CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebce67060f2e3b7b46c6b3fd7e1014b850526ef0
securityonion/salt/elasticsearch/defaults.yaml
Wes Lambert ebce67060f Initial template refactor
2022-02-14 15:20:33 +00:00

147 lines
3.9 KiB
YAML
Raw Blame History

elasticsearch:
config:
node:
name: {{ grains.host }}
attr:
box_type: hot
cluster:
name: {{ grains.host }}
routing:
allocation:
disk:
threshold_enabled: true
watermark:
low: 95%
high: 98%
flood_stage: 98%
network:
host: 0.0.0.0
path:
logs: /var/log/elasticsearch
action:
destructive_requires_name: true
transport:
bind_host: 0.0.0.0
publish_host: {{ grains.host }}
publish_port: 9300
xpack:
ml:
enabled: false
security:
enabled: true
authc:
anonymous:
authz_exception: true
roles: []
username: _anonymous
transport:
ssl:
enabled: true
verification_mode: none
key: /usr/share/elasticsearch/config/elasticsearch.key
certificate: /usr/share/elasticsearch/config/elasticsearch.crt
certificate_authorities:
- /usr/share/elasticsearch/config/ca.crt
http:
ssl:
enabled: true
client_authentication: none
key: /usr/share/elasticsearch/config/elasticsearch.key
certificate: /usr/share/elasticsearch/config/elasticsearch.crt
certificate_authorities:
- /usr/share/elasticsearch/config/ca.crt
script:
max_compilations_rate: 20000/1m
indices:
query:
bool:
max_clause_count: 3000
id_field_data:
enabled: false
logger:
org:
elasticsearch:
deprecation: ERROR
index_settings:
so-beats:
warm: 1
close: 1
delete: 900
index_sorting: False
index_template:
index_patterns:
- so-beats-*
template:
mappings:
dynamic_templates:
- strings_as_keyword:
mapping:
ignore_above: 1024
type: keyword
match_mapping_type: string
date_detection: false
settings:
index:
mapping:
total_fields:
limit: 3000
sort:
field: "@timestamp"
order: desc
refresh_interval: 30s
number_of_shards: 1
number_of_replicas: 0
composed_of:
- agent-mappings
- dtc-agent-mappings
- base-mappings
- dtc-base-mappings
- client-mappings
- cloud-mappings
- container-mappings
- data_stream-mappings
- destination-mappings
- dll-mappings
- dns-mappings
- dtc-dns-mappings
- ecs-mappings
- dtc-ecs-mappings
- error-mappings
- event-mappings
- dtc-event-mappings
- file-mappings
- dtc-file-mappings
- group-mappings
- host-mappings
- dtc-host-mappings
- http-mappings
- dtc-http-mappings
- log-mappings
- network-mappings
- dtc-network-mappings
- observer-mappings
- dtc-observer-mappings
- orchestrator-mappings
- organization-mappings
- package-mappings
- process-mappings
- dtc-process-mappings
- registry-mappings
- related-mappings
- rule-mappings
- dtc-rule-mappings
- server-mappings
- service-mappings
- dtc-service-mappings
- source-mappings
- threat-mappings
- tls-mappings
- tracing-mappings
- url-mappings
- user_agent-mappings
- dtc-user_agent-mappings
- vulnerability-mappings
- common-settings
- common-dynamic-mappings
- winlog-mappings
Reference in New Issue View Git Blame Copy Permalink