From ff7db0be6394ba0b0ee623a3154f3aa7086e3422 Mon Sep 17 00:00:00 2001 From: weslambert Date: Fri, 23 Jun 2023 15:31:11 -0400 Subject: [PATCH] Remove old index settings --- setup/so-functions | 41 +---------------------------------------- 1 file changed, 1 insertion(+), 40 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index ef4e44eaa..72b7d2c2f 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1149,46 +1149,7 @@ elasticsearch_pillar() { " indices:"\ " query:"\ " bool:"\ - " max_clause_count: 3500"\ - " index_settings:"\ > $elasticsearch_pillar_file - for INDEX in aws azure barracuda beats bluecoat cef checkpoint cisco cyberark cylance elasticsearch endgame f5 firewall fortinet gcp google_workspace imperva infoblox juniper kibana logstash microsoft misp netflow netscout o365 okta osquery proofpoint radware redis snort snyk sonicwall sophos strelka syslog tomcat zeek zscaler - do - printf '%s\n'\ - " so-$INDEX:"\ - " warm: 7"\ - " close: 30"\ - " delete: 365"\ - " index_sorting: False"\ - " index_template:"\ - " template:"\ - " settings:"\ - " index:"\ - " mapping:"\ - " total_fields:"\ - " limit: 5000"\ - " refresh_interval: 30s"\ - " number_of_shards: 1"\ - " number_of_replicas: 0" >> $elasticsearch_pillar_file - done - for INDEX in import - do - printf '%s\n'\ - " so-$INDEX:"\ - " warm: 7"\ - " close: 73000"\ - " delete: 73001"\ - " index_sorting: False"\ - " index_template:"\ - " template:"\ - " settings:"\ - " index:"\ - " mapping:"\ - " total_fields:"\ - " limit: 5000"\ - " refresh_interval: 30s"\ - " number_of_shards: 1"\ - " number_of_replicas: 0" >> $elasticsearch_pillar_file - done + " max_clause_count: 3500" > $elasticsearch_pillar_file } es_heapsize() {