From d5df1a106afbecbd09bac8a355216afbf63b1679 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 13:43:52 -0500 Subject: [PATCH 01/26] refactor automated testing inputs due to streamlined setup process --- setup/so-functions | 2 +- setup/so-setup | 66 ++++++++++++++++++++++++---------------------- 2 files changed, 35 insertions(+), 33 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 381c4b497..ef9174e74 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -322,7 +322,7 @@ collect_hostname() { } collect_hostname_validate() { - if [[ $automated == no ]] && [[ "$HOSTNAME" == *'localhost'* ]]; then HOSTNAME=securityonion; fi + if [[ -z "$TESTING" ]] && [[ "$HOSTNAME" == *'localhost'* ]]; then HOSTNAME=securityonion; fi whiptail_set_hostname "$HOSTNAME" diff --git a/setup/so-setup b/setup/so-setup index 6825afc9d..8a295afcd 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -37,10 +37,10 @@ source ./so-variables # Parse command line arguments setup_type=$1 -automation=$2 +test_profile=$2 + WHATWOULDYOUSAYYAHDOHERE=setup -# This is for automation while [[ $# -gt 0 ]]; do arg="$1" shift @@ -49,12 +49,8 @@ while [[ $# -gt 0 ]]; do export TURBO="http://${arg#*=}";; "--proxy="* ) export {http,https,ftp,rsync,all}_proxy="${arg#*=}";; - "--allow-role="* ) - export ALLOW_ROLE="${arg#*=}";; "--allow-cidr="* ) export ALLOW_CIDR="${arg#*=}";; - "--skip-reboot" ) - export SKIP_REBOOT=1;; * ) if [[ "$arg" == "--"* ]]; then echo "Invalid option" @@ -166,41 +162,47 @@ catch() { exit 1 } -automated=no - # Add the progress function for manager node type installs progress() { local msg=${1:-'Please wait while installing...'} - if [ $automated == no ]; then + if [ -z "$TESTING" ]; then whiptail --title "$whiptail_title" --gauge "$msg" 6 70 0 # append to text else cat >> $setup_log 2>&1 fi } -# If using automation let's do automation things. -if [[ -f automation/$automation && $(basename $automation) == $automation ]]; then - info "Preselecting variable values based on automated setup: $automation" - source automation/$automation - automated=yes +if [ -n "$test_profile" ]; then + install_type="$(echo $test_profile |awk -F- '{print $1}')" + info "Activating test profile: $test_profile" - attempt=1 - attempts=60 - ip a | grep "$MNIC:" | grep "state UP" >> $setup_log 2>&1 - while [ $? -ne 0 ]; do - logCmd "ip a" - if [ $attempt -gt $attempts ]; then - error "Network unavailable - setup cannot continue" - exit 1 - fi - info "Waiting for network to come up (attempt $attempt of $attempts)" - attempt=$((attempt + 1)) - info "Sleeping 10s to try again" - sleep 10; - logCmd "ip a | grep '$MNIC:' | grep 'state UP'" - done - info "Network is up on $MNIC" + # The below settings are hardcoded purely for automated testing purposes. + TESTING=true + MSRV=manager + if [ "$test_profile" =~ *"-net" ]; then + address_type=DHCP + MSRVIP=10.66.166.72 + elif [ "$test_profile" =~ *"-cloud" ]; then + MSRVIP=10.99.1.20 + elif [ "$test_profile" =~ *"-iso" ]; then + MSRVIP=10.66.166.42 + elif [ "$test_profile" =~ *"-airgap" ]; then + MSRVIP=10.66.166.52 + fi + if [ -f "/root/public_ip" ]; then + REDIRECTHOST=$(cat /root/public_ip) + REDIRECTINFO=OTHER + else + REDIRECTINFO=IP + fi + ALLOW_CIDR=0.0.0.0/0 + MNIC=eth0 + BNICS=eth1 + HOSTNAME=$install_type + WEBUSER=onionuser@somewhere.invalid + WEBPASSWD1=0n10nus3r + WEBPASSWD2=0n10nus3r fi # Make sure the setup type is suppoted. @@ -227,7 +229,7 @@ dmesg -D # Kernel consoleblank is causing whiptail progress screen to appear to hang #1084 # https://github.com/Security-Onion-Solutions/securityonion/issues/1084 -if [ "$automated" == no ]; then +if [ -z "$TESTING" ]; then TTY=$(tty) info "Setup is running on TTY $TTY" if echo $TTY | grep -q "/dev/tty"; then @@ -283,7 +285,7 @@ if ! [[ -f $install_opt_file ]]; then compare_main_nic_ip fi - if [[ $setup_type == 'iso' ]] && [ "$automated" == no ]; then + if [[ $setup_type == 'iso' ]] && [ -z "$TESTING" ]; then whiptail_first_menu_iso if [[ $option == "CONFIGURENETWORK" ]]; then collect_hostname From 9c3cc17153a248bd1bf02130a54e91dd177435e0 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 13:44:38 -0500 Subject: [PATCH 02/26] refactor automated testing inputs due to streamlined setup process --- setup/automation/distributed-airgap-manager | 67 -------------------- setup/automation/distributed-airgap-search | 68 -------------------- setup/automation/distributed-airgap-sensor | 68 -------------------- setup/automation/distributed-cloud-manager | 66 ------------------- setup/automation/distributed-cloud-search | 68 -------------------- setup/automation/distributed-cloud-sensor | 68 -------------------- setup/automation/distributed-iso-manager | 66 ------------------- setup/automation/distributed-iso-search | 68 -------------------- setup/automation/distributed-iso-sensor | 70 --------------------- setup/automation/distributed-net-manager | 66 ------------------- setup/automation/distributed-net-search | 68 -------------------- setup/automation/distributed-net-sensor | 68 -------------------- setup/automation/eval-airgap | 67 -------------------- setup/automation/eval-cloud | 66 ------------------- setup/automation/eval-iso | 66 ------------------- setup/automation/eval-net | 66 ------------------- setup/automation/import-airgap | 67 -------------------- setup/automation/import-cloud | 66 ------------------- setup/automation/import-iso | 66 ------------------- setup/automation/import-net | 66 ------------------- setup/automation/standalone-airgap | 67 -------------------- setup/automation/standalone-cloud | 66 ------------------- setup/automation/standalone-iso | 66 ------------------- setup/automation/standalone-net | 66 ------------------- 24 files changed, 1606 deletions(-) delete mode 100644 setup/automation/distributed-airgap-manager delete mode 100644 setup/automation/distributed-airgap-search delete mode 100644 setup/automation/distributed-airgap-sensor delete mode 100644 setup/automation/distributed-cloud-manager delete mode 100644 setup/automation/distributed-cloud-search delete mode 100644 setup/automation/distributed-cloud-sensor delete mode 100644 setup/automation/distributed-iso-manager delete mode 100644 setup/automation/distributed-iso-search delete mode 100644 setup/automation/distributed-iso-sensor delete mode 100644 setup/automation/distributed-net-manager delete mode 100644 setup/automation/distributed-net-search delete mode 100644 setup/automation/distributed-net-sensor delete mode 100644 setup/automation/eval-airgap delete mode 100644 setup/automation/eval-cloud delete mode 100644 setup/automation/eval-iso delete mode 100644 setup/automation/eval-net delete mode 100644 setup/automation/import-airgap delete mode 100644 setup/automation/import-cloud delete mode 100644 setup/automation/import-iso delete mode 100644 setup/automation/import-net delete mode 100644 setup/automation/standalone-airgap delete mode 100644 setup/automation/standalone-cloud delete mode 100644 setup/automation/standalone-iso delete mode 100644 setup/automation/standalone-net diff --git a/setup/automation/distributed-airgap-manager b/setup/automation/distributed-airgap-manager deleted file mode 100644 index f9d2e7cdc..000000000 --- a/setup/automation/distributed-airgap-manager +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=Distributed-manager -install_type=MANAGER -INTERWEBS=AIRGAP -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-airgap-search b/setup/automation/distributed-airgap-search deleted file mode 100644 index 897014f3a..000000000 --- a/setup/automation/distributed-airgap-search +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -# ALLOW_CIDR=0.0.0.0/0 -# ALLOW_ROLE=a -# BASICZEEK=7 -# BASICSURI=7 -# BLOGS= -# BNICS=eth1 -# ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-search -install_type=SEARCHNODE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -# MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.66.166.52 -# MTU= -# NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -# REDIRECTINFO=IP -# RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -# STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-airgap-sensor b/setup/automation/distributed-airgap-sensor deleted file mode 100644 index 7f6565595..000000000 --- a/setup/automation/distributed-airgap-sensor +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -# ALLOW_CIDR=0.0.0.0/0 -# ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=Distributed-sensor -install_type=SENSOR -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -# MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.66.166.52 -# MTU= -# NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -# NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -# REDIRECTINFO=IP -# RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -# STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-cloud-manager b/setup/automation/distributed-cloud-manager deleted file mode 100644 index baaf4a11c..000000000 --- a/setup/automation/distributed-cloud-manager +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-manager -install_type=MANAGER -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -REDIRECTHOST=$(cat /root/public_ip) -REDIRECTINFO=OTHER -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT=0 -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-cloud-search b/setup/automation/distributed-cloud-search deleted file mode 100644 index 42c6b5726..000000000 --- a/setup/automation/distributed-cloud-search +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -#ALLOW_CIDR=0.0.0.0/0 -#ALLOW_ROLE=a -#BASICZEEK=7 -#BASICSURI=7 -# BLOGS= -#BNICS=ens6 -#ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-search -install_type=SEARCHNODE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -#MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.99.1.20 -# MTU= -#NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -#OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -#PLAYBOOK=1 -# REDIRECTHOST= -#REDIRECTINFO=HOSTNAME -#RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT=0 -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -#STRELKA=1 -#THEHIVE=0 -#WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-cloud-sensor b/setup/automation/distributed-cloud-sensor deleted file mode 100644 index bb7f8716f..000000000 --- a/setup/automation/distributed-cloud-sensor +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -#ALLOW_CIDR=0.0.0.0/0 -#ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-sensor -install_type=SENSOR -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -#MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.99.1.20 -# MTU= -#NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -#NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -#OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -#PLAYBOOK=1 -# REDIRECTHOST= -#REDIRECTINFO=HOSTNAME -#RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT=0 -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -#STRELKA=1 -#THEHIVE=0 -#WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-iso-manager b/setup/automation/distributed-iso-manager deleted file mode 100644 index c601d3283..000000000 --- a/setup/automation/distributed-iso-manager +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=7 -BASICSURI=7 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-manager -install_type=MANAGER -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-iso-search b/setup/automation/distributed-iso-search deleted file mode 100644 index 87165c053..000000000 --- a/setup/automation/distributed-iso-search +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -# ALLOW_CIDR=0.0.0.0/0 -# ALLOW_ROLE=a -# BASICZEEK=7 -# BASICSURI=7 -# BLOGS= -# BNICS=eth1 -# ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-search -install_type=SEARCHNODE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -# MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.66.166.42 -# MTU= -# NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=ADVANCED -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -# REDIRECTINFO=IP -# RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -# STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-iso-sensor b/setup/automation/distributed-iso-sensor deleted file mode 100644 index 6762488f7..000000000 --- a/setup/automation/distributed-iso-sensor +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -# ALLOW_CIDR=0.0.0.0/0 -# ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=Distributed-Sensor -install_type=SENSOR -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -# MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.66.166.42 -MTU=1500 -# NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -# NODESETUP=NODEBASIC -NSMSETUP=ADVANCED -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -# REDIRECTINFO=IP -# RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -# STRELKA=1 -SURIPINS=(2 3) -# THEHIVE=0 -# WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r -ZEEKPINS=(0 1) diff --git a/setup/automation/distributed-net-manager b/setup/automation/distributed-net-manager deleted file mode 100644 index fff5bdb39..000000000 --- a/setup/automation/distributed-net-manager +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=7 -BASICSURI=7 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=SURICATA -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-manager -install_type=MANAGER -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-net-search b/setup/automation/distributed-net-search deleted file mode 100644 index 8a3fb7784..000000000 --- a/setup/automation/distributed-net-search +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -# ALLOW_CIDR=0.0.0.0/0 -# ALLOW_ROLE=a -# BASICZEEK=7 -# BASICSURI=7 -# BLOGS= -# BNICS=eth1 -# ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-search -install_type=SEARCHNODE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -# MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.66.166.72 -# MTU= -# NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -# REDIRECTINFO=IP -# RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -# STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/distributed-net-sensor b/setup/automation/distributed-net-sensor deleted file mode 100644 index eb104f1a8..000000000 --- a/setup/automation/distributed-net-sensor +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -# ALLOW_CIDR=0.0.0.0/0 -# ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=SURICATA -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=distributed-sensor -install_type=SENSOR -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -# MANAGERADV=BASIC -MANAGERUPDATES=1 -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -MSRV=distributed-manager -MSRVIP=10.66.166.72 -# MTU= -# NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -# NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -# REDIRECTINFO=IP -# RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -# STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -# WEBUSER=onionuser@somewhere.invalid -# WEBPASSWD1=0n10nus3r -# WEBPASSWD2=0n10nus3r diff --git a/setup/automation/eval-airgap b/setup/automation/eval-airgap deleted file mode 100644 index 45235ccda..000000000 --- a/setup/automation/eval-airgap +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=eval -install_type=EVAL -INTERWEBS=AIRGAP -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/eval-cloud b/setup/automation/eval-cloud deleted file mode 100644 index 8a18cb78c..000000000 --- a/setup/automation/eval-cloud +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=eval -install_type=EVAL -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -REDIRECTHOST=$(cat /root/public_ip) -REDIRECTINFO=OTHER -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/eval-iso b/setup/automation/eval-iso deleted file mode 100644 index a0bddf54f..000000000 --- a/setup/automation/eval-iso +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=eval -install_type=EVAL -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/eval-net b/setup/automation/eval-net deleted file mode 100644 index 9ecab5ee0..000000000 --- a/setup/automation/eval-net +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -# address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=eval -install_type=EVAL -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/import-airgap b/setup/automation/import-airgap deleted file mode 100644 index 1e3fdb70a..000000000 --- a/setup/automation/import-airgap +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=import -install_type=IMPORT -INTERWEBS=AIRGAP -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -# SOREMOTEPASS1=onionuser -# SOREMOTEPASS2=onionuser -STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/import-cloud b/setup/automation/import-cloud deleted file mode 100644 index e12b00863..000000000 --- a/setup/automation/import-cloud +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=import -install_type=IMPORT -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -REDIRECTHOST=$(cat /root/public_ip) -REDIRECTINFO=OTHER -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -# SOREMOTEPASS1=onionuser -# SOREMOTEPASS2=onionuser -STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/import-iso b/setup/automation/import-iso deleted file mode 100644 index ad111cff6..000000000 --- a/setup/automation/import-iso +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=import -install_type=IMPORT -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -# SOREMOTEPASS1=onionuser -# SOREMOTEPASS2=onionuser -STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/import-net b/setup/automation/import-net deleted file mode 100644 index e58a3961a..000000000 --- a/setup/automation/import-net +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -# address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -#BNICS=eth1 -ZEEKVERSION=SURICATA -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=import -install_type=IMPORT -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -# OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -# PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -# SOREMOTEPASS1=onionuser -# SOREMOTEPASS2=onionuser -STRELKA=1 -# THEHIVE=0 -# WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/standalone-airgap b/setup/automation/standalone-airgap deleted file mode 100644 index 2c0a5af0f..000000000 --- a/setup/automation/standalone-airgap +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=standalone -install_type=STANDALONE -INTERWEBS=AIRGAP -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/standalone-cloud b/setup/automation/standalone-cloud deleted file mode 100644 index 01b3120fb..000000000 --- a/setup/automation/standalone-cloud +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=standalone -install_type=STANDALONE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -REDIRECTHOST=$(cat /root/public_ip) -REDIRECTINFO=OTHER -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/standalone-iso b/setup/automation/standalone-iso deleted file mode 100644 index ea0f7ddb5..000000000 --- a/setup/automation/standalone-iso +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=ZEEK -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=standalone -install_type=STANDALONE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r diff --git a/setup/automation/standalone-net b/setup/automation/standalone-net deleted file mode 100644 index 23019f788..000000000 --- a/setup/automation/standalone-net +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at -# https://securityonion.net/license; you may not use this file except in compliance with the -# Elastic License 2.0. - - -TESTING=true - -# address_type=DHCP -ADMINUSER=onionuser -ADMINPASS1=onionuser -ADMINPASS2=onionuser -ALLOW_CIDR=0.0.0.0/0 -ALLOW_ROLE=a -BASICZEEK=2 -BASICSURI=2 -# BLOGS= -BNICS=eth1 -ZEEKVERSION=SURICATA -# CURCLOSEDAYS= -# EVALADVANCED=BASIC -# HELIXAPIKEY= -HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 -HNSENSOR=inherit -HOSTNAME=standalone -install_type=STANDALONE -# LSINPUTBATCHCOUNT= -# LSINPUTTHREADS= -# LSPIPELINEBATCH= -# LSPIPELINEWORKERS= -MANAGERADV=BASIC -# MDNS= -# MGATEWAY= -# MIP= -# MMASK= -MNIC=eth0 -# MSEARCH= -# MSRV= -# MTU= -NIDS=Suricata -# NODE_ES_HEAP_SIZE= -# NODE_LS_HEAP_SIZE= -NODESETUP=NODEBASIC -NSMSETUP=BASIC -NODEUPDATES=MANAGER -# OINKCODE= -OSQUERY=1 -# PATCHSCHEDULEDAYS= -# PATCHSCHEDULEHOURS= -PATCHSCHEDULENAME=auto -PLAYBOOK=1 -# REDIRECTHOST= -REDIRECTINFO=IP -RULESETUP=ETOPEN -# SHARDCOUNT= -# SKIP_REBOOT= -SOREMOTEPASS1=onionuser -SOREMOTEPASS2=onionuser -STRELKA=1 -THEHIVE=0 -WAZUH=1 -WEBUSER=onionuser@somewhere.invalid -WEBPASSWD1=0n10nus3r -WEBPASSWD2=0n10nus3r From 8f20e2bcb975bf8c8f4655f25b13eda38297a471 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 14:29:22 -0500 Subject: [PATCH 03/26] refactor automated testing inputs due to streamlined setup process --- setup/so-setup | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/setup/so-setup b/setup/so-setup index 8a295afcd..b7b178c08 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -180,14 +180,14 @@ if [ -n "$test_profile" ]; then # The below settings are hardcoded purely for automated testing purposes. TESTING=true MSRV=manager - if [ "$test_profile" =~ *"-net" ]; then + if [[ "$test_profile" =~ "-net" ]]; then address_type=DHCP MSRVIP=10.66.166.72 - elif [ "$test_profile" =~ *"-cloud" ]; then + elif [[ "$test_profile" =~ "-cloud" ]]; then MSRVIP=10.99.1.20 - elif [ "$test_profile" =~ *"-iso" ]; then + elif [[ "$test_profile" =~ "-iso" ]]; then MSRVIP=10.66.166.42 - elif [ "$test_profile" =~ *"-airgap" ]; then + elif [[ "$test_profile" =~ "-airgap" ]]; then MSRVIP=10.66.166.52 fi if [ -f "/root/public_ip" ]; then From d456f681f18f16fed105af6a7c47fc6c999eebcb Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 14:45:21 -0500 Subject: [PATCH 04/26] refactor automated testing inputs due to streamlined setup process --- setup/so-functions | 4 ++-- setup/so-setup | 26 ++++++++++++++++---------- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index ef9174e74..d044bf326 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -17,11 +17,11 @@ log() { } error() { - log "$1" "E" + log "$1" "ERROR" } info() { - log "$1" "I" + log "$1" "INFO" } title() { diff --git a/setup/so-setup b/setup/so-setup index b7b178c08..7cbc876b0 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -175,20 +175,27 @@ progress() { if [ -n "$test_profile" ]; then install_type="$(echo $test_profile |awk -F- '{print $1}')" - info "Activating test profile: $test_profile" + info "Activating test profile; profile=$test_profile; install_type=$install_type" # The below settings are hardcoded purely for automated testing purposes. TESTING=true - MSRV=manager + if [[ "$test_profile" =~ "-sensor-" || "$test_profile" =~ "-search-" ]]; then + HOSTNAME=$test_profile + MSRV=manager + if [[ "$test_profile" =~ "-net" ]]; then + MSRVIP=10.66.166.72 + elif [[ "$test_profile" =~ "-cloud" ]]; then + MSRVIP=10.99.1.20 + elif [[ "$test_profile" =~ "-iso" ]]; then + MSRVIP=10.66.166.42 + elif [[ "$test_profile" =~ "-airgap" ]]; then + MSRVIP=10.66.166.52 + fi + else + HOSTNAME=manager + fi if [[ "$test_profile" =~ "-net" ]]; then address_type=DHCP - MSRVIP=10.66.166.72 - elif [[ "$test_profile" =~ "-cloud" ]]; then - MSRVIP=10.99.1.20 - elif [[ "$test_profile" =~ "-iso" ]]; then - MSRVIP=10.66.166.42 - elif [[ "$test_profile" =~ "-airgap" ]]; then - MSRVIP=10.66.166.52 fi if [ -f "/root/public_ip" ]; then REDIRECTHOST=$(cat /root/public_ip) @@ -199,7 +206,6 @@ if [ -n "$test_profile" ]; then ALLOW_CIDR=0.0.0.0/0 MNIC=eth0 BNICS=eth1 - HOSTNAME=$install_type WEBUSER=onionuser@somewhere.invalid WEBPASSWD1=0n10nus3r WEBPASSWD2=0n10nus3r From 749c299ed2c0a70d629310c409abaaf2f78b2bb4 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 15:34:09 -0500 Subject: [PATCH 05/26] refactor automated testing inputs due to streamlined setup process --- setup/so-setup | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/setup/so-setup b/setup/so-setup index 7cbc876b0..69cbfbee1 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -175,34 +175,38 @@ progress() { if [ -n "$test_profile" ]; then install_type="$(echo $test_profile |awk -F- '{print $1}')" + install_type=${install_type^^} info "Activating test profile; profile=$test_profile; install_type=$install_type" # The below settings are hardcoded purely for automated testing purposes. TESTING=true + if [[ "$test_profile" =~ "-sensor-" || "$test_profile" =~ "-search-" ]]; then HOSTNAME=$test_profile - MSRV=manager - if [[ "$test_profile" =~ "-net" ]]; then - MSRVIP=10.66.166.72 - elif [[ "$test_profile" =~ "-cloud" ]]; then - MSRVIP=10.99.1.20 - elif [[ "$test_profile" =~ "-iso" ]]; then - MSRVIP=10.66.166.42 - elif [[ "$test_profile" =~ "-airgap" ]]; then - MSRVIP=10.66.166.52 - fi else HOSTNAME=manager fi + + MSRV=manager if [[ "$test_profile" =~ "-net" ]]; then address_type=DHCP + MSRVIP=10.66.166.72 + elif [[ "$test_profile" =~ "-cloud" ]]; then + MSRVIP=10.99.1.20 + elif [[ "$test_profile" =~ "-iso" ]]; then + MSRVIP=10.66.166.42 + elif [[ "$test_profile" =~ "-airgap" ]]; then + is_airgap=true + MSRVIP=10.66.166.52 fi + if [ -f "/root/public_ip" ]; then REDIRECTHOST=$(cat /root/public_ip) REDIRECTINFO=OTHER else REDIRECTINFO=IP fi + ALLOW_CIDR=0.0.0.0/0 MNIC=eth0 BNICS=eth1 From 205e3440342dbd4e119b70b53bfaf9eef50d8482 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 15:40:08 -0500 Subject: [PATCH 06/26] dynamically choose test NICs in alphanumeric sort order --- setup/so-setup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup/so-setup b/setup/so-setup index 69cbfbee1..9f386c4a6 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -208,8 +208,8 @@ if [ -n "$test_profile" ]; then fi ALLOW_CIDR=0.0.0.0/0 - MNIC=eth0 - BNICS=eth1 + MNIC=$(ls -1 /sys/class/net | head -1) + BNICS=$(ls -1 /sys/class/net | head -2 | tail -1) WEBUSER=onionuser@somewhere.invalid WEBPASSWD1=0n10nus3r WEBPASSWD2=0n10nus3r From 13182fcda2f6792f79b61b3cf5a32d81b3e9557a Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 28 Feb 2023 16:31:17 -0500 Subject: [PATCH 07/26] refactor automated testing inputs due to streamlined setup process --- setup/so-setup | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/setup/so-setup b/setup/so-setup index 9f386c4a6..440965ca1 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -181,8 +181,10 @@ if [ -n "$test_profile" ]; then # The below settings are hardcoded purely for automated testing purposes. TESTING=true - if [[ "$test_profile" =~ "-sensor-" || "$test_profile" =~ "-search-" ]]; then - HOSTNAME=$test_profile + if [[ "$test_profile" =~ "-sensor-" ]]; then + HOSTNAME=sensor + elif [[ "$test_profile" =~ "-search-" ]]; then + HOSTNAME=search else HOSTNAME=manager fi From fd2068be8867516fe0a642732f0bac57575ef663 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 2 Mar 2023 15:23:53 -0500 Subject: [PATCH 08/26] Switch back to kilo images --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 197c4d5c2..7f2e97617 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.4.0 +2.4.0-kilo From 194565936956601c1920204d23af9f97926d7ba9 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 6 Mar 2023 15:59:08 -0500 Subject: [PATCH 09/26] Error is too common, found even in dashboard titles --- setup/so-verify | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-verify b/setup/so-verify index 8c68852be..20aedb890 100755 --- a/setup/so-verify +++ b/setup/so-verify @@ -32,7 +32,7 @@ log_has_errors() { # Ignore Failed: 0 since that is the salt state output, and we detect state failures # via Result: False already. - grep -E "FAILED|Failed|failed|ERROR|Error|Result: False" "$setup_log" | \ + grep -E "FAILED|Failed|failed|ERROR|Result: False" "$setup_log" | \ grep -vE "The Salt Master has cached the public key for this node" | \ grep -vE "Minion failed to authenticate with the master" | \ grep -vE "Failed to connect to ::1" | \ From f77068f73f29dbecf4f5264c47dbd9559f9896ac Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 6 Mar 2023 18:37:37 -0500 Subject: [PATCH 10/26] setup and so-verify/so-status interop --- salt/common/tools/sbin/so-status | 17 ++++++++++++++--- setup/so-functions | 4 ++++ setup/so-verify | 19 ++++++++++++++----- 3 files changed, 32 insertions(+), 8 deletions(-) diff --git a/salt/common/tools/sbin/so-status b/salt/common/tools/sbin/so-status index da20fcacd..ec0ce94b1 100755 --- a/salt/common/tools/sbin/so-status +++ b/salt/common/tools/sbin/so-status @@ -24,11 +24,13 @@ def showUsage(options, args): print(' -h - Prints this usage information') print(' -q - Suppress output; useful for automation of exit code value') print(' -j - Output in JSON format') + print(' -i - Consider the installation outcome regardless of whether the system appears healthy') print('') print(' Exit codes:') print(' 0 - Success, system appears to be running correctly') print(' 1 - Error, one or more subsystems are not running') print(' 2 - System is starting') + print(' 3 - System installation encountered errors') print(' 99 - Installation in progress') sys.exit(1) @@ -38,6 +40,12 @@ def fail(msg): sys.exit(1) +def check_installation_status(options, console): + if "-i" in options and os.path.isfile('/root/failure'): + return 3 + return 0 + + def check_system_status(options, console): code = 0 highstate_end_time = 0 @@ -64,6 +72,8 @@ def output(options, console, code, data): elif "-q" not in options: if code == 2: console.print(" [bold yellow]:hourglass: [bold white]System appears to be starting. No highstate has completed since the system was restarted.") + if code == 3: + console.print(" [bold red]:exclamation: [bold white]Installation encountered errors.") elif code == 99: console.print(" [bold red]:exclamation: [bold white]Installation does not appear to be complete. A highstate has not fully completed.") else: @@ -137,7 +147,9 @@ def check_container_status(options, console): def check_status(options, console): container_list = [] - code = check_system_status(options, console) + code = check_installation_status(options, console) + if code == 0: + code = check_system_status(options, console) if code == 0: code, container_list = check_container_status(options, console) output(options, console, code, container_list) @@ -150,9 +162,8 @@ def main(): for option in args: if option.startswith("-"): options.append(option) - args.remove(option) - if len(args) != 0 or "-h" in options: + if "-h" in options or "--help" in options or "-?" in options: showUsage(options, None) if os.environ["USER"] != "root": diff --git a/setup/so-functions b/setup/so-functions index ede539a6c..0ca635872 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1774,6 +1774,10 @@ reinstall_init() { local service_retry_count=20 + # Disregard previous install outcomes + rm -f /root/failure + rm -f /root/success + { # remove all of root's cronjobs logCmd "crontab -r -u root" diff --git a/setup/so-verify b/setup/so-verify index 20aedb890..2ccc76b09 100755 --- a/setup/so-verify +++ b/setup/so-verify @@ -81,18 +81,27 @@ status_failed() { main() { exit_code=0 - if log_has_errors; then - echo "WARNING: Errors detected during setup" + if [ -f /root/success ]; then + echo "Successfully completed setup a while ago" + elif [ -f /root/failure ]; then + echo "WARNING: Failed setup a while ago" exit_code=1 + elif log_has_errors; then + echo "WARNING: Errors detected during setup" + exit_code=1 + touch /root/failure elif using_iso && cron_error_in_mail_spool; then - echo "WARNING: Unexpected cron job output in mail spool" + echo "WARNING: Unexpected cron job output in mail spool" exit_code=1 + touch /root/failure elif is_manager_node && status_failed; then echo "WARNING: Containers are not in a healthy state" exit_code=1 + touch /root/failure else - echo "Successfully completed setup!" - fi + echo "Successfully completed setup!" + touch /root/success + fi exit $exit_code } From b641dc37b6a133f1c965d3168f9ee49f1b8a5a77 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 6 Mar 2023 18:56:04 -0500 Subject: [PATCH 11/26] use high error code to flag an unrecoverable error --- salt/common/tools/sbin/so-status | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/salt/common/tools/sbin/so-status b/salt/common/tools/sbin/so-status index ec0ce94b1..8b8dcb6ba 100755 --- a/salt/common/tools/sbin/so-status +++ b/salt/common/tools/sbin/so-status @@ -30,8 +30,8 @@ def showUsage(options, args): print(' 0 - Success, system appears to be running correctly') print(' 1 - Error, one or more subsystems are not running') print(' 2 - System is starting') - print(' 3 - System installation encountered errors') print(' 99 - Installation in progress') + print(' 100 - System installation encountered errors') sys.exit(1) @@ -42,7 +42,7 @@ def fail(msg): def check_installation_status(options, console): if "-i" in options and os.path.isfile('/root/failure'): - return 3 + return 100 return 0 @@ -72,10 +72,10 @@ def output(options, console, code, data): elif "-q" not in options: if code == 2: console.print(" [bold yellow]:hourglass: [bold white]System appears to be starting. No highstate has completed since the system was restarted.") - if code == 3: - console.print(" [bold red]:exclamation: [bold white]Installation encountered errors.") elif code == 99: console.print(" [bold red]:exclamation: [bold white]Installation does not appear to be complete. A highstate has not fully completed.") + elif code == 100: + console.print(" [bold red]:exclamation: [bold white]Installation encountered errors.") else: table = Table(title = "Security Onion Status", show_edge = False, safe_box = True, box = box.MINIMAL) table.add_column("Container", justify="right", style="white", no_wrap=True) From 66bb82950539c4585e6968df6d806b259a2a51ad Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Mon, 6 Mar 2023 22:18:08 -0500 Subject: [PATCH 12/26] if -i, either success or failure must be present --- salt/common/tools/sbin/so-status | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/salt/common/tools/sbin/so-status b/salt/common/tools/sbin/so-status index 8b8dcb6ba..f604f892d 100755 --- a/salt/common/tools/sbin/so-status +++ b/salt/common/tools/sbin/so-status @@ -41,8 +41,12 @@ def fail(msg): def check_installation_status(options, console): - if "-i" in options and os.path.isfile('/root/failure'): - return 100 + if "-i" in options: + if os.path.isfile('/root/failure'): + return 100 + if os.path.isfile('/root/success'): + return 0 + return 99 return 0 From 4f3cb2eb3dc7965a4a3feaf58d3e4f64236f4312 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Tue, 7 Mar 2023 14:42:10 -0500 Subject: [PATCH 13/26] Clarify playbook load time log message --- salt/common/tools/sbin/so-playbook-reset | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/common/tools/sbin/so-playbook-reset b/salt/common/tools/sbin/so-playbook-reset index d58078997..f7101ed5f 100755 --- a/salt/common/tools/sbin/so-playbook-reset +++ b/salt/common/tools/sbin/so-playbook-reset @@ -17,6 +17,6 @@ salt-call state.apply playbook,playbook.automation_user_create /usr/sbin/so-soctopus-restart -echo "Importing Plays - this will take some time...." +echo "Importing Plays - NOTE: this will continue after installation finishes and could take an hour or more. Rebooting while the import is in progress will delay playbook imports." sleep 5 so-playbook-ruleupdate >> /root/setup_playbook_rule_update.log 2>&1 & From b9e3024521adfe7bb67fa984d82f28d4db42dd06 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 8 Mar 2023 15:10:31 -0500 Subject: [PATCH 14/26] fix user sync issue after setup finishes --- salt/common/tools/sbin/so-user | 18 ------------------ setup/so-functions | 2 -- 2 files changed, 20 deletions(-) diff --git a/salt/common/tools/sbin/so-user b/salt/common/tools/sbin/so-user index 4ad3983b4..aaa43cd9e 100755 --- a/salt/common/tools/sbin/so-user +++ b/salt/common/tools/sbin/so-user @@ -496,19 +496,6 @@ EOF fi } -function migrateLockedUsers() { - # This is a migration function to convert locked users from prior to 2.3.90 - # to inactive users using the newer Kratos functionality. This should only - # find locked users once. - lockedEmails=$(curl -s ${kratosUrl}/identities | jq -r '.[] | select(.traits.status == "locked") | .traits.email') - if [[ -n "$lockedEmails" ]]; then - echo "Disabling locked users..." - for email in $lockedEmails; do - updateStatus "$email" locked - done - fi -} - function updateStatus() { email=$1 status=$2 @@ -703,11 +690,6 @@ case "${operation}" in echo "Password is acceptable" ;; - "migrate") - migrateLockedUsers - echo "User migration complete" - ;; - *) fail "Unsupported operation: $operation" usage diff --git a/setup/so-functions b/setup/so-functions index 0ca635872..e006bac34 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -68,9 +68,7 @@ add_web_user() { wait_for_file /nsm/kratos/db/db.sqlite 30 5 { info "Attempting to add administrator user for web interface..."; - export SKIP_STATE_APPLY=true echo "$WEBPASSWD1" | /usr/sbin/so-user add --email "$WEBUSER" --role "superuser"; - unset SKIP_STATE_APPLY info "Add user result: $?"; } >> "/root/so-user-add.log" 2>&1 } From b6ce9f489ac79393e1c02c31adbb4a27dd8de6e0 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 11:02:01 -0500 Subject: [PATCH 15/26] autodetect manager IP --- setup/so-functions | 9 +++++++++ setup/so-setup | 5 ++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index e006bac34..26a97583f 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1606,6 +1606,15 @@ networking_needful() { fi set_main_ip compare_main_nic_ip + + # Attempt to autodetect the manager IP, if an offset value exists + if [[ -n "$MSRVIP_OFFSET" && -z "$MSRVIP" ]]; then + mips1=$(echo "$MNIC_IP" | awk -F. '{print $1}') + mips2=$(echo "$MNIC_IP" | awk -F. '{print $2}') + mips3=$(echo "$MNIC_IP" | awk -F. '{print $3}') + mips4=$(echo "$MNIC_IP" | awk -F. '{print $4}') + MSRVIP="$mips1.$mips2.$mips3.$((mips4+$MSRVIP_OFFSET))" + fi } network_setup() { diff --git a/setup/so-setup b/setup/so-setup index 1bee9e617..f430efb4b 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -183,8 +183,10 @@ if [ -n "$test_profile" ]; then if [[ "$test_profile" =~ "-sensor-" ]]; then HOSTNAME=sensor + MSRVIP_OFFSET=-2 elif [[ "$test_profile" =~ "-search-" ]]; then HOSTNAME=search + MSRVIP_OFFSET=-1 else HOSTNAME=manager fi @@ -192,14 +194,11 @@ if [ -n "$test_profile" ]; then MSRV=manager if [[ "$test_profile" =~ "-net" ]]; then address_type=DHCP - MSRVIP=10.66.166.72 elif [[ "$test_profile" =~ "-cloud" ]]; then MSRVIP=10.99.1.20 elif [[ "$test_profile" =~ "-iso" ]]; then - MSRVIP=10.66.166.42 elif [[ "$test_profile" =~ "-airgap" ]]; then is_airgap=true - MSRVIP=10.66.166.52 fi if [ -f "/root/public_ip" ]; then From a4409b2979eca8331bd67c0c72329704e41ea80d Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 11:47:35 -0500 Subject: [PATCH 16/26] autodetect manager IP --- setup/so-setup | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/setup/so-setup b/setup/so-setup index f430efb4b..5555cd8f9 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -181,10 +181,10 @@ if [ -n "$test_profile" ]; then # The below settings are hardcoded purely for automated testing purposes. TESTING=true - if [[ "$test_profile" =~ "-sensor-" ]]; then + if [[ "$test_profile" =~ "-sensor" ]]; then HOSTNAME=sensor MSRVIP_OFFSET=-2 - elif [[ "$test_profile" =~ "-search-" ]]; then + elif [[ "$test_profile" =~ "-search" ]]; then HOSTNAME=search MSRVIP_OFFSET=-1 else @@ -196,7 +196,6 @@ if [ -n "$test_profile" ]; then address_type=DHCP elif [[ "$test_profile" =~ "-cloud" ]]; then MSRVIP=10.99.1.20 - elif [[ "$test_profile" =~ "-iso" ]]; then elif [[ "$test_profile" =~ "-airgap" ]]; then is_airgap=true fi From b1f201ca87ad4a3025f6c8fbbcc73b2813ac1483 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 12:05:42 -0500 Subject: [PATCH 17/26] autodetect manager IP --- setup/so-setup | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/setup/so-setup b/setup/so-setup index 5555cd8f9..d45d7ca2d 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -175,7 +175,11 @@ progress() { if [ -n "$test_profile" ]; then install_type="$(echo $test_profile |awk -F- '{print $1}')" - install_type=${install_type^^} + if [[ install_type == "distributed" ]]; then + install_type=MANAGER + else + install_type=${install_type^^} + fi info "Activating test profile; profile=$test_profile; install_type=$install_type" # The below settings are hardcoded purely for automated testing purposes. From ecc300197dffca0c22bd833df79625eb9e675acf Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 12:11:27 -0500 Subject: [PATCH 18/26] autodetect manager IP --- setup/so-setup | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup/so-setup b/setup/so-setup index d45d7ca2d..49b549e65 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -175,7 +175,7 @@ progress() { if [ -n "$test_profile" ]; then install_type="$(echo $test_profile |awk -F- '{print $1}')" - if [[ install_type == "distributed" ]]; then + if [[ "$install_type" == "distributed" ]]; then install_type=MANAGER else install_type=${install_type^^} From 894a20b3adc1f16ad6d693399aa5e422be5ca1a2 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 12:58:51 -0500 Subject: [PATCH 19/26] autodetect manager IP --- setup/so-setup | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/setup/so-setup b/setup/so-setup index 49b549e65..a1a1c6d76 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -180,21 +180,24 @@ if [ -n "$test_profile" ]; then else install_type=${install_type^^} fi - info "Activating test profile; profile=$test_profile; install_type=$install_type" # The below settings are hardcoded purely for automated testing purposes. TESTING=true if [[ "$test_profile" =~ "-sensor" ]]; then + install_type=SENSOR HOSTNAME=sensor MSRVIP_OFFSET=-2 elif [[ "$test_profile" =~ "-search" ]]; then + install_type=SEARCH HOSTNAME=search MSRVIP_OFFSET=-1 else HOSTNAME=manager fi + info "Activating test profile; profile=$test_profile; install_type=$install_type" + MSRV=manager if [[ "$test_profile" =~ "-net" ]]; then address_type=DHCP From 23b344bf147cef4fb8473d0cd5e81f60373c3a2f Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 15:04:42 -0500 Subject: [PATCH 20/26] distributed testing --- setup/so-functions | 3 +++ setup/so-setup | 5 +++-- setup/so-verify | 15 +++++++++++++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 26a97583f..e13457612 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -2303,6 +2303,9 @@ set_initial_firewall_access() { if [[ ! -z "$ALLOW_CIDR" ]]; then $default_salt_dir/salt/common/tools/sbin/so-firewall --role=analyst --ip=$ALLOW_CIDR --apply=true fi + if [[ ! -z "$MINION_CIDR" ]]; then + $default_salt_dir/salt/common/tools/sbin/so-firewall --role=sensors --ip=$MINION_CIDR --apply=true + fi } # Set up the management interface on the ISO diff --git a/setup/so-setup b/setup/so-setup index a1a1c6d76..cff432c13 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -189,7 +189,7 @@ if [ -n "$test_profile" ]; then HOSTNAME=sensor MSRVIP_OFFSET=-2 elif [[ "$test_profile" =~ "-search" ]]; then - install_type=SEARCH + install_type=SEARCHNODE HOSTNAME=search MSRVIP_OFFSET=-1 else @@ -198,6 +198,7 @@ if [ -n "$test_profile" ]; then info "Activating test profile; profile=$test_profile; install_type=$install_type" + MINION_CIDR=10.0.0.0/8 MSRV=manager if [[ "$test_profile" =~ "-net" ]]; then address_type=DHCP @@ -473,7 +474,7 @@ if ! [[ -f $install_opt_file ]]; then add_mngr_ip_to_hosts check_manager_connection collect_idh_services - collect_idh_preferences + collect_idh_preferences set_minion_info whiptail_end_settings diff --git a/setup/so-verify b/setup/so-verify index 2ccc76b09..20acf1c09 100755 --- a/setup/so-verify +++ b/setup/so-verify @@ -79,6 +79,19 @@ status_failed() { return 1 } +create_temp_so_status_if_missing() { + if ! which so-status &> /dev/null; then + if [ -f /root/success ]; then + echo "echo 'Minion installation succeeded - so-status not yet available'" > /usr/sbin/so-status + echo "exit 0" >> /usr/sbin/so-status + else + echo "echo 'Installation failed - so-status not available'" > /usr/sbin/so-status + echo "exit 100" >> /usr/sbin/so-status + fi + chmod a+x /usr/sbin/so-status + fi +} + main() { exit_code=0 if [ -f /root/success ]; then @@ -103,6 +116,8 @@ main() { touch /root/success fi + create_temp_so_status_if_missing + exit $exit_code } From 0ee870a19950b7d12e6f23aead7a5527974b71f3 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 15:40:51 -0500 Subject: [PATCH 21/26] cleanup unnecessary code --- setup/so-functions | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index e13457612..b3c0b6126 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -2289,14 +2289,11 @@ set_initial_firewall_policy() { title "Setting Initial Firewall Policy" if [ -f $default_salt_dir/salt/common/tools/sbin/so-firewall ]; then chmod +x $default_salt_dir/salt/common/tools/sbin/so-firewall; fi - case "$install_type" in - 'MANAGER') - $default_salt_dir/salt/common/tools/sbin/so-firewall --role=manager --ip=$MAINIP --apply=true - ;; - 'EVAL' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT') - $default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true - ;; - esac + case "$install_type" in + 'EVAL' | 'MANAGER' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT') + $default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true + ;; + esac } set_initial_firewall_access() { From ed8a23cedc535dd3f8b4dbf7ea57b0332cd24ac6 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 17:01:38 -0500 Subject: [PATCH 22/26] distributed testing --- setup/so-verify | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/setup/so-verify b/setup/so-verify index 20acf1c09..7e06cef86 100755 --- a/setup/so-verify +++ b/setup/so-verify @@ -79,11 +79,17 @@ status_failed() { return 1 } -create_temp_so_status_if_missing() { - if ! which so-status &> /dev/null; then +# Creates scripts that are going to be invoked by the automated test system. These scripts will +# overwritten by Salt, once the minion is accepted into the grid and the salt states run. +create_temp_scripts_if_missing() { + if [ ! -f /usr/sbin/so-status ]; then if [ -f /root/success ]; then - echo "echo 'Minion installation succeeded - so-status not yet available'" > /usr/sbin/so-status + echo "echo 'so-status not yet available'" > /usr/sbin/so-status echo "exit 0" >> /usr/sbin/so-status + + # Pretend so-test succeeded in the interim period while waiting for this minion to be accepted. This avoids tests getting hung up. + echo "echo 'so-test not yet available'" > /usr/sbin/so-test + echo "exit 0" >> /usr/sbin/so-test else echo "echo 'Installation failed - so-status not available'" > /usr/sbin/so-status echo "exit 100" >> /usr/sbin/so-status @@ -116,7 +122,7 @@ main() { touch /root/success fi - create_temp_so_status_if_missing + create_temp_scripts_if_missing exit $exit_code } From 5301f442f948b0f71b2f3669f9bbd73a159d01f8 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 9 Mar 2023 19:31:04 -0500 Subject: [PATCH 23/26] distributed testing --- setup/so-verify | 1 + 1 file changed, 1 insertion(+) diff --git a/setup/so-verify b/setup/so-verify index 7e06cef86..84f02e43c 100755 --- a/setup/so-verify +++ b/setup/so-verify @@ -90,6 +90,7 @@ create_temp_scripts_if_missing() { # Pretend so-test succeeded in the interim period while waiting for this minion to be accepted. This avoids tests getting hung up. echo "echo 'so-test not yet available'" > /usr/sbin/so-test echo "exit 0" >> /usr/sbin/so-test + chmod a+x /usr/sbin/so-test else echo "echo 'Installation failed - so-status not available'" > /usr/sbin/so-status echo "exit 100" >> /usr/sbin/so-status From fbefe229c1df363de269f387610c438c5067d614 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 15 Mar 2023 15:27:26 -0400 Subject: [PATCH 24/26] add test support to so-minion --- salt/common/tools/sbin/so-minion | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/salt/common/tools/sbin/so-minion b/salt/common/tools/sbin/so-minion index 03f26c556..b565f5a31 100755 --- a/salt/common/tools/sbin/so-minion +++ b/salt/common/tools/sbin/so-minion @@ -23,6 +23,7 @@ if [[ $# -lt 1 ]]; then echo " accept: Accepts a new key and adds the minion files" echo " delete: Removes the key and deletes the minion files" echo " reject: Rejects a key" + echo " test: Ingest test data" echo "" exit 1 fi @@ -75,6 +76,22 @@ function getinstallinfo() { source <(echo $INSTALLVARS) } +function testminion() { + # Always run on the host, since this is going to be the manager of a distributed grid, or an eval/standalone. + # Distributed managers must run this in order for the sensor nodes to have access to the so-tcpreplay image. + so-test + result=$? + + # If this so-minion script is not running on the given minion ID, run so-test remotely on the sensor as well + local_id=$(lookup_grain id) + if [[ ! "$local_id" =~ "${MINION_ID}_" ]]; then + salt "$MINION_ID" cmd.run 'so-test' + result=$? + fi + + exit $result +} + function listminions() { salt-key list -F --out=json exit $? @@ -277,3 +294,7 @@ if [[ "$OPERATION" = 'add' || "$OPERATION" = 'setup' ]]; then create$NODETYPE echo "Minion file created for $MINION_ID" fi + +if [[ "$OPERATION" = 'test' ]]; then + testminion +fi \ No newline at end of file From 49df376bcce6bb1b3236256397fd7be8c350d405 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 15 Mar 2023 19:24:03 -0400 Subject: [PATCH 25/26] Remove non-existant Ruby scanner --- salt/strelka/defaults.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/salt/strelka/defaults.yaml b/salt/strelka/defaults.yaml index 8060f520d..2c3b88513 100644 --- a/salt/strelka/defaults.yaml +++ b/salt/strelka/defaults.yaml @@ -308,11 +308,6 @@ strelka: priority: 5 options: limit: 1000 - 'ScanRuby': - - positive: - flavors: - - 'text/x-ruby' - priority: 5 'ScanSwf': - positive: flavors: From 3ab3e4712ce5474ea381e2da6c49961d606a922b Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Thu, 16 Mar 2023 09:16:28 -0400 Subject: [PATCH 26/26] remove kilo for merge --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 7f2e97617..197c4d5c2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.4.0-kilo +2.4.0