Table of Index Mapping
The following table describes the mapping of simple Horizon events to the Raw Events Index. Note that fields that begin with an underscore (_) are internal to Elasticsearch.
Event Index Fields | Description | ||
---|---|---|---|
Event Field |
Example Event JSON |
Type |
Description |
_index |
"_index": "opennms-raw-events-2017.03" |
string |
The Elasticsearch index to store the document. |
_type |
"_type": "eventdata" |
string |
Either |
_id |
"_id": "1110" |
string |
The event or alarm ID, if present. |
_score |
"_score": 1 |
long |
Internal Elasticsearch ranking of the search result. |
_source |
"_source": {…} |
string |
The content of the document to store. |
@timestamp |
"@timestamp": "2017-03-02T15:20:56.861Z" |
date |
Time from |
dom |
"dom": "2" |
long |
Day of month from |
dow |
"dow": "5" |
long |
Day of week from |
hour |
"hour": "15" |
long |
Hour of day from |
eventdescr |
"eventdescr": "<p>Alarm <ahref="/opennms/alarm/detail.htm?id=30">30</a> Cleared<p>" |
string |
Event description. |
eventseverity |
"eventseverity": "3" |
long |
Event severity. |
eventseverity_text |
"eventseverity_text": "Normal" |
string |
Text representation of severity value. |
eventsource |
"eventsource": "AlarmChangeNotifier" |
string |
OpenNMS event source. |
eventuei |
"eventuei": "uei.opennms.org/plugin/AlarmChangeNotificationEvent/AlarmCleared" |
string |
OpenNMS unique event identifier (UEI) of the event. |
id |
"id": "1110" |
string |
Event ID. |
interface |
"interface": "127.0.0.1" |
string |
Interface of the event. |
ipaddr |
"ipaddr": "127.0.0.1" |
string |
IP address of the event. |
logmsg |
"logmsg": "<p>Alarm <a href="/opennms/alarm/detail.htm?id=30">30</a> Cleared<p>" |
string |
Log message of the event. |
logmsgdest |
"logmsgdest": "logndisplay" |
string |
Log destination of the event. |
asset-category |
"asset-category": "Power" |
string |
All |
asset-building |
"asset-building": "55" |
string |
|
asset-room |
"asset-room": "F201" |
string |
|
asset-floor |
"asset-floor": "Gnd" |
string |
|
asset-rack |
"asset-rack": "2101" |
string |
|
categories |
"categories": "" |
string |
|
foreignid |
"foreignid": "1488375237814" |
string |
Foreign ID of the node associated with the event. |
foreignsource |
"foreignsource": "LocalTest" |
string |
Foreign source of the node associated with event. |
nodeid |
"nodeid": "88" |
string |
Node ID of the node associated with the alarm or event. |
nodelabel |
"nodelabel": "localhost" |
string |
Node label of the node associated with the alarm or event. |
nodesyslocation |
"nodesyslocation": "Unknown (edit /etc/snmp/snmpd.conf)" |
string |
SNMP |
nodesysname |
"nodesysname": "localhost.localdomain" |
string |
SNMP |
qosalarmstate |
"qosalarmstate": null |
string |