CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-13 19:51:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9516 from Security-Onion-Solutions/mkr24

Browse Source 
Add PW auth for Redis
This commit is contained in:
Mike Reeves
2023-01-04 14:50:27 -05:00
committed by GitHub
parent 723362e685 275aead5b9
commit 2e53476a06
8 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/common/tools/sbin/so-redis-count
View File

@@ -4,9 +4,7 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{%- set REDIS_PASS = salt['pillar.get']('redis:config:requirepass', '0') %}
. /usr/sbin/so-common
docker exec so-redis redis-cli llen logstash:unparsed
docker exec so-redis /bin/sh -c "export REDISCLI_AUTH={{ REDIS_PASS }} && redis-cli llen logstash:unparsed"

12
salt/logstash/pipelines/config/so/0900_input_redis.conf.jinja
View File

@@ -1,9 +1,10 @@
{% set THREADS = salt['pillar.get']('logstash_settings:ls_input_threads', '') -%}
{% set BATCH = salt['pillar.get']('logstash_settings:ls_pipeline_batch_size', 125) -%}
{% from 'logstash/map.jinja' import REDIS_NODES with context -%}
{%- set THREADS = salt['pillar.get']('logstash_settings:ls_input_threads', '') %}
{%- set BATCH = salt['pillar.get']('logstash_settings:ls_pipeline_batch_size', 125) %}
{%- from 'logstash/map.jinja' import REDIS_NODES with context %}
{%- set REDIS_PASS = salt['pillar.get']('redis:config:requirepass') %}
{% for index in range(REDIS_NODES|length) -%}
{% for host in REDIS_NODES[index] -%}
{%- for index in range(REDIS_NODES|length) %}
{%- for host in REDIS_NODES[index] %}
input {
redis {
host => '{{ host }}'
@@ -14,6 +15,7 @@ input {
type => 'redis-input'
threads => {{ THREADS }}
batch_count => {{ BATCH }}
password => {{ REDIS_PASS }}
}
}
{% endfor %}

3
salt/logstash/pipelines/config/so/9999_output_redis.conf.jinja
View File

@@ -4,6 +4,8 @@
{%- set HOST = GLOBALS.manager %}
{%- endif %}
{%- set BATCH = salt['pillar.get']('logstash_settings:ls_pipeline_batch_size', 125) %}
{%- set REDIS_PASS = salt['pillar.get']('redis:config:requirepass') %}
output {
redis {
host => '{{ HOST }}'
@@ -14,5 +16,6 @@ output {
congestion_threshold => 50000000
batch => true
batch_events => {{ BATCH }}
password => {{ REDIS_PASS }}
}
}

2
salt/redis/defaults.yaml
View File

@@ -1,7 +1,7 @@
redis:
config:
bind: '0.0.0.0'
protected-mode: 'no'
protected-mode: 'yes'
tls-cert-file: '/certs/redis.crt'
tls-key-file: '/certs/redis.key'
tls-ca-cert-file: '/certs/ca.crt'

4
salt/redis/soc_redis.yaml
View File

@@ -10,6 +10,10 @@ redis:
global: True
advanced: True
helpLink: redis.html
requirepass:
description: Password for accessing Redis.
global: True
sensitive: True
tls-cert-file:
description: TLS cert file location.
global: True

5
salt/telegraf/scripts/redis.sh
View File

@@ -4,9 +4,8 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{%- set REDIS_PASS = salt['pillar.get']('redis:config:requirepass', '0') %}
export REDISCLI_AUTH={{ REDIS_PASS }}
# if this script isn't already running
if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then