Sensoroni Module - Add Valid Configs

2025-12-06 09:12:45 +01:00 · 2019-06-10 11:16:56 -04:00
parent 6b219710b1
commit 8036c8b236
3 changed files with 46 additions and 2 deletions
--- a/salt/pcap/files/sensoroni-agent.conf
+++ b/salt/pcap/files/sensoroni-agent.conf
@@ -0,0 +1,18 @@
+{%- set MASTERIP = salt['pillar.get']('static:masterip', '') -%}
+{%- set SENSORONIKEY = salt['pillar.get']('static:sensoronikey', '') -%}
+{
+  "logFilename": "sensoroni.log",
+  "agent": {
+    "pollIntervalMs": 10000,
+    "serverUrl": "https://{{ MASTERIP }}/sensoroniagents",
+    "modules": {
+      "statickeyauth": {
+        "apiKey": "{{ SENSORONIKEY }}"
+      },
+      "stenoquery": {
+        "pcapInputPath": "/nsm/pcap",
+        "pcapOutputPath": "/nsm/pcapoutput"
+      }
+    }
+  }
+}
--- a/salt/sensoroni/files/sensoroni.conf
+++ b/salt/sensoroni/files/sensoroni.conf
@@ -1 +1,25 @@
-# Config File if Needed
+{%- set MASTERIP = salt['pillar.get']('static:masterip', '') -%}
+{%- set SENSORONIKEY = salt['pillar.get']('static:sensoronikey', '') -%}
+{
+  "logFilename": "sensoroni-server.log",
+  "server": {
+    "bindAddress": "{{ MASTERIP }}:9822",
+    "maxPacketCount": 5000,
+    "htmlDir": "html",
+    "modules": {
+      "filedatastore": {
+        "jobDir": "jobs"
+      },
+      "securityonion": {
+        "elasticsearchHost": "http://{{ MASTERIP }}:9200",
+        "elasticsearchUsername": "",
+        "elasticsearchPassword": "",
+        "elasticsearchVerifyCert": false
+      },
+      "statickeyauth": {
+        "anonymousCidr": "{{ MASTERIP }}/32",
+        "apiKey": "{{ SENSORONIKEY }}"
+      }
+    }
+  }
+}
--- a/so-setup-network.sh
+++ b/so-setup-network.sh
@@ -472,6 +472,7 @@ generate_passwords(){
  MYSQLPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
  FLEETPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
  HIVEKEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
+  SENSORONIKEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
 }

 get_filesystem_nsm(){
@@ -619,6 +620,7 @@ master_static() {
  echo "  hivepassword: hivechangeme" >> /opt/so/saltstack/pillar/static.sls
  echo "  hivekey: $HIVEKEY" >> /opt/so/saltstack/pillar/static.sls
  echo "  fleetsetup: 0" >> /opt/so/saltstack/pillar/static.sls
+  echo "  sensoronikey: $SENSORONIKEY" >> /opt/so/saltstack/pillar/static.sls
  if [[ $MASTERUPDATES == 'MASTER' ]]; then
    echo "  masterupdate: 1" >> /opt/so/saltstack/pillar/static.sls
  else