CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-05 02:48:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

changes for multipipelines / mastersearch node - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/124

Browse Source
This commit is contained in:
m0duspwnens
2020-01-21 16:39:42 -05:00
parent 0c08f8e727
commit a39edad3f6
113 changed files with 5613 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/wazuh/files/agent/ossec.conf
+2 -2
View File
@@ -1,10 +1,10 @@
{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' %}
{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
{%- set ip = salt['pillar.get']('static:masterip', '') %}
{%- elif grains['role'] == 'so-node' %}
{%- set ip = salt['pillar.get']('node:mainip', '') %}
{%- elif grains['role'] == 'so-sensor' %}
{%- set ip = salt['pillar.get']('sensor:mainip', '') %}
{%- endif %}
{%- endif %}
<!--
Wazuh - Agent - Default configuration for ubuntu 16.04
More info at: https://documentation.wazuh.com
salt/wazuh/files/agent/wazuh-register-agent
+6 -6
View File
@@ -1,6 +1,6 @@
{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' %}
{%- if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
{%- set ip = salt['pillar.get']('static:masterip', '') %}
{%- elif grains['role'] == 'so-node' %}
{%- elif grains['role'] == 'so-node' %}
{%- set ip = salt['pillar.get']('node:mainip', '') %}
{%- elif grains['role'] == 'so-sensor' %}
{%- set ip = salt['pillar.get']('sensor:mainip', '') %}
@@ -43,7 +43,7 @@ cat <<HELP_USAGE
The agent will be re-regitered with a new ID
-s|--silent Surpress the output while removing the agent
agent Agent name (if missing we will use the output
of the hostname command)
of the hostname command)
HELP_USAGE
}
@@ -59,7 +59,7 @@ register_agent() {
echo -e $API_RESULT | sed -rn 's/.*"message":"(.+)".*/\1/p'
exit 0
fi
# Get agent id and agent key
# Get agent id and agent key
AGENT_ID=$(echo $API_RESULT | cut -d':' -f 4 | cut -d ',' -f 1)
AGENT_KEY=$(echo $API_RESULT | cut -d':' -f 5 | cut -d '}' -f 1)
@@ -117,7 +117,7 @@ done
# reset $1, $2 .... as normal argument after the flag
shift $(($OPTIND - 1))
# if no arguments are passed in after the flags, we assign the hostname value to the AGENT_NAME
# if no arguments are passed in after the flags, we assign the hostname value to the AGENT_NAME
#AGENT_NAME=${1:-$(hostname)}
#get_agent_id
@@ -137,7 +137,7 @@ shift $(($OPTIND - 1))
# Default action -> try to register the agent
sleep 10s
STATUS=$(curl -s -k -u $USER:$PASSWORD $PROTOCOL://$API_IP:$API_PORT/agents/$AGENT_ID | jq .data.status | sed s'/"//g')
if [[ $STATUS == "Active" ]]; then
if [[ $STATUS == "Active" ]]; then
echo "Agent $AGENT_ID already registered!"
else
register_agent