Merge pull request #11208 from Security-Onion-Solutions/fix/elasticsearch_syslog

Make sure a data stream is created for syslog
2026-02-16 20:23:47 +01:00 · 2023-08-30 08:37:39 -04:00
parent f4191fb7fa 706a6e2d56
commit 7e12167b52
1 changed files with 1 additions and 0 deletions
--- a/salt/elasticsearch/defaults.yaml
+++ b/salt/elasticsearch/defaults.yaml
@@ -4187,6 +4187,7 @@ elasticsearch:
    so-syslog:
      index_sorting: False
      index_template:
+        data_stream: {}
        index_patterns:
          - logs-syslog-so*
        template: