change osquery defaults

* do not install debuging osquery packages * log to filesystem * turn off rsyslog Change-Id: Iae91959847fc7bfd5184d157a44cd994dab397f3
2018-09-11 11:29:44 -05:00 · 2018-09-11 11:29:44 -05:00 · 86a2402da9
parent 42f7f896b4
commit 86a2402da9
1 changed files with 9 additions and 2 deletions
--- a/osquery/vars/variables.yml
+++ b/osquery/vars/variables.yml
@ -12,7 +12,7 @@ kolide_fleet_version: "2.0.0-rc3"
 kolide_fleet_url: "https://github.com/kolide/fleet/releases/download"

 kolide_fleet_admin_email: admin@openstack.org
-kolide_fleet_admin_password: AdminSecrete
+#kolide_fleet_admin_password: AdminSecrete

 kolide_fleet_ssl_cert: /etc/ssl/certs/fleet.cert
 kolide_fleet_ssl_key: /etc/ssl/private/fleet.key
@ -28,6 +28,13 @@ kolide_fleet_ssl_cipher_suite: "{{ ssl_cipher_suite | default('ECDH+AESGCM:DH+AE
 # Osquery vars
 osquery_enroll_secret_dir: /etc/osquery/osquery_enroll_secret

+osquery_debug_packages_install: false
+
+osquery_config_plugin: 'filesystem'
+osquery_logger_plugin: 'filesystem'
+
+osquery_rsyslog: false
+
 osquery_flags:
    - "--tls_server_certs={{ kolide_fleet_ssl_cert }}"
    - "--tls_hostname={{  hostvars[groups['fleet'][0]]['ansible_host'] }}:{{ kolide_fleet_port }}"
@ -48,7 +55,7 @@ osquery_flags:
    - "--enroll_secret_path={{ osquery_enroll_secret_dir }}"

 # MariaDB/Gallera Variables
-mariadb_root_password: fleetSecrete
+#mariadb_root_password: fleetSecrete
 mariadb_bind_address: "0.0.0.0"
 mariadb_root_remote: 1
 mariadb_databases: