{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
   or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
   https://securityonion.net/license; you may not use this file except in compliance with the
   Elastic License 2.0. #}

{% from 'vars/globals.map.jinja' import GLOBALS %}
{% import_yaml 'strelka/defaults.yaml' as STRELKADEFAULTS %}
{% set HOST = GLOBALS.hostname %}

{% set backend_coordinator_port = STRELKADEFAULTS.strelka.backend.config.backend.coordinator.addr.split(':')[1] %}
{% do STRELKADEFAULTS.strelka.backend.config.backend.coordinator.update({'addr': HOST ~ ':' ~ backend_coordinator_port}) %}

{% set filestream_conn_port = STRELKADEFAULTS.strelka.filestream.config.conn.server.split(':')[1] %}
{% do STRELKADEFAULTS.strelka.filestream.config.conn.update({'server': HOST ~ ':' ~ filestream_conn_port}) %}

{% set frontend_coordinator_port = STRELKADEFAULTS.strelka.frontend.config.coordinator.addr.split(':')[1] %}
{% do STRELKADEFAULTS.strelka.frontend.config.coordinator.update({'addr': HOST ~ ':' ~ frontend_coordinator_port}) %}

{% set frontend_gatekeeper_port = STRELKADEFAULTS.strelka.frontend.config.gatekeeper.addr.split(':')[1] %}
{% do STRELKADEFAULTS.strelka.frontend.config.gatekeeper.update({'addr': HOST ~ ':' ~ frontend_gatekeeper_port}) %}

{% set manager_coordinator_port = STRELKADEFAULTS.strelka.manager.config.coordinator.addr.split(':')[1] %}
{% do STRELKADEFAULTS.strelka.manager.config.coordinator.update({'addr': HOST ~ ':' ~ manager_coordinator_port}) %}

{% if GLOBALS.md_engine == "SURICATA" %}
{%   set extract_path = '/nsm/suricata/extracted' %}
{%   set filecheck_runas = 'suricata' %}
{% else %}
{%   set extract_path = '/nsm/zeek/extracted/complete' %}
{%   set filecheck_runas = 'socore' %}
{% endif %}

{% do STRELKADEFAULTS.strelka.filecheck.update({'extract_path': extract_path}) %}

{% set STRELKAMERGED = salt['pillar.get']('strelka', STRELKADEFAULTS.strelka, merge=True) %}