mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-09 10:42:54 +01:00
Merge branch 'dev' into feature/so-rules
This commit is contained in:
William Wernert
@@ -30,7 +30,7 @@ BASICSURI=2
|
||||
ZEEKVERSION=ZEEK
|
||||
# CURCLOSEDAYS=
|
||||
# EVALADVANCED=BASIC
|
||||
GRAFANA=1
|
||||
# GRAFANA=1
|
||||
# HELIXAPIKEY=
|
||||
HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
|
||||
HNSENSOR=inherit
|
||||
@@ -58,7 +58,7 @@ NODESETUP=NODEBASIC
|
||||
NSMSETUP=BASIC
|
||||
NODEUPDATES=MANAGER
|
||||
# OINKCODE=
|
||||
OSQUERY=1
|
||||
# OSQUERY=1
|
||||
# PATCHSCHEDULEDAYS=
|
||||
# PATCHSCHEDULEHOURS=
|
||||
PATCHSCHEDULENAME=auto
|
||||
@@ -71,8 +71,8 @@ RULESETUP=ETOPEN
|
||||
# SOREMOTEPASS1=onionuser
|
||||
# SOREMOTEPASS2=onionuser
|
||||
STRELKA=1
|
||||
THEHIVE=1
|
||||
WAZUH=1
|
||||
# THEHIVE=1
|
||||
# WAZUH=1
|
||||
WEBUSER=onionuser@somewhere.invalid
|
||||
WEBPASSWD1=0n10nus3r
|
||||
WEBPASSWD2=0n10nus3r
|
||||
|
||||
@@ -30,7 +30,7 @@ BASICSURI=2
|
||||
ZEEKVERSION=ZEEK
|
||||
# CURCLOSEDAYS=
|
||||
# EVALADVANCED=BASIC
|
||||
GRAFANA=1
|
||||
# GRAFANA=1
|
||||
# HELIXAPIKEY=
|
||||
HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
|
||||
HNSENSOR=inherit
|
||||
@@ -57,7 +57,7 @@ NODESETUP=NODEBASIC
|
||||
NSMSETUP=BASIC
|
||||
NODEUPDATES=MANAGER
|
||||
# OINKCODE=
|
||||
OSQUERY=1
|
||||
# OSQUERY=1
|
||||
# PATCHSCHEDULEDAYS=
|
||||
# PATCHSCHEDULEHOURS=
|
||||
PATCHSCHEDULENAME=auto
|
||||
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
|
||||
# SOREMOTEPASS1=onionuser
|
||||
# SOREMOTEPASS2=onionuser
|
||||
STRELKA=1
|
||||
THEHIVE=1
|
||||
WAZUH=1
|
||||
# THEHIVE=1
|
||||
# WAZUH=1
|
||||
WEBUSER=onionuser@somewhere.invalid
|
||||
WEBPASSWD1=0n10nus3r
|
||||
WEBPASSWD2=0n10nus3r
|
||||
|
||||
@@ -30,7 +30,7 @@ BASICSURI=2
|
||||
ZEEKVERSION=ZEEK
|
||||
# CURCLOSEDAYS=
|
||||
# EVALADVANCED=BASIC
|
||||
GRAFANA=1
|
||||
# GRAFANA=1
|
||||
# HELIXAPIKEY=
|
||||
HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
|
||||
HNSENSOR=inherit
|
||||
@@ -57,7 +57,7 @@ NODESETUP=NODEBASIC
|
||||
NSMSETUP=BASIC
|
||||
NODEUPDATES=MANAGER
|
||||
# OINKCODE=
|
||||
OSQUERY=1
|
||||
# OSQUERY=1
|
||||
# PATCHSCHEDULEDAYS=
|
||||
# PATCHSCHEDULEHOURS=
|
||||
PATCHSCHEDULENAME=auto
|
||||
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
|
||||
# SOREMOTEPASS1=onionuser
|
||||
# SOREMOTEPASS2=onionuser
|
||||
STRELKA=1
|
||||
THEHIVE=1
|
||||
WAZUH=1
|
||||
# THEHIVE=1
|
||||
# WAZUH=1
|
||||
WEBUSER=onionuser@somewhere.invalid
|
||||
WEBPASSWD1=0n10nus3r
|
||||
WEBPASSWD2=0n10nus3r
|
||||
|
||||
@@ -30,7 +30,7 @@ BASICSURI=2
|
||||
ZEEKVERSION=ZEEK
|
||||
# CURCLOSEDAYS=
|
||||
# EVALADVANCED=BASIC
|
||||
GRAFANA=1
|
||||
# GRAFANA=1
|
||||
# HELIXAPIKEY=
|
||||
HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
|
||||
HNSENSOR=inherit
|
||||
@@ -57,11 +57,11 @@ NODESETUP=NODEBASIC
|
||||
NSMSETUP=BASIC
|
||||
NODEUPDATES=MANAGER
|
||||
# OINKCODE=
|
||||
OSQUERY=1
|
||||
# OSQUERY=1
|
||||
# PATCHSCHEDULEDAYS=
|
||||
# PATCHSCHEDULEHOURS=
|
||||
PATCHSCHEDULENAME=auto
|
||||
#PLAYBOOK=1
|
||||
# PLAYBOOK=1
|
||||
# REDIRECTHOST=
|
||||
REDIRECTINFO=IP
|
||||
RULESETUP=ETOPEN
|
||||
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
|
||||
# SOREMOTEPASS1=onionuser
|
||||
# SOREMOTEPASS2=onionuser
|
||||
STRELKA=1
|
||||
THEHIVE=1
|
||||
WAZUH=1
|
||||
# THEHIVE=1
|
||||
# WAZUH=1
|
||||
WEBUSER=onionuser@somewhere.invalid
|
||||
WEBPASSWD1=0n10nus3r
|
||||
WEBPASSWD2=0n10nus3r
|
||||
|
||||
@@ -30,7 +30,7 @@ BASICSURI=2
|
||||
ZEEKVERSION=ZEEK
|
||||
# CURCLOSEDAYS=
|
||||
# EVALADVANCED=BASIC
|
||||
GRAFANA=1
|
||||
# GRAFANA=1
|
||||
# HELIXAPIKEY=
|
||||
HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
|
||||
HNSENSOR=inherit
|
||||
@@ -57,11 +57,11 @@ NODESETUP=NODEBASIC
|
||||
NSMSETUP=BASIC
|
||||
NODEUPDATES=MANAGER
|
||||
# OINKCODE=
|
||||
OSQUERY=1
|
||||
# OSQUERY=1
|
||||
# PATCHSCHEDULEDAYS=
|
||||
# PATCHSCHEDULEHOURS=
|
||||
PATCHSCHEDULENAME=auto
|
||||
#PLAYBOOK=1
|
||||
# PLAYBOOK=1
|
||||
# REDIRECTHOST=
|
||||
REDIRECTINFO=IP
|
||||
RULESETUP=ETOPEN
|
||||
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
|
||||
# SOREMOTEPASS1=onionuser
|
||||
# SOREMOTEPASS2=onionuser
|
||||
STRELKA=1
|
||||
THEHIVE=1
|
||||
WAZUH=1
|
||||
# THEHIVE=1
|
||||
# WAZUH=1
|
||||
WEBUSER=onionuser@somewhere.invalid
|
||||
WEBPASSWD1=0n10nus3r
|
||||
WEBPASSWD2=0n10nus3r
|
||||
|
||||
@@ -891,6 +891,7 @@ create_local_nids_rules() {
|
||||
# Create a local.rules file so it doesn't get blasted on updates
|
||||
mkdir -p /opt/so/saltstack/local/salt/idstools
|
||||
echo "# Custom Suricata rules go in this file" > /opt/so/saltstack/local/salt/idstools/local.rules
|
||||
salt-run fileserver.clear_file_list_cache
|
||||
}
|
||||
|
||||
create_repo() {
|
||||
|
||||
@@ -336,52 +336,52 @@ minion_type=$(get_minion_type)
|
||||
set_default_log_size >> $setup_log 2>&1
|
||||
|
||||
if [[ $is_helix ]]; then
|
||||
RULESETUP=ETOPEN
|
||||
NSMSETUP=BASIC
|
||||
HNSENSOR=inherit
|
||||
MANAGERUPDATES=0
|
||||
RULESETUP=${RULESETUP:-ETOPEN}
|
||||
NSMSETUP=${NSMSETUP:-BASIC}
|
||||
HNSENSOR=${HNSENSOR:-inherit}
|
||||
MANAGERUPDATES=${MANAGERUPDATES:-0}
|
||||
fi
|
||||
|
||||
if [[ $is_helix || ( $is_manager && $is_node ) ]]; then
|
||||
RULESETUP=ETOPEN
|
||||
NSMSETUP=BASIC
|
||||
RULESETUP=${RULESETUP:-ETOPEN}
|
||||
NSMSETUP=${NSMSETUP:-BASIC}
|
||||
fi
|
||||
|
||||
if [[ $is_manager && $is_node ]]; then
|
||||
LSPIPELINEWORKERS=1
|
||||
LSPIPELINEBATCH=125
|
||||
LSINPUTTHREADS=1
|
||||
LSPIPELINEBATCH=125
|
||||
NIDS=Suricata
|
||||
ZEEKVERSION=ZEEK
|
||||
LSPIPELINEWORKERS=${LSPIPELINEWORKERS:-1}
|
||||
LSPIPELINEBATCH=${LSPIPELINEBATCH:-125}
|
||||
LSINPUTTHREADS=${LSINPUTTHREADS:-1}
|
||||
LSPIPELINEWORKERS=${LSPIPELINEBATCH:-125}
|
||||
NIDS=${NIDS:-Suricata}
|
||||
ZEEKVERSION=${ZEEKVERSION:-ZEEK}
|
||||
fi
|
||||
|
||||
if [[ $is_node ]]; then
|
||||
CURCLOSEDAYS=30
|
||||
CURCLOSEDAYS=${CURCLOSEDAYS:-30}
|
||||
fi
|
||||
|
||||
if [[ $is_import ]]; then
|
||||
PATCHSCHEDULENAME=auto
|
||||
MTU=1500
|
||||
RULESETUP=ETOPEN
|
||||
NSMSETUP=BASIC
|
||||
HNSENSOR=inherit
|
||||
MANAGERUPDATES=0
|
||||
MANAGERADV=BASIC
|
||||
INTERFACE=bond0
|
||||
ZEEKVERSION=ZEEK
|
||||
NIDS=Suricata
|
||||
RULESETUP=ETOPEN
|
||||
GRAFANA=0
|
||||
OSQUERY=0
|
||||
WAZUH=0
|
||||
THEHIVE=0
|
||||
PLAYBOOK=0
|
||||
PATCHSCHEDULENAME=${PATCHSCHEDULENAME:-auto}
|
||||
MTU=${MTU:-1500}
|
||||
RULESETUP=${RULESETUP:-ETOPEN}
|
||||
NSMSETUP=${NSMSETUP:-BASIC}
|
||||
HNSENSOR=${HNSENSOR:-inherit}
|
||||
MANAGERUPDATES=${MANAGERUPDATES:-0}
|
||||
MANAGERADV=${MANAGERADV:-BASIC}
|
||||
INTERFACE=${INTERFACE:-bond0}
|
||||
ZEEKVERSION=${ZEEKVERSION:-ZEEK}
|
||||
NIDS=${NIDS:-Suricata}
|
||||
RULESETUP=${RULESETUP:-ETOPEN}
|
||||
GRAFANA=${GRAFANA:-0}
|
||||
OSQUERY=${OSQUERY:-0}
|
||||
WAZUH=${WAZUH:-0}
|
||||
THEHIVE=${THEHIVE:-0}
|
||||
PLAYBOOK=${PLAYBOOK:-0}
|
||||
fi
|
||||
|
||||
if [[ $is_airgap ]]; then
|
||||
PATCHSCHEDULENAME=manual
|
||||
MANAGERUPDATES=0
|
||||
PATCHSCHEDULENAME=${PATCHSCHEDULENAME:-manual}
|
||||
MANAGERUPDATES=${MANAGERUPDATES:-0}
|
||||
fi
|
||||
|
||||
# Start user prompts
|
||||
@@ -714,7 +714,7 @@ set_redirect >> $setup_log 2>&1
|
||||
salt-call state.apply -l info firewall >> $setup_log 2>&1
|
||||
|
||||
if [ $OS = 'centos' ]; then
|
||||
set_progress_str 62 'Installing Yum utilities'
|
||||
set_progress_str 61 'Installing Yum utilities'
|
||||
salt-call state.apply -l info yum.packages >> $setup_log 2>&1
|
||||
fi
|
||||
|
||||
@@ -911,4 +911,4 @@ fi
|
||||
|
||||
install_cleanup >> "$setup_log" 2>&1
|
||||
|
||||
if [[ -z $SKIP_REBOOT ]]; then shutdown -r now; else exit; fi
|
||||
if [[ -z $SKIP_REBOOT ]]; then shutdown -r now; else exit; fi
|
||||
Reference in New Issue
Block a user