type":"keyword"},"fwReason":{"type":"keyword"},"fwRunning":{"type":"keyword"},"fwSrcIf":{"type":"keyword"},"fwToPriv":{"type":"integer"},"fwType":{"type":"long"},"fwUser":{"type":"keyword","fields":{"search":{"type":"text","norms":false}}},"handled":{"type":"boolean"},"isDstLocal":{"type":"boolean"},"isSrcLocal":{"type":"boolean"},"maliciousnessScore":{"type":"scaled_float","scaling_factor":1000},"proto":{"type":"keyword"},"raw":{"type":"text","index_options":"docs","fields":{"search":{"type":"text","norms":false}}},"score":{"type":"scaled_float","scaling_factor":1000},"scores":{"properties":{"name":{"type":"keyword"},"score":{"type":"scaled_float","scaling_factor":1000}}},"sourceName":{"type":"keyword","index_options":"freqs"},"sourceType":{"type":"keyword","index_options":"freqs"},"srcAS":{"type":"integer"},"srcCountry":{"type":"keyword"},"srcIP":{"type":"ip","index_options":"freqs"},"srcId":{"type":"keyword"},"srcLocation":{"properties":{"location":{"properties":{"lat":{"type":"float"},"lon":{"type":"float"}}}}},"srcPort":{"type":"integer"},"stime":{"type":"date","format":"yyyy-MM-dd'T'HH:mm:ss.SSSSSSZ || yyyy-MM-dd'T'HH:mm:ss.SSSSSS || yyyy-MM-dd'T'HH:mm:ss.SSS || yyyy-MM-dd'T'HH:mm:ssZ || yyyy-MM-dd'T'HH:mm:ss || epoch_millis"},"uid":{"type":"keyword"}}}}}}