Helix - Final Parser Fixes

salt/logstash/files/dynamic/9997_output_helix.conf

@@ -27,9 +27,11 @@ filter {
       #rename => { "%{[source_geo][country_code]}" => "srccountrycode" }
       #rename => { "%{[destination_geo][country_code]}" => "dstcountrycode" }
       rename => { "[beat_host][name]" => "sensor" }
+      copy => { "sensor" => "rawmsghostname" }
       rename => { "message" => "rawmsg" }
       #rename => { "event_type" => "program" }
       copy => { "type" => "class" }
+      copy => { "class" => "program"}
       rename => { "source_port" => "srcport" }
       rename => { "destination_port" => "dstport" }
       remove_field => ["source_ip", "destination_ip"]

setup/so-setup.sh

@@ -153,6 +153,7 @@ if (whiptail_you_sure) ; then
     RULESETUP=ETOPEN
     NSMSETUP=BASIC
     HNSENSOR=inherit
+    LS_HEAP_SIZE="1000m"
     calculate_useable_cores
     whiptail_make_changes
     set_hostname