Merge pull request #431 from Security-Onion-Solutions/fix/elastic_changes

Fix/elastic changes

salt/kibana/etc/kibana.yml

@@ -4,7 +4,7 @@
 server.name: kibana
 server.host: "0"
 server.basePath: /kibana
-elasticsearch.url: http://{{ ES }}:9200
+elasticsearch.hosts: [ "http://{{ ES }}:9200" ]
 #kibana.index: ".kibana"
 #elasticsearch.username: elastic
 #elasticsearch.password: changeme

salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja

@@ -21,9 +21,9 @@ output {
     elasticsearch {
       pipeline => "%{event_type}"
       hosts => "{{ ES }}"
-      index => "so-ossec-%{+YYYY.MM.dd}"
+      index => "so-common-%{+YYYY.MM.dd}"
-      template_name => "so-ossec"
+      template_name => "so-common"
-      template => "/so-ossec-template.json"
+      template => "/so-common-template.json"
       template_overwrite => true
     }
   }

salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja

@@ -20,9 +20,9 @@ output {
   if [event_type] =~ "strelka" {
     elasticsearch {
       hosts => "{{ ES }}"
-      index => "so-strelka-%{+YYYY.MM.dd}"
+      index => "so-common-%{+YYYY.MM.dd}"
-      template_name => "so-strelka"
+      template_name => "so-common"
-      template => "/so-strelka-template.json"
+      template => "/so-common-template.json"
       template_overwrite => true
     }
   }

setup/so-functions

@@ -743,7 +743,7 @@ master_static() {
   touch /opt/so/saltstack/pillar/static.sls
 
   echo "static:" > /opt/so/saltstack/pillar/static.sls
-  echo "  soversion: HH1.1.4" >> /opt/so/saltstack/pillar/static.sls
+  echo "  soversion: HH1.2.1" >> /opt/so/saltstack/pillar/static.sls
   echo "  hnmaster: $HNMASTER" >> /opt/so/saltstack/pillar/static.sls
   echo "  ntpserver: $NTPSERVER" >> /opt/so/saltstack/pillar/static.sls
   echo "  proxy: $PROXY" >> /opt/so/saltstack/pillar/static.sls