mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-07 01:32:47 +01:00
Merge pull request #8804 from Security-Onion-Solutions/funstuff
Firewall and More
This commit is contained in:
Mike Reeves
GitHub
@@ -5,43 +5,54 @@ elasticsearch:
|
||||
description: The name of the Security Onion Elasticsearch cluster, for identification purposes.
|
||||
readonly: True
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
routing:
|
||||
allocation:
|
||||
disk:
|
||||
threshold_enabled:
|
||||
description: Specifies whether the Elasticsearch node will monitor the available disk space for low disk space conditions and take action to protect the cluster.
|
||||
helpLink: elasticsearch.html
|
||||
watermark:
|
||||
low:
|
||||
description: The lower percentage of used disk space representing a healthy node.
|
||||
helpLink: elasticsearch.html
|
||||
high:
|
||||
description: The higher percentage of used disk space representing an unhealthy node.
|
||||
helpLink: elasticsearch.html
|
||||
flood_stage:
|
||||
description: The max percentage of used disk space that will cause the node to take protective actions, such as blocking incoming events.
|
||||
helpLink: elasticsearch.html
|
||||
|
||||
script:
|
||||
max_compilations_rate:
|
||||
description: Max rate of script compilations permitted in the Elasticsearch cluster. Larger values will consume more resources.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
indices:
|
||||
query:
|
||||
bool:
|
||||
max_clause_count:
|
||||
description: Max number of boolean clauses per query.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
index_settings:
|
||||
so-aws: &indexSettings
|
||||
warm:
|
||||
description: Age (in days) of this index before it will move to warm storage, if warm nodes are present. Once moved, events on this index can take longer to fetch.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
close:
|
||||
description: Age (in days) of this index before it will be closed. Once closed, events on this index cannot be retrieved without first re-opening the index.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
delete:
|
||||
description: Age (in days) of this index before it will be deleted. Once deleted, events are permanently unrecoverable.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
index_sorting:
|
||||
description: Sorts the index by event time, at the cost of additional processing resource consumption.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
index_template:
|
||||
template:
|
||||
settings:
|
||||
@@ -51,15 +62,19 @@ elasticsearch:
|
||||
limit:
|
||||
description: Max number of fields that can exist on a single index. Larger values will consume more resources.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
refresh_interval:
|
||||
description: Seconds between index refreshes. Shorter intervals can cause query performance to suffer since this is a synchronous and resource-intensive operation.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
number_of_shards:
|
||||
description: Number of shards required for this index. Using multiple shards increases fault tolerance, but also increases storage and network costs.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
number_of_replicas:
|
||||
description: Number of replicas required for this index. Multiple replicas protects against data loss, while also increasing storage costs.
|
||||
global: True
|
||||
helpLink: elasticsearch.html
|
||||
so-azure: *indexSettings
|
||||
so-barracuda: *indexSettings
|
||||
so-beats: *indexSettings
|
||||
|
||||
Reference in New Issue
Block a user