CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 03:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8453 from Security-Onion-Solutions/fix/elasticsearch_geoip_local

Browse Source 
Configure Elasticsearch to use local GeoLite2 databases by default
This commit is contained in:
weslambert
2022-08-03 09:40:23 -04:00
committed by GitHub
parent 811063268f 8c694a7ca3
commit ee654f767a
2 changed files with 1 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/elasticsearch/config.map.jinja
View File

@@ -1,6 +1,5 @@
{% import_yaml 'elasticsearch/defaults.yaml' as ESCONFIG with context %} {% import_yaml 'elasticsearch/defaults.yaml' as ESCONFIG with context %}
{% set HIGHLANDER = salt['pillar.get']('global:highlander', False) %} {% set HIGHLANDER = salt['pillar.get']('global:highlander', False) %}
{% set ISAIRGAP = salt['pillar.get']('global:airgap', False) %}
{% if not salt['pillar.get']('elasticsearch:auth:enabled', False) %} {% if not salt['pillar.get']('elasticsearch:auth:enabled', False) %}
{% do ESCONFIG.elasticsearch.config.xpack.security.authc.anonymous.update({'username': 'anonymous_user', 'roles': 'superuser', 'authz_exception': 'true'}) %} {% do ESCONFIG.elasticsearch.config.xpack.security.authc.anonymous.update({'username': 'anonymous_user', 'roles': 'superuser', 'authz_exception': 'true'}) %}
@@ -34,10 +33,6 @@
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if ISAIRGAP %}
{% do ESCONFIG.elasticsearch.config.ingest.geoip.downloader.update({'enabled': false}) %}
{% endif %}
{# merge with the elasticsearch pillar #} {# merge with the elasticsearch pillar #}
{% set ESCONFIG = salt['pillar.get']('elasticsearch:config', default=ESCONFIG.elasticsearch.config, merge=True) %} {% set ESCONFIG = salt['pillar.get']('elasticsearch:config', default=ESCONFIG.elasticsearch.config, merge=True) %}

2
salt/elasticsearch/defaults.yaml
View File

@@ -58,7 +58,7 @@ elasticsearch:
ingest: ingest:
geoip: geoip:
downloader: downloader:
enabled: true enabled: false
logger: logger:
org: org:
elasticsearch: elasticsearch: