-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathaws_vpc_flow-1.0.0.mapping
115 lines (115 loc) · 2.99 KB
/
aws_vpc_flow-1.0.0.mapping
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
{
"template": {
"mappings": {
"_meta": {
"version": "1.0.0",
"catalog": "observability",
"type": "logs",
"component": "aws_vpc_flow",
"labels": ["aws", "vpc"]
},
"properties": {
"aws": {
"properties": {
"vpc": {
"properties": {
"version": {
"type": "keyword"
},
"account-id": {
"type": "keyword"
},
"region": {
"type": "keyword"
},
"az-id": {
"type": "keyword"
},
"vpc-id": {
"type": "keyword"
},
"subnet-id": {
"type": "keyword"
},
"tcp-flags": {
"type": "keyword"
},
"type": {
"type": "keyword"
},
"interface-id": {
"type": "keyword"
},
"instance-id": {
"type": "keyword"
},
"srcaddr": {
"type": "keyword"
},
"dstaddr": {
"type": "keyword"
},
"srcport": {
"type": "long"
},
"dstport": {
"type": "long"
},
"protocol": {
"type": "keyword"
},
"protocol-code": {
"type": "keyword"
},
"packets": {
"type": "long"
},
"bytes": {
"type": "long"
},
"start": {
"type": "date",
"format": "epoch_second"
},
"end": {
"type": "date",
"format": "epoch_second"
},
"flow-direction": {
"type": "keyword"
},
"pkt-src-aws-service": {
"type": "keyword"
},
"pkt-srcaddr": {
"type": "keyword"
},
"pkt-dst-aws-service": {
"type": "keyword"
},
"pkt-dstaddr": {
"type": "keyword"
},
"traffic-path": {
"type": "keyword"
},
"action": {
"type": "keyword"
},
"log-status": {
"type": "keyword"
},
"sublocation-id": {
"type": "keyword"
},
"sublocation-type": {
"type": "keyword"
}
}
}
}
}
}
}
}
}