b1273573ed
Fix jq $def keyword collision in optional-integrations-load
...
The agent-policy enumeration passed --argjson def, creating a jq
variable $def. 'def' is a reserved keyword in jq and the deployed jq
version rejects it, so the program failed to compile and
in_use_integrations was left empty (silently disabling the in-use
upgrade guard). Rename the arg to $defaults.
2026-06-11 15:50:53 -04:00
f23652397c
Speed up so-elastic-fleet-optional-integrations-load decision logic
...
Replace the per-package decision loop (which forked ~10 processes per
package and rebuilt a growing JSON file on every add -> O(n^2)) with two
jq passes: one prints the status messages, one builds the bulk install
list. A vnum/needs() jq definition reproduces the previous
version_conversion/compare_versions and excluded/subscription/installed/
upgrade/in-use logic exactly. Also fetch each agent policy once and
extract non-default package names locally instead of re-fetching the
policy per integration (1+K -> 1 GET per policy). Install behavior is
unchanged.
2026-06-11 13:57:56 -04:00
39d0947102
update default elastic agent logging level to warning
2026-04-29 17:38:40 -05:00
9cec79b299
check current fleet policy cert against cert on disk
...
Co-authored-by: Copilot <copilot@github.com >
2026-04-28 13:34:39 -05:00
06a555fafb
urlencode elasticsearch version
2026-04-21 14:01:31 -05:00
0405a66c72
enable elastic agent patch release for 9.3.3
2026-04-13 16:27:28 -05:00
89e49d0bf3
rework elasticsearch index template generation
2026-04-09 16:44:51 -05:00
1d57c02608
Merge pull request #15436 from Security-Onion-Solutions/reyesj2-patch-13
2026-01-28 15:36:50 -06:00
ebeeb91297
run fleet ssl state in fleet.config to ensure all required certs are created before so-elastic-fleet-setup runs
2026-01-28 15:23:38 -06:00
1c06bddb09
include all so-grid-nodes_* policies in automatic EA upgrades
2026-01-28 11:01:57 -06:00
8cf0d59560
remove block of elasticsearch-logs integration on heavynodes
2026-01-26 12:48:15 -06:00
a78e0b0871
only create /opt/so/state/eaintegrations.txt when all policies have been created/updated successfully
2026-01-26 12:26:21 -06:00
32f030f6f6
formatting
2026-01-26 12:24:31 -06:00
66f17e95aa
Merge pull request #15397 from Security-Onion-Solutions/fstes
...
Fstes
2026-01-16 18:38:06 -05:00
9905d23976
inform which state is being applied
2026-01-16 18:27:24 -05:00
2133ada3a1
add additional retries within scripts before salt re-runs the entire script
2026-01-16 13:09:08 -06:00
b61885add5
Fix Kafka output policy - singular topic key
2025-12-17 16:03:12 -06:00
7977a020ac
elasticsearch 9.0.8
2025-12-16 16:03:47 -06:00
8477420911
logstash adv config state file
2025-12-03 20:10:06 -06:00
877444ac29
cert update is a forced update
2025-12-02 15:16:59 -06:00
b0d9426f1b
automated cert update for kafka fleet output policy
2025-12-02 15:11:00 -06:00
45a8c0acd1
merge 2.4/dev
2025-12-02 11:16:08 -06:00
1fb00c8eb6
update so-elastic-fleet-outputs-update to use advanced output options when set, else empty "". Also trigger update_logstash_outputs() when hash of config_yaml has changed
2025-11-21 14:22:42 -06:00
9fd1b9aec1
make sure to pass in variables to json_string..
2025-10-02 16:38:47 -05:00
c8a3603577
update logstash fleet output policy
2025-10-02 14:47:38 -05:00
e9af46a8cb
less strict exits for fleet configuration
2025-09-30 14:28:42 -05:00
8e5fa9576c
create disabled so-manager_elasticsearch output policy first, update it then verify it is the only active output
2025-09-26 11:32:25 -05:00
23e12811a1
make sure fleet-default-output is not set as either default output policy
2025-09-25 09:51:32 -05:00
138849d258
more typos
2025-09-18 17:33:42 -05:00
87281efc24
typo
2025-09-18 16:41:33 -05:00
878a3f8962
flip logic to check there aren't two default policies and fleet-default-output is disabled
2025-09-18 16:05:34 -05:00
336ca0dbbd
typos
2025-09-18 15:42:25 -05:00
cd5483623b
update import/eval fleet output config -- try to prevent corrupt dual 'default' output polices from having a successful installation
2025-09-18 14:33:34 -05:00
faa112eddf
update last so-elastic-fleet-common functions
2025-09-18 12:18:16 -05:00
f663f22628
elastic_fleet_integration_id
2025-09-18 10:27:54 -05:00
8b07ff453d
elastic_fleet_integration_policy_package_version
2025-09-18 10:21:07 -05:00
24a0fa3f6d
add fleet_api wrapper for curl retries
2025-09-18 10:15:57 -05:00
a5011b398d
add err check and retries to elastic_fleet_integration_policy_package_name and associated scripts
2025-09-18 09:39:56 -05:00
5b70398c0a
add error check & retries to elastic_fleet_integration_policy_names and associated scripts
2025-09-17 15:35:20 -05:00
f3aaee1e41
update elastic_fleet_agent_policy_ids scripts already check rc
2025-09-17 14:59:41 -05:00
d0e875928d
add error checking and retries for elastic_fleet_installed_packages & associated script
2025-09-17 14:59:13 -05:00
9e24d21282
remove unused functions from so-elastic-fleet-common
2025-09-17 11:41:27 -05:00
5806999f63
add error check & retries to elastic_fleet_bulk_package_install
2025-09-17 11:39:06 -05:00
063a2b3348
update elastic_fleet_package_version_check & elastic_fleet_package_install to add error checking + retries. Update related scripts
2025-09-16 21:56:53 -05:00
bcd2e95fbe
add error checking and retries to elastic_fleet_integration_policy_upgrade
2025-09-16 21:22:03 -05:00
948d72c282
add error check and retry to elastic_fleet_integration_update
2025-09-16 21:07:02 -05:00
bdeb92ab05
add err check and retries for elastic_fleet_integration_create
2025-09-16 20:30:45 -05:00
fdb5ad810a
add err check and retries around func elastic_fleet_policy_create
2025-09-16 20:10:48 -05:00
f588a80ec7
fix jq error when indices don't exist (seen on fresh installs when fleet hasn't ever been installed)
2025-09-16 10:37:26 -05:00
e6bcf5db6b
fix case of broken kafka output policy when new receiver is added and secret storage was overwritten
2025-09-15 13:46:02 -05:00
Josh Patterson
reyesj2