Merge branch 'quickfix/helix' into dev

2025-12-07 09:42:46 +01:00 · 2020-02-05 11:12:51 -05:00
parent 8148be6ec8 f042cb074f
commit d133222a86
6 changed files with 12 additions and 8 deletions
--- a/pillar/logstash/helix.sls
+++ b/pillar/logstash/helix.sls
@@ -0,0 +1,4 @@
+logstash:
+  pipelines:
+    helix:
+      config: "/usr/share/logstash/pipelines/helix/*.conf"
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -48,6 +48,7 @@ base:
    - static
    - firewall.*
    - fireeye
-    - static
    - brologs
+    - logstash.helix
+    - static
    - minions.{{ grains.id }}
--- a/salt/common/grafana/grafana_dashboards/eval/eval.json
+++ b/salt/common/grafana/grafana_dashboards/eval/eval.json
@@ -1395,7 +1395,7 @@
              "condition": "AND",
              "key": "container_name",
              "operator": "=",
-              "value": "so-bro"
+              "value": "so-zeek"
            }
          ]
        }
@@ -1913,7 +1913,7 @@
              "condition": "AND",
              "key": "container_name",
              "operator": "=",
-              "value": "so-bro"
+              "value": "so-zeek"
            }
          ]
        }
--- a/salt/common/grafana/grafana_dashboards/forward_nodes/sensor.json
+++ b/salt/common/grafana/grafana_dashboards/forward_nodes/sensor.json
@@ -1396,7 +1396,7 @@
              "condition": "AND",
              "key": "container_name",
              "operator": "=",
-              "value": "so-bro"
+              "value": "so-zeek"
            }
          ]
        }
@@ -1901,7 +1901,7 @@
              "condition": "AND",
              "key": "container_name",
              "operator": "=",
-              "value": "so-bro"
+              "value": "so-zeek"
            }
          ]
        }
--- a/salt/common/telegraf/scripts/broloss.sh
+++ b/salt/common/telegraf/scripts/broloss.sh
@@ -1,7 +1,7 @@
 #!/bin/bash

-BROLOG=$(tac /host/nsm/bro/logs/packetloss.log | head -2)
-declare RESULT=($BROLOG)
+ZEEKLOG=$(tac /host/nsm/zeek/logs/packetloss.log | head -2)
+declare RESULT=($ZEEKLOG)
 CURRENTDROP=${RESULT[3]}
 PASTDROP=${RESULT[9]}
 DROPPED=$(($CURRENTDROP - $PASTDROP))
--- a/setup/so-setup.sh
+++ b/setup/so-setup.sh
@@ -197,7 +197,6 @@ if (whiptail_you_sure) ; then
      patch_pillar >> $SETUPLOG 2>&1
      echo "** Generating the FireEye pillar **" >> $SETUPLOG
      fireeye_pillar >> $SETUPLOG 2>&1
-      sensor_pillar >> $SETUPLOG 2>&1
      echo -e "XXX\n24\nCopying Minion Pillars to Master... \nXXX"
      copy_minion_tmp_files >> $SETUPLOG 2>&1
      # Do a checkin to push the key up