CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9579 from Security-Onion-Solutions/fix/elasticsearch_templates_so-ids

Browse Source 
Remove so-ids since the data stream is now 'logs-suricata-*'
This commit is contained in:
weslambert
2023-01-13 16:17:38 -05:00
committed by GitHub
parent 3e5127810d ca80548bf0
commit 1723f58c04
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
setup/so-functions
View File

@@ -1075,7 +1075,7 @@ elasticsearch_pillar() {
" bool:"\
" max_clause_count: 3500"\
" index_settings:"\ > $elasticsearch_pillar_file
for INDEX in aws azure barracuda beats bluecoat cef checkpoint cisco cyberark cylance elasticsearch endgame f5 firewall fortinet gcp google_workspace ids imperva infoblox juniper kibana logstash microsoft misp netflow netscout o365 okta osquery proofpoint radware redis snort snyk sonicwall sophos strelka syslog tomcat zeek zscaler
for INDEX in aws azure barracuda beats bluecoat cef checkpoint cisco cyberark cylance elasticsearch endgame f5 firewall fortinet gcp google_workspace imperva infoblox juniper kibana logstash microsoft misp netflow netscout o365 okta osquery proofpoint radware redis snort snyk sonicwall sophos strelka syslog tomcat zeek zscaler
do
printf '%s\n'\
" so-$INDEX:"\