CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-27 06:57:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move In Day

Browse Source
This commit is contained in:
Mike Reeves
2022-09-07 09:06:25 -04:00
parent dcb7b49dbe
commit 2bd9dd80e2
611 changed files with 8015 additions and 16211 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/elastalert/soc_elastalert.yaml
+25
View File
@@ -0,0 +1,25 @@
elastalert:
config:
disable_rules_on_error: false
description: Disable rules on failure.
run_every:
minutes: 3
description: Amount of time in minutes between searches.
buffer_time:
minutes: 10
description: Amount of time in minutes to look through.
old_query_limit:
minutes: 5
description: Amount of time in minutes between queries to start at the most recently run query.
es_conn_timeout: 55
description: Timeout in seconds for connecting to and reading from Elasticsearch.
max_query_size: 5000
description: The maximum number of documents that will be downloaded from Elasticsearch in a single query.
alert_time_limit:
days: 2
description: The retry window for failed alerts.
index_settings:
shards: 1
description: The amount of shards to use for elastalert.
replicas: 0
description: The amount of replicas for the Elastalert index.