CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Sensoroni Module - Add Valid Configs

Browse Source
This commit is contained in:
Mike Reeves
2019-06-10 11:16:56 -04:00
parent 6b219710b1
commit 8036c8b236
3 changed files with 46 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
salt/pcap/files/sensoroni-agent.conf Normal file
View File

@@ -0,0 +1,18 @@
{%- set MASTERIP = salt['pillar.get']('static:masterip', '') -%}
{%- set SENSORONIKEY = salt['pillar.get']('static:sensoronikey', '') -%}
{
"logFilename": "sensoroni.log",
"agent": {
"pollIntervalMs": 10000,
"serverUrl": "https://{{ MASTERIP }}/sensoroniagents",
"modules": {
"statickeyauth": {
"apiKey": "{{ SENSORONIKEY }}"
},
"stenoquery": {
"pcapInputPath": "/nsm/pcap",
"pcapOutputPath": "/nsm/pcapoutput"
}
}
}
}

26
salt/sensoroni/files/sensoroni.conf
View File

@@ -1 +1,25 @@
# Config File if Needed {%- set MASTERIP = salt['pillar.get']('static:masterip', '') -%}
{%- set SENSORONIKEY = salt['pillar.get']('static:sensoronikey', '') -%}
{
"logFilename": "sensoroni-server.log",
"server": {
"bindAddress": "{{ MASTERIP }}:9822",
"maxPacketCount": 5000,
"htmlDir": "html",
"modules": {
"filedatastore": {
"jobDir": "jobs"
},
"securityonion": {
"elasticsearchHost": "http://{{ MASTERIP }}:9200",
"elasticsearchUsername": "",
"elasticsearchPassword": "",
"elasticsearchVerifyCert": false
},
"statickeyauth": {
"anonymousCidr": "{{ MASTERIP }}/32",
"apiKey": "{{ SENSORONIKEY }}"
}
}
}
}

2
so-setup-network.sh
View File

@@ -472,6 +472,7 @@ generate_passwords(){
MYSQLPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) MYSQLPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
FLEETPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) FLEETPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
HIVEKEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) HIVEKEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
SENSORONIKEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
} }
get_filesystem_nsm(){ get_filesystem_nsm(){
@@ -619,6 +620,7 @@ master_static() {
echo " hivepassword: hivechangeme" >> /opt/so/saltstack/pillar/static.sls echo " hivepassword: hivechangeme" >> /opt/so/saltstack/pillar/static.sls
echo " hivekey: $HIVEKEY" >> /opt/so/saltstack/pillar/static.sls echo " hivekey: $HIVEKEY" >> /opt/so/saltstack/pillar/static.sls
echo " fleetsetup: 0" >> /opt/so/saltstack/pillar/static.sls echo " fleetsetup: 0" >> /opt/so/saltstack/pillar/static.sls
echo " sensoronikey: $SENSORONIKEY" >> /opt/so/saltstack/pillar/static.sls
if [[ $MASTERUPDATES == 'MASTER' ]]; then if [[ $MASTERUPDATES == 'MASTER' ]]; then
echo " masterupdate: 1" >> /opt/so/saltstack/pillar/static.sls echo " masterupdate: 1" >> /opt/so/saltstack/pillar/static.sls
else else