CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #445 from Security-Onion-Solutions/fix/kibana_config

Browse Source 
more Kibana config
This commit is contained in:
weslambert
2020-03-23 14:12:11 -04:00
committed by GitHub
parent d21df50689 a43154e0eb
commit c1e3a00d22
4 changed files with 558 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
salt/kibana/bin/so-kibana-config-load Normal file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
VERSION="7.6.1"
curl -X PUT "localhost:5601/api/saved_objects/config/$VERSION" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d'
{ "attributes":
{
"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29",
"defaultRoute":"/app/kibana#/dashboard/a8411b30-6d03-11ea-b301-3d6c35840645",
"discover:sampleSize":"100",
"dashboard:defaultDarkTheme":true,
"theme:darkMode":true,
"timepicker:timeDefaults":"{\n \"from\": \"now-24h\",\n \"to\": \"now\",\n \"mode\": \"quick\"\n}"
}
}'
curl -X POST "localhost:5601/api/saved_objects/_import" -H "kbn-xsrf: true" --form file=@/opt/so/saltstack/salt/kibana/etc/saved_objects.ndjson

15
salt/kibana/etc/config.json
View File

@@ -1,9 +1,10 @@
{ "attributes": { "attributes":
{ {
"defaultIndex": "*:so-*", "defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29",
"discover:sampleSize":"100", "defaultRoute":"/app/kibana#/dashboard/a8411b30-6d03-11ea-b301-3d6c35840645",
"dashboard:defaultDarkTheme":true, "discover:sampleSize":"100",
"theme:darkMode":true, "dashboard:defaultDarkTheme":true,
"timepicker:timeDefaults":"{\n \"from\": \"now-24h\",\n \"to\": \"now\",\n \"mode\": \"quick\"\n}" "theme:darkMode":true,
} "timepicker:timeDefaults":"{\n \"from\": \"now-24h\",\n \"to\": \"now\",\n \"mode\": \"quick\"\n}"
}
} }

507
salt/kibana/etc/saved_objects.ndjson Normal file
View File

File diff suppressed because one or more lines are too long

37
salt/kibana/init.sls
View File

@@ -1,11 +1,4 @@
{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.1.4') %} {% set master = salt['grains.get']('master') %}
{% set MASTER = salt['grains.get']('master') %}
{% set FEATURES = salt['pillar.get']('elastic:features', False) %}
{% if FEATURES %}
{% set FEATURES = "-features" %}
{% else %}
{% set FEATURES = '' %}
{% endif %}
# Add ES Group # Add ES Group
kibanasearchgroup: kibanasearchgroup:
@@ -59,17 +52,25 @@ synckibanacustom:
- user: 932 - user: 932
- group: 939 - group: 939
# File.Recurse for custom saved dashboards
so-kibanaimage:
cmd.run:
- name: docker pull --disable-content-trust=false docker.io/soshybridhunter/so-kibana:HH1.1.1
# Start the kibana docker # Start the kibana docker
so-kibana: so-kibana:
docker_container.running: docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-kibana:{{ VERSION }}{{ FEATURES }} - require:
- so-kibanaimage
- image: docker.io/soshybridhunter/so-kibana:HH1.1.1
- hostname: kibana - hostname: kibana
- user: kibana - user: kibana
- environment: - environment:
- KIBANA_DEFAULTAPPID=dashboard/94b52620-342a-11e7-9d52-4f090484f59e - KIBANA_DEFAULTAPPID=dashboard/94b52620-342a-11e7-9d52-4f090484f59e
- ELASTICSEARCH_HOST={{ MASTER }} - ELASTICSEARCH_HOST={{ master }}
- ELASTICSEARCH_PORT=9200 - ELASTICSEARCH_PORT=9200
- MASTER={{ MASTER }} - MASTER={{ master }}
- binds: - binds:
- /opt/so/conf/kibana/etc:/usr/share/kibana/config:rw - /opt/so/conf/kibana/etc:/usr/share/kibana/config:rw
- /opt/so/log/kibana:/var/log/kibana:rw - /opt/so/log/kibana:/var/log/kibana:rw
@@ -77,3 +78,17 @@ so-kibana:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- port_bindings: - port_bindings:
- 0.0.0.0:5601:5601 - 0.0.0.0:5601:5601
so-kibana-config-load:
cmd.script:
- shell: /bin/bash
- runas: socore
- source: salt://kibana/bin/so-kibana-config-load
# Keep the setting correct
#KibanaHappy:
# cmd.script:
# - shell: /bin/bash
# - runas: socore
# - source: salt://kibana/bin/keepkibanahappy.sh
# - template: jinja