From 71114c68b2a7a9fa1dd6992f874950cbf69ebaf5 Mon Sep 17 00:00:00 2001
From: Mike Brannigan <mike.brannigan@basis.com>
Date: Wed, 5 Mar 2025 07:12:40 -0600
Subject: [PATCH 1/2] Add ability to serialize additional file information into
 /etc/datadog-agent

---
 datadog/config.sls |  7 +++++++
 pillar.example     | 15 ++++++++++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/datadog/config.sls b/datadog/config.sls
index 34b034a..f32639e 100644
--- a/datadog/config.sls
+++ b/datadog/config.sls
@@ -88,3 +88,10 @@ install_info_installed:
     - template: jinja
     - require:
       - pkg: datadog-pkg
+
+{% for filename, config in pillar.get('datadog:additional_config', {}).items() %}
+/etc/datadog-agent/{{ filename }}:
+  file.serialize:
+    - dataset: {{ config }}
+    - formatter: yaml
+{% endfor %}
\ No newline at end of file
diff --git a/pillar.example b/pillar.example
index 538cfc2..59621e0 100644
--- a/pillar.example
+++ b/pillar.example
@@ -3,7 +3,20 @@ datadog:
     api_key: aaaaaaaabbbbbbbbccccccccdddddddd
     site: datadoghq.com
     python_version: 2
-
+  additional_config:
+    system-probe.yaml:
+      network_config:
+        enabled: false
+      runtime_security_config:
+        enabled: true
+      fim_enabled: true
+      remote_configuration:
+        enabled: true
+      custom_sensitive_words:
+        - 'personal_key'
+        - '*token'
+        - 'sql*'
+        - '*pass*d*'
   checks:
     process:
       config:

From 3f52d64b9aefc4231f1427af62162be17e950166 Mon Sep 17 00:00:00 2001
From: Mike Brannigan <mike.brannigan@basis.com>
Date: Wed, 5 Mar 2025 08:23:40 -0600
Subject: [PATCH 2/2] Fix serialize to include owner and group information,
 have changes restart the agent

---
 datadog/config.sls | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/datadog/config.sls b/datadog/config.sls
index f32639e..266e22d 100644
--- a/datadog/config.sls
+++ b/datadog/config.sls
@@ -89,9 +89,16 @@ install_info_installed:
     - require:
       - pkg: datadog-pkg
 
-{% for filename, config in pillar.get('datadog:additional_config', {}).items() %}
+{% for filename, config in salt['pillar.get']('datadog:additional_config').items() %}
 /etc/datadog-agent/{{ filename }}:
   file.serialize:
     - dataset: {{ config }}
     - formatter: yaml
+    - user: dd-agent
+    - group: dd-agent
+    - mode: 600
+    - require:
+      - pkg: datadog-pkg
+    - watch_in:
+      - service: datadog-agent-service
 {% endfor %}
\ No newline at end of file