From 86c13fc3929ea44731a864f1a4237642649665d4 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 8 Apr 2020 16:24:15 -0400 Subject: [PATCH 1/4] fix salt telegraf module --- salt/_modules/telegraf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/_modules/telegraf.py b/salt/_modules/telegraf.py index ee564a44d..6fa33f89a 100644 --- a/salt/_modules/telegraf.py +++ b/salt/_modules/telegraf.py @@ -6,7 +6,7 @@ import socket def send(data): - mainint = __salt__['pillar.get']('node:mainint') + mainint = __salt__['pillar.get']('sensor:mainint', __salt__['pillar.get']('master:mainint')) mainip = __salt__['grains.get']('ip_interfaces').get(mainint)[0] dstport = 8094 From 40af9f871ea32c8837d33e655e0ac324d68367cc Mon Sep 17 00:00:00 2001 From: William Wernert Date: Wed, 8 Apr 2020 17:02:33 -0400 Subject: [PATCH 2/4] [fix] NetworkManager dir should not be string --- setup/so-functions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-functions b/setup/so-functions index a93812b68..021f43ed2 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -947,7 +947,7 @@ network_setup() { fi echo "... Copying 99-so-checksum-offload-disable"; - cp "$SCRIPTDIR/install_scripts/99-so-checksum-offload-disable" /etc/NetworkManager/dispatcher.d/pre-up.d/99-so-checksum-offload-disable ; + cp "$SCRIPTDIR"/install_scripts/99-so-checksum-offload-disable /etc/NetworkManager/dispatcher.d/pre-up.d/99-so-checksum-offload-disable ; echo "... Modifying 99-so-checksum-offload-disable"; sed -i "s/\$MAININT/${MAININT}/g" /etc/NetworkManager/dispatcher.d/pre-up.d/99-so-checksum-offload-disable; From 7fe25f4c9607f713ce9ae77fc1b2413e2999eeb7 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Wed, 8 Apr 2020 17:36:16 -0400 Subject: [PATCH 3/4] fix missing telegraf data for /nsm --- salt/common/telegraf/etc/telegraf.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/common/telegraf/etc/telegraf.conf b/salt/common/telegraf/etc/telegraf.conf index 5b3a9ce55..f65d826f0 100644 --- a/salt/common/telegraf/etc/telegraf.conf +++ b/salt/common/telegraf/etc/telegraf.conf @@ -498,7 +498,7 @@ [[inputs.disk]] ## By default stats will be gathered for all mount points. ## Set mount_points will restrict the stats to only the specified mount points. - mount_points = ["/","/nsm"] + mount_points = ["/", "/host/nsm"] ## Ignore mount points by filesystem type. #ignore_fs = ["tmpfs", "devtmpfs", "devfs", "overlay", "aufs", "squashfs"] From 55ae5fa9f3d2b7997a3361426d8f771249e76358 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Thu, 9 Apr 2020 10:04:18 -0400 Subject: [PATCH 4/4] so-status Fleet node --- pillar/docker/config.sls | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/pillar/docker/config.sls b/pillar/docker/config.sls index 423910b4c..a9eebaf2b 100644 --- a/pillar/docker/config.sls +++ b/pillar/docker/config.sls @@ -1,4 +1,5 @@ -{% set OSQUERY = salt['pillar.get']('master:osquery', '0') %} +{%- set FLEETMASTER = salt['pillar.get']('static:fleet_master', False) -%} +{%- set FLEETNODE = salt['pillar.get']('static:fleet_node', False) -%} {% set WAZUH = salt['pillar.get']('master:wazuh', '0') %} {% set THEHIVE = salt['pillar.get']('master:thehive', '0') %} {% set PLAYBOOK = salt['pillar.get']('master:playbook', '0') %} @@ -7,7 +8,6 @@ {% set BROVER = salt['pillar.get']('static:broversion', 'COMMUNITY') %} {% set GRAFANA = salt['pillar.get']('master:grafana', '0') %} - eval: containers: - so-core @@ -20,7 +20,7 @@ eval: - so-soc - so-kratos - so-idstools - {% if OSQUERY != '0' %} + {% if FLEETMASTER %} - so-mysql - so-fleet - so-redis @@ -100,7 +100,7 @@ master_search: - so-elastalert - so-filebeat - so-soctopus - {% if OSQUERY != '0' %} + {% if FLEETMASTER %} - so-mysql - so-fleet - so-redis @@ -143,7 +143,7 @@ master: - so-kibana - so-elastalert - so-filebeat - {% if OSQUERY != '0' %} + {% if FLEETMASTER %} - so-mysql - so-fleet - so-redis @@ -199,4 +199,13 @@ warm_node: - so-core - so-telegraf - so-elasticsearch - +fleet: + containers: + {% if FLEETNODE %} + - so-mysql + - so-fleet + - so-redis + - so-filebeat + - so-core + - so-telegraf + {% endif %} \ No newline at end of file