Re-use system integration

[strawgate]

Have you considered reading the policy from the system integration to determine whether to send security and system logs? Instead of requiring custom logs setup?

The system integration is included by default during policy creation so might be a good way to include the common info.

I'd be thrilled to experiment with this and maybe contribute a PR but would love to hear your thoughts.

[swiftbird07]

Yeah I thought about that first, but the problem is that I didn't see an option there to add the "Custom configurations" options there to define the App settings, so you would then need another integration like custom logs anyway so I thought it would be easier to setup just one integration for everything Android related.

But if you think that using the system integration to enable / disable the self-log component is useful, then implementing that should be relatively straight forward.
You only need to modify how the policy is parsed in parsePolicy() inside FleetCheckinRepository (as well as maybe the FleetCheckinResponse Retrofit class if some fields are missing).

If there is enough interest in the app I would also focus on developing a "real" Android integration, so that everything looks a bit more polished for the end user, tho sadly developing these integrations seams to be a bit complicated as you need to setup a whole test environment for Kibana as there is currently no option to just add a custom integration to the integration "store" page, at least to my knowledge.

[strawgate]

I took a look at the custom settings and a lot of them seem to mirror existing output settings? One thing I was going to play around with was if it was feasible to just map those settings from the output settings.

I'll play around and report back!