CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14425 from Security-Onion-Solutions/jertel/wip

Browse Source 
support pcap imports for sensors in distributed grids
This commit is contained in:
Jason Ertel
2025-03-21 13:17:18 -04:00
committed by GitHub
parent 51625e19ad 1236c8c1f2
commit ef6dbf9e46
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
salt/soc/files/bin/salt-relay.sh
View File

@@ -283,7 +283,7 @@ function send_file() {
log "encrypting..." log "encrypting..."
password=$(lookup_pillar_secret import_pass) password=$(lookup_pillar_secret import_pass)
response=$(gpg --passphrase "$password" --batch --symmetric --cipher-algo AES256 "$from") response=$(gpg --passphrase "$password" --batch --yes --symmetric --cipher-algo AES256 "$from")
log Response:$'\n'"$response" log Response:$'\n'"$response"
fromgpg="$from.gpg" fromgpg="$from.gpg"
@@ -329,12 +329,11 @@ function import_file() {
log "decrypting..." log "decrypting..."
password=$(lookup_pillar_secret import_pass) password=$(lookup_pillar_secret import_pass)
decrypt_cmd="gpg --passphrase $password -o $file.tmp --batch --decrypt $filegpg" decrypt_cmd="gpg --passphrase $password -o $file --batch --yes --decrypt $filegpg"
salt "$node" cmd.run "\"$decrypt_cmd\"" salt "$node" cmd.run "\"$decrypt_cmd\""
decrypt_code=$? decrypt_code=$?
if [[ $decrypt_code -eq 0 ]]; then if [[ $decrypt_code -eq 0 ]]; then
mv "$file.tmp" "$file"
log "importing..." log "importing..."
case $importer in case $importer in
pcap) pcap)
@@ -357,7 +356,7 @@ function import_file() {
exit_code=$decrypt_code exit_code=$decrypt_code
fi fi
rm -f "$file" "$filegpg" salt "$node" cmd.run "rm -f \"$file\" \"$filegpg\""
log Response:$'\n'"$response" log Response:$'\n'"$response"
log "Exit Code: $exit_code" log "Exit Code: $exit_code"