CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

comments

Browse Source
This commit is contained in:
Josh Patterson
2025-02-21 14:34:08 -05:00
parent b68f561e6f
commit 3246176c0a
13 changed files with 237 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
salt/common/tools/sbin/so-salt-emit-vm-deployment-status-event → salt/common/tools/sbin_jinja/so-salt-emit-vm-deployment-status-event
View File

@@ -4,6 +4,14 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) -%}
""" """
Script for emitting VM deployment status events to the Salt event bus. Script for emitting VM deployment status events to the Salt event bus.
@@ -114,3 +122,11 @@ def main():
if __name__ == '__main__': if __name__ == '__main__':
main() main()
{%- else -%}
echo "Hypervisor nodes are a feature supported only for customers with a valid license. \
Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \
for more information about purchasing a license to enable this feature."
{% endif -%}

7
salt/hypervisor/init.sls
View File

@@ -23,6 +23,13 @@ hypervisor_sbin:
- source: salt://hypervisor/tools/sbin - source: salt://hypervisor/tools/sbin
- file_mode: 744 - file_mode: 744
hypervisor_sbin_jinja:
file.recurse:
- name: /usr/sbin
- source: salt://hypervisor/tools/sbin_jinja
- template: jinja
- file_mode: 744
{% else %} {% else %}
{{sls}}_no_license_detected: {{sls}}_no_license_detected:
test.fail_without_changes: test.fail_without_changes:

23
salt/hypervisor/map.jinja
View File

@@ -1,3 +1,16 @@
{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
https://securityonion.net/license; you may not use this file except in compliance with the
Elastic License 2.0.
Note: Per the Elastic License 2.0, the second limitation states:
"You may not move, change, disable, or circumvent the license key functionality
in the software, and you may not remove or obscure any functionality in the
software that is protected by the license key." #}
{% if 'hvn' in salt['pillar.get']('features', []) %}
{# Import defaults.yaml for model hardware capabilities #} {# Import defaults.yaml for model hardware capabilities #}
{% import_yaml 'hypervisor/defaults.yaml' as DEFAULTS %} {% import_yaml 'hypervisor/defaults.yaml' as DEFAULTS %}
@@ -83,3 +96,13 @@
}) %} }) %}
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}
{% else %}
{% do salt.log.error(
'Hypervisor nodes are a feature supported only for customers with a valid license.'
'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com'
'for more information about purchasing a license to enable this feature.'
) %}
{% endif %}

16
salt/hypervisor/tools/sbin/so-kvm-modify-hardware → salt/hypervisor/tools/sbin_jinja/so-kvm-modify-hardware
View File

@@ -4,6 +4,14 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) %}
""" """
Script for managing hardware configurations of KVM virtual machines. This script provides Script for managing hardware configurations of KVM virtual machines. This script provides
@@ -347,3 +355,11 @@ def main():
if __name__ == '__main__': if __name__ == '__main__':
main() main()
{%- else -%}
echo "Hypervisor nodes are a feature supported only for customers with a valid license. \
Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \
for more information about purchasing a license to enable this feature."
{% endif -%}

16
salt/hypervisor/tools/sbin/so-qcow2-modify-network → salt/hypervisor/tools/sbin_jinja/so-qcow2-modify-network
View File

@@ -4,6 +4,14 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) -%}
""" """
Script for modifying network configurations within QCOW2 virtual machine images. This script provides Script for modifying network configurations within QCOW2 virtual machine images. This script provides
@@ -513,3 +521,11 @@ def main():
if __name__ == '__main__': if __name__ == '__main__':
main() main()
{%- else -%}
echo "Hypervisor nodes are a feature supported only for customers with a valid license. \
Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \
for more information about purchasing a license to enable this feature."
{% endif -%}

16
salt/manager/tools/sbin/so-salt-cloud → salt/manager/tools/sbin_jinja/so-salt-cloud
View File

@@ -4,6 +4,14 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) -%}
""" """
Script for automated virtual machine provisioning and configuration in Security Onion's virtualization infrastructure. Script for automated virtual machine provisioning and configuration in Security Onion's virtualization infrastructure.
@@ -601,3 +609,11 @@ def main():
if __name__ == "__main__": if __name__ == "__main__":
main() main()
{%- else -%}
echo "Hypervisor nodes are a feature supported only for customers with a valid license. \
Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \
for more information about purchasing a license to enable this feature."
{% endif -%}

25
salt/orch/dyanno_hypervisor.sls
View File

@@ -1,3 +1,16 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) %}
{% do salt.log.info('dyanno_hypervisor_orch: Running') %} {% do salt.log.info('dyanno_hypervisor_orch: Running') %}
{% set event_data = pillar.get('event_data', {}) %} {% set event_data = pillar.get('event_data', {}) %}
{% set event_tag = pillar.get('event_tag', '') %} {% set event_tag = pillar.get('event_tag', '') %}
@@ -70,7 +83,7 @@ write_vm_status:
{% endif %} {% endif %}
#} #}
{# {# We will need to populate hypervisor:hosts in this orch and pass to state to run as runner
update_hypervisor_status: update_hypervisor_status:
salt.runner: salt.runner:
- name: state.orchestrate - name: state.orchestrate
@@ -95,3 +108,13 @@ update_hypervisor_annotation:
{% endif %#} {% endif %#}
{% do salt.log.info('dyanno_hypervisor_orch: Completed') %} {% do salt.log.info('dyanno_hypervisor_orch: Completed') %}
{% else %}
{% do salt.log.error(
'Hypervisor nodes are a feature supported only for customers with a valid license.'
'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com'
'for more information about purchasing a license to enable this feature.'
) %}
{% endif %}

5
salt/reactor/vm_status.sls
View File

@@ -1,3 +1,8 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% do salt.log.debug('vm_status_reactor: Running') %} {% do salt.log.debug('vm_status_reactor: Running') %}
{% do salt.log.debug('vm_status_reactor: tag: ' ~ tag | string) %} {% do salt.log.debug('vm_status_reactor: tag: ' ~ tag | string) %}

6
salt/salt/engines/master/virtual_node_manager.py
View File

@@ -4,6 +4,12 @@
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
""" """
Salt Engine for Virtual Node Management Salt Engine for Virtual Node Management

33
salt/soc/dyanno/hypervisor/init.sls
View File

@@ -1,4 +1,17 @@
{% from 'hypervisor/map.jinja' import HYPERVISORS %} # Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) %}
{% from 'hypervisor/map.jinja' import HYPERVISORS %}
hypervisor_annotation: hypervisor_annotation:
file.managed: file.managed:
@@ -10,8 +23,8 @@ hypervisor_annotation:
- defaults: - defaults:
HYPERVISORS: {{ HYPERVISORS }} HYPERVISORS: {{ HYPERVISORS }}
{% for role in HYPERVISORS %} {% for role in HYPERVISORS %}
{% for hypervisor in HYPERVISORS[role].keys() %} {% for hypervisor in HYPERVISORS[role].keys() %}
hypervisor_host_directory_{{hypervisor}}: hypervisor_host_directory_{{hypervisor}}:
file.directory: file.directory:
- name: /opt/so/saltstack/local/salt/hypervisor/hosts/{{hypervisor}} - name: /opt/so/saltstack/local/salt/hypervisor/hosts/{{hypervisor}}
@@ -21,5 +34,17 @@ hypervisor_host_directory_{{hypervisor}}:
- recurse: - recurse:
- user - user
- group - group
{% endfor %}
{% endfor %} {% endfor %}
{% endfor %}
{% else %}
{{sls}}_no_license_detected:
test.fail_without_changes:
- name: {{sls}}_no_license_detected
- comment:
- "Hypervisor nodes are a feature supported only for customers with a valid license.
Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com
for more information about purchasing a license to enable this feature."
{% endif %}

23
salt/soc/dyanno/hypervisor/soc_hypervisor.yaml.jinja
View File

@@ -1,3 +1,16 @@
{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
https://securityonion.net/license; you may not use this file except in compliance with the
Elastic License 2.0.
Note: Per the Elastic License 2.0, the second limitation states:
"You may not move, change, disable, or circumvent the license key functionality
in the software, and you may not remove or obscure any functionality in the
software that is protected by the license key." #}
{%- if 'hvn' in salt['pillar.get']('features', []) -%}
{%- import_yaml 'soc/dyanno/hypervisor/hypervisor.yaml' as ANNOTATION -%} {%- import_yaml 'soc/dyanno/hypervisor/hypervisor.yaml' as ANNOTATION -%}
{%- from 'hypervisor/map.jinja' import HYPERVISORS -%} {%- from 'hypervisor/map.jinja' import HYPERVISORS -%}
@@ -119,3 +132,13 @@ No Virtual Machines Found
{%- endfor -%} {%- endfor -%}
{{- ANNOTATION | yaml(False) -}} {{- ANNOTATION | yaml(False) -}}
{%- else -%}
{%- do salt.log.error(
'Hypervisor nodes are a feature supported only for customers with a valid license.'
'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com'
'for more information about purchasing a license to enable this feature.'
) -%}
{%- endif -%}

26
salt/soc/dyanno/hypervisor/write_status.sls
View File

@@ -1,3 +1,16 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) %}
{% do salt.log.info('soc/dyanno/hypervisor/write_status: Running') %} {% do salt.log.info('soc/dyanno/hypervisor/write_status: Running') %}
{% set vm_name = pillar.get('vm_name') %} {% set vm_name = pillar.get('vm_name') %}
{% set hypervisor = pillar.get('hypervisor') %} {% set hypervisor = pillar.get('hypervisor') %}
@@ -64,6 +77,19 @@ write_status_file:
- require: - require:
- file: ensure_status_dir - file: ensure_status_dir
{% else %} {% else %}
{% do salt.log.debug('soc/dyanno/hypervisor/write_status: File not written. ' ~ process_steps[new_index] ~ ' cannot overwrite ' ~ process_steps[current_index] ~ '.' ) %} {% do salt.log.debug('soc/dyanno/hypervisor/write_status: File not written. ' ~ process_steps[new_index] ~ ' cannot overwrite ' ~ process_steps[current_index] ~ '.' ) %}
{% endif %} {% endif %}
{% do salt.log.info('soc/dyanno/hypervisor/write_status: Completed') %} {% do salt.log.info('soc/dyanno/hypervisor/write_status: Completed') %}
{% else %}
{% do salt.log.error(
'Hypervisor nodes are a feature supported only for customers with a valid license.'
'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com'
'for more information about purchasing a license to enable this feature.'
) %}
{% endif %}

25
salt/vm_status/init.sls
View File

@@ -1,3 +1,16 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
#
# Note: Per the Elastic License 2.0, the second limitation states:
#
# "You may not move, change, disable, or circumvent the license key functionality
# in the software, and you may not remove or obscure any functionality in the
# software that is protected by the license key."
{% if 'hvn' in salt['pillar.get']('features', []) %}
# Send highstate trigger event for VM deployment status tracking # Send highstate trigger event for VM deployment status tracking
# so-salt-emit-vm-deployment-status sets event_tag = f'soc/dyanno/hypervisor/{status.lower()}' # so-salt-emit-vm-deployment-status sets event_tag = f'soc/dyanno/hypervisor/{status.lower()}'
vm_highstate_trigger: vm_highstate_trigger:
@@ -8,3 +21,15 @@ vm_highstate_trigger:
vm_name: {{ grains.id }} vm_name: {{ grains.id }}
hypervisor: {{ salt['grains.get']('salt-cloud:profile', '').split('-')[1] }} hypervisor: {{ salt['grains.get']('salt-cloud:profile', '').split('-')[1] }}
- order: 1 # Ensure this runs early in the highstate process - order: 1 # Ensure this runs early in the highstate process
{% else %}
{{sls}}_no_license_detected:
test.fail_without_changes:
- name: {{sls}}_no_license_detected
- comment:
- "Hypervisor nodes are a feature supported only for customers with a valid license.
Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com
for more information about purchasing a license to enable this feature."
{% endif %}