From db9219fb7cede627de5518e340e62827c0dd4b03 Mon Sep 17 00:00:00 2001 From: Mark Bonsack Date: Tue, 7 Jan 2020 17:05:17 -0800 Subject: [PATCH] Added default check for TLS; remove extraneos ToBool declarations * Add check for TLS enable env var in default source * Remove extraneous `conv.ToBool` declarations --- .../etc/conf.d/log_paths/p_rfc3164-paloalto_panos.conf.tmpl | 2 +- .../log_paths/p_rfc3164-symantec_brightmail.conf.tmpl | 6 +++--- package/etc/conf.d/log_paths/startup.conf.tmpl | 2 +- package/etc/go_templates/source_network.t | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package/etc/conf.d/log_paths/p_rfc3164-paloalto_panos.conf.tmpl b/package/etc/conf.d/log_paths/p_rfc3164-paloalto_panos.conf.tmpl index 4a797d1..1a54790 100644 --- a/package/etc/conf.d/log_paths/p_rfc3164-paloalto_panos.conf.tmpl +++ b/package/etc/conf.d/log_paths/p_rfc3164-paloalto_panos.conf.tmpl @@ -36,7 +36,7 @@ log { #2012/04/10 04:39:55 #parse the date date-parser( - {{- if ((getenv "SC4S_SOURCE_FF_PALOALTO_PANOS_TIME_MS") | conv.ToBool) }} + {{- if (conv.ToBool (getenv "SC4S_SOURCE_FF_PALOALTO_PANOS_TIME_MS")) }} format("%Y/%m/%d %H:%M:%S.%f") {{- else}} format("%Y/%m/%d %H:%M:%S") diff --git a/package/etc/conf.d/log_paths/p_rfc3164-symantec_brightmail.conf.tmpl b/package/etc/conf.d/log_paths/p_rfc3164-symantec_brightmail.conf.tmpl index 95b811b..04ab7d1 100644 --- a/package/etc/conf.d/log_paths/p_rfc3164-symantec_brightmail.conf.tmpl +++ b/package/etc/conf.d/log_paths/p_rfc3164-symantec_brightmail.conf.tmpl @@ -1,6 +1,6 @@ # Symantec Brightmail -{{- if ((getenv "SC4S_SOURCE_FF_SYMANTEC_BRIGHTMAIL_GROUPMSG" "yes") | conv.ToBool) }} +{{- if (conv.ToBool (getenv "SC4S_SOURCE_FF_SYMANTEC_BRIGHTMAIL_GROUPMSG" "yes")) }} filter f_symantec_brightmail_complete{ match("yes", value("SMG.COMPLETE") type(glob)); }; @@ -39,7 +39,7 @@ log { source (s_SYMANTEC_BRIGHTMAIL); {{- end }} -{{- if ((getenv "SC4S_SOURCE_FF_SYMANTEC_BRIGHTMAIL_GROUPMSG" "yes") | conv.ToBool) }} +{{- if (conv.ToBool (getenv "SC4S_SOURCE_FF_SYMANTEC_BRIGHTMAIL_GROUPMSG" "yes")) }} if { filter(f_symantec_brightmail_details); @@ -83,7 +83,7 @@ log { {{- if or (conv.ToBool (getenv "SC4S_ARCHIVE_GLOBAL" "no")) (conv.ToBool (getenv "SC4S_ARCHIVE_SYMANTEC_BRIGHTMAIL" "no")) }} destination(d_archive); {{- end}} -{{- if ((getenv "SC4S_SOURCE_FF_SYMANTEC_BRIGHTMAIL_GROUPMSG" "yes") | conv.ToBool) }} +{{- if (conv.ToBool (getenv "SC4S_SOURCE_FF_SYMANTEC_BRIGHTMAIL_GROUPMSG" "yes")) }} }; {{- end}} diff --git a/package/etc/conf.d/log_paths/startup.conf.tmpl b/package/etc/conf.d/log_paths/startup.conf.tmpl index 4559544..8153c55 100644 --- a/package/etc/conf.d/log_paths/startup.conf.tmpl +++ b/package/etc/conf.d/log_paths/startup.conf.tmpl @@ -7,7 +7,7 @@ log { rewrite { r_set_splunk_dest_default(sourcetype("sc4s:events"), index("main"))}; parser {p_add_context_splunk(key("sc4s_events:startup:out")); }; - {{- if or (conv.ToBool (getenv "SC4S_DEST_SPLUNK_HEC_GLOBAL" "yes")) (conv.ToBool (getenv "SC4S_DEST_INTERNAL_EVENTS_HEC" "no") | conv.ToBool) }} + {{- if or (conv.ToBool (getenv "SC4S_DEST_SPLUNK_HEC_GLOBAL" "yes")) (conv.ToBool (getenv "SC4S_DEST_INTERNAL_EVENTS_HEC" "no")) }} destination(d_hec_internal); {{- end}} diff --git a/package/etc/go_templates/source_network.t b/package/etc/go_templates/source_network.t index ff4f766..eef481a 100644 --- a/package/etc/go_templates/source_network.t +++ b/package/etc/go_templates/source_network.t @@ -35,7 +35,7 @@ source s_{{ .port_id }} { flags(no-parse) ); {{- end}} -{{- if or (getenv (print "SC4S_LISTEN_" .port_id "_TLS_PORT")) (eq .port_id "DEFAULT_TLS") }} +{{- if (conv.ToBool (getenv "SC4S_SOURCE_TLS_ENABLE" "no")) }} network( transport("tls") port({{ getenv (print "SC4S_LISTEN_" .port_id "_TLS_PORT") "6514" }})