From b6a785395dbae410711812ed4d4215d0d65bb410 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Mon, 15 Mar 2021 15:42:13 +0000
Subject: [PATCH 1/3] Add Strelka staging directory for state

---
 salt/strelka/init.sls | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/salt/strelka/init.sls b/salt/strelka/init.sls
index 91226701d..3d916aa93 100644
--- a/salt/strelka/init.sls
+++ b/salt/strelka/init.sls
@@ -86,6 +86,13 @@ strelkaprocessed:
     - group: 939
     - makedirs: True
 
+strelkastaging:
+   file.directory:
+    - name: /nsm/strelka/staging
+    - user: 939
+    - group: 939
+    - makedirs: True
+
 strelkaunprocessed:
    file.directory:
     - name: /nsm/strelka/unprocessed
@@ -213,4 +220,4 @@ strelka_zeek_extracted_sync:
   test.fail_without_changes:
     - name: {{sls}}_state_not_allowed
 
-{% endif %}
\ No newline at end of file
+{% endif %}

From f142b754dca88f17adaaaca6a9ea2693165efe99 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Mon, 15 Mar 2021 15:43:31 +0000
Subject: [PATCH 2/3] Add Strelka files.processed directory so files will be
 moved from staging to processed

---
 salt/strelka/files/filestream/filestream.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/salt/strelka/files/filestream/filestream.yaml b/salt/strelka/files/filestream/filestream.yaml
index aa5d51ad1..57ef65127 100644
--- a/salt/strelka/files/filestream/filestream.yaml
+++ b/salt/strelka/files/filestream/filestream.yaml
@@ -19,7 +19,8 @@ files:
     - '/nsm/strelka/unprocessed/*'
   delete: false
   gatekeeper: true
+  processed: '/nsm/strelka/processed'
 response:
   report: 5s
 delta: 5s
-staging: '/nsm/strelka/processed'
+staging: '/nsm/strelka/staging'

From 674bb342ea966569b870d419232b7bbbad2d13ee Mon Sep 17 00:00:00 2001
From: Mike Reeves <luke@geekempire.com>
Date: Mon, 15 Mar 2021 16:39:43 -0400
Subject: [PATCH 3/3] Turn off SSL Verification in Telegraf

---
 salt/telegraf/etc/telegraf.conf | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/salt/telegraf/etc/telegraf.conf b/salt/telegraf/etc/telegraf.conf
index b8976b8c9..f6bcbdaf5 100644
--- a/salt/telegraf/etc/telegraf.conf
+++ b/salt/telegraf/etc/telegraf.conf
@@ -618,11 +618,8 @@
 # # Read stats from one or more Elasticsearch servers or clusters
 {% if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone']   %}
  [[inputs.elasticsearch]]
-
-#   ## specify a list of one or more Elasticsearch servers
-#   # you can add username and password to your url to use basic authentication:
-#   # servers = ["http://user:pass@localhost:9200"]
    servers = ["https://{{ MANAGER }}:9200"]
+   insecure_skip_verify = true
 {% elif grains['role'] in ['so-node', 'so-hotnode', 'so-warmnode', 'so-heavynode']  %}
  [[inputs.elasticsearch]]
    servers = ["https://{{ NODEIP }}:9200"]