For example if I want to add extra custom fields such as digipolis.team
to my data (a field on which we base access controls), then I need to provide a mapping for that. Up to this day we use a higher order template containing those extra custom fields.
So for example with the new templates, I'm wondering on how to do this?
So a simple solution would be to add the extra fields to the component template metrics-mappings
:
GET _component_template/metrics-mappings
{
"component_templates" : [
{
"name" : "metrics-mappings",
"component_template" : {
"template" : {
"mappings" : {
"dynamic_templates" : [
{
"strings_as_keyword" : {
"mapping" : {
"ignore_above" : 1024,
"type" : "keyword"
},
"match_mapping_type" : "string"
}
}
],
"date_detection" : false,
"properties" : {
"@timestamp" : {
"type" : "date"
},
"ecs" : {
"properties" : {
"version" : {
"ignore_above" : 1024,
"type" : "keyword"
}
}
},
"digipolis" : {
"properties" : {
"team" : {
"ignore_above" : 1024,
"type" : "keyword"
}
}
},
"data_stream" : {
"properties" : {
"namespace" : {
"type" : "constant_keyword"
},
"type" : {
"type" : "constant_keyword",
"value" : "metrics"
},
"dataset" : {
"type" : "constant_keyword"
}
}
},
"host" : {
"properties" : {
"ip" : {
"type" : "ip"
}
}
}
}
}
},
"version" : 0,
"_meta" : {
"managed" : true,
"description" : "default mappings for the metrics index template installed by x-pack"
}
}
}
]
}
digipolis.team would mapped properly in all metrics-* indices. But the metrics-mappings
component template might be overwritten during an update? So I'm hoping to find a better option to be able to add extra fields with less risk for issues after updates.
Grtz
Willem