From d28a9ecec240dfd5cd2434b2e3755bcdd172ec11 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Mon, 19 Sep 2022 13:32:04 -0400
Subject: [PATCH 1/3] Set Dashboard UUID

---
 salt/grafana/dashboards/common_template.json.jinja | 2 ++
 salt/grafana/init.sls                              | 1 +
 2 files changed, 3 insertions(+)

diff --git a/salt/grafana/dashboards/common_template.json.jinja b/salt/grafana/dashboards/common_template.json.jinja
index 23060a2fb..4c6745c3c 100644
--- a/salt/grafana/dashboards/common_template.json.jinja
+++ b/salt/grafana/dashboards/common_template.json.jinja
@@ -57,6 +57,8 @@
   "title": "{{ TITLE }}",
   {% if TITLE | lower == 'security onion grid overview' %}
   "uid": "so_overview",
+  {% else %}
+  "uid": "{{ UID }}",
   {% endif %}
   "version": 1
 }
diff --git a/salt/grafana/init.sls b/salt/grafana/init.sls
index f71bc3acb..584219906 100644
--- a/salt/grafana/init.sls
+++ b/salt/grafana/init.sls
@@ -117,6 +117,7 @@ so-grafana-dashboard-folder-delete:
         TEMPLATES: {{GRAFANA_SETTINGS.dashboards[dashboard].templating.list}}
         TITLE: {{ GRAFANA_SETTINGS.dashboards[dashboard].get('title', dashboard| capitalize) }}
         ID: {{ loop.index }}
+        UID: {{ dashboard }}
 {% endfor %}
 
 so-grafana:

From ea7979cfdde0c20f433361d832eebdd1eed42d1c Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Mon, 19 Sep 2022 15:33:15 -0400
Subject: [PATCH 2/3] Add Elastic Agent datastreams to SOC index

---
 salt/soc/defaults.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 7c0f78f96..10ef4cb8d 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -64,7 +64,7 @@ soc:
         remoteHostUrls: []
         username:
         password:
-        index: '*:so-*,*:endgame-*'
+        index: '*:so-*,*:endgame-*,.ds-logs*'
         cacheMs: 300000
         verifyCert: false
         casesEnabled: true

From 80919827c6bb45425005b07b052369f484fb49d0 Mon Sep 17 00:00:00 2001
From: Josh Brower <josh@defensivedepth.com>
Date: Mon, 19 Sep 2022 15:55:23 -0400
Subject: [PATCH 3/3] Fixup index patterns

---
 salt/soc/defaults.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 10ef4cb8d..401d7fc21 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -64,7 +64,7 @@ soc:
         remoteHostUrls: []
         username:
         password:
-        index: '*:so-*,*:endgame-*,.ds-logs*'
+        index: '*:so-*,*:endgame-*,*:logs-*'
         cacheMs: 300000
         verifyCert: false
         casesEnabled: true