OPNsense index¶
Create the index template¶
PUT /_index_template/opnsense
{
"index_patterns": ["opnsense"],
"data_stream": {},
"template": {
"settings": {
"number_of_shards": 1,
"number_of_replicas": 1
},
"mappings": {
"properties": {
"@timestamp": { "type": "date" },
"host": { "type": "keyword" },
"message": { "type": "text" },
"severity": { "type": "keyword" },
"src_ip": { "type": "ip" },
"dst_ip": { "type": "ip" },
"src_port": { "type": "integer" },
"dst_port": { "type": "integer" },
"protocol": { "type": "keyword" }
}
}
}
}
Create the data stream index¶
PUT /_data_stream/opnsense