From f2bb54d99325736b81ad82482d39a82784163576 Mon Sep 17 00:00:00 2001 From: Wes Date: Wed, 11 Sep 2024 19:41:38 +0000 Subject: [PATCH] Add barracuda and imperva integrations --- salt/elasticfleet/defaults.yaml | 2 + salt/elasticsearch/defaults.yaml | 92 ++++++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+) diff --git a/salt/elasticfleet/defaults.yaml b/salt/elasticfleet/defaults.yaml index 48b24809e..ad2a7cc91 100644 --- a/salt/elasticfleet/defaults.yaml +++ b/salt/elasticfleet/defaults.yaml @@ -36,6 +36,7 @@ elasticfleet: - aws - azure - barracuda + - barracuda_cloudgen_firewall - carbonblack_edr - cef - checkpoint @@ -66,6 +67,7 @@ elasticfleet: - http_endpoint - httpjson - iis + - imperva_cloud_waf - journald - juniper - juniper_srx diff --git a/salt/elasticsearch/defaults.yaml b/salt/elasticsearch/defaults.yaml index 15df57f4c..06f5392d8 100644 --- a/salt/elasticsearch/defaults.yaml +++ b/salt/elasticsearch/defaults.yaml @@ -2366,6 +2366,52 @@ elasticsearch: set_priority: priority: 50 min_age: 30d + so-logs-barracuda_cloudgen_firewall_x_log: + index_sorting: False + index_template: + ignore_missing_component_templates: + - logs-barracuda_cloudgen_firewall.log@custom + index_patterns: + - "logs-barracuda_cloudgen_firewall.log-*" + template: + settings: + index: + lifecycle: + name: so-logs-barracuda_cloudgen_firewall.log-logs + number_of_replicas: 0 + composed_of: + - "logs-barracuda_cloudgen_firewall.log@package" + - "logs-barracuda_cloudgen_firewall.log@custom" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + cold: + actions: + set_priority: + priority: 0 + min_age: 30d + delete: + actions: + delete: {} + min_age: 365d + hot: + actions: + rollover: + max_age: 30d + max_primary_shard_size: 50gb + set_priority: + priority: 100 + min_age: 0ms + warm: + actions: + set_priority: + priority: 50 + min_age: 30d so-logs-carbonblack_edr_x_log: index_sorting: false index_template: @@ -6556,6 +6602,52 @@ elasticsearch: set_priority: priority: 50 min_age: 30d + so-logs-imperva_cloud_waf_x_event: + index_sorting: False + index_template: + ignore_missing_component_templates: + - logs-imperva_cloud_waf.event@custom + index_patterns: + - "logs-imperva_cloud_waf.event-*" + template: + settings: + index: + lifecycle: + name: so-logs-imperva_cloud_waf.event-logs + number_of_replicas: 0 + composed_of: + - "logs-imperva_cloud_waf.event@package" + - "logs-imperva_cloud_waf.event@custom" + - "so-fleet_globals-1" + - "so-fleet_agent_id_verification-1" + priority: 501 + data_stream: + hidden: false + allow_custom_routing: false + policy: + phases: + cold: + actions: + set_priority: + priority: 0 + min_age: 30d + delete: + actions: + delete: {} + min_age: 365d + hot: + actions: + rollover: + max_age: 30d + max_primary_shard_size: 50gb + set_priority: + priority: 100 + min_age: 0ms + warm: + actions: + set_priority: + priority: 50 + min_age: 30d so-logs-juniper_srx_x_log: index_sorting: false index_template: