From f7ab43e428e0e4050cc335903bdb0b6394368559 Mon Sep 17 00:00:00 2001
From: Mike Reeves <luke@geekempire.com>
Date: Tue, 11 Feb 2020 19:30:17 -0500
Subject: [PATCH] Update telegraf.conf

---
 salt/common/telegraf/etc/telegraf.conf | 49 +++++++++++++++++++++++++-
 1 file changed, 48 insertions(+), 1 deletion(-)

diff --git a/salt/common/telegraf/etc/telegraf.conf b/salt/common/telegraf/etc/telegraf.conf
index 3afe0e13a..7d65073a1 100644
--- a/salt/common/telegraf/etc/telegraf.conf
+++ b/salt/common/telegraf/etc/telegraf.conf
@@ -15,6 +15,7 @@
 
 {%- set MASTER = grains['master'] %}
 {% set NODEIP = salt['pillar.get']('node:mainip', '') %}
+{% set HELIX_API_KEY = salt['pillar.get']('fireeye:helix:api_key', '') %}
 
 
 # Global tags can be specified here in key="value" format.
@@ -86,6 +87,7 @@
 ###############################################################################
 
 # Configuration for sending metrics to InfluxDB
+{% if grains['role'] != 'so-helix' %}
 [[outputs.influxdb]]
   ## The full HTTP or UDP URL for your InfluxDB instance.
   ##
@@ -148,7 +150,52 @@
   ## integer values.  Enabling this option will result in field type errors if
   ## existing data has been written.
   # influx_uint_support = false
+{% else %}
+# A plugin that can transmit metrics over HTTP
+[[outputs.http]]
+  ## URL is the address to send metrics to
+  url = "https://helix-integrations.cloud.aws.apps.fireeye.com/api/upload"
 
+  ## Timeout for HTTP message
+  # timeout = "5s"
+
+  ## HTTP method, one of: "POST" or "PUT"
+   method = "POST"
+
+  ## HTTP Basic Auth credentials
+  # username = "username"
+  # password = "pa$$word"
+
+  ## OAuth2 Client Credentials Grant
+  # client_id = "clientid"
+  # client_secret = "secret"
+  # token_url = "https://indentityprovider/oauth2/v1/token"
+  # scopes = ["urn:opc:idm:__myscopes__"]
+
+  ## Optional TLS Config
+  # tls_ca = "/etc/telegraf/ca.pem"
+  # tls_cert = "/etc/telegraf/cert.pem"
+  # tls_key = "/etc/telegraf/key.pem"
+  ## Use TLS but skip chain & host verification
+  # insecure_skip_verify = false
+
+  ## Data format to output.
+  ## Each data format has it's own unique set of configuration options, read
+  ## more about them here:
+  ## https://github.com/influxdata/telegraf/blob/master/docs/DATA_FORMATS_OUTPUT.md
+   data_format = "json"
+
+  ## HTTP Content-Encoding for write request body, can be set to "gzip" to
+  ## compress body or "identity" to apply no encoding.
+   content_encoding = "gzip"
+
+  ## Additional HTTP headers
+   [outputs.http.headers]
+  #   # Should be set manually to "application/json" for json data_format
+     Content-Type = "application/json; charset=utf-8"
+     Authorization = "{{ HELIX_API_KEY }}"
+
+{% endif %}
 ###############################################################################
 #                            PROCESSOR PLUGINS                                #
 ###############################################################################
@@ -655,7 +702,7 @@
     "/scripts/checkfiles.sh",
     "/scripts/broloss.sh",
     "/scripts/oldpcap.sh",
-    "/scripts/helixeps.sh",
+    "/scripts/helixeps.sh"
   ]
   data_format = "influx"
 {% endif %}