CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 19:22:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

elastic changes

Browse Source
This commit is contained in:
Wes Lambert
2020-03-17 21:29:28 +00:00
parent c3055b0a03
commit 70f109af86
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/kibana/etc/kibana.yml
View File

@@ -4,7 +4,7 @@
server.name: kibana server.name: kibana
server.host: "0" server.host: "0"
server.basePath: /kibana server.basePath: /kibana
elasticsearch.url: http://{{ ES }}:9200 elasticsearch.hosts: [ "http://{{ ES }}:9200" ]
#kibana.index: ".kibana" #kibana.index: ".kibana"
#elasticsearch.username: elastic #elasticsearch.username: elastic
#elasticsearch.password: changeme #elasticsearch.password: changeme

6
salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja
View File

@@ -21,9 +21,9 @@ output {
elasticsearch { elasticsearch {
pipeline => "%{event_type}" pipeline => "%{event_type}"
hosts => "{{ ES }}" hosts => "{{ ES }}"
index => "so-ossec-%{+YYYY.MM.dd}" index => "so-common-%{+YYYY.MM.dd}"
template_name => "so-ossec" template_name => "so-common"
template => "/so-ossec-template.json" template => "/so-common-template.json"
template_overwrite => true template_overwrite => true
} }
} }

6
salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja
View File

@@ -20,9 +20,9 @@ output {
if [event_type] =~ "strelka" { if [event_type] =~ "strelka" {
elasticsearch { elasticsearch {
hosts => "{{ ES }}" hosts => "{{ ES }}"
index => "so-strelka-%{+YYYY.MM.dd}" index => "so-common-%{+YYYY.MM.dd}"
template_name => "so-strelka" template_name => "so-common"
template => "/so-strelka-template.json" template => "/so-common-template.json"
template_overwrite => true template_overwrite => true
} }
} }