From 1741f5068ace49047e2a6253fdeed89fcac4851c Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Fri, 15 Oct 2021 15:35:30 -0400 Subject: [PATCH] update config-load to do an update or import --- salt/kibana/bin/so-kibana-config-load | 73 +++++++++++++++---- .../securitySolution_saved_objects.ndjson | 2 +- 2 files changed, 60 insertions(+), 15 deletions(-) diff --git a/salt/kibana/bin/so-kibana-config-load b/salt/kibana/bin/so-kibana-config-load index 464877252..8d246819c 100644 --- a/salt/kibana/bin/so-kibana-config-load +++ b/salt/kibana/bin/so-kibana-config-load @@ -1,19 +1,23 @@ #!/bin/bash -# {%- set MANAGER = salt['pillar.get']('global:url_base', '') %} +# . /usr/sbin/so-common -if [ ! -z "$1" ]; then - ndjson_template_file=$1 -else - ndjson_template_file='/opt/so/conf/kibana/saved_objects.ndjson' + +check_file() { +local file=$1 +if [ ! -f "$file" ]; then + echo "File $file does not exist." + exit 1 fi -if [ -f "$ndjson_template_file" ]; then - ndjson_file=$(echo $ndjson_template_file | sed -e "s/\.template$//") +} + +import() { + local file=$1 + ndjson_file=$(echo $file | sed -e "s/\.template$//") # Copy template file - #cp /opt/so/conf/kibana/saved_objects.ndjson.template /opt/so/conf/kibana/saved_objects.ndjson - if [ "$ndjson_template_file" != "$ndjson_file" ]; then - cp "$ndjson_template_file" "$ndjson_file" + if [ "$file" != "$ndjson_file" ]; then + cp "$file" "$ndjson_file" fi # SOCtopus and Manager @@ -24,9 +28,50 @@ if [ -f "$ndjson_template_file" ]; then wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}" SESSIONCOOKIE=$({{ ELASTICCURL }} -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}') - # Load saved objects {{ ELASTICCURL }} -b "sid=$SESSIONCOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@"$ndjson_file" >> /opt/so/log/kibana/misc.log -else - echo "File $ndjson_template_file does not exist." -fi +} + +update() { + wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}" + IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))' + for i in "${LINES[@]}"; do + {{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/7.15.0" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i " + done + +} + +usage() +{ +cat < Import saved objects + -u Update saved objects +EOF +} + +while getopts "h:i:u:" OPTION +do + case $OPTION in + h) + usage + exit 0 + ;; + i) + FILE=${OPTARG} + check_file $FILE + import $FILE + ;; + u) + FILE=${OPTARG} + check_file $FILE + update $FILE + ;; + *) + usage + exit 0 + ;; + esac +done diff --git a/salt/kibana/files/securitySolution_saved_objects.ndjson b/salt/kibana/files/securitySolution_saved_objects.ndjson index 4c4bbc668..b0df37ffe 100644 --- a/salt/kibana/files/securitySolution_saved_objects.ndjson +++ b/salt/kibana/files/securitySolution_saved_objects.ndjson @@ -1 +1 @@ -{"attributes": {"buildNum": 39457,"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","securitySolution:defaultIndex": ["apm-*-transaction*", "traces-apm*", "auditbeat-*", "endgame-*", "filebeat-*", "logs-*", "packetbeat-*", "winlogbeat-*", "so-*"]},"coreMigrationVersion": "7.15.0","id": "7.15.0","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="} +{"attributes": {"securitySolution:defaultIndex": ["apm-*-transaction*", "traces-apm*", "auditbeat-*", "endgame-*", "filebeat-*", "logs-*", "packetbeat-*", "winlogbeat-*", "so-*"]},"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}