Rename Storage to Search Nodes

pillar/firewall/storage_nodes.sls

@@ -1,2 +1,2 @@
-storage_nodes:
+search_nodes:
   - 127.0.0.1

salt/common/grafana/etc/dashboards/dashboard.yml

@@ -17,13 +17,13 @@ providers:
   editable: true
   options:
     path: /etc/grafana/grafana_dashboards/forward_nodes
-- name: 'Storage Nodes'
+- name: 'Search Nodes'
-  folder: 'Storage Nodes'
+  folder: 'Search Nodes'
   type: file
   disableDeletion: false
   editable: true
   options:
-    path: /etc/grafana/grafana_dashboards/storage_nodes
+    path: /etc/grafana/grafana_dashboards/search_nodes
 {%- else %}
 - name: 'Security Onion'
   folder: 'Eval Mode'

salt/firewall/init.sls

@@ -410,9 +410,9 @@ enable_forwardnode_sensoroni_9822_{{ip}}:
 
 {% endfor %}
 
-{% for ip in pillar.get('storage_nodes')  %}
+{% for ip in pillar.get('ssearch_nodes')  %}
 
-enable_storagenode_redis_6379_{{ip}}:
+enable_searchnode_redis_6379_{{ip}}:
   iptables.insert:
     - table: filter
     - chain: DOCKER-USER
@@ -583,7 +583,7 @@ enable_standard_analyst_443_{{ip}}:
 
 {% endif %}
 
-# Rules if you are a Storage Node
+# Rules if you are a Node
 {% if grains['role'] == 'so-node' %}
 
 #This should be more granular

setup/functions.sh

@@ -729,7 +729,7 @@ patch_pillar() {
     SENSORONLY)
       PATCHPILLARPATH=$SENSORPILLARPATH
       ;;
-    STORAGENODE | PARSINGNODE | HOTNODE | WARMNODE)
+    SEARCHNODE | PARSINGNODE | HOTNODE | WARMNODE)
       PATCHPILLARPATH=$NODEPILLARPATH
       ;;
   esac
@@ -1202,7 +1202,7 @@ set_initial_firewall_policy() {
     printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/minions.sls
     printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/masterfw.sls
     printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/forward_nodes.sls
-    printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/storage_nodes.sls
+    printf "  - $MAINIP\n" >> /opt/so/saltstack/pillar/firewall/search_nodes.sls
     /opt/so/saltstack/pillar/data/addtotab.sh evaltab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
   fi
 
@@ -1218,9 +1218,9 @@ set_initial_firewall_policy() {
     ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh sensorstab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM bond0
   fi
 
-  if [ $INSTALLTYPE == 'STORAGENODE' ]; then
+  if [ $INSTALLTYPE == 'SEARCHNODE' ]; then
     ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh minions $MAINIP
-    ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh storage_nodes $MAINIP
+    ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/firewall/addfirewall.sh search_nodes $MAINIP
     ssh -i /root/.ssh/so.key socore@$MSRV sudo /opt/so/saltstack/pillar/data/addtotab.sh nodestab $MINION_ID $MAINIP $CPUCORES $RANDOMUID $MAININT $FSROOT $FSNSM
   fi
 
@@ -1257,8 +1257,8 @@ set_management_interface() {
 set_node_type() {
 
   # Determine the node type based on whiplash choice
-  if [ $INSTALLTYPE == 'STORAGENODE' ] || [ $INSTALLTYPE == 'EVALMODE' ]; then
+  if [ $INSTALLTYPE == 'SEARCHNODE' ] || [ $INSTALLTYPE == 'EVALMODE' ]; then
-    NODETYPE='storage'
+    NODETYPE='search'
   fi
   if [ $INSTALLTYPE == 'PARSINGNODE' ]; then
     NODETYPE='parser'

setup/so-setup.sh

@@ -589,7 +589,7 @@ if (whiptail_you_sure) ; then
       configure_minion eval >> $SETUPLOG 2>&1
       echo -e "XXX\n7\nSetting the node type to eval... \nXXX"
       set_node_type >> $SETUPLOG 2>&1
-      echo -e "XXX\n7\nStorage node pillar... \nXXX"
+      echo -e "XXX\n7\nSearch node pillar... \nXXX"
       node_pillar >> $SETUPLOG 2>&1
       echo -e "XXX\n8\nCreating firewall policies... \nXXX"
       set_initial_firewall_policy >> $SETUPLOG 2>&1
@@ -678,7 +678,7 @@ if (whiptail_you_sure) ; then
   ##     Nodes     ##
   ###################
 
-  if [ $INSTALLTYPE == 'STORAGENODE' ] || [ $INSTALLTYPE == 'PARSINGNODE' ] || [ $INSTALLTYPE == 'HOTNODE' ] || [ $INSTALLTYPE == 'WARMNODE' ]; then
+  if [ $INSTALLTYPE == 'SEARCHNODE' ] || [ $INSTALLTYPE == 'PARSINGNODE' ] || [ $INSTALLTYPE == 'HOTNODE' ] || [ $INSTALLTYPE == 'WARMNODE' ]; then
     whiptail_management_server
     whiptail_master_updates
     set_updates

setup/whiptail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright 2014,2015,2016,2017,2018,2019 Security Onion Solutions, LLC
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
 
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU General Public License as published by
@@ -250,13 +250,14 @@ whiptail_install_type() {
   INSTALLTYPE=$(whiptail --title "Security Onion Setup" --radiolist \
   "Choose Install Type:" 20 75 13 \
   "SENSORONLY" "Create a forward only sensor" ON \
-  "STORAGENODE" "Add a Storage Hot Node with parsing" OFF \
+  "SEARCHNODE" "Add a Search Node with parsing" OFF \
   "MASTERONLY" "Start a new grid" OFF \
   "EVALMODE" "Evaluate all the things" OFF \
+  "MASTERSEARCH" "Master + Search Node" OFF \
   "HELIXSENSOR" "Connect this sensor to FireEye Helix" OFF \
   "PARSINGNODE" "TODO Add a dedicated Parsing Node" OFF \
-  "HOTNODE" "TODO Add Hot Node (Storage Node without Parsing)" OFF \
+  "HOTNODE" "TODO Add Hot Node (Search Node without Parsing)" OFF \
-  "WARMNODE" "TODO Add Warm Node to existing Hot or Storage node" OFF \
+  "WARMNODE" "TODO Add Warm Node to existing Hot or Search node" OFF \
   "WAZUH" "TODO Stand Alone Wazuh Node" OFF \
   "STRELKA" "TODO Stand Alone Strelka Node" OFF \
   "FLEET" "TODO Stand Alone Fleet OSQuery Node" OFF 3>&1 1>&2 2>&3 )
@@ -449,7 +450,7 @@ whiptail_node_advanced() {
 
   NODESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
   "What type of config would you like to use?:" 20 75 4 \
-  "NODEBASIC" "Install Storage Node with recommended settings" ON \
+  "NODEBASIC" "Install Search Node with recommended settings" ON \
   "NODEADVANCED" "Advanced Node Setup" OFF 3>&1 1>&2 2>&3 )
 
   local exitstatus=$?