Merge pull request #12037 from Security-Onion-Solutions/fix/receiver

Fix receivers https://github.com/Security-Onion-Solutions/securityonion/issues/12038
2025-12-06 09:12:45 +01:00 · 2023-12-18 13:56:33 -05:00
parent 88684a6c19 f032ff40a2
commit 866c9988a0
2 changed files with 7 additions and 12 deletions
--- a/salt/logstash/enabled.sls
+++ b/salt/logstash/enabled.sls
@@ -8,12 +8,7 @@
 {%   from 'vars/globals.map.jinja' import GLOBALS %}
 {%   from 'docker/docker.map.jinja' import DOCKER %}
 {%   from 'logstash/map.jinja' import LOGSTASH_MERGED %}
-{%   from 'logstash/map.jinja' import REDIS_NODES %}
-{#   we append the manager here so that it is added to extra_hosts so the heavynode can resolve it #}
-{#   we cannont append in the logstash/map.jinja because then it would be added to the 0900_input_redis.conf #}
-{%   if GLOBALS.role == 'so-heavynode' %}
-{%     do REDIS_NODES.append({GLOBALS.manager:GLOBALS.manager_ip}) %}
-{%   endif %}
+{%   from 'logstash/map.jinja' import LOGSTASH_NODES %}
 {%   set lsheap = LOGSTASH_MERGED.settings.lsheap %}

 include:
@@ -34,7 +29,7 @@ so-logstash:
        - ipv4_address: {{ DOCKER.containers['so-logstash'].ip }}
    - user: logstash
    - extra_hosts:
-    {% for node in REDIS_NODES %}
+    {% for node in LOGSTASH_NODES %}
    {%   for hostname, ip in node.items() %}
      - {{hostname}}:{{ip}}
    {%   endfor %}
@@ -47,9 +42,9 @@ so-logstash:
    - environment:
      - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }}
    {% if DOCKER.containers['so-logstash'].extra_env %}
-      {% for XTRAENV in DOCKER.containers['so-logstash'].extra_env %}
+    {%   for XTRAENV in DOCKER.containers['so-logstash'].extra_env %}
      - {{ XTRAENV }}
-      {% endfor %}
+    {%   endfor %}
    {% endif %}
    - port_bindings:
      {% for BINDING in DOCKER.containers['so-logstash'].port_bindings %}
--- a/salt/logstash/pipelines/config/so/9805_output_elastic_agent.conf.jinja
+++ b/salt/logstash/pipelines/config/so/9805_output_elastic_agent.conf.jinja
@@ -3,7 +3,7 @@ output {
    if [metadata][pipeline] {
      if [metadata][_id] {
        elasticsearch {
-          hosts => "{{ GLOBALS.manager }}"
+          hosts => "{{ GLOBALS.hostname }}"
          ecs_compatibility => v8
          data_stream => true
          user => "{{ ES_USER }}"
@@ -17,7 +17,7 @@ output {
      }
      else {
        elasticsearch {
-          hosts => "{{ GLOBALS.manager }}"
+          hosts => "{{ GLOBALS.hostname }}"
          ecs_compatibility => v8
          data_stream => true
          user => "{{ ES_USER }}"
@@ -30,7 +30,7 @@ output {
    }
    else {
      elasticsearch {
-        hosts => "{{ GLOBALS.manager }}"
+        hosts => "{{ GLOBALS.hostname }}"
        ecs_compatibility => v8
        data_stream => true
        user => "{{ ES_USER }}"