Merge pull request #8967 from Security-Onion-Solutions/curator2.4

add line space
2025-12-06 17:22:49 +01:00 · 2022-10-21 11:56:01 -04:00
parent 8197017b6c 8c5197c2ea
commit d148febc99
136 changed files with 136 additions and 136 deletions
--- a/salt/curator/files/action/delete.yml
+++ b/salt/curator/files/action/delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set log_size_limit = salt['pillar.get']('elasticsearch:log_size_limit') -%}
+{%- set log_size_limit = salt['pillar.get']('elasticsearch:log_size_limit') %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-aws-close.yml
+++ b/salt/curator/files/action/so-aws-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-aws'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-aws'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-aws-delete.yml
+++ b/salt/curator/files/action/so-aws-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-aws'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-aws'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-aws-warm.yml
+++ b/salt/curator/files/action/so-aws-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-aws'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-aws'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-azure-close.yml
+++ b/salt/curator/files/action/so-azure-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-azure'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-azure'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-azure-delete.yml
+++ b/salt/curator/files/action/so-azure-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-azure'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-azure'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-azure-warm.yml
+++ b/salt/curator/files/action/so-azure-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-azure'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-azure'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-barracuda-close.yml
+++ b/salt/curator/files/action/so-barracuda-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-barracuda'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-barracuda'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-barracuda-delete.yml
+++ b/salt/curator/files/action/so-barracuda-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-barracuda'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-barracuda'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-barracuda-warm.yml
+++ b/salt/curator/files/action/so-barracuda-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-barracuda'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-barracuda'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-beats-close.yml
+++ b/salt/curator/files/action/so-beats-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-beats'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-beats'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-beats-delete.yml
+++ b/salt/curator/files/action/so-beats-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-beats'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-beats'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-beats-warm.yml
+++ b/salt/curator/files/action/so-beats-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-beats'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-beats'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-bluecoat-close.yml
+++ b/salt/curator/files/action/so-bluecoat-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-bluecoat'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-bluecoat'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-bluecoat-delete.yml
+++ b/salt/curator/files/action/so-bluecoat-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-bluecoat'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-bluecoat'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-bluecoat-warm.yml
+++ b/salt/curator/files/action/so-bluecoat-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-bluecoat'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-bluecoat'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-cef-close.yml
+++ b/salt/curator/files/action/so-cef-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-cef'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-cef'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-cef-delete.yml
+++ b/salt/curator/files/action/so-cef-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-cef'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-cef'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-cef-warm.yml
+++ b/salt/curator/files/action/so-cef-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-cef'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-cef'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-checkpoint-close.yml
+++ b/salt/curator/files/action/so-checkpoint-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-checkpoint'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-checkpoint'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-checkpoint-delete.yml
+++ b/salt/curator/files/action/so-checkpoint-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-checkpoint'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-checkpoint'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-checkpoint-warm.yml
+++ b/salt/curator/files/action/so-checkpoint-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-checkpoint'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-checkpoint'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-cisco-close.yml
+++ b/salt/curator/files/action/so-cisco-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-cisco'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-cisco'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-cisco-delete.yml
+++ b/salt/curator/files/action/so-cisco-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-cisco'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-cisco'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-cisco-warm.yml
+++ b/salt/curator/files/action/so-cisco-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-cisco'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-cisco'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-cyberark-close.yml
+++ b/salt/curator/files/action/so-cyberark-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-cyberark'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-cyberark'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-cyberark-delete.yml
+++ b/salt/curator/files/action/so-cyberark-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-cyberark'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-cyberark'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-cyberark-warm.yml
+++ b/salt/curator/files/action/so-cyberark-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-cyberark'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-cyberark'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-cylance-close.yml
+++ b/salt/curator/files/action/so-cylance-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-cylance'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-cylance'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-cylance-delete.yml
+++ b/salt/curator/files/action/so-cylance-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-cylance'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-cylance'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-cylance-warm.yml
+++ b/salt/curator/files/action/so-cylance-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-cylance'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-cylance'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-elasticsearch-close.yml
+++ b/salt/curator/files/action/so-elasticsearch-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-elasticsearch'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-elasticsearch'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-elasticsearch-delete.yml
+++ b/salt/curator/files/action/so-elasticsearch-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-elasticsearch'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-elasticsearch'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-elasticsearch-warm.yml
+++ b/salt/curator/files/action/so-elasticsearch-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-elasticsearch'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-elasticsearch'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-endgame-close.yml
+++ b/salt/curator/files/action/so-endgame-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-endgame'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-endgame'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-endgame-delete.yml
+++ b/salt/curator/files/action/so-endgame-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-endgame'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-endgame'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-endgame-warm.yml
+++ b/salt/curator/files/action/so-endgame-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-endgame'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-endgame'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-f5-close.yml
+++ b/salt/curator/files/action/so-f5-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-f5'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-f5'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-f5-delete.yml
+++ b/salt/curator/files/action/so-f5-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-f5'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-f5'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-f5-warm.yml
+++ b/salt/curator/files/action/so-f5-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-f5'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-f5'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-firewall-close.yml
+++ b/salt/curator/files/action/so-firewall-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-firewall'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-firewall'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-firewall-delete.yml
+++ b/salt/curator/files/action/so-firewall-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-firewall'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-firewall'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-firewall-warm.yml
+++ b/salt/curator/files/action/so-firewall-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-firewall'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-firewall'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-fortinet-close.yml
+++ b/salt/curator/files/action/so-fortinet-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-fortinet'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-fortinet'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-fortinet-delete.yml
+++ b/salt/curator/files/action/so-fortinet-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-fortinet'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-fortinet'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-fortinet-warm.yml
+++ b/salt/curator/files/action/so-fortinet-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-fortinet'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-fortinet'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-gcp-close.yml
+++ b/salt/curator/files/action/so-gcp-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-gcp'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-gcp'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-gcp-delete.yml
+++ b/salt/curator/files/action/so-gcp-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-gcp'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-gcp'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-gcp-warm.yml
+++ b/salt/curator/files/action/so-gcp-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-gcp'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-gcp'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-google_workspace-close.yml
+++ b/salt/curator/files/action/so-google_workspace-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-google_workspace'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-google_workspace'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-google_workspace-delete.yml
+++ b/salt/curator/files/action/so-google_workspace-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-google_workspace'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-google_workspace'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-google_workspace-warm.yml
+++ b/salt/curator/files/action/so-google_workspace-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-google_workspace'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-google_workspace'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-ids-close.yml
+++ b/salt/curator/files/action/so-ids-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-ids'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-ids'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-ids-delete.yml
+++ b/salt/curator/files/action/so-ids-delete.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set DELETE_DAYS = CURATORMERGED['so-ids'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-ids'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-ids-warm.yml
+++ b/salt/curator/files/action/so-ids-warm.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set WARM_DAYS = CURATORMERGED['so-ids'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-ids'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-imperva-close.yml
+++ b/salt/curator/files/action/so-imperva-close.yml
@@ -4,7 +4,7 @@
 # Elastic License 2.0.


-{%- set cur_close_days = CURATORMERGED['so-imperva'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-imperva'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-imperva-delete.yml
+++ b/salt/curator/files/action/so-imperva-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-imperva'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-imperva'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-imperva-warm.yml
+++ b/salt/curator/files/action/so-imperva-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-imperva'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-imperva'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-import-close.yml
+++ b/salt/curator/files/action/so-import-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-import'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-import'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-import-delete.yml
+++ b/salt/curator/files/action/so-import-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-import'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-import'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-import-warm.yml
+++ b/salt/curator/files/action/so-import-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-import'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-import'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-infoblox-close.yml
+++ b/salt/curator/files/action/so-infoblox-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-infoblox'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-infoblox'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-infoblox-delete.yml
+++ b/salt/curator/files/action/so-infoblox-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-infoblox'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-infoblox'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-infoblox-warm.yml
+++ b/salt/curator/files/action/so-infoblox-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-infoblox'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-infoblox'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-juniper-close.yml
+++ b/salt/curator/files/action/so-juniper-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-juniper'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-juniper'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-juniper-delete.yml
+++ b/salt/curator/files/action/so-juniper-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-juniper'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-juniper'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-juniper-warm.yml
+++ b/salt/curator/files/action/so-juniper-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-aws'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-aws'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-kibana-close.yml
+++ b/salt/curator/files/action/so-kibana-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-kibana'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-kibana'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-kibana-delete.yml
+++ b/salt/curator/files/action/so-kibana-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-kibana'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-kibana'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-kibana-warm.yml
+++ b/salt/curator/files/action/so-kibana-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-kibana'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-kibana'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-kratos-close.yml
+++ b/salt/curator/files/action/so-kratos-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-kratos'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-kratos'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-kratos-delete.yml
+++ b/salt/curator/files/action/so-kratos-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-kratos'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-kratos'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-kratos-warm.yml
+++ b/salt/curator/files/action/so-kratos-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-kratos'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-kratos'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-logstash-close.yml
+++ b/salt/curator/files/action/so-logstash-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-logstash'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-logstash'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-logstash-delete.yml
+++ b/salt/curator/files/action/so-logstash-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-logstash'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-logstash'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-logstash-warm.yml
+++ b/salt/curator/files/action/so-logstash-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-logstash'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-logstash'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-microsoft-close.yml
+++ b/salt/curator/files/action/so-microsoft-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-microsoft'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-microsoft'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-microsoft-delete.yml
+++ b/salt/curator/files/action/so-microsoft-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-microsoft'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-microsoft'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-microsoft-warm.yml
+++ b/salt/curator/files/action/so-microsoft-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-microsoft'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-microsoft'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-misp-close.yml
+++ b/salt/curator/files/action/so-misp-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-misp'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-misp'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-misp-delete.yml
+++ b/salt/curator/files/action/so-misp-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-misp'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-misp'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-misp-warm.yml
+++ b/salt/curator/files/action/so-misp-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-misp'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-misp'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-netflow-close.yml
+++ b/salt/curator/files/action/so-netflow-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-netflow'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-netflow'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-netflow-delete.yml
+++ b/salt/curator/files/action/so-netflow-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-netflow'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-netflow'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-netflow-warm.yml
+++ b/salt/curator/files/action/so-netflow-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-netflow'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-netflow'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-netscout-close.yml
+++ b/salt/curator/files/action/so-netscout-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-netscout'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-netscout'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-netscout-delete.yml
+++ b/salt/curator/files/action/so-netscout-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-netscout'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-netscout'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-netscout-warm.yml
+++ b/salt/curator/files/action/so-netscout-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-netscout'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-netscout'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-o365-close.yml
+++ b/salt/curator/files/action/so-o365-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-o365'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-o365'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-o365-delete.yml
+++ b/salt/curator/files/action/so-o365-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-o365'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-o365'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-o365-warm.yml
+++ b/salt/curator/files/action/so-o365-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-o365'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-o365'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-okta-close.yml
+++ b/salt/curator/files/action/so-okta-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-okta'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-okta'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-okta-warm.yml
+++ b/salt/curator/files/action/so-okta-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-okta'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-okta'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-okta.delete.yml
+++ b/salt/curator/files/action/so-okta.delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-okta'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-okta'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-osquery-close.yml
+++ b/salt/curator/files/action/so-osquery-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-osquery'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-osquery'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-osquery-delete.yml
+++ b/salt/curator/files/action/so-osquery-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-osquery'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-osquery'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-osquery-warm.yml
+++ b/salt/curator/files/action/so-osquery-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-osquery'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-osquery'].warm %}
 actions:
  1:
    action: allocation
--- a/salt/curator/files/action/so-ossec-close.yml
+++ b/salt/curator/files/action/so-ossec-close.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set cur_close_days = CURATORMERGED['so-ossec'].close -%}
+{%- set cur_close_days = CURATORMERGED['so-ossec'].close %}
 actions:
  1:
    action: close
--- a/salt/curator/files/action/so-ossec-delete.yml
+++ b/salt/curator/files/action/so-ossec-delete.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set DELETE_DAYS = CURATORMERGED['so-ossec'].delete -%}
+{%- set DELETE_DAYS = CURATORMERGED['so-ossec'].delete %}
 actions:
  1:
    action: delete_indices
--- a/salt/curator/files/action/so-ossec-warm.yml
+++ b/salt/curator/files/action/so-ossec-warm.yml
@@ -3,7 +3,7 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.

-{%- set WARM_DAYS = CURATORMERGED['so-ossec'].warm -%}
+{%- set WARM_DAYS = CURATORMERGED['so-ossec'].warm %}
 actions:
  1:
    action: allocation
--- a/Show More
+++ b/Show More