Merge master into dev to pull in 2.0.1-rc.1 patch

2025-12-06 09:12:45 +01:00 · 2020-07-23 09:56:42 -04:00
parent f3c24f1f01 42390eb8a2
commit 1e993da31d
8 changed files with 44 additions and 16 deletions
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -1,5 +1,10 @@
 {% set role = grains.id.split('_') | last %}

+# Remove variables.txt from /tmp - This is temp
+rmvariablesfile:
+  file.absent:
+    - name: /tmp/variables.txt
+
 # Add socore Group
 socoregroup:
  group.present:
--- a/salt/common/tools/sbin/so-docker-refresh
+++ b/salt/common/tools/sbin/so-docker-refresh
@@ -64,7 +64,7 @@ if [ $MANAGERCHECK != 'so-helix' ]; then
    "so-thehive-cortex:$VERSION" \
    "so-curator:$VERSION" \
    "so-domainstats:$VERSION" \
-    "so-elastalert$VERSION" \
+    "so-elastalert:$VERSION" \
    "so-elasticsearch:$VERSION" \
    "so-filebeat:$VERSION" \
    "so-fleet:$VERSION" \
@@ -84,7 +84,10 @@ if [ $MANAGERCHECK != 'so-helix' ]; then
    "so-soc:$VERSION" \
    "so-soctopus:$VERSION" \
    "so-steno:$VERSION" \
-    "so-strelka:$VERSION" \
+    "so-strelka-frontend:$VERSION" \
+		"so-strelka-manager:$VERSION" \
+		"so-strelka-backend:$VERSION" \
+		"so-strelka-filestream:$VERSION" \
    "so-suricata:$VERSION" \
    "so-telegraf:$VERSION" \
    "so-thehive:$VERSION" \
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -43,8 +43,11 @@ clone_to_tmp() {
  # Make a temp location for the files
  mkdir -p /tmp/sogh
  cd /tmp/sogh
-  #git clone -b dev https://github.com/Security-Onion-Solutions/securityonion.git
-  git clone https://github.com/Security-Onion-Solutions/securityonion.git
+  SOUP_BRANCH=""
+  if [ -n "$BRANCH" ]; then
+    SOUP_BRANCH="-b $BRANCH"
+  fi
+  git clone $SOUP_BRANCH https://github.com/Security-Onion-Solutions/securityonion.git
  cd /tmp
  if [ ! -f $UPDATE_DIR/VERSION ]; then
    echo "Update was unable to pull from github. Please check your internet."
@@ -102,7 +105,10 @@ update_dockers() {
      "so-soc" \
      "so-soctopus" \
      "so-steno" \
-      "so-strelka" \
+      "so-strelka-frontend" \
+      "so-strelka-manager" \
+      "so-strelka-backend" \
+      "so-strelka-filestream" \
      "so-suricata" \
      "so-telegraf" \
      "so-thehive" \
@@ -139,7 +145,7 @@ update_version() {
  # Update the version to the latest
  echo "Updating the version file."
  echo $NEWVERSION > /etc/soversion
-  sed -i 's/$INSTALLEDVERSION/$NEWVERISON/g' /opt/so/saltstack/local/pillar/static.sls
+  sed -i "s/$INSTALLEDVERSION/$NEWVERSION/g" /opt/so/saltstack/local/pillar/static.sls
 }

 upgrade_check() {
@@ -192,10 +198,10 @@ echo ""
 echo "Copying new code"
 copy_new_files
 echo ""
-echo "Running a highstate to complete upgrade"
-highstate
-echo ""
 echo "Updating version"
 update_version
 echo ""
+echo "Running a highstate to complete upgrade"
+highstate
+echo ""
 echo "Upgrade from $INSTALLEDVERSION to $NEWVERSION complete."
--- a/salt/pcap/files/sensoroni.json
+++ b/salt/pcap/files/sensoroni.json
@@ -1,6 +1,6 @@
 {%- set MANAGER = salt['grains.get']('master') -%}
 {%- set SENSORONIKEY = salt['pillar.get']('static:sensoronikey', '') -%}
-{%- set CHECKININTERVALMS = salt['pillar.get']('pcap:sensor_checkin_interval_ms') -%}
+{%- set CHECKININTERVALMS = salt['pillar.get']('pcap:sensor_checkin_interval_ms', 10000) -%}
 {
  "logFilename": "/opt/sensoroni/logs/sensoroni.log",
  "logLevel":"debug",
--- a/salt/thehive/scripts/cortex_init
+++ b/salt/thehive/scripts/cortex_init
@@ -9,6 +9,12 @@

 default_salt_dir=/opt/so/saltstack/default

+cortex_clean(){
+    sed -i '/^  cortexuser:/d' /opt/so/saltstack/local/pillar/static.sls
+    sed -i '/^  cortexpassword:/d' /opt/so/saltstack/local/pillar/static.sls
+    sed -i '/^  cortexorguser:/d' /opt/so/saltstack/local/pillar/static.sls
+}
+
 cortex_init(){
    sleep 60
    CORTEX_IP="{{MANAGERIP}}"
@@ -51,6 +57,7 @@ cortex_init(){
 }

 if [ -f /opt/so/state/cortex.txt ]; then
+    cortex_clean
    exit 0
 else
    rm -f garbage_file
@@ -63,4 +70,5 @@ else
    rm -f garbage_file
    sleep 5
    cortex_init
+    cortex_clean
 fi
--- a/salt/thehive/scripts/hive_init
+++ b/salt/thehive/scripts/hive_init
@@ -4,6 +4,11 @@
 # {%- set THEHIVEPASSWORD = salt['pillar.get']('static:hivepassword', 'hivechangeme') %}
 # {%- set THEHIVEKEY = salt['pillar.get']('static:hivekey', '') %}

+thehive_clean(){
+    sed -i '/^  hiveuser:/d' /opt/so/saltstack/local/pillar/static.sls
+    sed -i '/^  hivepassword:/d' /opt/so/saltstack/local/pillar/static.sls 
+}
+
 thehive_init(){
    sleep 120
    THEHIVE_IP="{{MANAGERIP}}"
@@ -49,6 +54,7 @@ thehive_init(){
 }

 if [ -f /opt/so/state/thehive.txt ]; then
+    thehive_clean
    exit 0
 else
    rm -f garbage_file
@@ -61,4 +67,5 @@ else
    rm -f garbage_file
    sleep 5
    thehive_init
+    thehive_clean
 fi
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -990,9 +990,6 @@ manager_pillar() {
 		"  lsheap: $LS_HEAP_SIZE"\
 		"  ls_pipeline_workers: $num_cpu_cores"\
 		""\
-		"pcap:">> "$pillar_file"\
-		"  sensor_checkin_interval_ms: $SENSOR_CHECKIN_INTERVAL_MS"\
-		""\
 		"idstools:"\
 		"  config:"\
 		"    ruleset: $RULESETUP"\
@@ -1028,10 +1025,10 @@ manager_static() {
 		"  ids: $NIDS"\
 		"  managerip: $MAINIP"\
 		"  hiveuser: $WEBUSER"\
-		"  hivepassword: $WEBPASSWD1"\
+		"  hivepassword: '$WEBPASSWD1'"\
 		"  hivekey: $HIVEKEY"\
 		"  cortexuser: $WEBUSER"\
-		"  cortexpassword: $WEBPASSWD1"\
+		"  cortexpassword: '$WEBPASSWD1'"\
 		"  cortexkey: $CORTEXKEY"\
 		"  cortexorgname: SecurityOnion"\
 		"  cortexorguser: $WEBUSER"\
@@ -1047,6 +1044,8 @@ manager_static() {
 		"  wazuh: $WAZUH"\
        "  managerupdate: $MANAGERUPDATES"\
 		"  imagerepo: $IMAGEREPO"\
+		"pcap:"\
+		"  sensor_checkin_interval_ms: $SENSOR_CHECKIN_INTERVAL_MS"\
 		"strelka:"\
 		"  enabled: $STRELKA"\
 		"  rules: $STRELKARULES"\