mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
Merge pull request #431 from Security-Onion-Solutions/fix/elastic_changes
Fix/elastic changes
This commit is contained in:
weslambert
GitHub
@@ -4,7 +4,7 @@
|
||||
server.name: kibana
|
||||
server.host: "0"
|
||||
server.basePath: /kibana
|
||||
elasticsearch.url: http://{{ ES }}:9200
|
||||
elasticsearch.hosts: [ "http://{{ ES }}:9200" ]
|
||||
#kibana.index: ".kibana"
|
||||
#elasticsearch.username: elastic
|
||||
#elasticsearch.password: changeme
|
||||
|
||||
@@ -21,9 +21,9 @@ output {
|
||||
elasticsearch {
|
||||
pipeline => "%{event_type}"
|
||||
hosts => "{{ ES }}"
|
||||
index => "so-ossec-%{+YYYY.MM.dd}"
|
||||
template_name => "so-ossec"
|
||||
template => "/so-ossec-template.json"
|
||||
index => "so-common-%{+YYYY.MM.dd}"
|
||||
template_name => "so-common"
|
||||
template => "/so-common-template.json"
|
||||
template_overwrite => true
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,9 +20,9 @@ output {
|
||||
if [event_type] =~ "strelka" {
|
||||
elasticsearch {
|
||||
hosts => "{{ ES }}"
|
||||
index => "so-strelka-%{+YYYY.MM.dd}"
|
||||
template_name => "so-strelka"
|
||||
template => "/so-strelka-template.json"
|
||||
index => "so-common-%{+YYYY.MM.dd}"
|
||||
template_name => "so-common"
|
||||
template => "/so-common-template.json"
|
||||
template_overwrite => true
|
||||
}
|
||||
}
|
||||
|
||||
@@ -743,7 +743,7 @@ master_static() {
|
||||
touch /opt/so/saltstack/pillar/static.sls
|
||||
|
||||
echo "static:" > /opt/so/saltstack/pillar/static.sls
|
||||
echo " soversion: HH1.1.4" >> /opt/so/saltstack/pillar/static.sls
|
||||
echo " soversion: HH1.2.1" >> /opt/so/saltstack/pillar/static.sls
|
||||
echo " hnmaster: $HNMASTER" >> /opt/so/saltstack/pillar/static.sls
|
||||
echo " ntpserver: $NTPSERVER" >> /opt/so/saltstack/pillar/static.sls
|
||||
echo " proxy: $PROXY" >> /opt/so/saltstack/pillar/static.sls
|
||||
|
||||
Reference in New Issue
Block a user