Merge pull request #14530 from Security-Onion-Solutions/fix/detections

Change timeout to 1s

salt/elasticsearch/defaults.yaml

@@ -274,7 +274,7 @@ elasticsearch:
               number_of_replicas: 0
               auto_expand_replicas: 0-2
               number_of_shards: 1
-              refresh_interval: 30s
+              refresh_interval: 1s
               sort:
                 field: '@timestamp'
                 order: desc

salt/manager/tools/sbin/soup

@@ -746,8 +746,6 @@ up_to_2.4.90() {
   so-yaml.py remove /opt/so/saltstack/local/pillar/kafka/soc_kafka.sls kafka.password
   so-yaml.py add /opt/so/saltstack/local/pillar/kafka/soc_kafka.sls kafka.config.password "$kafkatrimpass"
   so-yaml.py add /opt/so/saltstack/local/pillar/kafka/soc_kafka.sls kafka.config.trustpass "$kafkatrust"
-  echo "If the Detection index exists, update the refresh_interval"
-  so-elasticsearch-query so-detection*/_settings -X PUT -d '{"index":{"refresh_interval":"1s"}}'
 
   INSTALLEDVERSION=2.4.90
 }
@@ -807,7 +805,8 @@ up_to_2.4.141() {
 }
 
 up_to_2.4.150() {
-  echo "Nothing to do for 2.4.150"
+  echo "If the Detection indices exists, update the refresh_interval"
+  so-elasticsearch-query so-detection*/_settings -X PUT -d '{"index":{"refresh_interval":"1s"}}'
 
   INSTALLEDVERSION=2.4.150
 }