Move In Day

salt/elastalert/defaults.yaml

@@ -1,3 +1,8 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
 {%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
 {%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
 elastalert:
@@ -11,8 +16,8 @@ elastalert:
       minutes: 10
     old_query_limit:
       minutes: 5
-    es_host: {{salt['pillar.get']('manager:mainip', '')}}
-    es_port: {{salt['pillar.get']('manager:es_port', '')}}
+    es_host: {{salt['pillar.get']('global:managerip', '')}}
+    es_port: 9200
     es_conn_timeout: 55
     max_query_size: 5000
     #aws_region: us-east-1
@@ -21,10 +26,8 @@ elastalert:
     use_ssl: true
     verify_certs: false
     #es_send_get_body_as: GET
-{%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
     es_username: "{{ ES_USER }}"
     es_password: "{{ ES_PASS }}"
-{%- endif %}
     writeback_index: elastalert_status
     alert_time_limit:
       days: 2