CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into kilo

Browse Source
This commit is contained in:
Jason Ertel
2021-09-07 10:49:08 -04:00
parent 94ea1f856b a2fd8ae200
commit 72cff7ec7a
3 changed files with 25 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
salt/common/tools/sbin/soup
View File

@@ -289,25 +289,31 @@ check_os_updates() {
OSUPDATES=$(yum -q list updates | wc -l) OSUPDATES=$(yum -q list updates | wc -l)
fi fi
if [[ "$OSUPDATES" -gt 0 ]]; then if [[ "$OSUPDATES" -gt 0 ]]; then
echo $NEEDUPDATES if [[ -z $UNATTENDED ]]; then
echo "" echo "$NEEDUPDATES"
read -p "Press U to update OS packages (recommended), C to continue without updates, or E to exit: " confirm echo ""
read -rp "Press U to update OS packages (recommended), C to continue without updates, or E to exit: " confirm
if [[ "$confirm" == [cC] ]]; then if [[ "$confirm" == [cC] ]]; then
echo "Continuing without updating packages" echo "Continuing without updating packages"
elif [[ "$confirm" == [uU] ]]; then elif [[ "$confirm" == [uU] ]]; then
echo "Applying Grid Updates" echo "Applying Grid Updates"
set +e update_flag=true
run_check_net_err "salt '*' -b 5 state.apply patch.os queue=True" 'Could not apply OS updates, please check your network connection.' else
set -e
else
echo "Exiting soup" echo "Exiting soup"
exit 0 exit 0
fi
else
update_flag=true
fi fi
else else
echo "Looks like you have an updated OS" echo "Looks like you have an updated OS"
fi
if [[ $update_flag == true ]]; then
set +e
run_check_net_err "salt '*' -b 5 state.apply patch.os queue=True" 'Could not apply OS updates, please check your network connection.'
set -e
fi fi
} }
clean_dockers() { clean_dockers() {
@@ -787,7 +793,7 @@ main() {
echo "" echo ""
check_airgap check_airgap
if [[ $is_airgap -eq 0 && $UNATTENDED == true && -z $ISOLOC ]]; then if [[ $is_airgap -eq 0 && $UNATTENDED == true && -z $ISOLOC ]]; then
echo "Missing file argument for unattended airgap upgrade." echo "Missing file argument (-f <FILENAME>) for unattended airgap upgrade."
exit 0 exit 0
fi fi
echo "Checking to see if this is a manager." echo "Checking to see if this is a manager."

2
salt/elasticsearch/templates/so/so-common-template.json
View File

@@ -8,6 +8,8 @@
"index.refresh_interval":"30s", "index.refresh_interval":"30s",
"index.routing.allocation.require.box_type":"hot", "index.routing.allocation.require.box_type":"hot",
"index.mapping.total_fields.limit": "1500", "index.mapping.total_fields.limit": "1500",
"index.sort.field": "@timestamp",
"index.sort.order": "desc",
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {

6
salt/pcap/files/config
View File

@@ -1,11 +1,13 @@
{%- set interface = salt['pillar.get']('sensor:interface', 'bond0') %} {%- set interface = salt['pillar.get']('sensor:interface', 'bond0') %}
{%- set diskfreepercentage = salt['pillar.get']('steno:diskfreepercentage', 10) %} {%- set diskfreepercentage = salt['pillar.get']('steno:diskfreepercentage', 10) %}
{%- set maxfiles = salt['pillar.get']('steno:maxfiles', 30000) %}
{ {
"Threads": [ "Threads": [
{ "PacketsDirectory": "/nsm/pcap" { "PacketsDirectory": "/nsm/pcap"
, "IndexDirectory": "/nsm/pcapindex" , "IndexDirectory": "/nsm/pcapindex"
, "MaxDirectoryFiles": 30000 , "MaxDirectoryFiles": {{ maxfiles }}
, "DiskFreePercentage": {{ diskfreepercentage }} , "DiskFreePercentage": {{ diskfreepercentage }}
} }
] ]
@@ -15,4 +17,4 @@
, "Host": "127.0.0.1" , "Host": "127.0.0.1"
, "Flags": ["-v", "--uid=stenographer", "--gid=stenographer"{{ BPF_COMPILED }}] , "Flags": ["-v", "--uid=stenographer", "--gid=stenographer"{{ BPF_COMPILED }}]
, "CertPath": "/etc/stenographer/certs" , "CertPath": "/etc/stenographer/certs"
} }