eris

- Elasticsearch Recon Ingestion Scripts (ERIS) 🔎

git clone git://git.acid.vegas/eris.git

commit 1fedeb2081a9534b9ac60aa76f6875bb0c196602
parent e38e0ec69b00f2aded2b1acca6e8d1733518095b
Author: acidvegas <acid.vegas@acid.vegas>
Date: Sat, 30 Nov 2024 18:20:53 -0500

Added documentation to Meshtastic ingestor on how to collect MQTT evens in JSON

Diffstat:

ingestors/ingest_meshtastic.py

++++++++++++-

1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/ingestors/ingest_meshtastic.py b/ingestors/ingest_meshtastic.py
@@ -2,6 +2,14 @@
 # Elasticsearch Recon Ingestion Scripts (ERIS) - Developed by Acidvegas (https://git.acid.vegas/eris)
 # ingest_meshtastic.py
 
+'''
+This plugin needs the meshtastic-mqtt-json library to convert Meshtastic MQTT messages to JSON.
+	pip install meshtastic-mqtt-json
+
+Use this command to pipe Meshtastic MQTT messages to the ERIS FIFO when using the --watch flag:
+	meshtastic-mqtt-json > ERIS_FIFO_PATH
+'''
+
 import asyncio
 import json
 import logging
@@ -23,7 +31,8 @@ def construct_map() -> dict:
 	# Match on exact value or full text search
 	keyword_mapping = { 'type': 'text', 'fields': { 'keyword': { 'type': 'keyword', 'ignore_above': 256 } } }
 
-	return {
+	# Construct the index mapping
+	mapping = {
 		'mappings': {
 			'properties': {
 				'channel' : { 'type': 'long'},
@@ -128,6 +137,8 @@ def construct_map() -> dict:
 		}
 	}
 
+	return mapping
+
 
 async def process_data(input_path: str):
 	'''