add missing lifecycle name to crowdstrike indices

2025-12-08 10:12:53 +01:00 · 2025-01-13 09:26:16 -06:00
parent 14c920a258
commit a5b1648b68
1 changed files with 8 additions and 0 deletions
--- a/salt/elasticsearch/defaults.yaml
+++ b/salt/elasticsearch/defaults.yaml
@@ -4507,6 +4507,8 @@ elasticsearch:
        template:
          settings:
            index:
+              lifecycle:
+                name: so-logs-crowdstrike.alert-logs
              number_of_replicas: 0
        composed_of:
        - logs-crowdstrike.alert@package
@@ -4551,6 +4553,8 @@ elasticsearch:
        template:
          settings:
            index:
+              lifecycle:
+                name: so-logs-crowdstrike.falcon-logs
              number_of_replicas: 0
        composed_of:
        - logs-crowdstrike.falcon@package
@@ -4595,6 +4599,8 @@ elasticsearch:
        template:
          settings:
            index:
+              lifecycle:
+                name: so-logs-crowdstrike.fdr-logs
              number_of_replicas: 0
        composed_of:
        - logs-crowdstrike.fdr@package
@@ -4639,6 +4645,8 @@ elasticsearch:
        template:
          settings:
            index:
+              lifecycle:
+                name: so-logs-crowdstrike.host-logs
              number_of_replicas: 0
        composed_of:
        - logs-crowdstrike.host@package