Add telegraf script to import featuresdetected

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>

salt/common/tools/sbin/so-common-status-check

@@ -80,7 +80,7 @@ def check_features():
     fips = check_for_fips()
     luks = check_for_luks()
     with open('/opt/so/log/sostatus/features-check.log', 'w') as f:
-       f.write("featuresdetected: fips={},luks={}".format(fips,luks))
+       f.write("featuresdetected fips={},luks={}".format(fips,luks))
 
 def fail(msg):
   print(msg, file=sys.stderr)

salt/telegraf/defaults.yaml

@@ -36,6 +36,7 @@ telegraf:
       - suriloss.sh
       - zeekcaptureloss.sh
       - zeekloss.sh
+      - features.sh
     manager:
       - influxdbsize.sh
       - lasthighstate.sh
@@ -43,6 +44,7 @@ telegraf:
       - raid.sh
       - redis.sh
       - sostatus.sh
+      - features.sh
     managersearch:
       - eps.sh
       - influxdbsize.sh
@@ -51,6 +53,7 @@ telegraf:
       - raid.sh
       - redis.sh
       - sostatus.sh
+      - features.sh
     import:
       - influxdbsize.sh
       - lasthighstate.sh
@@ -67,6 +70,7 @@ telegraf:
       - suriloss.sh
       - zeekcaptureloss.sh
       - zeekloss.sh
+      - features.sh
     heavynode:
       - checkfiles.sh
       - eps.sh
@@ -90,6 +94,7 @@ telegraf:
       - os.sh
       - raid.sh
       - sostatus.sh
+      - features.sh
     receiver:
       - eps.sh
       - lasthighstate.sh

salt/telegraf/scripts/features.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+#
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then
+
+    cat /var/log/sostatus/features-check.log
+
+fi
+
+exit 0