diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml index 7d6867024..d3b915a15 100644 --- a/salt/elasticsearch/defaults.yaml +++ b/salt/elasticsearch/defaults.yaml @@ -1606,6 +1606,81 @@ elasticsearch: - common-settings - common-dynamic-mappings priority: 500 + so-idh: + warm: 7 + close: 30 + delete: 365 + index_sorting: False + index_template: + index_patterns: + - so-idh-* + template: + mappings: + dynamic_templates: + - strings_as_keyword: + mapping: + ignore_above: 1024 + type: keyword + match_mapping_type: string + date_detection: false + settings: + index: + mapping: + total_fields: + limit: 3000 + sort: + field: "@timestamp" + order: desc + refresh_interval: 30s + number_of_shards: 1 + number_of_replicas: 0 + composed_of: + - agent-mappings + - dtc-agent-mappings + - base-mappings + - dtc-base-mappings + - client-mappings + - container-mappings + - destination-mappings + - dll-mappings + - dns-mappings + - dtc-dns-mappings + - ecs-mappings + - dtc-ecs-mappings + - error-mappings + - event-mappings + - dtc-event-mappings + - file-mappings + - dtc-file-mappings + - group-mappings + - host-mappings + - dtc-host-mappings + - http-mappings + - dtc-http-mappings + - log-mappings + - network-mappings + - dtc-network-mappings + - observer-mappings + - dtc-observer-mappings + - organization-mappings + - package-mappings + - process-mappings + - dtc-process-mappings + - related-mappings + - rule-mappings + - dtc-rule-mappings + - server-mappings + - service-mappings + - dtc-service-mappings + - source-mappings + - threat-mappings + - tls-mappings + - url-mappings + - user_agent-mappings + - dtc-user_agent-mappings + - common-settings + - common-dynamic-mappings + priority: 500 so-ids: index_sorting: False index_template: @@ -2079,6 +2154,81 @@ elasticsearch: - common-settings - common-dynamic-mappings priority: 500 + so-kratos: + warm: 7 + close: 30 + delete: 365 + index_sorting: False + index_template: + index_patterns: + - so-kratos-* + template: + mappings: + dynamic_templates: + - strings_as_keyword: + mapping: + ignore_above: 1024 + type: keyword + match_mapping_type: string + date_detection: false + settings: + index: + mapping: + total_fields: + limit: 3000 + sort: + field: "@timestamp" + order: desc + refresh_interval: 30s + number_of_shards: 1 + number_of_replicas: 0 + composed_of: + - agent-mappings + - dtc-agent-mappings + - base-mappings + - dtc-base-mappings + - client-mappings + - container-mappings + - destination-mappings + - dll-mappings + - dns-mappings + - dtc-dns-mappings + - ecs-mappings + - dtc-ecs-mappings + - error-mappings + - event-mappings + - dtc-event-mappings + - file-mappings + - dtc-file-mappings + - group-mappings + - host-mappings + - dtc-host-mappings + - http-mappings + - dtc-http-mappings + - log-mappings + - network-mappings + - dtc-network-mappings + - observer-mappings + - dtc-observer-mappings + - organization-mappings + - package-mappings + - process-mappings + - dtc-process-mappings + - related-mappings + - rule-mappings + - dtc-rule-mappings + - server-mappings + - service-mappings + - dtc-service-mappings + - source-mappings + - threat-mappings + - tls-mappings + - url-mappings + - user_agent-mappings + - dtc-user_agent-mappings + - common-settings + - common-dynamic-mappings + priority: 500 so-logstash: index_sorting: False index_template: