Add sample track-params

elastic · Feb 25, 2025 · 7ed9294 · 7ed9294
1 parent b5d0098
commit 7ed9294
Show file tree

Hide file tree

Showing 4 changed files with 112 additions and 0 deletions.
diff --git a/elastic/security/tools/track-params-siem.json b/elastic/security/tools/track-params-siem.json
@@ -0,0 +1,38 @@
+{
+  "start_date": "2024-05-01",
+  "end_date": "2024-05-10",
+  "raw_data_volume_per_day": "10GB",
+  "integration_ratios": {
+    "logs-endpoint": {
+      "corpora": {
+        "endpoint-events-file": 0.2,
+        "endpoint-events-library": 0.1,
+        "endpoint-events-network": 0.2,
+        "endpoint-events-process": 0.3,
+        "endpoint-events-registry": 0.1,
+        "endpoint-events-security": 0.1
+      }
+    },
+    "auditbeat": {
+      "corpora": {
+        "auditbeat-security": 1.0
+      }
+    },
+    "filebeat": {
+      "corpora": {
+        "filebeat-security": 1.0
+      }
+    },
+    "metricbeat": {
+      "corpora": {
+        "metricbeat-security": 1.0
+      }
+    },
+    "winlogbeat": {
+      "corpora": {
+        "winlogbeat-security": 1.0
+      }
+    }
+  },
+  "index_mode": "logsdb"
+}
diff --git a/elastic/security/tools/track-params-standard.json b/elastic/security/tools/track-params-standard.json
@@ -0,0 +1,38 @@
+{
+  "start_date": "2024-05-01",
+  "end_date": "2024-05-10",
+  "raw_data_volume_per_day": "10GB",
+  "integration_ratios": {
+    "logs-endpoint": {
+      "corpora": {
+        "endpoint-events-file": 0.2,
+        "endpoint-events-library": 0.1,
+        "endpoint-events-network": 0.2,
+        "endpoint-events-process": 0.3,
+        "endpoint-events-registry": 0.1,
+        "endpoint-events-security": 0.1
+      }
+    },
+    "auditbeat": {
+      "corpora": {
+        "auditbeat-security": 1.0
+      }
+    },
+    "filebeat": {
+      "corpora": {
+        "filebeat-security": 1.0
+      }
+    },
+    "metricbeat": {
+      "corpora": {
+        "metricbeat-security": 1.0
+      }
+    },
+    "winlogbeat": {
+      "corpora": {
+        "winlogbeat-security": 1.0
+      }
+    }
+  },
+  "index_mode": "standard"
+}
diff --git a/elastic/security/tools/track-params.bak.json b/elastic/security/tools/track-params.bak.json
@@ -0,0 +1,20 @@
+{
+  "start_date": "2024-05-01",
+  "end_date": "2024-05-14",
+  "raw_data_volume_per_day": "1GB",
+  "integration_ratios": {
+    "logs-endpoint": {
+      "corpora": {
+        "endpoint-events-file": 0.2,
+        "endpoint-events-library": 0.1,
+        "endpoint-events-network": 0.2,
+        "endpoint-events-process": 0.3,
+        "endpoint-events-registry": 0.1,
+        "endpoint-events-security": 0.1
+      }
+    }
+  },
+  "skip_delete_component_template": true,
+  "logs_endpoint_from_kibana": true,
+  "index_mode": "logsdb"
+}
diff --git a/elastic/security/tools/track-params.json b/elastic/security/tools/track-params.json
@@ -0,0 +1,16 @@
+{
+  "start_date": "2024-09-24",
+  "end_date": "2024-09-25",
+  "integration_ratios": {
+    "logs-endpoint": {
+      "corpora": {
+        "endpoint-events-file": 0.2,
+        "endpoint-events-library": 0.1,
+        "endpoint-events-network": 0.2,
+        "endpoint-events-process": 0.3,
+        "endpoint-events-registry": 0.1,
+        "endpoint-events-security": 0.1
+      }
+    }
+  }
+}