From 7583593152ef3cb56ccf97f370f70d89eb469972 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Wed, 17 Mar 2021 15:47:36 -0400
Subject: [PATCH 1/2] Add space defaults scripot

---
 salt/common/tools/sbin/so-kibana-space-defaults | 13 +++++++++++++
 salt/kibana/bin/so-kibana-config-load           |  8 +-------
 2 files changed, 14 insertions(+), 7 deletions(-)
 create mode 100644 salt/common/tools/sbin/so-kibana-space-defaults

diff --git a/salt/common/tools/sbin/so-kibana-space-defaults b/salt/common/tools/sbin/so-kibana-space-defaults
new file mode 100644
index 000000000..edf356d45
--- /dev/null
+++ b/salt/common/tools/sbin/so-kibana-space-defaults
@@ -0,0 +1,13 @@
+. /usr/sbin/so-common
+
+wait_for_web_response "http://localhost:5601/app/kibana" "Elastic"
+## This hackery will be removed if using Elastic Auth ##
+
+# Let's snag a cookie from Kibana
+THECOOKIE=$(curl -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
+
+# Disable certain Features from showing up in the Kibana UI
+echo
+echo "Setting up default Space:"
+curl -b "sid=$THECOOKIE" -L -X PUT "localhost:5601/api/spaces/space/default" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' {"id":"default","name":"Default","disabledFeatures":["ml","enterpriseSearch","siem","logs","infrastructure","apm","uptime","monitoring","stackAlerts","actions","fleet"]} ' >> /opt/so/log/kibana/misc.log
+echo
\ No newline at end of file
diff --git a/salt/kibana/bin/so-kibana-config-load b/salt/kibana/bin/so-kibana-config-load
index 0ee2508eb..f07377018 100644
--- a/salt/kibana/bin/so-kibana-config-load
+++ b/salt/kibana/bin/so-kibana-config-load
@@ -23,10 +23,4 @@ wait_for_web_response "http://localhost:5601/app/kibana" "Elastic"
 THECOOKIE=$(curl -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
 
 # Load saved objects
-curl -b "sid=$THECOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@/opt/so/conf/kibana/saved_objects.ndjson > /dev/null 2>&1
-
-# Disable certain Features from showing up in the Kibana UI
-
-echo
-echo "Setting up default Space:"
-curl -b "sid=$THECOOKIE" -L -X PUT "localhost:5601/api/spaces/space/default" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' {"id":"default","name":"Default","disabledFeatures":["enterpriseSearch","siem","logs","infrastructure","apm","uptime","monitoring","stackAlerts","actions","fleet"]} ' | jq
\ No newline at end of file
+curl -b "sid=$THECOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@/opt/so/conf/kibana/saved_objects.ndjson >> /opt/so/log/kibana/misc.log
\ No newline at end of file

From 7da027abc1c0cdf1fc75491c2f50d26bd7a25238 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Wed, 17 Mar 2021 16:55:34 -0400
Subject: [PATCH 2/2] Make the Elastic license prompt case insensitive

---
 salt/common/tools/sbin/so-common | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common
index 0bc2c65b0..705ce841a 100755
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -140,7 +140,7 @@ EOM
 AGREED=$(whiptail --title "Security Onion Setup" --inputbox \
 "$message" 20 75 3>&1 1>&2 2>&3)
 
-if [ "$AGREED" = 'AGREE' ]; then
+if [ "${AGREED^^}" = 'AGREE' ]; then
   mkdir -p /opt/so/state
   touch /opt/so/state/yeselastic.txt 
 else