Merge pull request #9939 from Security-Onion-Solutions/kilo

automated testing support; removal of nonexistent ScanRuby strelka scanner
2025-12-20 07:53:06 +01:00 · 2023-03-16 09:30:05 -04:00
parent c355e6eaf0 3ab3e4712c
commit ad2616900c
32 changed files with 154 additions and 1685 deletions
--- a/setup/automation/distributed-airgap-manager
+++ b/setup/automation/distributed-airgap-manager
@@ -1,67 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=Distributed-manager
-install_type=MANAGER
-INTERWEBS=AIRGAP
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-airgap-search
+++ b/setup/automation/distributed-airgap-search
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-# ALLOW_CIDR=0.0.0.0/0
-# ALLOW_ROLE=a
-# BASICZEEK=7
-# BASICSURI=7
-# BLOGS=
-# BNICS=eth1
-# ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-search
-install_type=SEARCHNODE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-# MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.66.166.52
-# MTU=
-# NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-# REDIRECTINFO=IP
-# RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-# STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-airgap-sensor
+++ b/setup/automation/distributed-airgap-sensor
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-# ALLOW_CIDR=0.0.0.0/0
-# ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=Distributed-sensor
-install_type=SENSOR
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-# MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.66.166.52
-# MTU=
-# NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-# NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-# REDIRECTINFO=IP
-# RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-# STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-cloud-manager
+++ b/setup/automation/distributed-cloud-manager
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-manager
-install_type=MANAGER
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-REDIRECTHOST=$(cat /root/public_ip)
-REDIRECTINFO=OTHER
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=0
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-cloud-search
+++ b/setup/automation/distributed-cloud-search
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-#ALLOW_CIDR=0.0.0.0/0
-#ALLOW_ROLE=a
-#BASICZEEK=7
-#BASICSURI=7
-# BLOGS=
-#BNICS=ens6
-#ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-search
-install_type=SEARCHNODE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-#MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.99.1.20
-# MTU=
-#NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-#OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-#PLAYBOOK=1
-# REDIRECTHOST=
-#REDIRECTINFO=HOSTNAME
-#RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=0
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-#STRELKA=1
-#THEHIVE=0
-#WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-cloud-sensor
+++ b/setup/automation/distributed-cloud-sensor
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-#ALLOW_CIDR=0.0.0.0/0
-#ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-sensor
-install_type=SENSOR
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-#MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.99.1.20
-# MTU=
-#NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-#NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-#OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-#PLAYBOOK=1
-# REDIRECTHOST=
-#REDIRECTINFO=HOSTNAME
-#RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=0
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-#STRELKA=1
-#THEHIVE=0
-#WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-iso-manager
+++ b/setup/automation/distributed-iso-manager
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=7
-BASICSURI=7
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-manager
-install_type=MANAGER
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-iso-search
+++ b/setup/automation/distributed-iso-search
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-# ALLOW_CIDR=0.0.0.0/0
-# ALLOW_ROLE=a
-# BASICZEEK=7
-# BASICSURI=7
-# BLOGS=
-# BNICS=eth1
-# ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-search
-install_type=SEARCHNODE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-# MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.66.166.42
-# MTU=
-# NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=ADVANCED
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-# REDIRECTINFO=IP
-# RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-# STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-iso-sensor
+++ b/setup/automation/distributed-iso-sensor
@@ -1,70 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-# ALLOW_CIDR=0.0.0.0/0
-# ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=Distributed-Sensor
-install_type=SENSOR
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-# MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.66.166.42
-MTU=1500
-# NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-# NODESETUP=NODEBASIC
-NSMSETUP=ADVANCED
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-# REDIRECTINFO=IP
-# RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-# STRELKA=1
-SURIPINS=(2 3)
-# THEHIVE=0
-# WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
-ZEEKPINS=(0 1)
--- a/setup/automation/distributed-net-manager
+++ b/setup/automation/distributed-net-manager
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=7
-BASICSURI=7
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=SURICATA
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-manager
-install_type=MANAGER
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-net-search
+++ b/setup/automation/distributed-net-search
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-# ALLOW_CIDR=0.0.0.0/0
-# ALLOW_ROLE=a
-# BASICZEEK=7
-# BASICSURI=7
-# BLOGS=
-# BNICS=eth1
-# ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-search
-install_type=SEARCHNODE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-# MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.66.166.72
-# MTU=
-# NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-# REDIRECTINFO=IP
-# RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-# STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/distributed-net-sensor
+++ b/setup/automation/distributed-net-sensor
@@ -1,68 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-# ALLOW_CIDR=0.0.0.0/0
-# ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=SURICATA
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=distributed-sensor
-install_type=SENSOR
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-# MANAGERADV=BASIC
-MANAGERUPDATES=1
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-MSRV=distributed-manager
-MSRVIP=10.66.166.72
-# MTU=
-# NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-# NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-# REDIRECTINFO=IP
-# RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-# STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-# WEBUSER=onionuser@somewhere.invalid
-# WEBPASSWD1=0n10nus3r
-# WEBPASSWD2=0n10nus3r
--- a/setup/automation/eval-airgap
+++ b/setup/automation/eval-airgap
@@ -1,67 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=eval
-install_type=EVAL
-INTERWEBS=AIRGAP
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/eval-cloud
+++ b/setup/automation/eval-cloud
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=eval
-install_type=EVAL
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-REDIRECTHOST=$(cat /root/public_ip)
-REDIRECTINFO=OTHER
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/eval-iso
+++ b/setup/automation/eval-iso
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=eval
-install_type=EVAL
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/eval-net
+++ b/setup/automation/eval-net
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-# address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=eval
-install_type=EVAL
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/import-airgap
+++ b/setup/automation/import-airgap
@@ -1,67 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=import
-install_type=IMPORT
-INTERWEBS=AIRGAP
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-# SOREMOTEPASS1=onionuser
-# SOREMOTEPASS2=onionuser
-STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/import-cloud
+++ b/setup/automation/import-cloud
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=import
-install_type=IMPORT
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-REDIRECTHOST=$(cat /root/public_ip)
-REDIRECTINFO=OTHER
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-# SOREMOTEPASS1=onionuser
-# SOREMOTEPASS2=onionuser
-STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/import-iso
+++ b/setup/automation/import-iso
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=import
-install_type=IMPORT
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-# SOREMOTEPASS1=onionuser
-# SOREMOTEPASS2=onionuser
-STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/import-net
+++ b/setup/automation/import-net
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-# address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-#BNICS=eth1
-ZEEKVERSION=SURICATA
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=import
-install_type=IMPORT
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-# OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-# PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-# SOREMOTEPASS1=onionuser
-# SOREMOTEPASS2=onionuser
-STRELKA=1
-# THEHIVE=0
-# WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/standalone-airgap
+++ b/setup/automation/standalone-airgap
@@ -1,67 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=standalone
-install_type=STANDALONE
-INTERWEBS=AIRGAP
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/standalone-cloud
+++ b/setup/automation/standalone-cloud
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=standalone
-install_type=STANDALONE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-REDIRECTHOST=$(cat /root/public_ip)
-REDIRECTINFO=OTHER
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/standalone-iso
+++ b/setup/automation/standalone-iso
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=ZEEK
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=standalone
-install_type=STANDALONE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/automation/standalone-net
+++ b/setup/automation/standalone-net
@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
-# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
-# https://securityonion.net/license; you may not use this file except in compliance with the
-# Elastic License 2.0.
-
-
-TESTING=true
-
-# address_type=DHCP
-ADMINUSER=onionuser
-ADMINPASS1=onionuser
-ADMINPASS2=onionuser
-ALLOW_CIDR=0.0.0.0/0
-ALLOW_ROLE=a
-BASICZEEK=2
-BASICSURI=2
-# BLOGS=
-BNICS=eth1
-ZEEKVERSION=SURICATA
-# CURCLOSEDAYS=
-# EVALADVANCED=BASIC
-# HELIXAPIKEY=
-HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
-HNSENSOR=inherit
-HOSTNAME=standalone
-install_type=STANDALONE
-# LSINPUTBATCHCOUNT=
-# LSINPUTTHREADS=
-# LSPIPELINEBATCH=
-# LSPIPELINEWORKERS=
-MANAGERADV=BASIC
-# MDNS=
-# MGATEWAY=
-# MIP=
-# MMASK=
-MNIC=eth0
-# MSEARCH=
-# MSRV=
-# MTU=
-NIDS=Suricata
-# NODE_ES_HEAP_SIZE=
-# NODE_LS_HEAP_SIZE=
-NODESETUP=NODEBASIC
-NSMSETUP=BASIC
-NODEUPDATES=MANAGER
-# OINKCODE=
-OSQUERY=1
-# PATCHSCHEDULEDAYS=
-# PATCHSCHEDULEHOURS=
-PATCHSCHEDULENAME=auto
-PLAYBOOK=1
-# REDIRECTHOST=
-REDIRECTINFO=IP
-RULESETUP=ETOPEN
-# SHARDCOUNT=
-# SKIP_REBOOT=
-SOREMOTEPASS1=onionuser
-SOREMOTEPASS2=onionuser
-STRELKA=1
-THEHIVE=0
-WAZUH=1
-WEBUSER=onionuser@somewhere.invalid
-WEBPASSWD1=0n10nus3r
-WEBPASSWD2=0n10nus3r
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -17,11 +17,11 @@ log() {
 }

 error() {
-	log "$1" "E"
+	log "$1" "ERROR"
 }

 info() {
-	log "$1" "I"
+	log "$1" "INFO"
 }

 title() {
@@ -68,9 +68,7 @@ add_web_user() {
 	wait_for_file /nsm/kratos/db/db.sqlite 30 5
 	{
 		info "Attempting to add administrator user for web interface...";
-		export SKIP_STATE_APPLY=true
 		echo "$WEBPASSWD1" | /usr/sbin/so-user add --email "$WEBUSER" --role "superuser";
-		unset SKIP_STATE_APPLY
 		info "Add user result: $?";
 	} >> "/root/so-user-add.log" 2>&1
 }
@@ -322,7 +320,7 @@ collect_hostname() {
 }

 collect_hostname_validate() {
-	if [[ $automated == no ]] && [[ "$HOSTNAME" == *'localhost'* ]]; then HOSTNAME=securityonion; fi
+	if [[ -z "$TESTING" ]] && [[ "$HOSTNAME" == *'localhost'* ]]; then HOSTNAME=securityonion; fi

 	whiptail_set_hostname "$HOSTNAME"

@@ -1600,6 +1598,15 @@ networking_needful() {
 	fi
 	set_main_ip
 	compare_main_nic_ip
+
+	# Attempt to autodetect the manager IP, if an offset value exists 
+	if [[ -n "$MSRVIP_OFFSET" && -z "$MSRVIP" ]]; then
+		mips1=$(echo "$MNIC_IP" | awk -F. '{print $1}') 
+		mips2=$(echo "$MNIC_IP" | awk -F. '{print $2}') 
+		mips3=$(echo "$MNIC_IP" | awk -F. '{print $3}') 
+		mips4=$(echo "$MNIC_IP" | awk -F. '{print $4}') 
+		MSRVIP="$mips1.$mips2.$mips3.$((mips4+$MSRVIP_OFFSET))"
+	fi
 }

 network_setup() {
@@ -1766,6 +1773,10 @@ reinstall_init() {

 	local service_retry_count=20

+	# Disregard previous install outcomes
+	rm -f /root/failure
+	rm -f /root/success
+
 	{
 		# remove all of root's cronjobs
 		logCmd "crontab -r -u root"
@@ -2269,20 +2280,20 @@ set_initial_firewall_policy() {
 	title "Setting Initial Firewall Policy"
 	if [ -f $default_salt_dir/salt/common/tools/sbin/so-firewall ]; then chmod +x $default_salt_dir/salt/common/tools/sbin/so-firewall; fi

-		case "$install_type" in
-			'MANAGER')
-				$default_salt_dir/salt/common/tools/sbin/so-firewall --role=manager --ip=$MAINIP --apply=true
-				;;
-			'EVAL' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
-				$default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true
-				;;
-		esac
+	case "$install_type" in
+		'EVAL' | 'MANAGER' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
+			$default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true
+			;;
+	esac
 }

 set_initial_firewall_access() {
 	if [[ ! -z "$ALLOW_CIDR" ]]; then
 		$default_salt_dir/salt/common/tools/sbin/so-firewall --role=analyst --ip=$ALLOW_CIDR --apply=true
 	fi
+	if [[ ! -z "$MINION_CIDR" ]]; then
+		$default_salt_dir/salt/common/tools/sbin/so-firewall --role=sensors --ip=$MINION_CIDR --apply=true
+	fi
 }

 # Set up the management interface on the ISO
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -37,10 +37,10 @@ source ./so-variables

 # Parse command line arguments
 setup_type=$1
-automation=$2
+test_profile=$2
+
 WHATWOULDYOUSAYYAHDOHERE=setup

-# This is for automation 
 while [[ $# -gt 0 ]]; do
 	arg="$1"
 	shift
@@ -49,12 +49,8 @@ while [[ $# -gt 0 ]]; do
 			export TURBO="http://${arg#*=}";;
 		"--proxy="* ) 
 			export {http,https,ftp,rsync,all}_proxy="${arg#*=}";;
-		"--allow-role="* )
-			export ALLOW_ROLE="${arg#*=}";;
 		"--allow-cidr="* )
 			export ALLOW_CIDR="${arg#*=}";;
-		"--skip-reboot" )
-			export SKIP_REBOOT=1;;
 		* )
 			if [[ "$arg" == "--"* ]]; then
 				echo "Invalid option"
@@ -166,41 +162,65 @@ catch() {
 	exit 1
 }

-automated=no
-
 # Add the progress function for manager node type installs
 progress() {
 	local msg=${1:-'Please wait while installing...'}

-	if [ $automated == no ]; then
+	if [ -z "$TESTING" ]; then
 		whiptail --title "$whiptail_title" --gauge "$msg" 6 70 0 # append to text
 	else
 		cat >> $setup_log 2>&1
 	fi		
 }

-# If using automation let's do automation things.
-if [[ -f automation/$automation && $(basename $automation) == $automation ]]; then
-	info "Preselecting variable values based on automated setup: $automation"
-	source automation/$automation
-	automated=yes
+if [ -n "$test_profile" ]; then
+	install_type="$(echo $test_profile |awk -F- '{print $1}')"
+	if [[ "$install_type" == "distributed" ]]; then
+		install_type=MANAGER
+	else
+		install_type=${install_type^^}
+	fi

-	attempt=1
-	attempts=60
-	ip a | grep "$MNIC:" | grep "state UP" >> $setup_log 2>&1
-	while [ $? -ne 0 ]; do
-		logCmd "ip a" 
-		if [ $attempt -gt $attempts ]; then
-			error "Network unavailable - setup cannot continue" 
-			exit 1
-		fi
-		info "Waiting for network to come up (attempt $attempt of $attempts)"
-		attempt=$((attempt + 1))
-		info "Sleeping 10s to try again"
-		sleep 10;
-		logCmd "ip a | grep '$MNIC:' | grep 'state UP'" 
-	done
-	info "Network is up on $MNIC"
+	# The below settings are hardcoded purely for automated testing purposes.
+	TESTING=true
+	
+	if [[ "$test_profile" =~ "-sensor" ]]; then
+		install_type=SENSOR
+		HOSTNAME=sensor
+		MSRVIP_OFFSET=-2
+	elif [[ "$test_profile" =~ "-search" ]]; then
+		install_type=SEARCHNODE
+		HOSTNAME=search
+		MSRVIP_OFFSET=-1
+	else
+		HOSTNAME=manager
+	fi
+	
+	info "Activating test profile; profile=$test_profile; install_type=$install_type"
+
+	MINION_CIDR=10.0.0.0/8
+	MSRV=manager
+	if [[ "$test_profile" =~ "-net" ]]; then
+		address_type=DHCP
+	elif [[ "$test_profile" =~ "-cloud" ]]; then
+		MSRVIP=10.99.1.20
+	elif [[ "$test_profile" =~ "-airgap" ]]; then
+		is_airgap=true
+	fi
+
+	if [ -f "/root/public_ip" ]; then
+		REDIRECTHOST=$(cat /root/public_ip)
+		REDIRECTINFO=OTHER
+	else
+		REDIRECTINFO=IP
+	fi
+
+	ALLOW_CIDR=0.0.0.0/0
+	MNIC=$(ls -1 /sys/class/net | head -1)
+	BNICS=$(ls -1 /sys/class/net | head -2 | tail -1)
+	WEBUSER=onionuser@somewhere.invalid
+	WEBPASSWD1=0n10nus3r
+	WEBPASSWD2=0n10nus3r
 fi

 # Make sure the setup type is suppoted.
@@ -227,7 +247,7 @@ dmesg -D

 # Kernel consoleblank is causing whiptail progress screen to appear to hang #1084
 # https://github.com/Security-Onion-Solutions/securityonion/issues/1084
-if [ "$automated" == no ]; then
+if [ -z "$TESTING" ]; then
 	TTY=$(tty)
 	info "Setup is running on TTY $TTY"
 	if echo $TTY | grep -q "/dev/tty"; then 
@@ -283,7 +303,7 @@ if ! [[ -f $install_opt_file ]]; then
 		compare_main_nic_ip

 	fi
-		if [[ $setup_type == 'iso' ]] && [ "$automated" == no ]; then
+	if [[ $setup_type == 'iso' ]] && [ -z "$TESTING" ]; then
 		whiptail_first_menu_iso
 		if [[ $option == "CONFIGURENETWORK" ]]; then
 			collect_hostname
@@ -454,7 +474,7 @@ if ! [[ -f $install_opt_file ]]; then
 		add_mngr_ip_to_hosts
 		check_manager_connection
 		collect_idh_services
-	        collect_idh_preferences
+		collect_idh_preferences
 		set_minion_info
 		whiptail_end_settings

--- a/setup/so-verify
+++ b/setup/so-verify
@@ -32,7 +32,7 @@ log_has_errors() {
    # Ignore Failed: 0 since that is the salt state output, and we detect state failures
    # via Result: False already.

-    grep -E "FAILED|Failed|failed|ERROR|Error|Result: False" "$setup_log" | \
+    grep -E "FAILED|Failed|failed|ERROR|Result: False" "$setup_log" | \
        grep -vE "The Salt Master has cached the public key for this node" | \
        grep -vE "Minion failed to authenticate with the master" | \
        grep -vE "Failed to connect to ::1" | \
@@ -79,21 +79,52 @@ status_failed() {
    return 1
 }

+# Creates scripts that are going to be invoked by the automated test system. These scripts will 
+# overwritten by Salt, once the minion is accepted into the grid and the salt states run. 
+create_temp_scripts_if_missing() {
+    if [ ! -f /usr/sbin/so-status ]; then
+        if [ -f /root/success ]; then
+            echo "echo 'so-status not yet available'" > /usr/sbin/so-status
+            echo "exit 0" >> /usr/sbin/so-status
+
+            # Pretend so-test succeeded in the interim period while waiting for this minion to be accepted. This avoids tests getting hung up.
+            echo "echo 'so-test not yet available'" > /usr/sbin/so-test
+            echo "exit 0" >> /usr/sbin/so-test
+            chmod a+x /usr/sbin/so-test
+        else
+            echo "echo 'Installation failed - so-status not available'" > /usr/sbin/so-status
+            echo "exit 100" >> /usr/sbin/so-status
+        fi
+        chmod a+x /usr/sbin/so-status
+    fi
+}
+
 main() {
    exit_code=0
-    if log_has_errors; then 
-    	echo "WARNING: Errors detected during setup"
+    if [ -f /root/success ]; then
+        echo "Successfully completed setup a while ago"
+    elif [  -f /root/failure ]; then
+        echo "WARNING: Failed setup a while ago"
        exit_code=1
+    elif log_has_errors; then 
+        echo "WARNING: Errors detected during setup"
+        exit_code=1
+        touch /root/failure
    elif using_iso && cron_error_in_mail_spool; then
-    	echo "WARNING: Unexpected cron job output in mail spool"
+        echo "WARNING: Unexpected cron job output in mail spool"
        exit_code=1
+        touch /root/failure
    elif is_manager_node && status_failed; then
        echo "WARNING: Containers are not in a healthy state"
        exit_code=1
+        touch /root/failure
    else
-	    echo "Successfully completed setup!"
-	fi
+        echo "Successfully completed setup!"
+        touch /root/success
+    fi

+    create_temp_scripts_if_missing
+    
    exit $exit_code
 }