From d2063c7e119d77f31139c6c9c94a5e5de1f18b3e Mon Sep 17 00:00:00 2001
From: weslambert <wlambertts@gmail.com>
Date: Tue, 29 Aug 2023 11:14:49 -0400
Subject: [PATCH] Add auditd reference back

---
 salt/elasticsearch/soc_elasticsearch.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/salt/elasticsearch/soc_elasticsearch.yaml b/salt/elasticsearch/soc_elasticsearch.yaml
index 1823337b5..e4de29e00 100644
--- a/salt/elasticsearch/soc_elasticsearch.yaml
+++ b/salt/elasticsearch/soc_elasticsearch.yaml
@@ -203,6 +203,7 @@ elasticsearch:
     so-logs-windows_x_sysmon_operational: *indexSettings
     so-logs-apache_x_access: *indexSettings
     so-logs-apache_x_error: *indexSettings
+    so-logs-auditd_x_log: *indexSettings
     so-logs-aws_x_cloudtrail: *indexSettings
     so-logs-aws_x_cloudwatch_logs: *indexSettings
     so-logs-aws_x_ec2_logs: *indexSettings