From 4874e540dac6426133457e7b9febabe3098b74f8 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Mon, 9 Dec 2019 17:18:12 -0500 Subject: [PATCH] changes for FireEye Helix integration --- salt/firewall/init.sls | 2 +- setup/functions.sh | 9 ++++++--- setup/so-setup.sh | 9 +++++++-- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls index b0ff81b00..f238fbf59 100644 --- a/salt/firewall/init.sls +++ b/salt/firewall/init.sls @@ -1,5 +1,5 @@ # Firewall Magic for the grid -{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' %} +{%- if grains['role'] in ['so-eval','so-master','so-helix'] %} {%- set ip = salt['pillar.get']('static:masterip', '') %} {%- elif grains['role'] == 'so-node' %} {%- set ip = salt['pillar.get']('node:mainip', '') %} diff --git a/setup/functions.sh b/setup/functions.sh index 951a37a87..78a460054 100644 --- a/setup/functions.sh +++ b/setup/functions.sh @@ -236,6 +236,9 @@ configure_minion() { OLDPASS=$(cat /opt/so/saltstack/pillar/auth.sls | grep mysql | awk {'print $2'}) echo "mysql.pass: '$OLDPASS'" >> /etc/salt/minion fi + elif [ $TYPE == 'helix' ]; then + echo "master: $HOSTNAME" > /etc/salt/minion + echo "id: $MINION_ID" >> /etc/salt/minion else echo "master: $MSRV" > /etc/salt/minion echo "id: $MINION_ID" >> /etc/salt/minion @@ -255,7 +258,7 @@ copy_master_config() { if [ $INSTALLMETHOD == 'iso' ]; then cp /root/SecurityOnion/files/master /etc/salt/master else - cp ../files/master /etc/salt/master + cp $SCRIPTDIR/../files/master /etc/salt/master fi # Restart the service so it picks up the changes -TODO Enable service on CentOS @@ -1065,8 +1068,8 @@ salt_master_directories() { cp /root/SecurityOnion/pillar/* /opt/so/saltstack/pillar/ cp /root/SecurityOnion/salt/* /opt/so/saltstack/salt/ else - cp -R ../pillar/* /opt/so/saltstack/pillar/ - cp -R ../salt/* /opt/so/saltstack/salt/ + cp -R $SCRIPTDIR/../pillar/* /opt/so/saltstack/pillar/ + cp -R $SCRIPTDIR/../salt/* /opt/so/saltstack/salt/ fi chmod +x /opt/so/saltstack/pillar/firewall/addfirewall.sh diff --git a/setup/so-setup.sh b/setup/so-setup.sh index a2889a0da..f3b60792a 100644 --- a/setup/so-setup.sh +++ b/setup/so-setup.sh @@ -35,7 +35,7 @@ MINION_ID=$(echo $HOSTNAME | awk -F. {'print $1'}) TOTAL_MEM=`grep MemTotal /proc/meminfo | awk '{print $2}' | sed -r 's/.{3}$//'` NICS=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}') CPUCORES=$(cat /proc/cpuinfo | grep processor | wc -l) -LISTCORES=$(cat /proc/cpuinfo | grep processor | awk '{print $3 " \"" "core" "\""}') +LSTCORES=$(cat /proc/cpuinfo | grep processor | awk '{print $3 " \"" "core" "\""}') RANDOMUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1) NODE_ES_PORT="9200" SETUPLOG="/root/sosetup.log" @@ -150,10 +150,12 @@ if (whiptail_you_sure) ; then esac #################### - ## Master ## + ## Helix ## #################### if [ $INSTALLTYPE == 'HELIXSENSOR' ]; then MASTERUPDATES=OPEN + filter_unused_nics + whiptail_bond_nics whiptail_helix_apikey whiptail_homenet_master whiptail_rule_setup @@ -245,6 +247,9 @@ if (whiptail_you_sure) ; then fi + #################### + ## Master ## + #################### if [ $INSTALLTYPE == 'MASTERONLY' ]; then # Would you like to do an advanced install?