From b3f94961eaaceec597d4c10e7edd2183a1575e2c Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 26 Apr 2023 13:30:23 -0400
Subject: [PATCH] Fix Kibana and friends

---
 pillar/top.sls     | 19 ++++++++++++++++++-
 setup/so-functions |  5 +++++
 setup/so-variables |  6 ++++++
 3 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/pillar/top.sls b/pillar/top.sls
index 1acc5d030..9e65257d0 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -18,9 +18,12 @@ base:
 
   '*_eval or *_heavynode or *_sensor or *_standalone or *_import':
     - match: compound
-    - zeek
+    - zeek.soc_zeek
+    - zeek.adv_zeek
     - bpf.soc_bpf
     - bpf.adv_bpf
+    - suricata.soc_suricata
+    - suricata.adv_suricata
 
   '*_managersearch or *_heavynode':
     - match: compound
@@ -32,6 +35,8 @@ base:
     - elasticsearch.index_templates
     - elasticsearch.soc_elasticsearch
     - elasticsearch.adv_elasticsearch
+    - curator.soc_curator
+    - curator.adv_curator
 
   '*_manager':
     - logstash
@@ -39,6 +44,8 @@ base:
     - logstash.soc_logstash
     - logstash.adv_logstash
     - elasticsearch.index_templates
+    - curator.soc_curator
+    - curator.adv_curator
 
   '*_manager or *_managersearch':
     - match: compound
@@ -57,6 +64,8 @@ base:
     - idstools.adv_idstools
     - soc.soc_soc
     - soc.adv_soc
+    - kibana.soc_kibana
+    - kibana.adv_kibana
     - kratos.soc_kratos
     - kratos.adv_kratos
     - redis.soc_redis
@@ -65,6 +74,8 @@ base:
     - influxdb.adv_influxdb
     - elasticsearch.soc_elasticsearch
     - elasticsearch.adv_elasticsearch
+    - elastalert.soc_elastalert
+    - elastalert.adv_elastalert
     - backup.soc_backup
     - backup.adv_backup
     - firewall.soc_firewall
@@ -94,6 +105,8 @@ base:
     - kratos.soc_kratos
     - elasticsearch.soc_elasticsearch
     - elasticsearch.adv_elasticsearch
+    - elastalert.soc_elastalert
+    - elastalert.adv_elastalert
     - manager.soc_manager
     - manager.adv_manager
     - idstools.soc_idstools
@@ -139,6 +152,8 @@ base:
     - influxdb.adv_influxdb
     - elasticsearch.soc_elasticsearch
     - elasticsearch.adv_elasticsearch
+    - elastalert.soc_elastalert
+    - elastalert.adv_elastalert
     - manager.soc_manager
     - manager.adv_manager
     - soc.soc_soc
@@ -209,6 +224,8 @@ base:
     - kratos.soc_kratos
     - elasticsearch.soc_elasticsearch
     - elasticsearch.adv_elasticsearch
+    - elastalert.soc_elastalert
+    - elastalert.adv_elastalert
     - manager.soc_manager
     - manager.adv_manager
     - soc.soc_soc
diff --git a/setup/so-functions b/setup/so-functions
index d2506cac5..3d7017d8e 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1336,6 +1336,11 @@ idh_pillar() {
 	touch $adv_idh_pillar_file
 }
 
+kibana_pillar() {
+	touch $adv_kibana_pillar_file
+	touch $kibana_pillar_file
+}
+
 logstash_pillar() {
 	# Create the logstash advanced pillar
 	touch $adv_logstash_pillar_file
diff --git a/setup/so-variables b/setup/so-variables
index 98ecb2b4f..3d599afb4 100644
--- a/setup/so-variables
+++ b/setup/so-variables
@@ -154,6 +154,12 @@ export manager_pillar_file
 adv_manager_pillar_file="$local_salt_dir/pillar/manager/adv_manager.sls"
 export adv_manager_pillar_file
 
+kibana_pillar_file="$local_salt_dir/pillar/kibana/soc_kibana.sls"
+export kibana_pillar_file
+
+adv_kibana_pillar_file="$local_salt_dir/pillar/kibana/adv_kibana.sls"
+export adv_kibana_pillar_file
+
 kratos_pillar_file="$local_salt_dir/pillar/kratos/soc_kratos.sls"
 export kratos_pillar_file