CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-14 22:28:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

update references of /opt/so/saltstack to /opt/so/saltstack/default. use var default_salt_dir where appropriate - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/749

Browse Source
This commit is contained in:
m0duspwnens
2020-05-21 10:54:47 -04:00
parent 9aff026569
commit d0242c1da6
23 changed files with 120 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/common/tools/sbin/so-allow
+3 -2
View File
@@ -17,6 +17,7 @@
. /usr/sbin/so-common
default_salt_dir=/opt/so/saltstack/default
SKIP=0
while getopts "abowi:" OPTION
@@ -80,10 +81,10 @@ if [ "$SKIP" -eq 0 ]; then
fi
echo "Adding $IP to the $FULLROLE role. This can take a few seconds"
/opt/so/saltstack/pillar/firewall/addfirewall.sh $FULLROLE $IP
$default_salt_dir/pillar/firewall/addfirewall.sh $FULLROLE $IP
# Check if Wazuh enabled
if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then
if grep -q -R "wazuh: 1" $default_salt_dir/pillar/*; then
# If analyst, add to Wazuh AR whitelist
if [ "$FULLROLE" == "analyst" ]; then
WAZUH_MGR_CFG="/opt/so/wazuh/etc/ossec.conf"
salt/common/tools/sbin/so-bro-logs
+4 -3
View File
@@ -1,11 +1,12 @@
#!/bin/bash
default_salt_dir=/opt/so/saltstack/default
bro_logs_enabled() {
echo "brologs:" > /opt/so/saltstack/pillar/brologs.sls
echo " enabled:" >> /opt/so/saltstack/pillar/brologs.sls
echo "brologs:" > $default_salt_dir/pillar/brologs.sls
echo " enabled:" >> $default_salt_dir/pillar/brologs.sls
for BLOG in ${BLOGS[@]}; do
echo " - $BLOG" | tr -d '"' >> /opt/so/saltstack/pillar/brologs.sls
echo " - $BLOG" | tr -d '"' >> $default_salt_dir/pillar/brologs.sls
done
}
salt/common/tools/sbin/so-elasticsearch-templates
+2 -1
View File
@@ -15,12 +15,13 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
default_salt_dir=/opt/so/saltstack/default
ELASTICSEARCH_HOST="{{ MASTERIP}}"
ELASTICSEARCH_PORT=9200
#ELASTICSEARCH_AUTH=""
# Define a default directory to load pipelines from
ELASTICSEARCH_TEMPLATES="/opt/so/saltstack/salt/logstash/pipelines/templates/so/"
ELASTICSEARCH_TEMPLATES="$default_salt_dir/salt/logstash/pipelines/templates/so/"
# Wait for ElasticSearch to initialize
echo -n "Waiting for ElasticSearch..."
salt/common/tools/sbin/so-features-enable
+3 -2
View File
@@ -15,10 +15,11 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
. /usr/sbin/so-common
default_salt_dir=/opt/so/saltstack/default
VERSION=$(grep soversion /opt/so/saltstack/pillar/static.sls | cut -d':' -f2|sed 's/ //g')
VERSION=$(grep soversion $default_salt_dir/pillar/static.sls | cut -d':' -f2|sed 's/ //g')
# Modify static.sls to enable Features
sed -i 's/features: False/features: True/' /opt/so/saltstack/pillar/static.sls
sed -i 's/features: False/features: True/' $default_salt_dir/pillar/static.sls
SUFFIX="-features"
TRUSTED_CONTAINERS=( \
"so-elasticsearch:$VERSION$SUFFIX" \
salt/common/tools/sbin/so-helix-apikey
+5 -2
View File
@@ -1,4 +1,7 @@
#!/bin/bash
default_salt_dir=/opt/so/saltstack/default
got_root() {
# Make sure you are root
@@ -10,13 +13,13 @@ got_root() {
}
got_root
if [ ! -f /opt/so/saltstack/pillar/fireeye/init.sls ]; then
if [ ! -f $default_salt_dir/pillar/fireeye/init.sls ]; then
echo "This is nto configured for Helix Mode. Please re-install."
exit
else
echo "Enter your Helix API Key: "
read APIKEY
sed -i "s/^ api_key.*/ api_key: $APIKEY/g" /opt/so/saltstack/pillar/fireeye/init.sls
sed -i "s/^ api_key.*/ api_key: $APIKEY/g" $default_salt_dir/pillar/fireeye/init.sls
docker stop so-logstash
docker rm so-logstash
echo "Restarting Logstash for updated key"