From 1b48e3fed02aaa616cb7dcb15fd14f6b1dc58936 Mon Sep 17 00:00:00 2001
From: Shane Peters <shane.peters@canonical.com>
Date: Fri, 11 Jan 2019 14:00:55 -0500
Subject: [PATCH] remove graylog

At some point I started to replace logstash with graylog but didn't
finish. Reverting back to logstash for now.
---
 README.md          |  2 +-
 containers/graylog | 22 ----------------------
 deploy             |  2 +-
 3 files changed, 2 insertions(+), 24 deletions(-)
 delete mode 100644 containers/graylog

diff --git a/README.md b/README.md
index dade838..269597f 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 # What is ist
-Using the power of [LXD containers](https://linuxcontainers.org/lxd/), Odin incorporates [Graylog](https://www.graylog.org/), [ELK](https://elastic.co), [Kafka](https://kafka.apache.org), [411](https://github.com/etsy/411), [Bro](https://bro.org), [RITA](https://github.com/ocmdev/rita), [grafana](https://grafana.com/) and [prometheus](https://prometheus.io) to provide an all-in-one SEIM for deployment on a single (large)
+Using the power of [LXD containers](https://linuxcontainers.org/lxd/), Odin incorporates [ELK stack](https://elastic.co), [Kafka](https://kafka.apache.org), [411](https://github.com/etsy/411), [Bro](https://bro.org), [RITA](https://github.com/ocmdev/rita), [grafana](https://grafana.com/) and [prometheus](https://prometheus.io) to provide an all-in-one SEIM for deployment on a single (large)
 machine.
 
 ## Note, I last tested this on Ubuntu Xenial ~8mo ago. Tweaking might be required.
diff --git a/containers/graylog b/containers/graylog
deleted file mode 100644
index 95cc3a6..0000000
--- a/containers/graylog
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/bash
-# Configure Logstash for Odin
-# 
-
-echo -e "\e[93m"
-
-log() {
-    echo -e "\t\e[96m[*]${1}\e[93m"
-}
-
-export IP=$(ip route | awk '/src/{print $9}')
-echo "logstash" >/etc/hostname
-echo -e "${IP}\tlogstash" >> /etc/hosts
-
-deluser -q --remove-home ubuntu
-
-apt-get update || exit 1
-apt-get --purge remove snapd lxd -y
-apt-get upgrade -y
-apt-get install -y htop wget openjdk-8-jre-headless uuid-runtime pwgen mongodb-server prometheus-node-exporter
-
-echo -e "\e[0m"
diff --git a/deploy b/deploy
index 6cdcb8e..f5f75c5 100755
--- a/deploy
+++ b/deploy
@@ -73,7 +73,7 @@ setup_containers() {
     export BROFACE=${1}
     export ICAPFACE=${2}
     # Order is important - start the pipeline (kafka) first, fsf is before bro because it bro submits files to it, etc...
-    export CONTAINERS="kafka elasticsearch graylog fsf ids rita prometheus fouroneone"
+    export CONTAINERS="kafka elasticsearch logstash fsf ids rita prometheus fouroneone"
 
     for CON in ${CONTAINERS}; do
         lxc profile copy default ${CON}