Merge pull request #78 from TOoSmOotH/master

Readme Update
2025-12-06 09:12:45 +01:00 · 2019-10-11 09:28:59 -04:00
parent 9a7b6c0672 a4a2f7eeda
commit 7f05b3747f
3 changed files with 22 additions and 24 deletions
--- a/README.md
+++ b/README.md
@@ -56,7 +56,7 @@ Distributed:
 - Minimum 4 CPU cores per VM
 - Minimum 2 NICs for forward nodes

-### Prerequisites for Netowrk Based Install
+### Prerequisites for Network Based Install

 Install git if using a Centos 7 Minimal install:

--- a/salt/fleet/so-fleet-setup.sh
+++ b/salt/fleet/so-fleet-setup.sh
@@ -24,7 +24,9 @@ cat /etc/pki/fleet.crt /etc/pki/ca.crt > /etc/pki/launcher.crt
 #Create the output directory
 mkdir /opt/so/conf/fleet/packages

+#At some point we should version launcher `latest` to avoid hard pinning here
 docker run \
+  --rm \
  --mount type=bind,source=/opt/so/conf/fleet/packages,target=/output \
  --mount type=bind,source=/etc/pki/launcher.crt,target=/var/launcher/launcher.crt \
  soshybridhunter/so-fleet-launcher:HH1.1.0 "$esecret" "$1":8080
--- a/salt/logstash/etc/beats-template.json
+++ b/salt/logstash/etc/beats-template.json
@@ -27,24 +27,6 @@
            "path_match": "docker.container.labels.*"
          }
        },
-        {
-          "event_data": {
-            "mapping": {
-              "type": "keyword"
-            },
-            "match_mapping_type": "string",
-            "path_match": "event_data.*"
-          }
-        },
-        {
-          "user_data": {
-            "mapping": {
-              "type": "keyword"
-            },
-            "match_mapping_type": "string",
-            "path_match": "user_data.*"
-          }
-        },
        {
          "strings_as_keyword": {
            "mapping": {
@@ -59,7 +41,15 @@
        "@timestamp": {
          "type": "date"
        },
-        "activity_id": {
+        "event_data": {
+          "type":"object",
+          "dynamic": true	
+	},
+        "beat_host": {
+          "type":"object",
+          "dynamic": true	
+	},
+	"activity_id": {
          "ignore_above": 1024,
          "type": "keyword"
        },
@@ -83,6 +73,14 @@
            }
          }
        },
+	"username":{
+          "type":"text",
+          "fields": {
+            "keyword":{
+              "type":"keyword"
+            }
+          }
+        },
        "computer_name": {
          "type": "text",
          "fields":{
@@ -129,9 +127,6 @@
            }
          }
        },
-        "event_data": {
-          "type": "object"
-        },
        "event_id": {
          "type": "long"
        },
@@ -283,7 +278,8 @@
          }
        },
        "user_data": {
-          "type": "object"
+          "type": "object",
+          "dynamic": "true"
        },
        "version": {
          "type": "keyword"