CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14329 from Security-Onion-Solutions/jertel/wip

Browse Source 
reduce stdout verbosity
This commit is contained in:
Jason Ertel
2025-03-04 11:23:14 -05:00
committed by GitHub
parent 95d3a2d834 85450693a2
commit 0ff4fc101b
12 changed files with 36 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/common/init.sls
View File

@@ -128,6 +128,7 @@ common_sbin:
- user: 939 - user: 939
- group: 939 - group: 939
- file_mode: 755 - file_mode: 755
- show_changes: False
common_sbin_jinja: common_sbin_jinja:
file.recurse: file.recurse:
@@ -137,6 +138,7 @@ common_sbin_jinja:
- group: 939 - group: 939
- file_mode: 755 - file_mode: 755
- template: jinja - template: jinja
- show_changes: False
{% if not GLOBALS.is_manager%} {% if not GLOBALS.is_manager%}
# prior to 2.4.50 these scripts were in common/tools/sbin on the manager because of soup and distributed to non managers # prior to 2.4.50 these scripts were in common/tools/sbin on the manager because of soup and distributed to non managers

2
salt/common/tools/sbin/so-common
View File

@@ -226,7 +226,7 @@ create_local_directories() {
for d in $(find $PILLARSALTDIR/$i -type d); do for d in $(find $PILLARSALTDIR/$i -type d); do
suffixdir=${d//$PILLARSALTDIR/} suffixdir=${d//$PILLARSALTDIR/}
if [ ! -d "$local_salt_dir/$suffixdir" ]; then if [ ! -d "$local_salt_dir/$suffixdir" ]; then
mkdir -pv $local_salt_dir$suffixdir mkdir -p $local_salt_dir$suffixdir
fi fi
done done
chown -R socore:socore $local_salt_dir/$i chown -R socore:socore $local_salt_dir/$i

4
salt/elasticfleet/config.sls
View File

@@ -30,6 +30,7 @@ elasticfleet_sbin:
- user: 947 - user: 947
- group: 939 - group: 939
- file_mode: 755 - file_mode: 755
- show_changes: False
elasticfleet_sbin_jinja: elasticfleet_sbin_jinja:
file.recurse: file.recurse:
@@ -41,6 +42,7 @@ elasticfleet_sbin_jinja:
- template: jinja - template: jinja
- exclude_pat: - exclude_pat:
- so-elastic-fleet-package-upgrade # exclude this because we need to watch it for changes - so-elastic-fleet-package-upgrade # exclude this because we need to watch it for changes
- show_changes: False
eaconfdir: eaconfdir:
file.directory: file.directory:
@@ -145,6 +147,7 @@ eadynamicintegration:
- user: 947 - user: 947
- group: 939 - group: 939
- template: jinja - template: jinja
- show_changes: False
eaintegration: eaintegration:
file.recurse: file.recurse:
@@ -152,6 +155,7 @@ eaintegration:
- source: salt://elasticfleet/files/integrations - source: salt://elasticfleet/files/integrations
- user: 947 - user: 947
- group: 939 - group: 939
- show_changes: False
eaoptionalintegrationsdir: eaoptionalintegrationsdir:
file.directory: file.directory:

8
salt/elasticsearch/config.sls
View File

@@ -47,6 +47,7 @@ elasticsearch_sbin:
- file_mode: 755 - file_mode: 755
- exclude_pat: - exclude_pat:
- so-elasticsearch-pipelines # exclude this because we need to watch it for changes, we sync it in another state - so-elasticsearch-pipelines # exclude this because we need to watch it for changes, we sync it in another state
- show_changes: False
elasticsearch_sbin_jinja: elasticsearch_sbin_jinja:
file.recurse: file.recurse:
@@ -60,6 +61,7 @@ elasticsearch_sbin_jinja:
- so-elasticsearch-ilm-policy-load # exclude this because we need to watch it for changes, we sync it in another state - so-elasticsearch-ilm-policy-load # exclude this because we need to watch it for changes, we sync it in another state
- defaults: - defaults:
GLOBALS: {{ GLOBALS }} GLOBALS: {{ GLOBALS }}
- show_changes: False
so-elasticsearch-ilm-policy-load-script: so-elasticsearch-ilm-policy-load-script:
file.managed: file.managed:
@@ -69,6 +71,7 @@ so-elasticsearch-ilm-policy-load-script:
- group: 939 - group: 939
- mode: 754 - mode: 754
- template: jinja - template: jinja
- show_changes: False
so-elasticsearch-pipelines-script: so-elasticsearch-pipelines-script:
file.managed: file.managed:
@@ -77,6 +80,7 @@ so-elasticsearch-pipelines-script:
- user: 930 - user: 930
- group: 939 - group: 939
- mode: 754 - mode: 754
- show_changes: False
esingestdir: esingestdir:
file.directory: file.directory:
@@ -110,6 +114,7 @@ esingestdynamicconf:
- user: 930 - user: 930
- group: 939 - group: 939
- template: jinja - template: jinja
- show_changes: False
esingestconf: esingestconf:
file.recurse: file.recurse:
@@ -117,6 +122,7 @@ esingestconf:
- source: salt://elasticsearch/files/ingest - source: salt://elasticsearch/files/ingest
- user: 930 - user: 930
- group: 939 - group: 939
- show_changes: False
# Remove .fleet_final_pipeline-1 because we are using global@custom now # Remove .fleet_final_pipeline-1 because we are using global@custom now
so-fleet-final-pipeline-remove: so-fleet-final-pipeline-remove:
@@ -153,6 +159,7 @@ esyml:
- defaults: - defaults:
ESCONFIG: {{ ELASTICSEARCHMERGED.config }} ESCONFIG: {{ ELASTICSEARCHMERGED.config }}
- template: jinja - template: jinja
- show_changes: False
esroles: esroles:
file.recurse: file.recurse:
@@ -162,6 +169,7 @@ esroles:
- template: jinja - template: jinja
- user: 930 - user: 930
- group: 939 - group: 939
- show_changes: False
nsmesdir: nsmesdir:
file.directory: file.directory:

3
salt/elasticsearch/enabled.sls
View File

@@ -116,6 +116,7 @@ escomponenttemplates:
- clean: True - clean: True
- onchanges_in: - onchanges_in:
- file: so-elasticsearch-templates-reload - file: so-elasticsearch-templates-reload
- show_changes: False
# Auto-generate templates from defaults file # Auto-generate templates from defaults file
{% for index, settings in ES_INDEX_SETTINGS.items() %} {% for index, settings in ES_INDEX_SETTINGS.items() %}
@@ -127,6 +128,7 @@ es_index_template_{{index}}:
- defaults: - defaults:
TEMPLATE_CONFIG: {{ settings.index_template }} TEMPLATE_CONFIG: {{ settings.index_template }}
- template: jinja - template: jinja
- show_changes: False
- onchanges_in: - onchanges_in:
- file: so-elasticsearch-templates-reload - file: so-elasticsearch-templates-reload
{% endif %} {% endif %}
@@ -146,6 +148,7 @@ es_template_{{TEMPLATE.split('.')[0] | replace("/","_") }}:
{% endif %} {% endif %}
- user: 930 - user: 930
- group: 939 - group: 939
- show_changes: False
- onchanges_in: - onchanges_in:
- file: so-elasticsearch-templates-reload - file: so-elasticsearch-templates-reload
{% endfor %} {% endfor %}

1
salt/influxdb/config.sls
View File

@@ -85,6 +85,7 @@ influxdb-templates:
- clean: True - clean: True
- defaults: - defaults:
INFLUXMERGED: {{ INFLUXMERGED }} INFLUXMERGED: {{ INFLUXMERGED }}
- show_changes: False
influxdb_curl_config: influxdb_curl_config:
file.managed: file.managed:

4
salt/kibana/tools/sbin_jinja/so-kibana-config-load
View File

@@ -47,7 +47,7 @@ import() {
# Load saved objects # Load saved objects
RESPONSE=$(curl -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@"$ndjson_file") RESPONSE=$(curl -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@"$ndjson_file")
echo $RESPONSE; if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi
if [[ "$RETURN_CODE" != "1" ]]; then if [[ "$RETURN_CODE" != "1" ]]; then
touch /opt/so/state/kibana_$BASENAME.txt touch /opt/so/state/kibana_$BASENAME.txt
@@ -66,7 +66,7 @@ update() {
IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))' IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))'
for i in "${LINES[@]}"; do for i in "${LINES[@]}"; do
RESPONSE=$(curl -K /opt/so/conf/elasticsearch/curl.config -X PUT "localhost:5601/api/saved_objects/config/{{ELASTICSEARCHDEFAULTS.elasticsearch.version}}" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ") RESPONSE=$(curl -K /opt/so/conf/elasticsearch/curl.config -X PUT "localhost:5601/api/saved_objects/config/{{ELASTICSEARCHDEFAULTS.elasticsearch.version}}" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ")
echo $RESPONSE; if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi
done done
if [[ "$RETURN_CODE" != "1" ]]; then if [[ "$RETURN_CODE" != "1" ]]; then

4
salt/manager/init.sls
View File

@@ -66,6 +66,7 @@ repo_dir:
- recurse: - recurse:
- user - user
- group - group
- show_changes: False
manager_sbin: manager_sbin:
file.recurse: file.recurse:
@@ -76,6 +77,7 @@ manager_sbin:
- file_mode: 755 - file_mode: 755
- exclude_pat: - exclude_pat:
- "*_test.py" - "*_test.py"
- show_changes: False
manager_sbin_jinja: manager_sbin_jinja:
file.recurse: file.recurse:
@@ -85,6 +87,7 @@ manager_sbin_jinja:
- group: socore - group: socore
- file_mode: 755 - file_mode: 755
- template: jinja - template: jinja
- show_changes: False
so-repo-file: so-repo-file:
file.managed: file.managed:
@@ -92,6 +95,7 @@ so-repo-file:
- source: salt://manager/files/repodownload.conf - source: salt://manager/files/repodownload.conf
- user: socore - user: socore
- group: socore - group: socore
- show_changes: False
so-repo-mirrorlist: so-repo-mirrorlist:
file.managed: file.managed:

14
salt/manager/tools/sbin/soup
View File

@@ -166,7 +166,7 @@ airgap_update_dockers() {
docker stop so-dockerregistry docker stop so-dockerregistry
docker rm so-dockerregistry docker rm so-dockerregistry
echo "Copying the new dockers over" echo "Copying the new dockers over"
tar xvf "$AGDOCKER/registry.tar" -C /nsm/docker-registry/docker tar xf "$AGDOCKER/registry.tar" -C /nsm/docker-registry/docker
echo "Add Registry back" echo "Add Registry back"
docker load -i "$AGDOCKER/registry_image.tar" docker load -i "$AGDOCKER/registry_image.tar"
fi fi
@@ -1002,21 +1002,21 @@ unmount_update() {
update_airgap_rules() { update_airgap_rules() {
# Copy the rules over to update them for airgap. # Copy the rules over to update them for airgap.
rsync -av $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/ rsync -a $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/
rsync -av $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/ rsync -a $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/
rsync -av $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/ rsync -a $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/
# Copy the securityonion-resorces repo over for SOC Detection Summaries and checkout the published summaries branch # Copy the securityonion-resorces repo over for SOC Detection Summaries and checkout the published summaries branch
rsync -av --delete --chown=socore:socore $UPDATE_DIR/agrules/securityonion-resources /opt/so/conf/soc/ai_summary_repos rsync -a --delete --chown=socore:socore $UPDATE_DIR/agrules/securityonion-resources /opt/so/conf/soc/ai_summary_repos
git config --global --add safe.directory /opt/so/conf/soc/ai_summary_repos/securityonion-resources git config --global --add safe.directory /opt/so/conf/soc/ai_summary_repos/securityonion-resources
git -C /opt/so/conf/soc/ai_summary_repos/securityonion-resources checkout generated-summaries-published git -C /opt/so/conf/soc/ai_summary_repos/securityonion-resources checkout generated-summaries-published
# Copy the securityonion-resorces repo over to nsm # Copy the securityonion-resorces repo over to nsm
rsync -av $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/ rsync -a $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/
} }
update_airgap_repo() { update_airgap_repo() {
# Update the files in the repo # Update the files in the repo
echo "Syncing new updates to /nsm/repo" echo "Syncing new updates to /nsm/repo"
rsync -av $AGREPO/* /nsm/repo/ rsync -a $AGREPO/* /nsm/repo/
echo "Creating repo" echo "Creating repo"
dnf -y install yum-utils createrepo_c dnf -y install yum-utils createrepo_c
createrepo /nsm/repo createrepo /nsm/repo

1
salt/nginx/enabled.sls
View File

@@ -91,6 +91,7 @@ make-rule-dir-nginx:
- recurse: - recurse:
- user - user
- group - group
- show_changes: False
{% endif %} {% endif %}

1
salt/sensoroni/config.sls
View File

@@ -41,6 +41,7 @@ analyzerscripts:
- file_mode: 755 - file_mode: 755
- template: jinja - template: jinja
- source: salt://sensoroni/files/analyzers - source: salt://sensoroni/files/analyzers
- show_changes: False
sensoroni_sbin: sensoroni_sbin:
file.recurse: file.recurse:

2
salt/soc/config.sls
View File

@@ -79,6 +79,7 @@ socmotd:
- group: 939 - group: 939
- mode: 600 - mode: 600
- template: jinja - template: jinja
- show_changes: False
filedetectionsbackup: filedetectionsbackup:
file.managed: file.managed:
@@ -249,6 +250,7 @@ socore_own_custom_repos:
- recurse: - recurse:
- user - user
- group - group
- show_changes: False
{% else %} {% else %}