diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml index 7efaea0e5..a4952933d 100644 --- a/salt/elasticsearch/defaults.yaml +++ b/salt/elasticsearch/defaults.yaml @@ -117,7 +117,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - so-case* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -203,7 +203,9 @@ elasticsearch: - common-settings - common-dynamic-mappings - winlog-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-*-so* @@ -263,7 +265,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - so-detection* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -444,7 +446,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - endgame* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -549,7 +551,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - logs-idh-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -659,11 +661,13 @@ elasticsearch: - common-dynamic-mappings - winlog-mappings - hash-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-import-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -718,7 +722,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - so-ip* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -747,7 +751,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - .items-default-** - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -846,7 +850,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - logs-kratos-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -954,7 +958,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - logs-hydra-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -1009,7 +1013,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - .lists-default-** - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -1495,6 +1499,9 @@ elasticsearch: - so-fleet_integrations.ip_mappings-1 - so-fleet_globals-1 - so-fleet_agent_id_verification-1 + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: - logs-elastic_agent.cloudbeat@custom index_patterns: @@ -1730,6 +1737,9 @@ elasticsearch: - so-fleet_integrations.ip_mappings-1 - so-fleet_globals-1 - so-fleet_agent_id_verification-1 + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: - logs-elastic_agent.heartbeat@custom index_patterns: @@ -3043,11 +3053,13 @@ elasticsearch: - dtc-user_agent-mappings - common-settings - common-dynamic-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-soc-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -3637,10 +3649,13 @@ elasticsearch: - vulnerability-mappings - common-settings - common-dynamic-mappings + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-logstash-default* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -3941,7 +3956,7 @@ elasticsearch: ignore_missing_component_templates: [] index_patterns: - logs-redis.log* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -4052,11 +4067,13 @@ elasticsearch: - common-settings - common-dynamic-mappings - hash-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-strelka-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -4166,11 +4183,13 @@ elasticsearch: - common-settings - common-dynamic-mappings - hash-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-suricata-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -4280,11 +4299,13 @@ elasticsearch: - common-settings - common-dynamic-mappings - hash-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-suricata.alerts-* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -4394,11 +4415,13 @@ elasticsearch: - vulnerability-mappings - common-settings - common-dynamic-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-syslog-so* - priority: 500 + priority: 501 template: mappings: date_detection: false @@ -4510,11 +4533,13 @@ elasticsearch: - common-settings - common-dynamic-mappings - hash-mappings - data_stream: {} + data_stream: + allow_custom_routing: false + hidden: false ignore_missing_component_templates: [] index_patterns: - logs-zeek-so* - priority: 500 + priority: 501 template: mappings: date_detection: false