diff --git a/pillar/docker/config.sls b/pillar/docker/config.sls index 3c90b710a..f8426b8cb 100644 --- a/pillar/docker/config.sls +++ b/pillar/docker/config.sls @@ -44,7 +44,6 @@ eval: {% endif %} {% if PLAYBOOK != '0' %} - so-playbook - - so-navigator {% endif %} {% if FREQSERVER != '0' %} - so-freqserver @@ -116,7 +115,6 @@ master_search: {% endif %} {% if PLAYBOOK != '0' %} - so-playbook - - so-navigator {% endif %} {% if FREQSERVER != '0' %} - so-freqserver @@ -159,7 +157,6 @@ master: {% endif %} {% if PLAYBOOK != '0' %} - so-playbook - - so-navigator {% endif %} {% if FREQSERVER != '0' %} - so-freqserver diff --git a/salt/common/maps/playbook.map.jinja b/salt/common/maps/playbook.map.jinja index 064262119..84baa8dec 100644 --- a/salt/common/maps/playbook.map.jinja +++ b/salt/common/maps/playbook.map.jinja @@ -1,6 +1,5 @@ {% set docker = { 'containers': [ - 'so-playbook', - 'so-navigator' + 'so-playbook' ] } %} \ No newline at end of file diff --git a/salt/common/tools/sbin/so-docker-refresh b/salt/common/tools/sbin/so-docker-refresh index 75415e6fa..d4796818d 100644 --- a/salt/common/tools/sbin/so-docker-refresh +++ b/salt/common/tools/sbin/so-docker-refresh @@ -81,7 +81,6 @@ if [ $MASTERCHECK != 'so-helix' ]; then "so-kratos:$VERSION" \ "so-logstash:$VERSION" \ "so-mysql:$VERSION" \ - "so-navigator:$VERSION" \ "so-nginx:$VERSION" \ "so-playbook:$VERSION" \ "so-redis:$VERSION" \ diff --git a/salt/common/tools/sbin/so-elastic-download b/salt/common/tools/sbin/so-elastic-download index 216f51410..4c3406c74 100755 --- a/salt/common/tools/sbin/so-elastic-download +++ b/salt/common/tools/sbin/so-elastic-download @@ -18,7 +18,6 @@ TRUSTED_CONTAINERS=( \ "so-kibana:$VERSION" \ "so-logstash:$VERSION" \ "so-mysql:$VERSION" \ -"so-navigator:$VERSION" \ "so-playbook:$VERSION" \ "so-redis:$VERSION" \ "so-sensoroni:$VERSION" \ diff --git a/salt/curator/files/bin/so-curator-closed-delete-delete b/salt/curator/files/bin/so-curator-closed-delete-delete index 3d397defc..9075752db 100755 --- a/salt/curator/files/bin/so-curator-closed-delete-delete +++ b/salt/curator/files/bin/so-curator-closed-delete-delete @@ -1,4 +1,6 @@ +#!/bin/bash + {%- if grains['role'] in ['so-node', 'so-searchnode', 'so-heavynode'] %} {%- set ELASTICSEARCH_HOST = salt['pillar.get']('node:mainip', '') -%} {%- set ELASTICSEARCH_PORT = salt['pillar.get']('node:es_port', '') -%} @@ -9,8 +11,6 @@ {%- set LOG_SIZE_LIMIT = salt['pillar.get']('master:log_size_limit', '') -%} {%- endif -%} -#!/bin/bash -# # Copyright 2014,2015,2016,2017,2018 Security Onion Solutions, LLC # # This program is free software: you can redistribute it and/or modify diff --git a/salt/firewall/assigned_hostgroups.map.yaml b/salt/firewall/assigned_hostgroups.map.yaml index ea7b23afb..aa41322a3 100644 --- a/salt/firewall/assigned_hostgroups.map.yaml +++ b/salt/firewall/assigned_hostgroups.map.yaml @@ -13,7 +13,6 @@ role: - {{ portgroups.wazuh_authd }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} @@ -95,7 +94,6 @@ role: - {{ portgroups.wazuh_authd }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} @@ -174,7 +172,6 @@ role: - {{ portgroups.wazuh_authd }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} @@ -253,7 +250,6 @@ role: - {{ portgroups.wazuh_authd }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} @@ -330,7 +326,6 @@ role: - {{ portgroups.wazuh_agent }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} diff --git a/salt/firewall/portgroups.yaml b/salt/firewall/portgroups.yaml index 2f3d5032a..7f09d1139 100644 --- a/salt/firewall/portgroups.yaml +++ b/salt/firewall/portgroups.yaml @@ -48,9 +48,6 @@ firewall: mysql: tcp: - 3306 - navigator: - tcp: - - 4200 nginx: tcp: - 80 diff --git a/salt/master/files/registry/scripts/so-docker-download b/salt/master/files/registry/scripts/so-docker-download index 2670acf26..1213ae72a 100644 --- a/salt/master/files/registry/scripts/so-docker-download +++ b/salt/master/files/registry/scripts/so-docker-download @@ -18,7 +18,6 @@ TRUSTED_CONTAINERS=( \ "so-wazuh:$VERSION" \ "so-kibana:$VERSION" \ "so-elastalert:$VERSION" \ -"so-navigator:$VERSION" \ "so-filebeat:$VERSION" \ "so-suricata:$VERSION" \ "so-logstash:$VERSION" \ diff --git a/salt/navigator/files/nav_layer_playbook.json b/salt/nginx/files/nav_layer_playbook.json similarity index 100% rename from salt/navigator/files/nav_layer_playbook.json rename to salt/nginx/files/nav_layer_playbook.json diff --git a/salt/navigator/files/navigator_config.json b/salt/nginx/files/navigator_config.json similarity index 100% rename from salt/navigator/files/navigator_config.json rename to salt/nginx/files/navigator_config.json diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls index 296774a02..2ead5587a 100644 --- a/salt/nginx/init.sls +++ b/salt/nginx/init.sls @@ -40,6 +40,15 @@ nginxtmp: - group: 939 - makedirs: True +navigatorconfig: + file.managed: + - name: /opt/so/conf/navigator/navigator_config.json + - source: salt://nginx/files/navigator_config.json + - user: 939 + - group: 939 + - makedirs: True + - template: jinja + so-nginx: docker_container.running: - image: {{ MASTER }}:5000/soshybridhunter/so-nginx:{{ VERSION }} @@ -52,6 +61,9 @@ so-nginx: - /etc/pki/masterssl.crt:/etc/pki/nginx/server.crt:ro - /etc/pki/masterssl.key:/etc/pki/nginx/server.key:ro - /opt/so/conf/fleet/packages:/opt/socore/html/packages + # ATT&CK Navigator binds + - /opt/so/conf/navigator/navigator_config.json:/opt/socore/html/navigator/assets/config.json:ro + - /opt/so/conf/navigator/nav_layer_playbook.json:/opt/socore/html/navigator/assets/playbook.json:ro - cap_add: NET_BIND_SERVICE - port_bindings: - 80:80 diff --git a/salt/top.sls b/salt/top.sls index 3629fbe0b..3cc7ec7a5 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -2,7 +2,6 @@ {%- set WAZUH = salt['pillar.get']('static:wazuh', '0') -%} {%- set THEHIVE = salt['pillar.get']('master:thehive', '0') -%} {%- set PLAYBOOK = salt['pillar.get']('master:playbook', '0') -%} -{%- set NAVIGATOR = salt['pillar.get']('master:navigator', '0') -%} {%- set FREQSERVER = salt['pillar.get']('master:freq', '0') -%} {%- set DOMAINSTATS = salt['pillar.get']('master:domainstats', '0') -%} {%- set FLEETMASTER = salt['pillar.get']('static:fleet_master', False) -%} @@ -109,9 +108,6 @@ base: {%- if PLAYBOOK != 0 %} - playbook {%- endif %} - {%- if NAVIGATOR != 0 %} - - navigator - {%- endif %} {%- if FREQSERVER != 0 %} - freqserver {%- endif %} @@ -159,9 +155,6 @@ base: {%- if PLAYBOOK != 0 %} - playbook {%- endif %} - {%- if NAVIGATOR != 0 %} - - navigator - {%- endif %} {%- if FREQSERVER != 0 %} - freqserver {%- endif %} @@ -219,9 +212,6 @@ base: {%- if PLAYBOOK != 0 %} - playbook {%- endif %} - {%- if NAVIGATOR != 0 %} - - navigator - {%- endif %} {%- if FREQSERVER != 0 %} - freqserver {%- endif %} @@ -336,9 +326,6 @@ base: {%- if PLAYBOOK != 0 %} - playbook {%- endif %} - {%- if NAVIGATOR != 0 %} - - navigator - {%- endif %} {%- if FREQSERVER != 0 %} - freqserver {%- endif %} diff --git a/setup/automation/pm_standalone_defaults b/setup/automation/pm_standalone_defaults index 2f62fab98..ac0033f83 100644 --- a/setup/automation/pm_standalone_defaults +++ b/setup/automation/pm_standalone_defaults @@ -50,7 +50,6 @@ MNIC=eth0 # MSEARCH= # MSRV= # MTU= -NAVIGATOR=1 NIDS=Suricata # NODE_ES_HEAP_SIZE= # NODE_LS_HEAP_SIZE= diff --git a/setup/so-functions b/setup/so-functions index 1ba4b66a1..04bdbe8dd 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -718,7 +718,6 @@ docker_seed_registry() { "so-influxdb:$VERSION" \ "so-kibana:$VERSION" \ "so-mysql:$VERSION" \ - "so-navigator:$VERSION" \ "so-playbook:$VERSION" \ "so-soc:$VERSION" \ "so-kratos:$VERSION" \ @@ -910,7 +909,6 @@ master_pillar() { " osquery: $OSQUERY"\ " thehive: $THEHIVE"\ " playbook: $PLAYBOOK"\ - " navigator: $NAVIGATOR"\ " url_base: $REDIRECTIT"\ ""\ "kratos:" >> "$pillar_file" diff --git a/setup/so-setup b/setup/so-setup index 478151def..070a3b857 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -555,11 +555,6 @@ fi salt-call state.apply -l info playbook >> $setup_log 2>&1 fi - if [[ "$NAVIGATOR" = 1 ]]; then - set_progress_str 78 "$(print_salt_state_apply 'navigator')" - salt-call state.apply -l info navigator >> $setup_log 2>&1 - fi - if [[ $is_master || $is_helix ]]; then set_progress_str 81 "$(print_salt_state_apply 'utility')" salt-call state.apply -l info utility >> $setup_log 2>&1 diff --git a/setup/so-whiptail b/setup/so-whiptail index 48e74e9b5..563f84105 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -343,7 +343,6 @@ whiptail_enable_components() { WAZUH "Enable Wazuh" ON \ THEHIVE "Enable TheHive" ON \ PLAYBOOK "Enable Playbook" ON \ - NAVIGATOR "Enable ATT&CK Navigator" ON \ STRELKA "Enable Strelka" ON 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus diff --git a/upgrade/so-update-functions b/upgrade/so-update-functions index dd4235902..8b7fcd312 100644 --- a/upgrade/so-update-functions +++ b/upgrade/so-update-functions @@ -51,7 +51,6 @@ if [ $MASTERCHECK != 'so-helix' ]; then "so-kratos:$BUILD$UPDATEVERSION" \ "so-logstash:$BUILD$UPDATEVERSION" \ "so-mysql:$BUILD$UPDATEVERSION" \ - "so-navigator:$BUILD$UPDATEVERSION" \ "so-nginx:$BUILD$UPDATEVERSION" \ "so-playbook:$BUILD$UPDATEVERSION" \ "so-redis:$BUILD$UPDATEVERSION" \