Merge pull request #9435 from Security-Onion-Solutions/2.4/fix-import

Fix Import Mode in 2.4

pillar/top.sls

@@ -146,9 +146,12 @@ base:
     {% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/kibana/secrets.sls') %}
     - kibana.secrets
     {% endif %}
+    - kratos.soc_kratos
+    - elasticsearch.soc_elasticsearch
+    - manager.soc_manager
+    - soc.soc_soc
     - soc_global
     - adv_global
-    - manager.soc_manager
     - backup.soc_backup
     - backup.adv_backup
     - minions.{{ grains.id }}

salt/common/tools/sbin/so-minion

@@ -165,7 +165,21 @@ function add_sensor_to_minion() {
 	echo "    enabled: True" >> $PILLARFILE
 }
 
-function createSTANDALONE() {
+function createEVAL() {
+	add_elastic_to_minion
+	add_sensor_to_minion
+}
+
+function createIDHNODE() {
+	echo "Nothing custom needed for IDH nodes"
+}
+
+function createIMPORT() {
+	add_elastic_to_minion
+	add_sensor_to_minion
+}
+
+function createHEAVYNODE() {
 	add_elastic_to_minion
 	add_sensor_to_minion
 }
@@ -178,16 +192,6 @@ function createMASTERSEARCH() {
 	add_elastic_to_minion
 }
 
-function createHEAVYNODE() {
-	add_elastic_to_minion
-	add_sensor_to_minion
-}
-
-function createEVAL() {
-	add_elastic_to_minion
-	add_sensor_to_minion
-}
-
 function createSENSOR() {
 	add_sensor_to_minion
 }
@@ -196,8 +200,9 @@ function createSEARCHNODE() {
 	add_elastic_to_minion
 }
 
-function createIDHNODE() {
+function createSTANDALONE() {
-	echo "Nothing custom needed for IDH nodes"
+	add_elastic_to_minion
+	add_sensor_to_minion
 }
 
 function testConnection() {

salt/vars/import.map.jinja

@@ -0,0 +1,13 @@
+{% from 'vars/elasticsearch.map.jinja' import ELASTICSEARCH_GLOBALS %}
+
+{% set ROLE_GLOBALS = {} %}
+
+{% set IMPORT_GLOBALS =
+   [
+     ELASTICSEARCH_GLOBALS
+   ]
+%}
+
+{% for sg in IMPORT_GLOBALS %}
+{%   do salt['defaults.merge'](ROLE_GLOBALS, sg, merge_lists=False, in_place=True) %}
+{% endfor %}

setup/so-setup

@@ -429,11 +429,22 @@ if ! [[ -f $install_opt_file ]]; then
 		whiptail_end_settings
 
 	elif [[ $is_import ]]; then
+		waitforstate=true
+		monints=true
+		check_elastic_license
 		check_requirements "import"
 		networking_needful
-		collect_mngr_hostname
+		whiptail_airgap
-		add_mngr_ip_to_hosts
+		detect_cloud
-		check_manager_connection
+		set_minion_info
+		set_default_log_size >> $setup_log 2>&1
+		info "Verifying all network devices are managed by Network Manager that should be"
+		check_network_manager_conf
+		set_network_dev_status_list
+		calculate_useable_cores
+		collect_webuser_inputs
+		get_redirect
+		collect_so_allow
 		whiptail_end_settings
 
 	elif [[ $is_receiver ]]; then

setup/so-whiptail

@@ -461,10 +461,10 @@ whiptail_install_type() {
 	# What kind of install are we doing?
 	install_type=$(whiptail --title "$whiptail_title" --radiolist \
 	"What kind of installation would you like to do?\n\nFor more information, please see:\n$DOC_BASE_URL/architecture.html" 18 65 5 \
-		"EVAL" "Evaluation mode (not for production) " ON \
+		"IMPORT" "Import PCAP or log files " ON \
+		"EVAL" "Evaluation mode (not for production) " OFF \
 		"STANDALONE" "Standalone production install " OFF \
 		"DISTRIBUTED" "Distributed install submenu " OFF \
-		"IMPORT" "Standalone to import PCAP or log files " OFF \
 		"OTHER" "Other install types" OFF \
 		3>&1 1>&2 2>&3
 	)