From f0c1d8c50b9d9083f0eeaacc28d15835dd2bec0b Mon Sep 17 00:00:00 2001 From: Paul Date: Mon, 23 Nov 2020 15:50:45 +0100 Subject: [PATCH 1/4] hook/#130-elastic-search-indexing --- hooks/persistence-elastic/hook.js | 10 +- hooks/persistence-elastic/hook.test.js | 130 +++++++++++++----- hooks/persistence-elastic/package-lock.json | 5 + hooks/persistence-elastic/package.json | 15 +- .../templates/persistence-provider.yaml | 6 +- hooks/persistence-elastic/values.yaml | 4 + 6 files changed, 123 insertions(+), 47 deletions(-) diff --git a/hooks/persistence-elastic/hook.js b/hooks/persistence-elastic/hook.js index 00f7172aa5..fff5d30692 100644 --- a/hooks/persistence-elastic/hook.js +++ b/hooks/persistence-elastic/hook.js @@ -3,6 +3,8 @@ const { Client } = require("@elastic/elasticsearch"); const flatMap = require("lodash.flatmap"); const chunk = require("lodash.chunk"); +const moment = require('moment'); + const authParams = {}; const username = process.env["ELASTICSEARCH_USERNAME"]; @@ -10,6 +12,8 @@ const password = process.env["ELASTICSEARCH_PASSWORD"]; const apiKeyId = process.env["ELASTICSEARCH_APIKEY_ID"]; const apiKey = process.env["ELASTICSEARCH_APIKEY"]; +const defaultDateFormat = 'YYYY-MM-DD'; + if (apiKeyId && apiKey) { console.log("Using API Key for Authentication"); authParams.auth = { @@ -39,6 +43,8 @@ async function handle({ now = new Date(), tenant = process.env["NAMESPACE"], indexPrefix = process.env["ELASTICSEARCH_INDEX_PREFIX"] || "scbv2", + indexSuffix = process.env["ELASTICSEARCH_INDEX_SUFFIX"] || defaultDateFormat, + appendNamespace = process.env['ELASTICSEARCH_INDEX_APPEND_NAMESPACE'] || false }) { const findings = await getFindings(); @@ -47,8 +53,8 @@ async function handle({ `Using Elasticsearch Instance at "${process.env["ELASTICSEARCH_ADDRESS"]}"` ); - const timeStamp = now.toISOString().substr(0, 10); - const indexName = `${indexPrefix}_${tenant}_${timeStamp}`; + let indexName = appendNamespace ? `${indexPrefix}_${tenant}_` : `${indexPrefix}_`; + indexName += moment(now).format(indexSuffix) await client.indices.create( { diff --git a/hooks/persistence-elastic/hook.test.js b/hooks/persistence-elastic/hook.test.js index 1a73fbb13f..2bd218cbc6 100644 --- a/hooks/persistence-elastic/hook.test.js +++ b/hooks/persistence-elastic/hook.test.js @@ -5,28 +5,28 @@ beforeEach(() => { elasticClient.bulk.mockClear(); }); +const scan = { + metadata: { + uid: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + name: "demo-scan", + labels: { + company: "iteratec", + }, + }, + spec: { + scanType: "Nmap", + parameters: ["-Pn", "localhost"], + }, +}; + +const now = new Date('2020-11-11'); + test("should only send scan summary document if no findings are passing in", async () => { const findings = []; const getFindings = async () => findings; - const scan = { - metadata: { - uid: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", - name: "demo-scan", - labels: { - company: "iteratec", - }, - }, - spec: { - scanType: "Nmap", - parameters: ["-Pn", "localhost"], - }, - }; - - const now = new Date(); - - await handle({ getFindings, scan, now, tenant: "default" }); + await handle({ getFindings, scan, now, tenant: "default", appendNamespace: true }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ @@ -46,7 +46,7 @@ test("should only send scan summary document if no findings are passing in", asy expect(elasticClient.bulk).not.toBeCalled(); }); -test("should send findings to elasticsearch", async () => { +test("should send findings to elasticsearch with given prefix", async () => { const findings = [ { id: "4560b3e6-1219-4f5f-9b44-6579f5a32407", @@ -57,23 +57,7 @@ test("should send findings to elasticsearch", async () => { const getFindings = async () => findings; - const scan = { - metadata: { - uid: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", - name: "demo-scan", - labels: { - company: "iteratec", - }, - }, - spec: { - scanType: "Nmap", - parameters: ["-Pn", "localhost"], - }, - }; - - const now = new Date(); - - await handle({ getFindings, scan, now, tenant: "default" }); + await handle({ getFindings, scan, now, tenant: "default", indexPrefix: "myPrefix", appendNamespace: true }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ @@ -88,7 +72,7 @@ test("should send findings to elasticsearch", async () => { scan_type: "Nmap", type: "scan", }, - index: `scbv2_default_${now.toISOString().substr(0, 10)}`, + index: `myPrefix_default_${now.toISOString().substr(0, 10)}`, }); expect(elasticClient.bulk).toBeCalledTimes(1); @@ -97,7 +81,7 @@ test("should send findings to elasticsearch", async () => { body: [ { index: { - _index: `scbv2_default_${now.toISOString().substr(0, 10)}`, + _index: `myPrefix_default_${now.toISOString().substr(0, 10)}`, }, }, { @@ -116,3 +100,75 @@ test("should send findings to elasticsearch", async () => { ], }); }); + +test("should not append namespace if 'appendNamespace' is null", async () => { + const findings = []; + + const getFindings = async () => findings; + + await handle({ getFindings, scan, now, tenant: "default" }); + + expect(elasticClient.index).toBeCalledTimes(1); + expect(elasticClient.index).toBeCalledWith({ + body: { + "@timestamp": now, + id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + labels: { + company: "iteratec", + }, + name: "demo-scan", + parameters: ["-Pn", "localhost"], + scan_type: "Nmap", + type: "scan", + }, + index: `scbv2_${now.toISOString().substr(0, 10)}`, + }); +}); + +test("should append date format YYYY", async () => { + const findings = []; + + const getFindings = async () => findings; + + await handle({ getFindings, scan, now, tenant: "default", indexSuffix: "YYYY" }); + + expect(elasticClient.index).toBeCalledTimes(1); + expect(elasticClient.index).toBeCalledWith({ + body: { + "@timestamp": now, + id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + labels: { + company: "iteratec", + }, + name: "demo-scan", + parameters: ["-Pn", "localhost"], + scan_type: "Nmap", + type: "scan", + }, + index: `scbv2_${now.toISOString().substr(0, 4)}`, + }); +}); + +test("should append week format like YYYY/[W]w -> 2020/W46", async () => { + const findings = []; + + const getFindings = async () => findings; + + await handle({ getFindings, scan, now, tenant: "default", indexSuffix: "YYYY/[W]w" }); + + expect(elasticClient.index).toBeCalledTimes(1); + expect(elasticClient.index).toBeCalledWith({ + body: { + "@timestamp": now, + id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + labels: { + company: "iteratec", + }, + name: "demo-scan", + parameters: ["-Pn", "localhost"], + scan_type: "Nmap", + type: "scan", + }, + index: `scbv2_2020/W46`, + }); +}); diff --git a/hooks/persistence-elastic/package-lock.json b/hooks/persistence-elastic/package-lock.json index d40f69034a..c7546ca362 100644 --- a/hooks/persistence-elastic/package-lock.json +++ b/hooks/persistence-elastic/package-lock.json @@ -2885,6 +2885,11 @@ } } }, + "moment": { + "version": "2.29.1", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.1.tgz", + "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==" + }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", diff --git a/hooks/persistence-elastic/package.json b/hooks/persistence-elastic/package.json index 2d8ad109c5..143ff4c920 100644 --- a/hooks/persistence-elastic/package.json +++ b/hooks/persistence-elastic/package.json @@ -24,13 +24,13 @@ "url": "https://www.iteratec.com" }, "contributors": [ - { - "name" : "Jannik Hollenbach", - "url" : "https://github.com/J12934" + { + "name": "Jannik Hollenbach", + "url": "https://github.com/J12934" }, - { - "name" : "Robert Seedorff", - "url" : "https://github.com/rseedorff" + { + "name": "Robert Seedorff", + "url": "https://github.com/rseedorff" } ], "bugs": { @@ -40,7 +40,8 @@ "dependencies": { "@elastic/elasticsearch": "^7.9.1", "lodash.chunk": "^4.2.0", - "lodash.flatmap": "^4.5.0" + "lodash.flatmap": "^4.5.0", + "moment": "^2.29.1" }, "devDependencies": { "jest": "^25.1.0" diff --git a/hooks/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence-elastic/templates/persistence-provider.yaml index e444e30f67..99e5401b73 100644 --- a/hooks/persistence-elastic/templates/persistence-provider.yaml +++ b/hooks/persistence-elastic/templates/persistence-provider.yaml @@ -10,6 +10,10 @@ spec: env: - name: ELASTICSEARCH_INDEX_PREFIX value: {{ .Values.indexPrefix | quote }} + - name: ELASTICSEARCH_INDEX_SUFFIX + value: {{ .Values.indexSuffix | quote }} + - name: ELASTICSEARCH_INDEX_APPEND_NAMESPACE + value: {{ .Values.indexAppendNamespace | quote }} {{- if .Values.externalElasticStack.enabled }} - name: ELASTICSEARCH_ADDRESS value: {{ .Values.externalElasticStack.elasticsearchAddress | quote }} @@ -39,4 +43,4 @@ spec: secretKeyRef: name: {{ .Values.authentication.apiKeySecret }} key: id -{{- end }} \ No newline at end of file +{{- end }} diff --git a/hooks/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml index 1dd3ee8684..378c4047e8 100644 --- a/hooks/persistence-elastic/values.yaml +++ b/hooks/persistence-elastic/values.yaml @@ -12,6 +12,10 @@ image: # indexPrefix -- Define a specific index prefix used for all elasticsearch indices. indexPrefix: "scbv2" +# indexSuffix -- Define a specific index suffix based on date pattern (YEAR (YYYY), MONTH (YYYY-MM), WEEK (YYYY-Www), DATE (YYYY-MM-DD)) +indexSuffix: “YYYY-MM-DD” +# indexAppendNamespace -- Define if the name of the namespace where this hook is deployed to must be added to the index name. The namespace can be used to separate index by tenants (namespaces). +indexAppendNamespace: true externalElasticStack: # externalElasticStack.enabled -- Enable this when you already have an Elastic Stack running to which you want to send your results From 705099965c1b5b6b30c4da755d8eb460b907e6d8 Mon Sep 17 00:00:00 2001 From: paulschmelzer Date: Mon, 23 Nov 2020 14:51:13 +0000 Subject: [PATCH 2/4] Updating Helm Docs --- hooks/persistence-elastic/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hooks/persistence-elastic/README.md b/hooks/persistence-elastic/README.md index a2d9bd1974..8a68977084 100644 --- a/hooks/persistence-elastic/README.md +++ b/hooks/persistence-elastic/README.md @@ -40,7 +40,9 @@ helm upgrade --install elkh secureCodeBox/persistence-elastic | image.repository | string | `"docker.io/securecodebox/persistence-elastic"` | Image repository for the dashboard importer job | | image.tag | string | defaults to the charts version | Image tag for the dashboard importer job | | imagePullSecrets | list | `[]` | | +| indexAppendNamespace | bool | `true` | Define if the name of the namespace where this hook is deployed to must be added to the index name. The namespace can be used to separate index by tenants (namespaces). | | indexPrefix | string | `"scbv2"` | Define a specific index prefix used for all elasticsearch indices. | +| indexSuffix | string | `"“YYYY-MM-DD”"` | Define a specific index suffix based on date pattern (YEAR (YYYY), MONTH (YYYY-MM), WEEK (YYYY-Www), DATE (YYYY-MM-DD)) | | kibana | object | `{"enabled":true}` | Configures included Elasticsearch subchart | | kibana.enabled | bool | `true` | Enable if you want to deploy an kibana service (see: https://github.com/elastic/helm-charts/tree/master/kibana) | | nameOverride | string | `""` | | From 5a32eba8f5e9c06e9b45537a8a8f33075ca8342f Mon Sep 17 00:00:00 2001 From: Paul Date: Wed, 25 Nov 2020 10:39:13 +0100 Subject: [PATCH 3/4] Review changes --- hooks/persistence-elastic/README.md.gotmpl | 9 +++++- hooks/persistence-elastic/hook.js | 6 ++-- hooks/persistence-elastic/hook.test.js | 34 ++++++++++----------- hooks/persistence-elastic/package-lock.json | 11 ++++--- hooks/persistence-elastic/package.json | 6 ++-- hooks/persistence-elastic/values.yaml | 4 +-- 6 files changed, 39 insertions(+), 31 deletions(-) diff --git a/hooks/persistence-elastic/README.md.gotmpl b/hooks/persistence-elastic/README.md.gotmpl index 619c763d7f..fbbfac87d1 100644 --- a/hooks/persistence-elastic/README.md.gotmpl +++ b/hooks/persistence-elastic/README.md.gotmpl @@ -19,9 +19,16 @@ Installing the Elasticsearch persistenceProvider hook will add a _ReadOnly Hook_ helm upgrade --install elkh secureCodeBox/persistence-elastic ``` +## Elasticsearch Indexing + +For the elasticsearch `indexSuffix` you can provide a date format pattern. We use [Luxon](https://moment.github.io/luxon/) to format the date. So checkout +the [Luxon documentation](https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens) to see what kind of format patterns you can use for the +`indexSuffix`. Default pattern is `yyyy-MM-dd` + + ## Chart Configuration {{ template "chart.valuesTable" . }} -[elastic.io]: https://www.elastic.co/products/elasticsearch \ No newline at end of file +[elastic.io]: https://www.elastic.co/products/elasticsearch diff --git a/hooks/persistence-elastic/hook.js b/hooks/persistence-elastic/hook.js index fff5d30692..e633455e88 100644 --- a/hooks/persistence-elastic/hook.js +++ b/hooks/persistence-elastic/hook.js @@ -3,7 +3,7 @@ const { Client } = require("@elastic/elasticsearch"); const flatMap = require("lodash.flatmap"); const chunk = require("lodash.chunk"); -const moment = require('moment'); +const { DateTime } = require("luxon"); const authParams = {}; @@ -12,7 +12,7 @@ const password = process.env["ELASTICSEARCH_PASSWORD"]; const apiKeyId = process.env["ELASTICSEARCH_APIKEY_ID"]; const apiKey = process.env["ELASTICSEARCH_APIKEY"]; -const defaultDateFormat = 'YYYY-MM-DD'; +const defaultDateFormat = 'yyyy-MM-dd'; if (apiKeyId && apiKey) { console.log("Using API Key for Authentication"); @@ -54,7 +54,7 @@ async function handle({ ); let indexName = appendNamespace ? `${indexPrefix}_${tenant}_` : `${indexPrefix}_`; - indexName += moment(now).format(indexSuffix) + indexName += DateTime.fromJSDate(now).toFormat(indexSuffix) await client.indices.create( { diff --git a/hooks/persistence-elastic/hook.test.js b/hooks/persistence-elastic/hook.test.js index 2bd218cbc6..bc1f61e9f8 100644 --- a/hooks/persistence-elastic/hook.test.js +++ b/hooks/persistence-elastic/hook.test.js @@ -19,19 +19,19 @@ const scan = { }, }; -const now = new Date('2020-11-11'); +const testDate = new Date('2020-11-11'); test("should only send scan summary document if no findings are passing in", async () => { const findings = []; const getFindings = async () => findings; - await handle({ getFindings, scan, now, tenant: "default", appendNamespace: true }); + await handle({ getFindings, scan, now: testDate, tenant: "default", appendNamespace: true }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ body: { - "@timestamp": now, + "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", labels: { company: "iteratec", @@ -41,7 +41,7 @@ test("should only send scan summary document if no findings are passing in", asy scan_type: "Nmap", type: "scan", }, - index: `scbv2_default_${now.toISOString().substr(0, 10)}`, + index: `scbv2_default_2020-11-11`, }); expect(elasticClient.bulk).not.toBeCalled(); }); @@ -57,12 +57,12 @@ test("should send findings to elasticsearch with given prefix", async () => { const getFindings = async () => findings; - await handle({ getFindings, scan, now, tenant: "default", indexPrefix: "myPrefix", appendNamespace: true }); + await handle({ getFindings, scan, now: testDate, tenant: "default", indexPrefix: "myPrefix", appendNamespace: true }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ body: { - "@timestamp": now, + "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", labels: { company: "iteratec", @@ -72,7 +72,7 @@ test("should send findings to elasticsearch with given prefix", async () => { scan_type: "Nmap", type: "scan", }, - index: `myPrefix_default_${now.toISOString().substr(0, 10)}`, + index: `myPrefix_default_2020-11-11`, }); expect(elasticClient.bulk).toBeCalledTimes(1); @@ -81,11 +81,11 @@ test("should send findings to elasticsearch with given prefix", async () => { body: [ { index: { - _index: `myPrefix_default_${now.toISOString().substr(0, 10)}`, + _index: `myPrefix_default_${testDate.toISOString().substr(0, 10)}`, }, }, { - "@timestamp": now, + "@timestamp": testDate, category: "Open Port", id: "4560b3e6-1219-4f5f-9b44-6579f5a32407", name: "Port 5601 is open", @@ -106,12 +106,12 @@ test("should not append namespace if 'appendNamespace' is null", async () => { const getFindings = async () => findings; - await handle({ getFindings, scan, now, tenant: "default" }); + await handle({ getFindings, scan, now: testDate, tenant: "default" }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ body: { - "@timestamp": now, + "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", labels: { company: "iteratec", @@ -121,7 +121,7 @@ test("should not append namespace if 'appendNamespace' is null", async () => { scan_type: "Nmap", type: "scan", }, - index: `scbv2_${now.toISOString().substr(0, 10)}`, + index: `scbv2_2020-11-11`, }); }); @@ -130,12 +130,12 @@ test("should append date format YYYY", async () => { const getFindings = async () => findings; - await handle({ getFindings, scan, now, tenant: "default", indexSuffix: "YYYY" }); + await handle({ getFindings, scan, now: testDate, tenant: "default", indexSuffix: "yyyy" }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ body: { - "@timestamp": now, + "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", labels: { company: "iteratec", @@ -145,7 +145,7 @@ test("should append date format YYYY", async () => { scan_type: "Nmap", type: "scan", }, - index: `scbv2_${now.toISOString().substr(0, 4)}`, + index: `scbv2_2020`, }); }); @@ -154,12 +154,12 @@ test("should append week format like YYYY/[W]w -> 2020/W46", async () => { const getFindings = async () => findings; - await handle({ getFindings, scan, now, tenant: "default", indexSuffix: "YYYY/[W]w" }); + await handle({ getFindings, scan, now: testDate, tenant: "default", indexSuffix: "yyyy/'W'W" }); expect(elasticClient.index).toBeCalledTimes(1); expect(elasticClient.index).toBeCalledWith({ body: { - "@timestamp": now, + "@timestamp": testDate, id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", labels: { company: "iteratec", diff --git a/hooks/persistence-elastic/package-lock.json b/hooks/persistence-elastic/package-lock.json index c7546ca362..22463b8c90 100644 --- a/hooks/persistence-elastic/package-lock.json +++ b/hooks/persistence-elastic/package-lock.json @@ -2774,6 +2774,12 @@ "@sinonjs/commons": "^1.7.0" } }, + "luxon": { + "version": "1.25.0", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-1.25.0.tgz", + "integrity": "sha512-hEgLurSH8kQRjY6i4YLey+mcKVAWXbDNlZRmM6AgWDJ1cY3atl8Ztf5wEY7VBReFbmGnwQPz7KYJblL8B2k0jQ==", + "dev": true + }, "make-dir": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.0.2.tgz", @@ -2885,11 +2891,6 @@ } } }, - "moment": { - "version": "2.29.1", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.1.tgz", - "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==" - }, "ms": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", diff --git a/hooks/persistence-elastic/package.json b/hooks/persistence-elastic/package.json index 143ff4c920..957e152ed9 100644 --- a/hooks/persistence-elastic/package.json +++ b/hooks/persistence-elastic/package.json @@ -40,10 +40,10 @@ "dependencies": { "@elastic/elasticsearch": "^7.9.1", "lodash.chunk": "^4.2.0", - "lodash.flatmap": "^4.5.0", - "moment": "^2.29.1" + "lodash.flatmap": "^4.5.0" }, "devDependencies": { - "jest": "^25.1.0" + "jest": "^25.1.0", + "luxon": "^1.25.0" } } diff --git a/hooks/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml index 378c4047e8..f0a84741ae 100644 --- a/hooks/persistence-elastic/values.yaml +++ b/hooks/persistence-elastic/values.yaml @@ -12,8 +12,8 @@ image: # indexPrefix -- Define a specific index prefix used for all elasticsearch indices. indexPrefix: "scbv2" -# indexSuffix -- Define a specific index suffix based on date pattern (YEAR (YYYY), MONTH (YYYY-MM), WEEK (YYYY-Www), DATE (YYYY-MM-DD)) -indexSuffix: “YYYY-MM-DD” +# indexSuffix -- Define a specific index suffix based on date pattern (YEAR (yyyy), MONTH (yyyy-MM), WEEK (yyyy-'W'W), DATE (yyyy-MM-dd)). We use Luxon for date formatting (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens) +indexSuffix: “yyyy-MM-dd” # indexAppendNamespace -- Define if the name of the namespace where this hook is deployed to must be added to the index name. The namespace can be used to separate index by tenants (namespaces). indexAppendNamespace: true From e64c95850da293cf91d78fedaa05bf11b2626b6c Mon Sep 17 00:00:00 2001 From: paulschmelzer Date: Wed, 25 Nov 2020 12:33:04 +0000 Subject: [PATCH 4/4] Updating Helm Docs --- hooks/persistence-elastic/README.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/hooks/persistence-elastic/README.md b/hooks/persistence-elastic/README.md index 8a68977084..e37cb5ab57 100644 --- a/hooks/persistence-elastic/README.md +++ b/hooks/persistence-elastic/README.md @@ -19,6 +19,12 @@ Installing the Elasticsearch persistenceProvider hook will add a _ReadOnly Hook_ helm upgrade --install elkh secureCodeBox/persistence-elastic ``` +## Elasticsearch Indexing + +For the elasticsearch `indexSuffix` you can provide a date format pattern. We use [Luxon](https://moment.github.io/luxon/) to format the date. So checkout +the [Luxon documentation](https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens) to see what kind of format patterns you can use for the +`indexSuffix`. Default pattern is `yyyy-MM-dd` + ## Chart Configuration | Key | Type | Default | Description | @@ -42,7 +48,7 @@ helm upgrade --install elkh secureCodeBox/persistence-elastic | imagePullSecrets | list | `[]` | | | indexAppendNamespace | bool | `true` | Define if the name of the namespace where this hook is deployed to must be added to the index name. The namespace can be used to separate index by tenants (namespaces). | | indexPrefix | string | `"scbv2"` | Define a specific index prefix used for all elasticsearch indices. | -| indexSuffix | string | `"“YYYY-MM-DD”"` | Define a specific index suffix based on date pattern (YEAR (YYYY), MONTH (YYYY-MM), WEEK (YYYY-Www), DATE (YYYY-MM-DD)) | +| indexSuffix | string | `"“yyyy-MM-dd”"` | Define a specific index suffix based on date pattern (YEAR (yyyy), MONTH (yyyy-MM), WEEK (yyyy-'W'W), DATE (yyyy-MM-dd)). We use Luxon for date formatting (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens) | | kibana | object | `{"enabled":true}` | Configures included Elasticsearch subchart | | kibana.enabled | bool | `true` | Enable if you want to deploy an kibana service (see: https://github.com/elastic/helm-charts/tree/master/kibana) | | nameOverride | string | `""` | | @@ -52,4 +58,4 @@ helm upgrade --install elkh secureCodeBox/persistence-elastic | securityContext | object | `{}` | | | tolerations | list | `[]` | | -[elastic.io]: https://www.elastic.co/products/elasticsearch \ No newline at end of file +[elastic.io]: https://www.elastic.co/products/elasticsearch