update config-load to do an update or import

2025-12-07 17:52:46 +01:00 · 2021-10-15 15:35:30 -04:00
parent 6a2bf11a75
commit 1741f5068a
2 changed files with 60 additions and 15 deletions
--- a/salt/kibana/bin/so-kibana-config-load
+++ b/salt/kibana/bin/so-kibana-config-load
@@ -1,19 +1,23 @@
 #!/bin/bash
-# {%- set MANAGER = salt['pillar.get']('global:url_base', '') %}
+#

 . /usr/sbin/so-common
-if [ ! -z "$1" ]; then
-  ndjson_template_file=$1
-else
-  ndjson_template_file='/opt/so/conf/kibana/saved_objects.ndjson'
+
+check_file() {
+local file=$1
+if [ ! -f "$file" ]; then
+  echo "File $file does not exist."
+  exit 1
 fi

-if [ -f "$ndjson_template_file" ]; then
-  ndjson_file=$(echo $ndjson_template_file | sed -e "s/\.template$//")
+}
+
+import() {
+  local file=$1
+  ndjson_file=$(echo $file | sed -e "s/\.template$//")
  # Copy template file
-  #cp /opt/so/conf/kibana/saved_objects.ndjson.template /opt/so/conf/kibana/saved_objects.ndjson
-  if [ "$ndjson_template_file" != "$ndjson_file" ]; then
-    cp "$ndjson_template_file" "$ndjson_file"
+  if [ "$file" != "$ndjson_file" ]; then
+    cp "$file" "$ndjson_file"
  fi

  # SOCtopus and Manager
@@ -24,9 +28,50 @@ if [ -f "$ndjson_template_file" ]; then
  wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}"

  SESSIONCOOKIE=$({{ ELASTICCURL }} -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
-
  # Load saved objects
  {{ ELASTICCURL }} -b "sid=$SESSIONCOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@"$ndjson_file" >> /opt/so/log/kibana/misc.log
-else
-  echo "File $ndjson_template_file does not exist."
-fi
+}
+
+update() {
+  wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}"  
+  IFS=$'\r\n' GLOBIGNORE='*' command eval  'LINES=($(cat $1))'
+  for i in "${LINES[@]}"; do
+    {{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/7.15.0" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i "
+  done
+
+}
+
+usage()
+{
+cat <<EOF
+Security Onion Kibana Config Loader
+  Options:
+  -h                   This message
+  -i <filename>        Import saved objects
+  -u <filename>        Update saved objects
+EOF
+}
+
+while getopts "h:i:u:" OPTION
+do
+  case $OPTION in
+    h)
+      usage
+      exit 0
+      ;;
+    i)
+      FILE=${OPTARG}
+      check_file $FILE
+      import $FILE
+      ;;
+    u)
+      FILE=${OPTARG}
+      check_file $FILE
+      update $FILE
+      ;;
+    *)
+      usage
+      exit 0
+      ;;
+  esac
+done
--- a/salt/kibana/files/securitySolution_saved_objects.ndjson
+++ b/salt/kibana/files/securitySolution_saved_objects.ndjson
@@ -1 +1 @@
-{"attributes": {"buildNum": 39457,"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","securitySolution:defaultIndex": ["apm-*-transaction*", "traces-apm*", "auditbeat-*", "endgame-*", "filebeat-*", "logs-*", "packetbeat-*", "winlogbeat-*", "so-*"]},"coreMigrationVersion": "7.15.0","id": "7.15.0","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}
+{"attributes": {"securitySolution:defaultIndex": ["apm-*-transaction*", "traces-apm*", "auditbeat-*", "endgame-*", "filebeat-*", "logs-*", "packetbeat-*", "winlogbeat-*", "so-*"]},"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}