Merge pull request #9435 from Security-Onion-Solutions/2.4/fix-import

Fix Import Mode in 2.4
2025-12-06 09:12:45 +01:00 · 2022-12-20 06:13:37 -05:00
parent b901efc90d cd55be2f83
commit 316d2cd9a5
5 changed files with 51 additions and 19 deletions
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -146,9 +146,12 @@ base:
    {% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/kibana/secrets.sls') %}
    - kibana.secrets
    {% endif %}
+    - kratos.soc_kratos
+    - elasticsearch.soc_elasticsearch
+    - manager.soc_manager
+    - soc.soc_soc
    - soc_global
    - adv_global
-    - manager.soc_manager
    - backup.soc_backup
    - backup.adv_backup
    - minions.{{ grains.id }}
--- a/salt/common/tools/sbin/so-minion
+++ b/salt/common/tools/sbin/so-minion
@@ -165,7 +165,21 @@ function add_sensor_to_minion() {
 	echo "    enabled: True" >> $PILLARFILE
 }

-function createSTANDALONE() {
+function createEVAL() {
+	add_elastic_to_minion
+	add_sensor_to_minion
+}
+
+function createIDHNODE() {
+	echo "Nothing custom needed for IDH nodes"
+}
+
+function createIMPORT() {
+	add_elastic_to_minion
+	add_sensor_to_minion
+}
+
+function createHEAVYNODE() {
 	add_elastic_to_minion
 	add_sensor_to_minion
 }
@@ -178,16 +192,6 @@ function createMASTERSEARCH() {
 	add_elastic_to_minion
 }

-function createHEAVYNODE() {
-	add_elastic_to_minion
-	add_sensor_to_minion
-}
-
-function createEVAL() {
-	add_elastic_to_minion
-	add_sensor_to_minion
-}
-
 function createSENSOR() {
 	add_sensor_to_minion
 }
@@ -196,8 +200,9 @@ function createSEARCHNODE() {
 	add_elastic_to_minion
 }

-function createIDHNODE() {
-	echo "Nothing custom needed for IDH nodes"
+function createSTANDALONE() {
+	add_elastic_to_minion
+	add_sensor_to_minion
 }

 function testConnection() {
--- a/salt/vars/import.map.jinja
+++ b/salt/vars/import.map.jinja
@@ -0,0 +1,13 @@
+{% from 'vars/elasticsearch.map.jinja' import ELASTICSEARCH_GLOBALS %}
+
+{% set ROLE_GLOBALS = {} %}
+
+{% set IMPORT_GLOBALS =
+   [
+     ELASTICSEARCH_GLOBALS
+   ]
+%}
+
+{% for sg in IMPORT_GLOBALS %}
+{%   do salt['defaults.merge'](ROLE_GLOBALS, sg, merge_lists=False, in_place=True) %}
+{% endfor %}
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -429,11 +429,22 @@ if ! [[ -f $install_opt_file ]]; then
 		whiptail_end_settings

 	elif [[ $is_import ]]; then
+		waitforstate=true
+		monints=true
+		check_elastic_license
 		check_requirements "import"
 		networking_needful
-		collect_mngr_hostname
-		add_mngr_ip_to_hosts
-		check_manager_connection
+		whiptail_airgap
+		detect_cloud
+		set_minion_info
+		set_default_log_size >> $setup_log 2>&1
+		info "Verifying all network devices are managed by Network Manager that should be"
+		check_network_manager_conf
+		set_network_dev_status_list
+		calculate_useable_cores
+		collect_webuser_inputs
+		get_redirect
+		collect_so_allow
 		whiptail_end_settings

 	elif [[ $is_receiver ]]; then
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -461,10 +461,10 @@ whiptail_install_type() {
 	# What kind of install are we doing?
 	install_type=$(whiptail --title "$whiptail_title" --radiolist \
 	"What kind of installation would you like to do?\n\nFor more information, please see:\n$DOC_BASE_URL/architecture.html" 18 65 5 \
-		"EVAL" "Evaluation mode (not for production) " ON \
+		"IMPORT" "Import PCAP or log files " ON \
+		"EVAL" "Evaluation mode (not for production) " OFF \
 		"STANDALONE" "Standalone production install " OFF \
 		"DISTRIBUTED" "Distributed install submenu " OFF \
-		"IMPORT" "Standalone to import PCAP or log files " OFF \
 		"OTHER" "Other install types" OFF \
 		3>&1 1>&2 2>&3
 	)