mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-24 18:03:10 +01:00
44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
elastalert:
|
|
config:
|
|
disable_rules_on_error:
|
|
description: Disable rules on failure.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
run_every:
|
|
minutes:
|
|
description: Amount of time in minutes between searches.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
buffer_time:
|
|
minutes:
|
|
description: Amount of time in minutes to look through.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
old_query_limit:
|
|
minutes:
|
|
description: Amount of time in minutes between queries to start at the most recently run query.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
es_conn_timeout:
|
|
description: Timeout in seconds for connecting to and reading from Elasticsearch.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
max_query_size:
|
|
description: The maximum number of documents that will be returned from Elasticsearch in a single query.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
alert_time_limit:
|
|
days:
|
|
description: The retry window for failed alerts.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
index_settings:
|
|
shards:
|
|
description: The number of shards for elastalert indices.
|
|
global: True
|
|
helpLink: elastalert.html
|
|
replicas:
|
|
description: The number of replicas for elastalert indices.
|
|
global: True
|
|
helpLink: elastalert.html
|