Merge branch 'master' of https://github.com/TOoSmOotH/securityonion-saltstack

2025-12-06 17:22:49 +01:00 · 2019-05-15 15:12:49 -04:00
parent afaad4fe81 35606b046b
commit 105384ecda
4 changed files with 16 additions and 16 deletions
--- a/README.md
+++ b/README.md
@@ -11,19 +11,6 @@
 - The setup script will now tell you if it was successful
 - Added Grafana plugin Pie Chart
 - The Hive Docker moved to Centos 7 based container
-=======
- Suricata 4.1.3
- Updated Influxdb to 1.7.5
- Updated Telegraf to 1.10.1
- Grafana is now 6.0.2
- Added support for TheHive! To enable, please see https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/The-Hive
- You are now forced to select interfaces during setup. If you skipped this test the install was not happy [#26](https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/26)
- Reduced the RAM usage for ES in Eval mode [#25](https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/26)
- Eval Mode setup is now choose your own adventure style
- Fresh dockers for all the things to bring everything to 1.0.7
- New utility docker called SOctopus
- New html landing page now in dark mode
-

 ### Notes:
 - Attempting to send a Bro event to The Hive that does not contain a source and destination IP (ex. Bro files, or X509) will result in an exception - a fix for this will be implemented in the next release.
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -37,6 +37,7 @@ sensorpkgs:
    - skip_suggestions: False
    - pkgs:
      - docker-ce
+      - wget
      {% if grains['os'] != 'CentOS' %}
      - python-docker
      - python-m2crypto
--- a/salt/hive/init.sls
+++ b/salt/hive/init.sls
@@ -1,3 +1,4 @@
+{% set MASTERIP = salt['pillar.get']('master:mainip', '') %}
 hiveconfdir:
  file.directory:
    - name: /opt/so/conf/hive/etc
@@ -80,13 +81,15 @@ so-thehive-es:

 so-thehiveimage:
 cmd.run:
-   - name: docker pull --disable-content-trust=false soshybridhunter/so-thehive:HH1.0.7
+   - name: docker pull --disable-content-trust=false soshybridhunter/so-thehive:HH1.0.8

 so-thehive:
  docker_container.running:
    - require:
      - so-thehiveimage
-    - image: soshybridhunter/so-thehive:HH1.0.7
+    - image: soshybridhunter/so-thehive:HH1.0.8
+    - environment:
+      - ELASTICSEARCH_HOST={{ MASTERIP }}
    - hostname: so-thehive
    - name: so-thehive
    - user: 939
--- a/salt/hive/thehive/scripts/hive_init.sh
+++ b/salt/hive/thehive/scripts/hive_init.sh
@@ -33,5 +33,14 @@ hive_init(){
 if [ -f /opt/so/state/thehive.txt ]; then
    exit 0
 else
+    rm -f garbage_file
+    while ! wget -O garbage_file {{MASTERIP}}:9500 2>/dev/null
+    do
+      echo "Waiting for Elasticsearch..."
+      rm -f garbage_file
+      sleep 1
+    done
+    rm -f garbage_file
+    sleep 5
    hive_init
 fi