CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix index reference for system auth default

Browse Source
This commit is contained in:
weslambert
2023-03-13 17:27:06 -04:00
committed by GitHub
parent bab40de58d
commit f4112b30c0
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/curator/files/action/logs-system-auth-syslog-close.yaml
View File

@@ -3,7 +3,7 @@
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{%- set cur_close_days = CURATORMERGED['logs-import-so'].close %}
{%- set cur_close_days = CURATORMERGED['logs-system-auth-default'].close %}
actions:
1:
action: close
@@ -17,7 +17,7 @@ actions:
filters:
- filtertype: pattern
kind: regex
value: '^(.ds-logs-import-so.*)$'
value: '^(.ds-logs-system.auth-default.*)$'
- filtertype: age
source: name
direction: older