From 00482df95bec6899bf232d5c69b9562fa30a5e4a Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <m.ochse@telekom.de>
Date: Tue, 26 Jun 2018 17:34:14 +0000
Subject: [PATCH] Bump ELK Stack to 6.3.0

---
 docker/elk/elasticsearch/Dockerfile             | 5 +++--
 docker/elk/elasticsearch/dist/elasticsearch.yml | 1 +
 docker/elk/kibana/Dockerfile                    | 8 ++------
 docker/elk/logstash/Dockerfile                  | 4 ++--
 4 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/docker/elk/elasticsearch/Dockerfile b/docker/elk/elasticsearch/Dockerfile
index 1283ca8d..bdf271b6 100644
--- a/docker/elk/elasticsearch/Dockerfile
+++ b/docker/elk/elasticsearch/Dockerfile
@@ -13,8 +13,8 @@ RUN apk -U --no-cache add \
 # Get and install packages
     cd /root/dist/ && \
     mkdir -p /usr/share/elasticsearch/ && \
-    wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.tar.gz && \
-    tar xvfz elasticsearch-6.2.4.tar.gz --strip-components=1 -C /usr/share/elasticsearch/ && \
+    wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.3.0.tar.gz && \
+    tar xvfz elasticsearch-6.3.0.tar.gz --strip-components=1 -C /usr/share/elasticsearch/ && \
 
 # Add and move files
     cd /root/dist/ && \
@@ -25,6 +25,7 @@ RUN apk -U --no-cache add \
     addgroup -g 2000 elasticsearch && \
     adduser -S -H -s /bin/ash -u 2000 -D -g 2000 elasticsearch && \
     chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/ && \
+    rm -rf /usr/share/elasticsearch/modules/x-pack/x-pack-ml && \
 
 # Clean up
     apk del --purge wget && \
diff --git a/docker/elk/elasticsearch/dist/elasticsearch.yml b/docker/elk/elasticsearch/dist/elasticsearch.yml
index d1408f0a..d9b60aa6 100644
--- a/docker/elk/elasticsearch/dist/elasticsearch.yml
+++ b/docker/elk/elasticsearch/dist/elasticsearch.yml
@@ -1,5 +1,6 @@
 cluster.name: tpotcluster
 node.name: "tpotcluster-node-01"
+xpack.ml.enabled: false
 path:
     logs: /data/elk/log
     data: /data/elk/data
diff --git a/docker/elk/kibana/Dockerfile b/docker/elk/kibana/Dockerfile
index 005d844f..84a4a51d 100644
--- a/docker/elk/kibana/Dockerfile
+++ b/docker/elk/kibana/Dockerfile
@@ -12,9 +12,8 @@ RUN apk -U --no-cache add \
 # Get and install packages
     cd /root/dist/ && \
     mkdir -p /usr/share/kibana/ && \
-    wget https://artifacts.elastic.co/downloads/kibana/kibana-6.2.4-linux-x86_64.tar.gz && \
-    tar xvfz kibana-6.2.4-linux-x86_64.tar.gz --strip-components=1 -C /usr/share/kibana/ && \
-    unzip kibana_6.2.x_vis_scaling_fixes.zip && \
+    wget https://artifacts.elastic.co/downloads/kibana/kibana-6.3.0-linux-x86_64.tar.gz && \
+    tar xvfz kibana-6.3.0-linux-x86_64.tar.gz --strip-components=1 -C /usr/share/kibana/ && \
 
 # Kibana's bundled node does not work in alpine
     rm /usr/share/kibana/node/bin/node && \
@@ -30,9 +29,6 @@ RUN apk -U --no-cache add \
     cp elk.ico /usr/share/kibana/src/ui/public/assets/favicons/favicon-16x16.png && \
     cp elk.ico /usr/share/kibana/src/ui/public/assets/favicons/favicon-32x32.png && \
     cp create_kibana_index.js /usr/share/kibana/src/core_plugins/elasticsearch/lib/ && \
-    cd kibana_6.2.x_vis_scaling_fixes && \
-    cp -R * /usr/share/kibana/ && \
-    cd / && \
 
 # Setup plugins, rebuild bundle
     #cd /usr/share/kibana/plugins && \
diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index df4d0606..e222a031 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -17,9 +17,9 @@ RUN apk -U --no-cache add \
     git clone --depth=1 https://github.com/dtag-dev-sec/listbot /etc/listbot && \
     cd /root/dist/ && \
     mkdir -p /usr/share/logstash/ && \
-    wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.4.tar.gz && \
+    wget https://artifacts.elastic.co/downloads/logstash/logstash-6.3.0.tar.gz && \
     wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-ASN.tar.gz && \
-    tar xvfz logstash-6.2.4.tar.gz --strip-components=1 -C /usr/share/logstash/ && \
+    tar xvfz logstash-6.3.0.tar.gz --strip-components=1 -C /usr/share/logstash/ && \
     /usr/share/logstash/bin/logstash-plugin install logstash-filter-translate && \
     /usr/share/logstash/bin/logstash-plugin install logstash-output-syslog && \
     tar xvfz GeoLite2-ASN.tar.gz --strip-components=1 -C /usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-filter-geoip-5.0.3-java/vendor/ && \