diff --git a/salt/common/tools/sbin/so-elastic-fleet-integration-policy-load b/salt/common/tools/sbin/so-elastic-fleet-integration-policy-load index bc65161fa..b87ede0fe 100755 --- a/salt/common/tools/sbin/so-elastic-fleet-integration-policy-load +++ b/salt/common/tools/sbin/so-elastic-fleet-integration-policy-load @@ -17,7 +17,9 @@ SESSIONCOOKIE=$(curl -K /opt/so/conf/elasticsearch/curl.config -c - -X GET http: # Disable certain Features from showing up in the Kibana UI echo -echo "Setting up default Security Onion package policies for Elastic Agent..." +echo "Disable certain Features from showing up in the Kibana UI" +so-kibana-space-defaults +echo # Suricata logs echo diff --git a/salt/common/tools/sbin/so-elastic-fleet-setup b/salt/common/tools/sbin/so-elastic-fleet-setup index ac2ce47f9..8334490d5 100755 --- a/salt/common/tools/sbin/so-elastic-fleet-setup +++ b/salt/common/tools/sbin/so-elastic-fleet-setup @@ -97,9 +97,9 @@ salt-call state.apply elasticfleet queue=True /usr/sbin/so-elastic-fleet-integration-policy-load # Temp -wget -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-darwin-x86_64.tar.gz -wget -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-linux-x86_64.tar.gz -wget -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-windows-x86_64.tar.gz +wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-darwin-x86_64.tar.gz +wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-linux-x86_64.tar.gz +wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-windows-x86_64.tar.gz #git clone -b 2.4-so-elastic-agent https://github.com/Security-Onion-Solutions/securityonion-image.git #cd securityonion-image/so-elastic-agent-builder diff --git a/salt/common/tools/sbin/so-kibana-space-defaults b/salt/common/tools/sbin/so-kibana-space-defaults index 9175a36bc..430054e06 100755 --- a/salt/common/tools/sbin/so-kibana-space-defaults +++ b/salt/common/tools/sbin/so-kibana-space-defaults @@ -13,6 +13,6 @@ echo "Setting up default Space:" {% if HIGHLANDER %} curl -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X PUT "localhost:5601/api/spaces/space/default" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' {"id":"default","name":"Default","disabledFeatures":["enterpriseSearch"]} ' >> /opt/so/log/kibana/misc.log {% else %} -curl -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X PUT "localhost:5601/api/spaces/space/default" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' {"id":"default","name":"Default","disabledFeatures":["ml","enterpriseSearch","siem","logs","infrastructure","apm","uptime","monitoring","stackAlerts","actions","fleet","fleetv2","securitySolutionCases"]} ' >> /opt/so/log/kibana/misc.log +curl -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X PUT "localhost:5601/api/spaces/space/default" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' {"id":"default","name":"Default","disabledFeatures":["ml","enterpriseSearch","siem","logs","infrastructure","apm","uptime","monitoring","stackAlerts","actions","securitySolutionCases"]} ' >> /opt/so/log/kibana/misc.log {% endif %} echo diff --git a/setup/so-functions b/setup/so-functions index 2378e31c5..96c357c74 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -144,7 +144,7 @@ check_manager_connection() { local ret=$? if [[ $ret != 1 ]]; then - error "Could not reach $MSRV" + info "Could not reach $MSRV" whiptail_manager_unreachable fi } diff --git a/setup/so-whiptail b/setup/so-whiptail index 4ed473381..331c27be3 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -1271,38 +1271,54 @@ whiptail_setup_complete() { [ -n "$TESTING" ] && return - if [[ -n "$REDIRECTIT" && $is_manager = true ]]; then + + if [[ $waitforstate ]]; then + # Manager-type Nodes - Install Summary if [[ -n $ALLOW_CIDR ]]; then local sentence_prefix="Access" else local sentence_prefix="Run so-allow to access" fi - local accessMessage="\n${sentence_prefix} the web interface at: https://${REDIRECTIT}\n" - elif [[ $is_idh ]]; then - local accessMessage="\nSSH for this node has been moved to TCP/2222, accessible only from the Manager node.\n" + + read -r -d '' message <<- EOM + ${install_type} setup is now complete! + + ${sentence_prefix} the Security Onion Console (SOC) web interface by navigating to: + https://${REDIRECTIT} + + Then login with the following username and password. + + SOC Username: ${WEBUSER} + SOC Password: Use the password that was entered during setup + + Press TAB and then the ENTER key to exit this screen. + EOM + whiptail --title "$whiptail_title" --msgbox "$message" 24 75 --scrolltext else - local accessMessage="" + if [[ $is_idh ]]; then + local accessMessage="\nSSH for this node has been moved to TCP/2222, accessible only from the Manager node.\n" + else + local accessMessage="" + fi + MINIONFINGERPRINT=$(salt-call --local key.finger --out=newline_values_only) + read -r -d '' message <<- EOM + ${install_type} initialization is now complete! + + To finish configuration, open the Security Onion Console web interface + and navigate to Administration -> Grid Members. + + Then find this node in the Pending Members list, + click the Review button, and then click the Accept button. + + Node Hostname: $HOSTNAME + Node Fingerprint: + $MINIONFINGERPRINT + $accessMessage + Press TAB and then the ENTER key to exit this screen. + EOM + + whiptail --title "$whiptail_title" --msgbox "$message" 24 75 --scrolltext fi - - MINIONFINGERPRINT=$(salt-call --local key.finger --out=newline_values_only) - read -r -d '' message <<- EOM - ${install_type} initialization is now complete! - - To finish configuration, open the Security Onion Console web interface - and navigate to Administration -> Grid Members. - - Then find this node in the Pending Members list, - click the Review button, and then click the Accept button. - - Node Hostname: $HOSTNAME - Node Fingerprint: - $MINIONFINGERPRINT - - $accessMessage - Press TAB and then the ENTER key to exit this screen. - EOM - - whiptail --title "$whiptail_title" --msgbox "$message" 24 75 --scrolltext } whiptail_setup_failed() {