CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-02-08 00:04:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

add receiver node

Browse Source
This commit is contained in:
m0duspwnens
2021-12-07 10:19:32 -05:00
parent 83fab42b6e
commit 96666ab307
8 changed files with 55 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
setup/so-functions
View File

@@ -2665,7 +2665,7 @@ set_initial_firewall_policy() {
$default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
$default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost sensor "$MAINIP"
;;
'SENSOR' | 'SEARCHNODE' | 'HEAVYNODE' | 'FLEET')
'SENSOR' | 'SEARCHNODE' | 'HEAVYNODE' | 'FLEET' | 'RECEIVER')
$sshcmd -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
case "$install_type" in
'SENSOR')
@@ -2685,6 +2685,9 @@ set_initial_firewall_policy() {
'FLEET')
$sshcmd -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost beats_endpoint_ssl "$MAINIP"
;;
'RECEIVER')
$sshcmd -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost receiver "$MAINIP"
$sshcmd -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/pillar/data/addtotab.sh receivertab "$MINION_ID" "$MAINIP"
esac
;;
'PARSINGNODE')

3
setup/so-whiptail
View File

@@ -796,11 +796,12 @@ whiptail_install_type_dist_existing() {
Note: Heavy nodes (HEAVYNODE) are NOT recommended for most users.
EOM
install_type=$(whiptail --title "$whiptail_title" --radiolist "$node_msg" 18 58 4 \
install_type=$(whiptail --title "$whiptail_title" --radiolist "$node_msg" 18 58 5 \
"SENSOR" "Create a forward only sensor " ON \
"SEARCHNODE" "Add a search node with parsing " OFF \
"FLEET" "Dedicated Fleet Osquery Node " OFF \
"HEAVYNODE" "Sensor + Search Node " OFF \
"RECEIVER" "Receiver Node " OFF \
3>&1 1>&2 2>&3
# "HOTNODE" "Add Hot Node (Uses Elastic Clustering)" OFF \ # TODO
# "WARMNODE" "Add Warm Node to existing Hot or Search node" OFF \ # TODO