{"index":{"_id":1}}
{"@timestamp":"1234567891","event_type":"success","sequence":1,"correlation_success1":"A","correlation_success2":"B"}
{"index":{"_id":2}}
{"@timestamp":"1234567892","event_type":"failure","sequence":2,"correlation_failure1":"A","correlation_failure2":"B"}
{"index":{"_id":3}}
{"@timestamp":"1234567893","event_type":"success","sequence":3,"correlation_success1":"A","correlation_success2":"A"}
{"index":{"_id":4}}
{"@timestamp":"1234567894","event_type":"success","sequence":4,"correlation_success1":"C","correlation_success2":"C"}
{"index":{"_id":5}}
{"@timestamp":"1234567895","event_type":"failure","sequence":5,"correlation_failure1":"B","correlation_failure2":"C"}
{"index":{"_id":6}}
{"@timestamp":"1234567896","event_type":"success","sequence":1,"correlation_success1":"A","correlation_success2":"A"}
{"index":{"_id":7}}
{"@timestamp":"1234567897","event_type":"failure","sequence":1,"correlation_failure1":"A","correlation_failure2":"A"}
{"index":{"_id":8}}
{"@timestamp":"1234567898","event_type":"success","sequence":3,"correlation_success1":"A","correlation_success2":"A"}
{"index":{"_id":9}}
{"@timestamp":"1234567899","event_type":"success","sequence":4,"correlation_success1":"C","correlation_success2":"B"}
{"index":{"_id":10}}
{"@timestamp":"12345678910","event_type":"failure","sequence":4,"correlation_failure1":"B","correlation_failure2":"B"}
{"index":{"_id":11}}
{"@timestamp":"12345678911","event_type":"success","sequence":1,"correlation_success1":"A","correlation_success2":"A"}
{"index":{"_id":12}}
{"@timestamp":"12345678912","event_type":"failure","sequence":1,"correlation_failure1":"A","correlation_failure2":"B"}
{"index":{"_id":13}}
{"@timestamp":"12345678913","event_type":"success","sequence":3,"correlation_success1":"A","correlation_success2":"A"}
{"index":{"_id":14}}
{"@timestamp":"12345678914","event_type":"success","sequence":44,"correlation_success1":"C","correlation_success2":"D"}
{"index":{"_id":15}}
{"@timestamp":"12345678999","event_type":"failure","sequence":44,"correlation_failure1":"C","correlation_failure2":"D"}
{"index":{"_id":116}}
{"@timestamp":"123456789116","event_type":"PROCESS","file_name":["x","f","zyx"],"process_name":["oo","abc"],"pid":[12,13,14],"ppid":1}
{"index":{"_id":117}}
{"@timestamp":"123456789117","event_type":"PROCESS","file_name":["a.exe","f.txt"],"process_name":"oo","pid":[12,13,14],"ppid":[89,1,2,3]}
{"index":{"_id":118}}
{"@timestamp":"123456789118","event_type":"PROCESS","file_name":"a","process_name":"oo","pid":12}
{"index":{"_id":119}}
{"@timestamp":"123456789119","event_type":"PROCESS","process_name":["oo","foo"],"pid":[121,12]}
{"index":{"_id":120}}
{"@timestamp":"123456789120","event_type":"PROCESS","file_name":["f","g","f"],"process_name":["oo","pp","windows"],"pid":[12,1,2,333],"ppid":121}
{"index":{"_id":121}}
{"@timestamp":"123456789121","event_type":"PROCESS","file_name":"f","pid":1,"ppid":[100,1000],"source_address":["127.0.0.1","10.6.48.157","10.0.0.5"],"process_name":"windows"}
{"index":{"_id":122}}
{"@timestamp":"123456789122","event_type":"PROCESS","pid":[1,2,3,4,5,6,12],"ppid":[66,67,68,69,99,100],"source_address":"10.6.48.157","command_line":"348"}
{"index":{"_id":123}}
{"@timestamp":"123456789123","event_type":"PROCESS","pid":500,"command_line":"100"}