diff --git a/setup/so-functions b/setup/so-functions index be3113485..53e475b71 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -169,6 +169,13 @@ calculate_useable_cores() { export lb_procs } +catch() { + info "Fatal error occurred at $1 in so-setup, failing setup." + grep --color=never "ERROR" "$setup_log" > "$error_log" + whiptail_setup_failed + exit 1 +} + check_admin_pass() { check_pass_match "$ADMINPASS1" "$ADMINPASS2" "APMATCH" } @@ -1780,13 +1787,14 @@ manager_global() { " rules: 1" >> "$global_pillar" if [[ $is_airgap ]]; then printf '%s\n'\ - " repos:"\'$PATCHSCHEDULENAME' + " repos: '$PATCHSCHEDULENAME'"\ " - 'https://$HOSTNAME/repo/rules/strelka'" >> "$global_pillar" else printf '%s\n'\ " repos:"\ " - 'https://github.com/Neo23x0/signature-base'" >> "$global_pillar" fi + printf '%s\n'\ "curator:"\ " hot_warm: False"\ @@ -1806,7 +1814,7 @@ manager_global() { printf '%s\n'\ " replicas: 0"\ - " discovery_nodes: 1"\'$PATCHSCHEDULENAME' + " discovery_nodes: 1"\ " hot_warm_enabled: False"\ " cluster_routing_allocation_disk.threshold_enabled: true"\ " cluster_routing_allocation_disk_watermark_low: '95%'"\ @@ -1826,7 +1834,8 @@ manager_global() { " index_template:"\ " template:"\ " settings:"\ - " index:"\'$PATCHSCHEDULENAME' + " index:"\ + " number_of_shards: 1"\ " warm: 7"\ " close: 30"\ " delete: 365"\ @@ -2058,6 +2067,16 @@ print_salt_state_apply() { echo "Applying $state Salt state" } +progress() { + local msg=${1:-'Please wait while installing...'} + + if [ $automated == no ]; then + whiptail --title "$whiptail_title" --gauge "$msg" 6 70 0 # append to text + else + cat >> $setup_log 2>&1 + fi +} + proxy_validate() { echo "Testing proxy..." local test_url="https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS" diff --git a/setup/so-setup b/setup/so-setup index cef614112..9598a566a 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -99,6 +99,9 @@ if [[ $is_analyst ]]; then exit 0 + # If you got this far then you want to join the grid + is_minion=true + fi @@ -128,23 +131,9 @@ fi # Set up handler for setup to exit early (use `kill -SIGUSR1 "$setup_proc"; exit 1` in child scripts) trap 'catch $LINENO' SIGUSR1 setup_proc="$$" -catch() { - info "Fatal error occurred at $1 in so-setup, failing setup." - grep --color=never "ERROR" "$setup_log" > "$error_log" - whiptail_setup_failed - exit 1 -} - +catch automated=no -progress() { - local msg=${1:-'Please wait while installing...'} - - if [ $automated == no ]; then - whiptail --title "$whiptail_title" --gauge "$msg" 6 70 0 # append to text - else - cat >> $setup_log 2>&1 - fi -} +progress if [[ -f automation/$automation && $(basename $automation) == $automation ]]; then echo "Preselecting variable values based on automated setup: $automation" >> $setup_log 2>&1 @@ -178,11 +167,11 @@ if [[ -f automation/$automation && $(basename $automation) == $automation ]]; th fi case "$setup_type" in - iso | network) # Accepted values + iso | network | analyst) # Accepted values echo "Beginning Security Onion $setup_type install" >> $setup_log 2>&1 ;; *) - echo "Invalid install type, must be 'iso' or 'network'" | tee -a $setup_log + echo "Invalid install type, must be 'iso', 'network' or 'analyst'." | tee -a $setup_log exit 1 ;; esac @@ -291,7 +280,7 @@ elif [ "$install_type" = 'RECEIVER' ]; then is_receiver=true elif [ "$install_type" = 'ANALYST' ]; then cd .. || exit 255 - exec bash so-analyst-install + exec bash so-setup analyst fi if [[ $is_manager || $is_import ]]; then @@ -311,7 +300,7 @@ if ! [[ -f $install_opt_file ]]; then check_requirements "dist" "idh" elif [[ $is_sensor && ! $is_eval ]]; then check_requirements "dist" "sensor" - elif [[ $is_distmanager || $is_minion ]] && [[ ! $is_import ]]; then + elif [[ $is_distmanager || $is_minion ]] && [[ ! ( $is_import || $is_analyst ) ]]; then check_requirements "dist" elif [[ $is_import ]]; then check_requirements "import" @@ -342,9 +331,6 @@ if ! [[ -f $install_opt_file ]]; then if [[ $is_minion ]]; then collect_mngr_hostname add_mngr_ip_to_hosts - fi - - if [[ $is_minion ]]; then whiptail_ssh_key_copy_notice copy_ssh_key >> $setup_log 2>&1 fi @@ -355,7 +341,7 @@ if ! [[ -f $install_opt_file ]]; then if [[ "$INTERWEBS" == 'AIRGAP' ]]; then is_airgap=true fi - elif [[ $is_minion && $is_iso ]]; then + elif [[ $is_minion && ( $is_iso || $is_analyst ) ]]; then $sshcmd -i /root/.ssh/so.key soremote@"$MSRV" [[ -f /etc/yum.repos.d/airgap_repo.repo ]] >> $setup_log 2>&1 airgap_check=$? [[ $airgap_check == 0 ]] && is_airgap=true >> $setup_log 2>&1 @@ -584,7 +570,7 @@ if [[ $is_sensor && ! $is_eval ]]; then fi fi -[[ $is_iso ]] && collect_ntp_servers +[[ ( $is_iso || $is_analyst ) ]] && collect_ntp_servers if [[ ($is_node || $is_receiver) && ! $is_eval ]]; then whiptail_node_advanced diff --git a/setup/so-whiptail b/setup/so-whiptail index d5c0aafef..36d4493d8 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -39,9 +39,9 @@ whiptail_analyst_install() { read -r -d '' message <<- EOM - Welcome to the Security Onion Anaylst Workstation install! + Welcome to the Security Onion Analyst Workstation install! - You can choose to use join this workstation to an existing grid for managemnt or make it standalone. + You can choose to join this workstation to an existing grid for managemnt or make it standalone. EOM whiptail --title "$whiptail_title" \