CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1454 from Security-Onion-Solutions/issue/1444

Browse Source 
logstash changes per https://github.com/Security-Onion-Solutions/secu…
This commit is contained in:
Josh Patterson
2020-10-05 14:12:05 -04:00
committed by GitHub
parent f7daa391c7 748dc5ba91
commit faf5e7a643
4 changed files with 5 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/logstash/pipelines/config/so/0900_input_redis.conf.jinja
View File

@@ -1,5 +1,6 @@
{%- set MANAGER = salt['grains.get']('master') %} {%- set MANAGER = salt['grains.get']('master') %}
{%- set THREADS = salt['pillar.get']('logstash_settings:ls_input_threads', '') %} {%- set THREADS = salt['pillar.get']('logstash_settings:ls_input_threads', '') %}
{% set BATCH = salt['pillar.get']('logstash_settings:ls_pipeline_batch_size', 125) %}
input { input {
redis { redis {
@@ -10,5 +11,6 @@ input {
key => 'logstash:unparsed' key => 'logstash:unparsed'
type => 'redis-input' type => 'redis-input'
threads => {{ THREADS }} threads => {{ THREADS }}
batch_count => {{ BATCH }}
} }
} }

3
setup/so-functions
View File

@@ -1104,7 +1104,6 @@ manager_pillar() {
"logstash_settings:"\ "logstash_settings:"\
" ls_pipeline_batch_size: 125"\ " ls_pipeline_batch_size: 125"\
" ls_input_threads: 1"\ " ls_input_threads: 1"\
" ls_batch_count: 125"\
" lsheap: $LS_HEAP_SIZE"\ " lsheap: $LS_HEAP_SIZE"\
" ls_pipeline_workers: $num_cpu_cores"\ " ls_pipeline_workers: $num_cpu_cores"\
""\ ""\
@@ -1333,8 +1332,8 @@ elasticsearch_pillar() {
"logstash_settings:"\ "logstash_settings:"\
" ls_pipeline_batch_size: $LSPIPELINEBATCH"\ " ls_pipeline_batch_size: $LSPIPELINEBATCH"\
" ls_input_threads: $LSINPUTTHREADS"\ " ls_input_threads: $LSINPUTTHREADS"\
" ls_batch_count: $LSINPUTBATCHCOUNT"\
" lsheap: $NODE_LS_HEAP_SIZE"\ " lsheap: $NODE_LS_HEAP_SIZE"\
" ls_pipeline_workers: $num_cpu_cores"\
"" >> "$pillar_file" "" >> "$pillar_file"
} }

5
setup/so-setup
View File

@@ -272,7 +272,7 @@ if [[ $is_manager && $is_node ]]; then
LSPIPELINEWORKERS=1 LSPIPELINEWORKERS=1
LSPIPELINEBATCH=125 LSPIPELINEBATCH=125
LSINPUTTHREADS=1 LSINPUTTHREADS=1
LSINPUTBATCHCOUNT=125 LSPIPELINEBATCH=125
NIDS=Suricata NIDS=Suricata
ZEEKVERSION=ZEEK ZEEKVERSION=ZEEK
fi fi
@@ -387,7 +387,6 @@ if [[ $is_node && ! $is_eval ]]; then
whiptail_node_ls_pipeline_worker whiptail_node_ls_pipeline_worker
whiptail_node_ls_pipline_batchsize whiptail_node_ls_pipline_batchsize
whiptail_node_ls_input_threads whiptail_node_ls_input_threads
whiptail_node_ls_input_batch_count
whiptail_cur_close_days whiptail_cur_close_days
whiptail_log_size_limit whiptail_log_size_limit
else else
@@ -396,7 +395,7 @@ if [[ $is_node && ! $is_eval ]]; then
LSPIPELINEWORKERS=$num_cpu_cores LSPIPELINEWORKERS=$num_cpu_cores
LSPIPELINEBATCH=125 LSPIPELINEBATCH=125
LSINPUTTHREADS=1 LSINPUTTHREADS=1
LSINPUTBATCHCOUNT=125 LSPIPELINEBATCH=125
fi fi
fi fi

13
setup/so-whiptail
View File

@@ -896,19 +896,6 @@ whiptail_node_ls_input_threads() {
} }
whiptail_node_ls_input_batch_count() {
[ -n "$TESTING" ] && return
LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
}
#TODO: helper function to display error message or exit if batch mode #TODO: helper function to display error message or exit if batch mode
# exit_if_batch <"Error string"> <Error code (int)> # exit_if_batch <"Error string"> <Error code (int)>