CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

single quote inputs to yaml files

Browse Source
This commit is contained in:
m0duspwnens
2020-09-29 13:59:16 -04:00
parent ebe00822f8
commit 547c3ff52c
1 changed files with 61 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
setup/so-functions
View File

@@ -396,17 +396,17 @@ configure_minion() {
local minion_config=/etc/salt/minion local minion_config=/etc/salt/minion
echo "id: $MINION_ID" > "$minion_config" echo "id: '$MINION_ID'" > "$minion_config"
case "$minion_type" in case "$minion_type" in
'helix') 'helix')
echo "master: $HOSTNAME" >> "$minion_config" echo "master: '$HOSTNAME'" >> "$minion_config"
;; ;;
'manager' | 'eval' | 'managersearch' | 'standalone' | 'import') 'manager' | 'eval' | 'managersearch' | 'standalone' | 'import')
printf '%s\n'\ printf '%s\n'\
"master: $HOSTNAME"\ "master: '$HOSTNAME'"\
"mysql.host: '$MAINIP'"\ "mysql.host: '$MAINIP'"\
"mysql.port: 3306"\ "mysql.port: '3306'"\
"mysql.user: 'root'" >> "$minion_config" "mysql.user: 'root'" >> "$minion_config"
if [ ! -f $local_salt_dir/pillar/secrets.sls ]; then if [ ! -f $local_salt_dir/pillar/secrets.sls ]; then
echo "mysql.pass: '$MYSQLPASS'" >> "$minion_config" echo "mysql.pass: '$MYSQLPASS'" >> "$minion_config"
@@ -416,7 +416,7 @@ configure_minion() {
fi fi
;; ;;
*) *)
echo "master: $MSRV" >> "$minion_config" echo "master: '$MSRV'" >> "$minion_config"
;; ;;
esac esac
@@ -939,7 +939,7 @@ fireeye_pillar() {
printf '%s\n'\ printf '%s\n'\
"fireeye:"\ "fireeye:"\
" helix:"\ " helix:"\
" api_key: $HELIXAPIKEY" " api_key: '$HELIXAPIKEY'"
"" > "$fireeye_pillar_path"/init.sls "" > "$fireeye_pillar_path"/init.sls
} }
@@ -965,8 +965,8 @@ fleet_pillar() {
# Create the fleet pillar # Create the fleet pillar
printf '%s\n'\ printf '%s\n'\
"fleet:"\ "fleet:"\
" mainip: $MAINIP"\ " mainip: '$MAINIP'"\
" manager: $MSRV"\ " manager: '$MSRV'"\
"" > "$pillar_file" "" > "$pillar_file"
} }
@@ -1062,10 +1062,10 @@ manager_pillar() {
# Create the manager pillar # Create the manager pillar
printf '%s\n'\ printf '%s\n'\
"manager:"\ "manager:"\
" mainip: $MAINIP"\ " mainip: '$MAINIP'"\
" mainint: $MNIC"\ " mainint: '$MNIC'"\
" esheap: $ES_HEAP_SIZE"\ " esheap: '$ES_HEAP_SIZE'"\
" esclustername: {{ grains.host }}"\ " esclustername: '{{ grains.host }}'"\
" freq: 0"\ " freq: 0"\
" domainstats: 0" >> "$pillar_file" " domainstats: 0" >> "$pillar_file"
@@ -1086,14 +1086,14 @@ manager_pillar() {
" playbook: $PLAYBOOK"\ " playbook: $PLAYBOOK"\
""\ ""\
"elasticsearch:"\ "elasticsearch:"\
" mainip: $MAINIP"\ " mainip: '$MAINIP'"\
" mainint: $MNIC"\ " mainint: '$MNIC'"\
" esheap: $NODE_ES_HEAP_SIZE"\ " esheap: $NODE_ES_HEAP_SIZE"\
" esclustername: {{ grains.host }}"\ " esclustername: '{{ grains.host }}'"\
" node_type: $NODETYPE"\ " node_type: '$NODETYPE'"\
" es_port: $node_es_port"\ " es_port: $node_es_port"\
" log_size_limit: $log_size_limit"\ " log_size_limit: $log_size_limit"\
" node_route_type: hot"\ " node_route_type: 'hot'"\
""\ ""\
"logstash_settings:"\ "logstash_settings:"\
" ls_pipeline_batch_size: 125"\ " ls_pipeline_batch_size: 125"\
@@ -1104,8 +1104,8 @@ manager_pillar() {
""\ ""\
"idstools:"\ "idstools:"\
" config:"\ " config:"\
" ruleset: $RULESETUP"\ " ruleset: '$RULESETUP'"\
" oinkcode: $OINKCODE"\ " oinkcode: '$OINKCODE'"\
" urls:"\ " urls:"\
" sids:"\ " sids:"\
" enabled:"\ " enabled:"\
@@ -1116,7 +1116,7 @@ manager_pillar() {
printf '%s\n'\ printf '%s\n'\
" kratoskey: $KRATOSKEY"\ " kratoskey: '$KRATOSKEY'"\
"" >> "$pillar_file" "" >> "$pillar_file"
} }
@@ -1134,14 +1134,14 @@ manager_global() {
# Create a global file for global values # Create a global file for global values
printf '%s\n'\ printf '%s\n'\
"global:"\ "global:"\
" soversion: $SOVERSION"\ " soversion: '$SOVERSION'"\
" hnmanager: $HNMANAGER"\ " hnmanager: '$HNMANAGER'"\
" ntpserver: $NTPSERVER"\ " ntpserver: '$NTPSERVER'"\
" proxy: $PROXY"\ " proxy: '$PROXY'"\
" mdengine: $ZEEKVERSION"\ " mdengine: '$ZEEKVERSION'"\
" ids: $NIDS"\ " ids: '$NIDS'"\
" url_base: $REDIRECTIT"\ " url_base: '$REDIRECTIT'"\
" managerip: $MAINIP" > "$global_pillar" " managerip: '$MAINIP'" > "$global_pillar"
if [[ $is_airgap ]]; then if [[ $is_airgap ]]; then
printf '%s\n'\ printf '%s\n'\
@@ -1154,17 +1154,17 @@ manager_global() {
# Check if TheHive is enabled. If so, add creds and other details # Check if TheHive is enabled. If so, add creds and other details
if [[ "$THEHIVE" == "1" ]]; then if [[ "$THEHIVE" == "1" ]]; then
printf '%s\n'\ printf '%s\n'\
" hiveuser: $WEBUSER"\ " hiveuser: '$WEBUSER'"\
" hivepassword: '$WEBPASSWD1'"\ " hivepassword: '$WEBPASSWD1'"\
" hivekey: $HIVEKEY"\ " hivekey: '$HIVEKEY'"\
" hiveplaysecret: $HIVEPLAYSECRET"\ " hiveplaysecret: '$HIVEPLAYSECRET'"\
" cortexuser: $WEBUSER"\ " cortexuser: '$WEBUSER'"\
" cortexpassword: '$WEBPASSWD1'"\ " cortexpassword: '$WEBPASSWD1'"\
" cortexkey: $CORTEXKEY"\ " cortexkey: '$CORTEXKEY'"\
" cortexorgname: SecurityOnion"\ " cortexorgname: 'SecurityOnion'"\
" cortexorguser: soadmin"\ " cortexorguser: 'soadmin'"\
" cortexorguserkey: $CORTEXORGUSERKEY"\ " cortexorguserkey: '$CORTEXORGUSERKEY'"\
" cortexplaysecret: $CORTEXPLAYSECRET" >> "$global_pillar" " cortexplaysecret: '$CORTEXPLAYSECRET'" >> "$global_pillar"
fi fi
# Continue adding other details # Continue adding other details
@@ -1172,15 +1172,15 @@ manager_global() {
" fleet_custom_hostname: "\ " fleet_custom_hostname: "\
" fleet_manager: False"\ " fleet_manager: False"\
" fleet_node: False"\ " fleet_node: False"\
" fleet_packages-timestamp: N/A"\ " fleet_packages-timestamp: 'N/A'"\
" fleet_packages-version: 1"\ " fleet_packages-version: 1"\
" fleet_hostname: N/A"\ " fleet_hostname: 'N/A'"\
" fleet_ip: N/A"\ " fleet_ip: 'N/A'"\
" sensoronikey: $SENSORONIKEY"\ " sensoronikey: '$SENSORONIKEY'"\
" wazuh: $WAZUH"\ " wazuh: $WAZUH"\
" managerupdate: $MANAGERUPDATES"\ " managerupdate: $MANAGERUPDATES"\
" imagerepo: $IMAGEREPO"\ " imagerepo: '$IMAGEREPO'"\
" pipeline: redis"\ " pipeline: 'redis'"\
"pcap:"\ "pcap:"\
" sensor_checkin_interval_ms: $SENSOR_CHECKIN_INTERVAL_MS"\ " sensor_checkin_interval_ms: $SENSOR_CHECKIN_INTERVAL_MS"\
"strelka:"\ "strelka:"\
@@ -1193,13 +1193,13 @@ manager_global() {
"elasticsearch:"\ "elasticsearch:"\
" replicas: 0"\ " replicas: 0"\
" true_cluster: False"\ " true_cluster: False"\
" true_cluster_name: so"\ " true_cluster_name: 'so'"\
" discovery_nodes: 1"\ " discovery_nodes: 1"\
" hot_warm_enabled: False"\ " hot_warm_enabled: False"\
" cluster_routing_allocation_disk.threshold_enabled: true"\ " cluster_routing_allocation_disk.threshold_enabled: true"\
" cluster_routing_allocation_disk_watermark_low: 95%"\ " cluster_routing_allocation_disk_watermark_low: '95%'"\
" cluster_routing_allocation_disk_watermark_high: 98%"\ " cluster_routing_allocation_disk_watermark_high: '98%'"\
" cluster_routing_allocation_disk_watermark_flood_stage: 98%"\ " cluster_routing_allocation_disk_watermark_flood_stage: '98%'"\
" index_settings:"\ " index_settings:"\
" so-beats:"\ " so-beats:"\
" shards: 1"\ " shards: 1"\
@@ -1258,7 +1258,7 @@ manager_global() {
" size_file: 2048"\ " size_file: 2048"\
" time_file: 1"\ " time_file: 1"\
" upload_queue_size: 4"\ " upload_queue_size: 4"\
" encoding: gzip"\ " encoding: 'gzip'"\
" interval: 5"\ " interval: 5"\
"backup:"\ "backup:"\
" locations:"\ " locations:"\
@@ -1306,14 +1306,14 @@ elasticsearch_pillar() {
# Create the node pillar # Create the node pillar
printf '%s\n'\ printf '%s\n'\
"elasticsearch:"\ "elasticsearch:"\
" mainip: $MAINIP"\ " mainip: '$MAINIP'"\
" mainint: $MNIC"\ " mainint: '$MNIC'"\
" esheap: $NODE_ES_HEAP_SIZE"\ " esheap: $NODE_ES_HEAP_SIZE"\
" esclustername: {{ grains.host }}"\ " esclustername: '{{ grains.host }}'"\
" node_type: $NODETYPE"\ " node_type: '$NODETYPE'"\
" es_port: $node_es_port"\ " es_port: $node_es_port"\
" log_size_limit: $log_size_limit"\ " log_size_limit: $log_size_limit"\
" node_route_type: hot"\ " node_route_type: 'hot'"\
"" >> "$pillar_file" "" >> "$pillar_file"
printf '%s\n'\ printf '%s\n'\
@@ -1338,7 +1338,7 @@ patch_pillar() {
printf '%s\n'\ printf '%s\n'\
"patch:"\ "patch:"\
" os:"\ " os:"\
" schedule_name: $PATCHSCHEDULENAME"\ " schedule_name: '$PATCHSCHEDULENAME'"\
" enabled: True"\ " enabled: True"\
" splay: 300"\ " splay: 300"\
"" >> "$pillar_file" "" >> "$pillar_file"
@@ -1707,9 +1707,9 @@ sensor_pillar() {
# Create the sensor pillar # Create the sensor pillar
printf '%s\n'\ printf '%s\n'\
"sensor:"\ "sensor:"\
" interface: $INTERFACE"\ " interface: '$INTERFACE'"\
" mainip: $MAINIP"\ " mainip: '$MAINIP'"\
" mainint: $MNIC" >> "$pillar_file" " mainint: '$MNIC'" >> "$pillar_file"
if [ "$NSMSETUP" = 'ADVANCED' ]; then if [ "$NSMSETUP" = 'ADVANCED' ]; then
echo " zeek_pins:" >> "$pillar_file" echo " zeek_pins:" >> "$pillar_file"
@@ -1730,7 +1730,7 @@ sensor_pillar() {
echo " suriprocs: $BASICSURI" >> "$pillar_file" echo " suriprocs: $BASICSURI" >> "$pillar_file"
fi fi
printf '%s\n'\ printf '%s\n'\
" manager: $MSRV"\ " manager: '$MSRV'"\
" mtu: $MTU"\ " mtu: $MTU"\
" uniqueid: $(date '+%s')" >> "$pillar_file" " uniqueid: $(date '+%s')" >> "$pillar_file"
if [ "$HNSENSOR" != 'inherit' ]; then if [ "$HNSENSOR" != 'inherit' ]; then