-
Kiril KJiroski authoredKiril KJiroski authored
Howto's
Modify main NiFi pipeline
To make modifications to the main NiFi pipeline and add it to the Ansible playbook, do the following in the soctool directory:
- Make necesarry to the pipeline in the NiFi GUI
- Copy flow.xml.gz file from one of the NiFi containers:
docker cp soctools-nifi-1:/opt/nifi/nifi-current/conf/flow.xml.gz . - Convert flowx.xml.gz to new template
utils/flow2template.py flow.xml.gz roles/nifi/templates/flow.xml.j2
Update Kibana dashboards
- Make necesarry changes to the dashboards or visualizations in the Kibana GUI
- Export objects by going to "Management->Saved Objects" and click on the "Export objects" link. Select all objects.
- Copy the exported file,export.ndjson, to the soctools directory
- Convert export.ndjson to a new template
utils/kibana_graphs2template.py export.ndjson roles/odfekibana/templates/kibana_graphs.ndjson.j2
Update configuration files in docker containers using Ansible
To update configuration files for all docker containers together, run the following command:
ansible-playbook -i inventories soctools.yml -t update-config
To update configuration files only for specific services, run the following commands:
ansible-playbook -i inventories soctools.yml -t update-keycloak-config
ansible-playbook -i inventories soctools.yml -t update-thehive-config
ansible-playbook -i inventories soctools.yml -t update-cortex-config
ansible-playbook -i inventories soctools.yml -t update-cassandra-config
ansible-playbook -i inventories soctools.yml -t update-haproxy-config
ansible-playbook -i inventories soctools.yml -t update-filebeat-config
ansible-playbook -i inventories soctools.yml -t update-nifi-config
ansible-playbook -i inventories soctools.yml -t update-odfees-config
ansible-playbook -i inventories soctools.yml -t update-odfekibana-config
Restart services inside docker containers using Ansible
To restart services for all docker containers together, run the following command: ansible-playbook -i inventories soctools.yml -t restart To restart services only for specific docker containers, run the following commands: ansible-playbook -i inventories soctools.yml -t restart-keycloak ansible-playbook -i inventories soctools.yml -t restart-thehive ansible-playbook -i inventories soctools.yml -t restart-cortex ansible-playbook -i inventories soctools.yml -t restart-cassandra ansible-playbook -i inventories soctools.yml -t restart-haproxy ansible-playbook -i inventories soctools.yml -t restart-filebeat ansible-playbook -i inventories soctools.yml -t restart-misp ansible-playbook -i inventories soctools.yml -t restart-mysql ansible-playbook -i inventories soctools.yml -t restart-nifi ansible-playbook -i inventories soctools.yml -t restart-odfees ansible-playbook -i inventories soctools.yml -t restart-odfekibana
Stop services inside docker containers using Ansible
To stop services for all docker containers together, run the following command: ansible-playbook -i inventories soctools.yml -t stop To stop services only for specific docker containers, run the following commands: ansible-playbook -i inventories soctools.yml -t stop-keycloak ansible-playbook -i inventories soctools.yml -t stop-thehive ansible-playbook -i inventories soctools.yml -t stop-cortex ansible-playbook -i inventories soctools.yml -t stop-cassandra ansible-playbook -i inventories soctools.yml -t stop-haproxy ansible-playbook -i inventories soctools.yml -t stop-filebeat ansible-playbook -i inventories soctools.yml -t stop-misp ansible-playbook -i inventories soctools.yml -t stop-mysql ansible-playbook -i inventories soctools.yml -t stop-nifi ansible-playbook -i inventories soctools.yml -t stop-odfees ansible-playbook -i inventories soctools.yml -t stop-odfekibana
Restart services inside docker containers manually
To restart services inside docker containers after changes in configuration files: 1. Attache container: docker exec -it container_id_or_name bash (example: docker exec -it soctools-keycloak bash) 2. List services and their statuses: supervisorctl status 3. Restart service: supervisorctl restart supervisor_service_name (example: supervisorctl restart keycloak) 4. Detach from container: exit