Initial support for Live Queries in Hunt

2025-12-26 02:43:11 +01:00 · 2021-03-04 18:21:13 -05:00
parent b8137214e4
commit 548f67ca6f
10 changed files with 62 additions and 26 deletions
--- a/pillar/logstash/manager.sls
+++ b/pillar/logstash/manager.sls
@@ -3,6 +3,7 @@ logstash:
  pipelines:
    manager:
      config:
+        - so/0008_input_fleet_livequery.conf.jinja
        - so/0009_input_beats.conf      
        - so/0010_input_hhbeats.conf
        - so/9999_output_redis.conf.jinja
--- a/pillar/logstash/search.sls
+++ b/pillar/logstash/search.sls
@@ -8,6 +8,7 @@ logstash:
        - so/9002_output_import.conf.jinja
        - so/9034_output_syslog.conf.jinja
        - so/9100_output_osquery.conf.jinja
+        - so/9101_output_osquery_livequery.conf.jinja        
        - so/9400_output_suricata.conf.jinja
        - so/9500_output_beats.conf.jinja
        - so/9600_output_ossec.conf.jinja