so-detection refresh_interval => 1s

Speeds up the refresh_interval so bulk indexing a single rule does not wait 30s.

salt/elasticsearch/defaults.yaml

@@ -296,7 +296,7 @@ elasticsearch:
                   limit: 1500
               number_of_replicas: 0
               number_of_shards: 1
-              refresh_interval: 30s
+              refresh_interval: 1s
               sort:
                 field: '@timestamp'
                 order: desc