Index Alias in Elastic Security (Network Map) [7.9.2]

RdrgPorto · April 29, 2021, 9:10am

Hi, everyone

I have a SonicWall index (firewall device) that has the index alias Elastic Security.

In Kibana --> Advanced Settings --> Elasticsearch indices -> securitySolution:defaultIndex

However, it does not work properly in Network, it does not show GeoIP information:

If I set indivual index-pattern instead of alias in securitySolution:defaultIndex , it works.

It seems Network map dashboard ignores the index alias (in this case elastic-security).

I would like to use an index alias for Elastic Security because I have many index and I think it would be more agile.

Thanks in advance,

Rodrigo

legoguy1000 · April 30, 2021, 12:14am

an alias is just a shortcut, for that config item it needs a specific index name or use the wildcard pattern. Look at how the default index patterns are for that setting.

RdrgPorto · April 30, 2021, 8:01am

Hi @legoguy1000

Thanks . However, it is a pity, from my point of view, it would be a nice feature can use an alias.

Regards

legoguy1000 · April 30, 2021, 11:16am

No problem. Depending on your index names u should just be able to do elastic-security-* and be good.

system · May 28, 2021, 11:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can kibana uses alias for index pattern? Kibana	6	21128	July 6, 2017
Better names for index patterns Kibana	6	352	December 10, 2020
Index templates with more complex name matching Elasticsearch	1	406	July 5, 2017
Why can't I access the index alias I created to use in Kibana Discover/Visualize? Kibana	5	1286	November 16, 2020
Alias Names no show in Kibana Kibana	3	793	July 20, 2018

Index Alias in Elastic Security (Network Map) [7.9.2]

Related topics