CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5905 from Security-Onion-Solutions/feature/soc_es_index_pattern

Browse Source 
Allow setting ES index patterns for SOC in pillar
This commit is contained in:
weslambert
2021-10-15 13:28:04 -04:00
committed by GitHub
parent db2b70f655 8feeff97b5
commit 6f1f7d2a63
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/soc/files/soc/soc.json
View File

@@ -26,7 +26,7 @@
{%- set ES_USER = '' %}
{%- set ES_PASS = '' %}
{%- endif %}
{%- set ES_INDEX_PATTERNS = salt['pillar.get']('soc:es_index_patterns', '*:so-*') %}
{
"logFilename": "/opt/sensoroni/logs/sensoroni-server.log",
"server": {
@@ -57,6 +57,7 @@
{%- endif %}
"username": "{{ ES_USER }}",
"password": "{{ ES_PASS }}",
"index": "{{ ES_INDEX_PATTERNS }}",
"cacheMs": {{ ES_FIELDCAPS_CACHE }},
"verifyCert": false,
"timeoutMs": {{ API_TIMEOUT }}

1
setup/so-functions
View File

@@ -1645,6 +1645,7 @@ manager_pillar() {
printf '%s\n'\
"soc:"\
" endgamehost: '$ENDGAMEHOST'"\
" es_index_patterns: '*:so-*, *:endgame-*'"\
"" >> "$pillar_file"
fi
}