From e4ce17d4ded6b3d55ec517ef13f0df585543e8bc Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Sun, 11 Oct 2020 16:10:55 -0400 Subject: [PATCH] Turn on SSL output --- salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja | 2 +- salt/logstash/pipelines/config/so/9002_output_import.conf.jinja | 2 +- salt/logstash/pipelines/config/so/9004_output_flow.conf.jinja | 2 +- salt/logstash/pipelines/config/so/9033_output_snort.conf.jinja | 2 +- salt/logstash/pipelines/config/so/9034_output_syslog.conf.jinja | 2 +- .../logstash/pipelines/config/so/9100_output_osquery.conf.jinja | 2 +- .../pipelines/config/so/9200_output_firewall.conf.jinja | 2 +- .../pipelines/config/so/9400_output_suricata.conf.jinja | 2 +- salt/logstash/pipelines/config/so/9500_output_beats.conf.jinja | 2 +- salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja | 2 +- .../logstash/pipelines/config/so/9700_output_strelka.conf.jinja | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja b/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja index dd5f267f0..84b146a73 100644 --- a/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja +++ b/salt/logstash/pipelines/config/so/9000_output_zeek.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-zeek" template => "/templates/so-zeek-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9002_output_import.conf.jinja b/salt/logstash/pipelines/config/so/9002_output_import.conf.jinja index 99d0362f5..5ad76d154 100644 --- a/salt/logstash/pipelines/config/so/9002_output_import.conf.jinja +++ b/salt/logstash/pipelines/config/so/9002_output_import.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-import" template => "/templates/so-import-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9004_output_flow.conf.jinja b/salt/logstash/pipelines/config/so/9004_output_flow.conf.jinja index 59543fd77..ae73f9afe 100644 --- a/salt/logstash/pipelines/config/so/9004_output_flow.conf.jinja +++ b/salt/logstash/pipelines/config/so/9004_output_flow.conf.jinja @@ -12,7 +12,7 @@ output { template_name => "so-flow" template => "/templates/so-flow-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9033_output_snort.conf.jinja b/salt/logstash/pipelines/config/so/9033_output_snort.conf.jinja index 79266e3a9..56814fbbf 100644 --- a/salt/logstash/pipelines/config/so/9033_output_snort.conf.jinja +++ b/salt/logstash/pipelines/config/so/9033_output_snort.conf.jinja @@ -12,7 +12,7 @@ output { template_name => "so-ids" template => "/templates/so-ids-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9034_output_syslog.conf.jinja b/salt/logstash/pipelines/config/so/9034_output_syslog.conf.jinja index ea59bda5d..dc486cf95 100644 --- a/salt/logstash/pipelines/config/so/9034_output_syslog.conf.jinja +++ b/salt/logstash/pipelines/config/so/9034_output_syslog.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-syslog" template => "/templates/so-syslog-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9100_output_osquery.conf.jinja b/salt/logstash/pipelines/config/so/9100_output_osquery.conf.jinja index a4eb3ce46..2e77f0c9a 100644 --- a/salt/logstash/pipelines/config/so/9100_output_osquery.conf.jinja +++ b/salt/logstash/pipelines/config/so/9100_output_osquery.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-osquery" template => "/templates/so-osquery-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9200_output_firewall.conf.jinja b/salt/logstash/pipelines/config/so/9200_output_firewall.conf.jinja index c8f1b6724..f4f92dbb6 100644 --- a/salt/logstash/pipelines/config/so/9200_output_firewall.conf.jinja +++ b/salt/logstash/pipelines/config/so/9200_output_firewall.conf.jinja @@ -12,7 +12,7 @@ output { template_name => "so-firewall" template => "/templates/so-firewall-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja b/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja index cfcfd05ce..9f2d24c84 100644 --- a/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja +++ b/salt/logstash/pipelines/config/so/9400_output_suricata.conf.jinja @@ -12,7 +12,7 @@ output { index => "so-ids-%{+YYYY.MM.dd}" template_name => "so-ids" template => "/templates/so-ids-template.json" - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9500_output_beats.conf.jinja b/salt/logstash/pipelines/config/so/9500_output_beats.conf.jinja index ea5f48709..d72ab382e 100644 --- a/salt/logstash/pipelines/config/so/9500_output_beats.conf.jinja +++ b/salt/logstash/pipelines/config/so/9500_output_beats.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-beats" template => "/templates/so-beats-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja b/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja index 1eb3675aa..26d5e5a2e 100644 --- a/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja +++ b/salt/logstash/pipelines/config/so/9600_output_ossec.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-ossec" template => "/templates/so-ossec-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %} diff --git a/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja b/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja index b5ebcc42c..b265c0c73 100644 --- a/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja +++ b/salt/logstash/pipelines/config/so/9700_output_strelka.conf.jinja @@ -13,7 +13,7 @@ output { template_name => "so-strelka" template => "/templates/so-strelka-template.json" template_overwrite => true - {%- if salt['pillar.get']('nodestab', {}) %} + {%- if grains['role'] in ['so-node','so-heavynode'] %} ssl => true ssl_verification => false {%- endif %}