Skip to content
Snippets Groups Projects
Commit c3a9086e authored by Temur Maisuradze's avatar Temur Maisuradze
Browse files

Merge branch 'opensearch' into 'master'

Migrate from ODFE to OpenSearch

See merge request !5
parents 9b5cda32 d1bd7371
No related branches found
No related tags found
1 merge request!5Migrate from ODFE to OpenSearch
File moved
......@@ -10,19 +10,19 @@
- name: Start soctools cluster
import_playbook: startsoctools.yml
when: "'start' in ansible_run_tags or 'config' in ansible_run_tags or 'start-thehive' in ansible_run_tags or 'start-keycloak' in ansible_run_tags or 'start-cortex' in ansible_run_tags or 'start-haproxy' in ansible_run_tags or 'start-cassandra' in ansible_run_tags or 'start-filebeat' in ansible_run_tags or 'start-misp' in ansible_run_tags or 'start-mysql' in ansible_run_tags or 'start-nifi' in ansible_run_tags or 'start-odfees' in ansible_run_tags or 'start-odfekibana' in ansible_run_tags"
when: "'start' in ansible_run_tags or 'config' in ansible_run_tags or 'start-thehive' in ansible_run_tags or 'start-keycloak' in ansible_run_tags or 'start-cortex' in ansible_run_tags or 'start-haproxy' in ansible_run_tags or 'start-cassandra' in ansible_run_tags or 'start-filebeat' in ansible_run_tags or 'start-misp' in ansible_run_tags or 'start-mysql' in ansible_run_tags or 'start-nifi' in ansible_run_tags or 'start-opensearches' in ansible_run_tags or 'start-opensearch-dashboards' in ansible_run_tags"
- name: Stop soctools cluster
import_playbook: stopsoctools.yml
when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags or 'stop-cortex' in ansible_run_tags or 'stop-haproxy' in ansible_run_tags or 'stop-cassandra' in ansible_run_tags or 'stop-filebeat' in ansible_run_tags or 'stop-misp' in ansible_run_tags or 'stop-mysql' in ansible_run_tags or 'stop-nifi' in ansible_run_tags or 'stop-odfees' in ansible_run_tags or 'stop-odfekibana' in ansible_run_tags"
when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags or 'stop-cortex' in ansible_run_tags or 'stop-haproxy' in ansible_run_tags or 'stop-cassandra' in ansible_run_tags or 'stop-filebeat' in ansible_run_tags or 'stop-misp' in ansible_run_tags or 'stop-mysql' in ansible_run_tags or 'stop-nifi' in ansible_run_tags or 'stop-opensearches' in ansible_run_tags or 'stop-opensearch-dashboards' in ansible_run_tags"
- name: Update soctools cluster configs
import_playbook: update-config-soctools.yml
when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags or 'update-cortex-config' in ansible_run_tags or 'update-haproxy-config-acl' in ansible_run_tags or 'update-cassandra-config' in ansible_run_tags or 'update-filebeat-config' in ansible_run_tags or 'update-misp-config' in ansible_run_tags or 'update-mysql-config' in ansible_run_tags or 'update-nifi-config' in ansible_run_tags or 'update-odfees-config' in ansible_run_tags or 'update-odfekibana-config' in ansible_run_tags"
when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags or 'update-cortex-config' in ansible_run_tags or 'update-haproxy-config-acl' in ansible_run_tags or 'update-cassandra-config' in ansible_run_tags or 'update-filebeat-config' in ansible_run_tags or 'update-misp-config' in ansible_run_tags or 'update-mysql-config' in ansible_run_tags or 'update-nifi-config' in ansible_run_tags or 'update-opensearches-config' in ansible_run_tags or 'update-opensearch-dashboards-config' in ansible_run_tags"
- name: restart soctools cluster servics
import_playbook: restart-soctools.yml
when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags or 'restart-cortex' in ansible_run_tags or 'restart-haproxy' in ansible_run_tags or 'restart-cassandra' in ansible_run_tags or 'restart-filebeat' in ansible_run_tags or 'restart-misp' in ansible_run_tags or 'restart-mysql' in ansible_run_tags or 'restart-nifi' in ansible_run_tags or 'restart-odfees' in ansible_run_tags or 'restart-odfekibana' in ansible_run_tags"
when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags or 'restart-cortex' in ansible_run_tags or 'restart-haproxy' in ansible_run_tags or 'restart-cassandra' in ansible_run_tags or 'restart-filebeat' in ansible_run_tags or 'restart-misp' in ansible_run_tags or 'restart-mysql' in ansible_run_tags or 'restart-nifi' in ansible_run_tags or 'restart-opensearches' in ansible_run_tags or 'restart-opensearch-dashboards' in ansible_run_tags"
- name: create thehive users
import_playbook: create-thehive-users.yml
......
......@@ -40,13 +40,13 @@
roles:
- cortex
- name: Start OpenDistro for Elasticsearch
hosts: odfeescontainers
- name: Start Opensearch
hosts: opensearchescontainers
roles:
- odfees
- opensearches
- name: Start OpenDistro Kibana for Elasticsearch
hosts: odfekibanacontainers
- name: Start Opensearch dashboards
hosts: opensearchdashboardscontainers
roles:
- odfekibana
- opensearch-dashboards
......@@ -45,12 +45,12 @@
roles:
- cortex
- name: Stop OpenDistro for Elasticsearch
hosts: odfeescontainers
- name: Stop Opensearch
hosts: opensearchescontainers
roles:
- odfees
- opensearches
- name: Stop OpenDistro Kibana for Elasticsearch
hosts: odfekibanacontainers
- name: Stop Opensearch
hosts: opensearchdashboardscontainers
roles:
- odfekibana
- opensearch-dashboards
......@@ -25,15 +25,15 @@
roles:
- nifi
- name: Update Configs for OpenDistro for Elasticsearch
hosts: odfeescontainers
- name: Update Configs for Opensearch
hosts: opensearchescontainers
roles:
- odfees
- opensearches
- name: Update Configs for OpenDistro Kibana for Elasticsearch
hosts: odfekibanacontainers
- name: Update Configs for Opensearch Kibana
hosts: opensearchdashboardscontainers
roles:
- odfekibana
- opensearch-dashboards
- name: Update Configs for MISP
hosts: mispcontainers
......
......@@ -23,7 +23,7 @@ for v in et.findall(".//variable"):
elif a['name']=="elastic_username":
a['value']="{{ elastic_username }}"
elif a['name']=="elastic_password":
a['value']="{{lookup('password', '{{playbook_dir}}/secrets/passwords/odfees_adminpass')}}"
a['value']="{{lookup('password', '{{playbook_dir}}/secrets/passwords/opensearches_adminpass')}}"
for v in et.findall(".//controllerService[name='Soctools CA']/property[name='Truststore Password']/value"):
v.text="{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}"
......
#!/usr/bin/env python
# Get exported objects from OpenSearch dashobards (menu - Stack management - Saved objects - Export all)
# and convert them to a template to be put into:
# roles/opensearch-dashboards/templates/opensearch-dashboards_graphs.ndjson.j2
import argparse,re
parser = argparse.ArgumentParser()
parser.add_argument("graphsfile", help="input kibana_graphs.ndjson file")
parser.add_argument("graphsfile", help="input *.ndjson file")
parser.add_argument("templatefile", help="output template file")
args = parser.parse_args()
......@@ -11,8 +14,8 @@ r=open(args.graphsfile,"r")
w=open(args.templatefile,"w")
for line in r:
line=re.sub(r'(^.*thehive_button.*url\\":[^"].")[^\\"]*(.*apikey\\":[^"]*")[^\\"]*(.*owner\\":[^"]*")[^\\"]*(.*$)',"\g<1>https://{{soctoolsproxy}}:9000\g<2>{{lookup('file', '{{playbook_dir}}/secrets/tokens/thehive_kibana_secret_key')}}\g<3>{{THEHIVE_KIBANA_USER.username}}\g<4>",line)
line=re.sub(r"(^.*)https:\/\/[^\/]*(.*destination\.ip_misp\.keyword.*$)","\g<1>{{misp_url}}\g<2>",line)
#line=re.sub(r'(^.*thehive_button.*url\\":[^"].")[^\\"]*(.*apikey\\":[^"]*")[^\\"]*(.*owner\\":[^"]*")[^\\"]*(.*$)',"\g<1>https://{{soctoolsproxy}}:9000\g<2>{{lookup('file', '{{playbook_dir}}/secrets/tokens/thehive_kibana_secret_key')}}\g<3>{{THEHIVE_KIBANA_USER.username}}\g<4>",line)
line=re.sub(r"https://[^:]*:","https://{{soctoolsproxy}}:",line)
w.write(line)
r.close()
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment