CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ensure Kratos events are sent to a data stream instead of an index

Browse Source
This commit is contained in:
Wes
2023-01-26 16:12:06 +00:00
parent 7d68ef0e8b
commit f1db1bc273
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/common/tools/sbin/so-image-common
View File

@@ -36,7 +36,9 @@ container_list() {
"so-steno" "so-steno"
"so-suricata" "so-suricata"
"so-telegraf" "so-telegraf"
"so-zeek" "so-zeek"
"so-elastic-agent"
"so-elastic-agent-builder"
) )
elif [ $MANAGERCHECK != 'so-helix' ]; then elif [ $MANAGERCHECK != 'so-helix' ]; then
TRUSTED_CONTAINERS=( TRUSTED_CONTAINERS=(

3
salt/elasticsearch/defaults.yaml
View File

@@ -2677,6 +2677,9 @@ elasticsearch:
delete: 365 delete: 365
index_sorting: False index_sorting: False
index_template: index_template:
data_stream:
hidden: false
allow_custom_routing: false
index_patterns: index_patterns:
- logs-kratos-so* - logs-kratos-so*
template: template: