mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Merge pull request #11648 from Security-Onion-Solutions/fix/ilm_remove_policy
Remove ILM policies for Cases and OSQuery manager indices
This commit is contained in:
weslambert
GitHub
@@ -108,8 +108,6 @@ elasticsearch:
|
|||||||
match_mapping_type: string
|
match_mapping_type: string
|
||||||
settings:
|
settings:
|
||||||
index:
|
index:
|
||||||
lifecycle:
|
|
||||||
name: so-case-logs
|
|
||||||
mapping:
|
mapping:
|
||||||
total_fields:
|
total_fields:
|
||||||
limit: 1500
|
limit: 1500
|
||||||
@@ -119,30 +117,6 @@ elasticsearch:
|
|||||||
sort:
|
sort:
|
||||||
field: '@timestamp'
|
field: '@timestamp'
|
||||||
order: desc
|
order: desc
|
||||||
policy:
|
|
||||||
phases:
|
|
||||||
cold:
|
|
||||||
actions:
|
|
||||||
set_priority:
|
|
||||||
priority: 0
|
|
||||||
min_age: 30d
|
|
||||||
delete:
|
|
||||||
actions:
|
|
||||||
delete: {}
|
|
||||||
min_age: 365d
|
|
||||||
hot:
|
|
||||||
actions:
|
|
||||||
rollover:
|
|
||||||
max_age: 30d
|
|
||||||
max_primary_shard_size: 50gb
|
|
||||||
set_priority:
|
|
||||||
priority: 100
|
|
||||||
min_age: 0ms
|
|
||||||
warm:
|
|
||||||
actions:
|
|
||||||
set_priority:
|
|
||||||
priority: 50
|
|
||||||
min_age: 30d
|
|
||||||
so-common:
|
so-common:
|
||||||
close: 30
|
close: 30
|
||||||
delete: 365
|
delete: 365
|
||||||
@@ -6349,33 +6323,7 @@ elasticsearch:
|
|||||||
template:
|
template:
|
||||||
settings:
|
settings:
|
||||||
index:
|
index:
|
||||||
lifecycle:
|
|
||||||
name: so-logs-osquery-manager-action.responses-logs
|
|
||||||
number_of_replicas: 0
|
number_of_replicas: 0
|
||||||
policy:
|
|
||||||
phases:
|
|
||||||
cold:
|
|
||||||
actions:
|
|
||||||
set_priority:
|
|
||||||
priority: 0
|
|
||||||
min_age: 30d
|
|
||||||
delete:
|
|
||||||
actions:
|
|
||||||
delete: {}
|
|
||||||
min_age: 365d
|
|
||||||
hot:
|
|
||||||
actions:
|
|
||||||
rollover:
|
|
||||||
max_age: 30d
|
|
||||||
max_primary_shard_size: 50gb
|
|
||||||
set_priority:
|
|
||||||
priority: 100
|
|
||||||
min_age: 0ms
|
|
||||||
warm:
|
|
||||||
actions:
|
|
||||||
set_priority:
|
|
||||||
priority: 50
|
|
||||||
min_age: 30d
|
|
||||||
so-logs-osquery-manager-actions:
|
so-logs-osquery-manager-actions:
|
||||||
index_sorting: false
|
index_sorting: false
|
||||||
index_template:
|
index_template:
|
||||||
@@ -6392,33 +6340,7 @@ elasticsearch:
|
|||||||
template:
|
template:
|
||||||
settings:
|
settings:
|
||||||
index:
|
index:
|
||||||
lifecycle:
|
|
||||||
name: so-logs-osquery-manager-actions-logs
|
|
||||||
number_of_replicas: 0
|
number_of_replicas: 0
|
||||||
policy:
|
|
||||||
phases:
|
|
||||||
cold:
|
|
||||||
actions:
|
|
||||||
set_priority:
|
|
||||||
priority: 0
|
|
||||||
min_age: 30d
|
|
||||||
delete:
|
|
||||||
actions:
|
|
||||||
delete: {}
|
|
||||||
min_age: 365d
|
|
||||||
hot:
|
|
||||||
actions:
|
|
||||||
rollover:
|
|
||||||
max_age: 30d
|
|
||||||
max_primary_shard_size: 50gb
|
|
||||||
set_priority:
|
|
||||||
priority: 100
|
|
||||||
min_age: 0ms
|
|
||||||
warm:
|
|
||||||
actions:
|
|
||||||
set_priority:
|
|
||||||
priority: 50
|
|
||||||
min_age: 30d
|
|
||||||
so-logs-panw_x_panos:
|
so-logs-panw_x_panos:
|
||||||
index_sorting: false
|
index_sorting: false
|
||||||
index_template:
|
index_template:
|
||||||
|
|||||||
Reference in New Issue
Block a user