mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-24 18:03:10 +01:00
26 lines
944 B
YAML
26 lines
944 B
YAML
elastalert:
|
|
config:
|
|
disable_rules_on_error:
|
|
description: Disable rules on failure.
|
|
run_every:
|
|
minutes:
|
|
description: Amount of time in minutes between searches.
|
|
buffer_time:
|
|
minutes:
|
|
description: Amount of time in minutes to look through.
|
|
old_query_limit:
|
|
minutes:
|
|
description: Amount of time in minutes between queries to start at the most recently run query.
|
|
es_conn_timeout:
|
|
description: Timeout in seconds for connecting to and reading from Elasticsearch.
|
|
max_query_size:
|
|
description: The maximum number of documents that will be downloaded from Elasticsearch in a single query.
|
|
alert_time_limit:
|
|
days:
|
|
description: The retry window for failed alerts.
|
|
index_settings:
|
|
shards:
|
|
description: The amount of shards to use for elastalert.
|
|
replicas:
|
|
description: The amount of replicas for the Elastalert index.
|