From 4a5d50cf8029c2576b65e194bd2c3dd24904a4a4 Mon Sep 17 00:00:00 2001 From: Wes Lambert Date: Tue, 6 Oct 2020 17:01:58 +0000 Subject: [PATCH 1/4] Add so-elasticsearch-pipelines-list and fix common script perms --- salt/common/tools/sbin/so-allow-view | 0 salt/common/tools/sbin/so-config-backup | 0 .../sbin/so-elasticsearch-pipelines-list | 23 +++++++++++++++++++ salt/common/tools/sbin/so-test | 0 salt/common/tools/sbin/so-user-list | 0 5 files changed, 23 insertions(+) mode change 100644 => 100755 salt/common/tools/sbin/so-allow-view mode change 100644 => 100755 salt/common/tools/sbin/so-config-backup create mode 100755 salt/common/tools/sbin/so-elasticsearch-pipelines-list mode change 100644 => 100755 salt/common/tools/sbin/so-test mode change 100644 => 100755 salt/common/tools/sbin/so-user-list diff --git a/salt/common/tools/sbin/so-allow-view b/salt/common/tools/sbin/so-allow-view old mode 100644 new mode 100755 diff --git a/salt/common/tools/sbin/so-config-backup b/salt/common/tools/sbin/so-config-backup old mode 100644 new mode 100755 diff --git a/salt/common/tools/sbin/so-elasticsearch-pipelines-list b/salt/common/tools/sbin/so-elasticsearch-pipelines-list new file mode 100755 index 000000000..eaf21ad15 --- /dev/null +++ b/salt/common/tools/sbin/so-elasticsearch-pipelines-list @@ -0,0 +1,23 @@ +#!/bin/bash +# +# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +{%- set NODEIP = salt['pillar.get']('elasticsearch:mainip', '') -%} +. /usr/sbin/so-common +if [ "$1" == "" ]; then + curl -s {{ NODEIP }}:9200/_ingest/pipeline/* | jq 'keys' +else + curl -s {{ NODEIP }}:9200/_ingest/pipeline/$1 | jq +fi diff --git a/salt/common/tools/sbin/so-test b/salt/common/tools/sbin/so-test old mode 100644 new mode 100755 diff --git a/salt/common/tools/sbin/so-user-list b/salt/common/tools/sbin/so-user-list old mode 100644 new mode 100755 From 787f1d8732f4aca8e946a0d5cfacde9b0db462e2 Mon Sep 17 00:00:00 2001 From: Wes Lambert Date: Tue, 6 Oct 2020 17:15:27 +0000 Subject: [PATCH 2/4] Add so-elasticsearch-templates-list --- .../sbin/so-elasticsearch-templates-list | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 salt/common/tools/sbin/so-elasticsearch-templates-list diff --git a/salt/common/tools/sbin/so-elasticsearch-templates-list b/salt/common/tools/sbin/so-elasticsearch-templates-list new file mode 100644 index 000000000..f0cbe36e7 --- /dev/null +++ b/salt/common/tools/sbin/so-elasticsearch-templates-list @@ -0,0 +1,23 @@ +#!/bin/bash +# +# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +{%- set NODEIP = salt['pillar.get']('elasticsearch:mainip', '') -%} +. /usr/sbin/so-common +if [ "$1" == "" ]; then + curl -s {{ NODEIP }}:9200/_template/* | jq 'keys' +else + curl -s {{ NODEIP }}:9200/_template/$1 | jq +fi From a6a69c57d11720f1f6a8636388c92a9dd96abb58 Mon Sep 17 00:00:00 2001 From: Wes Lambert Date: Tue, 6 Oct 2020 17:18:42 +0000 Subject: [PATCH 3/4] Rename so-elasticsearch-templates to so-elasticsearch-templates-load --- salt/common/tools/sbin/so-elasticsearch-templates-list | 0 ...-elasticsearch-templates => so-elasticsearch-templates-load} | 0 salt/elasticsearch/init.sls | 2 +- 3 files changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 salt/common/tools/sbin/so-elasticsearch-templates-list rename salt/common/tools/sbin/{so-elasticsearch-templates => so-elasticsearch-templates-load} (100%) diff --git a/salt/common/tools/sbin/so-elasticsearch-templates-list b/salt/common/tools/sbin/so-elasticsearch-templates-list old mode 100644 new mode 100755 diff --git a/salt/common/tools/sbin/so-elasticsearch-templates b/salt/common/tools/sbin/so-elasticsearch-templates-load similarity index 100% rename from salt/common/tools/sbin/so-elasticsearch-templates rename to salt/common/tools/sbin/so-elasticsearch-templates-load diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls index 43db556fa..4dcf3d44f 100644 --- a/salt/elasticsearch/init.sls +++ b/salt/elasticsearch/init.sls @@ -240,7 +240,7 @@ so-elasticsearch-pipelines: {% if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone', 'so-heavynode', 'so-searchnode', 'so-import'] and TEMPLATES %} so-elasticsearch-templates: cmd.run: - - name: /usr/sbin/so-elasticsearch-templates + - name: /usr/sbin/so-elasticsearch-templates-load - cwd: /opt/so {% endif %} From f809cf52168fe4761e44a2e999a9c72655fb4103 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 6 Oct 2020 13:27:23 -0400 Subject: [PATCH 4/4] Update so-functions --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index 135c8fbfe..6911016f3 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1271,7 +1271,7 @@ manager_global() { "soctopus:"\ " playbook:"\ " rulesets:"\ - " - windows" >> "$global_pillar" + " - windows" >> "$global_pillar"\ "redis_settings:"\ " redis_maxmemory: 812"\