From fe687a5fafe0b3e952bf861e8be1bfcc44b19fc4 Mon Sep 17 00:00:00 2001
From: Cole White <cwhite@wikimedia.org>
Date: Fri, 1 Jul 2022 16:27:10 +0000
Subject: [PATCH] Add 2x default template.

Closes: #145

Signed-off-by: Cole White <cwhite@wikimedia.org>
---
 .../opensearch/templates/ecs-disabled/2x.json | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 lib/logstash/outputs/opensearch/templates/ecs-disabled/2x.json

diff --git a/lib/logstash/outputs/opensearch/templates/ecs-disabled/2x.json b/lib/logstash/outputs/opensearch/templates/ecs-disabled/2x.json
new file mode 100644
index 0000000..608a872
--- /dev/null
+++ b/lib/logstash/outputs/opensearch/templates/ecs-disabled/2x.json
@@ -0,0 +1,44 @@
+{
+  "index_patterns" : "logstash-*",
+  "version" : 60001,
+  "settings" : {
+    "index.refresh_interval" : "5s",
+    "number_of_shards": 1
+  },
+  "mappings" : {
+    "dynamic_templates" : [ {
+      "message_field" : {
+        "path_match" : "message",
+        "match_mapping_type" : "string",
+        "mapping" : {
+          "type" : "text",
+          "norms" : false
+        }
+      }
+    }, {
+      "string_fields" : {
+        "match" : "*",
+        "match_mapping_type" : "string",
+        "mapping" : {
+          "type" : "text", "norms" : false,
+          "fields" : {
+            "keyword" : { "type": "keyword", "ignore_above": 256 }
+          }
+        }
+      }
+    } ],
+    "properties" : {
+      "@timestamp": { "type": "date"},
+      "@version": { "type": "keyword"},
+      "geoip"  : {
+        "dynamic": true,
+        "properties" : {
+          "ip": { "type": "ip" },
+          "location" : { "type" : "geo_point" },
+          "latitude" : { "type" : "half_float" },
+          "longitude" : { "type" : "half_float" }
+        }
+      }
+    }
+  }
+}
\ No newline at end of file