From ce688cfb91c465b7edef729df0c159fcf6af7c93 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Wed, 7 Sep 2022 10:23:26 -0400
Subject: [PATCH] Elastic Agent setup changes

---
 salt/common/tools/sbin/so-elastic-fleet-setup | 7 ++++++-
 salt/elastic-fleet/install_agent_grid.sls     | 4 ++--
 salt/kibana/defaults.yaml                     | 2 +-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/salt/common/tools/sbin/so-elastic-fleet-setup b/salt/common/tools/sbin/so-elastic-fleet-setup
index a41beb5a6..c40699df2 100644
--- a/salt/common/tools/sbin/so-elastic-fleet-setup
+++ b/salt/common/tools/sbin/so-elastic-fleet-setup
@@ -55,12 +55,17 @@ printf "\n\n"
 #-H 'kbn-xsrf: true' -H 'Content-Type: application/json' \
 #-d  '{"name":"Endpoints-Initalization","id":"endpoints","description":"Initial Endpoint Policy","namespace":"default","monitoring_enabled":["logs"]}'
 
+ENDPOINTSENROLLMENTOKEN=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "localhost:5601/api/fleet/enrollment_api_keys" -H 'kbn-xsrf: true' -H 'Content-Type: application/json'  | jq .list | jq -r -c '.[] | select(.policy_id | contains("endpoints-default")) | .api_key')
+GRIDNODESENROLLMENTOKEN=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "localhost:5601/api/fleet/enrollment_api_keys" -H 'kbn-xsrf: true' -H 'Content-Type: application/json'  | jq .list | jq -r -c '.[] | select(.policy_id | contains("so-grid-ndoes")) | .api_key')
+
 # Store needed data in minion pillar
 pillar_file=/opt/so/saltstack/local/pillar/minions/{{ GLOBALS.minion_id }}.sls
 printf '%s\n'\
     "elasticfleet:"\
     "  server:"\
     "    es_token: '$ESTOKEN'"\
+    "    endpoints_enrollment: '$ENDPOINTSENROLLMENTOKEN'"\
+    "    grid_enrollment: '$GRIDNODESENROLLMENTOKEN'"\
     "    url: '{{ GLOBALS.manager_ip }}'"\
     "" >> "$pillar_file"
 
@@ -78,4 +83,4 @@ cd securityonion-image/so-elastic-agent-builder
 docker build -t so-elastic-agent-builder .
 
 so-elastic-agent-gen-installers
-/opt/so/conf/elastic-fleet/so_agent-installers/so-elastic-agent_linux
\ No newline at end of file
+salt-call state.apply elastic-fleet.install_agent_grid
\ No newline at end of file
diff --git a/salt/elastic-fleet/install_agent_grid.sls b/salt/elastic-fleet/install_agent_grid.sls
index 36249a67f..0396f4db8 100644
--- a/salt/elastic-fleet/install_agent_grid.sls
+++ b/salt/elastic-fleet/install_agent_grid.sls
@@ -7,7 +7,7 @@
 {% if not AGENT_STATUS  %}
 
 run_installer:
-  cmd.run:
-    - name: salt://elastic-fleet/files/so_agent-installers/so-elastic-agent_linux
+  cmd.script:
+    - name: salt://elastic-fleet/files/so_agent-installers/so-elastic-agent_linux 
 
 {% endif %}
diff --git a/salt/kibana/defaults.yaml b/salt/kibana/defaults.yaml
index 6480c9e55..637e80cf7 100644
--- a/salt/kibana/defaults.yaml
+++ b/salt/kibana/defaults.yaml
@@ -70,7 +70,7 @@ kibana:
                   - type: system/metrics
                     enabled: false
           - name: Endpoints-Initial
-            id: endpoints
+            id: endpoints-default
             description: "Initial Endpoint Policy"
             namespace: default
             monitoring_enabled: ['logs']