CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13624 from Security-Onion-Solutions/esver

Browse Source 
fix es agent update for soup
This commit is contained in:
Josh Patterson
2024-09-06 10:46:18 -04:00
committed by GitHub
parent b9d93118b9 2e379dd29c
commit ba0779ea1e
5 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/common/tools/sbin/so-common
View File

@@ -677,7 +677,8 @@ has_uppercase() {
} }
update_elastic_agent() { update_elastic_agent() {
get_elastic_agent_vars local path="${1:-/opt/so/saltstack/default}"
get_elastic_agent_vars "$path"
echo "Checking if Elastic Agent update is necessary..." echo "Checking if Elastic Agent update is necessary..."
download_and_verify "$ELASTIC_AGENT_URL" "$ELASTIC_AGENT_MD5_URL" "$ELASTIC_AGENT_FILE" "$ELASTIC_AGENT_MD5" "$ELASTIC_AGENT_EXPANSION_DIR" download_and_verify "$ELASTIC_AGENT_URL" "$ELASTIC_AGENT_MD5_URL" "$ELASTIC_AGENT_FILE" "$ELASTIC_AGENT_MD5" "$ELASTIC_AGENT_EXPANSION_DIR"
} }

2
salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-grid-upgrade
View File

@@ -5,7 +5,7 @@
# this file except in compliance with the Elastic License 2.0. # this file except in compliance with the Elastic License 2.0.
. /usr/sbin/so-common . /usr/sbin/so-common
{%- import_yaml 'elasticsearch/defaults.yaml' as ELASTICSEARCHDEFAULTS -%} {%- import_yaml 'elasticsearch/defaults.yaml' as ELASTICSEARCHDEFAULTS %}
# Only run on Managers # Only run on Managers
if ! is_manager_node; then if ! is_manager_node; then

5
salt/manager/tools/sbin/soup
View File

@@ -837,12 +837,13 @@ determine_elastic_agent_upgrade() {
if [[ $is_airgap -eq 0 ]]; then if [[ $is_airgap -eq 0 ]]; then
update_elastic_agent_airgap update_elastic_agent_airgap
else else
update_elastic_agent # the new elasticsearch defaults.yaml file is not yet placed in /opt/so/saltstack/default/salt/elasticsearch yet
update_elastic_agent "$UPDATE_DIR"
fi fi
} }
update_elastic_agent_airgap() { update_elastic_agent_airgap() {
get_elastic_agent_vars get_elastic_agent_vars "/tmp/soagupdate/SecurityOnion"
rsync -av /tmp/soagupdate/fleet/* /nsm/elastic-fleet/artifacts/ rsync -av /tmp/soagupdate/fleet/* /nsm/elastic-fleet/artifacts/
tar -xf "$ELASTIC_AGENT_FILE" -C "$ELASTIC_AGENT_EXPANSION_DIR" tar -xf "$ELASTIC_AGENT_FILE" -C "$ELASTIC_AGENT_EXPANSION_DIR"
} }

4
salt/suricata/tools/sbin/so-suricata-reload-rules
View File

@@ -7,5 +7,5 @@
. /usr/sbin/so-common . /usr/sbin/so-common
retry 40 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c reload-rules /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' retry 60 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c reload-rules /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' || fail "The Suricata container was not ready in time."
retry 40 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c ruleset-reload-nonblocking /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' retry 60 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c ruleset-reload-nonblocking /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' || fail "The Suricata container was not ready in time."

4
setup/so-setup
View File

@@ -759,8 +759,8 @@ if ! [[ -f $install_opt_file ]]; then
title "Downloading IDS Rules" title "Downloading IDS Rules"
logCmd "so-rule-update" logCmd "so-rule-update"
if [[ $monints || $is_import ]]; then if [[ $monints || $is_import ]]; then
title "Restarting Suricata to pick up the new rules" title "Applying the Suricata state to load the new rules"
logCmd "so-suricata-restart" logCmd "salt-call state.apply suricata -l info"
fi fi
fi fi
title "Setting up Kibana Default Space" title "Setting up Kibana Default Space"