From 74dda07942ba86980016c75ae38fc343440a73bf Mon Sep 17 00:00:00 2001
From: Chris Long <clong@cl0ng.com>
Date: Mon, 1 Jun 2020 22:53:36 -0700
Subject: [PATCH] Update ESXi bootstrap too

---
 ESXi/ansible/roles/logger/tasks/main.yml | 3 +++
 Vagrant/bootstrap.sh                     | 1 +
 2 files changed, 4 insertions(+)

diff --git a/ESXi/ansible/roles/logger/tasks/main.yml b/ESXi/ansible/roles/logger/tasks/main.yml
index 7b5a613..55d6434 100644
--- a/ESXi/ansible/roles/logger/tasks/main.yml
+++ b/ESXi/ansible/roles/logger/tasks/main.yml
@@ -340,8 +340,11 @@
     sed -i 's/interval: 28800/interval: 900/g' osquery-configuration/Fleet/Endpoints/MacOS/osquery.yaml
     sed -i 's/interval: 28800/interval: 900/g' osquery-configuration/Fleet/Endpoints/Windows/osquery.yaml
 
+    # Don't log osquery INFO messages
+    # Fix snapshot event formatting
     fleetctl get options > /tmp/options.yaml
     /usr/bin/yq w -i /tmp/options.yaml 'spec.config.options.logger_min_status' '1'
+    /usr/bin/yq w -i /tmp/options.yaml 'spec.config.options.logger_snapshot_event_type' '2'
     fleetctl apply -f /tmp/options.yaml
 
     # Use fleetctl to import YAML files
diff --git a/Vagrant/bootstrap.sh b/Vagrant/bootstrap.sh
index 4e6b2b8..c67330c 100644
--- a/Vagrant/bootstrap.sh
+++ b/Vagrant/bootstrap.sh
@@ -267,6 +267,7 @@ import_osquery_config_into_fleet() {
   sed -i 's/interval: 28800/interval: 900/g' osquery-configuration/Fleet/Endpoints/Windows/osquery.yaml
 
   # Don't log osquery INFO messages
+  # Fix snapshot event formatting
   fleetctl get options > /tmp/options.yaml
   /usr/bin/yq w -i /tmp/options.yaml 'spec.config.options.logger_min_status' '1'
   /usr/bin/yq w -i /tmp/options.yaml 'spec.config.options.logger_snapshot_event_type' '2'