From a0b579019ff9ffc288f4e101b6ad8c1679267bc0 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Mon, 26 Sep 2022 09:27:09 -0400
Subject: [PATCH] Live Query - View in Hunt fix

---
 salt/kibana/files/live_query_fixup.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/salt/kibana/files/live_query_fixup.sh b/salt/kibana/files/live_query_fixup.sh
index a0c6c48e5..5026e3a16 100644
--- a/salt/kibana/files/live_query_fixup.sh
+++ b/salt/kibana/files/live_query_fixup.sh
@@ -18,5 +18,7 @@ else
   echo "Pattern not found..."
   docker exec so-kibana sed -i 's|href:h|href:"https://{{ GLOBALS.url_base }}/#/hunt?q=action_id%3A%20"+e+"%20%7C%20groupby%20action_id%20action_data.query%20%7C%20groupby%20host.hostname%20%22metadata.input.beats.host.ip%22"|g' /usr/share/kibana/x-pack/plugins/osquery/target/public/osquery.chunk.0.js
   docker exec so-kibana sed -i 's|View in Discover|View in SO - Hunt|g' /usr/share/kibana/x-pack/plugins/osquery/target/public/osquery.chunk.0.js
+  docker exec so-kibana rm /usr/share/kibana/x-pack/plugins/osquery/target/public/osquery.chunk.0.js.br
+  docker exec so-kibana gzip -kf /usr/share/kibana/x-pack/plugins/osquery/target/public/osquery.chunk.0.js
   docker restart so-kibana
 fi