diff --git a/salt/logstash/pipelines/config/so/0900_input_redis.conf.jinja b/salt/logstash/pipelines/config/so/0900_input_redis.conf.jinja index c98a2a388..60229422b 100644 --- a/salt/logstash/pipelines/config/so/0900_input_redis.conf.jinja +++ b/salt/logstash/pipelines/config/so/0900_input_redis.conf.jinja @@ -1,5 +1,6 @@ {%- set MANAGER = salt['grains.get']('master') %} {%- set THREADS = salt['pillar.get']('logstash_settings:ls_input_threads', '') %} +{% set BATCH = salt['pillar.get']('logstash_settings:ls_pipeline_batch_size', 125) %} input { redis { @@ -10,5 +11,6 @@ input { key => 'logstash:unparsed' type => 'redis-input' threads => {{ THREADS }} + batch_count => {{ BATCH }} } } diff --git a/setup/so-functions b/setup/so-functions index 945176d57..135c8fbfe 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1104,7 +1104,6 @@ manager_pillar() { "logstash_settings:"\ " ls_pipeline_batch_size: 125"\ " ls_input_threads: 1"\ - " ls_batch_count: 125"\ " lsheap: $LS_HEAP_SIZE"\ " ls_pipeline_workers: $num_cpu_cores"\ ""\ @@ -1333,8 +1332,8 @@ elasticsearch_pillar() { "logstash_settings:"\ " ls_pipeline_batch_size: $LSPIPELINEBATCH"\ " ls_input_threads: $LSINPUTTHREADS"\ - " ls_batch_count: $LSINPUTBATCHCOUNT"\ " lsheap: $NODE_LS_HEAP_SIZE"\ + " ls_pipeline_workers: $num_cpu_cores"\ "" >> "$pillar_file" } diff --git a/setup/so-setup b/setup/so-setup index c543a635a..01e88fb63 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -272,7 +272,7 @@ if [[ $is_manager && $is_node ]]; then LSPIPELINEWORKERS=1 LSPIPELINEBATCH=125 LSINPUTTHREADS=1 - LSINPUTBATCHCOUNT=125 + LSPIPELINEBATCH=125 NIDS=Suricata ZEEKVERSION=ZEEK fi @@ -387,7 +387,6 @@ if [[ $is_node && ! $is_eval ]]; then whiptail_node_ls_pipeline_worker whiptail_node_ls_pipline_batchsize whiptail_node_ls_input_threads - whiptail_node_ls_input_batch_count whiptail_cur_close_days whiptail_log_size_limit else @@ -396,7 +395,7 @@ if [[ $is_node && ! $is_eval ]]; then LSPIPELINEWORKERS=$num_cpu_cores LSPIPELINEBATCH=125 LSINPUTTHREADS=1 - LSINPUTBATCHCOUNT=125 + LSPIPELINEBATCH=125 fi fi diff --git a/setup/so-whiptail b/setup/so-whiptail index c602dd8f3..2eca36d98 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -896,19 +896,6 @@ whiptail_node_ls_input_threads() { } -whiptail_node_ls_input_batch_count() { - - [ -n "$TESTING" ] && return - - LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \ - "\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) - - local exitstatus=$? - whiptail_check_exitstatus $exitstatus - -} - - #TODO: helper function to display error message or exit if batch mode # exit_if_batch <"Error string">