From 86a2402da94e4cdbaebf0276b0058a557d93095a Mon Sep 17 00:00:00 2001
From: Victor Palma <palma.victor@gmail.com>
Date: Tue, 11 Sep 2018 11:29:44 -0500
Subject: [PATCH] change osquery defaults

   * do not install debuging osquery packages
   * log to filesystem
   * turn off rsyslog

Change-Id: Iae91959847fc7bfd5184d157a44cd994dab397f3
---
 osquery/vars/variables.yml | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/osquery/vars/variables.yml b/osquery/vars/variables.yml
index c6eaa1c2..814248a2 100644
--- a/osquery/vars/variables.yml
+++ b/osquery/vars/variables.yml
@@ -12,7 +12,7 @@ kolide_fleet_version: "2.0.0-rc3"
 kolide_fleet_url: "https://github.com/kolide/fleet/releases/download"
 
 kolide_fleet_admin_email: admin@openstack.org
-kolide_fleet_admin_password: AdminSecrete
+#kolide_fleet_admin_password: AdminSecrete
 
 kolide_fleet_ssl_cert: /etc/ssl/certs/fleet.cert
 kolide_fleet_ssl_key: /etc/ssl/private/fleet.key
@@ -28,6 +28,13 @@ kolide_fleet_ssl_cipher_suite: "{{ ssl_cipher_suite | default('ECDH+AESGCM:DH+AE
 # Osquery vars
 osquery_enroll_secret_dir: /etc/osquery/osquery_enroll_secret
 
+osquery_debug_packages_install: false
+
+osquery_config_plugin: 'filesystem'
+osquery_logger_plugin: 'filesystem'
+
+osquery_rsyslog: false
+
 osquery_flags:
     - "--tls_server_certs={{ kolide_fleet_ssl_cert }}"
     - "--tls_hostname={{  hostvars[groups['fleet'][0]]['ansible_host'] }}:{{ kolide_fleet_port }}"
@@ -48,7 +55,7 @@ osquery_flags:
     - "--enroll_secret_path={{ osquery_enroll_secret_dir }}"
 
 # MariaDB/Gallera Variables
-mariadb_root_password: fleetSecrete
+#mariadb_root_password: fleetSecrete
 mariadb_bind_address: "0.0.0.0"
 mariadb_root_remote: 1
 mariadb_databases: