CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9919 from Security-Onion-Solutions/fix/elasticsearch_ilm_policy_elastic_agent_default

Browse Source 
Add index lifecycle management policy definitions for default Elastic Agent data streams
This commit is contained in:
weslambert
2023-03-10 17:02:27 -05:00
committed by GitHub
parent 2fe8668f1b 16d9478196
commit a844819261
1 changed files with 209 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

209
salt/elasticsearch/defaults.yaml
View File

@@ -84,6 +84,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -119,6 +138,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -154,6 +192,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -189,6 +246,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -224,6 +300,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -259,6 +354,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -294,6 +408,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -329,6 +462,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -364,6 +516,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -399,6 +570,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent
@@ -434,6 +624,25 @@ elasticsearch:
- "so-fleet_globals-1"
- "so-fleet_agent_id_verification-1"
priority: 200
policy:
phases:
hot:
min_age: 0ms
actions:
set_priority:
priority: 100
rollover:
max_age: 30d
max_primary_shard_size: 50gb
cold:
min_age: 30d
actions:
set_priority:
priority: 0
delete:
min_age: 365d
actions:
delete: {}
_meta:
package:
name: elastic_agent