Merge pull request #3428 from Security-Onion-Solutions/kilo

salt/kibana/bin/so-kibana-config-load

@@ -3,6 +3,8 @@
 # {%- set FLEET_NODE = salt['pillar.get']('global:fleet_node', False) -%}
 # {%- set MANAGER = salt['pillar.get']('global:url_base', '') %}
 
+. /usr/sbin/so-common
+
 # Copy template file
 cp /opt/so/conf/kibana/saved_objects.ndjson.template /opt/so/conf/kibana/saved_objects.ndjson
 
@@ -14,9 +16,11 @@ cp /opt/so/conf/kibana/saved_objects.ndjson.template /opt/so/conf/kibana/saved_o
 # SOCtopus and Manager
 sed -i "s/PLACEHOLDER/{{ MANAGER }}/g" /opt/so/conf/kibana/saved_objects.ndjson
 
+wait_for_web_response "http://localhost:5601/app/kibana" "Elastic"
 ## This hackery will be removed if using Elastic Auth ##
 
 # Let's snag a cookie from Kibana
 THECOOKIE=$(curl -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
+
 # Load saved objects
 curl -b "sid=$THECOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@/opt/so/conf/kibana/saved_objects.ndjson > /dev/null 2>&1

salt/kibana/init.sls

@@ -94,21 +94,10 @@ kibanadashtemplate:
     - user: 932
     - group: 939
 
-wait_for_kibana:
-  module.run:
-    - http.wait_for_successful_query:
-      - url: "http://{{MANAGER}}:5601/api/saved_objects/_find?type=config"
-      - wait_for: 900
-    - onchanges:
-      - file: kibanadashtemplate
-
 so-kibana-config-load:
   cmd.run:
     - name: /usr/sbin/so-kibana-config-load
     - cwd: /opt/so
-    - onchanges:
-      - wait_for_kibana
-
 
 # Keep the setting correct
 #KibanaHappy:

salt/soc/files/soc/soc.json

@@ -2,6 +2,10 @@
 {%- set SENSORONIKEY = salt['pillar.get']('global:sensoronikey', '') %}
 {%- set THEHIVEKEY = salt['pillar.get']('global:hivekey', '') %}
 {%- set ISAIRGAP = salt['pillar.get']('global:airgap', 'False') %}
+{%- set API_TIMEOUT = salt['pillar.get']('sensoroni:api_timeout_ms', 0) %}
+{%- set WEBSOCKET_TIMEOUT = salt['pillar.get']('sensoroni:websocket_timeout_ms', 0) %}
+{%- set TIP_TIMEOUT = salt['pillar.get']('sensoroni:tip_timeout_ms', 0) %}
+{%- set CACHE_EXPIRATION = salt['pillar.get']('sensoroni:cache_expiration_ms', 0) %}
 {%- import_json "soc/files/soc/alerts.queries.json" as alerts_queries %}
 {%- import_json "soc/files/soc/alerts.actions.json" as alerts_actions %}
 {%- import_json "soc/files/soc/alerts.eventfields.json" as alerts_eventfields %}
@@ -66,6 +70,10 @@
       "docsUrl": "https://docs.securityonion.net/en/2.3/",
       "cheatsheetUrl": "https://github.com/Security-Onion-Solutions/securityonion-docs/raw/2.3/images/cheat-sheet/Security-Onion-Cheat-Sheet.pdf",
       {%- endif %}
+      "apiTimeoutMs": {{ API_TIMEOUT }},
+      "webSocketTimeoutMs": {{ WEBSOCKET_TIMEOUT }},
+      "tipTimeoutMs": {{ TIP_TIMEOUT }},
+      "cacheExpirationMs": {{ CACHE_EXPIRATION }},
       "hunt": {
         "advanced": true,
         "groupItemsPerPage": 10,