From 97306d3acdbf41e311c52f9afb5fdf1e9d39c4a6 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Tue, 26 May 2020 14:05:33 +0000
Subject: [PATCH] rename indices

---
 salt/common/tools/sbin/so-elastalert-create | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/salt/common/tools/sbin/so-elastalert-create b/salt/common/tools/sbin/so-elastalert-create
index fbe9527a7..0270503bf 100755
--- a/salt/common/tools/sbin/so-elastalert-create
+++ b/salt/common/tools/sbin/so-elastalert-create
@@ -166,8 +166,7 @@ cat << EOF
 What elasticsearch index do you want to use?
 Below are the default Index Patterns used in Security Onion:
 
-*:logstash-*
-*:logstash-beats-*
+*:so-ids-*
 *:elastalert_status*
 
 EOF