CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13935 from Security-Onion-Solutions/ilm-detection

Browse Source
This commit is contained in:
Jorge Reyes
2024-11-13 15:07:29 -06:00
committed by GitHub
parent 4e0b5569dc f3a88de0c3
commit ff00ddeb3c
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/manager/tools/sbin/soup
View File

@@ -963,7 +963,14 @@ update_airgap_repo() {
update_elasticsearch_index_settings() { update_elasticsearch_index_settings() {
# Update managed indices to reflect latest index template # Update managed indices to reflect latest index template
for idx in "so-detection" "so-detectionhistory" "so-case" "so-casehistory"; do for idx in "so-detection" "so-detectionhistory" "so-case" "so-casehistory"; do
JSON_STRING=$( jq -n --arg INDEX_NAME "$idx" '{"settings": {"index.auto_expand_replicas":"0-2","index.lifecycle.name":($INDEX_NAME + "-logs")}}') ilm_name=$idx
if [ "$idx" = "so-detectionhistory" ]; then
ilm_name="so-detection"
elif [ "$idx" = "so-casehistory" ]; then
ilm_name="so-case"
fi
JSON_STRING=$( jq -n --arg ILM_NAME "$ilm_name" '{"settings": {"index.auto_expand_replicas":"0-2","index.lifecycle.name":($ILM_NAME + "-logs")}}')
echo "Checking if index \"$idx\" exists" echo "Checking if index \"$idx\" exists"
exists=$(curl -K /opt/so/conf/elasticsearch/curl.config -s -o /dev/null -w "%{http_code}" -k -L -H "Content-Type: application/json" "https://localhost:9200/$idx") exists=$(curl -K /opt/so/conf/elasticsearch/curl.config -s -o /dev/null -w "%{http_code}" -k -L -H "Content-Type: application/json" "https://localhost:9200/$idx")
if [ $exists -eq 200 ]; then if [ $exists -eq 200 ]; then