From c1f7146800c8e356d94a9dfaef18514045f05ae5 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Thu, 20 Aug 2020 15:03:16 +0000
Subject: [PATCH] prep elk stack for 7.9.0

---
 docker/elk/elasticsearch/Dockerfile | 2 +-
 docker/elk/kibana/Dockerfile        | 8 ++++++--
 docker/elk/logstash/Dockerfile      | 6 +++---
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/docker/elk/elasticsearch/Dockerfile b/docker/elk/elasticsearch/Dockerfile
index f54be3bc..89d19c4c 100644
--- a/docker/elk/elasticsearch/Dockerfile
+++ b/docker/elk/elasticsearch/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:3.12
 #
 # VARS
-ENV ES_VER=7.8.1 \
+ENV ES_VER=7.9.0 \
     JAVA_HOME=/usr/lib/jvm/java-11-openjdk
 # Include dist
 ADD dist/ /root/dist/
diff --git a/docker/elk/kibana/Dockerfile b/docker/elk/kibana/Dockerfile
index b830b0f2..b067fe21 100644
--- a/docker/elk/kibana/Dockerfile
+++ b/docker/elk/kibana/Dockerfile
@@ -1,7 +1,7 @@
 FROM node:10.21.0-alpine
 #
 # VARS
-ENV KB_VER=7.8.1
+ENV KB_VER=7.9.0
 # 
 # Include dist
 ADD dist/ /root/dist/
@@ -46,10 +46,14 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
     echo "xpack.apm.enabled: false" >> /usr/share/kibana/config/kibana.yml && \
     echo "xpack.security.enabled: false" >> /usr/share/kibana/config/kibana.yml && \
     echo "xpack.uptime.enabled: false" >> /usr/share/kibana/config/kibana.yml && \
-    echo "xpack.siem.enabled: false" >> /usr/share/kibana/config/kibana.yml && \
+    echo "xpack.securitySolution.enabled: false" >> /usr/share/kibana/config/kibana.yml && \
     echo "xpack.ml.enabled: false" >> /usr/share/kibana/config/kibana.yml && \
     echo "elasticsearch.requestTimeout: 60000" >> /usr/share/kibana/config/kibana.yml && \
     echo "elasticsearch.shardTimeout: 60000" >> /usr/share/kibana/config/kibana.yml && \
+# There is no switch to disable Enterprise Search, so we need to remove it
+# In order to remove all X-Pack features we need to use OSS versions
+#   /usr/share/kibana/bin/kibana-plugin remove x-pack --allow-root && \
+    rm -rf /usr/share/kibana/x-pack/plugins/enterprise_search && \
     rm -rf /usr/share/kibana/optimize/bundles/* && \
     /usr/share/kibana/bin/kibana --optimize --allow-root && \
     addgroup -g 2000 kibana && \
diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index 6677360c..db45678a 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:3.12
 #
 # VARS
-ENV LS_VER=7.8.1
+ENV LS_VER=7.9.0
 # Include dist
 ADD dist/ /root/dist/
 #
@@ -36,8 +36,8 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
     chmod u+x /usr/bin/update.sh && \
     mkdir -p /etc/logstash/conf.d && \
     cp logstash.conf /etc/logstash/conf.d/ && \
-    cp elasticsearch-template-es7x.json /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-elasticsearch-10.5.1-java/lib/logstash/outputs/elasticsearch/ && \
-    cp common_configs.rb /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-elasticsearch-10.5.1-java/lib/logstash/outputs/elasticsearch/ && \
+    cp elasticsearch-template-es7x.json /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-elasticsearch-10.6.1-java/lib/logstash/outputs/elasticsearch/ && \
+    cp common_configs.rb /usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-elasticsearch-10.6.1-java/lib/logstash/outputs/elasticsearch/ && \
 #
 # Setup user, groups and configs
     addgroup -g 2000 logstash && \