CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Setup Script - Add Storage Node Pillar

Browse Source
This commit is contained in:
Mike Reeves
2018-03-19 14:16:18 -04:00
parent ff712a62d9
commit 4b23455ef9
1 changed files with 24 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
so-setup-network.sh
View File

@@ -19,7 +19,7 @@
HOSTNAME=$(cat /etc/hostname) HOSTNAME=$(cat /etc/hostname)
TOTAL_MEM=`grep MemTotal /proc/meminfo | awk '{print $2}' | sed -r 's/.{3}$//'` TOTAL_MEM=`grep MemTotal /proc/meminfo | awk '{print $2}' | sed -r 's/.{3}$//'`
NICS=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}') NICS=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}')
CPUCORES=$(cat /proc/cpuinfo | grep processor | wc -l)
# End Global Variable Section # End Global Variable Section
@@ -129,16 +129,28 @@ master_pillar () {
fi fi
echo " lsheap: $LS_HEAP_SIZE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " lsheap: $LS_HEAP_SIZE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " lsaccessip: 127.0.0.1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " lsaccessip: 127.0.0.1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
if [ $INSTALLTYPE == 'BACKENDNODE' ]; then echo " elastalert: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " elastalert: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " ls_pipeline_workers: $CPUCORES" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
else
echo " elastalert: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
fi
salt-call state.highstate salt-call state.highstate
salt-key -qya $HOSTNAME salt-key -qya $HOSTNAME
salt-call state.highstate salt-call state.highstate
node_pillar () {
# Create the node pillar
touch /tmp/$HOSTNAME.sls
echo "node:" > /tmp/$HOSTNAME.sls
echo " esaccessip: 127.0.0.1" >> /tmp/$HOSTNAME.sls
echo " esheap: $ES_HEAP_SIZE" >> /tmp/$HOSTNAME.sls
echo " esclustername: {{ grains.host }}" >> /tmp/$HOSTNAME.sls
echo " lsheap: $LS_HEAP_SIZE" >> /tmp/$HOSTNAME.sls
echo " lsaccessip: 127.0.0.1" >> /tmp/$HOSTNAME.sls
echo " ls_pipeline_workers: $CPUCORES" >> /tmp/$HOSTNAME.sls
echo " ls_pipeline_batch_size: 125" >> /tmp/$HOSTNAME.sls
echo " ls_input_threads: 1" >> /tmp/$HOSTNAME.sls
echo " ls_batch_count: 125" >> /tmp/$HOSTNAME.sls
}
} }
saltify_centos () { saltify_centos () {
@@ -189,6 +201,11 @@ whiptail_nids () {
"Suricata" "Evaluate all the things" ON 3>&1 1>&2 2>&3 ) "Suricata" "Evaluate all the things" ON 3>&1 1>&2 2>&3 )
} }
whiptail_oinkcode () {
OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your oinkcode" 10 60 XXXXXXX 3>&1 1>&2 2>&3)
}
whiptail_management_server () { whiptail_management_server () {
MASTERSRV=$(whiptail --title "Enter your Master Server IP Address" --inputbox 10 60 1.2.3.4 3>&1 1>&2 2>&3) MASTERSRV=$(whiptail --title "Enter your Master Server IP Address" --inputbox 10 60 1.2.3.4 3>&1 1>&2 2>&3)
} }
@@ -272,8 +289,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Get the code if it isn't ET Open # Get the code if it isn't ET Open
if [ $RULESETUP != 'ETOPEN' ]; then if [ $RULESETUP != 'ETOPEN' ]; then
# Get the code # Get the code
OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \ whiptail_oinkcode
"Enter your oinkcode" 10 60 XXXXXXX 3>&1 1>&2 2>&3)
fi fi