From a42d8c922955b56ae99d5cd7aaf159708f4b1d74 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 28 Jul 2021 17:03:14 -0400 Subject: [PATCH 1/8] Fix Manager Search --- salt/elasticsearch/files/elasticsearch.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/salt/elasticsearch/files/elasticsearch.yml b/salt/elasticsearch/files/elasticsearch.yml index bf5e7e2b4..518cd74e9 100644 --- a/salt/elasticsearch/files/elasticsearch.yml +++ b/salt/elasticsearch/files/elasticsearch.yml @@ -49,6 +49,16 @@ discovery.seed_hosts: - {{ SN.split('_')|first }} {%- endfor %} {%- endif %} + {%- elif grains.role == 'so-managersearch' %} + {%- if salt['pillar.get']('nodestab', {}) %} +node.roles: [ master, data, remote_cluster_client ] +discovery.seed_hosts: + - {{ grains.master }} + {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} + - {{ SN.split('_')|first }} + {%- endfor %} + {%- endif %} +node.attr.box_type: {{ NODE_ROUTE_TYPE }} {%- else %} node.roles: {{ NODE_ROLES }} node.attr.box_type: {{ NODE_ROUTE_TYPE }} From d4a177949ac5d9b2d3a2f87d69bc872297352971 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 28 Jul 2021 17:05:16 -0400 Subject: [PATCH 2/8] Fix Manager Search --- HOTFIX | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/HOTFIX b/HOTFIX index b1fe67394..6061123a0 100644 --- a/HOTFIX +++ b/HOTFIX @@ -1 +1 @@ -STENODOCKER +STENODOCKER MSEARCH From 8ed264460f828669207708df5fe787ab390c85cd Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 29 Jul 2021 10:45:35 -0400 Subject: [PATCH 3/8] Do not prompt about uppercased hostname during testing --- setup/so-whiptail | 3 +++ 1 file changed, 3 insertions(+) diff --git a/setup/so-whiptail b/setup/so-whiptail index 10d86ec2b..961924afa 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -1851,6 +1851,9 @@ whiptail_suricata_pins() { # shellcheck disable=2120 whiptail_uppercase_warning() { + + [ -n "$TESTING" ] && return + local type=$1 local msg From 3fc43f7d9243760a4767be8d9563477b164404fa Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Thu, 29 Jul 2021 10:48:24 -0400 Subject: [PATCH 4/8] allow for adjustment to auto patch os schedule - https://github.com/Security-Onion-Solutions/securityonion/issues/4985 --- salt/patch/os/schedule.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/patch/os/schedule.sls b/salt/patch/os/schedule.sls index 4ad9a454e..01f1ad117 100644 --- a/salt/patch/os/schedule.sls +++ b/salt/patch/os/schedule.sls @@ -42,7 +42,7 @@ patch_os_schedule: - function: state.sls - job_args: - patch.os - - hours: 8 + - hours: {{ salt['pillar.get']('patch_os_pillar:hours', 8) }} - splay: {{splay}} - return_job: True From 4b6120a46b2f00a1bafdbd0dc83c98c50a17f6d5 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Thu, 29 Jul 2021 10:59:33 -0400 Subject: [PATCH 5/8] fix the hours get --- salt/patch/os/schedule.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/patch/os/schedule.sls b/salt/patch/os/schedule.sls index 01f1ad117..7e5b3d532 100644 --- a/salt/patch/os/schedule.sls +++ b/salt/patch/os/schedule.sls @@ -42,7 +42,7 @@ patch_os_schedule: - function: state.sls - job_args: - patch.os - - hours: {{ salt['pillar.get']('patch_os_pillar:hours', 8) }} + - hours: {{ patch_os_pillar.get('hours', 8) }} - splay: {{splay}} - return_job: True From f585eb6e624b73828f3b8fc70d2406befc5e91f9 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 29 Jul 2021 11:08:03 -0400 Subject: [PATCH 6/8] 2.3.61-MSEARCH --- VERIFY_ISO.md | 22 +++++++++++----------- sigs/securityonion-2.3.61-MSEARCH.iso.sig | Bin 0 -> 543 bytes 2 files changed, 11 insertions(+), 11 deletions(-) create mode 100644 sigs/securityonion-2.3.61-MSEARCH.iso.sig diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index ac6101ad1..3e807d21d 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,18 +1,18 @@ -### 2.3.61-STENODOCKER ISO image built on 2021/07/26 +### 2.3.61-MSEARCH ISO image built on 2021/07/26 ### Download and Verify -2.3.61-STENODOCKER ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.3.61-STENODOCKER.iso +2.3.61-MSEARCH ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.3.61-MSEARCH.iso -MD5: 10815F1F816E75BF15F331B39CB5EBEC -SHA1: 2D4F4ACA6FBA35563D76C1296A6A774FF73D67FD -SHA256: D9C927C07A2B29C0BD93B1349EB750D4E3CF7F553A14D3EF90593BA660936821 +MD5: D38450A6609A1DFF0E19482517B24275 +SHA1: DBCBD8F035FD875DC56307982A2480A62BCAB96D +SHA256: D7767AA10FE5D655E8502BDC9B8F963C5584DF8F72F26A5A997C1F2277D4F07E Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-STENODOCKER.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-MSEARCH.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS @@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-STENODOCKER.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-MSEARCH.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.3.61-STENODOCKER.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.3.61-MSEARCH.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.3.61-STENODOCKER.iso.sig securityonion-2.3.61-STENODOCKER.iso +gpg --verify securityonion-2.3.61-MSEARCH.iso.sig securityonion-2.3.61-MSEARCH.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Mon 26 Jul 2021 04:34:58 PM EDT using RSA key ID FE507013 +gpg: Signature made Wed 28 Jul 2021 05:27:35 PM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/sigs/securityonion-2.3.61-MSEARCH.iso.sig b/sigs/securityonion-2.3.61-MSEARCH.iso.sig new file mode 100644 index 0000000000000000000000000000000000000000..52b3b7645cfa6becb3e3f223345a4104e36afbf7 GIT binary patch literal 543 zcmV+)0^t3L0vrSY0RjL91p;9K%f|o;2@re`V7LBIa1&?%5C4AYFMku1Yb9^S`MLeh*2I)l3goS#SvxGa z2CW^Cn^50tDJkLs3=vKTW=_?d?MoM1%yz4$&<-sgx5Q=^5tmX|4r zo8rWWi}>XX%aG-kd#tXe=Je=&*BE7kTfKU^Y=N{DubAL;rTFUSW?$GXh4>!KZFU-E hECTlT^$VlGc=e#p&$q8RH=qhr-kba_1YiIF literal 0 HcmV?d00001 From 3d2da303c8f861447c0d7699cae4804451b20844 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 29 Jul 2021 11:09:27 -0400 Subject: [PATCH 7/8] 2.3.61-MSEARCH --- VERIFY_ISO.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 3e807d21d..d3264ced0 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,4 +1,4 @@ -### 2.3.61-MSEARCH ISO image built on 2021/07/26 +### 2.3.61-MSEARCH ISO image built on 2021/07/29 From 7591bb115e08fc8e32f1a52f6702e7f9dfbe8103 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 29 Jul 2021 11:09:54 -0400 Subject: [PATCH 8/8] 2.3.61-MSEARCH --- VERIFY_ISO.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index d3264ced0..84c09fe06 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1,4 +1,4 @@ -### 2.3.61-MSEARCH ISO image built on 2021/07/29 +### 2.3.61-MSEARCH ISO image built on 2021/07/28