From 7fd7993bf7505ffdb4a77467162478321fc8913f Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Tue, 17 Nov 2020 20:31:22 -0800
Subject: [PATCH 1/2] Force python2 for asngen app

---
 Vagrant/logger_bootstrap.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Vagrant/logger_bootstrap.sh b/Vagrant/logger_bootstrap.sh
index 7b3e569..e8bf19e 100644
--- a/Vagrant/logger_bootstrap.sh
+++ b/Vagrant/logger_bootstrap.sh
@@ -168,6 +168,9 @@ install_splunk() {
     /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/sankey-diagram-custom-visualization_130.tgz -auth 'admin:changeme'
     /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/link-analysis-app-for-splunk_161.tgz -auth 'admin:changeme'
     /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/threathunting_144.tgz -auth 'admin:changeme'
+    
+    # Fix ASNGen App - https://github.com/doksu/TA-asngen/issues/18#issuecomment-685691630
+    echo 'python.version = python2' >> /opt/splunk/etc/apps/TA-asngen/default/commands.conf
 
     # Install the Maxmind license key for the ASNgen App if it was provided
     if [ -n "$MAXMIND_LICENSE" ]; then

From af07f095f2bbb7d678820df1ae5f6828ab0fcd53 Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Tue, 17 Nov 2020 20:32:14 -0800
Subject: [PATCH 2/2] Update ESXi bootstrap to match vagrant

---
 ESXi/ansible/roles/logger/tasks/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ESXi/ansible/roles/logger/tasks/main.yml b/ESXi/ansible/roles/logger/tasks/main.yml
index 1e40f13..8f33d0e 100644
--- a/ESXi/ansible/roles/logger/tasks/main.yml
+++ b/ESXi/ansible/roles/logger/tasks/main.yml
@@ -222,6 +222,9 @@
       /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/sankey-diagram-custom-visualization_130.tgz -auth 'admin:changeme'
       /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/link-analysis-app-for-splunk_161.tgz -auth 'admin:changeme'
       /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/threathunting_144.tgz -auth 'admin:changeme'
+      
+      # Fix ASNGen App - https://github.com/doksu/TA-asngen/issues/18#issuecomment-685691630
+      echo 'python.version = python2' >> /opt/splunk/etc/apps/TA-asngen/default/commands.conf
 
       # Install the Maxmind license key for the ASNgen App
       if [ ! -z $MAXMIND_LICENSE ]; then