From e2752458d40feca4d933343134a0c9ee6c1e1590 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Fri, 18 Mar 2022 16:23:27 +0000
Subject: [PATCH] bump elk to 7.17.0 to support 8.0.1 in 22.x

---
 docker/elk/elasticsearch/Dockerfile       |  2 +-
 docker/elk/kibana/Dockerfile              |  4 ++--
 docker/elk/logstash/Dockerfile            | 12 ++++++------
 docker/elk/logstash/dist/http_output.conf |  8 ++++----
 docker/elk/logstash/dist/logstash.conf    |  8 ++++----
 docker/elk/logstash/docker-compose.yml    |  4 ++--
 6 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/docker/elk/elasticsearch/Dockerfile b/docker/elk/elasticsearch/Dockerfile
index f828dcc4..329774df 100644
--- a/docker/elk/elasticsearch/Dockerfile
+++ b/docker/elk/elasticsearch/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:3.14
 #
 # VARS
-ENV ES_VER=7.16.2 \
+ENV ES_VER=7.17.0 \
     ES_JAVA_HOME=/usr/lib/jvm/java-16-openjdk
 
 # Include dist
diff --git a/docker/elk/kibana/Dockerfile b/docker/elk/kibana/Dockerfile
index 7c25612a..d38d672e 100644
--- a/docker/elk/kibana/Dockerfile
+++ b/docker/elk/kibana/Dockerfile
@@ -1,7 +1,7 @@
-FROM node:16.13.0-alpine3.14
+FROM node:16.13.2-alpine3.14
 #
 # VARS
-ENV KB_VER=7.16.2
+ENV KB_VER=7.17.0
 # 
 # Include dist
 ADD dist/ /root/dist/
diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index 95e08c54..13260c1b 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:3.14
 #
 # VARS
-ENV LS_VER=7.16.2
+ENV LS_VER=7.17.0
 # Include dist
 ADD dist/ /root/dist/
 #
@@ -32,11 +32,11 @@ RUN apk -U --no-cache add \
     rm -rf /usr/share/logstash/jdk && \
     # For some reason Alpine 3.14 does not report the -x flag correctly and thus elasticsearch does not find java
     sed -i 's/! -x/! -e/g' /usr/share/logstash/bin/logstash.lib.sh && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-filter-translate && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-input-http && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-gelf && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-http && \
-    /usr/share/logstash/bin/logstash-plugin install logstash-output-syslog && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-filter-translate && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-input-http && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-gelf && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-http && \
+    /usr/share/logstash/bin/logstash-plugin install --preserve --no-verify logstash-output-syslog && \
 #
 # Add and move files
     cd /root/dist/ && \
diff --git a/docker/elk/logstash/dist/http_output.conf b/docker/elk/logstash/dist/http_output.conf
index 7a27cc4f..02418b04 100644
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@@ -684,12 +684,12 @@ if "_jsonparsefailure" in [tags] { drop {} }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
     translate {
       refresh_interval => 86400
@@ -703,13 +703,13 @@ if "_jsonparsefailure" in [tags] { drop {} }
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
   }
 
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index 304f705d..8224f24d 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -684,12 +684,12 @@ if "_jsonparsefailure" in [tags] { drop {} }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "src_ip"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
     translate {
       refresh_interval => 86400
@@ -703,13 +703,13 @@ if "_jsonparsefailure" in [tags] { drop {} }
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-City.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-City.mmdb"
     }
     geoip {
       cache_size => 10000
       source => "t-pot_ip_ext"
       target => "geoip_ext"
-      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.8-java/vendor/GeoLite2-ASN.mmdb"
+      database => "/usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-filter-geoip-7.2.11-java/vendor/GeoLite2-ASN.mmdb"
     }
   }
 
diff --git a/docker/elk/logstash/docker-compose.yml b/docker/elk/logstash/docker-compose.yml
index 8a044257..b6c71354 100644
--- a/docker/elk/logstash/docker-compose.yml
+++ b/docker/elk/logstash/docker-compose.yml
@@ -7,8 +7,8 @@ services:
     build: .
     container_name: logstash
     restart: always
-    environment:
-     - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
+#    environment:
+#     - LS_JAVA_OPTS=-Xms2048m -Xmx2048m
 #    depends_on:
 #      elasticsearch:
 #        condition: service_healthy