CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-24 09:53:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1096 from Security-Onion-Solutions/fix/elastalert_thehive

Browse Source 
Make sure we are searching all clusters when running rules
This commit is contained in:
weslambert
2020-07-24 18:05:46 -04:00
committed by GitHub
parent 6c9c60b8dd 3ac9f1800b
commit 2d096ddd66
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/elastalert/files/rules/so/suricata_thehive.yaml
View File

@@ -9,7 +9,7 @@ es_host: {{es}}
es_port: 9200
name: Suricata-Alert
type: frequency
index: "so-ids-*"
index: "*:so-ids-*"
num_events: 1
timeframe:
minutes: 10

2
salt/elastalert/files/rules/so/wazuh_thehive.yaml
View File

@@ -9,7 +9,7 @@ es_host: {{es}}
es_port: 9200
name: Wazuh-Alert
type: frequency
index: "so-ossec-*"
index: "*:so-ossec-*"
num_events: 1
timeframe:
minutes: 10