merge in dev

2025-12-23 01:13:09 +01:00 · 2022-02-21 16:52:53 -05:00
parent eea2b9ccfd 5b46d19b13
commit 3610b0cd30
102 changed files with 18699 additions and 5104 deletions
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1243,12 +1243,12 @@ docker_install() {
 		if [ $OSVER == "bionic" ]; then
 		        service docker stop
 			apt -y purge docker-ce docker-ce-cli docker-ce-rootless-extras
-			retry 50 10 "apt-get -y install docker-ce=5:20.10.5~3-0~ubuntu-bionic docker-ce-cli=5:20.10.5~3-0~ubuntu-bionic docker-ce-rootless-extras=5:20.10.5~3-0~ubuntu-bionic python3-docker" >> "$setup_log" 2>&1 || exit 1
+			retry 50 10 "apt-get -y install --allow-downgrades docker-ce=5:20.10.5~3-0~ubuntu-bionic docker-ce-cli=5:20.10.5~3-0~ubuntu-bionic docker-ce-rootless-extras=5:20.10.5~3-0~ubuntu-bionic python3-docker" >> "$setup_log" 2>&1 || exit 1
 	        apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras
 		elif [ $OSVER == "focal" ]; then
 		        service docker stop
 			apt -y purge docker-ce docker-ce-cli docker-ce-rootless-extras
-			retry 50 10 "apt-get -y install docker-ce=5:20.10.8~3-0~ubuntu-focal docker-ce-cli=5:20.10.8~3-0~ubuntu-focal docker-ce-rootless-extras=5:20.10.8~3-0~ubuntu-focal python3-docker" >> "$setup_log" 2>&1 || exit 1
+			retry 50 10 "apt-get -y install --allow-downgrades docker-ce=5:20.10.8~3-0~ubuntu-focal docker-ce-cli=5:20.10.8~3-0~ubuntu-focal docker-ce-rootless-extras=5:20.10.8~3-0~ubuntu-focal python3-docker" >> "$setup_log" 2>&1 || exit 1
                        apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras		
 		fi
 	fi
@@ -1829,52 +1829,92 @@ manager_global() {
 		"  cluster_routing_allocation_disk_watermark_flood_stage: '98%'"\
 		"  index_settings:"\
 		"    so-beats:"\
-		"      shards: 1"\
+                "      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-firewall:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-flow:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-ids:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-import:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 73000"\
 		"      delete: 73001"\
 		"    so-osquery:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-ossec:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-strelka:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-syslog:"\
-		"      shards: 1"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 30"\
 		"      delete: 365"\
 		"    so-zeek:"\
-		"      shards: 5"\
+		"      index_template:"\
+                "        template:"\
+                "          settings:"\
+                "            index:"\
+                "              number_of_shards: 1"\
 		"      warm: 7"\
 		"      close: 45"\
 		"      delete: 365"\
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -991,9 +991,8 @@ if [[ $success != 0 ]]; then SO_ERROR=1; fi
 # Check entire setup log for errors or unexpected salt states and ensure cron jobs are not reporting errors to root's mailbox
 # Ignore "Status .* was not found" due to output from salt http.query or http.wait_for_successful_query states used with retry
 # Uncaught exception, closing connection|Exception in callback None - this is seen during influxdb / http.wait_for_successful_query state for ubuntu reinstall
-if grep -E "ERROR|Result: False" $setup_log | grep -qvE "Status .* was not found|An exception occurred in this state|Uncaught exception, closing connection|Exception in callback None" || [[ -s /var/spool/mail/root && "$setup_type" == "iso" ]]; then
+if grep -E "ERROR|Result: False" $setup_log | grep -qvE "Status .* was not found|An exception occurred in this state|Uncaught exception, closing connection|Exception in callback None|deprecation: ERROR" || [[ -s /var/spool/mail/root && "$setup_type" == "iso" ]]; then
 	SO_ERROR=1
-
 	grep --color=never "ERROR" "$setup_log" | grep -qvE "Status .* was not found|An exception occurred in this state|Uncaught exception, closing connection|Exception in callback None" > "$error_log"
 fi