update redis log file path

Merge pull request #15414 from Security-Onion-Solutions/reyesj2/patch-falsepos
no dates
2026-01-29 11:23:35 +01:00 · 2026-01-27 14:23:22 -06:00 · 2026-01-23 17:20:56 -06:00 · 2026-01-23 16:33:22 -06:00 · 2026-01-23 16:31:30 -06:00
2 changed files with 2 additions and 1 deletions
--- a/salt/common/tools/sbin/so-log-check
+++ b/salt/common/tools/sbin/so-log-check
@@ -163,6 +163,7 @@ if [[ $EXCLUDE_FALSE_POSITIVE_ERRORS == 'Y' ]]; then
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|updating component template"  # false positive (elasticsearch index or template names contain 'error') 
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|upgrading component template"  # false positive (elasticsearch index or template names contain 'error')
    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|upgrading composable template" # false positive (elasticsearch composable template names contain 'error')
+    EXCLUDED_ERRORS="$EXCLUDED_ERRORS|Error while parsing document for index \[.ds-logs-kratos-so-.*object mapping for \[file\]" # false positive (mapping error occuring BEFORE kratos index has rolled over in 2.4.210)
 fi

 if [[ $EXCLUDE_KNOWN_ERRORS == 'Y' ]]; then
--- a/salt/elasticfleet/files/integrations/grid-nodes_general/redis-logs.json
+++ b/salt/elasticfleet/files/integrations/grid-nodes_general/redis-logs.json
@@ -15,7 +15,7 @@
          "enabled": true,
          "vars": {
            "paths": [
-              "/opt/so/log/redis/redis.log"
+              "/opt/so/log/redis/redis-server.log"
            ],
            "tags": [
              "redis-log"
Author	SHA1	Message	Date
reyesj2	4ad6136d98	update redis log file path	2026-01-27 14:23:22 -06:00
Jorge Reyes	b0d87b49c6	Merge pull request #15414 from Security-Onion-Solutions/reyesj2/patch-falsepos	2026-01-23 17:20:56 -06:00
reyesj2	55b3fa389e	no dates	2026-01-23 16:33:22 -06:00
reyesj2	b3ae716929	ignore kratos file mapping error	2026-01-23 16:31:30 -06:00