CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12001 from Security-Onion-Solutions/2.4/update-clear-scripts

Browse Source 
FIX: Update clear scripts #11991
This commit is contained in:
Doug Burks
2023-12-13 12:01:11 -05:00
committed by GitHub
parent 196d59869a 2c4d0a0d71
commit b17e4006a1
3 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
salt/common/tools/sbin/so-nsm-clear
View File

@@ -41,8 +41,13 @@ done
if [ $SKIP -ne 1 ]; then if [ $SKIP -ne 1 ]; then
# Inform user we are about to delete all data # Inform user we are about to delete all data
echo echo
echo "This script will delete all NIDS data (PCAP, Suricata, Zeek)" echo "This script will delete all NSM data from /nsm."
echo "If you would like to proceed, please type "AGREE" and hit ENTER." echo
echo "This includes Suricata data, Zeek data, and full packet capture (PCAP)."
echo
echo "This will NOT delete any Suricata or Zeek logs that have already been ingested into Elasticsearch."
echo
echo "If you would like to proceed, then type AGREE and press ENTER."
echo echo
# Read user input # Read user input
read INPUT read INPUT
@@ -54,8 +59,8 @@ delete_pcap() {
[ -d $PCAP_DATA ] && so-pcap-stop && rm -rf $PCAP_DATA/* && so-pcap-start [ -d $PCAP_DATA ] && so-pcap-stop && rm -rf $PCAP_DATA/* && so-pcap-start
} }
delete_suricata() { delete_suricata() {
SURI_LOG="/opt/so/log/suricata/eve.json" SURI_LOG="/nsm/suricata/"
[ -f $SURI_LOG ] && so-suricata-stop && rm -f $SURI_LOG && so-suricata-start [ -d $SURI_LOG ] && so-suricata-stop && rm -rf $SURI_LOG/* && so-suricata-start
} }
delete_zeek() { delete_zeek() {
ZEEK_LOG="/nsm/zeek/logs/" ZEEK_LOG="/nsm/zeek/logs/"

2
salt/elasticsearch/tools/sbin/so-elastic-clear
View File

@@ -67,7 +67,7 @@ if [ $SKIP -ne 1 ]; then
echo echo
echo "This script will delete all data (documents, indices, etc.) in the Elasticsearch database." echo "This script will delete all data (documents, indices, etc.) in the Elasticsearch database."
echo echo
echo "If you would like to proceed, please type "AGREE" and hit ENTER." echo "If you would like to proceed, then type AGREE and press ENTER."
echo echo
# Read user input # Read user input
read INPUT read INPUT

2
salt/manager/tools/sbin_jinja/so-elastic-fleet-reset
View File

@@ -18,7 +18,7 @@ echo "This includes data previously ingested with Fleet such as Zeek and Suricat
echo "Deployed Elastic Agents will no longer be enrolled and will need to be reinstalled." echo "Deployed Elastic Agents will no longer be enrolled and will need to be reinstalled."
echo "This script should only be used as a last resort to reinstall Elastic Fleet." echo "This script should only be used as a last resort to reinstall Elastic Fleet."
echo echo
echo "If you would like to proceed, type AGREE and hit ENTER." echo "If you would like to proceed, then type AGREE and press ENTER."
echo echo
# Read user input # Read user input
read INPUT read INPUT