Fix yaml for idh,es,kib,esalert

2025-12-06 17:22:49 +01:00 · 2022-09-09 15:55:51 -04:00
parent 16f2059f17
commit 037d5d1c46
4 changed files with 16 additions and 16 deletions
--- a/salt/elastalert/init.sls
+++ b/salt/elastalert/init.sls
@@ -4,7 +4,7 @@
 {% from 'allowed_states.map.jinja' import allowed_states %}
 {% if sls in allowed_states %}

-{% from 'elastalert/elastalert_config.map.jinja' import elastalert_defaults as elastalert_config with context %}
+{% from 'elastalert/elastalert_config.map.jinja' import ELASTALERT as elastalert_config with context %}

 {% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %}
 {% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
--- a/salt/elastalert/soc_elastalert.yaml
+++ b/salt/elastalert/soc_elastalert.yaml
@@ -1,25 +1,25 @@
 elastalert:
  config:
-    disable_rules_on_error: false
+    disable_rules_on_error:
      description: Disable rules on failure.
    run_every:
-      minutes: 3
+      minutes:
        description: Amount of time in minutes between searches.
    buffer_time:
-      minutes: 10
+      minutes:
        description: Amount of time in minutes to look through.
    old_query_limit:
-      minutes: 5
+      minutes:
        description: Amount of time in minutes between queries to start at the most recently run query.
-    es_conn_timeout: 55
+    es_conn_timeout:
      description: Timeout in seconds for connecting to and reading from Elasticsearch.
-    max_query_size: 5000
+    max_query_size:
      description: The maximum number of documents that will be downloaded from Elasticsearch in a single query.
    alert_time_limit:
-      days: 2
+      days:
        description: The retry window for failed alerts.
    index_settings:
-      shards: 1
+      shards:
        description: The amount of shards to use for elastalert.
-      replicas: 0
+      replicas:
        description: The amount of replicas for the Elastalert index.
--- a/salt/influxdb/soc_influxdb.yaml
+++ b/salt/influxdb/soc_influxdb.yaml
@@ -1,16 +1,16 @@
 influxdb:
  retention_policies:
    so_short_term:
-      duration: 30d
+      duration:
        description: Amount of time to keep short term data.
-      shard_duration: 1d
+      shard_duration:
        description: Time range 
    so_long_term:
-      duration: 0d
+      duration:
        description: Amount of time to keep long term downsampled data.
-      shard_duration: 7d
+      shard_duration:
        description: Amount of the time range covered by the shard group.
  downsample:
    so_long_term:
-      resolution: 5m
+      resolution:
        description: Amount of time to turn into a single data point. 
--- a/salt/kibana/soc_kibana.yaml
+++ b/salt/kibana/soc_kibana.yaml
@@ -1,5 +1,5 @@
 kibana:
  config:
    elasticsearch:
-      requestTimeout: 90000
+      requestTimeout:
        description: Request timeout length.