search

opc40772 / pfsense-graylog

Pfsense Logs Parsed by Graylog
GNU General Public License v3.0
82 stars 117 forks source link

pfsense_custom_template file does not work on upload in cerebro 0.9.2 #17

Open enokmn opened 4 years ago

enokmn commented 4 years ago

Changed it to

{ "order": -1, "index_patterns": "pfsense_*", "settings": { "index": { "analysis": { "analyzer": { "analyzer_keyword": { "filter": "lowercase", "tokenizer": "keyword" } } }, "max_result_window": "1000000" } }, "mappings": { "message": { "_source": { "enabled": true }, "dynamic_templates": [ { "internal_fields": { "mapping": { "type": "keyword" }, "match_mapping_type": "string", "match": "gl2_*" } }, { "store_generic": { "mapping": { "type": "keyword" }, "match_mapping_type": "string" } } ], "properties": { "gl2_processing_timestamp": { "format": "yyyy-MM-dd HH:mm:ss.SSS", "type": "date" }, "gl2_accounted_message_size": { "type": "long" }, "gl2_receive_timestamp": { "format": "yyyy-MM-dd HH:mm:ss.SSS", "type": "date" }, "full_message": { "fielddata": false, "analyzer": "standard", "type": "text" }, "streams": { "type": "keyword" }, "source": { "fielddata": true, "analyzer": "analyzer_keyword", "type": "text" }, "message": { "fielddata": false, "analyzer": "standard", "type": "text" }, "timestamp": { "format": "yyyy-MM-dd HH:mm:ss.SSS", "type": "date" } } } }, "aliases": {} }

davkar3n commented 3 years ago

this syntax does not work