The Hive - Wes Mods

salt/hive/thehive/scripts/hive_init.sh

@@ -5,7 +5,7 @@
 {%- set HIVEKEY = salt['pillar.get']('static:hivekey', '') %}
 
 hive_init(){
-
+    sleep 60
     HIVE_IP="{{MASTERIP}}"
     HIVE_USER="{{HIVEUSER}}"
     HIVE_PASSWORD="{{HIVEPASSWORD}}"
@@ -16,16 +16,16 @@ hive_init(){
 
     # Generate unique ID for apikey
     HIVE_KEY="{{HIVEKEY}}"
-    
+
     # Create intial TheHive user
     curl -v -k "https://$HIVE_IP/thehive/api/user" -H "Content-Type: application/json" -d "{\"login\" : \"$HIVE_$USER\",\"name\" : \"$HIVE_USER\",\"roles\" : [\"read\",\"write\",\"admin\"],\"preferences\" : \"{}\",\"password\" : \"$HIVE_PASSWORD\", \"key\": \"$HIVE_KEY\"}"
 
     # Update SOCtopus config with apikey value
-    sed -i "s/hive_key = .*/hive_key = $HIVE_KEY/" $SOCTOPUS_CONFIG
+    #sed -i "s/hive_key = .*/hive_key = $HIVE_KEY/" $SOCTOPUS_CONFIG
 
     # Check for correct authentication
     #curl -v -k -H "Authorization: Bearer $HIVE_KEY" "https://$HIVE_IP/thehive/api/user/$USER"
-    
+
     touch /opt/so/state/thehive.txt
 
 }

salt/soctopus/files/SOCtopus.conf

@@ -1,4 +1,5 @@
 {%- set ip = salt['pillar.get']('static:masterip', '') %}
+{%- set HIVEKEY = salt['pillar.get']('static:hivekey', '') %}
 
 [es]
 es_url = http://{{ip}}:9200
@@ -20,14 +21,14 @@ grr_pass = YOURGRRPASS
 
 [hive]
 hive_url = https://{{ip}}/thehive/
-hive_key = YOURHIVEKEY
+hive_key = {{ HIVEKEY }}
 hive_tlp = 3
 hive_verifycert = False
 
 [misp]
 misp_url = YOURMISPURL
 misp_key = YOURMISPKEY
-misp_verifycert = False 
+misp_verifycert = False
 distrib = 0
 threat = 4
 analysis = 0