The following JSON payload is used to illustrate some of the capabilities of mapping.
Sample 1:
{ "network":{ "type":"ipv6", "direction":"inbound-XYZ", "iana_number":41 }, "error":{ "code":"process has exited. inode=0, tcp_state=TIME-WAIT" }, "user":{ "name":"root", "full_name":"root", "id":"0" }, "destination":{ "ip":"127.0.0.1", "port":2282 }, "service":{ "type":"system" }, "event":{ "duration":17345372, "dataset":"system.socket", "module":"system" }, "tags":[ "beats_input_raw_event" ], "ecs":{ "version":"1.6.0" }, "host":{ "architecture":"x86_64", "os":{ "name":"Red Hat Enterprise Linux Server", "family":"redhat", "platform":"rhel", "version":"7.9 (Maipo)", "codename":"Maipo", "kernel":"3.10.0-1160.6.1.el7.x86_64" }, "containerized":false, "name":"vl-vm-ic762", "id":"d69e0181566b99b60326991cad162e19", "ip":[ "10.247.152.27", "fe80::f816:3eff:fe63:615f" ], "mac":[ "fa:16:3e:63:61:5f" ], "hostname":"vl-vm-ic762" }, "@timestamp":"2021-02-10T00:02:42.705Z", "source":{ "ip":"127.0.0.1", "port":34086 }, "metricset":{ "period":300000, "name":"socket" }, "agent":{ "name":"vl-vm-ic762", "type":"metricbeat", "ephemeral_id":"64506ba5-3ea9-4a76-a0d9-7b1d369cc807", "id":"705840f2-3674-4c2e-9a70-081042d34ee1", "version":"7.10.0", "hostname":"vl-vm-ic762" }, "@version":"1", "system":{ "socket":{ "remote":{ "ip":"127.0.0.1", "port":34086 }, "local":{ "ip":"127.0.0.1", "port":2282 } } } }
Sample 2:
{ "severity": "Critical", "alarmTimeOffset": "+00:00", "neId": "UADPF_153001011", "code": "A1699460R", "probableCause": "service-off", "clearTime": "2023-05-23 21:55:13", "alarmTime": "2023-05-23 21:55:07", "location": "/DEGRR/DEGRR00123A-NR", "neName": "DEGRR00123A", "group": ["Equipment", "Radio","Out"], "parameters" : [1,2,3,4], "devs" : {"dev1": "abc","dev2":"xyz"} }