We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Currently, our default for warm min_age is 30d and cold min_age is the same 30d: https://github.com/Security-Onion-Solutions/securityonion/blob/2.4/dev/salt/elasticsearch/defaults.yaml#L149-L172
warm
cold
We should change the cold min_age to something else like 60d perhaps.
We should make this change in the global_overrides section and in each of the individual index sections.
We should also change the ex. 30d in the description at: https://github.com/Security-Onion-Solutions/securityonion/blob/2.4/dev/salt/elasticsearch/soc_elasticsearch.yaml#L123 and https://github.com/Security-Onion-Solutions/securityonion/blob/2.4/dev/salt/elasticsearch/soc_elasticsearch.yaml#L305
ex. 30d
The text was updated successfully, but these errors were encountered:
#12900
Sorry, something went wrong.
weslambert
No branches or pull requests
Currently, our default for
warm
min_age is 30d andcold
min_age is the same 30d:https://github.com/Security-Onion-Solutions/securityonion/blob/2.4/dev/salt/elasticsearch/defaults.yaml#L149-L172
We should change the
cold
min_age to something else like 60d perhaps.We should make this change in the global_overrides section and in each of the individual index sections.
We should also change the
ex. 30d
in the description at:https://github.com/Security-Onion-Solutions/securityonion/blob/2.4/dev/salt/elasticsearch/soc_elasticsearch.yaml#L123
and
https://github.com/Security-Onion-Solutions/securityonion/blob/2.4/dev/salt/elasticsearch/soc_elasticsearch.yaml#L305
The text was updated successfully, but these errors were encountered: