From e275d43c8275af6d661e4c463072009e019c16d4 Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Sat, 13 Jun 2020 18:53:19 -0400
Subject: [PATCH] Remove comment from splunk_indexes.csv

---
 .../splunk_index.csv.example                  | 164 +++++++++---------
 package/sbin/entrypoint.sh                    |   2 +
 2 files changed, 84 insertions(+), 82 deletions(-)

diff --git a/package/etc/context_templates/splunk_index.csv.example b/package/etc/context_templates/splunk_index.csv.example
index b740247..3f3cf64 100644
--- a/package/etc/context_templates/splunk_index.csv.example
+++ b/package/etc/context_templates/splunk_index.csv.example
@@ -1,82 +1,82 @@
-#bluecoat_proxy,index,netproxy
-#ArcSight_ArcSight,index,netwaf
-#Cyber-Ark_Vault,index,netauth
-#CyberArk_PTA,index,main
-#Incapsula_SIEMintegration,index,netwaf
-#Microsoft_Microsoft Windows,index,oswinsec
-#Microsoft_System or Application Event,index,oswin
-#checkpoint_splunk,index,netops
-#checkpoint_splunk_dlp,index,netdlp
-#checkpoint_splunk_email,index,email
-#checkpoint_splunk_firewall,index,netfw
-#checkpoint_splunk_sessions,index,netops
-#checkpoint_splunk_web,index,netproxy
-#checkpoint_splunk,index,netops
-#checkpoint_splunk,index,netops
-#cisco_apic_acl,index,netfw
-#cisco_apic_events,index,netops
-#cisco_acs,index,netauth
-#cisco_asa,index,netfw
-#cisco_ios,index,netops
-#cisco_ise,index,netauth
-#cisco_nx_os,index,netops
-#cisco_ucm,index,main
-#dell_rsa_secureid,index,netauth
-#citrix_netscaler,index,netfw
-#local_example,index,main
-#forcepoint_webprotect,index,netproxy
-#f5_bigip,index,netops
-#f5_bigip_irule,index,netops
-#f5_bigip_asm,index,netwaf
-#f5_bigip_nix,index,netops
-#fortinet_fortios_event,index,netops
-#fortinet_fortios_log,index,netops
-#fortinet_fortios_traffic,index,netfw
-#fortinet_fortios_utm,index,netids
-#fortinet_fortweb_log,index,netops
-#fortinet_fortweb_traffic,index,netfw
-#fortinet_fortweb_attack,index,netids
-#infoblox_dns,index,netdns
-#infoblox_dhcp,index,netipam
-#infoblox_threat,index,netids
-#juniper_idp,index,netids
-#juniper_structured,index,netops
-#juniper_idp_structured,index,netids
-#juniper_junos_fw_structured,index,netfw
-#juniper_junos_ids_structured,index,netids
-#juniper_junos_utm_structured,index,netfw
-#juniper_junos_aamw_structured,index,netfw
-#juniper_junos_secintel_structured,index,netfw
-#juniper_junos_fw,index,netfw
-#juniper_junos_ids,index,netids
-#juniper_junos_utm,index,netfw
-#juniper_netscreen,index,netfw
-#juniper_legacy,index,netops
-#mcafee_epo,index,epav
-#nix_syslog,index,osnix
-#pan_traffic,index,netfw
-#pan_threat,index,netproxy
-#pan_system,index,netops
-#pan_config,index,netops
-#pan_hipmatch,index,main
-#pan_correlation,index,main
-#pan_userid,index,netauth
-#pan_unknown,index,netops
-#pfsense,index,netops
-#pfsense_filterlog,index,netfw
-#proofpoint_pps_filter,index,email
-#proofpoint_pps_sendmail,index,email
-#sc4s_events,index,main
-#sc4s_fallback,index,main
-#sc4s_metrics,index,em_metrics
-#symantec_ep,index,epav
-#vmware_esx,index,main
-#vmware_nsx,index,main
-#vmware_vcenter,index,main
-#zscaler_alerts,index,main
-#zscaler_dns,index,netdns
-#zscaler_fw,index,netfw
-#zscaler_web,index,netproxy
-#zscaler_zia_audit,index,netops
-#zscaler_zia_sandbox,index,main
-#zscaler_lss,index,netproxy
\ No newline at end of file
+bluecoat_proxy,index,netproxy
+ArcSight_ArcSight,index,netwaf
+Cyber-Ark_Vault,index,netauth
+CyberArk_PTA,index,main
+Incapsula_SIEMintegration,index,netwaf
+Microsoft_Microsoft Windows,index,oswinsec
+Microsoft_System or Application Event,index,oswin
+checkpoint_splunk,index,netops
+checkpoint_splunk_dlp,index,netdlp
+checkpoint_splunk_email,index,email
+checkpoint_splunk_firewall,index,netfw
+checkpoint_splunk_sessions,index,netops
+checkpoint_splunk_web,index,netproxy
+checkpoint_splunk,index,netops
+checkpoint_splunk,index,netops
+cisco_apic_acl,index,netfw
+cisco_apic_events,index,netops
+cisco_acs,index,netauth
+cisco_asa,index,netfw
+cisco_ios,index,netops
+cisco_ise,index,netauth
+cisco_nx_os,index,netops
+cisco_ucm,index,main
+dell_rsa_secureid,index,netauth
+citrix_netscaler,index,netfw
+local_example,index,main
+forcepoint_webprotect,index,netproxy
+f5_bigip,index,netops
+f5_bigip_irule,index,netops
+f5_bigip_asm,index,netwaf
+f5_bigip_nix,index,netops
+fortinet_fortios_event,index,netops
+fortinet_fortios_log,index,netops
+fortinet_fortios_traffic,index,netfw
+fortinet_fortios_utm,index,netids
+fortinet_fortweb_log,index,netops
+fortinet_fortweb_traffic,index,netfw
+fortinet_fortweb_attack,index,netids
+infoblox_dns,index,netdns
+infoblox_dhcp,index,netipam
+infoblox_threat,index,netids
+juniper_idp,index,netids
+juniper_structured,index,netops
+juniper_idp_structured,index,netids
+juniper_junos_fw_structured,index,netfw
+juniper_junos_ids_structured,index,netids
+juniper_junos_utm_structured,index,netfw
+juniper_junos_aamw_structured,index,netfw
+juniper_junos_secintel_structured,index,netfw
+juniper_junos_fw,index,netfw
+juniper_junos_ids,index,netids
+juniper_junos_utm,index,netfw
+juniper_netscreen,index,netfw
+juniper_legacy,index,netops
+mcafee_epo,index,epav
+nix_syslog,index,osnix
+pan_traffic,index,netfw
+pan_threat,index,netproxy
+pan_system,index,netops
+pan_config,index,netops
+pan_hipmatch,index,main
+pan_correlation,index,main
+pan_userid,index,netauth
+pan_unknown,index,netops
+pfsense,index,netops
+pfsense_filterlog,index,netfw
+proofpoint_pps_filter,index,email
+proofpoint_pps_sendmail,index,email
+sc4s_events,index,main
+sc4s_fallback,index,main
+sc4s_metrics,index,em_metrics
+symantec_ep,index,epav
+vmware_esx,index,main
+vmware_nsx,index,main
+vmware_vcenter,index,main
+zscaler_alerts,index,main
+zscaler_dns,index,netdns
+zscaler_fw,index,netfw
+zscaler_web,index,netproxy
+zscaler_zia_audit,index,netops
+zscaler_zia_sandbox,index,main
+zscaler_lss,index,netproxy
\ No newline at end of file
diff --git a/package/sbin/entrypoint.sh b/package/sbin/entrypoint.sh
index 58eef70..49bfa5f 100755
--- a/package/sbin/entrypoint.sh
+++ b/package/sbin/entrypoint.sh
@@ -41,6 +41,8 @@ mkdir -p /opt/syslog-ng/etc/conf.d/local/context/
 mkdir -p /opt/syslog-ng/etc/conf.d/local/config/
 cp /opt/syslog-ng/etc/context_templates/* /opt/syslog-ng/etc/conf.d/local/context/
 for file in /opt/syslog-ng/etc/conf.d/local/context/*.example ; do cp --verbose -n $file ${file%.example}; done
+sed -i 's/^#//' /opt/syslog-ng/etc/conf.d/local/context/splunk_index.csv
+
 cp --verbose -R /opt/syslog-ng/etc/local_config/* /opt/syslog-ng/etc/conf.d/local/config/
 mkdir -p /opt/syslog-ng/var/log