Merge branch 'dev' into strelkainstall

salt/common/tools/sbin/so-image-common

@@ -151,7 +151,7 @@ update_docker_containers() {
 
     # Pull down the trusted docker image
     local image=$i:$VERSION$IMAGE_TAG_SUFFIX
-    docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$image >> "$LOG_FILE" 2>&1 
+    retry 50 10 "docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$image" >> "$LOG_FILE" 2>&1 
     
     # Get signature
     retry 50 10 "curl -A '$CURLTYPE/$CURRENTVERSION/$OS/$(uname -r)' https://sigs.securityonion.net/$VERSION/$i:$VERSION$IMAGE_TAG_SUFFIX.sig --output $SIGNPATH/$image.sig" >> "$LOG_FILE" 2>&1

salt/common/tools/sbin/soup

@@ -338,12 +338,21 @@ up_2.3.2X_to_2.3.30() {
   # Replace any curly brace scalars with the same scalar in single quotes
   readarray -t minion_pillars <<< "$(find /opt/so/saltstack/local/pillar/minions -type f -name '*.sls')"
   for pillar in "${minion_pillars[@]}"; do
-    sed -i -r "s/ (\{\{.*}})$/ '\1'/g" "$pillar" 
+    sed -i -r "s/ (\{\{.*}})$/ '\1'/g" "$pillar"
   done
 
-  # Change the IMAGEREPO
+# Change the IMAGEREPO
   sed -i "/  imagerepo: 'securityonion'/c\  imagerepo: 'security-onion-solutions'" /opt/so/saltstack/local/pillar/global.sls
   sed -i "/  imagerepo: securityonion/c\  imagerepo: 'security-onion-solutions'" /opt/so/saltstack/local/pillar/global.sls 
+
+# Strelka rule repo pillar addition
+  if [ $is_airgap -eq 0 ]; then
+      # Add manager as default Strelka YARA rule repo
+      sed -i "/^strelka:/a \\  repos: \n    - https://$HOSTNAME/repo/rules/strelka" /opt/so/saltstack/local/pillar/global.sls;
+  else
+      # Add Github repo for Strelka YARA rules
+      sed -i "/^strelka:/a \\  repos: \n    - https://github.com/Neo23x0/signature-base" /opt/so/saltstack/local/pillar/global.sls;
+  fi
 }
 
 space_check() {

salt/docker_clean/init.sls

@@ -3,7 +3,7 @@
 
 {% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
 {% set MANAGER = salt['grains.get']('master') %}
-{% set OLDVERSIONS = ['2.0.0-rc.1','2.0.1-rc.1','2.0.2-rc.1','2.0.3-rc.1','2.1.0-rc.2','2.2.0-rc.3','2.3.0','2.3.1','2.3.2']%}
+{% set OLDVERSIONS = ['2.0.0-rc.1','2.0.1-rc.1','2.0.2-rc.1','2.0.3-rc.1','2.1.0-rc.2','2.2.0-rc.3','2.3.0','2.3.1','2.3.2','2.3.10','2.3.20']%}
 
 {% for VERSION in OLDVERSIONS %}
 remove_images_{{ VERSION }}:
@@ -88,4 +88,4 @@ remove_images_{{ VERSION }}:
   test.fail_without_changes:
     - name: {{sls}}_state_not_allowed
 
-{% endif %}
+{% endif %}

salt/salt/minion.sls

@@ -23,6 +23,15 @@ salt_minion_package:
     - hold: True
     - onlyif: test "{{INSTALLEDSALTVERSION}}" == "{{SALTVERSION}}"
 
+set_log_levels:
+  file.append:
+    - name: /etc/salt/minion
+    - text:
+      - "log_level: info"
+      - "log_level_logfile: info"
+    - listen_in:
+      - service: salt_minion_service
+
 salt_minion_service:
   service.running:
     - name: salt-minion

setup/so-functions

@@ -2306,6 +2306,9 @@ set_default_log_size() {
 	if [ -d /nsm ]; then
 		disk_dir="/nsm"
 	fi
+	if [ -d /nsm/elasticsearch ]; then
+		disk_dir="/nsm/elasticsearch"
+	fi
 	local disk_size_1k
 	disk_size_1k=$(df $disk_dir | grep -v "^Filesystem" | awk '{print $2}')