docker-stacks/stacks/network-mcp/scripts/bootstrap_indices.py

import os
import sys
import json
import requests
import urllib3

REPO_ROOT = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
if REPO_ROOT not in sys.path:
    sys.path.insert(0, REPO_ROOT)

from collectors.common.es_auth import resolve_api_key, build_api_key_header

# Suppress insecure request warnings
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

def load_json(path):
    with open(path, 'r') as f:
        return json.load(f)

def main():
    es_url = os.getenv("ES_URL", "http://localhost:9200").rstrip('/')
    env_api_id = os.getenv("ES_API_ID")
    env_api_key = os.getenv("ES_API_KEY")
    es_api_id, es_api_key = resolve_api_key(env_api_id, env_api_key)
    es_user = os.getenv("ES_USER", "elastic")
    es_pass = os.getenv("ES_PASS", "changeme")
    verify_ssl = os.getenv("ES_VERIFY_SSL", "true").lower() == "true"

    auth_args = {}
    if es_api_id and es_api_key:
        auth_args["headers"] = {"Authorization": build_api_key_header(es_api_id, es_api_key)}
        print("Using Elasticsearch API key authentication for bootstrap.")
    else:
        auth_args["auth"] = (es_user, es_pass)
        print("Using Elasticsearch basic authentication for bootstrap.")
    
    print(f"Bootstrapping Elastic at {es_url}...")

    def put(endpoint, data):
        url = f"{es_url}{endpoint}"
        print(f"PUT {url}")
        try:
            resp = requests.put(url, json=data, verify=verify_ssl, **auth_args)
            print(f"Response: {resp.status_code} {resp.text}")
            resp.raise_for_status()
        except Exception as e:
            print(f"Error: {e}")
            # Don't exit, try next

    # 1. ILM Policy
    ilm_path = "ilm/network-events-ilm.json"
    if os.path.exists(ilm_path):
        data = load_json(ilm_path)
        put("/_ilm/policy/network-events-ilm", data)
    else:
        print(f"Missing {ilm_path}")

    # 2. Network Events Template
    tpl_path = "ilm/network-events-template.json"
    if os.path.exists(tpl_path):
        data = load_json(tpl_path)
        put("/_index_template/network-events", data)
    else:
        print(f"Missing {tpl_path}")

    # 3. Network Hosts Template
    tpl_path = "ilm/network-hosts-template.json"
    if os.path.exists(tpl_path):
        data = load_json(tpl_path)
        put("/_index_template/network-hosts", data)
    else:
        print(f"Missing {tpl_path}")

    print("Bootstrap complete.")

if __name__ == "__main__":
    main()