mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-27 11:23:14 +01:00
32 lines
1.4 KiB
Bash
32 lines
1.4 KiB
Bash
#!/bin/bash
|
|
# {%- set FLEET_MANAGER = salt['pillar.get']('global:fleet_manager', False) -%}
|
|
# {%- set FLEET_NODE = salt['pillar.get']('global:fleet_node', False) -%}
|
|
# {%- set MANAGER = salt['pillar.get']('global:url_base', '') %}
|
|
|
|
. /usr/sbin/so-common
|
|
|
|
# Copy template file
|
|
cp /opt/so/conf/kibana/saved_objects.ndjson.template /opt/so/conf/kibana/saved_objects.ndjson
|
|
|
|
# {% if FLEET_NODE or FLEET_MANAGER %}
|
|
# Fleet IP
|
|
#sed -i "s/FLEETPLACEHOLDER/{{ MANAGER }}/g" /opt/so/conf/kibana/saved_objects.ndjson
|
|
# {% endif %}
|
|
|
|
# SOCtopus and Manager
|
|
sed -i "s/PLACEHOLDER/{{ MANAGER }}/g" /opt/so/conf/kibana/saved_objects.ndjson
|
|
|
|
wait_for_web_response "http://localhost:5601/app/kibana" "Elastic"
|
|
## This hackery will be removed if using Elastic Auth ##
|
|
|
|
# Let's snag a cookie from Kibana
|
|
THECOOKIE=$(curl -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
|
|
|
|
# Load saved objects
|
|
curl -b "sid=$THECOOKIE" -L -X POST "localhost:5601/api/saved_objects/_import?overwrite=true" -H "kbn-xsrf: true" --form file=@/opt/so/conf/kibana/saved_objects.ndjson > /dev/null 2>&1
|
|
|
|
# Disable certain Features from showing up in the Kibana UI
|
|
|
|
echo
|
|
echo "Setting up default Space:"
|
|
curl -b "sid=$THECOOKIE" -L -X PUT "localhost:5601/api/spaces/space/default" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' {"id":"default","name":"Default","disabledFeatures":["enterpriseSearch","siem","logs","infrastructure","apm","uptime","monitoring","stackAlerts","actions","fleet"]} ' | jq |