From 9666f24e14b4225221178abb1fcdb27f6d34815f Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 13 Feb 2020 10:55:24 -0500 Subject: [PATCH 1/3] Update VERSION --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index af0b7ddbf..65087b4f5 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.6 +1.1.4 From 11319362c4efcd9dd48d7889591e49419eb6f47e Mon Sep 17 00:00:00 2001 From: Wes Lambert Date: Thu, 13 Feb 2020 18:47:45 +0000 Subject: [PATCH 2/3] Fix Wazuh archives path --- salt/logstash/conf/pipelines/eval/0800_input_eval.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/logstash/conf/pipelines/eval/0800_input_eval.conf b/salt/logstash/conf/pipelines/eval/0800_input_eval.conf index d3fd00029..b499c3b0f 100644 --- a/salt/logstash/conf/pipelines/eval/0800_input_eval.conf +++ b/salt/logstash/conf/pipelines/eval/0800_input_eval.conf @@ -182,7 +182,7 @@ input { type => "ossec" } file { - path => "/wazuh/archives/archive.json" + path => "/wazuh/archives/archives.json" type => "ossec_archive" } file { From 6f42c607f7da0ee6eb2bca4106acf266dad7f2f7 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 13 Feb 2020 15:08:00 -0500 Subject: [PATCH 3/3] Update telegraf.conf --- salt/common/telegraf/etc/telegraf.conf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/salt/common/telegraf/etc/telegraf.conf b/salt/common/telegraf/etc/telegraf.conf index 7d65073a1..90f43cd19 100644 --- a/salt/common/telegraf/etc/telegraf.conf +++ b/salt/common/telegraf/etc/telegraf.conf @@ -16,7 +16,7 @@ {%- set MASTER = grains['master'] %} {% set NODEIP = salt['pillar.get']('node:mainip', '') %} {% set HELIX_API_KEY = salt['pillar.get']('fireeye:helix:api_key', '') %} - +{% set UNIQUEID = salt['pillar.get']('sensor:uniqueid', '') %} # Global tags can be specified here in key="value" format. [global_tags] @@ -25,6 +25,9 @@ ## Environment variables can be used as tags, and throughout the config file # user = "$USER" +{% if grains['role'] == 'so-helix' %} + meta_cbid = {{ UNIQUEID }} +{% endif %} # Configuration for telegraf agent [agent]