diff --git a/scripts/generate/logs/index.js b/scripts/generate/logs/index.js
index 561463e05..495cd3841 100644
--- a/scripts/generate/logs/index.js
+++ b/scripts/generate/logs/index.js
@@ -135,6 +135,47 @@ function createIndex(indexName) {
type: 'string',
index: 'not_analyzed'
}
+ },
+ geo: {
+ properties: {
+ srcdst: {
+ type: 'string',
+ index: 'not_analyzed'
+ },
+ dst: {
+ type: 'string',
+ index: 'not_analyzed'
+ },
+ src: {
+ type: 'string',
+ index: 'not_analyzed'
+ },
+ coordinates: {
+ type: 'geo_point'
+ }
+ }
+ },
+ meta: {
+ properties: {
+ related: {
+ type: 'string',
+ },
+ char: {
+ type: 'string',
+ index: 'not_analyzed'
+ },
+ user: {
+ properties: {
+ firstname: {
+ type: 'string',
+ },
+ lastname: {
+ type: 'integer',
+ index: 'not_analyzed'
+ }
+ }
+ }
+ }
}
}
}
@@ -251,19 +292,25 @@ async.timesSeries(total, function (i, done) {
var event = {};
event.index = indexName;
- event['@timestamp'] = dateAsIso;
- event.ip = samples.ips();
- event.extension = samples.extensions();
- event.response = samples.responseCodes();
- event.country = samples.countries();
- event.point = samples.airports();
+ event['@timestamp'] = dateAsIso;
+ event.ip = samples.ips();
+ event.extension = samples.extensions();
+ event.response = samples.responseCodes();
+
+ event.geo = {
+ coordinates: samples.airports(),
+ src: samples.countries(),
+ dest: samples.countries()
+ };
+ event.geo.srcdest = event.geo.src + ':' + event.geo.dest;
+
event['@tags'] = [
samples.tags(),
samples.tags2()
];
- event.utc_time = dateAsIso;
- event.referer = 'http://' + samples.referrers() + '/' + samples.tags() + '/' + samples.astronauts();
- event.agent = samples.userAgents();
+ event.utc_time = dateAsIso;
+ event.referer = 'http://' + samples.referrers() + '/' + samples.tags() + '/' + samples.astronauts();
+ event.agent = samples.userAgents();
event.clientip = event.ip;
event.bytes = event.response < 500 ? samples.lessRandomRespSize() : 0;
event.request = '/' + samples.astronauts() + '.' + event.extension;
@@ -272,6 +319,22 @@ async.timesSeries(total, function (i, done) {
}
event['@message'] = event.ip + ' - - [' + dateAsIso + '] "GET ' + event.request + ' HTTP/1.1" ' +
event.response + ' ' + event.bytes + ' "-" "' + event.agent + '"';
+ event.spaces = 'this is a thing with lots of spaces wwwwoooooo';
+ event.xss = '';
+ event.headings = [
+ '' + samples.astronauts() + '',
+ 'http://' + samples.referrers() + '/' + samples.tags() + '/' + samples.astronauts()
+ ];
+ event.links = [
+ samples.astronauts() + '@' + samples.referrers(),
+ 'http://' + samples.referrers() + '/' + samples.tags2() + '/' + samples.astronauts(),
+ 'www.' + samples.referrers()
+ ];
+
+ event.machine = {
+ os: samples.randomOs(),
+ ram: samples.randomRam()
+ };
eventBuffer.push({
header: {
diff --git a/scripts/generate/logs/samples/index.js b/scripts/generate/logs/samples/index.js
index 20b318ef9..c1e11d693 100644
--- a/scripts/generate/logs/samples/index.js
+++ b/scripts/generate/logs/samples/index.js
@@ -29,6 +29,9 @@ exports.make = function (startingMoment, endingMoment) {
stdev: dayMs * 0.15,
}, 'get');
+ sets.randomRam = new RandomList(require('./ram'));
+ sets.randomOs = new RandomList(require('./os'));
+
sets.astronauts = new RandomList(require('./astronauts').map(function (name) {
return name.replace(/\W+/g, '-').toLowerCase();
}));
diff --git a/scripts/generate/logs/samples/os.js b/scripts/generate/logs/samples/os.js
new file mode 100644
index 000000000..2af0fe77f
--- /dev/null
+++ b/scripts/generate/logs/samples/os.js
@@ -0,0 +1,7 @@
+module.exports = [
+ 'osx',
+ 'ios',
+ 'win xp',
+ 'win 7',
+ 'win 8'
+];
\ No newline at end of file
diff --git a/scripts/generate/logs/samples/ram.js b/scripts/generate/logs/samples/ram.js
new file mode 100644
index 000000000..0061293c8
--- /dev/null
+++ b/scripts/generate/logs/samples/ram.js
@@ -0,0 +1,24 @@
+var gb = 1024 * 1024 * 1024;
+
+module.exports = [
+ 2 * gb,
+ 3 * gb,
+ 4 * gb,
+ 5 * gb,
+ 6 * gb,
+ 7 * gb,
+ 8 * gb,
+ 9 * gb,
+ 10 * gb,
+ 11 * gb,
+ 12 * gb,
+ 13 * gb,
+ 14 * gb,
+ 15 * gb,
+ 16 * gb,
+ 17 * gb,
+ 18 * gb,
+ 19 * gb,
+ 20 * gb,
+ 30 * gb,
+];
\ No newline at end of file