CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-26 22:47:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'remotes/origin/dev' into feature/metasuri

Browse Source
This commit is contained in:
Mike Reeves
2020-06-12 08:54:17 -04:00
parent 6f3fd407dd d146e65412
commit 0559e2d16b
11 changed files with 6472 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/grafana/dashboards/eval/eval.json
+4 -4
View File
@@ -3226,7 +3226,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3290,7 +3290,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3798,7 +3798,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3862,7 +3862,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
salt/grafana/dashboards/master/master.json
+8 -8
View File
@@ -1969,7 +1969,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2033,7 +2033,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2633,7 +2633,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2697,7 +2697,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3342,7 +3342,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3406,7 +3406,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3874,7 +3874,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3938,7 +3938,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
salt/grafana/dashboards/mastersearch/mastersearch.json
+7 -7
View File
@@ -1971,7 +1971,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2035,7 +2035,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2718,7 +2718,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2782,7 +2782,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3470,7 +3470,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"groupBy": [
{
"params": [
@@ -3875,7 +3875,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"groupBy": [
{
"params": [
@@ -3936,7 +3936,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"groupBy": [
{
"params": [
salt/grafana/dashboards/search_nodes/searchnode.json
+4 -4
View File
@@ -2827,7 +2827,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -2891,7 +2891,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3399,7 +3399,7 @@
"steppedLine": false,
"targets": [
{
"alias": "InBound",
"alias": "Inbound",
"dsType": "influxdb",
"groupBy": [
{
@@ -3463,7 +3463,7 @@
]
},
{
"alias": "OutBound",
"alias": "Outbound",
"dsType": "influxdb",
"groupBy": [
{
salt/grafana/dashboards/standalone/standalone.json
+6392
View File
File diff suppressed because it is too large Load Diff
salt/grafana/etc/dashboards/dashboard.yml
+7
View File
@@ -31,6 +31,13 @@ providers:
editable: true
options:
path: /etc/grafana/grafana_dashboards/search_nodes
- name: 'Standalone'
folder: 'Standalone'
type: file
disableDeletion: false
editable: true
options:
path: /etc/grafana/grafana_dashboards/standalone
{%- else %}
- name: 'Security Onion'
folder: 'Eval Mode'
salt/grafana/init.sls
+31 -1
View File
@@ -40,6 +40,13 @@ grafanadashmsdir:
- group: 939
- makedirs: True
grafanadashsadir:
file.directory:
- name: /opt/so/conf/grafana/grafana_dashboards/standalone
- user: 939
- group: 939
- makedirs: True
grafanadashevaldir:
file.directory:
- name: /opt/so/conf/grafana/grafana_dashboards/eval
@@ -96,7 +103,7 @@ dashboard-master:
{% for SN, SNDATA in salt['pillar.get']('mastersearchtab', {}).items() %}
{% set NODETYPE = SN.split('_')|last %}
{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
dashboard-master:
dashboard-mastersearch:
file.managed:
- name: /opt/so/conf/grafana/grafana_dashboards/mastersearch/{{ SN }}-MasterSearch.json
- user: 939
@@ -115,6 +122,29 @@ dashboard-master:
{% endfor %}
{% endif %}
{% if salt['pillar.get']('standalonetab', False) %}
{% for SN, SNDATA in salt['pillar.get']('standalonetab', {}).items() %}
{% set NODETYPE = SN.split('_')|last %}
{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
dashboard-standalone:
file.managed:
- name: /opt/so/conf/grafana/grafana_dashboards/standalone/{{ SN }}-Standalone.json
- user: 939
- group: 939
- template: jinja
- source: salt://grafana/dashboards/standalone/standalone.json
- defaults:
SERVERNAME: {{ SN }}
MANINT: {{ SNDATA.manint }}
MONINT: {{ SNDATA.manint }}
CPUS: {{ SNDATA.totalcpus }}
UID: {{ SNDATA.guid }}
ROOTFS: {{ SNDATA.rootfs }}
NSMFS: {{ SNDATA.nsmfs }}
{% endfor %}
{% endif %}
{% if salt['pillar.get']('sensorstab', False) %}
{% for SN, SNDATA in salt['pillar.get']('sensorstab', {}).items() %}
{% set NODETYPE = SN.split('_')|last %}
salt/telegraf/etc/telegraf.conf
+13 -2
View File
@@ -616,7 +616,7 @@
# # Read stats from one or more Elasticsearch servers or clusters
{% if grains['role'] in ['so-master', 'so-eval', 'so-mastersearch'] %}
{% if grains['role'] in ['so-master', 'so-eval', 'so-mastersearch', 'so-standalone'] %}
[[inputs.elasticsearch]]
# ## specify a list of one or more Elasticsearch servers
@@ -683,7 +683,18 @@
"/scripts/oldpcap.sh"
]
data_format = "influx"
{% elif grains['role'] == 'so-standalone' %}
[[inputs.exec]]
commands = [
"/scripts/redis.sh",
"/scripts/influxdbsize.sh",
"/scripts/stenoloss.sh",
"/scripts/suriloss.sh",
"/scripts/checkfiles.sh",
"/scripts/broloss.sh",
"/scripts/oldpcap.sh"
]
data_format = "influx"
{% elif grains['role'] == 'so-eval' %}
[[inputs.exec]]
commands = [
salt/wazuh/init.sls
+1 -9
View File
@@ -50,15 +50,7 @@ wazuhdir:
- name: /opt/so/wazuh
- user: 945
- group: 945
- recurse:
- group
- user
wazuhdirfirewall:
file.directory:
- name: /opt/so/wazuh/logs/firewall
- user: 945
- group: 945
- makedirs: True
# Add Wazuh agent conf
wazuhagentconf: