diff --git a/salt/common/init.sls b/salt/common/init.sls
index 8b17cc7f5..b0289ed32 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -267,10 +267,23 @@ dockerreserveports:
- source: salt://common/files/99-reserved-ports.conf
- name: /etc/sysctl.d/99-reserved-ports.conf
+{% if salt['grains.get']('sosmodel', '') %}
+# Install raid check cron
+/usr/sbin/so-raid-status > /dev/null 2>&1:
+ cron.present:
+ - user: root
+ - minute: '*/15'
+ - hour: '*'
+ - daymonth: '*'
+ - month: '*'
+ - dayweek: '*'
+
+{% endif %}
+
{% else %}
{{sls}}_state_not_allowed:
test.fail_without_changes:
- name: {{sls}}_state_not_allowed
-{% endif %}
+{% endif %}
\ No newline at end of file
diff --git a/salt/common/tools/sbin/so-raid-status b/salt/common/tools/sbin/so-raid-status
new file mode 100644
index 000000000..d55d158fe
--- /dev/null
+++ b/salt/common/tools/sbin/so-raid-status
@@ -0,0 +1,81 @@
+#!/bin/bash
+
+# Copyright 2014,2015,2016,2017,2018,2019,2020,2021 Security Onion Solutions, LLC
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+. /usr/sbin/so-common
+
+#check_boss_raid() {
+# BOSSBIN=/opt/boss/mvcli
+# BOSSRC=$($BOSSBIN info -o vd | grep functional)
+#
+# if [[ $BOSSRC ]]; then
+# # Raid is good
+# BOSSRAID=0
+# else
+# BOSSRAID=1
+# fi
+#}
+
+check_lsi_raid() {
+ # For use for LSI on Ubuntu
+ #MEGA=/opt/MegaRAID/MegeCli/MegaCli64
+ #LSIRC=$($MEGA -LDInfo -Lall -aALL | grep Optimal)
+ # Open Source Centos
+ MEGA=/opt/mega/megasasctl
+ LSIRC=$($MEGA | grep optimal)
+
+ if [[ $LSIRC ]]; then
+ # Raid is good
+ LSIRAID=0
+ else
+ LSIRAID=1
+ fi
+
+}
+
+check_software_raid() {
+ SWRC=$(grep "_" /proc/mdstat)
+
+ if [[ $SWRC ]]; then
+ # RAID is failed in some way
+ SWRAID=1
+ else
+ SWRAID=0
+ fi
+}
+
+# This script checks raid status if you use SO appliances
+
+# See if this is an appliance
+
+{%- if salt['grains.get']('sosmodel', '') %}
+mkdir -p /opt/so/log/raid
+ {%- if grains['sosmodel'] in ['SOSMN', 'SOSSNNV'] %}
+#check_boss_raid
+check_software_raid
+echo "osraid=$BOSSRAID nsmraid=$SWRAID" > /opt/so/log/raid/status.log
+ {%- elif grains['sosmodel'] in ['SOS1000F', 'SOS1000', 'SOSSN7200', 'SOS10K', 'SOS4000'] %}
+#check_boss_raid
+check_lsi_raid
+echo "osraid=$BOSSRAID nsmraid=$LSIRAID" > /opt/so/log/raid/status.log
+ {%- else %}
+exit 0
+ {%- endif %}
+{%- else %}
+exit 0
+{%- endif %}
+
+
diff --git a/salt/common/tools/sbin/so-user b/salt/common/tools/sbin/so-user
index 3ab9ae6a2..b918ff173 100755
--- a/salt/common/tools/sbin/so-user
+++ b/salt/common/tools/sbin/so-user
@@ -1,12 +1,20 @@
#!/bin/bash
-# Copyright 2020 Security Onion Solutions. All rights reserved.
+
+# Copyright 2014,2015,2016,2017,2018,2019,2020,2021 Security Onion Solutions, LLC
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
#
-# This program is distributed under the terms of version 2 of the
-# GNU General Public License. See LICENSE for further details.
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
source $(dirname $0)/so-common
diff --git a/salt/zk/etc/zoo.cfg b/salt/zk/etc/zoo.cfg
new file mode 100644
index 000000000..8cf00da2f
--- /dev/null
+++ b/salt/zk/etc/zoo.cfg
@@ -0,0 +1,35 @@
+# The number of milliseconds of each tick
+tickTime=2000
+# The number of ticks that the initial
+# synchronization phase can take
+initLimit=10
+# The number of ticks that can pass between
+# sending a request and getting an acknowledgement
+syncLimit=5
+# the directory where the snapshot is stored.
+# do not use /tmp for storage, /tmp here is just
+# example sakes.
+dataDir=/nsm/zk
+# the port at which the clients will connect
+clientPort=2181
+# the maximum number of client connections.
+# increase this if you need to handle more clients
+#maxClientCnxns=60
+#
+# Be sure to read the maintenance section of the
+# administrator guide before turning on autopurge.
+#
+# http://zookeeper.apache.org/doc/current/zookeeperAdmin.html#sc_maintenance
+#
+# The number of snapshots to retain in dataDir
+#autopurge.snapRetainCount=3
+# Purge task interval in hours
+# Set to "0" to disable auto purge feature
+#autopurge.purgeInterval=1
+
+## Metrics Providers
+#
+# https://prometheus.io Metrics Exporter
+#metricsProvider.className=org.apache.zookeeper.metrics.prometheus.PrometheusMetricsProvider
+#metricsProvider.httpPort=7000
+#metricsProvider.exportJvmInfo=true
diff --git a/salt/zk/init.sls b/salt/zk/init.sls
new file mode 100644
index 000000000..e69de29bb
diff --git a/setup/so-functions b/setup/so-functions
index 379cb6e30..34840a41e 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1786,6 +1786,8 @@ reserve_group_ids() {
groupadd -g 941 stenographer
groupadd -g 945 ossec
groupadd -g 946 cyberchef
+ groupadd -g 947 zookeeper
+ groupadd -g 948 kafka
}
reinstall_init() {