mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Merge pull request #9865 from Security-Onion-Solutions/2.4/fleet-esoutput
Move Output to ES
This commit is contained in:
Josh Brower
GitHub
@@ -84,6 +84,11 @@ printf '%s\n'\
|
|||||||
" url: '{{ GLOBALS.manager_ip }}'"\
|
" url: '{{ GLOBALS.manager_ip }}'"\
|
||||||
"" >> "$pillar_file"
|
"" >> "$pillar_file"
|
||||||
|
|
||||||
|
#Store Grid Nodes Enrollment token in Global pillar
|
||||||
|
global_pillar_file=/opt/so/saltstack/local/pillar/soc_global.sls
|
||||||
|
printf '%s\n'\
|
||||||
|
" fleet_grid_enrollment_token: '$GRIDNODESENROLLMENTOKEN'"\
|
||||||
|
"" >> "$global_pillar_file"
|
||||||
|
|
||||||
# Call Elastic-Fleet Salt State
|
# Call Elastic-Fleet Salt State
|
||||||
salt-call state.apply elastic-fleet queue=True
|
salt-call state.apply elastic-fleet queue=True
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use
|
# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use
|
||||||
# this file except in compliance with the Elastic License 2.0.
|
# this file except in compliance with the Elastic License 2.0.
|
||||||
|
|
||||||
{%- set GRIDNODETOKEN = salt['pillar.get']('elasticfleet:server:grid_enrollment') -%}
|
{%- set GRIDNODETOKEN = salt['pillar.get']('global:fleet_grid_enrollment_token') -%}
|
||||||
|
|
||||||
{% set AGENT_STATUS = salt['service.available']('elastic-agent') %}
|
{% set AGENT_STATUS = salt['service.available']('elastic-agent') %}
|
||||||
{% if not AGENT_STATUS %}
|
{% if not AGENT_STATUS %}
|
||||||
|
|||||||
@@ -32,6 +32,7 @@ firewall:
|
|||||||
elastic_agent_data:
|
elastic_agent_data:
|
||||||
tcp:
|
tcp:
|
||||||
- 5055
|
- 5055
|
||||||
|
- 9200
|
||||||
endgame:
|
endgame:
|
||||||
tcp:
|
tcp:
|
||||||
- 3765
|
- 3765
|
||||||
|
|||||||
10
salt/top.sls
10
salt/top.sls
@@ -63,6 +63,7 @@ base:
|
|||||||
{%- endif %}
|
{%- endif %}
|
||||||
- schedule
|
- schedule
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
|
|
||||||
'*_eval and G@saltversion:{{saltversion}}':
|
'*_eval and G@saltversion:{{saltversion}}':
|
||||||
- match: compound
|
- match: compound
|
||||||
@@ -109,6 +110,7 @@ base:
|
|||||||
- playbook
|
- playbook
|
||||||
- redis
|
- redis
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
|
||||||
'*_manager and G@saltversion:{{saltversion}}':
|
'*_manager and G@saltversion:{{saltversion}}':
|
||||||
@@ -150,6 +152,7 @@ base:
|
|||||||
- schedule
|
- schedule
|
||||||
- soctopus
|
- soctopus
|
||||||
- playbook
|
- playbook
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
|
||||||
'*_standalone and G@saltversion:{{saltversion}}':
|
'*_standalone and G@saltversion:{{saltversion}}':
|
||||||
@@ -202,6 +205,7 @@ base:
|
|||||||
- playbook
|
- playbook
|
||||||
- docker_clean
|
- docker_clean
|
||||||
- elastic-fleet
|
- elastic-fleet
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
|
|
||||||
'*_searchnode and G@saltversion:{{saltversion}}':
|
'*_searchnode and G@saltversion:{{saltversion}}':
|
||||||
- match: compound
|
- match: compound
|
||||||
@@ -217,6 +221,7 @@ base:
|
|||||||
- logstash
|
- logstash
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
- schedule
|
- schedule
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
|
||||||
'*_managersearch and G@saltversion:{{saltversion}}':
|
'*_managersearch and G@saltversion:{{saltversion}}':
|
||||||
@@ -258,6 +263,7 @@ base:
|
|||||||
- schedule
|
- schedule
|
||||||
- soctopus
|
- soctopus
|
||||||
- playbook
|
- playbook
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
|
||||||
'*_heavynode and G@saltversion:{{saltversion}}':
|
'*_heavynode and G@saltversion:{{saltversion}}':
|
||||||
@@ -286,6 +292,7 @@ base:
|
|||||||
- zeek
|
- zeek
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
- schedule
|
- schedule
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
|
||||||
'*_import and G@saltversion:{{saltversion}}':
|
'*_import and G@saltversion:{{saltversion}}':
|
||||||
@@ -317,6 +324,7 @@ base:
|
|||||||
- zeek
|
- zeek
|
||||||
- schedule
|
- schedule
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- elastic-fleet
|
- elastic-fleet
|
||||||
|
|
||||||
'*_receiver and G@saltversion:{{saltversion}}':
|
'*_receiver and G@saltversion:{{saltversion}}':
|
||||||
@@ -332,6 +340,7 @@ base:
|
|||||||
- redis
|
- redis
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
- schedule
|
- schedule
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
|
|
||||||
'*_idh and G@saltversion:{{saltversion}}':
|
'*_idh and G@saltversion:{{saltversion}}':
|
||||||
@@ -341,6 +350,7 @@ base:
|
|||||||
- telegraf
|
- telegraf
|
||||||
- firewall
|
- firewall
|
||||||
- schedule
|
- schedule
|
||||||
|
- elastic-fleet.install_agent_grid
|
||||||
- docker_clean
|
- docker_clean
|
||||||
- idh
|
- idh
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user