CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/2.4/dev' into issue/10229

Browse Source
This commit is contained in:
m0duspwnens
2023-05-16 09:22:48 -04:00
parent a0e08e4f41 1724565331
commit b253cd45ca
9 changed files with 49 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
setup/so-functions
View File

@@ -37,14 +37,8 @@ logCmd() {
airgap_rules() {
# Copy the rules for suricata if using Airgap
mkdir -p /nsm/repo/rules
cp -v /root/SecurityOnion/agrules/emerging-all.rules /nsm/repo/rules/
# Copy over sigma rules
cp -Rv /root/SecurityOnion/agrules/sigma /nsm/repo/rules/
# Don't leave Strelka out
cp -Rv /root/SecurityOnion/agrules/strelka /nsm/repo/rules/
mkdir -p /nsm/rules
cp -Rv /root/SecurityOnion/agrules/* /nsm/rules/
}
add_admin_user() {
@@ -973,7 +967,7 @@ download_elastic_agent_artifacts() {
else
logCmd "mkdir -p /nsm/elastic-fleet/artifacts/beats/elastic-agent/"
logCmd "curl --retry 5 --retry-delay 60 https://repo.securityonion.net/file/so-repo/prod/2.4/elasticagent/elastic-agent_SO-$SOVERSION.tar.gz --output /nsm/elastic-fleet/artifacts/elastic-agent_SO-$SOVERSION.tar.gz"
logCmd "tar -xf /nsm/elastic-fleet/artifacts/beats/elastic-agent_SO-$SOVERSION.tar.gz -C /nsm/elastic-fleet/artifacts/beats/elastic-agent/"
logCmd "tar -xf /nsm/elastic-fleet/artifacts/elastic-agent_SO-$SOVERSION.tar.gz -C /nsm/elastic-fleet/artifacts/beats/elastic-agent/"
fi
}

5
setup/so-setup
View File

@@ -202,12 +202,13 @@ if [ -n "$test_profile" ]; then
MINION_CIDR=10.0.0.0/8
MSRV=manager
if [[ "$test_profile" =~ "-net" ]]; then
if [[ "$test_profile" =~ "-net" ]] || [[ "$test_profile" =~ "-iso" ]]; then
address_type=DHCP
elif [[ "$test_profile" =~ "-cloud" ]]; then
MSRVIP=10.99.1.20
elif [[ "$test_profile" =~ "-airgap" ]]; then
is_airgap=true
address_type=DHCP
fi
if [ -f "/root/public_ip" ]; then
@@ -224,6 +225,8 @@ if [ -n "$test_profile" ]; then
WEBUSER=onionuser@somewhere.invalid
WEBPASSWD1=0n10nus3r
WEBPASSWD2=0n10nus3r
update_sudoers_for_testing
fi
# Make sure the setup type is suppoted.

1
setup/so-verify
View File

@@ -44,6 +44,7 @@ log_has_errors() {
grep -vE "Exception in callback None" | \
grep -vE "deprecation: ERROR" | \
grep -vE "code: 100" | \
grep -vE "/nsm/repo/rules/sigma/rules*" | \
grep -vE "Running scope as unit" &> "$error_log"
if [[ $? -eq 0 ]]; then