From 1006710226770abca3db06668b0702cc15a232e0 Mon Sep 17 00:00:00 2001
From: Wes <wlambertts@gmail.com>
Date: Wed, 20 Dec 2023 18:26:27 +0000
Subject: [PATCH] Change Curator disable config

---
 salt/allowed_states.map.jinja |  4 ----
 salt/curator/disabled.sls     | 21 ++++-----------------
 2 files changed, 4 insertions(+), 21 deletions(-)

diff --git a/salt/allowed_states.map.jinja b/salt/allowed_states.map.jinja
index 16178dab4..6585bd96c 100644
--- a/salt/allowed_states.map.jinja
+++ b/salt/allowed_states.map.jinja
@@ -219,10 +219,6 @@
     {% do allowed_states.append('kibana.secrets') %}
   {% endif %}
 
-  {% if grains.role in ['so-eval', 'so-standalone', 'so-managersearch', 'so-heavynode', 'so-manager'] %}
-    {% do allowed_states.append('curator.disabled') %}
-  {% endif %}
-
   {% if grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch'] %}
     {% do allowed_states.append('elastalert') %}
   {% endif %}
diff --git a/salt/curator/disabled.sls b/salt/curator/disabled.sls
index af94beef7..df0274766 100644
--- a/salt/curator/disabled.sls
+++ b/salt/curator/disabled.sls
@@ -1,14 +1,8 @@
 # Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.
 
-{% from 'allowed_states.map.jinja' import allowed_states %}
-{% if sls.split('.')[0] in allowed_states %}
-
-include:
-  - curator.sostatus
-  
 so-curator:
   docker_container.absent:
     - force: True
@@ -16,7 +10,7 @@ so-curator:
 so-curator_so-status.disabled:
   file.line:
     - name: /opt/so/conf/so-status/so-status.conf
-    - regex: ^so-curator$
+    - match: ^so-curator$
     - mode: delete
 
 so-curator-cluster-close:
@@ -32,14 +26,7 @@ delete_curator_configuration:
     - name: /opt/so/conf/curator
     - recurse: True
 
+{% set files = salt.file.find(path='/usr/sbin', name='so-curator*') %}
 delete_curator_scripts:
   file.absent:
-    - name: /usr/sbin/so-curator-*
-
-{% else %}
-
-{{sls}}_state_not_allowed:
-  test.fail_without_changes:
-    - name: {{sls}}_state_not_allowed
-
-{% endif %}
+    - names: {{files|yaml}}