Merge remote-tracking branch 'origin/2.4/dev' into vlb2

2025-12-08 18:22:47 +01:00 · 2025-09-25 16:06:36 -04:00
parent 1fb558cc77 7f1b76912c
commit cd04d1e5a7
3 changed files with 5 additions and 2 deletions
--- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
+++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-setup
@@ -79,7 +79,7 @@ if DEFAULTPOLICY=$(fleet_api "outputs/fleet-default-output"); then
    fleet_default=$(echo "$DEFAULTPOLICY" | jq -er '.item.is_default')
    fleet_default_monitoring=$(echo "$DEFAULTPOLICY" | jq -er '.item.is_default_monitoring')
 #   Check that fleet-default-output isn't configured as a default for anything ( both variables return false )
-    if [[ $fleet_default ]] && [[ $fleet_default_monitoring ]]; then
+    if [[ ! $fleet_default ]] && [[ ! $fleet_default_monitoring ]]; then
        echo -e "\nso-manager_elasticsearch is configured as the current default policy..."
    else
        echo -e "\nVerification of so-manager_elasticsearch policy failed... The default 'fleet-default-output' output is still active..."
--- a/salt/kratos/enabled.sls
+++ b/salt/kratos/enabled.sls
@@ -54,6 +54,9 @@ so-kratos:
      - file: kratosconfig
      - file: kratoslogdir
      - file: kratosdir
+    - retry:
+        attempts: 10
+        interval: 10

 delete_so-kratos_so-status.disabled:
  file.uncomment:
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -2545,7 +2545,7 @@ soc:
              level: 'high'  # info | low | medium | high | critical
        assistant:
          enabled: false
-          investigationPrompt: Investigate Alert ID {socid}
+          investigationPrompt: Investigate Alert ID {socId}
          contextLimitSmall: 200000
          contextLimitLarge: 1000000
          thresholdColorRatioLow: 0.5