From c9ed607a378c45dd67c014d360646e9ce06ac67f Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Thu, 7 Dec 2017 18:51:14 +0000
Subject: [PATCH 1/3] run so-allow-elastic if Elastic enabled

---
 bin/so-allow | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/bin/so-allow b/bin/so-allow
index 2a4e199..f9e8ad2 100644
--- a/bin/so-allow
+++ b/bin/so-allow
@@ -29,6 +29,15 @@ if [[ $(/usr/bin/id -u) -ne 0 ]]; then
 	exit
 fi
 
+#########################################
+# Check if Elastic is enabled
+#########################################
+. /etc/nsm/securityonion.conf
+if [ "$LOGSTASH_ENABLED" = "yes" ]; then
+        /usr/sbin/so-allow-elastic
+	exit 0
+fi
+
 #########################################
 # Prompt user for kind of device
 #########################################

From 214d30a0fcb705b2f25887999f7865c6e1102f1f Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Thu, 7 Dec 2017 19:22:20 +0000
Subject: [PATCH 2/3] add ELASTICSEARCH_ENABLED to conditional

---
 bin/so-allow | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/so-allow b/bin/so-allow
index f9e8ad2..8a422c7 100644
--- a/bin/so-allow
+++ b/bin/so-allow
@@ -33,7 +33,7 @@ fi
 # Check if Elastic is enabled
 #########################################
 . /etc/nsm/securityonion.conf
-if [ "$LOGSTASH_ENABLED" = "yes" ]; then
+if [ "$LOGSTASH_ENABLED" = "yes" ] | [ "$ELASTICSEARCH_ENABLED" = "yes" ]; then
         /usr/sbin/so-allow-elastic
 	exit 0
 fi

From 13f0d0a32c9e8cbef47a11c28d0b004f75cc0896 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Thu, 7 Dec 2017 19:40:54 +0000
Subject: [PATCH 3/3] fix conditional OR and add check for Elastic allow script

---
 bin/so-allow | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/so-allow b/bin/so-allow
index 8a422c7..6742c6a 100644
--- a/bin/so-allow
+++ b/bin/so-allow
@@ -33,7 +33,7 @@ fi
 # Check if Elastic is enabled
 #########################################
 . /etc/nsm/securityonion.conf
-if [ "$LOGSTASH_ENABLED" = "yes" ] | [ "$ELASTICSEARCH_ENABLED" = "yes" ]; then
+if [ "$LOGSTASH_ENABLED" = "yes" ] || [ "$ELASTICSEARCH_ENABLED" = "yes" ] && [ -x /usr/sbin/so-allow-elastic ] ; then
         /usr/sbin/so-allow-elastic
 	exit 0
 fi