diff --git a/json/logstash-syslog-dns-index.template_ELK7.x_dev.json b/json/logstash-syslog-dns-index.template_ELK7.x_dev.json
new file mode 100644
index 0000000000000000000000000000000000000000..414335f3d8f4fe31a25278a68867a0e67ccf211a
--- /dev/null
+++ b/json/logstash-syslog-dns-index.template_ELK7.x_dev.json
@@ -0,0 +1,77 @@
+PUT /_template/logstash-syslog-dns
+{
+  "index_patterns": [
+    "logstash-syslog-dns*"
+  ],
+  "mappings": {
+    "dynamic": "true",
+    "properties": {
+      "source_host": {
+        "type": "ip"
+      },
+      "logrow": {
+        "type": "integer"
+      },
+      "request_from": {
+        "type": "ip"
+      },
+      "source_port": {
+        "type": "integer"
+      },
+      "ip_request": {
+        "type": "ip"
+      },
+      "ip_response": {
+        "type": "ip"
+      },
+      "dns_forward_to": {
+        "type": "ip",
+        "fields": {
+          "keyword": {
+            "type": "keyword",
+            "ignore_above": 256
+          }
+        }
+      },
+      "tags": {
+        "type": "keyword",
+        "fields": {
+          "keyword": {
+            "type": "keyword",
+            "ignore_above": 256
+          }
+        }
+      },
+      "pid": {
+        "type": "integer"
+      },
+      "pihole": {
+        "type": "ip"
+      },
+      "blocked_domain": {
+        "type" : "text",
+          "norms" : false,
+          "fields" : {
+            "keyword" : {
+              "type" : "keyword",
+              "ignore_above" : 256
+            }
+          }
+      },
+      "domain_request" : {
+          "type" : "text",
+          "norms" : false,
+          "fields" : {
+            "keyword" : {
+              "type" : "keyword",
+              "ignore_above" : 256
+            }
+          }
+        },
+      "date": {
+        "type": "date",
+        "format": "MMM  d HH:mm:ss||MMM dd HH:mm:ss"
+      }
+    }
+  }
+}
\ No newline at end of file