diff --git a/salt/kibana/bin/so-kibana-config-load b/salt/kibana/bin/so-kibana-config-load index d98b0e85f..51a30c911 100644 --- a/salt/kibana/bin/so-kibana-config-load +++ b/salt/kibana/bin/so-kibana-config-load @@ -12,48 +12,72 @@ fi } +RETURN_CODE=0 + import() { - local file=$1 - ndjson_file=$(echo $file | sed -e "s/\.template$//") - # Copy template file - if [ "$file" != "$ndjson_file" ]; then - cp "$file" "$ndjson_file" - fi + local BASENAME=$(basename $1 | cut -d'.' -f1) + if [ ! -f "/opt/so/state/kibana_$BASENAME.txt" ]; then + local file=$1 + ndjson_file=$(echo $file | sed -e "s/\.template$//") + # Copy template file + if [ "$file" != "$ndjson_file" ]; then + cp "$file" "$ndjson_file" + fi - # SOCtopus and Manager - if grep -lq 'PLACEHOLDER' "$ndjson_file"; then - sed -i "s/PLACEHOLDER/{{ MANAGER }}/g" "$ndjson_file" - fi - - # Endgame - if grep -lq 'ENDGAMEHOST' "$ndjson_file"; then - sed -i "s/ENDGAMEHOST/{{ ENDGAMEHOST }}/g" "$ndjson_file" - fi - - wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}" + # SOCtopus and Manager + if grep -lq 'PLACEHOLDER' "$ndjson_file"; then + sed -i "s/PLACEHOLDER/{{ MANAGER }}/g" "$ndjson_file" + fi - SESSIONCOOKIE=$({{ ELASTICCURL }} -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}') - # Load saved objects - {{ ELASTICCURL }} -b "sid=$SESSIONCOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@"$ndjson_file" >> /opt/so/log/kibana/misc.log + # Endgame + if grep -lq 'ENDGAMEHOST' "$ndjson_file"; then + sed -i "s/ENDGAMEHOST/{{ ENDGAMEHOST }}/g" "$ndjson_file" + fi + + wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}" + RETURN_CODE=$? + + SESSIONCOOKIE=$({{ ELASTICCURL }} -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}') + + # Load saved objects + RESPONSE=$({{ ELASTICCURL }} -b "sid=$SESSIONCOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@"$ndjson_file") + echo $RESPONSE; if [[ "$RESPONSE" == *"error"* ]]; then RETURN_CODE=1;fi + + if [[ "$RETURN_CODE" != "1" ]]; then + touch /opt/so/state/kibana_$BASENAME.txt + fi + else + exit $RETURN_CODE + fi } update() { - wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}" - IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))' - for i in "${LINES[@]}"; do - {{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/7.17.1" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i " - done + local BASENAME=$(basename $1 | cut -d'.' -f1) + if [ ! -f "/opt/so/state/kibana_$BASENAME.txt" ]; then + wait_for_web_response "http://localhost:5601/app/kibana" "Elastic" 300 "{{ ELASTICCURL }}" + RETURN_CODE=$? + IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))' + for i in "${LINES[@]}"; do + RESPONSE=$({{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/7.17.1" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ") + echo $RESPONSE; if [[ "$RESPONSE" == *"error"* ]]; then RETURN_CODE=1; fi + done + if [[ "$RETURN_CODE" != "1" ]]; then + touch /opt/so/state/kibana_$BASENAME.txt + fi + else + exit $RETURN_CODE + fi } usage() { cat < Import saved objects - -u Update saved objects + Security Onion Kibana Config Loader + Options: + -h This message + -i Import saved objects + -u Update saved objects EOF }