Index Alias in Elastic Security (Network Map) [7.9.2]

Hi, everyone

I have a SonicWall index (firewall device) that has the index alias Elastic Security.

In Kibana --> Advanced Settings --> Elasticsearch indices -> securitySolution:defaultIndex

However, it does not work properly in Network, it does not show GeoIP information:

If I set indivual index-pattern instead of alias in securitySolution:defaultIndex , it works.

It seems Network map dashboard ignores the index alias (in this case elastic-security).

I would like to use an index alias for Elastic Security because I have many index and I think it would be more agile.

Thanks in advance,

Rodrigo

4 Likes

an alias is just a shortcut, for that config item it needs a specific index name or use the wildcard pattern. Look at how the default index patterns are for that setting.

1 Like

Hi @legoguy1000

Thanks :smiley: . However, it is a pity, from my point of view, it would be a nice feature can use an alias.

Regards

No problem. Depending on your index names u should just be able to do elastic-security-* and be good.

1 Like