Merge pull request #10655 from Security-Onion-Solutions/feature/supported_integrations

Restructure Elasticsearch templates for supported integrations

setup/so-functions

@@ -1149,45 +1149,7 @@ elasticsearch_pillar() {
         "      query:"\
         "        bool:"\
         "          max_clause_count: 3500"\
-		"  index_settings:"\ > $elasticsearch_pillar_file
-		for INDEX in aws azure barracuda beats bluecoat cef checkpoint cisco cyberark cylance elasticsearch endgame f5 firewall fortinet gcp google_workspace imperva infoblox juniper kibana logstash microsoft misp netflow netscout o365 okta osquery proofpoint radware redis snort snyk sonicwall sophos strelka syslog tomcat zeek zscaler
-		do
-			printf '%s\n'\
-				"    so-$INDEX:"\
-        		"      warm: 7"\
-        		"      close: 30"\
-        		"      delete: 365"\
-				"      index_sorting: False"\
-				"      index_template:"\
-        		"        template:"\
-				"          settings:"\
-        		"            index:"\
-        		"              mapping:"\
-        		"                total_fields:"\
-        		"                  limit: 5000"\
-        		"              refresh_interval: 30s"\
-        		"              number_of_shards: 1"\
-        		"              number_of_replicas: 0" >> $elasticsearch_pillar_file
-		done
-		for INDEX in import
-		do
-			printf '%s\n'\
-				"    so-$INDEX:"\
-        		"      warm: 7"\
-        		"      close: 73000"\
-        		"      delete: 73001"\
-				"      index_sorting: False"\
-				"      index_template:"\
-        		"        template:"\
-				"          settings:"\
-        		"            index:"\
-        		"              mapping:"\
-        		"                total_fields:"\
-        		"                  limit: 5000"\
-        		"              refresh_interval: 30s"\
-        		"              number_of_shards: 1"\
-        		"              number_of_replicas: 0" >> $elasticsearch_pillar_file
-		done
+                "  index_settings: {}" > $elasticsearch_pillar_file
 }
 
 es_heapsize() {