From d8d94b7dc51f31eec21cb67ee8f3156dad14a39a Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 12 Dec 2019 20:46:30 -0500 Subject: [PATCH] Helix - Add API Key Option --- salt/common/tools/sbin/so-helix-apikey | 23 +++++++++++++++++++++++ setup/whiptail.sh | 4 ++-- 2 files changed, 25 insertions(+), 2 deletions(-) create mode 100644 salt/common/tools/sbin/so-helix-apikey diff --git a/salt/common/tools/sbin/so-helix-apikey b/salt/common/tools/sbin/so-helix-apikey new file mode 100644 index 000000000..58894f3ab --- /dev/null +++ b/salt/common/tools/sbin/so-helix-apikey @@ -0,0 +1,23 @@ +#!/bin/bash +got_root() { + + # Make sure you are root + if [ "$(id -u)" -ne 0 ]; then + echo "This script must be run using sudo!" + exit 1 + fi + +} + +got_root +if [ ! -f /opt/so/saltstack/pillar/fireeye/init.sls ]; then + echo "This is nto configured for Helix Mode. Please re-install." + exit +else + echo "Enter your Helix API Key: " + read APIKEY + sed -i 's/^ apikey.*/ apikey: $APIKEY/' /opt/so/saltstack/pillar/fireeye/init.sls + docker stop so-logstash + docker rm so-logstash + salt-call state.apply logstash queue=True +fi diff --git a/setup/whiptail.sh b/setup/whiptail.sh index 6b095859d..8497635c5 100644 --- a/setup/whiptail.sh +++ b/setup/whiptail.sh @@ -47,7 +47,7 @@ whiptail_bro_pins() { whiptail_bro_version() { BROVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate meta data?" 20 75 4 "ZEEK" "Install Zeek (aka Bro)" ON \ - "COMMUNITY" "Install Community NSM" OFF "SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3) + "SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus @@ -209,7 +209,7 @@ whiptail_eval_adv_warning() { whiptail_helix_apikey() { HELIXAPIKEY=$(whiptail --title "Security Onion Setup" --inputbox \ - "Enter your Helix API Key" 10 75 3>&1 1>&2 2>&3) + "Enter your Helix API Key: \n \nThis can be set later using so-helix-apikey" 10 75 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus