From 565a0dc88dafb448443f8af4be4c504c321dbe26 Mon Sep 17 00:00:00 2001
From: f-galland <federico.galland@wazuh.com>
Date: Thu, 12 Sep 2024 18:15:40 -0300
Subject: [PATCH 1/2] Add wazuh-states-inventory-system template

---
 .../main/resources/index-template-system.json | 81 +++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 plugins/wazuh-indexer-setup/src/main/resources/index-template-system.json

diff --git a/plugins/wazuh-indexer-setup/src/main/resources/index-template-system.json b/plugins/wazuh-indexer-setup/src/main/resources/index-template-system.json
new file mode 100644
index 0000000..acdf341
--- /dev/null
+++ b/plugins/wazuh-indexer-setup/src/main/resources/index-template-system.json
@@ -0,0 +1,81 @@
+{
+  "index_patterns": [
+    "wazuh-states-inventory-system*"
+  ],
+  "mappings": {
+    "date_detection": false,
+    "dynamic": "strict",
+    "properties": {
+      "@timestamp": {
+        "type": "date"
+      },
+      "agent": {
+        "properties": {
+          "groups": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "id": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          }
+        }
+      },
+      "host": {
+        "properties": {
+          "architecture": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "hostname": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "name": {
+            "ignore_above": 1024,
+            "type": "keyword"
+          },
+          "os": {
+            "properties": {
+              "full": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "kernel": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "platform": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "type": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              },
+              "version": {
+                "ignore_above": 1024,
+                "type": "keyword"
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "order": 1,
+  "settings": {
+    "index": {
+      "number_of_replicas": "0",
+      "number_of_shards": "1",
+      "query.default_field": [
+        "agent.id",
+        "agent.groups",
+        "host.name",
+        "host.os.type",
+        "host.os.version"
+      ],
+      "refresh_interval": "5s"
+    }
+  }
+}

From 9503c3b7f7b20da7bbbb81a3a9927177c2e2dad7 Mon Sep 17 00:00:00 2001
From: f-galland <federico.galland@wazuh.com>
Date: Thu, 12 Sep 2024 18:16:38 -0300
Subject: [PATCH 2/2] Create wazuh-states-inventory-system index tempalte

---
 .../src/main/java/org/wazuh/setup/index/WazuhIndices.java        | 1 +
 1 file changed, 1 insertion(+)

diff --git a/plugins/wazuh-indexer-setup/src/main/java/org/wazuh/setup/index/WazuhIndices.java b/plugins/wazuh-indexer-setup/src/main/java/org/wazuh/setup/index/WazuhIndices.java
index ec83b80..1ed3321 100644
--- a/plugins/wazuh-indexer-setup/src/main/java/org/wazuh/setup/index/WazuhIndices.java
+++ b/plugins/wazuh-indexer-setup/src/main/java/org/wazuh/setup/index/WazuhIndices.java
@@ -51,6 +51,7 @@ public WazuhIndices(Client client, ClusterService clusterService) {
         // Create Index Templates - Indices map
         this.indexTemplates.put("index-template-agent", ".agents");
         this.indexTemplates.put("index-template-alerts", "wazuh-alerts-5.x-0001");
+        this.indexTemplates.put("index-template-system", "wazuh-states-inventory-system");
     }
 
     /**