Skip to content

Commit 562b7e5

Browse files
authored
Merge pull request #15031 from Security-Onion-Solutions/reyesj2/kfoutput
fix case of broken kafka output policy when new receiver is added and…
2 parents 3c847bc + e6bcf5d commit 562b7e5

File tree

1 file changed

+14
-6
lines changed

1 file changed

+14
-6
lines changed

salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -25,12 +25,20 @@ function update_kafka_outputs() {
2525
# Make sure SSL configuration is included in policy updates for Kafka output. SSL is configured in so-elastic-fleet-setup
2626
if kafka_policy=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "http://localhost:5601/api/fleet/outputs/so-manager_kafka" --fail 2>/dev/null); then
2727
SSL_CONFIG=$(echo "$kafka_policy" | jq -r '.item.ssl')
28-
SECRETS=$(echo "$kafka_policy" | jq -r '.item.secrets')
29-
JSON_STRING=$(jq -n \
30-
--arg UPDATEDLIST "$NEW_LIST_JSON" \
31-
--argjson SSL_CONFIG "$SSL_CONFIG" \
32-
--argjson SECRETS "$SECRETS" \
33-
'{"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG,"secrets": $SECRETS}')
28+
if SECRETS=$(echo "$kafka_policy" | jq -er '.item.secrets' 2>/dev/null); then
29+
# Update policy when fleet has secrets enabled
30+
JSON_STRING=$(jq -n \
31+
--arg UPDATEDLIST "$NEW_LIST_JSON" \
32+
--argjson SSL_CONFIG "$SSL_CONFIG" \
33+
--argjson SECRETS "$SECRETS" \
34+
'{"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG,"secrets": $SECRETS}')
35+
else
36+
# Update policy when fleet has secrets disabled or policy hasn't been force updated
37+
JSON_STRING=$(jq -n \
38+
--arg UPDATEDLIST "$NEW_LIST_JSON" \
39+
--argjson SSL_CONFIG "$SSL_CONFIG" \
40+
'{"name": "grid-kafka","type": "kafka","hosts": $UPDATEDLIST,"is_default": true,"is_default_monitoring": true,"config_yaml": "","ssl": $SSL_CONFIG}')
41+
fi
3442
# Update Kafka outputs
3543
curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT "localhost:5601/api/fleet/outputs/so-manager_kafka" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" | jq
3644
else

0 commit comments

Comments
 (0)