CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add temaplte files per index

Browse Source
This commit is contained in:
Mike Reeves
2020-07-09 11:51:55 -04:00
parent 9c2f7d574d
commit 96bcf9d9f3
10 changed files with 76 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/logstash/pipelines/templates/so/so-beats-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-beats:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-beats:refresh', '30s') %}
{
"index_patterns": ["so-beats-*"],
"version": 50001,
"order": 11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

11
salt/logstash/pipelines/templates/so/so-firewall-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-firewall:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-firewall:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-firewall-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

11
salt/logstash/pipelines/templates/so/so-ids-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-ids:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-ids:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-ids-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

11
salt/logstash/pipelines/templates/so/so-import-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-import:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-import:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-import-*"],
"version":50001,
"order": 11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

11
salt/logstash/pipelines/templates/so/so-osquery-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-osquery:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-osquery:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-osquery-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

11
salt/logstash/pipelines/templates/so/so-ossec-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-ossec:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-ossec:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-ossec-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

11
salt/logstash/pipelines/templates/so/so-strelka-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-strelka:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-strelka:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-strelka-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

12
salt/logstash/pipelines/templates/so/so-syslog-template.json
View File

@@ -1,10 +1,14 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-syslog:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-syslog:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"index_patterns": ["so-syslog-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}

9
salt/logstash/pipelines/templates/so/so-zeek-template.json
View File

@@ -1,10 +1,13 @@
{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:shards', 1) %}
{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zeek:refresh', '30s') %}
{
"index_patterns": ["so-zeek-*"],
"version":50001,
"order":11,
"settings":{
"number_of_replicas":0,
"number_of_shards":1,
"index.refresh_interval":"30s"
"number_of_replicas":{{ REPLICAS }},
"number_of_shards":{{ SHARDS }},
"index.refresh_interval":"{{ REFRESH }}"
}
}