CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add Actions for warm indices

Browse Source
This commit is contained in:
Mike Reeves
2021-08-31 15:09:26 -04:00
parent 476ecccbc1
commit ed116cf850
7 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/curator/files/action/so-cyberark-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-cyberark:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-cyberark
- filtertype: age
source: name
direction: older

4
salt/curator/files/action/so-firewall-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-firewall:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-firewall
- filtertype: age
source: name
direction: older

4
salt/curator/files/action/so-fortinet-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-fortinet:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-fortinet
- filtertype: age
source: name
direction: older

4
salt/curator/files/action/so-netscout-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-netscout:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-netscout
- filtertype: age
source: name
direction: older

4
salt/curator/files/action/so-sonicwall-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-sonicwall:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-sonicwall
- filtertype: age
source: name
direction: older

4
salt/curator/files/action/so-syslog-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-syslog:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-syslog
- filtertype: age
source: name
direction: older

4
salt/curator/files/action/so-zeek-warm.yml
View File

@@ -1,4 +1,4 @@
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-aws:warm', 7) -%}
{%- set WARM_DAYS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:warm', 7) -%}
actions:
1:
action: allocation
@@ -14,7 +14,7 @@ actions:
filters:
- filtertype: pattern
kind: prefix
value: so-aws
value: so-zeek
- filtertype: age
source: name
direction: older