CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Elastic Fleet wrapper

Browse Source
This commit is contained in:
Josh Brower
2022-09-09 15:05:31 -04:00
parent f00aafdfb2
commit 921d644a0b
3 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
salt/elastic-fleet/init.sls
View File

@@ -15,17 +15,12 @@ elasticfleetdir:
- name: /opt/so/conf/elastic-fleet/state - name: /opt/so/conf/elastic-fleet/state
- makedirs: True - makedirs: True
elasticagentinstallersdir:
file.directory:
- name: /opt/so/conf/elastic-fleet/so_agent-installers
- makedirs: True
{% if SERVICETOKEN != '' %} {% if SERVICETOKEN != '' %}
so-elastic-fleet: so-elastic-fleet:
docker_container.running: docker_container.running:
- image: docker.elastic.co/beats/elastic-agent:8.4.1 - image: docker.elastic.co/beats/elastic-agent:8.4.1
- name: so-elastic-fleet - name: so-elastic-fleet
- hostname: elastic-fleet-{{ GLOBALS.hostname }} - hostname: Fleet-{{ GLOBALS.hostname }}
- detach: True - detach: True
- user: root - user: root
- extra_hosts: - extra_hosts:

3
salt/kibana/defaults.yaml
View File

@@ -47,6 +47,7 @@ kibana:
- name: SO-Manager - name: SO-Manager
id: so-manager id: so-manager
description: "SO Manager Fleet Server Policy" description: "SO Manager Fleet Server Policy"
is_managed: true
namespace: default namespace: default
is_default_fleet_server: true is_default_fleet_server: true
monitoring_enabled: ['logs'] monitoring_enabled: ['logs']
@@ -58,6 +59,7 @@ kibana:
id: so-grid-nodes id: so-grid-nodes
description: "SO Grid Node Policy" description: "SO Grid Node Policy"
namespace: default namespace: default
is_managed: true
monitoring_enabled: ['logs'] monitoring_enabled: ['logs']
package_policies: package_policies:
- name: osquery-grid-nodes - name: osquery-grid-nodes
@@ -72,6 +74,7 @@ kibana:
- name: Endpoints-Initial - name: Endpoints-Initial
id: endpoints-default id: endpoints-default
description: "Initial Endpoint Policy" description: "Initial Endpoint Policy"
is_managed: true
namespace: default namespace: default
monitoring_enabled: ['logs'] monitoring_enabled: ['logs']
package_policies: package_policies:

2
salt/nginx/init.sls
View File

@@ -92,7 +92,7 @@ so-nginx:
- /opt/so/log/nginx/:/var/log/nginx:rw - /opt/so/log/nginx/:/var/log/nginx:rw
- /opt/so/tmp/nginx/:/var/lib/nginx:rw - /opt/so/tmp/nginx/:/var/lib/nginx:rw
- /opt/so/tmp/nginx/:/run:rw - /opt/so/tmp/nginx/:/run:rw
- /opt/so/conf/elastic-fleet/so_agent-installers:/opt/socore/html/packages - /opt/so/saltstack/local/salt/elastic-fleet/files/so_agent-installers/:/opt/socore/html/packages
{% if grains.role in ['so-manager', 'so-managersearch', 'so-eval', 'so-standalone', 'so-import'] %} {% if grains.role in ['so-manager', 'so-managersearch', 'so-eval', 'so-standalone', 'so-import'] %}
- /etc/pki/managerssl.crt:/etc/pki/nginx/server.crt:ro - /etc/pki/managerssl.crt:/etc/pki/nginx/server.crt:ro
- /etc/pki/managerssl.key:/etc/pki/nginx/server.key:ro - /etc/pki/managerssl.key:/etc/pki/nginx/server.key:ro