mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Merge pull request #15031 from Security-Onion-Solutions/reyesj2/kfoutput
fix case of broken kafka output policy when new receiver is added and…
This commit is contained in:
Jorge Reyes
GitHub
@@ -25,12 +25,20 @@ function update_kafka_outputs() {
|
|||||||
# Make sure SSL configuration is included in policy updates for Kafka output. SSL is configured in so-elastic-fleet-setup
|
# Make sure SSL configuration is included in policy updates for Kafka output. SSL is configured in so-elastic-fleet-setup
|
||||||
if kafka_policy=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "http://localhost:5601/api/fleet/outputs/so-manager_kafka" --fail 2>/dev/null); then
|
if kafka_policy=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "http://localhost:5601/api/fleet/outputs/so-manager_kafka" --fail 2>/dev/null); then
|
||||||
SSL_CONFIG=$(echo "$kafka_policy" | jq -r '.item.ssl')
|
SSL_CONFIG=$(echo "$kafka_policy" | jq -r '.item.ssl')
|
||||||
SECRETS=$(echo "$kafka_policy" | jq -r '.item.secrets')
|
if SECRETS=$(echo "$kafka_policy" | jq -er '.item.secrets' 2>/dev/null); then
|
||||||
JSON_STRING=$(jq -n \
|
# Update policy when fleet has secrets enabled
|
||||||
--arg UPDATEDLIST "$NEW_LIST_JSON" \
|
JSON_STRING=$(jq -n \
|
||||||
--argjson SSL_CONFIG "$SSL_CONFIG" \
|
--arg UPDATEDLIST "$NEW_LIST_JSON" \
|
||||||
--argjson SECRETS "$SECRETS" \
|
--argjson SSL_CONFIG "$SSL_CONFIG" \
|
||||||
'{"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG,"secrets": $SECRETS}')
|
--argjson SECRETS "$SECRETS" \
|
||||||
|
'{"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG,"secrets": $SECRETS}')
|
||||||
|
else
|
||||||
|
# Update policy when fleet has secrets disabled or policy hasn't been force updated
|
||||||
|
JSON_STRING=$(jq -n \
|
||||||
|
--arg UPDATEDLIST "$NEW_LIST_JSON" \
|
||||||
|
--argjson SSL_CONFIG "$SSL_CONFIG" \
|
||||||
|
'{"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG}')
|
||||||
|
fi
|
||||||
# Update Kafka outputs
|
# Update Kafka outputs
|
||||||
curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT "localhost:5601/api/fleet/outputs/so-manager_kafka" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" | jq
|
curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT "localhost:5601/api/fleet/outputs/so-manager_kafka" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" | jq
|
||||||
else
|
else
|
||||||
|
|||||||
Reference in New Issue
Block a user