-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_elastic_template.sh
27 lines (25 loc) · 1.43 KB
/
create_elastic_template.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#!/bin/bash
#Assumes your elastic instance is on localhost which it probably isn't.
curl -X POST "localhost:9200/_template/weblogs_1" -H 'Content-Type: application/json' -d'
{
"index_patterns": ["weblogs*"],
"mappings": {
"properties": {
"date": { "type": "date", "format": "yyyy-MM-dd HH:mm:ss" },
"client_ip": { "type": "ip" },
"client_method": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"request_uri_stem": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"http_response_code": { "type": "integer"},
"referer_page": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"client_user_agent": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"bot_detected": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"query_string": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"cf_edge_result": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"host_header": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"http_protocol": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"ssl_protocol": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}},
"cf_client_result": { "type": "text" ,"fields": { "raw": { "type": "keyword" }}}
}
}
}
'