CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rename username param to user since logstash is 'unique'

Browse Source
This commit is contained in:
Jason Ertel
2021-06-03 07:51:43 -04:00
parent e6165f0046
commit 5c527b2c48
12 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}.%{dataset}" pipeline => "%{module}.%{dataset}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-zeek" index => "so-zeek"
template_name => "so-zeek" template_name => "so-zeek"

2
salt/logstash/pipelines/config/so/9002_output_import.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}.%{dataset}" pipeline => "%{module}.%{dataset}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-import" index => "so-import"
template_name => "so-import" template_name => "so-import"

2
salt/logstash/pipelines/config/so/9004_output_flow.conf.jinja
View File

@@ -9,7 +9,7 @@ output {
if [event_type] == "sflow" { if [event_type] == "sflow" {
elasticsearch { elasticsearch {
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-flow" index => "so-flow"
template_name => "so-flow" template_name => "so-flow"

2
salt/logstash/pipelines/config/so/9033_output_snort.conf.jinja
View File

@@ -9,7 +9,7 @@ output {
if [event_type] == "ids" and "import" not in [tags] { if [event_type] == "ids" and "import" not in [tags] {
elasticsearch { elasticsearch {
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-ids" index => "so-ids"
template_name => "so-ids" template_name => "so-ids"

2
salt/logstash/pipelines/config/so/9034_output_syslog.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}" pipeline => "%{module}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-syslog" index => "so-syslog"
template_name => "so-syslog" template_name => "so-syslog"

2
salt/logstash/pipelines/config/so/9100_output_osquery.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}.%{dataset}" pipeline => "%{module}.%{dataset}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-osquery" index => "so-osquery"
template_name => "so-osquery" template_name => "so-osquery"

2
salt/logstash/pipelines/config/so/9101_output_osquery_livequery.conf.jinja
View File

@@ -32,7 +32,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "osquery.live_query" pipeline => "osquery.live_query"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-osquery" index => "so-osquery"
template_name => "so-osquery" template_name => "so-osquery"

2
salt/logstash/pipelines/config/so/9200_output_firewall.conf.jinja
View File

@@ -9,7 +9,7 @@ output {
if [dataset] =~ "firewall" { if [dataset] =~ "firewall" {
elasticsearch { elasticsearch {
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-firewall" index => "so-firewall"
template_name => "so-firewall" template_name => "so-firewall"

2
salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}.%{dataset}" pipeline => "%{module}.%{dataset}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-ids" index => "so-ids"
template_name => "so-ids" template_name => "so-ids"

2
salt/logstash/pipelines/config/so/9500_output_beats.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "beats.common" pipeline => "beats.common"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-beats" index => "so-beats"
template_name => "so-beats" template_name => "so-beats"

2
salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}" pipeline => "%{module}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-ossec" index => "so-ossec"
template_name => "so-ossec" template_name => "so-ossec"

2
salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja
View File

@@ -10,7 +10,7 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{module}.%{dataset}" pipeline => "%{module}.%{dataset}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
username => "{{ ES_USER }}" user => "{{ ES_USER }}"
password => "{{ ES_PASS }}" password => "{{ ES_PASS }}"
index => "so-strelka" index => "so-strelka"
template_name => "so-strelka" template_name => "so-strelka"