CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #308 from Security-Onion-Solutions/quickfix/helix

Browse Source 
Quickfix/helix
This commit is contained in:
Josh Patterson
2020-02-05 15:10:45 -05:00
committed by GitHub
parent 981dfa1cb2 799cf32265
commit 3fff89e538
5 changed files with 52 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
salt/logstash/conf/pipelines/helix/9997_output_helix.conf → salt/logstash/conf/pipelines/helix/templates/9997_output_helix.conf
View File

2
salt/logstash/etc/logstash.yml
View File

@@ -63,7 +63,7 @@
# #
# path.config: # path.config:
# /etc/logstash/conf.d is mapped to /usr/share/logstash/pipeline in the Docker image # /etc/logstash/conf.d is mapped to /usr/share/logstash/pipeline in the Docker image
{%- if grains.role != 'so-mastersearch' and grains.role != 'so-heavynode' and grains.role != 'so-master' and grains.role != 'so-eval' %} {%- if grains.role != 'so-mastersearch' and grains.role != 'so-heavynode' and grains.role != 'so-master' and grains.role != 'so-eval' and grains.role != 'so-helix' %}
path.config: /usr/share/logstash/pipeline.enabled/*.conf path.config: /usr/share/logstash/pipeline.enabled/*.conf
{%- else %} {%- else %}
#path.config: /usr/share/logstash/pipeline.enabled/*.conf #path.config: /usr/share/logstash/pipeline.enabled/*.conf

1
salt/top.sls
View File

@@ -15,6 +15,7 @@ base:
'G@role:so-helix': 'G@role:so-helix':
- ca - ca
- ssl - ssl
- registry
- common - common
- firewall - firewall
- idstools - idstools

15
setup/so-functions
View File

@@ -453,9 +453,9 @@ docker_registry() {
echo "Docker Registry Setup - Complete" >> $SETUPLOG 2>&1 echo "Docker Registry Setup - Complete" >> $SETUPLOG 2>&1
} }
docker_seed_registry() { docker_seed_registry() {
VERSION="HH1.1.4" VERSION="HH1.1.4"
if [ $INSTALLTYPE != 'HELIXSENSOR' ]; then
TRUSTED_CONTAINERS=( \ TRUSTED_CONTAINERS=( \
"so-acng:$VERSION" \ "so-acng:$VERSION" \
"so-auth-api:$VERSION" \ "so-auth-api:$VERSION" \
@@ -489,6 +489,19 @@ docker_seed_registry() {
"so-thehive-es:$VERSION" \ "so-thehive-es:$VERSION" \
"so-wazuh:$VERSION" \ "so-wazuh:$VERSION" \
"so-zeek:$VERSION" ) "so-zeek:$VERSION" )
else
TRUSTED_CONTAINERS=( \
"so-core:$VERSION" \
"so-filebeat:$VERSION" \
"so-idstools:$VERSION" \
"so-logstash:$VERSION" \
"so-redis:$VERSION" \
"so-sensoroni:$VERSION" \
"so-steno:$VERSION" \
"so-suricata:$VERSION" \
"so-telegraf:$VERSION" \
"so-zeek:$VERSION" )
fi
if [ ! -f /nsm/docker-registry/docker/so-dockers-$VERSION.tar ]; then if [ ! -f /nsm/docker-registry/docker/so-dockers-$VERSION.tar ]; then
# Download the container from the interwebs # Download the container from the interwebs

3
setup/so-setup
View File

@@ -213,6 +213,9 @@ if (whiptail_you_sure) ; then
salt_checkin >> $SETUPLOG 2>&1 salt_checkin >> $SETUPLOG 2>&1
salt-call state.apply ca >> $SETUPLOG 2>&1 salt-call state.apply ca >> $SETUPLOG 2>&1
salt-call state.apply ssl >> $SETUPLOG 2>&1 salt-call state.apply ssl >> $SETUPLOG 2>&1
echo -e "XXX\n42\nDownloading Containers from the Internet... \nXXX"
salt-call state.apply registry >> $SETUPLOG 2>&1
docker_seed_registry >> $SETUPLOG 2>&1
echo -e "XXX\n43\nInstalling Common Components... \nXXX" echo -e "XXX\n43\nInstalling Common Components... \nXXX"
salt-call state.apply common >> $SETUPLOG 2>&1 salt-call state.apply common >> $SETUPLOG 2>&1
echo -e "XXX\n45\nApplying firewall rules... \nXXX" echo -e "XXX\n45\nApplying firewall rules... \nXXX"