Fix import and syslog actions

2026-05-05 02:48:21 +02:00 · 2023-03-07 17:41:48 +00:00
parent 26c9813276
commit f50639d2d2
2 changed files with 6 additions and 6 deletions
@@ -3,19 +3,19 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.
-{%- set DELETE_DAYS = CURATORMERGED['logs-syslog-so'].delete %}
+{%- set DELETE_DAYS = CURATORMERGED['logs-import-so'].delete %}
 actions:
  1:
    action: delete_indices
    description: >-
-      Delete syslog indices when older than {{ DELETE_DAYS }} days.
+      Delete import indices when older than {{ DELETE_DAYS }} days.
    options:
      ignore_empty_list: True
      disable_action: False
    filters:
    - filtertype: pattern
      kind: regex
-      value: '^(.ds-logs-syslog-so.*)$'
+      value: '^(.ds-logs-import-so.*)$'
    - filtertype: age
      source: name
      direction: older
@@ -3,19 +3,19 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.
-{%- set DELETE_DAYS = CURATORMERGED['logs-import-so'].delete %}
+{%- set DELETE_DAYS = CURATORMERGED['logs-syslog-so'].delete %}
 actions:
  1:
    action: delete_indices
    description: >-
-      Delete import indices when older than {{ DELETE_DAYS }} days.
+      Delete syslog indices when older than {{ DELETE_DAYS }} days.
    options:
      ignore_empty_list: True
      disable_action: False
    filters:
    - filtertype: pattern
      kind: regex
-      value: '^(.ds-logs-import-so.*)$'
+      value: '^(.ds-logs-syslog-so.*)$'
    - filtertype: age
      source: name
      direction: older