CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add index specific curator settings

Browse Source
This commit is contained in:
Mike Reeves
2020-07-09 12:10:53 -04:00
parent ca20279a09
commit 357efac873
1 changed files with 52 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
setup/so-functions
View File

@@ -1015,11 +1015,59 @@ master_static() {
" rules: $STRELKARULES"\ " rules: $STRELKARULES"\
"curator:"\ "curator:"\
" hot_warm: False"\ " hot_warm: False"\
" warm: 7"\
" close: 30"
" delete: 45"
"elastic:"\ "elastic:"\
" features: False" > "$static_pillar" " features: False"\
"elasticsearch:"\
" route_type: hot"\
" replicas: 0"\
" true_cluster: False"
" true_cluster_name: so"
" index_settings:"\
" so-beats:"\
" shards: 1"\
" warm: 7"\
" close: 30"\
" delete: 45"
" so-firewall:"\
" warm: 7"\
" close: 30"\
" delete: 45"
" shards: 1"\
" so-ids:"\
" shards: 1"\
" warm: 7"\
" close: 30"\
" delete: 45"
" so-import:"\
" warm: 7"\
" close: 30"\
" delete: 45"
" shards: 1"\
" so-osquery:"\
" shards: 1"\
" warm: 7"\
" close: 30"\
" delete: 45"
" so-ossec:"\
" shards: 1"\
" warm: 7"\
" close: 30"\
" delete: 45"
" so-strelka:"\
" shards: 1"\
" warm: 7"\
" close: 30"\
" delete: 45"
" so-syslog:"\
" shards: 1"\
" warm: 7"\
" close: 30"\
" delete: 45"
" so-zeek:"\
" shards: 5"\
" warm: 7"\
" close: 30"\
" delete: 45" > "$static_pillar"
printf '%s\n' '----' >> "$setup_log" 2>&1 printf '%s\n' '----' >> "$setup_log" 2>&1
cat "$static_pillar" >> "$setup_log" 2>&1 cat "$static_pillar" >> "$setup_log" 2>&1
@@ -1071,30 +1119,6 @@ elasticsearch_pillar() {
" node_type: $NODETYPE"\ " node_type: $NODETYPE"\
" es_port: $node_es_port"\ " es_port: $node_es_port"\
" log_size_limit: $log_size_limit"\ " log_size_limit: $log_size_limit"\
" cur_close_days: $CURCLOSEDAYS"\
" route_type: hot"\
" replicas: 0"\
" true_cluster: False"
" true_cluster_name: so"
" index_settings:"\
" so-beats:"\
" shards: 1"\
" so-firewall:"\
" shards: 1"\
" so-ids:"\
" shards: 1"\
" so-import:"\
" shards: 1"\
" so-osquery:"\
" shards: 1"\
" so-ossec:"\
" shards: 1"\
" so-strelka:"\
" shards: 1"\
" so-syslog:"\
" shards: 1"\
" so-zeek:"\
" shards: 5"\
"" >> "$pillar_file" "" >> "$pillar_file"
if [ "$install_type" != 'EVAL' ] && [ "$install_type" != 'HELIXSENSOR' ] && [ "$install_type" != 'MASTERSEARCH' ] && [ "$install_type" != 'STANDALONE' ]; then if [ "$install_type" != 'EVAL' ] && [ "$install_type" != 'HELIXSENSOR' ] && [ "$install_type" != 'MASTERSEARCH' ] && [ "$install_type" != 'STANDALONE' ]; then