Merge pull request #14229 from Security-Onion-Solutions/reyesj2/rel

force es pipeline sync
2025-12-06 17:22:49 +01:00 · 2025-02-13 08:54:06 -06:00
parent 8094bf9c7c 03b76cbcf5
commit 810abba83e
2 changed files with 10 additions and 3 deletions
--- a/salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2
+++ b/salt/elasticsearch/files/ingest/logs-pfsense.log-1.20.2
@@ -1,5 +1,12 @@
 {
  "description": "Pipeline for PFsense",
+  "_meta": {
+    "package": {
+      "name": "pfsense"
+    },
+    "managed_by": "fleet",
+    "managed": true
+  },
  "processors": [
    {
      "set": {
@@ -153,7 +160,7 @@
      }
    },
    {
-     "pipeline": {
+      "pipeline": {
        "name": "logs-pfsense.log-1.20.2-suricata",
        "if": "ctx.event.provider == 'suricata'"
      }
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -538,8 +538,8 @@ post_to_2.4.120() {
 }

 post_to_2.4.130() {
-  # Integrations policies need to be updated
-  rm -f /opt/so/state/eaintegrations.txt
+  # Integrations policies need to be updated, along with ingest pipelines & index templates.
+  rm -f /opt/so/state/eaintegrations.txt /opt/so/state/espipelines.txt /opt/so/state/estemplates.txt

  # Sync the newly generated index templates for elasticfleet integrations
  salt-call state.apply elasticsearch queue=True