From fcc5c306ea5dd61bf051e3747266a8f6a65c709c Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Wed, 18 Mar 2020 16:42:06 +0000
Subject: [PATCH] fix index names

---
 salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja  | 2 +-
 .../logstash/pipelines/config/so/9700_output_strelka.conf.jinja | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja b/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja
index b32cb44df..53dae8825 100644
--- a/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja
+++ b/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja
@@ -21,7 +21,7 @@ output {
     elasticsearch {
       pipeline => "%{event_type}"
       hosts => "{{ ES }}"
-      index => "so-common-%{+YYYY.MM.dd}"
+      index => "so-ossec-%{+YYYY.MM.dd}"
       template_name => "so-common"
       template => "/so-common-template.json"
       template_overwrite => true
diff --git a/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja b/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja
index 6c498c2bb..5da6d0b12 100644
--- a/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja
+++ b/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja
@@ -20,7 +20,7 @@ output {
   if [event_type] =~ "strelka" {
     elasticsearch {
       hosts => "{{ ES }}"
-      index => "so-common-%{+YYYY.MM.dd}"
+      index => "so-strelka-%{+YYYY.MM.dd}"
       template_name => "so-common"
       template => "/so-common-template.json"
       template_overwrite => true