diff --git a/salt/hive/thehive/files/hive_init.sh b/salt/hive/thehive/scripts/hive_init.sh similarity index 93% rename from salt/hive/thehive/files/hive_init.sh rename to salt/hive/thehive/scripts/hive_init.sh index d1893e200..255bf0502 100755 --- a/salt/hive/thehive/files/hive_init.sh +++ b/salt/hive/thehive/scripts/hive_init.sh @@ -5,7 +5,7 @@ {%- set HIVEKEY = salt['pillar.get']('static:hivekey', '') %} hive_init(){ - + sleep 60 HIVE_IP="{{MASTERIP}}" HIVE_USER="{{HIVEUSER}}" HIVE_PASSWORD="{{HIVEPASSWORD}}" @@ -16,16 +16,16 @@ hive_init(){ # Generate unique ID for apikey HIVE_KEY="{{HIVEKEY}}" - + # Create intial TheHive user curl -v -k "https://$HIVE_IP/thehive/api/user" -H "Content-Type: application/json" -d "{\"login\" : \"$HIVE_$USER\",\"name\" : \"$HIVE_USER\",\"roles\" : [\"read\",\"write\",\"admin\"],\"preferences\" : \"{}\",\"password\" : \"$HIVE_PASSWORD\", \"key\": \"$HIVE_KEY\"}" # Update SOCtopus config with apikey value - sed -i "s/hive_key = .*/hive_key = $HIVE_KEY/" $SOCTOPUS_CONFIG + #sed -i "s/hive_key = .*/hive_key = $HIVE_KEY/" $SOCTOPUS_CONFIG # Check for correct authentication #curl -v -k -H "Authorization: Bearer $HIVE_KEY" "https://$HIVE_IP/thehive/api/user/$USER" - + touch /opt/so/state/thehive.txt } diff --git a/salt/soctopus/files/SOCtopus.conf b/salt/soctopus/files/SOCtopus.conf index 3ce772082..1a48ad92f 100644 --- a/salt/soctopus/files/SOCtopus.conf +++ b/salt/soctopus/files/SOCtopus.conf @@ -1,4 +1,5 @@ {%- set ip = salt['pillar.get']('static:masterip', '') %} +{%- set HIVEKEY = salt['pillar.get']('static:hivekey', '') %} [es] es_url = http://{{ip}}:9200 @@ -20,14 +21,14 @@ grr_pass = YOURGRRPASS [hive] hive_url = https://{{ip}}/thehive/ -hive_key = YOURHIVEKEY +hive_key = {{ HIVEKEY }} hive_tlp = 3 hive_verifycert = False [misp] misp_url = YOURMISPURL misp_key = YOURMISPKEY -misp_verifycert = False +misp_verifycert = False distrib = 0 threat = 4 analysis = 0 diff --git a/so-setup-network.sh b/so-setup-network.sh index 1643d3e42..dde654eb3 100644 --- a/so-setup-network.sh +++ b/so-setup-network.sh @@ -427,6 +427,7 @@ generate_passwords(){ # Generate Random Passwords for Things MYSQLPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) FLEETPASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) + HIVEKEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) } get_filesystem_nsm(){ @@ -588,6 +589,9 @@ master_static() { echo " broversion: $BROVERSION" >> /opt/so/saltstack/pillar/static.sls echo " ids: $NIDS" >> /opt/so/saltstack/pillar/static.sls echo " masterip: $MAINIP" >> /opt/so/saltstack/pillar/static.sls + echo " hiveuser: hiveadmin" >> /opt/so/saltstack/pillar/static.sls + echo " hivepassword: hivechangeme" >> /opt/so/saltstack/pillar/static.sls + echo " hivekey: $HIVEKEY" >> /opt/so/saltstack/pillar/static.sls if [[ $MASTERUPDATES == 'MASTER' ]]; then echo " masterupdate: 1" >> /opt/so/saltstack/pillar/static.sls else