DELETE after,before
PUT before/
{
"mappings": {
"properties": {
"@timestamp": {
"type": "date"
Tomonori Soejima TomonoriSoejima
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script to extract rule names from Kibana detection engine files based on IDs in id_list | |
| # Alternative version without ag dependency | |
| # Usage: ./extract_rule_names_simple.sh | |
| # Extract top 50 siem.eqlRule IDs from logs/kibana.service and save to top_siem_ids.txt | |
| if [[ -f "logs/kibana.service" ]]; then | |
| echo "Extracting top 50 siem.eqlRule IDs from logs/kibana.service..." |
# making test data
POST _bulk
{"index":{"_index":"hotel","_id":1}}
{"star":24,"price":28631,"capacity":1245,"hotel_name":"hotel1","group":"G2","country":"FRANCE","city":"Nara","busy_month":"DECEMBER","timestamp":"2023-08-16T08:52:11.000Z","has_parking":"no","menu":["Pizza","Yakitori","Ramen"],"closed":["WEDNESDAY","TUESDAY"]}
{"index":{"_index":"hotel","_id":2}}
{"star":7,"price":18538,"capacity":1043,"hotel_name":"hotel2","group":"G4","country":"BRAZIL","city":"Nara","busy_month":"FEBRUARY","timestamp":"2023-08-15T08:52:11.000Z","has_parking":"yes","menu":["Tonkatsu","Somen","Salad"],"closed":["MONDAY","SUNDAY"]}
{"index":{"_index":"hotel","_id":3}}
{"star":20,"price":5608,"capacity":1614,"hotel_name":"hotel3","group":"G1","country":"HAWAII","city":"Tokyo","busy_month":"DECEMBER","timestamp":"2023-08-14T08:52:11.000Z","has_parking":"no","menu":["Sakana","Soba","Burger"],"closed":["SUNDAY","TUESDAY"]}
{"index":{"_index":"hotel","_id":4}}
GET .fleet-agents-7/_search?size=2
{
"sort": [
{
"updated_at": {
"order": "desc"
}
}
]
TomonoriSoejima
/ dynamic_templates_test.md
Created
November 21, 2022 02:03
dynamic_templates_test.md
DELETE my-index-00000*
PUT my-index-000001
{
"mappings": {
"dynamic_templates": [
{
"integers": {
"match_mapping_type": "long",
"mapping": {
- testing cold thing
PUT _ilm/policy/test-cold-policy
{
"policy": {
"phases": {
"hot": {
"min_age": "0s",
"actions": {
// You can edit this code!
// Click here and start typing.
package main
import (
"fmt"
"regexp"
)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { "create":{ } } | |
| {"star":9,"price":13302,"capacity":1261,"hotel_name":"hotel1","group":"G3","country":"JAPAN","city":"Osaka","busy_month":"AUGUST","@timestamp":"2022-01-31T14:56:10.000Z","has_parking":"no","menu":["Yakitori","Ramen","Sakana"],"cloesd":["THURSDAY","SATURDAY"]} | |
| { "create":{ } } | |
| {"star":11,"price":32852,"capacity":1276,"hotel_name":"hotel2","group":"G4","country":"CHILI","city":"Kyoto","busy_month":"JUNE","@timestamp":"2022-01-31T14:56:09.000Z","has_parking":"yes","menu":["Somen","Salad","Burger"],"cloesd":["FRIDAY","WEDNESDAY"]} | |
| { "create":{ } } | |
| {"star":8,"price":5422,"capacity":217,"hotel_name":"hotel3","group":"G1","country":"BRAZIL","city":"Osaka","busy_month":"NOVEMBER","@timestamp":"2022-01-31T14:56:08.000Z","has_parking":"no","menu":["Inari","Salad","Yakiniku"],"cloesd":["THURSDAY","MONDAY"]} | |
| { "create":{ } } | |
| {"star":17,"price":20583,"capacity":407,"hotel_name":"hotel4","group":"G5","country":"INDIA","city":"Nara","busy_month":"JANUARY","@timestamp":"2022-01-31T14:56:07.000Z","has_parking |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/2.pdf": "校長室からみなさんへ1 (PDF 848.2KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/3.pdf": "校長室からみなさんへ2 (PDF 545.0KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/4.pdf": "校長室からみなさんへ3 (PDF 788.4KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/5.pdf": "校長室からみなさんへ4 (PDF 363.8KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/6.pdf": "校長室からみなさんへ5 (PDF 1.3MB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/7.pdf": "校長室からみなさんへ6 (PDF 636.7KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/8.pdf": "校長室からみなさんへ7 (PDF 779.7KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/9.pdf": "校長室からみなさんへ8 (PDF 780.4KB)", | |
| "https://www.city-urayasu.ed.jp/_res/projects/school/_page_/003/017/118/10.pdf": "校長室からみなさんへ9 (PDF 818.1KB)", |
systemctl start kibana
systemctl status kibana
logrotate -fv /etc/logrotate.d/kibana-service
[root@tomo-linux surfer]# cat /var/lib/logrotate/logrotate.status | grep kibana
NewerOlder