Hive Module - Sync ES config

salt/hive/init.sls

@@ -1,3 +1,19 @@
+hiveconfdir:
+  file.directory:
+    - name: /opt/so/conf/hive/etc
+    - makedirs: True
+
+hivelogdir:
+  file.directory:
+    - name: /opt/so/log/hive
+    - makedirs: True
+
+hiveconf:
+  file.recurse:
+    - name: /opt/so/conf/hive/etc
+    - source: salt://hive/thehive/etc
+    - template: jinja
+
 # Install Elasticsearch
 
 # Made directory for ES data to live in
@@ -15,6 +31,8 @@ so-thehive-es:
     - tty: True
     - binds:
       - /nsm/hive/esdata:/usr/share/elasticsearch/data:rw
+      - /opt/so/conf/hive/etc/es/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
+      - /opt/so/log/hive:/var/log/elasticsearch:rw
     - environment:
       - http.host=0.0.0.0
       - http.port=9400
@@ -36,18 +54,6 @@ so-cortex:
     - hostname: so-cortex
     - name: so-cortex
 
-# Install Hive
-hiveconfdir:
-  file.directory:
-    - name: /opt/so/conf/hive/etc
-    - makedirs: True
-
-hiveconf:
-  file.managed:
-    - name: /opt/so/conf/hive/etc/application.conf
-    - source: salt://hive/thehive/etc/application.conf
-    - template: jinja
-
 so-thehive:
   docker_container.running:
     - image: thehiveproject/thehive:latest

salt/hive/thehive/etc/es/elasticsearch.yml

@@ -0,0 +1,19 @@
+cluster.name: "hive"
+network.host: 0.0.0.0
+discovery.zen.minimum_master_nodes: 1
+# This is a test -- if this is here, then the volume is mounted correctly.
+path.logs: /var/log/elasticsearch
+action.destructive_requires_name: true
+path.logs: /var/log/elasticsearch
+transport.bind_host: 0.0.0.0
+transport.publish_host: 0.0.0.0
+transport.publish_port: 9500
+http.host: 0.0.0.0
+http.port: 9400
+transport.tcp.port: 9500
+transport.host: 0.0.0.0
+xpack.security.enabled: false
+script.inline: true
+thread_pool.index.queue_size: 100000
+thread_pool.search.queue_size: 100000
+thread_pool.bulk.queue_size: 100000