search

StamusNetworks / KTS6

Kibana 6 Templates for Suricata IDPS Threat Hunting
GNU General Public License v3.0
25 stars 6 forks source link

Any plans to support version 7.x? #12

Open lejonpart opened 4 years ago

lejonpart commented 4 years ago 
curl -XPUT -H 'Content-Type: application/json' http://localhost:9200/_template/logstash -d@elasticsearch6-template.json

{"error":{"root_cause":[{"type":"mapper_parsing_exception","reason":"Root mapping definition has unsupported parameters:  [_default_ : {dynamic_templates=[{message_field={path_match=message, mapping={norms=false, type=text}, match_mapping_type=string}}, {string_fields={mapping={norms=false, type=text, fields={keyword={ignore_above=256, type=keyword}}}, match_mapping_type=string, match=*}}], properties={@timestamp={type=date}, geoip={dynamic=true, properties={ip={type=ip}, latitude={type=half_float}, location={type=geo_point}, longitude={type=half_float}}}, @version={type=keyword}}}]"}],"type":"mapper_parsing_exception","reason":"Failed to parse mapping [_doc]: Root mapping definition has unsupported parameters:  [_default_ : {dynamic_templates=[{message_field={path_match=message, mapping={norms=false, type=text}, match_mapping_type=string}}, {string_fields={mapping={norms=false, type=text, fields={keyword={ignore_above=256, type=keyword}}}, match_mapping_type=string, match=*}}], properties={@timestamp={type=date}, geoip={dynamic=true, properties={ip={type=ip}, latitude={type=half_float}, location={type=geo_point}, longitude={type=half_float}}}, @version={type=keyword}}}]","caused_by":{"type":"mapper_parsing_exception","reason":"Root mapping definition has unsupported parameters:  [_default_ : {dynamic_templates=[{message_field={path_match=message, mapping={norms=false, type=text}, match_mapping_type=string}}, {string_fields={mapping={norms=false, type=text, fields={keyword={ignore_above=256, type=keyword}}}, match_mapping_type=string, match=*}}], properties={@timestamp={type=date}, geoip={dynamic=true, properties={ip={type=ip}, latitude={type=half_float}, location={type=geo_point}, longitude={type=half_float}}}, @version={type=keyword}}}]"}},"status":400}
pevma commented 4 years ago

Yes absolutely - on the map for next year.

kramse commented 4 years ago

Hi Peter, can you contact me when you want to work on this, I would like to help. We can probably coordinate over IRC or if you are near Copenhagen :-D Would be nice to have this before TROOPERS

pevma commented 4 years ago

Absolutely - this new stuff will be in time for TROOPERS ! :)