{% import_yaml 'suricata/defaults.yaml' as suricata_defaults with context %}
{% import_yaml 'suricata/suricata_meta.yaml' as suricata_meta with context %}
{% set suricata_pillar = pillar.suricata %}
{% set surimerge = salt['defaults.merge'](suricata_defaults, suricata_pillar, in_place=False) %}
{% set default_evelog_index = [] %}
{% set default_filestore_index = [] %}
{% set surimeta_evelog_index = [] %}
{% set surimeta_filestore_index = [] %}

{% load_yaml as afpacket %}
- interface: {{ surimerge.suricata.config['af-packet'].interface }}
  cluster-id: {{ surimerge.suricata.config['af-packet']['cluster-id'] }}
  cluster-type: {{ surimerge.suricata.config['af-packet']['cluster-type'] }}
  defrag: {{ surimerge.suricata.config['af-packet'].defrag }}
  use-mmap: {{ surimerge.suricata.config['af-packet']['use-mmap'] }}
  threads: {{ surimerge.suricata.config['af-packet'].threads }}
  tpacket-v3: {{ surimerge.suricata.config['af-packet']['tpacket-v3'] }}
  ring-size: {{ surimerge.suricata.config['af-packet']['ring-size'] }}
{% endload %}
{% do suricata_defaults.suricata.config.update({'af-packet': afpacket}) %}

{% load_yaml as outputs %}
{% for le, ld in surimerge.suricata.config.outputs.items() %}
  - {{ le }}: {{ ld }}
{% endfor %}
{% endload %}
{% do suricata_defaults.suricata.config.update({'outputs': outputs}) %}

{# Find the index of eve-log so it can be updated later #}
{% for li in suricata_defaults.suricata.config.outputs %}
  {% if 'eve-log' in li.keys() %}
    {% do default_evelog_index.append(loop.index0) %}
  {% endif %}
  {% if 'file-store' in li.keys() %}
    {% do default_filestore_index.append(loop.index0) %}
  {% endif %}
{% endfor %}
{% set default_evelog_index = default_evelog_index[0]  %}
{% set default_filestore_index = default_filestore_index[0]  %}

{# Find the index of eve-log so it can be grabbed later #}
{% for li in suricata_meta.suricata.config.outputs %}
  {% if 'eve-log' in li.keys() %}
    {% do surimeta_evelog_index.append(loop.index0) %}
  {% endif %}
  {% if 'file-store' in li.keys() %}
    {% do surimeta_filestore_index.append(loop.index0) %}
  {% endif %}
{% endfor %}
{% set surimeta_evelog_index = surimeta_evelog_index[0] %}
{% set surimeta_filestore_index = surimeta_filestore_index[0] %}

{% if salt['pillar.get']('global:mdengine', 'ZEEK') == 'SURICATA' %}
  {% do suricata_defaults.suricata.config.outputs[default_evelog_index]['eve-log'].types.extend(suricata_meta.suricata.config.outputs[surimeta_evelog_index]['eve-log'].types) %}
  {% do suricata_defaults.suricata.config.outputs[default_filestore_index]['file-store'].update({'enabled':suricata_meta.suricata.config.outputs[surimeta_filestore_index]['file-store']['enabled']}) %}
{% endif %}