fix conflict

setup/automation/distributed-airgap-manager

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-airgap-search

@@ -21,7 +21,6 @@ ADMINPASS2=onionuser
 # ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-airgap-sensor

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-cloud-manager

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-cloud-search

@@ -21,7 +21,6 @@ ADMINPASS2=onionuser
 #ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-#GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-cloud-sensor

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-#GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-iso-manager

@@ -21,7 +21,6 @@ BASICSURI=7
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-iso-search

@@ -21,7 +21,6 @@ ADMINPASS2=onionuser
 # ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-iso-sensor

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-centos-manager

@@ -21,7 +21,6 @@ BASICSURI=7
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-centos-search

@@ -21,7 +21,6 @@ ADMINPASS2=onionuser
 # ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-centos-sensor

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-ubuntu-manager

@@ -21,7 +21,6 @@ BASICSURI=7
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-ubuntu-search

@@ -21,7 +21,6 @@ ADMINPASS2=onionuser
 # ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-ubuntu-sensor

@@ -21,7 +21,6 @@ BNICS=ens19
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-ubuntu-suricata-manager

@@ -21,7 +21,6 @@ BASICSURI=7
 ZEEKVERSION=SURICATA
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-ubuntu-suricata-search

@@ -21,7 +21,6 @@ ADMINPASS2=onionuser
 # ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/distributed-net-ubuntu-suricata-sensor

@@ -21,7 +21,6 @@ BNICS=ens19
 ZEEKVERSION=SURICATA
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/eval-airgap

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/eval-cloud

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/eval-iso

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/eval-net-centos

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/eval-net-ubuntu

@@ -21,7 +21,6 @@ BNICS=ens19
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/import-airgap

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/import-cloud

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/import-iso

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/import-net-centos

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/import-net-ubuntu

@@ -21,7 +21,6 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-airgap

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-cloud

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-iso

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-iso-logscan

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-iso-suricata

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=SURICATA
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-net-centos

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-net-centos-proxy

@@ -21,7 +21,6 @@ BNICS=eth1
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/automation/standalone-net-ubuntu

@@ -21,7 +21,6 @@ BNICS=ens19
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit

setup/so-functions

@@ -339,6 +339,33 @@ collect_hostname_validate() {
 	done
 }
 
+collect_idh_preferences() {
+	IDH_MGTRESTRICT='False'
+	whiptail_idh_preferences
+
+	if [[ "$idh_preferences" != "" ]]; then IDH_MGTRESTRICT='True'; fi
+}
+
+collect_idh_services() {
+	whiptail_idh_services
+
+	case "$IDH_SERVICES" in
+		'Linux Webserver (NAS Skin)')
+			IDH_SERVICES='"HTTP","FTP","SSH"'
+		;;
+		'MySQL Server')
+			IDH_SERVICES='"MYSQL","SSH"'
+		;;
+		'MSSQL Server')
+			IDH_SERVICES='"MSSQL","VNC'
+		;;
+		'Custom')
+			whiptail_idh_services_custom
+			IDH_SERVICES=$(echo "$IDH_SERVICES" | tr '[:blank:]' ',' )
+		;;
+	esac
+}
+
 collect_int_ip_mask() {
 	whiptail_management_interface_ip_mask
 
@@ -1207,7 +1234,8 @@ generate_passwords(){
   PLAYBOOKDBPASS=$(get_random_value)
   PLAYBOOKADMINPASS=$(get_random_value)
   PLAYBOOKAUTOMATIONPASS=$(get_random_value)
-  GRAFANAPASS=$(get_random_value)
+  INFLUXPASS=$(get_random_value)
+  INFLUXTOKEN=$(head -c 64 /dev/urandom | base64 --wrap=0)
   SENSORONIKEY=$(get_random_value)
   KRATOSKEY=$(get_random_value)
   REDISPASS=$(get_random_value)
@@ -1359,10 +1387,8 @@ manager_pillar() {
 	touch $adv_manager_pillar_file
 	title "Create the manager pillar"
 	if [[ $is_import ]]; then
-		GRAFANA=0
 		PLAYBOOK=0
 	else
-		GRAFANA=1
 		PLAYBOOK=1
 	fi
 	printf '%s\n'\
@@ -1370,7 +1396,6 @@ manager_pillar() {
 		"  proxy: '$so_proxy'"\
 		"  no_proxy: '$no_proxy_string'"\
 		"  elastalert: 1"\
-		"  grafana: $GRAFANA"\
 		"  playbook: $PLAYBOOK"\
 		"" > "$manager_pillar_file"
 }
@@ -1867,6 +1892,8 @@ drop_install_options() {
 	echo "LSHOSTNAME=$HOSTNAME" >> /opt/so/install.txt
 	echo "LSHEAP=$LS_HEAP_SIZE" >> /opt/so/install.txt
 	echo "CPUCORES=$num_cpu_cores" >> /opt/so/install.txt
+	echo "IDH_MGTRESTRICT=$IDH_MGTRESTRICT" >> /opt/so/install.txt
+	echo "IDH_SERVICES=$IDH_SERVICES" >> /opt/so/install.txt
 }
 
 remove_package() {
@@ -2033,7 +2060,8 @@ secrets_pillar(){
 		"  playbook_admin: $PLAYBOOKADMINPASS"\
 		"  playbook_automation: $PLAYBOOKAUTOMATIONPASS"\
 		"  playbook_automation_api_key: "\
-		"  grafana_admin: $GRAFANAPASS" > $local_salt_dir/pillar/secrets.sls
+		"  influx_pass: $INFLUXPASS"\
+		"  influx_token: $INFLUXTOKEN" > $local_salt_dir/pillar/secrets.sls
   fi
 }
 

setup/so-setup

@@ -453,6 +453,8 @@ if ! [[ -f $install_opt_file ]]; then
 		collect_mngr_hostname
 		add_mngr_ip_to_hosts
 		check_manager_connection
+		collect_idh_services
+	        collect_idh_preferences
 		set_minion_info
 		whiptail_end_settings
 
@@ -538,8 +540,6 @@ if ! [[ -f $install_opt_file ]]; then
 		export NODETYPE=$install_type
 		export MINION_ID=$MINION_ID
 		export ES_HEAP_SIZE=$ES_HEAP_SIZE
-		export IDHMGTRESTRICT=$IDHMGTRESTRICT
-		export idh_services=$idh_services
 		export MNIC=$MNIC
 		export NODE_DESCRIPTION=$NODE_DESCRIPTION
 		export MAINIP=$MAINIP

setup/so-whiptail

@@ -466,6 +466,58 @@ whiptail_gauge_post_setup() {
 	fi
 }
 
+ whiptail_idh_preferences() {
+
+	[ -n "$TESTING" ] && return
+
+	idh_preferences=$(whiptail --title "$whiptail_title" --radiolist \
+		"\nBy default, the IDH services selected in the previous screen will be bound to all interfaces and IP addresses on this system.\n\nIf you would like to prevent IDH services from being published on this system's management IP, you can select the option below." 20 75 5 \
+		"$MAINIP" "Disable IDH services on this management IP " OFF 3>&1 1>&2 2>&3 )
+
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+}
+
+whiptail_idh_services() {
+
+	[ -n "$TESTING" ] && return
+
+	IDH_SERVICES=$(whiptail --title "$whiptail_title" --radiolist \
+		"\nThe IDH node can mimic many different services.\n\nChoose one of the common options along with their default ports (TCP) or select the Custom option to build a customized set of services." 20 75 5 \
+		"Linux Webserver (NAS Skin)" "Apache (80), FTP (21), SSH (22)" ON \
+		"MySQL Server" "MySQL (3306), SSH (22)" OFF \
+		"MSSQL Server" "Microsoft SQL (1433), VNC (5900)" OFF \
+		"Custom" "Select a custom set of services" OFF 3>&1 1>&2 2>&3 )
+
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+}
+
+
+whiptail_idh_services_custom() {
+
+	[ -n "$TESTING" ] && return
+
+	IDH_SERVICES=$(whiptail --title "$whiptail_title" --checklist \
+		"\nThe IDH node can mimic many different services.\n\nChoose one or more of the following services along with their default ports. Some services have additional configuration options, please consult the documentation for further information." 25 75 8 \
+		"FTP" "  TCP/21,   Additional Configuration Available   " OFF \
+		"Git" "  TCP/9418                                       " OFF \
+		"HTTP" "  TCP/80,   Additional Configuration Available   " OFF \
+		"HTTPPROXY" "  TCP/8080, Additional Configuration Available   " OFF \
+		"MSSQL" "  TCP/1433                                         " OFF \
+		"MySQL" "  TCP/3306, Additional Configuration Available   " OFF \
+		"NTP" "  UDP/123                                        " OFF \
+		"REDIS" "  TCP/6379                                       " OFF \
+		"SNMP" "  UDP/161                                        " OFF \
+		"SSH" "  TCP/22,   Additional Configuration Available   " OFF \
+		"TELNET" "  TCP/23,   Additional Configuration Available   " OFF \
+		"TFTP" "  UDP/69                                         " OFF \
+		"VNC" "  TCP/5900                                         " OFF 3>&1 1>&2 2>&3 )
+
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+}
+
 whiptail_install_type() {
 
 	[ -n "$TESTING" ] && return