CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

adding grafana dashboard for standalone - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/739

Browse Source
This commit is contained in:
m0duspwnens
2020-06-11 10:28:29 -04:00
parent b26a7541cd
commit 32b4a2ff08
4 changed files with 4338 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4275
salt/grafana/dashboards/standalone/standalone.json Normal file
View File

File diff suppressed because it is too large Load Diff

7
salt/grafana/etc/dashboards/dashboard.yml
View File

@@ -31,6 +31,13 @@ providers:
editable: true editable: true
options: options:
path: /etc/grafana/grafana_dashboards/search_nodes path: /etc/grafana/grafana_dashboards/search_nodes
- name: 'Standalone'
folder: 'Standalone'
type: file
disableDeletion: false
editable: true
options:
path: /etc/grafana/grafana_dashboards/standalone
{%- else %} {%- else %}
- name: 'Security Onion' - name: 'Security Onion'
folder: 'Eval Mode' folder: 'Eval Mode'

30
salt/grafana/init.sls
View File

@@ -40,6 +40,13 @@ grafanadashmsdir:
- group: 939 - group: 939
- makedirs: True - makedirs: True
grafanadashmsdir:
file.directory:
- name: /opt/so/conf/grafana/grafana_dashboards/standalone
- user: 939
- group: 939
- makedirs: True
grafanadashevaldir: grafanadashevaldir:
file.directory: file.directory:
- name: /opt/so/conf/grafana/grafana_dashboards/eval - name: /opt/so/conf/grafana/grafana_dashboards/eval
@@ -115,6 +122,29 @@ dashboard-master:
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if salt['pillar.get']('standalonetab', False) %}
{% for SN, SNDATA in salt['pillar.get']('standalonetab', {}).items() %}
{% set NODETYPE = SN.split('_')|last %}
{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
dashboard-master:
file.managed:
- name: /opt/so/conf/grafana/grafana_dashboards/standalone/{{ SN }}-Standalone.json
- user: 939
- group: 939
- template: jinja
- source: salt://grafana/dashboards/standalone/standalone.json
- defaults:
SERVERNAME: {{ SN }}
MANINT: {{ SNDATA.manint }}
MONINT: {{ SNDATA.manint }}
CPUS: {{ SNDATA.totalcpus }}
UID: {{ SNDATA.guid }}
ROOTFS: {{ SNDATA.rootfs }}
NSMFS: {{ SNDATA.nsmfs }}
{% endfor %}
{% endif %}
{% if salt['pillar.get']('sensorstab', False) %} {% if salt['pillar.get']('sensorstab', False) %}
{% for SN, SNDATA in salt['pillar.get']('sensorstab', {}).items() %} {% for SN, SNDATA in salt['pillar.get']('sensorstab', {}).items() %}
{% set NODETYPE = SN.split('_')|last %} {% set NODETYPE = SN.split('_')|last %}

42
setup/so-functions
View File

@@ -60,7 +60,7 @@ addtotab_generate_templates() {
local addtotab_path=$local_salt_dir/pillar/data local addtotab_path=$local_salt_dir/pillar/data
for i in evaltab mastersearchtab mastertab nodestab sensorstab; do for i in evaltab mastersearchtab mastertab nodestab sensorstab standalonetab; do
printf '%s\n'\ printf '%s\n'\
"$i:"\ "$i:"\
"" > "$addtotab_path"/$i.sls "" > "$addtotab_path"/$i.sls
@@ -1415,18 +1415,21 @@ set_initial_firewall_policy() {
set_main_ip set_main_ip
if [ -f $default_salt_dir/pillar/data/addtotab.sh ]; then chmod +x $default_salt_dir/pillar/data/addtotab.sh; fi if [ -f $default_salt_dir/pillar/data/addtotab.sh ]; then chmod +x $default_salt_dir/pillar/data/addtotab.sh; fi
if [ -f $default_salt_dir/pillar/firewall/addfirewall.sh ]; then chmod +x $default_salt_dir/pillar/firewall/addfirewall.sh; fi if [ -f $default_salt_dir/salt/common/tools/sbin/so-firewall ]; then chmod +x $default_salt_dir/salt/common/tools/sbin/so-firewall; fi
case "$install_type" in case "$install_type" in
'MASTER') 'MASTER')
printf " - %s\n" "$MAINIP" | tee -a $local_salt_dir/pillar/firewall/minions.sls $local_salt_dir/pillar/firewall/masterfw.sls $default_salt_dir/salt/common/tools/sbin/so-firewall includehost master "$MAINIP"
$default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
salt-call state.apply -l info firewall >> $setup_log 2>&1
$default_salt_dir/pillar/data/addtotab.sh mastertab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" $default_salt_dir/pillar/data/addtotab.sh mastertab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm"
;; ;;
'EVAL' | 'MASTERSEARCH') 'EVAL' | 'MASTERSEARCH' | 'STANDALONE')
printf " - %s\n" "$MAINIP" | tee -a $local_salt_dir/pillar/firewall/minions.sls\ $default_salt_dir/salt/common/tools/sbin/so-firewall includehost master "$MAINIP"
$local_salt_dir/pillar/firewall/masterfw.sls\ $default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
$local_salt_dir/pillar/firewall/forward_nodes.sls\ $default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
$local_salt_dir/pillar/firewall/search_nodes.sls $default_salt_dir/salt/common/tools/sbin/so-firewall includehost search_node "$MAINIP"
salt-call state.apply -l info firewall >> $setup_log 2>&1
case "$install_type" in case "$install_type" in
'EVAL') 'EVAL')
$default_salt_dir/pillar/data/addtotab.sh evaltab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0 True $default_salt_dir/pillar/data/addtotab.sh evaltab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0 True
@@ -1434,27 +1437,34 @@ set_initial_firewall_policy() {
'MASTERSEARCH') 'MASTERSEARCH')
$default_salt_dir/pillar/data/addtotab.sh mastersearchtab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" $default_salt_dir/pillar/data/addtotab.sh mastersearchtab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm"
;; ;;
'STANDALONE')
$default_salt_dir/pillar/data/addtotab.sh standalonetab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0
;;
esac esac
;; ;;
'HELIXSENSOR') 'HELIXSENSOR')
printf " - %s\n" "$MAINIP" | tee -a $local_salt_dir/pillar/firewall/minions.sls\ $default_salt_dir/salt/common/tools/sbin/so-firewall includehost master "$MAINIP"
$local_salt_dir/pillar/firewall/masterfw.sls\ $default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
$local_salt_dir/pillar/firewall/forward_nodes.sls $default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
salt-call state.apply -l info firewall >> $setup_log 2>&1
;; ;;
'SENSOR' | 'SEARCHNODE' | 'HEAVYNODE' | 'FLEET') 'SENSOR' | 'SEARCHNODE' | 'HEAVYNODE' | 'FLEET')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/firewall/addfirewall.sh minions "$MAINIP" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
case "$install_type" in case "$install_type" in
'SENSOR') 'SENSOR')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/firewall/addfirewall.sh forward_nodes "$MAINIP" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo salt-call state.apply -l info firewall
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh sensorstab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0 ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh sensorstab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0
;; ;;
'SEARCHNODE') 'SEARCHNODE')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/firewall/addfirewall.sh search_nodes "$MAINIP" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall includehost search_node "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo salt-call state.apply -l info firewall
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm"
;; ;;
'HEAVYNODE') 'HEAVYNODE')
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/firewall/addfirewall.sh forward_nodes "$MAINIP" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/firewall/addfirewall.sh search_nodes "$MAINIP" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall includehost search_node "$MAINIP"
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo salt-call state.apply -l info firewall
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh sensorstab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0 ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh sensorstab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0
ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh nodestab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm"
;; ;;