Merge pull request #13798 from Security-Onion-Solutions/jertel/hfm2

main to dev
2025-12-06 09:12:45 +01:00 · 2024-10-10 11:33:39 -04:00
parent 2381260a55 ec7fa5e24a
commit 7a1edb3833
5 changed files with 32 additions and 12 deletions
--- a/DOWNLOAD_AND_VERIFY_ISO.md
+++ b/DOWNLOAD_AND_VERIFY_ISO.md
@@ -1,17 +1,17 @@
-### 2.4.110-20241004 ISO image released on 2024/10/07
+### 2.4.110-20241010 ISO image released on 2024/10/10


 ### Download and Verify

-2.4.110-20241004 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241004.iso
+2.4.110-20241010 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241010.iso
 
-MD5: 1641E4AFD65DB1C218BFAD22E33909C6  
-SHA1: 131E1115F7CA76302F72625CD80A212B91608114  
-SHA256: 8598EB03E52B332EF5445520445AD205C68A99BC030F8497F6EBDE1249B8B576  
+MD5: A8003DEBC4510D538F06238D9DBB86C0  
+SHA1: 441DE90A192C8FE8BEBAB9ACE1A3CC18F71A2B1F  
+SHA256: B087A0D12FC2CA3CCD02BD52E52421F4F60DC09BF826337A057E05A04D114CCE  

 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241004.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241010.iso.sig

 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS  
@@ -25,22 +25,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.

 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241004.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.110-20241010.iso.sig
 ```

 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241004.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.4.110-20241010.iso
 ```

 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.4.110-20241004.iso.sig securityonion-2.4.110-20241004.iso
+gpg --verify securityonion-2.4.110-20241010.iso.sig securityonion-2.4.110-20241010.iso
 ```

 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Sat 05 Oct 2024 09:31:57 AM EDT using RSA key ID FE507013
+gpg: Signature made Thu 10 Oct 2024 07:05:30 AM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-common
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-common
@@ -102,6 +102,14 @@ elastic_fleet_package_is_installed() {
    curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET -H 'kbn-xsrf: true' "localhost:5601/api/fleet/epm/packages/$PACKAGE" | jq -r '.item.status'
 }

+elastic_fleet_agent_policy_ids() {
+    curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].id
+    if [ $? -ne 0 ]; then
+        echo "Error: Failed to retrieve agent policies."
+        exit 1
+    fi
+}
+
 elastic_fleet_agent_policy_names() {
    curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/agent_policies" | jq -r .items[].name
    if [ $? -ne 0 ]; then
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade
@@ -13,7 +13,7 @@ if [ $? -ne 0 ]; then
 fi

 IFS=$'\n'
-agent_policies=$(elastic_fleet_agent_policy_names)
+agent_policies=$(elastic_fleet_agent_policy_ids)
 if [ $? -ne 0 ]; then
    echo "Error: Failed to retrieve agent policies."
    exit 1
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -402,6 +402,7 @@ preupgrade_changes() {
    [[ "$INSTALLEDVERSION" == 2.4.70 ]] && up_to_2.4.80
    [[ "$INSTALLEDVERSION" == 2.4.80 ]] && up_to_2.4.90
    [[ "$INSTALLEDVERSION" == 2.4.90 ]] && up_to_2.4.100
+    [[ "$INSTALLEDVERSION" == 2.4.100 ]] && up_to_2.4.110
    true
 }

@@ -422,6 +423,7 @@ postupgrade_changes() {
    [[ "$POSTVERSION"  == 2.4.70 ]] && post_to_2.4.80
    [[ "$POSTVERSION"  == 2.4.80 ]] && post_to_2.4.90
    [[ "$POSTVERSION"  == 2.4.90 ]] && post_to_2.4.100
+    [[ "$POSTVERSION"  == 2.4.100 ]] && post_to_2.4.110
    true
 }

@@ -509,6 +511,11 @@ post_to_2.4.100() {
  POSTVERSION=2.4.100
 }

+post_to_2.4.110() {
+  echo "Nothing to apply"
+  POSTVERSION=2.4.110
+}
+
 repo_sync() {
  echo "Sync the local repo."
  su socore -c '/usr/sbin/so-repo-sync' || fail "Unable to complete so-repo-sync."
@@ -691,6 +698,11 @@ up_to_2.4.100() {
  determine_elastic_agent_upgrade
  INSTALLEDVERSION=2.4.100
 }
+up_to_2.4.110() {
+  echo "Nothing to do for 2.4.110"
+
+  INSTALLEDVERSION=2.4.110
+}

 add_detection_test_pillars() {
  if [[ -n "$SOUP_INTERNAL_TESTING" ]]; then
--- a/sigs/securityonion-2.4.110-20241010.iso.sig
+++ b/sigs/securityonion-2.4.110-20241010.iso.sig