CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10994 from Security-Onion-Solutions/2.4/autoupgrade

Browse Source 
RC2 Fixes
This commit is contained in:
Josh Brower
2023-08-09 09:47:57 -04:00
committed by GitHub
parent 176608d2f9 e586d6b967
commit 204ef7e68f
3 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/elasticfleet/enabled.sls
View File

@@ -22,6 +22,7 @@ include:
so-elastic-fleet-auto-configure-logstash-outputs: so-elastic-fleet-auto-configure-logstash-outputs:
cmd.run: cmd.run:
- name: /usr/sbin/so-elastic-fleet-outputs-update - name: /usr/sbin/so-elastic-fleet-outputs-update
- retry: True
{% endif %} {% endif %}
# If enabled, automatically update Fleet Server URLs & ES Connection # If enabled, automatically update Fleet Server URLs & ES Connection
@@ -29,6 +30,7 @@ so-elastic-fleet-auto-configure-logstash-outputs:
so-elastic-fleet-auto-configure-server-urls: so-elastic-fleet-auto-configure-server-urls:
cmd.run: cmd.run:
- name: /usr/sbin/so-elastic-fleet-urls-update - name: /usr/sbin/so-elastic-fleet-urls-update
- retry: True
{% endif %} {% endif %}
# Automatically update Fleet Server Elasticsearch URLs # Automatically update Fleet Server Elasticsearch URLs
@@ -36,6 +38,7 @@ so-elastic-fleet-auto-configure-server-urls:
so-elastic-fleet-auto-configure-elasticsearch-urls: so-elastic-fleet-auto-configure-elasticsearch-urls:
cmd.run: cmd.run:
- name: /usr/sbin/so-elastic-fleet-es-url-update - name: /usr/sbin/so-elastic-fleet-es-url-update
- retry: True
{% endif %} {% endif %}
{% if SERVICETOKEN != '' %} {% if SERVICETOKEN != '' %}

38
salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-grid-upgrade Normal file
View File

@@ -0,0 +1,38 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use
# this file except in compliance with the Elastic License 2.0.
. /usr/sbin/so-common
# Only run on Managers
if ! is_manager_node; then
printf "Not a Manager Node... Exiting"
exit 0
fi
# Get current list of Grid Node Agents that need to be upgraded
RAW_JSON=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "http://localhost:5601/api/fleet/agents?perPage=20&page=1&kuery=policy_id%20%3A%20so-grid-nodes_%2A&showInactive=false&showUpgradeable=true&getStatusSummary=true")
# Check to make sure that the server responded with good data - else, bail from script
CHECKSUM=$(jq -r '.statusSummary.online' <<< "$RAW_JSON")
if [ "$CHECKSUM" -lt 1 ]; then
printf "Failed to query for current Grid Agents...\n"
exit 1
fi
# Generate list of Node Agents that need updates
OUTDATED_LIST=$(jq -r '.items | map(.id) | (tojson)' <<< "$RAW_JSON")
if [ "$OUTDATED_LIST" != '[]' ]; then
AGENTNUMBERS=$(jq -r '.total' <<< "$RAW_JSON")
printf "Initiating upgrades for $AGENTNUMBERS Agents to Elastic $ELASTIC_AGENT_TARBALL_VERSION...\n\n"
# Generate updated JSON payload
JSON_STRING=$(jq -n --arg ELASTICVERSION $ELASTIC_AGENT_TARBALL_VERSION --arg UPDATELIST $OUTDATED_LIST '{"version": $ELASTICVERSION,"agents": $UPDATELIST }')
# Update Node Agents
curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "http://localhost:5601/api/fleet/agents/bulk_upgrade" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING"
else
printf "No Agents need updates... Exiting\n\n"
exit 0
fi

1
salt/manager/tools/sbin/soup
View File

@@ -505,6 +505,7 @@ determine_elastic_agent_upgrade() {
update_elastic_agent_airgap() { update_elastic_agent_airgap() {
rsync -av /tmp/soagupdate/fleet/* /nsm/elastic-fleet/artifacts/ rsync -av /tmp/soagupdate/fleet/* /nsm/elastic-fleet/artifacts/
tar -xf "$ELASTIC_AGENT_FILE" -C "$ELASTIC_AGENT_EXPANSION_DIR"
} }
verify_upgradespace() { verify_upgradespace() {