Add Templates for all filebeat modules

salt/elasticsearch/templates/so/so-aws-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-aws:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-aws:refresh', '30s') %}
+{
+  "index_patterns": ["so-aws-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-azure-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-azure:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-azure:refresh', '30s') %}
+{
+  "index_patterns": ["so-azure-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-barracuda-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-barracuda:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-barracuda:refresh', '30s') %}
+{
+  "index_patterns": ["so-barracuda-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-bluecoat-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-bluecoat:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-bluecoat:refresh', '30s') %}
+{
+  "index_patterns": ["so-bluecoat-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-cef-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-cef:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-cef:refresh', '30s') %}
+{
+  "index_patterns": ["so-cef-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-checkpoint-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-checkpoint:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-checkpoint:refresh', '30s') %}
+{
+  "index_patterns": ["so-checkpoint-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-cisco-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-cisco:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-cisco:refresh', '30s') %}
+{
+  "index_patterns": ["so-cisco-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-cyberark-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-cyberark:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-cyberark:refresh', '30s') %}
+{
+  "index_patterns": ["so-cyberark-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-cylance-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-cylance:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-cylance:refresh', '30s') %}
+{
+  "index_patterns": ["so-cylance-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-elasticsearch-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-elasticsearch:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-elasticsearch:refresh', '30s') %}
+{
+  "index_patterns": ["so-elasticsearch-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-f5-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-f5:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-f5:refresh', '30s') %}
+{
+  "index_patterns": ["so-f5-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-fortinet-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zeek:refresh', '30s') %}
+{
+  "index_patterns": ["so-zeek-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-gcp-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-gcp:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-gcp:refresh', '30s') %}
+{
+  "index_patterns": ["so-gcp-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-google_workspace-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-google_workspace:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-google_workspace:refresh', '30s') %}
+{
+  "index_patterns": ["so-google_workspace-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-imperva-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-imperva:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-imperva:refresh', '30s') %}
+{
+  "index_patterns": ["so-imperva-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-infoblox-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-infoblox:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-infoblox:refresh', '30s') %}
+{
+  "index_patterns": ["so-infoblox-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-juniper-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-juniper:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-juniper:refresh', '30s') %}
+{
+  "index_patterns": ["so-juniper-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-kibana-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-kibana:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-kibana:refresh', '30s') %}
+{
+  "index_patterns": ["so-kibana-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-logstash-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-logstash:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-logstash:refresh', '30s') %}
+{
+  "index_patterns": ["so-logstash-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-microsoft-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-microsoft:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-microsoft:refresh', '30s') %}
+{
+  "index_patterns": ["so-microsoft-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-misp-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-misp:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-misp:refresh', '30s') %}
+{
+  "index_patterns": ["so-misp-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-netflow-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-netflow:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-netflow:refresh', '30s') %}
+{
+  "index_patterns": ["so-netflow-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-netscout-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-netscout:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-netscout:refresh', '30s') %}
+{
+  "index_patterns": ["so-netscout-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-o365-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-o365:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-o365:refresh', '30s') %}
+{
+  "index_patterns": ["so-o365-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-okta-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-okta:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-okta:refresh', '30s') %}
+{
+  "index_patterns": ["so-okta-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-proofpoint-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-proofpoint:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-proofpoint:refresh', '30s') %}
+{
+  "index_patterns": ["so-proofpoint-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-radware-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-radware:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-radware:refresh', '30s') %}
+{
+  "index_patterns": ["so-radware-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-redis-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zeek:refresh', '30s') %}
+{
+  "index_patterns": ["so-zeek-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-snort-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-snort:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-snort:refresh', '30s') %}
+{
+  "index_patterns": ["so-snort-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-snyk-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zeek:refresh', '30s') %}
+{
+  "index_patterns": ["so-zeek-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-sonicwall-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-sonicwall:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-sonicwall:refresh', '30s') %}
+{
+  "index_patterns": ["so-sonicwall-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-sophos-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zeek:refresh', '30s') %}
+{
+  "index_patterns": ["so-zeek-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-squid-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zeek:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zeek:refresh', '30s') %}
+{
+  "index_patterns": ["so-zeek-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-tomcat-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-tomcat:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-tomcat:refresh', '30s') %}
+{
+  "index_patterns": ["so-tomcat-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}

salt/elasticsearch/templates/so/so-zscaler-template.json.jinja

@@ -0,0 +1,13 @@
+{%- set SHARDS = salt['pillar.get']('elasticsearch:index_settings:so-zscaler:shards', 1) %}
+{%- set REPLICAS = salt['pillar.get']('elasticsearch:replicas', 0) %}
+{%- set REFRESH = salt['pillar.get']('elasticsearch:index_settings:so-zscaler:refresh', '30s') %}
+{
+  "index_patterns": ["so-zscaler-*"],
+  "version":50001,
+  "order":11,
+  "settings":{
+    "number_of_replicas":{{ REPLICAS }},
+    "number_of_shards":{{ SHARDS }},
+    "index.refresh_interval":"{{ REFRESH }}"
+  }
+}