From c3dcbb19e5e94fa6389b92092619989830ea521d Mon Sep 17 00:00:00 2001
From: Mikey Carr <mikey.carr@piksel.com>
Date: Tue, 8 Jun 2021 15:32:38 +0100
Subject: [PATCH] Added FILEBEAT_METRICS_ENABLED env var which is used to
 control the value of the logging.metrics.enabled setting in filebeat.yml

---
 README.md                                           | 2 +-
 docker-compose.yml                                  | 1 +
 wazuh-odfe/config/etc/cont-init.d/1-config-filebeat | 5 +++++
 wazuh-odfe/config/filebeat.yml                      | 1 +
 4 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index b559095d..ec4be7a6 100644
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ Default values are included when available.
 API_USERNAME="wazuh"                                # Wazuh API username
 API_PASSWORD="wazuh"                                # Wazuh API password - Must comply with requirements
                                                     # (8+ length, uppercase, lowercase, specials chars)
-
+FILEBEAT_METRICS_ENABLED=true                       # Whether or not filebeat metrics should be enabled
 ELASTICSEARCH_URL=https://elasticsearch:9200        # Elasticsearch URL
 ELASTIC_USERNAME=admin                              # Elasticsearch Username
 ELASTIC_PASSWORD=admin                              # Elasticsearch Password
diff --git a/docker-compose.yml b/docker-compose.yml
index 35656427..fc5257ce 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,6 +16,7 @@ services:
       - ELASTIC_USERNAME=admin
       - ELASTIC_PASSWORD=admin
       - FILEBEAT_SSL_VERIFICATION_MODE=none
+      - FILEBEAT_METRICS_ENABLED=true
     volumes:
       - ossec_api_configuration:/var/ossec/api/configuration
       - ossec_etc:/var/ossec/etc
diff --git a/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat b/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat
index b77a550d..41c4aa14 100644
--- a/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat
+++ b/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat
@@ -8,6 +8,11 @@ if [ "$ELASTICSEARCH_URL" != "" ]; then
   sed -i "s|hosts:.*|hosts: ['$ELASTICSEARCH_URL']|g" /etc/filebeat/filebeat.yml
 fi
 
+if [ "$FILEBEAT_METRICS_ENABLED" != "" ]; then
+  >&2 echo "Configuring metrics."
+  sed -i "s|logging.metrics.enabled:.*|logging.metrics.enabled: '$METRICS_ENABLED'|g" /etc/filebeat/filebeat.yml
+fi
+
 # Configure filebeat.yml security settings
 
 if [ "$ELASTIC_USERNAME" != "" ]; then
diff --git a/wazuh-odfe/config/filebeat.yml b/wazuh-odfe/config/filebeat.yml
index 8a627bf9..c831c6c4 100644
--- a/wazuh-odfe/config/filebeat.yml
+++ b/wazuh-odfe/config/filebeat.yml
@@ -12,6 +12,7 @@ setup.template.json.path: '/etc/filebeat/wazuh-template.json'
 setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
 setup.ilm.enabled: false
+logging.metrics.enabled: true
 output.elasticsearch:
   hosts: ['https://elasticsearch:9200']
   #username: