CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-30 11:54:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix annotations and defaults for logstash

Browse Source
This commit is contained in:
Mike Reeves
2023-05-03 13:37:06 -04:00
parent 3d10a60502 b4b84038ed
commit d5c4a2887e
53 changed files with 2527 additions and 1080 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
setup/so-functions
View File

@@ -917,17 +917,19 @@ create_repo() {
logCmd "createrepo /nsm/repo"
}
detect_cloud() {
info "Testing if setup is running on a cloud instance..."
if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || \
( curl --fail -s -m 5 -H "X-aws-ec2-metadata-token: $(curl -s -X PUT -m 5 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 30')" http://169.254.169.254/latest/meta-data/instance-id > /dev/null) || \
(dmidecode -s bios-vendor | grep -q Google > /dev/null) || \
[ -f /var/log/waagent.log ]; then
info "Detected a cloud installation..." && export is_cloud="true";
else
info "This does not appear to be a cloud installation."
fi
detect_cloud() {
info "Testing if setup is running on a cloud instance..."
if dmidecode -s bios-version | grep -q amazon || \
dmidecode -s bios-vendor | grep -q Amazon || \
dmidecode -s bios-vendor | grep -q Google || \
[ -f /var/log/waagent.log ]; then
info "Detected a cloud installation..."
export is_cloud="true"
else
info "This does not appear to be a cloud installation."
fi
}
detect_os() {
@@ -962,6 +964,17 @@ detect_os() {
}
download_elastic_agent_artifacts() {
#TODO - ISO
logCmd "mkdir -p /nsm/elastic-fleet/artifacts/beats/elastic-agent/"
logCmd "curl --retry 5 --retry-delay 60 https://repo.securityonion.net/file/so-repo/prod/2.4/elasticagent/elastic-agent_SO-$SOVERSION.tar.gz --output /nsm/elastic-fleet/artifacts/elastic-agent_SO-$SOVERSION.tar.gz"
logCmd "tar -xf /nsm/elastic-fleet/artifacts/elastic-agent_SO-$SOVERSION.tar.gz -C /nsm/elastic-fleet/artifacts/beats/elastic-agent/"
}
installer_progress_loop() {
local i=0
local msg="${1:-Performing background actions...}"
@@ -2312,18 +2325,18 @@ set_initial_firewall_policy() {
case "$install_type" in
'EVAL' | 'MANAGER' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
$default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true
$default_salt_dir/salt/common/tools/sbin/so-firewall includehost $minion_type $MAINIP --apply
;;
esac
}
set_initial_firewall_access() {
if [[ ! -z "$ALLOW_CIDR" ]]; then
$default_salt_dir/salt/common/tools/sbin/so-firewall --role=analyst --ip=$ALLOW_CIDR --apply=true
$default_salt_dir/salt/common/tools/sbin/so-firewall includehost analyst $ALLOW_CIDR --apply
fi
if [[ ! -z "$MINION_CIDR" ]]; then
$default_salt_dir/salt/common/tools/sbin/so-firewall --role=sensors --ip=$MINION_CIDR --apply=false
$default_salt_dir/salt/common/tools/sbin/so-firewall --role=searchnodes --ip=$MINION_CIDR --apply=true
$default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensors $MINION_CIDR
$default_salt_dir/salt/common/tools/sbin/so-firewall includehost searchnodes $MINION_CIDR --apply
fi
}