From 823dde2856bca31f475ee324a018de1cde0739ad Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 11:17:15 -0400 Subject: [PATCH 01/16] Adjust repo sync --- salt/common/tools/sbin/so-repo-sync | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/common/tools/sbin/so-repo-sync b/salt/common/tools/sbin/so-repo-sync index 9ea697673..c69aa44ad 100644 --- a/salt/common/tools/sbin/so-repo-sync +++ b/salt/common/tools/sbin/so-repo-sync @@ -12,5 +12,5 @@ set_os salt_minion_count curl --retry 5 --retry-delay 60 -A 'checkin/$VERSION/$OS/$(uname -r)/$MINIONCOUNT' https://sigs.securityonion.net/checkup --output /tmp/checkup -dnf reposync --norepopath -n -g --delete -m -c /root/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/ +dnf reposync --norepopath -g --delete -m -c /root/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/ createrepo /nsm/repo \ No newline at end of file From 9a43cd71e0bccad05935faa6d2280268c879e6eb Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 15:19:54 -0400 Subject: [PATCH 02/16] Adjust docker annotations --- salt/docker/soc_docker.yaml | 281 ++++++++++++++++++++++++++++++++++++ 1 file changed, 281 insertions(+) create mode 100644 salt/docker/soc_docker.yaml diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml new file mode 100644 index 000000000..87f23cd64 --- /dev/null +++ b/salt/docker/soc_docker.yaml @@ -0,0 +1,281 @@ +docker: + bip: + description: Bind IP for the default docker interface. + helpLink: docker.html + advanced: True + range: + description: Default docker IP range for containers. + helpLink: docker.html + advanced: True + sobip: + description: Bind IP for the SO docker interface. + helpLink: docker.html + sorange: + description: IP range for the SO docker containers. + helpLink: docker.html + advanced: True + containers: + so-curator: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-dockerregistry: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-elastalert: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-elastic-fleet-package-registry: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-elastic-fleet: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-elasticsearch: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-idh: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-idstools: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-influxdb: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-kibana: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-kratos: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-logstash: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-mysql: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-nginx: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-playbook: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-redis: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-soc: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-soctopus: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-strelka-backend: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-strelka-coordinator: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-strelka-filestream: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-strelka-frontend: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-strelka-gatekeeper: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True + so-strelka-manager: + final_octet: + description: Last octet of the container IP address. + helpLink: docker.html + readonly: True + advanced: True + port_bindings: + description: List of port bindings for the container. + helpLink: docker.html + advanced: True + multilint: True \ No newline at end of file From fe13f90394c7e82a99de424d9a1802e9b5348476 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 15:33:22 -0400 Subject: [PATCH 03/16] Adjust docker annotations --- salt/docker/defaults.yaml | 7 + salt/docker/soc_docker.yaml | 282 ++++-------------------------------- 2 files changed, 34 insertions(+), 255 deletions(-) diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml index 1fcc114b1..ebb979281 100644 --- a/salt/docker/defaults.yaml +++ b/salt/docker/defaults.yaml @@ -19,6 +19,7 @@ docker: - 0.0.0.0:9300:9300/tcp 'so-idstools': final_octet: 25 + port_bindings: [] 'so-influxdb': final_octet: 26 port_bindings: @@ -72,14 +73,17 @@ docker: - 0.0.0.0:7000:7000 'so-strelka-backend': final_octet: 36 + port_bindings: [] 'so-strelka-filestream': final_octet: 37 + port_bindings: [] 'so-strelka-frontend': final_octet: 38 port_bindings: - 0.0.0.0:57314:57314 'so-strelka-manager': final_octet: 39 + port_bindings: [] 'so-strelka-gatekeeper': final_octet: 40 port_bindings: @@ -90,11 +94,14 @@ docker: - 0.0.0.0:6380:6379 'so-elastalert': final_octet: 42 + port_bindings: [] 'so-curator': final_octet: 43 + port_bindings: [] 'so-elastic-fleet-package-registry': final_octet: 44 port_bindings: - 0.0.0.0:8080:8080/tcp 'so-idh': final_octet: 45 + port_bindings: [] diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml index 87f23cd64..ba0f053fa 100644 --- a/salt/docker/soc_docker.yaml +++ b/salt/docker/soc_docker.yaml @@ -10,272 +10,44 @@ docker: sobip: description: Bind IP for the SO docker interface. helpLink: docker.html + advanced: True sorange: description: IP range for the SO docker containers. helpLink: docker.html advanced: True containers: - so-curator: + so-curator: &dockerOptions final_octet: description: Last octet of the container IP address. helpLink: docker.html readonly: True advanced: True + global: True port_bindings: description: List of port bindings for the container. helpLink: docker.html advanced: True - multilint: True - so-dockerregistry: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-elastalert: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-elastic-fleet-package-registry: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-elastic-fleet: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-elasticsearch: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-idh: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-idstools: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-influxdb: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-kibana: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-kratos: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-logstash: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-mysql: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-nginx: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-playbook: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-redis: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-soc: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-soctopus: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-strelka-backend: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-strelka-coordinator: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-strelka-filestream: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-strelka-frontend: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-strelka-gatekeeper: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True - so-strelka-manager: - final_octet: - description: Last octet of the container IP address. - helpLink: docker.html - readonly: True - advanced: True - port_bindings: - description: List of port bindings for the container. - helpLink: docker.html - advanced: True - multilint: True \ No newline at end of file + multiline: True + so-dockerregistry: *dockerOptions + so-elastalert: *dockerOptions + so-elastic-fleet-package-registry: *dockerOptions + so-elastic-fleet: *dockerOptions + so-elasticsearch: *dockerOptions + so-idh: *dockerOptions + so-idstools: *dockerOptions + so-influxdb: *dockerOptions + so-kibana: *dockerOptions + so-kratos: *dockerOptions + so-logstash: *dockerOptions + so-mysql: *dockerOptions + so-nginx: *dockerOptions + so-playbook: *dockerOptions + so-redis: *dockerOptions + so-soc: *dockerOptions + so-soctopus: *dockerOptions + so-strelka-backend: *dockerOptions + so-strelka-coordinator: *dockerOptions + so-strelka-filestream: *dockerOptions + so-strelka-frontend: *dockerOptions + so-strelka-gatekeeper: *dockerOptions + so-strelka-manager: *dockerOptions \ No newline at end of file From 8c2a43c073be09ba5ad40888d198ff2f481dd430 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 15:51:48 -0400 Subject: [PATCH 04/16] Adjust docker annotations --- salt/docker/defaults.yaml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml index ebb979281..83e30066d 100644 --- a/salt/docker/defaults.yaml +++ b/salt/docker/defaults.yaml @@ -19,7 +19,6 @@ docker: - 0.0.0.0:9300:9300/tcp 'so-idstools': final_octet: 25 - port_bindings: [] 'so-influxdb': final_octet: 26 port_bindings: @@ -73,17 +72,14 @@ docker: - 0.0.0.0:7000:7000 'so-strelka-backend': final_octet: 36 - port_bindings: [] 'so-strelka-filestream': final_octet: 37 - port_bindings: [] 'so-strelka-frontend': final_octet: 38 port_bindings: - 0.0.0.0:57314:57314 'so-strelka-manager': final_octet: 39 - port_bindings: [] 'so-strelka-gatekeeper': final_octet: 40 port_bindings: @@ -94,14 +90,11 @@ docker: - 0.0.0.0:6380:6379 'so-elastalert': final_octet: 42 - port_bindings: [] 'so-curator': final_octet: 43 - port_bindings: [] 'so-elastic-fleet-package-registry': final_octet: 44 port_bindings: - 0.0.0.0:8080:8080/tcp 'so-idh': - final_octet: 45 - port_bindings: [] + final_octet: 45 \ No newline at end of file From 22c3a4d398c8f86d4a9ac9a62d3be353d5ffb7e7 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 16:08:26 -0400 Subject: [PATCH 05/16] Adjust elasticsearch annotations --- salt/elasticsearch/soc_elasticsearch.yaml | 3 +++ salt/strelka/filecheck/defaults.yaml | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) delete mode 100644 salt/strelka/filecheck/defaults.yaml diff --git a/salt/elasticsearch/soc_elasticsearch.yaml b/salt/elasticsearch/soc_elasticsearch.yaml index 05a812bbc..cd051b5bf 100644 --- a/salt/elasticsearch/soc_elasticsearch.yaml +++ b/salt/elasticsearch/soc_elasticsearch.yaml @@ -1,4 +1,7 @@ elasticsearch: + esheap: + description: Specify the memory heap size in m for Elasticsearch. + helpLink: elasticsearch.html config: cluster: name: diff --git a/salt/strelka/filecheck/defaults.yaml b/salt/strelka/filecheck/defaults.yaml deleted file mode 100644 index 6f45954d6..000000000 --- a/salt/strelka/filecheck/defaults.yaml +++ /dev/null @@ -1,4 +0,0 @@ -filecheck: - historypath: '/nsm/strelka/history/' - strelkapath: '/nsm/strelka/unprocessed/' - logfile: '/opt/so/log/strelka/filecheck.log' From bb3480cd76face23a614b07d9153a4cb48146888 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 16:20:22 -0400 Subject: [PATCH 06/16] Adjust host annotations --- salt/host/soc_host.yaml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 salt/host/soc_host.yaml diff --git a/salt/host/soc_host.yaml b/salt/host/soc_host.yaml new file mode 100644 index 000000000..8c790a8df --- /dev/null +++ b/salt/host/soc_host.yaml @@ -0,0 +1,7 @@ +host: + mainint: + description: Main interface of the grid host. + helpLink: host.html + mainip: + description: Main IP address of the grid host. + helpLink: host.html \ No newline at end of file From 0bb2fd7d45bc61b03499380efe5d06cde0bae48d Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 16:50:18 -0400 Subject: [PATCH 07/16] Adjust manager annotations --- salt/manager/soc_manager.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 salt/manager/soc_manager.yaml diff --git a/salt/manager/soc_manager.yaml b/salt/manager/soc_manager.yaml new file mode 100644 index 000000000..10d48e121 --- /dev/null +++ b/salt/manager/soc_manager.yaml @@ -0,0 +1,17 @@ +manager: + elastalert: + description: Enable elastalert 1=enabled 0=disabled. + global: True + helpLink: manager.html + no_proxy: String of hosts to ignore the proxy settings for. + description: + global: True + helpLink: manager.html + playbook: + description: Enable playbook 1=enabled 0=disabled. + global: True + helpLink: manager.html + proxy: + description: Proxy server to use for updates. + global: True + helpLink: manager.html \ No newline at end of file From 27fdad4a25f2bdb6fc225fb21e78b9a64d2412fb Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 16:52:22 -0400 Subject: [PATCH 08/16] Adjust manager annotations --- salt/manager/soc_manager.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/manager/soc_manager.yaml b/salt/manager/soc_manager.yaml index 10d48e121..68b3b53cf 100644 --- a/salt/manager/soc_manager.yaml +++ b/salt/manager/soc_manager.yaml @@ -1,6 +1,6 @@ manager: elastalert: - description: Enable elastalert 1=enabled 0=disabled. + description: Enable elastalert 1 enabled 0 disabled. global: True helpLink: manager.html no_proxy: String of hosts to ignore the proxy settings for. @@ -8,7 +8,7 @@ manager: global: True helpLink: manager.html playbook: - description: Enable playbook 1=enabled 0=disabled. + description: Enable playbook 1 enabled 0 disabled. global: True helpLink: manager.html proxy: From a6e34ae1d71dd0c7168d449e9a3db340588c614e Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 16:54:57 -0400 Subject: [PATCH 09/16] Adjust manager annotations --- salt/manager/soc_manager.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/salt/manager/soc_manager.yaml b/salt/manager/soc_manager.yaml index 68b3b53cf..e6e58e524 100644 --- a/salt/manager/soc_manager.yaml +++ b/salt/manager/soc_manager.yaml @@ -1,14 +1,14 @@ manager: elastalert: - description: Enable elastalert 1 enabled 0 disabled. + description: Enable elastalert 1=enabled 0=disabled. global: True helpLink: manager.html - no_proxy: String of hosts to ignore the proxy settings for. - description: + no_proxy: + description: String of hosts to ignore the proxy settings for. global: True helpLink: manager.html playbook: - description: Enable playbook 1 enabled 0 disabled. + description: Enable playbook 1=enabled 0=disabled. global: True helpLink: manager.html proxy: From eb61b0c98fceb6ffd741d265ffb214fb4d44c1d4 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 17:10:36 -0400 Subject: [PATCH 10/16] Adjust sensor annotations --- salt/sensor/soc_sensor.yaml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 salt/sensor/soc_sensor.yaml diff --git a/salt/sensor/soc_sensor.yaml b/salt/sensor/soc_sensor.yaml new file mode 100644 index 000000000..61466b2b1 --- /dev/null +++ b/salt/sensor/soc_sensor.yaml @@ -0,0 +1,7 @@ +sensor: + interface: + description: Main sensor monitoring interface. + helpLink: sensor.html + mtu: + description: Main IP address of the grid host. + helpLink: host.html \ No newline at end of file From 507142cde4b14393c64062a4a0ca285d216508a0 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 20:02:23 -0400 Subject: [PATCH 11/16] Adjust patch annotations --- salt/patch/soc_patch.yaml | 79 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 salt/patch/soc_patch.yaml diff --git a/salt/patch/soc_patch.yaml b/salt/patch/soc_patch.yaml new file mode 100644 index 000000000..452cd1916 --- /dev/null +++ b/salt/patch/soc_patch.yaml @@ -0,0 +1,79 @@ +patch: + os: + enabled: + description: Enable OS updates. + helpLink: patch.html + schedule_to_run: + description: Currently running schedule for updates. + helpLink: patch.html + schedules: + auto: + splay: &splayOptions + description: Seconds to splay updates. + helpLink: patch.html + schedule: + hours: + description: Run the OS updates every X hours. + helpLink: patch.html + monday: + splay: *splayOptions + schedule: + Monday: &dayOptions + description: List of times to run OS Updates on this day. + multiline: True + tuesday: + splay: *splayOptions + schedule: + Tuesday: *dayOptions + wednesday: + splay: *splayOptions + schedule: + Wednesday: *dayOptions + thursday: + splay: *splayOptions + schedule: + Thursday: *dayOptions + friday: + splay: *splayOptions + schedule: + Friday: *dayOptions + saturday: + splay: *splayOptions + schedule: + Saturday: *dayOptions + sunday: + splay: *splayOptions + schedule: + Sunday: *dayOptions + daily: + splay: *splayOptions + schedule: + Monday: &dailyOptions + description: List of times to apply OS patches daily. + multiline: True + helpLink: True + Tuesday: *dailyOptions + Wednesday: *dailyOptions + Thursday: *dailyOptions + Friday: *dailyOptions + Saturday: *dailyOptions + Sunday: *dailyOptions + weekdays: + splay: *splayOptions + schedule: + Monday: &weekdayOptions + description: List of times for weekdays. + multiline: True + helplink: patch.html + Tuesday: *weekdayOptions + Wednesday: *weekdayOptions + Thursday: *weekdayOptions + Friday: *weekdayOptions + weekends: + splay: *splayOptions + schedule: + Saturday: &weekendOptions + description: + multiline: true + helpLink: patch.html + Sunday: *weekendOptions \ No newline at end of file From f810f9cbf08caabc5c7d7586e8a663e502f334e0 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 20:12:26 -0400 Subject: [PATCH 12/16] Adjust patch annotations --- salt/elasticfleet/soc_elasticfleet.yaml | 3 +++ salt/sensoroni/soc_sensoroni.yaml | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 salt/sensoroni/soc_sensoroni.yaml diff --git a/salt/elasticfleet/soc_elasticfleet.yaml b/salt/elasticfleet/soc_elasticfleet.yaml index 0e111feca..a7e9fbe4a 100644 --- a/salt/elasticfleet/soc_elasticfleet.yaml +++ b/salt/elasticfleet/soc_elasticfleet.yaml @@ -4,14 +4,17 @@ elasticfleet: description: Endpoint enrollment key. global: True helpLink: elastic-fleet.html + sensitive: True es_token: description: Elastic auth token. global: True helpLink: elastic-fleet.html + sensitive: True grid_enrollment: description: Grid enrollment key. global: True helpLink: elastic-fleet.html + sensitive: True url: description: Agent connection URL. global: True diff --git a/salt/sensoroni/soc_sensoroni.yaml b/salt/sensoroni/soc_sensoroni.yaml new file mode 100644 index 000000000..abe3dda09 --- /dev/null +++ b/salt/sensoroni/soc_sensoroni.yaml @@ -0,0 +1,18 @@ +sensoroni: + node_checkin_interval_ms: + description: Interval in ms to checkin to the soc_host. + advanced: True + helpLink: sensoroni.html + node_description: + description: Description of the specific node. + helpLink: sensoroni.html + sensoronikey: + description: Shared key for sensoroni authentication. + helpLink: sensoroni.html + global: True + sensitive: True + soc_host: + description: Host for sensoroni agents to connect to. + helpLink: sensoroni.html + global: True + advanced: True \ No newline at end of file From 01d470a4262e6b49170848000673094fd474b2e8 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 20:13:29 -0400 Subject: [PATCH 13/16] Adjust patch annotations --- salt/sensoroni/soc_sensoroni.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/salt/sensoroni/soc_sensoroni.yaml b/salt/sensoroni/soc_sensoroni.yaml index abe3dda09..6f6a75452 100644 --- a/salt/sensoroni/soc_sensoroni.yaml +++ b/salt/sensoroni/soc_sensoroni.yaml @@ -11,6 +11,7 @@ sensoroni: helpLink: sensoroni.html global: True sensitive: True + advanced: True soc_host: description: Host for sensoroni agents to connect to. helpLink: sensoroni.html From bc7261acfe636dd5646347fd5f7b717aebd51e23 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 20 Mar 2023 20:16:43 -0400 Subject: [PATCH 14/16] Adjust patch annotations --- salt/elasticfleet/soc_elasticfleet.yaml | 6 +++++- salt/soctopus/soc_soctopus.yaml | 7 +++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 salt/soctopus/soc_soctopus.yaml diff --git a/salt/elasticfleet/soc_elasticfleet.yaml b/salt/elasticfleet/soc_elasticfleet.yaml index a7e9fbe4a..4d523c548 100644 --- a/salt/elasticfleet/soc_elasticfleet.yaml +++ b/salt/elasticfleet/soc_elasticfleet.yaml @@ -5,17 +5,21 @@ elasticfleet: global: True helpLink: elastic-fleet.html sensitive: True + advanced: True es_token: description: Elastic auth token. global: True helpLink: elastic-fleet.html sensitive: True + advanced: True grid_enrollment: description: Grid enrollment key. global: True helpLink: elastic-fleet.html sensitive: True + advanced: True url: description: Agent connection URL. global: True - helpLink: elastic-fleet.html \ No newline at end of file + helpLink: elastic-fleet.html + advanced: True \ No newline at end of file diff --git a/salt/soctopus/soc_soctopus.yaml b/salt/soctopus/soc_soctopus.yaml new file mode 100644 index 000000000..02991d295 --- /dev/null +++ b/salt/soctopus/soc_soctopus.yaml @@ -0,0 +1,7 @@ +soctopus: + playbook: + rulesets: + description: List of playbook rulesets + advanced: True + helplink: soctopus.html + global: True \ No newline at end of file From 64904406b6517a0051cf9e477610e7e20f701276 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 21 Mar 2023 08:41:48 -0400 Subject: [PATCH 15/16] Adjust annotations --- salt/soctopus/soc_soctopus.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/soctopus/soc_soctopus.yaml b/salt/soctopus/soc_soctopus.yaml index 02991d295..033405345 100644 --- a/salt/soctopus/soc_soctopus.yaml +++ b/salt/soctopus/soc_soctopus.yaml @@ -1,7 +1,7 @@ soctopus: playbook: rulesets: - description: List of playbook rulesets + description: List of playbook rulesets. advanced: True helplink: soctopus.html global: True \ No newline at end of file From 444988f2875430e5f1f570c841bb0a8569b3e929 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Tue, 21 Mar 2023 08:48:02 -0400 Subject: [PATCH 16/16] Adjust annotations --- salt/elasticsearch/soc_elasticsearch.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/elasticsearch/soc_elasticsearch.yaml b/salt/elasticsearch/soc_elasticsearch.yaml index cd051b5bf..d7c310687 100644 --- a/salt/elasticsearch/soc_elasticsearch.yaml +++ b/salt/elasticsearch/soc_elasticsearch.yaml @@ -1,6 +1,6 @@ elasticsearch: esheap: - description: Specify the memory heap size in m for Elasticsearch. + description: Specify the memory heap size in (m)egabytes for Elasticsearch. helpLink: elasticsearch.html config: cluster: