Merge pull request #9187 from Security-Onion-Solutions/dougburks-patch-1

Remove descriptions from so-zeek-logs and so-whiptail

salt/common/tools/sbin/so-zeek-logs

@@ -10,104 +10,104 @@ zeek_logs_enabled() {
 }
 
 whiptail_manager_adv_service_zeeklogs() {
-  BLOGS=$(whiptail --title "so-zeek-logs" --checklist "Please Select Logs to Send:" 24 78 12 \
-  "conn" "Connection Logs" ON \
-  "dce_rpc" "RPC Logs" ON \
-  "dhcp" "DHCP Logs" ON \
-  "dnp3" "DNP3 Logs" ON \
-  "dns" "DNS Logs" ON \
-  "dpd" "DPD Logs" ON \
-  "files" "Files Logs" ON \
-  "ftp" "FTP Logs" ON \
-  "http" "HTTP Logs" ON \
-  "intel" "Intel Hits Logs" ON \
-  "irc" "IRC Chat Logs" ON \
-  "kerberos" "Kerberos Logs" ON \
-  "modbus" "MODBUS Logs" ON \
-  "notice" "Zeek Notice Logs" ON \
-  "ntlm" "NTLM Logs" ON \
-  "pe" "PE Logs" ON \
-  "radius" "Radius Logs" ON \
-  "rfb" "RFB Logs" ON \
-  "rdp" "RDP Logs" ON \
-  "sip" "SIP Logs" ON \
-  "smb_files" "SMB Files Logs" ON \
-  "smb_mapping" "SMB Mapping Logs" ON \
-  "smtp" "SMTP Logs" ON \
-  "snmp" "SNMP Logs" ON \
-  "ssh" "SSH Logs" ON \
-  "ssl" "SSL Logs" ON \
-  "syslog" "Syslog Logs" ON \
-  "tunnel" "Tunnel Logs" ON \
-  "weird" "Zeek Weird Logs" ON \
-  "mysql" "MySQL Logs" ON \
-  "socks" "SOCKS Logs" ON \
-  "x509" "x.509 Logs" ON \
-  "modbus_detailed" "MODBUS Details" ON \
-  "modbus_mask_write_register" "MODBUS Ext" ON \
-  "modbus_read_write_multiple_registers" "MODBUS Ext" ON \
-  "dnp3_objects" "DNP3 Objects" ON \
-  "bacnet" "BACnet" ON \
-  "bacnet_discovery" "BACnet" ON \
-  "bacnet_property" "BACnet" ON \
-  "bsap_ip_header" "BSAP IP" ON \
-  "bsap_ip_rdb" "BSAP IP" ON \
-  "bsap_ip_unknown" "BSAP IP" ON \
-  "bsap_serial_header" "BSAP Serial" ON \
-  "bsap_serial_rdb" "BSAP Serial" ON \
-  "bsap_serial_rdb_ext" "BSAP Serial" ON \
-  "bsap_serial_unknown" "BSAP Serial" ON \
-  "ecat_registers" "Ethercat" ON \
-  "ecat_log_address" "Ethercat" ON \
-  "ecat_dev_info" "Ethercat" ON \
-  "ecat_aoe_info" "Ethercat" ON \
-  "ecat_coe_info" "Ethercat" ON \
-  "ecat_foe_info" "Ethercat" ON \
-  "ecat_soe_info" "Ethercat" ON \
-  "ecat_arp_info" "Ethercat" ON \
-  "enip" "ENIP" ON \
-  "cip" "CIP" ON \
-  "cip_io" "CIP I/O" ON \
-  "cip_identity" "CIP Identity" ON \
-  "opcua_binary.log" "OPC UA" ON \
-  "opcua_binary_status_code_detail" "OPC UA" ON \
-  "opcua_binary_diag_info_detail" "OPC UA" ON \
-  "opcua_binary_get_endpoints" "OPC UA" ON \
-  "opcua_binary_get_endpoints_discovery" "OPC UA" ON \
-  "opcua_binary_get_endpoints_user_token" "OPC UA" ON \
-  "opcua_binary_get_endpoints_description" "OPC UA" ON \
-  "opcua_binary_get_endpoints_locale_id" "OPC UA" ON \
-  "opcua_binary_get_endpoints_profile_uri" "OPC UA" ON \
-  "opcua_binary_create_session" "OPC UA" ON \
-  "opcua_binary_create_session_user_token" "OPC UA" ON \
-  "opcua_binary_create_session_endpoints" "OPC UA" ON \
-  "opcua_binary_create_session_discovery" "OPC UA" ON \
-  "opcua_binary_activate_session" "OPC UA" ON \
-  "opcua_binary_activate_session_client_software_cert" "OPC UA" ON \
-  "opcua_binary_activate_session_locale_id" "OPC UA" ON \
-  "opcua_binary_activate_session_diagnostic_info" "OPC UA" ON \
-  "opcua_binary_browse" "OPC UA" ON \
-  "opcua_binary_browse_description" "OPC UA" ON \
-  "opcua_binary_browse_request_continuation_point" "OPC UA" ON \
-  "opcua_binary_browse_result" "OPC UA" ON \
-  "opcua_binary_browse_response_references" "OPC UA" ON \
-  "opcua_binary_browse_diagnostic_info" "OPC UA" ON \
-  "opcua_binary_create_subscription" "OPC UA" ON \
-  "opcua_binary_read" "OPC UA" ON \
-  "cotp" "COTP" ON \
-  "s7comm" "S7COMM" ON \
-  "s7comm_read_szl" "S7COMM" ON \
-  "s7comm_upload_download" "S7COMM" ON \
-  "s7comm_plus" "S7COMM" ON \
-  "tds" "TDS" ON \
-  "tds_rpc" "TDS RPC" ON \
-  "tds_sql_batch" "TDS SQL" ON \
-  "profinet" "Profinet" ON \
-  "profinet_dce_rpc" "Profinet" ON \
-  "profinet_debug" "Profinet" ON \
-  "stun" "STUN" ON \
-  "stun_nat" "STUN NAT" ON \
-  "wireguard" "Wireguard" ON 3>&1 1>&2 2>&3 )
+  BLOGS=$(whiptail --title "so-zeek-logs" --checklist "Please select logs to send:" 24 78 12 \
+  "conn" "" ON \
+  "dce_rpc" "" ON \
+  "dhcp" "" ON \
+  "dnp3" "" ON \
+  "dns" "" ON \
+  "dpd" "" ON \
+  "files" "" ON \
+  "ftp" "" ON \
+  "http" "" ON \
+  "intel" "" ON \
+  "irc" "" ON \
+  "kerberos" "" ON \
+  "modbus" "" ON \
+  "notice" "" ON \
+  "ntlm" "" ON \
+  "pe" "" ON \
+  "radius" "" ON \
+  "rfb" "" ON \
+  "rdp" "" ON \
+  "sip" "" ON \
+  "smb_files" "" ON \
+  "smb_mapping" "" ON \
+  "smtp" "" ON \
+  "snmp" "" ON \
+  "ssh" "" ON \
+  "ssl" "" ON \
+  "syslog" "" ON \
+  "tunnel" "" ON \
+  "weird" "" ON \
+  "mysql" "" ON \
+  "socks" "" ON \
+  "x509" "" ON \
+  "modbus_detailed" "" ON \
+  "modbus_mask_write_register" "" ON \
+  "modbus_read_write_multiple_registers" "" ON \
+  "dnp3_objects" "" ON \
+  "bacnet" "" ON \
+  "bacnet_discovery" "" ON \
+  "bacnet_property" "" ON \
+  "bsap_ip_header" "" ON \
+  "bsap_ip_rdb" "" ON \
+  "bsap_ip_unknown" "" ON \
+  "bsap_serial_header" "" ON \
+  "bsap_serial_rdb" "" ON \
+  "bsap_serial_rdb_ext" "" ON \
+  "bsap_serial_unknown" "" ON \
+  "ecat_registers" "" ON \
+  "ecat_log_address" "" ON \
+  "ecat_dev_info" "" ON \
+  "ecat_aoe_info" "" ON \
+  "ecat_coe_info" "" ON \
+  "ecat_foe_info" "" ON \
+  "ecat_soe_info" "" ON \
+  "ecat_arp_info" "" ON \
+  "enip" "" ON \
+  "cip" "" ON \
+  "cip_io" "" ON \
+  "cip_identity" "" ON \
+  "opcua_binary" "" ON \
+  "opcua_binary_status_code_detail" "" ON \
+  "opcua_binary_diag_info_detail" "" ON \
+  "opcua_binary_get_endpoints" "" ON \
+  "opcua_binary_get_endpoints_discovery" "" ON \
+  "opcua_binary_get_endpoints_user_token" "" ON \
+  "opcua_binary_get_endpoints_description" "" ON \
+  "opcua_binary_get_endpoints_locale_id" "" ON \
+  "opcua_binary_get_endpoints_profile_uri" "" ON \
+  "opcua_binary_create_session" "" ON \
+  "opcua_binary_create_session_user_token" "" ON \
+  "opcua_binary_create_session_endpoints" "" ON \
+  "opcua_binary_create_session_discovery" "" ON \
+  "opcua_binary_activate_session" "" ON \
+  "opcua_binary_activate_session_client_software_cert" "" ON \
+  "opcua_binary_activate_session_locale_id" "" ON \
+  "opcua_binary_activate_session_diagnostic_info" "" ON \
+  "opcua_binary_browse" "" ON \
+  "opcua_binary_browse_description" "" ON \
+  "opcua_binary_browse_request_continuation_point" "" ON \
+  "opcua_binary_browse_result" "" ON \
+  "opcua_binary_browse_response_references" "" ON \
+  "opcua_binary_browse_diagnostic_info" "" ON \
+  "opcua_binary_create_subscription" "" ON \
+  "opcua_binary_read" "" ON \
+  "cotp" "" ON \
+  "s7comm" "" ON \
+  "s7comm_read_szl" "" ON \
+  "s7comm_upload_download" "" ON \
+  "s7comm_plus" "" ON \
+  "tds" "" ON \
+  "tds_rpc" "" ON \
+  "tds_sql_batch" "" ON \
+  "profinet" "" ON \
+  "profinet_dce_rpc" "" ON \
+  "profinet_debug" "" ON \
+  "stun" "" ON \
+  "stun_nat" "" ON \
+  "wireguard" "" ON 3>&1 1>&2 2>&3 )
   
   local exitstatus=$?
 

setup/so-whiptail

@@ -1281,103 +1281,103 @@ whiptail_manager_adv_service_zeeklogs() {
 	[ -n "$TESTING" ] && return
 
 	BLOGS=$(whiptail --title "$whiptail_title" --checklist "Please select logs to send:" 24 75 12 \
-	"conn" "Connection Logs" ON \
-	"dce_rpc" "RPC Logs" ON \
-	"dhcp" "DHCP Logs" ON \
-	"dnp3" "DNP3 Logs" ON \
-	"dns" "DNS Logs" ON \
-	"dpd" "DPD Logs" ON \
-	"files" "Files Logs" ON \
-	"ftp" "FTP Logs" ON \
-	"http" "HTTP Logs" ON \
-	"intel" "Intel Hits Logs" ON \
-	"irc" "IRC Chat Logs" ON \
-	"kerberos" "Kerberos Logs" ON \
-	"modbus" "MODBUS Logs" ON \
-	"notice" "Zeek Notice Logs" ON \
-	"ntlm" "NTLM Logs" ON \
-	"pe" "PE Logs" ON \
-	"radius" "Radius Logs" ON \
-	"rfb" "RFB Logs" ON \
-	"rdp" "RDP Logs" ON \
-	"sip" "SIP Logs" ON \
-	"smb_files" "SMB Files Logs" ON \
-	"smb_mapping" "SMB Mapping Logs" ON \
-	"smtp" "SMTP Logs" ON \
-	"snmp" "SNMP Logs" ON \
-	"ssh" "SSH Logs" ON \
-	"ssl" "SSL Logs" ON \
-	"syslog" "Syslog Logs" ON \
-	"tunnel" "Tunnel Logs" ON \
-	"weird" "Zeek Weird Logs" ON \
-	"mysql" "MySQL Logs" ON \
-	"socks" "SOCKS Logs" ON \
-	"x509" "x.509 Logs" ON \
-	"modbus_detailed" "MODBUS Details" ON \
-        "modbus_mask_write_register" "MODBUS Ext" ON \
-        "modbus_read_write_multiple_registers" "MODBUS Ext" ON \
-        "dnp3_objects" "DNP3 Objects" ON \
-        "bacnet" "BACnet" ON \
-        "bacnet_discovery" "BACnet" ON \
-        "bacnet_property" "BACnet" ON \
-        "bsap_ip_header" "BSAP IP" ON \
-        "bsap_ip_rdb" "BSAP IP" ON \
-        "bsap_ip_unknown" "BSAP IP" ON \
-        "bsap_serial_header" "BSAP Serial" ON \
-        "bsap_serial_rdb" "BSAP Serial" ON \
-        "bsap_serial_rdb_ext" "BSAP Serial" ON \
-        "bsap_serial_unknown" "BSAP Serial" ON \
-	"ecat_registers" "Ethercat" ON \
-        "ecat_log_address" "Ethercat" ON \
-        "ecat_dev_info" "Ethercat" ON \
-        "ecat_aoe_info" "Ethercat" ON \
-        "ecat_coe_info" "Ethercat" ON \
-        "ecat_foe_info" "Ethercat" ON \
-        "ecat_soe_info" "Ethercat" ON \
-        "ecat_arp_info" "Ethercat" ON \
-        "enip" "ENIP Header" ON \
-        "cip" "CIP Header" ON \
-        "cip_io" "CIP I/O" ON \
-        "cip_identity" "CIP Identity" ON \
-        "opcua_binary" "OPC UA" ON \
-        "opcua_binary_status_code_detail" "OPC UA" ON \
-        "opcua_binary_diag_info_detail" "OPC UA" ON \
-        "opcua_binary_get_endpoints" "OPC UA" ON \
-        "opcua_binary_get_endpoints_discovery" "OPC UA" ON \
-        "opcua_binary_get_endpoints_user_token" "OPC UA" ON \
-        "opcua_binary_get_endpoints_description" "OPC UA" ON \
-        "opcua_binary_get_endpoints_locale_id" "OPC UA" ON \
-        "opcua_binary_get_endpoints_profile_uri" "OPC UA" ON \
-        "opcua_binary_create_session" "OPC UA" ON \
-        "opcua_binary_create_session_user_token" "OPC UA" ON \
-        "opcua_binary_create_session_endpoints" "OPC UA" ON \
-        "opcua_binary_create_session_discovery" "OPC UA" ON \
-        "opcua_binary_activate_session" "OPC UA" ON \
-        "opcua_binary_activate_session_client_software_cert" "OPC UA" ON \
-        "opcua_binary_activate_session_locale_id" "OPC UA" ON \
-        "opcua_binary_activate_session_diagnostic_info" "OPC UA" ON \
-        "opcua_binary_browse" "OPC UA" ON \
-        "opcua_binary_browse_description" "OPC UA" ON \
-        "opcua_binary_browse_request_continuation_point" "OPC UA" ON \
-        "opcua_binary_browse_result" "OPC UA" ON \
-        "opcua_binary_browse_response_references" "OPC UA" ON \
-        "opcua_binary_browse_diagnostic_info" "OPC UA" ON \
-        "opcua_binary_create_subscription" "OPC UA" ON \
-        "opcua_binary_read" "OPC UA Read" ON \
- 	"cotp" "COTP" ON \
-	"s7comm" "S7COMM" ON \
-	"s7comm_read_szl" "S7COMM" ON \
-	"s7comm_upload_download" "S7COMM" ON \
-	"s7comm_plus" "S7COMM" ON \
-	"tds" "TDS" ON \
-	"tds_rpc" "TDS RPC" ON \
-	"tds_sql_batch" "TDS SQL" ON \
-	"profinet" "Profinet" ON \
-	"profinet_dce_rpc" "Profinet" ON \
-	"profinet_debug" "Profinet" ON \
-	"stun" "STUN" ON \
-	"stun_nat" "STUN NAT" ON \
-	"wireguard" "Wireguard" ON 3>&1 1>&2 2>&3)
+	"conn" "" ON \
+	"dce_rpc" "" ON \
+	"dhcp" "" ON \
+	"dnp3" "" ON \
+	"dns" "" ON \
+	"dpd" "" ON \
+	"files" "" ON \
+	"ftp" "" ON \
+	"http" "" ON \
+	"intel" "" ON \
+	"irc" "" ON \
+	"kerberos" "" ON \
+	"modbus" "" ON \
+	"notice" "" ON \
+	"ntlm" "" ON \
+	"pe" "" ON \
+	"radius" "" ON \
+	"rfb" "" ON \
+	"rdp" "" ON \
+	"sip" "" ON \
+	"smb_files" "" ON \
+	"smb_mapping" "" ON \
+	"smtp" "" ON \
+	"snmp" "" ON \
+	"ssh" "" ON \
+	"ssl" "" ON \
+	"syslog" "" ON \
+	"tunnel" "" ON \
+	"weird" "" ON \
+	"mysql" "" ON \
+	"socks" "" ON \
+	"x509" "" ON \
+	"modbus_detailed" "" ON \
+        "modbus_mask_write_register" "" ON \
+        "modbus_read_write_multiple_registers" "" ON \
+        "dnp3_objects" "" ON \
+        "bacnet" "" ON \
+        "bacnet_discovery" "" ON \
+        "bacnet_property" "" ON \
+        "bsap_ip_header" "" ON \
+        "bsap_ip_rdb" "" ON \
+        "bsap_ip_unknown" "" ON \
+        "bsap_serial_header" "" ON \
+        "bsap_serial_rdb" "" ON \
+        "bsap_serial_rdb_ext" "" ON \
+        "bsap_serial_unknown" "" ON \
+	"ecat_registers" "" ON \
+        "ecat_log_address" "" ON \
+        "ecat_dev_info" "" ON \
+        "ecat_aoe_info" "" ON \
+        "ecat_coe_info" "" ON \
+        "ecat_foe_info" "" ON \
+        "ecat_soe_info" "" ON \
+        "ecat_arp_info" "" ON \
+        "enip" "" ON \
+        "cip" "" ON \
+        "cip_io" "" ON \
+        "cip_identity" "" ON \
+        "opcua_binary" "" ON \
+        "opcua_binary_status_code_detail" "" ON \
+        "opcua_binary_diag_info_detail" "" ON \
+        "opcua_binary_get_endpoints" "" ON \
+        "opcua_binary_get_endpoints_discovery" "" ON \
+        "opcua_binary_get_endpoints_user_token" "" ON \
+        "opcua_binary_get_endpoints_description" "" ON \
+        "opcua_binary_get_endpoints_locale_id" "" ON \
+        "opcua_binary_get_endpoints_profile_uri" "" ON \
+        "opcua_binary_create_session" "" ON \
+        "opcua_binary_create_session_user_token" "" ON \
+        "opcua_binary_create_session_endpoints" "" ON \
+        "opcua_binary_create_session_discovery" "" ON \
+        "opcua_binary_activate_session" "" ON \
+        "opcua_binary_activate_session_client_software_cert" "" ON \
+        "opcua_binary_activate_session_locale_id" "" ON \
+        "opcua_binary_activate_session_diagnostic_info" "" ON \
+        "opcua_binary_browse" "" ON \
+        "opcua_binary_browse_description" "" ON \
+        "opcua_binary_browse_request_continuation_point" "" ON \
+        "opcua_binary_browse_result" "" ON \
+        "opcua_binary_browse_response_references" "" ON \
+        "opcua_binary_browse_diagnostic_info" "" ON \
+        "opcua_binary_create_subscription" "" ON \
+        "opcua_binary_read" "" ON \
+ 	"cotp" "" ON \
+	"s7comm" "" ON \
+	"s7comm_read_szl" "" ON \
+	"s7comm_upload_download" "" ON \
+	"s7comm_plus" "" ON \
+	"tds" "" ON \
+	"tds_rpc" "" ON \
+	"tds_sql_batch" "" ON \
+	"profinet" "" ON \
+	"profinet_dce_rpc" "" ON \
+	"profinet_debug" "" ON \
+	"stun" "" ON \
+	"stun_nat" "" ON \
+	"wireguard" "" ON 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus