Switch to Zeek and download registry

2025-12-06 17:22:49 +01:00 · 2020-01-13 15:51:38 -05:00
parent 686282da62
commit 4d00f26c35
16 changed files with 3504 additions and 5 deletions
--- a/setup/functions.sh
+++ b/setup/functions.sh
@@ -424,7 +424,9 @@ docker_install() {
 #      if [ $INSTALLTYPE != 'EVALMODE'  ]; then
 #        docker_registry >> $SETUPLOG 2>&1
 #      fi
-      docker_registry
+      docker_registry >> $SETUPLOG 2>&1
+      echo "Seeding the registry. This can take a bit" >> $SETUPLOG 2>&1
+      docker_seed_registry >> $SETUPLOG 2>&1
      echo "Restarting Docker" >> $SETUPLOG 2>&1
      systemctl restart docker >> $SETUPLOG 2>&1
    else
@@ -433,6 +435,8 @@ docker_install() {
      apt-get update >> $SETUPLOG 2>&1
      apt-get -y install docker-ce python3-docker >> $SETUPLOG 2>&1
      docker_registry >> $SETUPLOG 2>&1
+      echo "Seeding the registry. This can take a bit" >> $SETUPLOG 2>&1
+      docker_seed_registry >> $SETUPLOG 2>&1
      echo "Restarting Docker" >> $SETUPLOG 2>&1
      systemctl restart docker >> $SETUPLOG 2>&1
    fi
@@ -452,6 +456,54 @@ docker_registry() {

 }

+docker_seed_registry() {
+  VERSION="HH1.1.4"
+  TRUSTED_CONTAINERS=( \
+  "so-auth-api:$VERSION" \
+  "so-auth-ui:$VERSION" \
+  "so-core:$VERSION" \
+  "so-thehive-cortex:$VERSION" \
+  "so-curator:$VERSION" \
+  "so-domainstats:$VERSION" \
+  "so-elastalert:$VERSION" \
+  "so-elasticsearch:$VERSION" \
+  "so-filebeat:$VERSION" \
+  "so-fleet:$VERSION" \
+  "so-fleet-launcher:$VERSION" \
+  "so-freqserver:$VERSION" \
+  "so-grafana:$VERSION" \
+  "so-idstools:$VERSION" \
+  "so-influxdb:$VERSION" \
+  "so-kibana:$VERSION" \
+  "so-logstash:$VERSION" \
+  "so-mysql:$VERSION" \
+  "so-navigator:$VERSION" \
+  "so-playbook:$VERSION" \
+  "so-redis:$VERSION" \
+  "so-sensoroni:$VERSION" \
+  "so-soctopus:$VERSION" \
+  "so-steno:$VERSION" \
+  #"so-strelka:$VERSION" \
+  "so-suricata:$VERSION" \
+  "so-telegraf:$VERSION" \
+  "so-thehive:$VERSION" \
+  "so-thehive-es:$VERSION" \
+  "so-wazuh:$VERSION" \
+  "so-zeek:$VERSION" )
+
+  for i in "${TRUSTED_CONTAINERS[@]}"
+  do
+    # Pull down the trusted docker image
+    echo "Downloading $i"
+    docker pull --disable-content-trust=false docker.io/soshybridhunter/$i
+    # Tag it with the new registry destination
+    docker tag soshybridhunter/$i $MSRV:5000/soshybridhunter/$i
+    docker push $MSRV:5000/soshybridhunter/$i
+    echo "Removing $i locally"
+    docker rmi soshybridhunter/$i
+  done
+}
+
 es_heapsize() {

  # Determine ES Heap Size
@@ -646,6 +698,7 @@ master_static() {
  touch /opt/so/saltstack/pillar/static.sls

  echo "static:" > /opt/so/saltstack/pillar/static.sls
+  echo "  soversion: 1.1.4" >> /opt/so/saltstack/pillar/static.sls
  echo "  hnmaster: $HNMASTER" >> /opt/so/saltstack/pillar/static.sls
  echo "  ntpserver: $NTPSERVER" >> /opt/so/saltstack/pillar/static.sls
  echo "  proxy: $PROXY" >> /opt/so/saltstack/pillar/static.sls