CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6167 from Security-Onion-Solutions/ecs_pipeline_common

Browse Source 
Add config for dynamically formatted ingest pipelines
This commit is contained in:
weslambert
2021-11-09 15:41:43 -05:00
committed by GitHub
parent 3afb0bd263 f80b70e008
commit 9597373e4a
2 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
salt/elasticsearch/files/ingest/common → salt/elasticsearch/files/ingest-dynamic/common
View File

@@ -1,3 +1,5 @@
{%- set HIGHLANDER = salt['pillar.get']('global:highlander', False) -%}
{%- raw -%}
{ {
"description" : "common", "description" : "common",
"processors" : [ "processors" : [
@@ -65,5 +67,16 @@
"index_name_format": "yyyy.MM.dd" "index_name_format": "yyyy.MM.dd"
} }
} }
{%- endraw %}
{%- if HIGHLANDER %}
,
{
"pipeline": {
"name": "ecs"
}
}
{%- endif %}
{%- raw %}
] ]
} }
{% endraw %}

8
salt/elasticsearch/init.sls
View File

@@ -131,6 +131,14 @@ esrolesdir:
- group: 939 - group: 939
- makedirs: True - makedirs: True
esingestdynamicconf:
file.recurse:
- name: /opt/so/conf/elasticsearch/ingest
- source: salt://elasticsearch/files/ingest-dynamic
- user: 930
- group: 939
- template: jinja
esingestconf: esingestconf:
file.recurse: file.recurse:
- name: /opt/so/conf/elasticsearch/ingest - name: /opt/so/conf/elasticsearch/ingest