Implement the creation of the System index template and index (#61)

* Add wazuh-states-inventory-system template * Create wazuh-states-inventory-system index tempalte --------- Signed-off-by: Álex Ruiz <alejandro.ruiz.becerra@wazuh.com> Co-authored-by: Álex Ruiz <alejandro.ruiz.becerra@wazuh.com>
wazuh · Sep 13, 2024 · 8ee0af7 · 8ee0af7
1 parent fc3ce29
commit 8ee0af7
Show file tree

Hide file tree

Showing 2 changed files with 82 additions and 0 deletions.
diff --git a/plugins/wazuh-indexer-setup/src/main/java/org/wazuh/setup/index/WazuhIndices.java b/plugins/wazuh-indexer-setup/src/main/java/org/wazuh/setup/index/WazuhIndices.java
@@ -51,6 +51,7 @@ public WazuhIndices(Client client, ClusterService clusterService) {
         // Create Index Templates - Indices map
         this.indexTemplates.put("index-template-agent", ".agents");
         this.indexTemplates.put("index-template-alerts", "wazuh-alerts-5.x-0001");
+        this.indexTemplates.put("index-template-system", "wazuh-states-inventory-system");
         this.indexTemplates.put("index-template-processes", "wazuh-states-inventory-processes");
         this.indexTemplates.put("index-template-packages", "wazuh-states-inventory-packages");
     }

diff --git a/plugins/wazuh-indexer-setup/src/main/resources/index-template-system.json b/plugins/wazuh-indexer-setup/src/main/resources/index-template-system.json
@@ -0,0 +1,81 @@
+{
+  "index_patterns": [
+    "wazuh-states-inventory-system*"
+  ],
+  "mappings": {
+    "date_detection": false,
+    "dynamic": "strict",
+    "properties": {
+      "@timestamp": {
+        "type": "date"
+      },
+      "agent": {
+        "properties": {
+          "groups": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "id": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          }
+        }
+      },
+      "host": {
+        "properties": {
+          "architecture": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "hostname": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "name": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "os": {
+            "properties": {
+              "full": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "kernel": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "platform": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "type": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "version": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "order": 1,
+  "settings": {
+    "index": {
+      "number_of_replicas": "0",
+      "number_of_shards": "1",
+      "query.default_field": [
+        "agent.id",
+        "agent.groups",
+        "host.name",
+        "host.os.type",
+        "host.os.version"
+      ],
+      "refresh_interval": "5s"
+    }
+  }
+}