Merge pull request #10462 from Security-Onion-Solutions/feature/elastic_agent_zeek_logging

Dynamic integration configuration and Zeek log exclusions for Elastic Agent
2025-12-17 06:22:53 +01:00 · 2023-05-30 19:27:13 -04:00
parent 4d4744a89b f3be63051b
commit 36791665f3
21 changed files with 197 additions and 75 deletions
--- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
+++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
@@ -6,7 +6,7 @@
 # this file except in compliance with the Elastic License 2.0.
 {% from 'vars/globals.map.jinja' import GLOBALS %}

-. /usr/sbin/so-common
+. /usr/sbin/so-elastic-fleet-common

 printf "\n### Create ES Token ###\n"
 ESTOKEN=$(curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/service_tokens" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' |  jq -r .value)