From d0fc936f6cdc70ae41df10e84956e0d1c2ae97c5 Mon Sep 17 00:00:00 2001 From: "kiril.kjiroski@finki.ukim.mk" <kiril.kjiroski@finki.ukim.mk> Date: Tue, 26 Jan 2021 15:39:35 +0000 Subject: [PATCH] thehive integration with keycloak --- HOWTOS.md | 73 - README.md | 39 +- buildca.yml | 2 +- buildimages.yml | 2 +- group_vars/all/main.yml | 122 +- group_vars/all/users.yml | 21 - inventories/build/group_vars/all.yml | 4 + inventories/build/hosts.yml | 12 + inventories/cassandra | 2 - inventories/cortex | 2 - inventories/deploy/group_vars/haproxy.yml | 11 + inventories/deploy/group_vars/nifi.yml | 19 + inventories/deploy/group_vars/zookeeper.yml | 7 + inventories/deploy/hosts.yml.example | 21 + inventories/elasticsearch | 3 - inventories/filebeat | 16 - inventories/haproxy | 2 - inventories/keycloak | 2 - inventories/kibana | 2 - inventories/misp | 2 - inventories/mysql | 2 - inventories/nifi | 4 - inventories/soctools | 2 - inventories/thehive | 2 - restart-soctools.yml | 52 - .../files/cassandra/cassandrasupervisord.conf | 44 - roles/build/files/cassandraDockerfile | 35 + .../build/files/cortex/cortexsupervisord.conf | 56 - roles/build/files/cortexDockerfile | 32 + roles/build/files/elasticDockerfile | 21 + .../files/haproxy/haproxysupervisord.conf | 44 - roles/build/files/haproxyDockerfile | 71 + .../files/keycloak/keycloaksupervisord.conf | 44 - roles/build/files/keycloakDockerfile | 41 + .../build/files/kibana/kibanasupervisord.conf | 43 - .../Dockerfile.j2 => files/kibanaDockerfile} | 13 +- roles/build/files/misp/misp_rh-php72-php-fpm | 21 - roles/build/files/misp/mispsupervisord.conf | 83 - roles/build/files/mispDockerfile | 84 + roles/build/files/{misp => }/mispstart.sh | 0 roles/build/files/mispsupervisord.conf | 25 + roles/build/files/mysql/mysqlsupervisord.conf | 45 - roles/build/files/mysqlDockerfile | 13 + roles/build/files/mysqlsupervisord.conf | 7 + roles/build/files/nifi/nifisupervisord.conf | 44 - roles/build/files/nifiDockerfile | 97 + roles/build/files/odfees/odfesupervisord.conf | 43 - roles/build/files/odfeesDockerfile | 16 + roles/build/files/odfekibanaDockerfile | 18 + roles/build/files/openjdkDockerfile | 11 + .../files/thehive/thehivesupervisord.conf | 43 - roles/build/files/thehiveDockerfile | 24 + roles/build/files/thehive_button/.eslintrc | 7 + .../.kibana-plugin-helpers.json | 2 + roles/build/files/thehive_button/index.js | 19 + roles/build/files/thehive_button/package.json | 35 + .../thehive_button/public/create_case.js | 101 + .../build/files/thehive_button/public/env.js | 4 + .../build/files/thehive_button/public/main.js | 54 + .../thehive_button/public/options_editor.js | 176 + .../public/options_template.html | 8 + .../thehive_button/public/request_handler.js | 195 + .../files/thehive_button/public/vis.less | 3 + .../thehive_button/public/vis_controller.js | 555 + .../thehive_button/server/routes/newcase.js | 153 + .../thehive_button/thehive_button/.eslintrc | 7 + .../.kibana-plugin-helpers.json | 2 + .../thehive_button/thehive_button/index.js | 19 + .../thehive_button/package.json | 35 + .../thehive_button/public/create_case.js | 101 + .../thehive_button/public/env.js | 4 + .../thehive_button/public/main.js | 54 + .../thehive_button/public/options_editor.js | 176 + .../public/options_template.html | 8 + .../thehive_button/public/request_handler.js | 195 + .../thehive_button/public/vis.less | 3 + .../thehive_button/public/vis_controller.js | 555 + .../thehive_button/server/routes/newcase.js | 153 + .../files/zookeeper/zookeepersupervisord.conf | 43 - roles/build/files/zookeeperDockerfile | 34 + roles/build/tasks/cassandra.yml | 11 + roles/build/tasks/centos.yml | 205 +- roles/build/tasks/cortex.yml | 11 + roles/build/tasks/haproxy.yml | 10 + roles/build/tasks/keycloak.yml | 18 + roles/build/tasks/main.yml | 52 +- roles/build/tasks/misp.yml | 20 + roles/build/tasks/mysql.yml | 15 + roles/build/tasks/nifi.yml | 11 + roles/build/tasks/odfees.yml | 18 + roles/build/tasks/odfekibana.yml | 22 + roles/build/tasks/openjdk.yml | 11 + roles/build/tasks/thehive.yml | 11 + roles/build/tasks/zookeeper.yml | 11 + roles/build/templates/cassandra/Dockerfile.j2 | 21 +- .../templates/cassandra/cassandra.repo.j2 | 6 + roles/build/templates/cassandra/start.sh.j2 | 10 + .../templates/cassandra/supervisord.conf.j2 | 10 + roles/build/templates/cortex/Dockerfile.j2 | 10 +- roles/build/templates/cortex/application.conf | 2 +- roles/build/templates/haproxy/Dockerfile.j2 | 11 +- roles/build/templates/keycloak/Dockerfile.j2 | 9 +- roles/build/templates/misp/Dockerfile.j2 | 9 +- .../build/templates/misp/supervisord.conf.j2 | 25 + roles/build/templates/mysql/Dockerfile.j2 | 2 +- .../build/templates/mysql/supervisord.conf.j2 | 7 + roles/build/templates/nifi/Dockerfile.j2 | 8 +- .../Dockerfile-elastic.j2} | 5 +- ...ockerfile.j2 => Dockerfile-odfeelastic.j2} | 7 +- .../templates/odfekibana/Dockerfile-kibana.j2 | 9 +- ...Dockerfile.j2 => Dockerfile-odfekibana.j2} | 3 +- roles/build/templates/thehive/Dockerfile.j2 | 10 +- roles/build/templates/thehive/start.sh | 10 + .../build/templates/thehive/supervisord.conf | 10 + roles/build/templates/thehive/thehive.repo | 7 + roles/build/templates/zookeeper/Dockerfile.j2 | 8 +- roles/ca/files/CA/.rnd | Bin 0 -> 1024 bytes roles/ca/files/CA/ca.crt | 20 + .../01EC4DAD3E5E47CF4E4B98495932B337.pem | 88 + .../1DD9AF5415359961C578D1B98BFA6E9F.pem | 84 + .../560A99C5A03FC4B9FC92FDC62F419BB9.pem | 88 + .../5969918F10EF8D2BAE46B26D6D629D8E.pem | 88 + .../5DC4BC495FA076A813A4C23261640D92.pem | 88 + .../61095C2C8D35EE291C99CEABD42B3CA4.pem | 88 + .../7587FCE4CF3EC68117199076B12CD5D2.pem | 88 + .../7DFC33457573E8F16094A74E6B2F23F1.pem | 88 + .../8B69055F8586CEDD21660B2493412660.pem | 88 + .../97D2D0CF2300C0A966D103CA89A99212.pem | 88 + .../A7217943DDD1145BC6F68CBA362CB35B.pem | 84 + .../D27B43CB9BFB09CFCC86EFD1019A42FC.pem | 88 + .../FE7583DEF2355A2C2BBA09720BD80948.pem | 88 + roles/ca/files/CA/extensions.temp | 15 + roles/ca/files/CA/index.txt | 13 + roles/ca/files/CA/index.txt.attr | 1 + roles/ca/files/CA/index.txt.attr.old | 1 + roles/ca/files/CA/index.txt.old | 12 + roles/ca/files/CA/issued/Arne Oslebo.crt | 84 + roles/ca/files/CA/issued/Bozidar Proevski.crt | 84 + roles/ca/files/CA/issued/dsoclab-cortex.crt | 88 + roles/ca/files/CA/issued/dsoclab-haproxy.crt | 88 + roles/ca/files/CA/issued/dsoclab-keycloak.crt | 88 + roles/ca/files/CA/issued/dsoclab-kibana.crt | 88 + roles/ca/files/CA/issued/dsoclab-misp.crt | 88 + roles/ca/files/CA/issued/dsoclab-nifi-1.crt | 88 + roles/ca/files/CA/issued/dsoclab-nifi-2.crt | 88 + roles/ca/files/CA/issued/dsoclab-nifi-3.crt | 88 + roles/ca/files/CA/issued/dsoclab-odfe-1.crt | 88 + roles/ca/files/CA/issued/dsoclab-odfe-2.crt | 88 + roles/ca/files/CA/issued/dsoclab-thehive.crt | 88 + roles/ca/files/CA/openssl-easyrsa.cnf | 140 + roles/ca/files/CA/private/Arne Oslebo.key | 28 + roles/ca/files/CA/private/Arne Oslebo.p12 | Bin 0 -> 3325 bytes .../ca/files/CA/private/Bozidar Proevski.key | 28 + .../ca/files/CA/private/Bozidar Proevski.p12 | Bin 0 -> 3325 bytes roles/ca/files/CA/private/ca.key | 27 + roles/ca/files/CA/private/dsoclab-cortex.key | 28 + roles/ca/files/CA/private/dsoclab-cortex.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-haproxy.key | 28 + .../ca/files/CA/private/dsoclab-keycloak.key | 28 + .../ca/files/CA/private/dsoclab-keycloak.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-kibana.key | 28 + roles/ca/files/CA/private/dsoclab-kibana.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-misp.key | 28 + roles/ca/files/CA/private/dsoclab-misp.p12 | Bin 0 -> 3389 bytes roles/ca/files/CA/private/dsoclab-nifi-1.key | 28 + roles/ca/files/CA/private/dsoclab-nifi-1.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-nifi-2.key | 28 + roles/ca/files/CA/private/dsoclab-nifi-2.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-nifi-3.key | 28 + roles/ca/files/CA/private/dsoclab-nifi-3.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-odfe-1.key | 28 + roles/ca/files/CA/private/dsoclab-odfe-1.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-odfe-2.key | 28 + roles/ca/files/CA/private/dsoclab-odfe-2.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/private/dsoclab-thehive.key | 28 + roles/ca/files/CA/private/dsoclab-thehive.p12 | Bin 0 -> 3397 bytes roles/ca/files/CA/reqs/Arne Oslebo.req | 15 + roles/ca/files/CA/reqs/Bozidar Proevski.req | 15 + roles/ca/files/CA/reqs/dsoclab-cortex.req | 17 + roles/ca/files/CA/reqs/dsoclab-haproxy.req | 17 + roles/ca/files/CA/reqs/dsoclab-keycloak.req | 17 + roles/ca/files/CA/reqs/dsoclab-kibana.req | 17 + roles/ca/files/CA/reqs/dsoclab-misp.req | 17 + roles/ca/files/CA/reqs/dsoclab-nifi-1.req | 17 + roles/ca/files/CA/reqs/dsoclab-nifi-2.req | 17 + roles/ca/files/CA/reqs/dsoclab-nifi-3.req | 17 + roles/ca/files/CA/reqs/dsoclab-odfe-1.req | 17 + roles/ca/files/CA/reqs/dsoclab-odfe-2.req | 17 + roles/ca/files/CA/reqs/dsoclab-thehive.req | 17 + roles/ca/files/CA/safessl-easyrsa.cnf | 140 + roles/ca/files/CA/serial | 1 + roles/ca/files/CA/serial.old | 1 + roles/ca/files/truststore/SOCTOOLS-CA.crt | 20 + roles/ca/files/truststore/cacerts.jks | Bin 0 -> 893 bytes roles/ca/tasks/main.yml | 199 +- roles/cassandra/tasks/main.yml | 33 +- roles/cassandra/tasks/restart.yml | 6 - roles/cassandra/tasks/start.yml | 27 - roles/cassandra/tasks/stop.yml | 6 - roles/cassandra/tasks/update-config.yml | 15 - roles/cortex/files/SOCTOOLS-CA.crt | 20 + roles/cortex/files/cacerts.jks | Bin 0 -> 893 bytes roles/cortex/files/cortexsecret | 3 + roles/cortex/files/dsoclab-cortex.crt | 88 + roles/cortex/files/dsoclab-cortex.key | 28 + roles/cortex/files/dsoclab-cortex.p12 | Bin 0 -> 3397 bytes roles/cortex/files/logback.xml | 47 + roles/cortex/tasks/main.yml | 113 +- roles/cortex/tasks/restart.yml | 18 - roles/cortex/tasks/start.yml | 59 - roles/cortex/tasks/stop.yml | 10 - roles/cortex/tasks/update-config.yml | 14 - roles/cortex/templates/application.conf.j2 | 90 +- roles/docker/tasks/cassandra.yml | 1 + roles/docker/tasks/cortex.yml | 1 + roles/docker/tasks/haproxy.yml | 3 +- roles/docker/tasks/keycloak.yml | 1 + roles/docker/tasks/misp.yml | 3 +- roles/docker/tasks/nifi.yml | 1 + roles/docker/tasks/odfees.yml | 1 + roles/docker/tasks/odfekibana.yml | 1 + roles/docker/tasks/thehive.yml | 4 +- roles/filebeat/README.md | 38 - roles/filebeat/defaults/main.yml | 2 - roles/filebeat/files/.gitkeep | 0 roles/filebeat/handlers/main.yml | 2 - roles/filebeat/meta/main.yml | 53 - roles/filebeat/tasks/main.yml | 17 - roles/filebeat/tasks/restart.yml | 8 - roles/filebeat/tasks/start.yml | 23 - roles/filebeat/tasks/stop.yml | 8 - roles/filebeat/tasks/update-config.yml | 9 - roles/filebeat/templates/filebeat.yml.j2 | 35 - roles/filebeat/tests/inventory | 2 - roles/filebeat/tests/test.yml | 5 - roles/filebeat/vars/main.yml | 2 - roles/haproxy/files/.empty | 0 roles/haproxy/files/dsoclab-haproxy.crt | 88 + roles/haproxy/files/dsoclab-haproxy.key | 28 + roles/haproxy/files/haproxy.cfg | 17 + roles/haproxy/tasks/main.yml | 73 +- roles/haproxy/tasks/restart.yml | 6 - roles/haproxy/tasks/start.yml | 55 - roles/haproxy/tasks/stop.yml | 6 - roles/haproxy/tasks/update-config.yml | 8 - roles/haproxy/templates/haproxy.cfg.j2 | 13 +- roles/keycloak/files/SOCTOOLS-CA.crt | 20 + roles/keycloak/files/cacerts.jks | Bin 0 -> 893 bytes roles/keycloak/files/dsoclab-keycloak.crt | 88 + roles/keycloak/files/dsoclab-keycloak.key | 28 + roles/keycloak/tasks/main.yml | 110 +- roles/keycloak/tasks/restart.yml | 13 - roles/keycloak/tasks/start.yml | 96 - roles/keycloak/tasks/stop.yml | 5 - roles/keycloak/tasks/update-config.yml | 32 - .../templates/initkeycloakrealm.sh.j2 | 18 +- roles/misp/files/SOCTOOLS-CA.crt | 20 + roles/misp/files/cacerts.jks | Bin 0 -> 893 bytes roles/misp/files/dsoclab-misp.crt | 88 + roles/misp/files/dsoclab-misp.key | 28 + roles/misp/tasks/config.yml | 93 - roles/misp/tasks/main.yml | 66 +- roles/misp/tasks/restart.yml | 16 - roles/misp/tasks/start.yml | 73 - roles/misp/tasks/stop.yml | 17 - roles/misp/tasks/update-config.yml | 2 - roles/misp/templates/checkdb.sh.j2 | 4 +- roles/misp/templates/config.php.j2 | 84 + roles/misp/templates/database.php.j2 | 4 +- roles/misp/templates/misp.conf.j2 | 28 +- roles/misp/templates/mysql_secure.sql.j2 | 4 +- roles/mysql/tasks/main.yml | 16 - roles/mysql/tasks/misp.yml | 17 +- roles/mysql/tasks/restart.yml | 4 - roles/mysql/tasks/secure.yml | 10 +- roles/mysql/tasks/stop.yml | 4 - roles/mysql/tasks/update-config.yml | 2 - roles/mysql/templates/dotmy.cnf.j2 | 2 +- roles/mysql/templates/mysql_secure.sql.j2 | 9 +- .../nifi/files/CountriesWithRegionalCodes.csv | 250 - roles/nifi/files/SOCTOOLS-CA.crt | 20 + roles/nifi/files/cacerts.jks | Bin 0 -> 893 bytes roles/nifi/files/common-cacerts.jks | Bin 152651 -> 0 bytes roles/nifi/files/dsoclab-nifi-1.p12 | Bin 0 -> 3397 bytes roles/nifi/files/dsoclab-nifi-2.p12 | Bin 0 -> 3397 bytes roles/nifi/files/dsoclab-nifi-3.p12 | Bin 0 -> 3397 bytes roles/nifi/files/haproxy.groklib | 39 - roles/nifi/files/nifisecret | 3 + roles/nifi/tasks/main.yml | 154 +- roles/nifi/tasks/restart.yml | 6 - roles/nifi/tasks/start.yml | 204 - roles/nifi/tasks/stop.yml | 6 - roles/nifi/tasks/update-config.yml | 77 - roles/nifi/templates/flow.xml.j2 | 13033 ++++++---------- roles/nifi/templates/nifi.properties.j2 | 24 +- roles/odfees/files/Arne Oslebo.p12 | Bin 0 -> 3325 bytes roles/odfees/files/Bozidar Proevski.p12 | Bin 0 -> 3325 bytes roles/odfees/files/SOCTOOLS-CA.crt | 20 + roles/odfees/files/cacerts.jks | Bin 0 -> 893 bytes roles/odfees/files/dsoclab-odfe-1.p12 | Bin 0 -> 3397 bytes roles/odfees/files/dsoclab-odfe-2.p12 | Bin 0 -> 3397 bytes roles/odfees/tasks/main.yml | 123 +- roles/odfees/tasks/restart.yml | 14 - roles/odfees/tasks/start.yml | 102 - roles/odfees/tasks/stop.yml | 6 - roles/odfees/tasks/update-config.yml | 32 - .../templates/config/elasticsearch.yml.j2 | 10 +- .../templates/config/log4j2.properties.j2 | 24 +- .../templates/securityconfig/config.yml.j2 | 2 +- roles/odfekibana/files/Arne Oslebo.p12 | Bin 0 -> 3325 bytes roles/odfekibana/files/Bozidar Proevski.p12 | Bin 0 -> 3325 bytes roles/odfekibana/files/SOCTOOLS-CA.crt | 20 + roles/odfekibana/files/cacerts.jks | Bin 0 -> 893 bytes roles/odfekibana/files/dsoclab-kibana.crt | 88 + roles/odfekibana/files/dsoclab-kibana.key | 28 + roles/odfekibana/files/dsoclab-kibana.p12 | Bin 0 -> 3397 bytes roles/odfekibana/files/kibana_graphs.ndjson | 73 +- roles/odfekibana/files/kibanasecret | 3 + roles/odfekibana/tasks/main.yml | 189 +- roles/odfekibana/tasks/restart.yml | 32 - roles/odfekibana/tasks/start.yml | 166 - roles/odfekibana/tasks/stop.yml | 5 - roles/odfekibana/tasks/update-config.yml | 34 - roles/odfekibana/templates/kibana.yml.j2 | 16 +- roles/odfekibana/templates/role.json.j2 | 15 - roles/soctools-server/tasks/main.yml | 2 +- roles/thehive/files/SOCTOOLS-CA.crt | 20 + roles/thehive/files/cacerts.jks | Bin 0 -> 893 bytes roles/thehive/files/dsoclab-thehive.crt | 88 + roles/thehive/files/dsoclab-thehive.key | 28 + roles/thehive/files/logback.xml | 45 + roles/thehive/files/thehivesecret | 3 + roles/thehive/tasks/createusers.yml | 28 + roles/thehive/tasks/main.yml | 91 +- roles/thehive/tasks/restart.yml | 13 - roles/thehive/tasks/start.yml | 26 - roles/thehive/tasks/stop.yml | 5 - roles/thehive/tasks/update-config.yml | 7 - roles/thehive/templates/application.conf.j2 | 58 +- roles/thehive/templates/users.json | 6 + roles/thehive/vars/users.yml | 16 + soctools-inventory | 35 + soctools.yml | 11 +- soctools_server.yml | 2 +- startsoctools.yml | 13 +- stopsoctools.yml | 2 +- update-config-soctools.yml | 52 - utils/flow2template.py | 9 +- 348 files changed, 14428 insertions(+), 11255 deletions(-) delete mode 100644 HOWTOS.md delete mode 100644 group_vars/all/users.yml create mode 100644 inventories/build/group_vars/all.yml create mode 100644 inventories/build/hosts.yml delete mode 100644 inventories/cassandra delete mode 100644 inventories/cortex create mode 100644 inventories/deploy/group_vars/haproxy.yml create mode 100644 inventories/deploy/group_vars/nifi.yml create mode 100644 inventories/deploy/group_vars/zookeeper.yml create mode 100644 inventories/deploy/hosts.yml.example delete mode 100644 inventories/elasticsearch delete mode 100644 inventories/filebeat delete mode 100644 inventories/haproxy delete mode 100644 inventories/keycloak delete mode 100644 inventories/kibana delete mode 100644 inventories/misp delete mode 100644 inventories/mysql delete mode 100644 inventories/nifi delete mode 100644 inventories/soctools delete mode 100644 inventories/thehive delete mode 100644 restart-soctools.yml delete mode 100644 roles/build/files/cassandra/cassandrasupervisord.conf create mode 100644 roles/build/files/cassandraDockerfile delete mode 100644 roles/build/files/cortex/cortexsupervisord.conf create mode 100644 roles/build/files/cortexDockerfile create mode 100644 roles/build/files/elasticDockerfile delete mode 100644 roles/build/files/haproxy/haproxysupervisord.conf create mode 100644 roles/build/files/haproxyDockerfile delete mode 100644 roles/build/files/keycloak/keycloaksupervisord.conf create mode 100644 roles/build/files/keycloakDockerfile delete mode 100644 roles/build/files/kibana/kibanasupervisord.conf rename roles/build/{templates/kibana/Dockerfile.j2 => files/kibanaDockerfile} (57%) delete mode 100644 roles/build/files/misp/misp_rh-php72-php-fpm delete mode 100644 roles/build/files/misp/mispsupervisord.conf create mode 100644 roles/build/files/mispDockerfile rename roles/build/files/{misp => }/mispstart.sh (100%) create mode 100644 roles/build/files/mispsupervisord.conf delete mode 100644 roles/build/files/mysql/mysqlsupervisord.conf create mode 100644 roles/build/files/mysqlDockerfile create mode 100644 roles/build/files/mysqlsupervisord.conf delete mode 100644 roles/build/files/nifi/nifisupervisord.conf create mode 100644 roles/build/files/nifiDockerfile delete mode 100644 roles/build/files/odfees/odfesupervisord.conf create mode 100644 roles/build/files/odfeesDockerfile create mode 100644 roles/build/files/odfekibanaDockerfile create mode 100644 roles/build/files/openjdkDockerfile delete mode 100644 roles/build/files/thehive/thehivesupervisord.conf create mode 100644 roles/build/files/thehiveDockerfile create mode 100644 roles/build/files/thehive_button/.eslintrc create mode 100644 roles/build/files/thehive_button/.kibana-plugin-helpers.json create mode 100644 roles/build/files/thehive_button/index.js create mode 100644 roles/build/files/thehive_button/package.json create mode 100644 roles/build/files/thehive_button/public/create_case.js create mode 100644 roles/build/files/thehive_button/public/env.js create mode 100644 roles/build/files/thehive_button/public/main.js create mode 100644 roles/build/files/thehive_button/public/options_editor.js create mode 100644 roles/build/files/thehive_button/public/options_template.html create mode 100644 roles/build/files/thehive_button/public/request_handler.js create mode 100644 roles/build/files/thehive_button/public/vis.less create mode 100644 roles/build/files/thehive_button/public/vis_controller.js create mode 100644 roles/build/files/thehive_button/server/routes/newcase.js create mode 100644 roles/build/files/thehive_button/thehive_button/.eslintrc create mode 100644 roles/build/files/thehive_button/thehive_button/.kibana-plugin-helpers.json create mode 100644 roles/build/files/thehive_button/thehive_button/index.js create mode 100644 roles/build/files/thehive_button/thehive_button/package.json create mode 100644 roles/build/files/thehive_button/thehive_button/public/create_case.js create mode 100644 roles/build/files/thehive_button/thehive_button/public/env.js create mode 100644 roles/build/files/thehive_button/thehive_button/public/main.js create mode 100644 roles/build/files/thehive_button/thehive_button/public/options_editor.js create mode 100644 roles/build/files/thehive_button/thehive_button/public/options_template.html create mode 100644 roles/build/files/thehive_button/thehive_button/public/request_handler.js create mode 100644 roles/build/files/thehive_button/thehive_button/public/vis.less create mode 100644 roles/build/files/thehive_button/thehive_button/public/vis_controller.js create mode 100644 roles/build/files/thehive_button/thehive_button/server/routes/newcase.js delete mode 100644 roles/build/files/zookeeper/zookeepersupervisord.conf create mode 100644 roles/build/files/zookeeperDockerfile create mode 100644 roles/build/tasks/cassandra.yml create mode 100644 roles/build/tasks/cortex.yml create mode 100644 roles/build/tasks/haproxy.yml create mode 100644 roles/build/tasks/keycloak.yml create mode 100644 roles/build/tasks/misp.yml create mode 100644 roles/build/tasks/mysql.yml create mode 100644 roles/build/tasks/nifi.yml create mode 100644 roles/build/tasks/odfees.yml create mode 100644 roles/build/tasks/odfekibana.yml create mode 100644 roles/build/tasks/openjdk.yml create mode 100644 roles/build/tasks/thehive.yml create mode 100644 roles/build/tasks/zookeeper.yml create mode 100644 roles/build/templates/cassandra/cassandra.repo.j2 create mode 100644 roles/build/templates/cassandra/start.sh.j2 create mode 100644 roles/build/templates/cassandra/supervisord.conf.j2 create mode 100644 roles/build/templates/misp/supervisord.conf.j2 create mode 100644 roles/build/templates/mysql/supervisord.conf.j2 rename roles/build/templates/{elasticsearch/Dockerfile.j2 => odfees/Dockerfile-elastic.j2} (85%) rename roles/build/templates/odfees/{Dockerfile.j2 => Dockerfile-odfeelastic.j2} (74%) rename roles/build/templates/odfekibana/{Dockerfile.j2 => Dockerfile-odfekibana.j2} (92%) create mode 100644 roles/build/templates/thehive/start.sh create mode 100644 roles/build/templates/thehive/supervisord.conf create mode 100644 roles/build/templates/thehive/thehive.repo create mode 100644 roles/ca/files/CA/.rnd create mode 100644 roles/ca/files/CA/ca.crt create mode 100644 roles/ca/files/CA/certs_by_serial/01EC4DAD3E5E47CF4E4B98495932B337.pem create mode 100644 roles/ca/files/CA/certs_by_serial/1DD9AF5415359961C578D1B98BFA6E9F.pem create mode 100644 roles/ca/files/CA/certs_by_serial/560A99C5A03FC4B9FC92FDC62F419BB9.pem create mode 100644 roles/ca/files/CA/certs_by_serial/5969918F10EF8D2BAE46B26D6D629D8E.pem create mode 100644 roles/ca/files/CA/certs_by_serial/5DC4BC495FA076A813A4C23261640D92.pem create mode 100644 roles/ca/files/CA/certs_by_serial/61095C2C8D35EE291C99CEABD42B3CA4.pem create mode 100644 roles/ca/files/CA/certs_by_serial/7587FCE4CF3EC68117199076B12CD5D2.pem create mode 100644 roles/ca/files/CA/certs_by_serial/7DFC33457573E8F16094A74E6B2F23F1.pem create mode 100644 roles/ca/files/CA/certs_by_serial/8B69055F8586CEDD21660B2493412660.pem create mode 100644 roles/ca/files/CA/certs_by_serial/97D2D0CF2300C0A966D103CA89A99212.pem create mode 100644 roles/ca/files/CA/certs_by_serial/A7217943DDD1145BC6F68CBA362CB35B.pem create mode 100644 roles/ca/files/CA/certs_by_serial/D27B43CB9BFB09CFCC86EFD1019A42FC.pem create mode 100644 roles/ca/files/CA/certs_by_serial/FE7583DEF2355A2C2BBA09720BD80948.pem create mode 100644 roles/ca/files/CA/extensions.temp create mode 100644 roles/ca/files/CA/index.txt create mode 100644 roles/ca/files/CA/index.txt.attr create mode 100644 roles/ca/files/CA/index.txt.attr.old create mode 100644 roles/ca/files/CA/index.txt.old create mode 100644 roles/ca/files/CA/issued/Arne Oslebo.crt create mode 100644 roles/ca/files/CA/issued/Bozidar Proevski.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-cortex.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-haproxy.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-keycloak.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-kibana.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-misp.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-nifi-1.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-nifi-2.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-nifi-3.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-odfe-1.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-odfe-2.crt create mode 100644 roles/ca/files/CA/issued/dsoclab-thehive.crt create mode 100644 roles/ca/files/CA/openssl-easyrsa.cnf create mode 100644 roles/ca/files/CA/private/Arne Oslebo.key create mode 100644 roles/ca/files/CA/private/Arne Oslebo.p12 create mode 100644 roles/ca/files/CA/private/Bozidar Proevski.key create mode 100644 roles/ca/files/CA/private/Bozidar Proevski.p12 create mode 100644 roles/ca/files/CA/private/ca.key create mode 100644 roles/ca/files/CA/private/dsoclab-cortex.key create mode 100644 roles/ca/files/CA/private/dsoclab-cortex.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-haproxy.key create mode 100644 roles/ca/files/CA/private/dsoclab-keycloak.key create mode 100644 roles/ca/files/CA/private/dsoclab-keycloak.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-kibana.key create mode 100644 roles/ca/files/CA/private/dsoclab-kibana.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-misp.key create mode 100644 roles/ca/files/CA/private/dsoclab-misp.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-nifi-1.key create mode 100644 roles/ca/files/CA/private/dsoclab-nifi-1.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-nifi-2.key create mode 100644 roles/ca/files/CA/private/dsoclab-nifi-2.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-nifi-3.key create mode 100644 roles/ca/files/CA/private/dsoclab-nifi-3.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-odfe-1.key create mode 100644 roles/ca/files/CA/private/dsoclab-odfe-1.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-odfe-2.key create mode 100644 roles/ca/files/CA/private/dsoclab-odfe-2.p12 create mode 100644 roles/ca/files/CA/private/dsoclab-thehive.key create mode 100644 roles/ca/files/CA/private/dsoclab-thehive.p12 create mode 100644 roles/ca/files/CA/reqs/Arne Oslebo.req create mode 100644 roles/ca/files/CA/reqs/Bozidar Proevski.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-cortex.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-haproxy.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-keycloak.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-kibana.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-misp.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-nifi-1.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-nifi-2.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-nifi-3.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-odfe-1.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-odfe-2.req create mode 100644 roles/ca/files/CA/reqs/dsoclab-thehive.req create mode 100644 roles/ca/files/CA/safessl-easyrsa.cnf create mode 100644 roles/ca/files/CA/serial create mode 100644 roles/ca/files/CA/serial.old create mode 100644 roles/ca/files/truststore/SOCTOOLS-CA.crt create mode 100644 roles/ca/files/truststore/cacerts.jks delete mode 100644 roles/cassandra/tasks/restart.yml delete mode 100644 roles/cassandra/tasks/start.yml delete mode 100644 roles/cassandra/tasks/stop.yml delete mode 100644 roles/cassandra/tasks/update-config.yml create mode 100644 roles/cortex/files/SOCTOOLS-CA.crt create mode 100644 roles/cortex/files/cacerts.jks create mode 100644 roles/cortex/files/cortexsecret create mode 100644 roles/cortex/files/dsoclab-cortex.crt create mode 100644 roles/cortex/files/dsoclab-cortex.key create mode 100644 roles/cortex/files/dsoclab-cortex.p12 create mode 100644 roles/cortex/files/logback.xml delete mode 100644 roles/cortex/tasks/restart.yml delete mode 100644 roles/cortex/tasks/start.yml delete mode 100644 roles/cortex/tasks/stop.yml delete mode 100644 roles/cortex/tasks/update-config.yml delete mode 100644 roles/filebeat/README.md delete mode 100644 roles/filebeat/defaults/main.yml delete mode 100644 roles/filebeat/files/.gitkeep delete mode 100644 roles/filebeat/handlers/main.yml delete mode 100644 roles/filebeat/meta/main.yml delete mode 100644 roles/filebeat/tasks/main.yml delete mode 100644 roles/filebeat/tasks/restart.yml delete mode 100644 roles/filebeat/tasks/start.yml delete mode 100644 roles/filebeat/tasks/stop.yml delete mode 100644 roles/filebeat/tasks/update-config.yml delete mode 100644 roles/filebeat/templates/filebeat.yml.j2 delete mode 100644 roles/filebeat/tests/inventory delete mode 100644 roles/filebeat/tests/test.yml delete mode 100644 roles/filebeat/vars/main.yml delete mode 100644 roles/haproxy/files/.empty create mode 100644 roles/haproxy/files/dsoclab-haproxy.crt create mode 100644 roles/haproxy/files/dsoclab-haproxy.key create mode 100644 roles/haproxy/files/haproxy.cfg delete mode 100644 roles/haproxy/tasks/restart.yml delete mode 100644 roles/haproxy/tasks/start.yml delete mode 100644 roles/haproxy/tasks/stop.yml delete mode 100644 roles/haproxy/tasks/update-config.yml create mode 100644 roles/keycloak/files/SOCTOOLS-CA.crt create mode 100644 roles/keycloak/files/cacerts.jks create mode 100644 roles/keycloak/files/dsoclab-keycloak.crt create mode 100644 roles/keycloak/files/dsoclab-keycloak.key delete mode 100644 roles/keycloak/tasks/restart.yml delete mode 100644 roles/keycloak/tasks/start.yml delete mode 100644 roles/keycloak/tasks/stop.yml delete mode 100644 roles/keycloak/tasks/update-config.yml create mode 100644 roles/misp/files/SOCTOOLS-CA.crt create mode 100644 roles/misp/files/cacerts.jks create mode 100644 roles/misp/files/dsoclab-misp.crt create mode 100644 roles/misp/files/dsoclab-misp.key delete mode 100644 roles/misp/tasks/config.yml delete mode 100644 roles/misp/tasks/restart.yml delete mode 100644 roles/misp/tasks/start.yml delete mode 100644 roles/misp/tasks/stop.yml delete mode 100644 roles/misp/tasks/update-config.yml create mode 100644 roles/misp/templates/config.php.j2 delete mode 100644 roles/mysql/tasks/restart.yml delete mode 100644 roles/mysql/tasks/stop.yml delete mode 100644 roles/mysql/tasks/update-config.yml delete mode 100644 roles/nifi/files/CountriesWithRegionalCodes.csv create mode 100644 roles/nifi/files/SOCTOOLS-CA.crt create mode 100644 roles/nifi/files/cacerts.jks delete mode 100644 roles/nifi/files/common-cacerts.jks create mode 100644 roles/nifi/files/dsoclab-nifi-1.p12 create mode 100644 roles/nifi/files/dsoclab-nifi-2.p12 create mode 100644 roles/nifi/files/dsoclab-nifi-3.p12 delete mode 100644 roles/nifi/files/haproxy.groklib create mode 100644 roles/nifi/files/nifisecret delete mode 100644 roles/nifi/tasks/restart.yml delete mode 100644 roles/nifi/tasks/start.yml delete mode 100644 roles/nifi/tasks/stop.yml delete mode 100644 roles/nifi/tasks/update-config.yml create mode 100644 roles/odfees/files/Arne Oslebo.p12 create mode 100644 roles/odfees/files/Bozidar Proevski.p12 create mode 100644 roles/odfees/files/SOCTOOLS-CA.crt create mode 100644 roles/odfees/files/cacerts.jks create mode 100644 roles/odfees/files/dsoclab-odfe-1.p12 create mode 100644 roles/odfees/files/dsoclab-odfe-2.p12 delete mode 100644 roles/odfees/tasks/restart.yml delete mode 100644 roles/odfees/tasks/start.yml delete mode 100644 roles/odfees/tasks/stop.yml delete mode 100644 roles/odfees/tasks/update-config.yml create mode 100644 roles/odfekibana/files/Arne Oslebo.p12 create mode 100644 roles/odfekibana/files/Bozidar Proevski.p12 create mode 100644 roles/odfekibana/files/SOCTOOLS-CA.crt create mode 100644 roles/odfekibana/files/cacerts.jks create mode 100644 roles/odfekibana/files/dsoclab-kibana.crt create mode 100644 roles/odfekibana/files/dsoclab-kibana.key create mode 100644 roles/odfekibana/files/dsoclab-kibana.p12 create mode 100644 roles/odfekibana/files/kibanasecret delete mode 100644 roles/odfekibana/tasks/restart.yml delete mode 100644 roles/odfekibana/tasks/start.yml delete mode 100644 roles/odfekibana/tasks/stop.yml delete mode 100644 roles/odfekibana/tasks/update-config.yml delete mode 100644 roles/odfekibana/templates/role.json.j2 create mode 100644 roles/thehive/files/SOCTOOLS-CA.crt create mode 100644 roles/thehive/files/cacerts.jks create mode 100644 roles/thehive/files/dsoclab-thehive.crt create mode 100644 roles/thehive/files/dsoclab-thehive.key create mode 100644 roles/thehive/files/logback.xml create mode 100644 roles/thehive/files/thehivesecret create mode 100644 roles/thehive/tasks/createusers.yml delete mode 100644 roles/thehive/tasks/restart.yml delete mode 100644 roles/thehive/tasks/start.yml delete mode 100644 roles/thehive/tasks/stop.yml delete mode 100644 roles/thehive/tasks/update-config.yml create mode 100644 roles/thehive/templates/users.json create mode 100644 roles/thehive/vars/users.yml create mode 100644 soctools-inventory delete mode 100644 update-config-soctools.yml diff --git a/HOWTOS.md b/HOWTOS.md deleted file mode 100644 index ae4e2da..0000000 --- a/HOWTOS.md +++ /dev/null @@ -1,73 +0,0 @@ -Howto's -======= - -Modify main NiFi pipeline -------------------------- - -To make modifications to the main NiFi pipeline and add it to the Ansible playbook, do the following in the soctool directory: - -* Make necesarry to the pipeline in the NiFi GUI -* Copy flow.xml.gz file from one of the NiFi containers: - `docker cp soctools-nifi-1:/opt/nifi/nifi-current/conf/flow.xml.gz .` -* Convert flowx.xml.gz to new template - `utils/flow2template.py flow.xml.gz roles/nifi/templates/flow.xml.j2` - - -Update configuration files in docker containers using Ansible -------------------------------------------------------------- -To update configuration files for all docker containers together, run the following command: - ansible-playbook -i inventories soctools.yml -t update-config -To update configuration files only for specific services, run the following commands: - ansible-playbook -i inventories soctools.yml -t update-keycloak-config - ansible-playbook -i inventories soctools.yml -t update-thehive-config - ansible-playbook -i inventories soctools.yml -t update-cortex-config - ansible-playbook -i inventories soctools.yml -t update-cassandra-config - ansible-playbook -i inventories soctools.yml -t update-haproxy-config - ansible-playbook -i inventories soctools.yml -t update-filebeat-config - ansible-playbook -i inventories soctools.yml -t update-nifi-config - ansible-playbook -i inventories soctools.yml -t update-odfees-config - ansible-playbook -i inventories soctools.yml -t update-odfekibana-config - - -Restart services inside docker containers using Ansible -------------------------------------------------------- -To restart services for all docker containers together, run the following command: - ansible-playbook -i inventories soctools.yml -t restart -To restart services only for specific docker containers, run the following commands: - ansible-playbook -i inventories soctools.yml -t restart-keycloak - ansible-playbook -i inventories soctools.yml -t restart-thehive - ansible-playbook -i inventories soctools.yml -t restart-cortex - ansible-playbook -i inventories soctools.yml -t restart-cassandra - ansible-playbook -i inventories soctools.yml -t restart-haproxy - ansible-playbook -i inventories soctools.yml -t restart-filebeat - ansible-playbook -i inventories soctools.yml -t restart-misp - ansible-playbook -i inventories soctools.yml -t restart-mysql - ansible-playbook -i inventories soctools.yml -t restart-nifi - ansible-playbook -i inventories soctools.yml -t restart-odfees - ansible-playbook -i inventories soctools.yml -t restart-odfekibana - -Stop services inside docker containers using Ansible ----------------------------------------------------- -To stop services for all docker containers together, run the following command: - ansible-playbook -i inventories soctools.yml -t stop -To stop services only for specific docker containers, run the following commands: - ansible-playbook -i inventories soctools.yml -t stop-keycloak - ansible-playbook -i inventories soctools.yml -t stop-thehive - ansible-playbook -i inventories soctools.yml -t stop-cortex - ansible-playbook -i inventories soctools.yml -t stop-cassandra - ansible-playbook -i inventories soctools.yml -t stop-haproxy - ansible-playbook -i inventories soctools.yml -t stop-filebeat - ansible-playbook -i inventories soctools.yml -t stop-misp - ansible-playbook -i inventories soctools.yml -t stop-mysql - ansible-playbook -i inventories soctools.yml -t stop-nifi - ansible-playbook -i inventories soctools.yml -t stop-odfees - ansible-playbook -i inventories soctools.yml -t stop-odfekibana - -Restart services inside docker containers manually --------------------------------------------------- -To restart services inside docker containers after changes in configuration files: - 1. Attache container: docker exec -it container_id_or_name bash (example: docker exec -it soctools-keycloak bash) - 2. List services and their statuses: supervisorctl status - 3. Restart service: supervisorctl restart supervisor_service_name (example: supervisorctl restart keycloak) - 4. Detach from container: exit - diff --git a/README.md b/README.md index f44a498..967fa3f 100644 --- a/README.md +++ b/README.md @@ -13,45 +13,36 @@ Log in and install ansible: `yum -y install ansible git` `ansible-galaxy collection install ansible.posix` -Clone soctools: -Temporary solution: Upload your ssh key to gitlab.geant.org -`git clone git@gitlab.geant.org:gn4-3-wp8-t3.1-soc/soctools.git` +Clone soctools: +`git clone https://scm.uninett.no/geant-wp8-t3.1/soctools.git` `cd soctools` Install soctools: -Edit group_vars/all/main.yml and change 'soctoolsproxy' so that it point to the FQDN of the server. +Edit group_vars/all/main.yml and change 'dslproxy' so that it point to the FQDN of the server. `vi group_vars/all/main.yml` -Users are specified in the file: -`group_vars/all/users.yml` +The first entry in the soctools_users variable is the user with full admin privileges in NiFi and Kibana. To configure the server running soctools, run the ansible playbook: -`ansible-playbook -i inventories soctools_server.yml` +`ansible-playbook -i soctools-inventory soctools_server.yml` To build the Docker images needed, run the ansible playbook: -`ansible-playbook -i inventories buildimages.yml` +`ansible-playbook -i soctools-inventory buildimages.yml` To build the CA needed for host and user certificates, run the ansible playbook: -`ansible-playbook -i inventories buildca.yml` +`ansible-playbook -i soctools-inventory buildca.yml` -If using soctools CA certificates provided with this installation, you first need to download and import root certificate found in secrets/CA/ca.crt -For Windows, CA certificate should be installed in Trusted Root Certification Authorities store. - -User certificates are can be found in the directory secrets/certificates. Import into browser for authentication. -For Windows, user certificate should be installed in Personal store. Passwords for the certificates can be found in the directory secrets/passwords. +User certificates are can be found in the directory roles/ca/files/CA/private. Import into browser for authentication. To start the cluster, run the ansible playbook soctools.yml: -`ansible-playbook -i inventories soctools.yml -t start` +`ansible-playbook -i soctools-inventory soctools.yml -t start` To stop the cluster, run the ansible playbook soctools.yml: -`ansible-playbook -i inventories soctools.yml -t stop` - -Web interfaces are available on the following ports: - * 9443 - NiFi - * 5601 - Kibana - * 6443 - Misp : Default user/password: admin@admin.test/test - * 9000 - The Hive : Default user/password: admin@thehive.local/secret - * 9001 - Cortex - * 12443 - Keycloak : Default user/password: admin/Pass005 +`ansible-playbook -i soctools-inventory soctools.yml -t stop` + +The NiFi interface should now be available on port 9443 on the server. +The OpenDistro for Elasticsearch interface should now be available on port 5601 on the server. To access preconfigured +index patterns you have to switch to Global tenant. +The Keycloak IdP interface should now be available on port 12443 on the server. License ------- diff --git a/buildca.yml b/buildca.yml index 37ef902..b718286 100644 --- a/buildca.yml +++ b/buildca.yml @@ -1,7 +1,7 @@ --- - name: Build certification authority - hosts: soctoolsmain + hosts: dsldev roles: - ca diff --git a/buildimages.yml b/buildimages.yml index 8a93583..d30f905 100644 --- a/buildimages.yml +++ b/buildimages.yml @@ -1,7 +1,7 @@ --- - name: Build docker images - hosts: soctoolsmain + hosts: dsldev roles: - build diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index 0c1c3d2..c6adf5f 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -1,75 +1,124 @@ --- -soctoolsproxy: "<CHANGE_ME:hostname>" - -maxmind_key: "" - -docker_build_dir: "{{playbook_dir}}/build" +dslproxy: "dsoclab.gn4-3-wp8-soc.sunet.se" # TheHive Button plugin THEHIVE_URL: "https://hive.gn4-3-wp8-soc.sunet.se/" -THEHIVE_API_KEY: "5LymseWiurZBrQN8Kqp8O+9KniTL5cE0" -THEHIVE_OWNER: "admin" +# here enter API key for default admin user +THEHIVE_API_KEY: "bs2Jc3tGJqhVv0AYyX2NYlhMlorPz7mX" +# ID of the default admin user +THEHIVE_OWNER: "admin@thehive.local" + +# TheHive Create Organisation and Users +# Login as default admin user and create API key, populate it here +# thehive_admin_api: "KoHrKbIJm8XMsJxA9nZLs6YemCu76o3u" +# thehive_writer: "[write]" + +#THEHIVE_API_KEY: "1gFdNhmUSxO3BRe1SBB5JYEvkW9UOo6s" +THEHIVE_USERS: + - kiril: + username: "kiril" + name: "Kiril" + surname: "Kiroski" + roles: '["read", "write", "admin"]' + organization: "uninett.no" + - temur: + username: "temur" + name: "Temur" + surname: "Maisuradze" + roles: '["read", "write", "admin"]' + organization: "uninett.no" + + soctools_netname: "soctoolsnet" soctools_network: "172.22.0.0/16" -repo: soctools +repo: gn43-dsl version: 7 suffix: a20201004 -haproxy_name: "soctools-haproxy" +haproxy_name: "dsoclab-haproxy" haproxy_version: "2.2" haproxy_img: "{{repo}}/haproxy:{{version}}{{suffix}}" HAPROXY_PROCESSES: "2" - -FILEBEAT_VERSION: "7.9.3" -FILEBEAT_OUTPUT_HOST: "{{soctoolsproxy}}" -FILEBEAT_OUTPUT_PORT: "6000" -FILEBEAT_CERT: "/opt/filebeat/filebeat.crt" -FILEBEAT_KEY: "/opt/filebeat/filebeat.key" +HAPROXY_STATS_PASS: "eiph2Eepaizicheelah3tei+bae3ohgh" temp_root: "/tmp/centosbuild" openjdk_img: "{{repo}}/openjdk:{{version}}{{suffix}}" -zookeeper_name: "soctools-zookeeper" +zookeeper_name: "dsoclab-zookeeper" zookeeper_img: "{{repo}}/zookeeper:{{version}}{{suffix}}" -misp_name: "soctools-misp" +misp_name: "dsoclab-misp" misp_img: "{{repo}}/misp:{{version}}{{suffix}}" -misp_url: "https://{{soctoolsproxy}}:6443" nifi_img: "{{repo}}/nifi:{{version}}{{suffix}}" -mysql_name: "soctools-mysql" +mysql_name: "dsoclab-mysql" mysql_img: "{{repo}}/mysql:{{version}}{{suffix}}" +mysql_dbrootpass: "Pass006" -cassandra_name: "soctools-cassandra" +cassandra_name: "dsoclab-cassandra" cassandra_img: "{{repo}}/cassandra:{{version}}{{suffix}}" -thehive_name: "soctools-thehive" +thehive_name: "dsoclab-thehive" thehive_img: "{{repo}}/thehive:{{version}}{{suffix}}" +# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1 +thehive_secret_key: "LcnI9eKLo33711BmCnzf6UM1y05pdmj3dlADL81PxuffWqhobRoiiGFftjNPKpmM" -cortex_name: "soctools-cortex" +cortex_name: "dsoclab-cortex" cortex_img: "{{repo}}/cortex:{{version}}{{suffix}}" cortex_elasticsearch_mem: "256m" +# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1 +cortex_secret_key: "9CZ844IcAp5dHjsgU4iuaEssdopLcS6opzhVP3Ys4t4eRpNlHmwZdtfveLEXpM9D" +cortex_odfe_pass: "Pass009" + +kspass: "Testing003" +tspass: "Testing003" sysctlconfig: - - { key: "net.core.rmem_max", val: "4194304" } - - { key: "net.core.wmem_max", val: "4194304" } + - { key: "net.core.rmem_max", val: "2097152" } + - { key: "net.core.wmem_max", val: "2097152" } - { key: "vm.max_map_count" , val: "524288" } nifi_javamem: "1g" odfe_javamem: "512m" -nifi_version: 1.12.1 +nifi_version: 1.11.4 nifi_repo: "https://archive.apache.org/dist" ca_cn: "SOCTOOLS-CA" +soctools_users: + - firstname: "Bozidar" + lastname: "Proevski" + username: "bozidar.proevski" + email: "bozidar.proevski@finki.ukim.mk" + DN: "CN=Bozidar Proevski" + CN: "Bozidar Proevski" + password: "Pass001" + - firstname: "Arne" + lastname: "Oslebo" + username: "arne.oslebo" + email: "arne.oslebo@uninett.no" + DN: "CN=Arne Oslebo" + CN: "Arne Oslebo" + password: "Pass002" + - firstname: "Kiril" + lastname: "Kjiroski" + username: "kiril.kjiroski" + email: "kiril.kjiroski@finki.ukim.mk" + DN: "CN=Kiril Kjiroski" + CN: "Kiril Kjiroski" + password: "Pass003" + odfees_img: "{{repo}}/odfees:{{version}}{{suffix}}" odfekibana_img: "{{repo}}/odfekibana:{{version}}{{suffix}}" +# GENERATE 32-bit secure value +odfekibana_cookie: "iroAm0ueIV7w6CS1WcJTwIV6R4d5RIAt" +odfees_adminpass: "Pass004" #elk_version: "oss-7.6.1" elk_version: "oss-7.4.2" #odfeplugin_version: "1.7.0.0" @@ -80,25 +129,16 @@ openid_scope: profile openid_subjkey: preferred_username keycloak_img: "{{repo}}/keycloak:{{version}}{{suffix}}" +keycloak_adminpass: "Pass005" elastic_username: "admin" +misp_token: "" +misp_url: "" +maxmind_key: "" misp_dbname: "mispdb" misp_dbuser: "misp" - -services: - - mysql - - haproxy - - openjdk - - zookeeper - - nifi - - elasticsearch - - kibana - - odfees - - odfekibana - - keycloak - - misp - - cassandra - - thehive - - cortex +misp_dbpass: "Pass007" +# misp_salt generated with: openssl rand -base64 32 +misp_salt: "wa2fJA2mGIn32IDl+uKrCJ069Mg3khDdGzFNv8DOwM0=" diff --git a/group_vars/all/users.yml b/group_vars/all/users.yml deleted file mode 100644 index bc785e4..0000000 --- a/group_vars/all/users.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- - -soctools_users: - - firstname: "User1" - lastname: "SOC" - username: "user1" - email: "user1@soctools.test" - DN: "CN=User1Soctools" - CN: "User1Soctools" - - firstname: "User2" - lastname: "SOC" - username: "user2" - email: "user2@soctools.test" - DN: "CN=User2Soctools" - CN: "User2Soctools" - -# Minimum one user is required -ODFE_ADMIN_USERS: - - user1 - - diff --git a/inventories/build/group_vars/all.yml b/inventories/build/group_vars/all.yml new file mode 100644 index 0000000..7043236 --- /dev/null +++ b/inventories/build/group_vars/all.yml @@ -0,0 +1,4 @@ +--- + +docker_image_path: images +base_image: python:2.7-stretch diff --git a/inventories/build/hosts.yml b/inventories/build/hosts.yml new file mode 100644 index 0000000..4854638 --- /dev/null +++ b/inventories/build/hosts.yml @@ -0,0 +1,12 @@ +all: + hosts: + nifi-image: + ansible_connection: docker + ansible_python_interpreter: /usr/bin/python + localhost: + ansible_python_interpreter: /usr/bin/python + ansible_connection: local + children: + nifi: + hosts: + localhost: diff --git a/inventories/cassandra b/inventories/cassandra deleted file mode 100644 index 65a4f34..0000000 --- a/inventories/cassandra +++ /dev/null @@ -1,2 +0,0 @@ -[cassandra] -soctools-cassandra ansible_connection=docker diff --git a/inventories/cortex b/inventories/cortex deleted file mode 100644 index 6a64e81..0000000 --- a/inventories/cortex +++ /dev/null @@ -1,2 +0,0 @@ -[cortex] -soctools-cortex ansible_connection=docker diff --git a/inventories/deploy/group_vars/haproxy.yml b/inventories/deploy/group_vars/haproxy.yml new file mode 100644 index 0000000..b53d50d --- /dev/null +++ b/inventories/deploy/group_vars/haproxy.yml @@ -0,0 +1,11 @@ +--- +index: haproxy +scale: "{{ haproxy_scale | default('1')}}" +docker: + haproxy: + image: haproxy:latest + volumes: + - /usr/local/etc/haproxy/:/usr/local/etc/haproxy:ro + ports: + - "80:80" + source: pull \ No newline at end of file diff --git a/inventories/deploy/group_vars/nifi.yml b/inventories/deploy/group_vars/nifi.yml new file mode 100644 index 0000000..5b71869 --- /dev/null +++ b/inventories/deploy/group_vars/nifi.yml @@ -0,0 +1,19 @@ +--- +index: nifi +scale: "{{ nifi_scale | default('1')}}" +docker: + nifi: +# image: nifi-soctools #For nifi image built by soctools +# source: load + image: apache/nifi:latest + source: pull + command: /opt/nifi/nifi-current/scripts/start.sh + env: + NIFI_HOME: "/opt/nifi/nifi-current" + NIFI_LOG_DIR: "/opt/nifi/nifi-current/logs" + NIFI_PID_DIR: "/opt/nifi/nifi-current/run" + NIFI_CLUSTER_IS_NODE: "true" + NIFI_ZK_CONNECT_STRING: "zookeeper_1:2181" + NIFI_CLUSTER_NODE_PROTOCOL_PORT: "8082" + NIFI_ELECTION_MAX_WAIT: "1 min" + load_path: "{{ image_location }}/nifi-soctools.tar" diff --git a/inventories/deploy/group_vars/zookeeper.yml b/inventories/deploy/group_vars/zookeeper.yml new file mode 100644 index 0000000..5604be8 --- /dev/null +++ b/inventories/deploy/group_vars/zookeeper.yml @@ -0,0 +1,7 @@ +--- +index: zookeeper +scale: "{{ zookeeper_scale | default('1')}}" +docker: + zookeeper: + image: zookeeper:latest + source: pull \ No newline at end of file diff --git a/inventories/deploy/hosts.yml.example b/inventories/deploy/hosts.yml.example new file mode 100644 index 0000000..7d85e5b --- /dev/null +++ b/inventories/deploy/hosts.yml.example @@ -0,0 +1,21 @@ +all: + hosts: + host1: + ansible_ssh_user: debian + ansible_python_interpreter: /usr/bin/python + become: yes + children: + soctools_server: + hosts: + host1: + nifi: + hosts: + host1: + nifi_scale: 3 + haproxy: + hosts: + host1: + zookeeper: + hosts: + host1: + zookeeper_scale: 3 \ No newline at end of file diff --git a/inventories/elasticsearch b/inventories/elasticsearch deleted file mode 100644 index 73901fb..0000000 --- a/inventories/elasticsearch +++ /dev/null @@ -1,3 +0,0 @@ -[odfeescontainers] -soctools-odfe-1 ansible_connection=docker -soctools-odfe-2 ansible_connection=docker diff --git a/inventories/filebeat b/inventories/filebeat deleted file mode 100644 index 2add349..0000000 --- a/inventories/filebeat +++ /dev/null @@ -1,16 +0,0 @@ -[filebeat] -soctools-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text" -soctools-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text" -soctools-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text" -soctools-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text" -soctools-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="elasticsearch" FILEBEAT_LOG_FORMAT="json" -soctools-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="elasticsearch" FILEBEAT_LOG_FORMAT="json" -soctools-kibana ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/kibana_stdout.log"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="json" -soctools-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="json" -soctools-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log","/var/opt/rh/rh-mariadb103/lib/mysql/server_audit.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text" -soctools-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text" -soctools-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text" -soctools-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text" -soctools-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text" -soctools-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text" - diff --git a/inventories/haproxy b/inventories/haproxy deleted file mode 100644 index 7ded04a..0000000 --- a/inventories/haproxy +++ /dev/null @@ -1,2 +0,0 @@ -[haproxy] -soctools-haproxy ansible_connection=docker \ No newline at end of file diff --git a/inventories/keycloak b/inventories/keycloak deleted file mode 100644 index b998e8f..0000000 --- a/inventories/keycloak +++ /dev/null @@ -1,2 +0,0 @@ -[keycloakcontainers] -soctools-keycloak ansible_connection=docker diff --git a/inventories/kibana b/inventories/kibana deleted file mode 100644 index 1f00ac6..0000000 --- a/inventories/kibana +++ /dev/null @@ -1,2 +0,0 @@ -[odfekibanacontainers] -soctools-kibana ansible_connection=docker diff --git a/inventories/misp b/inventories/misp deleted file mode 100644 index 445ec1e..0000000 --- a/inventories/misp +++ /dev/null @@ -1,2 +0,0 @@ -[mispcontainers] -soctools-misp ansible_connection=docker diff --git a/inventories/mysql b/inventories/mysql deleted file mode 100644 index 6d0b306..0000000 --- a/inventories/mysql +++ /dev/null @@ -1,2 +0,0 @@ -[mysql] -soctools-mysql ansible_connection=docker \ No newline at end of file diff --git a/inventories/nifi b/inventories/nifi deleted file mode 100644 index d434490..0000000 --- a/inventories/nifi +++ /dev/null @@ -1,4 +0,0 @@ -[nificontainers] -soctools-nifi-1 ansible_connection=docker -soctools-nifi-2 ansible_connection=docker -soctools-nifi-3 ansible_connection=docker diff --git a/inventories/soctools b/inventories/soctools deleted file mode 100644 index 46ea675..0000000 --- a/inventories/soctools +++ /dev/null @@ -1,2 +0,0 @@ -[soctoolsmain] -localhost ansible_connection=local diff --git a/inventories/thehive b/inventories/thehive deleted file mode 100644 index 6fd7b99..0000000 --- a/inventories/thehive +++ /dev/null @@ -1,2 +0,0 @@ -[thehive] -soctools-thehive ansible_connection=docker diff --git a/restart-soctools.yml b/restart-soctools.yml deleted file mode 100644 index 5aa1c94..0000000 --- a/restart-soctools.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- - -- name: Restart services for haproxy - hosts: haproxy - roles: - - haproxy - -- name: Restart services for mysql - hosts: mysql - roles: - - mysql - -- name: Restart services for Cassandra - hosts: cassandra - roles: - - cassandra - -- name: Restart services for Keycloak - hosts: keycloakcontainers - roles: - - keycloak - -- name: Restart services for NiFi - hosts: nificontainers - roles: - - nifi - -- name: Restart services for OpenDistro for Elasticsearch - hosts: odfeescontainers - roles: - - odfees - -- name: Restart services for OpenDistro Kibana for Elasticsearch - hosts: odfekibanacontainers - roles: - - odfekibana - -- name: Restart services for MISP - hosts: mispcontainers - roles: - - misp - -- name: Restart services for TheHive - hosts: thehive - roles: - - thehive - -- name: Restart services for Cortex - hosts: cortex - roles: - - cortex - diff --git a/roles/build/files/cassandra/cassandrasupervisord.conf b/roles/build/files/cassandra/cassandrasupervisord.conf deleted file mode 100644 index 6cef650..0000000 --- a/roles/build/files/cassandra/cassandrasupervisord.conf +++ /dev/null @@ -1,44 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:cassandra] -directory=/usr/share/cassandra -user=cassandra -group=cassandra -environment = CASSANDRA_HOME="/usr/share/cassandra",CASSANDRA_CONF="/usr/share/cassandra/conf",CASSANDRA_INCLUDE="/usr/share/cassandra/cassandra.in.sh" -command=/bin/bash -c '/usr/sbin/cassandra -f' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/cassandra_stderr.log -stdout_logfile = /var/log/supervisor/cassandra_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/cassandraDockerfile b/roles/build/files/cassandraDockerfile new file mode 100644 index 0000000..c1b7388 --- /dev/null +++ b/roles/build/files/cassandraDockerfile @@ -0,0 +1,35 @@ +FROM gn43-dsl/openjdk:7a20201004 + +USER root +#COPY cassandra.repo /etc/yum.repos.d/cassandra.repo +#COPY supervisord.conf /etc/supervisord.conf +#COPY start.sh /start.sh +RUN echo "[cassandra]" > /etc/yum.repos.d/cassandra.repo && \ + echo "name=Apache Cassandra" >> /etc/yum.repos.d/cassandra.repo && \ + echo "baseurl=https://downloads.apache.org/cassandra/redhat/311x/" >> /etc/yum.repos.d/cassandra.repo && \ + echo "gpgcheck=1" >> /etc/yum.repos.d/cassandra.repo && \ + echo "repo_gpgcheck=1" >> /etc/yum.repos.d/cassandra.repo && \ + echo "gpgkey=https://downloads.apache.org/cassandra/KEYS" >> /etc/yum.repos.d/cassandra.repo && \ + echo '#!/bin/bash' > /start.sh && \ + echo 'export CASSANDRA_HOME=/usr/share/cassandra' >> /start.sh && \ + echo 'export CASSANDRA_CONF=$CASSANDRA_HOME/conf' >> /start.sh && \ + echo 'export CASSANDRA_INCLUDE=$CASSANDRA_HOME/cassandra.in.sh' >> /start.sh && \ + echo 'log_file=/var/log/cassandra/cassandra.log' >> /start.sh && \ + echo 'pid_file=/var/run/cassandra/cassandra.pid' >> /start.sh && \ + echo 'lock_file=/var/lock/subsys/cassandra' >> /start.sh && \ + echo 'CASSANDRA_PROG=/usr/sbin/cassandra' >> /start.sh && \ + echo '' >> /start.sh && \ + echo '$CASSANDRA_PROG -p $pid_file > $log_file 2>&1' >> /start.sh && \ + yum install -y epel-release && \ + yum install -y cassandra supervisor && \ + mkdir /usr/share/cassandra/conf && \ + cp -a /etc/cassandra/conf/* /usr/share/cassandra/conf && \ + chown -R cassandra:cassandra /usr/share/cassandra && \ + chown -R cassandra:cassandra /var/lib/cassandra && \ + sed -i -e 's,/etc/cassandra,/usr/share/cassandra,g' /usr/share/cassandra/cassandra.in.sh && \ + chmod a+x /start.sh && \ + yum -y clean all +EXPOSE 7000 9042 +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER cassandra +# ENTRYPOINT ["/start.sh"] diff --git a/roles/build/files/cortex/cortexsupervisord.conf b/roles/build/files/cortex/cortexsupervisord.conf deleted file mode 100644 index 99e89e4..0000000 --- a/roles/build/files/cortex/cortexsupervisord.conf +++ /dev/null @@ -1,56 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:elasticsearch] -directory=/usr/share/elasticsearch -user=elasticsearch -group=elasticsearch -command=/bin/bash -c '/usr/share/elasticsearch/bin/elasticsearch' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/elasticsearch_stderr.log -stdout_logfile = /var/log/supervisor/elasticsearch_stdout.log - -[program:cortex] -directory=/opt/cortex -user=cortex -group=cortex -command=/bin/bash -c '/opt/cortex/bin/cortex -Dconfig.file=/etc/cortex/application.conf -Dlogger.file=/etc/cortex/logback.xml -J-Xms1g -J-Xmx1g -Dpidfile.path=/dev/null' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/cortex_stderr.log -stdout_logfile = /var/log/supervisor/cortex_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/cortexDockerfile b/roles/build/files/cortexDockerfile new file mode 100644 index 0000000..014cdf0 --- /dev/null +++ b/roles/build/files/cortexDockerfile @@ -0,0 +1,32 @@ +FROM gn43-dsl/openjdk:7a20201004 + +USER root +#COPY thehive.repo /etc/yum.repos.d/thehive.repo +#COPY supervisord.conf /etc/supervisord.conf +#COPY start.sh /start.sh +RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ + echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \ + echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \ + echo "name=TheHive-Project RPM repository" >> /etc/yum.repos.d/thehive.repo && \ + echo "baseurl=http://rpm.thehive-project.org/stable/noarch" >> /etc/yum.repos.d/thehive.repo && \ + echo "gpgcheck=1" >> /etc/yum.repos.d/thehive.repo && \ + yum install -y epel-release && \ + rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \ + rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ + yum install -y cortex supervisor daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \ + rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.8.13.rpm && \ + chown -R elasticsearch:elasticsearch /etc/elasticsearch && \ + mkdir -p /home/cortex && \ + chown -R cortex:cortex /home/cortex && \ + chown -R cortex:cortex /etc/cortex && \ + cd /opt && \ + git clone https://github.com/TheHive-Project/Cortex-Analyzers && \ + chown -R cortex:cortex /opt/Cortex-Analyzers && \ + cd /opt/Cortex-Analyzers && \ + for I in analyzers/*/requirements.txt; do LC_ALL=en_US.UTF-8 pip3 install --no-cache-dir -U -r $I || true; done && \ + for I in responders/*/requirements.txt; do LC_ALL=en_US.UTF-8 pip3 install --no-cache-dir -U -r $I || true; done && \ + yum -y clean all +EXPOSE 9001 +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER cortex +# ENTRYPOINT ["/start.sh"] diff --git a/roles/build/files/elasticDockerfile b/roles/build/files/elasticDockerfile new file mode 100644 index 0000000..dba4003 --- /dev/null +++ b/roles/build/files/elasticDockerfile @@ -0,0 +1,21 @@ +FROM gn43-dsl/openjdk:7a20201004 + +ENV PATH="/usr/share/elasticsearch/bin:${PATH}" + +RUN groupadd -g 1000 elasticsearch && \ + adduser -u 1000 -g 1000 -d /usr/share/elasticsearch elasticsearch + +WORKDIR /usr/share/elasticsearch + +RUN rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ + rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.4.2-no-jdk-x86_64.rpm && \ + cp -a /etc/elasticsearch/ /usr/share/elasticsearch/config/ && \ + chown -R elasticsearch /usr/share/elasticsearch/config && \ + mkdir -p /usr/share/elasticsearch/data && \ + chown -R elasticsearch /usr/share/elasticsearch/data && \ + sed -i -e 's,ES_PATH_CONF=/etc/elasticsearch,ES_PATH_CONF=/usr/share/elasticsearch/config,g' /etc/sysconfig/elasticsearch + +EXPOSE 9200 9300 +USER elasticsearch +ENTRYPOINT ["/bin/bash"] + diff --git a/roles/build/files/haproxy/haproxysupervisord.conf b/roles/build/files/haproxy/haproxysupervisord.conf deleted file mode 100644 index 2738cf2..0000000 --- a/roles/build/files/haproxy/haproxysupervisord.conf +++ /dev/null @@ -1,44 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:haproxy] -directory=/root -user=root -group=root -command=/bin/bash -c '/usr/local/sbin/haproxy -f /usr/local/etc/haproxy/haproxy.cfg' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/haproxy_stderr.log -stdout_logfile = /var/log/supervisor/haproxy_stdout.log - - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/haproxyDockerfile b/roles/build/files/haproxyDockerfile new file mode 100644 index 0000000..f36d8f4 --- /dev/null +++ b/roles/build/files/haproxyDockerfile @@ -0,0 +1,71 @@ +FROM gn43-dsl/centos:7a20201004 + +ENV HAPROXY_VERSION 2.2.3 +ENV HAPROXY_URL https://www.haproxy.org/download/2.2/src/haproxy-2.2.3.tar.gz +ENV HAPROXY_SHA256 7209db363d4dbecb21133f37b01048df666aebc14ff543525dbea79be202064e +ENV OPENSSL_VERSION=1.0.2u + + +# see https://sources.debian.net/src/haproxy/jessie/debian/rules/ for some helpful navigation of the possible "make" arguments +RUN \ + yum install -y epel-release && \ + yum update -y && \ + `# Install build tools. Note: perl needed to compile openssl...` \ + yum install -y \ + inotify-tools \ + wget \ + tar \ + gzip \ + make \ + gcc \ + perl \ + pcre-devel \ + zlib-devel \ + iptables \ + pcre2-devel \ + daemonize \ + pth-devel && \ + `# Install newest openssl...` \ + wget -O /tmp/openssl.tgz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \ + tar -zxf /tmp/openssl.tgz -C /tmp && \ + cd /tmp/openssl-* && \ + ./config --prefix=/usr \ + --openssldir=/etc/ssl \ + --libdir=lib \ + no-shared zlib-dynamic && \ + make -j$(getconf _NPROCESSORS_ONLN) V= && make install_sw && \ + cd && rm -rf /tmp/openssl* && \ + `# Install HAProxy...` \ + && wget -O haproxy.tar.gz "$HAPROXY_URL" \ + && echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c \ + && mkdir -p /usr/src/haproxy \ + && tar -xzf haproxy.tar.gz -C /usr/src/haproxy --strip-components=1 \ + && rm haproxy.tar.gz \ + \ + && makeOpts=' \ + TARGET=linux-glibc \ + USE_GETADDRINFO=1 \ + USE_OPENSSL=1 \ + USE_PCRE2=1 USE_PCRE2_JIT=1 \ + USE_ZLIB=1 \ + \ + EXTRA_OBJS=" \ +# see https://github.com/docker-library/haproxy/issues/94#issuecomment-505673353 for more details about prometheus support + contrib/prometheus-exporter/service-prometheus.o \ + " \ + ' \ + && nproc="$(nproc)" \ + && eval "make -C /usr/src/haproxy -j '$nproc' all $makeOpts" \ + && eval "make -C /usr/src/haproxy install-bin $makeOpts" \ + \ + && mkdir -p /usr/local/etc/haproxy \ + && cp -R /usr/src/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors \ + && rm -rf /usr/src/haproxy + +ENTRYPOINT ["/bin/bash"] + +# https://www.haproxy.org/download/1.8/doc/management.txt +# "4. Stopping and restarting HAProxy" +# "when the SIGTERM signal is sent to the haproxy process, it immediately quits and all established connections are closed" +# "graceful stop is triggered when the SIGUSR1 signal is sent to the haproxy process" +STOPSIGNAL SIGUSR1 diff --git a/roles/build/files/keycloak/keycloaksupervisord.conf b/roles/build/files/keycloak/keycloaksupervisord.conf deleted file mode 100644 index 63694dc..0000000 --- a/roles/build/files/keycloak/keycloaksupervisord.conf +++ /dev/null @@ -1,44 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:keycloak] -directory=/opt/jboss/keycloak -user=jboss -group=jboss -#command=/opt/jboss/keycloak/bin/standalone.sh -b 0.0.0.0 -command=/bin/bash -c '/docker-java-home/jre/bin/java -D[Standalone] -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true -Dorg.jboss.boot.log.file=/opt/jboss/keycloak/standalone/log/server.log -Dlogging.configuration=file:/opt/jboss/keycloak/standalone/configuration/logging.properties -jar /opt/jboss/keycloak/jboss-modules.jar -mp /opt/jboss/keycloak/modules org.jboss.as.standalone -Djboss.home.dir=/opt/jboss/keycloak -Djboss.server.base.dir=/opt/jboss/keycloak/standalone -b 0.0.0.0' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/keycloak_stderr.log -stdout_logfile = /var/log/supervisor/keycloak_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/keycloakDockerfile b/roles/build/files/keycloakDockerfile new file mode 100644 index 0000000..ba6e7c1 --- /dev/null +++ b/roles/build/files/keycloakDockerfile @@ -0,0 +1,41 @@ +FROM gn43-dsl/openjdk:7a20201004 + +ENV KEYCLOAK_VERSION 10.0.1 +ENV JDBC_POSTGRES_VERSION 42.2.5 +ENV JBOSS_HOME /opt/jboss/keycloak + +ARG KEYCLOAK_DIST=https://downloads.jboss.org/keycloak/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz + +USER root + +#ADD //root/ansible-soctools-scm-uninett-no/soctools-buildtest-20201022/roles/build/templates/keycloak/keycloak-tools /opt/jboss/tools +ADD keycloak-tools /opt/jboss/tools +#ADD ../templates/keycloak/keycloak-tools /opt/jboss/tools +RUN yum -y install openssl && yum -y clean all && \ + mkdir -p /opt/jboss/ && cd /opt/jboss/ && \ + curl -L $KEYCLOAK_DIST | tar zx && \ + mv /opt/jboss/keycloak-* /opt/jboss/keycloak && \ + mkdir -p /opt/jboss/keycloak/modules/system/layers/base/org/postgresql/jdbc/main && \ + cd /opt/jboss/keycloak/modules/system/layers/base/org/postgresql/jdbc/main && \ + curl -L https://repo1.maven.org/maven2/org/postgresql/postgresql/$JDBC_POSTGRES_VERSION/postgresql-$JDBC_POSTGRES_VERSION.jar > postgres-jdbc.jar && \ + cp /opt/jboss/tools/databases/postgres/module.xml . && \ + cd /opt/jboss/keycloak && \ + bin/jboss-cli.sh --file=/opt/jboss/tools/cli/standalone-configuration.cli && \ + rm -rf /opt/jboss/keycloak/standalone/configuration/standalone_xml_history && \ + rm -rf /opt/jboss/keycloak/standalone/tmp/auth && \ + rm -rf /opt/jboss/keycloak/domain/tmp/auth && \ + adduser -u 1000 -g 0 -d /opt/jboss jboss && \ + chown -R jboss:root /opt/jboss && \ + chmod -R g+rwX /opt/jboss && \ + mkdir -p /etc/x509/{https,ca} && chown -R jboss:root /etc/x509/{https,ca} + +ENV PATH="/opt/jboss/keycloak/bin:${PATH}" + +WORKDIR /opt/jboss/keycloak + +EXPOSE 8080 +EXPOSE 8443 + +USER jboss +ENTRYPOINT ["/bin/bash"] + diff --git a/roles/build/files/kibana/kibanasupervisord.conf b/roles/build/files/kibana/kibanasupervisord.conf deleted file mode 100644 index 2cceed0..0000000 --- a/roles/build/files/kibana/kibanasupervisord.conf +++ /dev/null @@ -1,43 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:kibana] -user=kibana -group=kibana -directory=/usr/share/kibana -command=sh -c "/usr/share/kibana/bin/kibana -c /usr/share/kibana/config/kibana.yml" -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/kibana_stderr.log -stdout_logfile = /var/log/supervisor/kibana_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/templates/kibana/Dockerfile.j2 b/roles/build/files/kibanaDockerfile similarity index 57% rename from roles/build/templates/kibana/Dockerfile.j2 rename to roles/build/files/kibanaDockerfile index ef2a476..0f137e0 100644 --- a/roles/build/templates/kibana/Dockerfile.j2 +++ b/roles/build/files/kibanaDockerfile @@ -1,7 +1,4 @@ -FROM {{repo}}/centos:{{version}}{{suffix}} - -RUN yum install -y supervisor -RUN yum clean all +FROM gn43-dsl/centos:7a20201004 ENV PATH="/usr/share/kibana/bin:${PATH}" @@ -11,13 +8,11 @@ RUN groupadd -g 1000 kibana && \ WORKDIR /usr/share/kibana RUN rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ - rpm -Uvh https://artifacts.elastic.co/downloads/kibana/kibana-{{elk_version}}-x86_64.rpm && \ + rpm -Uvh https://artifacts.elastic.co/downloads/kibana/kibana-oss-7.4.2-x86_64.rpm && \ cp -a /etc/kibana/ /usr/share/kibana/config/ && \ chown -R kibana /usr/share/kibana/config/ -RUN echo 'kibana ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - EXPOSE 5601 -COPY kibanasupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER kibana +ENTRYPOINT ["/bin/bash"] diff --git a/roles/build/files/misp/misp_rh-php72-php-fpm b/roles/build/files/misp/misp_rh-php72-php-fpm deleted file mode 100644 index 2d67a51..0000000 --- a/roles/build/files/misp/misp_rh-php72-php-fpm +++ /dev/null @@ -1,21 +0,0 @@ -/var/opt/rh/rh-php72/log/php-fpm/error.log { - missingok - notifempty - sharedscripts - delaycompress - postrotate - /bin/kill -SIGUSR1 `cat /var/opt/rh/rh-php72/run/php-fpm/php-fpm.pid 2>/dev/null` 2>/dev/null || true - endscript -} - -/var/opt/rh/rh-php72/log/php-fpm/www-*log { - su apache apache - create 600 apache apache - missingok - notifempty - sharedscripts - delaycompress - postrotate - /bin/kill -SIGUSR1 `cat /var/opt/rh/rh-php72/run/php-fpm/php-fpm.pid 2>/dev/null` 2>/dev/null || true - endscript -} diff --git a/roles/build/files/misp/mispsupervisord.conf b/roles/build/files/misp/mispsupervisord.conf deleted file mode 100644 index fce59b7..0000000 --- a/roles/build/files/misp/mispsupervisord.conf +++ /dev/null @@ -1,83 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ -user=root - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:cron] -autostart=true -autorestart=true -command=crond -n -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/cron_stderr.log -stdout_logfile = /var/log/supervisor/cron_stdout.log - -[program:php-fpm] -# EnvironmentFile=/etc/opt/rh/rh-php72/sysconfig/php-fpm -command=/opt/rh/rh-php72/root/usr/sbin/php-fpm --nodaemonize -autostart=false -autorestart=true - -[program:redis-server] -process_name = redis-server -directory = /var/opt/rh/rh-redis32/lib/redis/ -command=/opt/rh/rh-redis32/root/usr/bin/redis-server /etc/opt/rh/rh-redis32/redis.conf -user=redis -autostart=false -autorestart=true - -[program:apache2] -command=/usr/sbin/httpd -DFOREGROUND -autostart=false -autorestart=true - -[program:misp-modules] -command=/bin/bash -c "/usr/local/bin/misp-modules -l '0.0.0.0' -s && sleep infinity" -user = apache -autostart=false -autorestart=unexpected -startsecs = 0 -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/misp-modules_stderr.log -stdout_logfile = /var/log/supervisor/misp-modules_stdout.log - -[program:workers] -command=/bin/bash -c "cleanup() { /var/www/MISP/app/Console/worker/stop.sh; }; trap 'echo signal received!; kill ${child_pid}; wait ${child_pid}; cleanup' SIGINT SIGTERM; /var/www/MISP/app/Console/worker/start.sh; sleep infinity & child_pid=$!; wait ${child_pid};" -user=apache -autostart=false -autorestart=unexpected -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/workers_stderr.log -stdout_logfile = /var/log/supervisor/workers_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/mispDockerfile b/roles/build/files/mispDockerfile new file mode 100644 index 0000000..26f09fb --- /dev/null +++ b/roles/build/files/mispDockerfile @@ -0,0 +1,84 @@ +FROM gn43-dsl/centos:7a20201004 + +USER root +RUN yum install -y epel-release centos-release-scl scl-utils ; \ + yum install -y gcc git zip openssl supervisor rh-git218 httpd24 mod_ssl mod_auth_openidc rh-redis32 libxslt-devel zlib-devel libcaca-devel ssdeep-devel rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd mariadb devtoolset-7 make cmake3 cppcheck libcxx-devel gpgme-devel openjpeg-devel gcc gcc-c++ poppler-cpp-devel pkgconfig python-devel redhat-rpm-config rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel wget screen rh-python36-mod_wsgi postfix curl make cmake python3 python3-devel python3-pip python3-yara python3-wheel python3-redis python3-zmq python3-setuptools redis sudo vim zip sqlite moreutils rng-tools libxml2-devel libxslt-devel zlib-devel libpqxx openjpeg2-devel ssdeep-devel ruby asciidoctor tesseract ImageMagick poppler-cpp-devel python36-virtualenv opencv-devel zbar zbar-devel ; \ + yum -y clean all ; \ + sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/opt/rh/rh-php72/php.ini ; \ + sed -i "s/memory_limit = 128M/memory_limit = 2048M/" /etc/opt/rh/rh-php72/php.ini ; \ + sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 50M/" /etc/opt/rh/rh-php72/php.ini ; \ + sed -i "s/post_max_size = 8M/post_max_size = 50M/" /etc/opt/rh/rh-php72/php.ini ; \ + mkdir -p /var/www/MISP ; \ + chown -R apache:apache /var/www/MISP + +USER apache +WORKDIR /var/www/MISP +RUN git clone https://github.com/MISP/MISP.git /var/www/MISP ; \ + git submodule update --init --recursive ; \ + git submodule foreach --recursive git config core.filemode false ; \ + git config core.filemode false + +USER root +RUN pip3 install --upgrade pip ; \ + pip3 install git+https://github.com/CybOXProject/mixbox.git ; \ + pip3 install git+https://github.com/CybOXProject/python-cybox.git ; \ + pip3 install git+https://github.com/STIXProject/python-stix.git ; \ + pip3 install git+https://github.com/MAECProject/python-maec.git ; \ + pip3 install /var/www/MISP/cti-python-stix2 ; \ + pip3 install /var/www/MISP/PyMISP ; \ + pip3 install git+https://github.com/kbandla/pydeep.git ; \ + pip3 install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip ; \ + pip3 install jsonschema ; \ + pip3 install reportlab ; \ + pip3 install python-magic ; \ + pip3 install pyzmq ; \ + pip3 install redis + +USER apache +WORKDIR /var/www/MISP +RUN git submodule init ; \ + git submodule update + +USER root +WORKDIR /usr/local/src +RUN git clone https://github.com/MISP/misp-modules.git +WORKDIR /usr/local/src/misp-modules +RUN git checkout ; \ + # sudo pip3 install -I -r REQUIREMENTS ; \ + LANG=en_US.UTF-8 pip3 install -I -r REQUIREMENTS; \ + pip3 install -I . ; \ + mkdir /var/www/.composer && chown -R apache:apache /var/www/.composer ; \ + cd /tmp ; \ + wget https://github.com/ssdeep-project/ssdeep/releases/download/release-2.14.1/ssdeep-2.14.1.tar.gz ; \ + tar zxvf ssdeep-2.14.1.tar.gz && cd ssdeep-2.14.1 && ./configure && make && make install ; \ + /usr/bin/scl enable rh-php72 "pecl install ssdeep" ; \ + echo "extension=ssdeep.so" > /etc/opt/rh/rh-php72/php.d/88-ssdeep.ini ; \ + cd + +USER apache +WORKDIR /var/www/MISP/app +RUN wget https://getcomposer.org/download/1.2.1/composer.phar -O composer.phar ; \ + COMPOSER_CACHE_DIR=/var/www/.composer /usr/bin/scl enable rh-php72 "php composer.phar require kamisama/cake-resque:4.1.2" ; \ + COMPOSER_CACHE_DIR=/var/www/.composer /usr/bin/scl enable rh-php72 "php composer.phar config vendor-dir Vendor" ; \ + COMPOSER_CACHE_DIR=/var/www/.composer /usr/bin/scl enable rh-php72 "php composer.phar install" ; \ + sed -i -e "s/bind 127.0.0.1/bind 0.0.0.0/" /etc/redis.conf ; \ + cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php ; \ + cp -a /var/www/MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php ; \ + cp -a /var/www/MISP/app/Config/database.default.php /var/www/MISP/app/Config/database.php ; \ + cp -a /var/www/MISP/app/Config/core.default.php /var/www/MISP/app/Config/core.php ; \ + cp -a /var/www/MISP/app/Config/config.default.php /var/www/MISP/app/Config/config.php + +USER root +COPY mispstart.sh /var/www/MISP/app/Console/worker/start.sh +RUN chown -R apache:apache /var/www/MISP ; \ + chmod -R 750 /var/www/MISP ; \ + chmod -R g+ws /var/www/MISP/app/tmp ; \ + chmod -R g+ws /var/www/MISP/app/files ; \ + chmod -R g+ws /var/www/MISP/app/files/scripts/tmp + +# 80/443 - MISP web server, 3306 - mysql, 6379 - redis, 6666 - MISP modules, 50000 - MISP ZeroMQ +EXPOSE 80 443 6443 6379 6666 50000 + +COPY mispsupervisord.conf /etc/supervisord.conf +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] + diff --git a/roles/build/files/misp/mispstart.sh b/roles/build/files/mispstart.sh similarity index 100% rename from roles/build/files/misp/mispstart.sh rename to roles/build/files/mispstart.sh diff --git a/roles/build/files/mispsupervisord.conf b/roles/build/files/mispsupervisord.conf new file mode 100644 index 0000000..fbd4dea --- /dev/null +++ b/roles/build/files/mispsupervisord.conf @@ -0,0 +1,25 @@ +[supervisord] +nodaemon=false +user=root + +[program:php-fpm] +# EnvironmentFile=/etc/opt/rh/rh-php72/sysconfig/php-fpm +command=/opt/rh/rh-php72/root/usr/sbin/php-fpm --nodaemonize + +[program:redis-server] +process_name = redis-server +directory = /var/opt/rh/rh-redis32/lib/redis/ +command=/opt/rh/rh-redis32/root/usr/bin/redis-server /etc/opt/rh/rh-redis32/redis.conf +user=redis + +[program:apache2] +command=/usr/sbin/httpd -DFOREGROUND + +[program:misp-modules] +command=/bin/bash -c "/usr/local/bin/misp-modules -l '0.0.0.0' -s" +user = apache +startsecs = 0 + +[program:workers] +command=/bin/bash /var/www/MISP/app/Console/worker/start.sh +user=apache diff --git a/roles/build/files/mysql/mysqlsupervisord.conf b/roles/build/files/mysql/mysqlsupervisord.conf deleted file mode 100644 index 60d3109..0000000 --- a/roles/build/files/mysql/mysqlsupervisord.conf +++ /dev/null @@ -1,45 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:mysql] -user=mysql -directory=/var/lib/mysql -command=/opt/rh/rh-mariadb103/root/usr/libexec/mysqld-scl-helper enable rh-mariadb103 -- /opt/rh/rh-mariadb103/root/usr/libexec/mysqld --basedir=/opt/rh/rh-mariadb103/root/usr --log-error=/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log - -[program:cron] -autostart=true -autorestart=true -command=crond -n -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/cron_stderr.log -stdout_logfile = /var/log/supervisor/cron_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/mysqlDockerfile b/roles/build/files/mysqlDockerfile new file mode 100644 index 0000000..7c547b1 --- /dev/null +++ b/roles/build/files/mysqlDockerfile @@ -0,0 +1,13 @@ +FROM gn43-dsl/centos:7a20201004 + +USER root +RUN yum -y update && yum install -y epel-release centos-release-scl scl-utils && \ + yum install -y rh-mariadb103 python36-PyMySQL MySQL-python supervisor && \ + /usr/bin/scl enable rh-mariadb103 -- /opt/rh/rh-mariadb103/root/usr/libexec/mysql-prepare-db-dir /var/opt/rh/rh-mariadb103/lib/mysql +RUN yum clean all + +EXPOSE 3306 +COPY mysqlsupervisord.conf /etc/supervisord.conf + +ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] + diff --git a/roles/build/files/mysqlsupervisord.conf b/roles/build/files/mysqlsupervisord.conf new file mode 100644 index 0000000..e44e9fe --- /dev/null +++ b/roles/build/files/mysqlsupervisord.conf @@ -0,0 +1,7 @@ +[supervisord] +loglevel=debug +nodaemon=true +[program:mysql] +user=mysql +directory=/var/lib/mysql +command=/opt/rh/rh-mariadb103/root/usr/libexec/mysqld-scl-helper enable rh-mariadb103 -- /opt/rh/rh-mariadb103/root/usr/libexec/mysqld --basedir=/opt/rh/rh-mariadb103/root/usr diff --git a/roles/build/files/nifi/nifisupervisord.conf b/roles/build/files/nifi/nifisupervisord.conf deleted file mode 100644 index dcfa15c..0000000 --- a/roles/build/files/nifi/nifisupervisord.conf +++ /dev/null @@ -1,44 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:nifi] -directory=/opt/nifi/nifi-current -user=nifi -group=nifi -command=/bin/bash -c '/opt/nifi/nifi-current/bin/nifi.sh run' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/nifi_stderr.log -stdout_logfile = /var/log/supervisor/nifi_stdout.log - - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/nifiDockerfile b/roles/build/files/nifiDockerfile new file mode 100644 index 0000000..c3ef342 --- /dev/null +++ b/roles/build/files/nifiDockerfile @@ -0,0 +1,97 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +FROM gn43-dsl/openjdk:7a20201004 +#LABEL maintainer="Apache NiFi <dev@nifi.apache.org>" +#LABEL site="https://nifi.apache.org" + +ARG UID=1000 +ARG GID=1000 +ARG NIFI_VERSION=1.11.4 +ARG BASE_URL=https://archive.apache.org/dist +ARG MIRROR_BASE_URL=${MIRROR_BASE_URL:-${BASE_URL}} +ARG NIFI_BINARY_PATH=${NIFI_BINARY_PATH:-/nifi/${NIFI_VERSION}/nifi-${NIFI_VERSION}-bin.zip} +ARG NIFI_TOOLKIT_BINARY_PATH=${NIFI_TOOLKIT_BINARY_PATH:-/nifi/${NIFI_VERSION}/nifi-toolkit-${NIFI_VERSION}-bin.zip} + +ENV NIFI_BASE_DIR=/opt/nifi +ENV NIFI_HOME ${NIFI_BASE_DIR}/nifi-current +ENV NIFI_TOOLKIT_HOME ${NIFI_BASE_DIR}/nifi-toolkit-current + +ENV NIFI_PID_DIR=${NIFI_HOME}/run +ENV NIFI_LOG_DIR=${NIFI_HOME}/logs + +# ADD sh/ ${NIFI_BASE_DIR}/scripts/ + +# Setup NiFi user and create necessary directories +RUN groupadd -g ${GID} nifi || groupmod -n nifi `getent group ${GID} | cut -d: -f1` \ + && useradd --shell /bin/bash -u ${UID} -g ${GID} -m nifi \ + && mkdir -p ${NIFI_BASE_DIR} \ + && chown -R nifi:nifi ${NIFI_BASE_DIR} \ + && yum -y install jq xmlstarlet procps-ng + +USER nifi + +# Download, validate, and expand Apache NiFi Toolkit binary. +RUN curl -fSL ${MIRROR_BASE_URL}/${NIFI_TOOLKIT_BINARY_PATH} -o ${NIFI_BASE_DIR}/nifi-toolkit-${NIFI_VERSION}-bin.zip \ + && echo "$(curl ${BASE_URL}/${NIFI_TOOLKIT_BINARY_PATH}.sha256) *${NIFI_BASE_DIR}/nifi-toolkit-${NIFI_VERSION}-bin.zip" | sha256sum -c - \ + && unzip ${NIFI_BASE_DIR}/nifi-toolkit-${NIFI_VERSION}-bin.zip -d ${NIFI_BASE_DIR} \ + && rm ${NIFI_BASE_DIR}/nifi-toolkit-${NIFI_VERSION}-bin.zip \ + && mv ${NIFI_BASE_DIR}/nifi-toolkit-${NIFI_VERSION} ${NIFI_TOOLKIT_HOME} \ + && ln -s ${NIFI_TOOLKIT_HOME} ${NIFI_BASE_DIR}/nifi-toolkit-${NIFI_VERSION} + +# Download, validate, and expand Apache NiFi binary. +RUN curl -fSL ${MIRROR_BASE_URL}/${NIFI_BINARY_PATH} -o ${NIFI_BASE_DIR}/nifi-${NIFI_VERSION}-bin.zip \ + && echo "$(curl ${BASE_URL}/${NIFI_BINARY_PATH}.sha256) *${NIFI_BASE_DIR}/nifi-${NIFI_VERSION}-bin.zip" | sha256sum -c - \ + && unzip ${NIFI_BASE_DIR}/nifi-${NIFI_VERSION}-bin.zip -d ${NIFI_BASE_DIR} \ + && rm ${NIFI_BASE_DIR}/nifi-${NIFI_VERSION}-bin.zip \ + && mv ${NIFI_BASE_DIR}/nifi-${NIFI_VERSION} ${NIFI_HOME} \ + && mkdir -p ${NIFI_HOME}/conf \ + && mkdir -p ${NIFI_HOME}/database_repository \ + && mkdir -p ${NIFI_HOME}/flowfile_repository \ + && mkdir -p ${NIFI_HOME}/content_repository \ + && mkdir -p ${NIFI_HOME}/provenance_repository \ + && mkdir -p ${NIFI_HOME}/state \ + && mkdir -p ${NIFI_LOG_DIR} \ + && ln -s ${NIFI_HOME} ${NIFI_BASE_DIR}/nifi-${NIFI_VERSION} + +#VOLUME ${NIFI_LOG_DIR} \ +# ${NIFI_HOME}/conf \ +# ${NIFI_HOME}/database_repository \ +# ${NIFI_HOME}/flowfile_repository \ +# ${NIFI_HOME}/content_repository \ +# ${NIFI_HOME}/provenance_repository \ +# ${NIFI_HOME}/state + +# Clear nifi-env.sh in favour of configuring all environment variables in the Dockerfile +RUN echo "#!/bin/sh\n" > $NIFI_HOME/bin/nifi-env.sh + +# Web HTTP(s) & Socket Site-to-Site Ports +EXPOSE 8080 8443 10000 8000 + +WORKDIR ${NIFI_HOME} + +# Apply configuration and start NiFi +# +# We need to use the exec form to avoid running our command in a subshell and omitting signals, +# thus being unable to shut down gracefully: +# https://docs.docker.com/engine/reference/builder/#entrypoint +# +# Also we need to use relative path, because the exec form does not invoke a command shell, +# thus normal shell processing does not happen: +# https://docs.docker.com/engine/reference/builder/#exec-form-entrypoint-example +ENTRYPOINT ["/bin/bash"] diff --git a/roles/build/files/odfees/odfesupervisord.conf b/roles/build/files/odfees/odfesupervisord.conf deleted file mode 100644 index 975b7cd..0000000 --- a/roles/build/files/odfees/odfesupervisord.conf +++ /dev/null @@ -1,43 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:odfe] -user=elasticsearch -group=elasticsearch -directory=/usr/share/elasticsearch -command=sh -c "/usr/share/elasticsearch/bin/elasticsearch" -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/elasticsearch_stderr.log -stdout_logfile = /var/log/supervisor/elasticsearch_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/odfeesDockerfile b/roles/build/files/odfeesDockerfile new file mode 100644 index 0000000..fedbee1 --- /dev/null +++ b/roles/build/files/odfeesDockerfile @@ -0,0 +1,16 @@ +FROM gn43-dsl/elasticsearch:7a20201004 + +ENV PATH="/usr/share/elasticsearch/bin:${PATH}" + +USER root +WORKDIR /usr/share/elasticsearch + +RUN for PLUGIN in \ + https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opendistro-security/opendistro_security-1.4.0.0.zip \ + https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opendistro-alerting/opendistro_alerting-1.4.0.0.zip \ + https://d3g5vo6xdbdb9a.cloudfront.net/downloads/elasticsearch-plugins/opendistro-sql/opendistro_sql-1.4.0.0.zip; \ + do bin/elasticsearch-plugin install -b ${PLUGIN}; done && \ + chown -R elasticsearch plugins/opendistro_security + +USER elasticsearch + diff --git a/roles/build/files/odfekibanaDockerfile b/roles/build/files/odfekibanaDockerfile new file mode 100644 index 0000000..1945e27 --- /dev/null +++ b/roles/build/files/odfekibanaDockerfile @@ -0,0 +1,18 @@ +FROM gn43-dsl/kibana:7a20201004 + +ENV PATH="/usr/share/kibana/bin:${PATH}" + +USER root +WORKDIR /usr/share/kibana + +RUN for PLUGIN in \ + https://d3g5vo6xdbdb9a.cloudfront.net/downloads/kibana-plugins/opendistro-security/opendistro_security_kibana_plugin-1.4.0.0.zip \ + https://d3g5vo6xdbdb9a.cloudfront.net/downloads/kibana-plugins/opendistro-alerting/opendistro-alerting-1.4.0.0.zip \ + https://d3g5vo6xdbdb9a.cloudfront.net/downloads/kibana-plugins/opendistro-index-management/opendistro_index_management_kibana-1.4.0.0.zip; \ + do bin/kibana-plugin install --allow-root ${PLUGIN}; done + +ADD thehive_button /usr/share/kibana/plugins/thehive_button +RUN chown -R kibana:kibana /usr/share/kibana/plugins/thehive_button + +USER kibana + diff --git a/roles/build/files/openjdkDockerfile b/roles/build/files/openjdkDockerfile new file mode 100644 index 0000000..2d83f47 --- /dev/null +++ b/roles/build/files/openjdkDockerfile @@ -0,0 +1,11 @@ +FROM gn43-dsl/centos:7a20201004 + +RUN yum update -y; \ + yum install -y wget unzip curl java-1.8.0-openjdk-headless.x86_64 + +RUN ln -svT "/usr/lib/jvm/java-1.8.0-openjdk-$(rpm -q --queryformat "%{VERSION}-%{RELEASE}.%{ARCH}\n" java-1.8.0-openjdk-headless)" /docker-java-home +ENV JAVA_HOME /docker-java-home/jre + +RUN yum clean all + +CMD ["/bin/bash"] diff --git a/roles/build/files/thehive/thehivesupervisord.conf b/roles/build/files/thehive/thehivesupervisord.conf deleted file mode 100644 index 8fa1d93..0000000 --- a/roles/build/files/thehive/thehivesupervisord.conf +++ /dev/null @@ -1,43 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:thehive] -directory=/opt/thehive -user=thehive -group=thehive -command=/bin/bash -c '/opt/thehive/bin/thehive -Dconfig.file=/etc/thehive/application.conf -Dlogger.file=/etc/thehive/logback.xml -J-Xms1g -J-Xmx1g -Dpidfile.path=/dev/null' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/thehive_stderr.log -stdout_logfile = /var/log/supervisor/thehive_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/thehiveDockerfile b/roles/build/files/thehiveDockerfile new file mode 100644 index 0000000..ce8ddb8 --- /dev/null +++ b/roles/build/files/thehiveDockerfile @@ -0,0 +1,24 @@ +FROM gn43-dsl/openjdk:7a20201004 + +USER root +#COPY thehive.repo /etc/yum.repos.d/thehive.repo +#COPY supervisord.conf /etc/supervisord.conf +#COPY start.sh /start.sh +RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ + echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \ + echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \ + echo "name=TheHive-Project RPM repository" >> /etc/yum.repos.d/thehive.repo && \ + echo "baseurl=http://rpm.thehive-project.org/stable/noarch" >> /etc/yum.repos.d/thehive.repo && \ + echo "gpgcheck=1" >> /etc/yum.repos.d/thehive.repo && \ + yum install -y epel-release && \ + rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \ + yum install -y thehive4 supervisor daemonize vim net-tools telnet htop && \ + mkdir -p /opt/thp_data/files/thehive && \ + chown -R thehive:thehive /opt/thp_data/files/thehive && \ + mkdir -p /home/thehive && \ + chown -R thehive:thehive /home/thehive /etc/thehive && \ + yum -y clean all +EXPOSE 9000 +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER thehive +# ENTRYPOINT ["/start.sh"] diff --git a/roles/build/files/thehive_button/.eslintrc b/roles/build/files/thehive_button/.eslintrc new file mode 100644 index 0000000..64eba86 --- /dev/null +++ b/roles/build/files/thehive_button/.eslintrc @@ -0,0 +1,7 @@ +--- +extends: "@elastic/kibana" + +settings: + import/resolver: + '@elastic/eslint-import-resolver-kibana': + rootPackageName: 'thehive_button' diff --git a/roles/build/files/thehive_button/.kibana-plugin-helpers.json b/roles/build/files/thehive_button/.kibana-plugin-helpers.json new file mode 100644 index 0000000..2c63c08 --- /dev/null +++ b/roles/build/files/thehive_button/.kibana-plugin-helpers.json @@ -0,0 +1,2 @@ +{ +} diff --git a/roles/build/files/thehive_button/index.js b/roles/build/files/thehive_button/index.js new file mode 100644 index 0000000..fa69c75 --- /dev/null +++ b/roles/build/files/thehive_button/index.js @@ -0,0 +1,19 @@ +import newCaseRoute from './server/routes/newcase'; + +export default function (kibana) { + return new kibana.Plugin({ + require: [], //['elasticsearch'], + name: 'thehive_button', + uiExports: { + visTypes: [ + 'plugins/thehive_button/main', + ], + }, + + init(server, options) { // eslint-disable-line no-unused-vars + // Add server routes and initialize the plugin here + newCaseRoute(server); + } + }); +} + diff --git a/roles/build/files/thehive_button/package.json b/roles/build/files/thehive_button/package.json new file mode 100644 index 0000000..e1c070d --- /dev/null +++ b/roles/build/files/thehive_button/package.json @@ -0,0 +1,35 @@ +{ + "name": "thehive_button", + "version": "1.0.0", + "description": "Visualisation plugin which creates a simple button to create a new case in The Hive.", + "main": "index.js", + "kibana": { + "version": "7.4.2" + }, + "scripts": { + "lint": "eslint .", + "start": "plugin-helpers start", + "build": "plugin-helpers build" + }, + "dependencies": { + "request": "^2.88.0", + "@elastic/eui": "10.4.2", + "react": "^16.8.0" + }, + "devDependencies": { + "@elastic/eslint-config-kibana": "link:../../packages/eslint-config-kibana", + "@elastic/eslint-import-resolver-kibana": "link:../../packages/kbn-eslint-import-resolver-kibana", + "@kbn/plugin-helpers": "link:../../packages/kbn-plugin-helpers", + "babel-eslint": "^9.0.0", + "eslint": "^5.6.0", + "eslint-plugin-babel": "^5.2.0", + "eslint-plugin-import": "^2.14.0", + "eslint-plugin-jest": "^21.26.2", + "eslint-plugin-jsx-a11y": "^6.1.2", + "eslint-plugin-mocha": "^5.2.0", + "eslint-plugin-no-unsanitized": "^3.0.2", + "eslint-plugin-prefer-object-spread": "^1.2.1", + "eslint-plugin-react": "^7.11.1", + "expect.js": "^0.3.1" + } +} diff --git a/roles/build/files/thehive_button/public/create_case.js b/roles/build/files/thehive_button/public/create_case.js new file mode 100644 index 0000000..fc8edd6 --- /dev/null +++ b/roles/build/files/thehive_button/public/create_case.js @@ -0,0 +1,101 @@ +// Functions to send data to Kibana endpoints + +import chrome from 'ui/chrome'; + +// Create a new Case in The Hive via its API +// Return a Promise which resolves to object with ID of the new case ('id' attr) or error message ('error' attr) +export function createTheHiveCase(base_url, api_key, title, descr, severity, startDate, owner, flag, tlp, tags) { + // Prepare data + var data = JSON.stringify({ + "base_url": base_url, + "api_key": api_key, + "body": { + "title": title, + "description": descr, + "severity": severity, // number: 1=low, 2=medium, 3=high + "startDate": startDate, + "owner": owner, // user name the case will be assigned to + "flag": flag, // bool + "tlp": tlp, // number: 0=white, 1=green, 2=amber, 3=red + "tags": tags, // array of strings + } + }); + console.log("TheHiveButton: Sending request to API endpoint 'new_case':", data); + var kibana_endpoint_url = chrome.addBasePath('/api/thehive_button/new_case'); + + return new Promise(function (resolve, reject) { + // Create AJAX request + var xhr = new XMLHttpRequest(); + + // Listener to process reply + xhr.onreadystatechange = function () { + if (this.readyState != 4) { + return; // response not ready yet + } + if (this.status == 200) { + const resp = JSON.parse(this.responseText); + console.log("TheHiveButton: Response from backend:", resp); + if ("error" in resp) { + resolve({"error": resp.error}); + } + else if (resp.status_code != 201) { + resolve({"error": "Unexpected reply received from The Hive: [" + resp.status_code + "] " + resp.status_msg}); + } + else { + resolve({"id": resp.body.id}); // return ID of the new case + } + } + else { + console.log("TheHiveButton: Error " + this.status + ": " + this.statusText); + resolve({"error": "Error " + this.status + ": " + this.statusText}); + } + } + + // Send the AJAX request + xhr.open("POST", kibana_endpoint_url); + xhr.setRequestHeader("Content-Type", "application/json"); + xhr.setRequestHeader("kbn-xsrf", "thehive_plugin"); // this header must be set, although its content is probably irrelevant + xhr.send(data); + }); +} + +// Add observables to an existing Case in The Hive +// (send the list of observables to our backend endpoint, it pushes them to The Hive) +export function addCaseObservables(base_url, api_key, caseid, observables) { + const kibana_endpoint_url = chrome.addBasePath('/api/thehive_button/add_observables'); + const data = JSON.stringify({ + "base_url": base_url, + "api_key": api_key, + "caseid": caseid, + "observables": observables, + }); + console.log("TheHiveButton: Sending request to API endpoint 'add_observables':", data); + + return new Promise(function (resolve, reject) { + // Create AJAX request + var xhr = new XMLHttpRequest(); + + // Listener to process reply + xhr.onreadystatechange = function () { + if (this.readyState != 4) { + return; // response not ready yet + } + if (this.status == 200) { + const resp = JSON.parse(this.responseText); + console.log("TheHiveButton: Response from backend:", resp); + resolve(resp); + } + else { + console.log("TheHiveButton: Error " + this.status + ": " + this.statusText); + resolve({"error": "Error " + this.status + ": " + this.statusText}); + } + } + + // Send the AJAX request + xhr.open("POST", kibana_endpoint_url); + xhr.setRequestHeader("Content-Type", "application/json"); + xhr.setRequestHeader("kbn-xsrf", "thehive_plugin"); // this header must be set, although its content is probably irrelevant + xhr.send(data); + }); +} + diff --git a/roles/build/files/thehive_button/public/env.js b/roles/build/files/thehive_button/public/env.js new file mode 100644 index 0000000..4321b85 --- /dev/null +++ b/roles/build/files/thehive_button/public/env.js @@ -0,0 +1,4 @@ +// Default plugin configuration +export const THEHIVE_URL = 'https://hive.gn4-3-wp8-soc.sunet.se/'; +export const THEHIVE_API_KEY = '5LymseWiurZBrQN8Kqp8O+9KniTL5cE0'; +export const THEHIVE_OWNER = 'admin'; // default owner account of the created cases diff --git a/roles/build/files/thehive_button/public/main.js b/roles/build/files/thehive_button/public/main.js new file mode 100644 index 0000000..ee46d73 --- /dev/null +++ b/roles/build/files/thehive_button/public/main.js @@ -0,0 +1,54 @@ +import { THEHIVE_API_KEY, THEHIVE_URL, THEHIVE_OWNER } from './env'; +import { TheHiveButtonVisComponent } from './vis_controller'; +import { theHiveButtonRequestHandlerProvider } from './request_handler'; +import { optionsEditor } from './options_editor'; + +import { VisFactoryProvider } from 'ui/vis/vis_factory'; +import { VisTypesRegistryProvider } from 'ui/registry/vis_types'; +import { DefaultEditorSize } from 'ui/vis/editor_size'; + + +function TheHiveButtonVisProvider(Private) { + const VisFactory = Private(VisFactoryProvider); + + //console.log("default URL:", THEHIVE_URL); + //console.log("default API key:", THEHIVE_API_KEY); + + return VisFactory.createReactVisualization({ + name: 'thehive_button', + title: 'The Hive Case', + icon: 'alert', + description: 'A button to create a new Case in The Hive.', + //requiresUpdateStatus: [Status.PARAMS, Status.RESIZE, Status.UI_STATE], + visConfig: { + component: TheHiveButtonVisComponent, + defaults: { + // add default parameters + url: THEHIVE_URL, + apikey: THEHIVE_API_KEY, + owner: THEHIVE_OWNER, + obsFields: [], // list of objects, e.g. {name: "clientip", type: "ip", cnt: 100} + } + }, + //editor: 'default', + editorConfig: { + optionTabs: [ + { + name: "options", + title: "Options", + editor: optionsEditor, + } + ], + defaultSize: DefaultEditorSize.LARGE, + }, +// optionsTemplate: optionsEditor, //optionsTemplate, +// //enableAutoApply: true, +// }, + requestHandler: 'theHiveButtonRequestHandler', // own request handler + responseHandler: 'none', // pass data as returned by requestHandler + }); +} + +// register the provider with the visTypes registry +VisTypesRegistryProvider.register(TheHiveButtonVisProvider); + diff --git a/roles/build/files/thehive_button/public/options_editor.js b/roles/build/files/thehive_button/public/options_editor.js new file mode 100644 index 0000000..38762bd --- /dev/null +++ b/roles/build/files/thehive_button/public/options_editor.js @@ -0,0 +1,176 @@ +import React from 'react'; +import { + EuiForm, + EuiFormRow, + EuiTitle, + EuiSpacer, + EuiFieldText, + EuiFieldNumber, + EuiSelect, + EuiFlexGroup, + EuiFlexItem, + EuiButton, + EuiButtonIcon, +} from '@elastic/eui'; + +// Default data types in The Hive +const DEFAULT_THE_HIVE_TYPES = [ + '', + 'autonomous-system', + 'domain', + 'file', + 'filename', + 'fqdn', + 'hash', + 'ip', + 'mail', + 'mail_subject', + 'regexp', + 'registry', + 'uri_path', + 'url', + 'user-agent', + 'other', +]; + +// Options for EuiSelect for selection of field's data type in TheHive +const typesOptions = DEFAULT_THE_HIVE_TYPES.map( dt => ({value: dt, text: dt}) ); + +export function optionsEditor(props) { + //console.log("editor render(), props:", props); + const { stateParams, setValue, setValidity, vis } = props; + + // onClick/onChange handlers + const obsAddNew = () => { + const newObsFields = [...stateParams.obsFields, {name: "", type: "", cnt: 100}]; + // For some reason, first click on the button after editor is loaded does + // nothing. Calling setValue twice here fixes it. + setValue("obsFields", newObsFields); + setValue("obsFields", newObsFields); +// setValidity(false); // since new row is empty, form is always invalid + }; + const obsRemove = (ix) => { + let newArray = [...stateParams.obsFields]; + newArray.splice(ix, 1); + setValue("obsFields", newArray); +// validate(); + } + const obsSetName = (ix, name) => { + let newArray = [...stateParams.obsFields]; + newArray[ix].name = name; + setValue("obsFields", newArray); +// validate(); + } + const obsSetType = (ix, type) => { + let newArray = [...stateParams.obsFields]; + newArray[ix].type = type; + setValue("obsFields", newArray); +// validate(); + } + const obsSetCnt = (ix, cnt) => { + let newArray = [...stateParams.obsFields]; + newArray[ix].cnt = parseInt(cnt); + setValue("obsFields", newArray); +// validate(); + } +// const validate = () => { +// let valid = true; +// for (let field of stateParams.obsFields) { +// if (field.name == "" || field.type == "" || field.cnt == "") { +// valid = false; +// break; +// } +// } +// // TODO check for duplicate fields +// setValidity(valid); +// } + + // Get list of all fields in index (except those beginning with "_" or "@") + // and create "options" parameter for EuiSelect. + // Also, fields with "aggregatable=false" are removed, as they can't be used + // with "terms" aggregation we need. + // See this for details: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/fielddata.html + // Empty field is added at the beginning, meaning "no selection yet". + const fieldOptions = [{value: "", text: ""}].concat( + vis.indexPattern.fields.raw.filter( f => (f.name[0] != "_" && f.name[0] != "@" && f.aggregatable) ).map( f => ({value: f.name, text: `${f.name} (${f.type})`}) ) + ); + + return <EuiForm> + <EuiFormRow fullWidth={true} label="Base URL of The Hive"> + <EuiFieldText + fullWidth={true} + value={stateParams.url} + onChange={e => setValue('url', e.target.value)} + isInvalid={stateParams.url == ""} + /> + </EuiFormRow> + <EuiFlexGroup> + <EuiFlexItem grow={1}> + <EuiFormRow label="API key to access The Hive" helpText="API key of a user with write permission."> + <EuiFieldText + fullWidth={true} + value={stateParams.apikey} + onChange={e => setValue('apikey', e.target.value)} + isInvalid={stateParams.apikey == ""} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={1}> + <EuiFormRow label="Assignee" helpText="User to assign created cases to. Must be a valid username from The Hive instance."> + <EuiFieldText + value={stateParams.owner} + onChange={e => setValue('owner', e.target.value)} + isInvalid={stateParams.owner == ""} + /> + </EuiFormRow> + </EuiFlexItem> + </EuiFlexGroup> + <EuiTitle size="s"><h3>Fields to get potential observables from ...</h3></EuiTitle> + <EuiSpacer size="s" /> + {stateParams.obsFields.map( (field, ix) => ( + <EuiFlexGroup key={ix} gutterSize="s"> + <EuiFlexItem grow={3}> + <EuiFormRow label="Field name"> + <EuiSelect + options={fieldOptions} + value={field.name} + onChange={ e => obsSetName(ix, e.target.value) } + isInvalid={field.name == ""} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={2}> + <EuiFormRow label="Data type in The Hive"> + <EuiSelect + options={typesOptions} + value={field.type} + onChange={ e => obsSetType(ix, e.target.value) } + isInvalid={field.type == ""} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={1}> + <EuiFormRow label="Max items shown"> + <EuiFieldNumber + min={1} + max={1000} + value={parseInt(field.cnt)} + onChange={ e => obsSetCnt(ix, e.target.value) } + isInvalid={!(field.cnt > 0)} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={false}> + <EuiFormRow hasEmptyLabelSpace> + <EuiButtonIcon iconType="trash" iconSize="m" color="danger" aria-label="Remove field" onClick={ e => obsRemove(ix) } /> + </EuiFormRow> + </EuiFlexItem> + </EuiFlexGroup> + ))} + <EuiFlexGroup> + <EuiFlexItem grow={false}> + <EuiButton iconType="plusInCircleFilled" color="primary" onClick={obsAddNew}>Add new field ...</EuiButton> + </EuiFlexItem> + </EuiFlexGroup> + </EuiForm> +} diff --git a/roles/build/files/thehive_button/public/options_template.html b/roles/build/files/thehive_button/public/options_template.html new file mode 100644 index 0000000..ef99657 --- /dev/null +++ b/roles/build/files/thehive_button/public/options_template.html @@ -0,0 +1,8 @@ +<div class="form-group"> + <p><label>Base URL of The Hive</label> + <input ng-model="editorState.params.url" class=form-control /></p> + <p><label>API key</label> + <input ng-model="editorState.params.apikey" class=form-control /></p> + <p><label>User name to use as the owner of cases created from here</label> + <input ng-model="editorState.params.owner" class=form-control /></p> +</div> diff --git a/roles/build/files/thehive_button/public/request_handler.js b/roles/build/files/thehive_button/public/request_handler.js new file mode 100644 index 0000000..bdbb0f4 --- /dev/null +++ b/roles/build/files/thehive_button/public/request_handler.js @@ -0,0 +1,195 @@ +import { CourierRequestHandlerProvider as courierRequestHandlerProvider } from 'ui/vis/request_handlers/courier'; +import { SearchSourceProvider } from 'ui/courier/search_source'; +import { RequestAdapter, DataAdapter } from 'ui/inspector/adapters'; +import { VisRequestHandlersRegistryProvider } from 'ui/registry/vis_request_handlers'; +import { AggConfig } from 'ui/vis/agg_config'; +import { AggConfigs } from 'ui/vis/agg_configs'; +import { getTime } from 'ui/timefilter/get_time'; +import { i18n } from '@kbn/i18n'; +import { has } from 'lodash'; +import { calculateObjectHash } from 'ui/vis/lib/calculate_object_hash'; +import { getRequestInspectorStats, getResponseInspectorStats } from 'ui/courier/utils/courier_inspector_utils'; +import chrome from 'ui/chrome'; + +// Maximum number of unique values of each field (observables) to fetch +const MAX_NUMBER_OF_TERMS = 5; + +const handleCourierRequest = courierRequestHandlerProvider().handler; + +// Register new RaquestHandlerProvider +const theHiveButtonRequestHandlerProvider = function () { + return { + name: 'theHiveButtonRequestHandler', + handler: theHiveButtonRequestHandler, + } +} +VisRequestHandlersRegistryProvider.register(theHiveButtonRequestHandlerProvider); + +export {theHiveButtonRequestHandlerProvider, theHiveButtonRequestHandler}; + + +// The request handler function itself +async function theHiveButtonRequestHandler(params) { + //console.log("theHiveButtonRequestHandler params:", params); + + let index = params.index; + let partialRows = params.partialRows; + let metricsAtAllLevels = params.metricsAtAllLevels; + let timeRange = params.timeRange; + let query = params.query; + let filters = params.filters; + let inspectorAdapters = params.inspectorAdapters; + let queryFilter = params.queryFilter; + let forceFetch = params.forceFetch; + // our own confiuration: + // list of fields to get potential observables from + // (each "field" is object {name: str, type: str, cnt: int}) + let obsFields = params.visParams.obsFields; + + // filter out invalid field specifications + obsFields = obsFields.filter( f => (f.name != "" && f.type != "" && f.cnt > 0) ); + + if (obsFields.length == 0) { + //console.log("theHiveButtonRequestHandler: Empty obsFields, nothing to do") + return {} // no fields specified, nothing to do + } + + // === Prepare request to ask for unique values of all selected fields === + + // Construct a query for ElasticSearch + // Get "terms" (most common unique values) for each field of obsFields + const aggs_dsl = {} + for (let field of obsFields) { + aggs_dsl[field.name] = { + terms: { + field: field.name, + size: field.cnt, + order: {_count: "desc"} + } + }; + } + //console.log("aggs_dsl:", aggs_dsl); + + // Create empty AggConfigs + // (We could pass specifications of a metric and the buckets here, + // but default processing functions assume multiple buckets are sub-buckets, + // which is not what we want. So we must do a "hack" and manually create + // query directly in format for ElasticSearch) + const aggs = new AggConfigs(params.index, []); + + // === Some magic to get searchSource object === + // (inspired by https://github.com/fbaligand/kibana-enhanced-table/blob/7.4/public/data_load/enhanced-table-request-handler.js) + // (I don't understand it, but it works) + + let $injector = await chrome.dangerouslyGetActiveInjector(); + let Private = $injector.get('Private'); + let SearchSource = Private(SearchSourceProvider); + let searchSource = new SearchSource(); + searchSource.setField('index', index); + searchSource.setField('size', 0); + + inspectorAdapters.requests = new RequestAdapter(); + inspectorAdapters.data = new DataAdapter(); + + + // === Execute query === + // We could call standard "courier" here, but it tries to convert the response + // to a table, which fails in our case, so we copied the main code of courier + // and modified it here. + + const abortSignal = false; + + const timeFilterSearchSource = searchSource.createChild({ callParentStartHandlers: true }); + const requestSearchSource = timeFilterSearchSource.createChild({ callParentStartHandlers: true }); + + aggs.setTimeRange(timeRange); + + // For now we need to mirror the history of the passed search source, since + // the request inspector wouldn't work otherwise. + Object.defineProperty(requestSearchSource, 'history', { + get() { + return searchSource.history; + }, + set(history) { + return searchSource.history = history; + } + }); + + // This has been modified to override DSL format by ours +// requestSearchSource.setField('aggs', function () { +// return aggs.toDsl(metricsAtAllLevels); +// }); + requestSearchSource.setField('aggs', aggs_dsl); + + requestSearchSource.onRequestStart((searchSource, searchRequest) => { + return aggs.onSearchRequestStart(searchSource, searchRequest); + }); + + if (timeRange) { + timeFilterSearchSource.setField('filter', () => { + return getTime(searchSource.getField('index'), timeRange); + }); + } + + requestSearchSource.setField('filter', filters); + requestSearchSource.setField('query', query); + + const reqBody = await requestSearchSource.getSearchRequestBody(); + + const queryHash = calculateObjectHash(reqBody); + // We only need to reexecute the query, if forceFetch was true or the hash of the request body has changed + // since the last request + const shouldQuery = forceFetch || (searchSource.lastQuery !== queryHash); + + if (shouldQuery) { + inspectorAdapters.requests.reset(); + const request = inspectorAdapters.requests.start( + i18n.translate('common.ui.vis.courier.inspector.dataRequest.title', { defaultMessage: 'Data' }), + { + description: i18n.translate('common.ui.vis.courier.inspector.dataRequest.description', + { defaultMessage: 'This request queries Elasticsearch to fetch the data for the visualization.' }), + } + ); + request.stats(getRequestInspectorStats(requestSearchSource)); + + try { + // Abort any in-progress requests before fetching again + if (abortSignal) { + abortSignal.addEventListener('abort', () => requestSearchSource.cancelQueued()); + } + + const response = await requestSearchSource.fetch(); + //console.log("raw response:", response); + + searchSource.lastQuery = queryHash; + + request + .stats(getResponseInspectorStats(searchSource, response)) + .ok({ json: response }); + + searchSource.rawResponse = response; + } catch(e) { + // Log any error during request to the inspector + request.error({ json: e }); + throw e; + } finally { + // Add the request body no matter if things went fine or not + requestSearchSource.getSearchRequestBody().then(req => { + request.json(req); + }); + } + } + + // === Copy of courier code ends here, now we parse the response === + + const resp = searchSource.rawResponse; + // Return as object containing a list of unique values (terms) for each + // requested field + let unique_values_lists = {} + for (let field of obsFields) { + unique_values_lists[field.name] = resp.aggregations[field.name].buckets.map( (x) => x.key ); + } + + //console.log("Final lists:", unique_values_lists); + return unique_values_lists; +} diff --git a/roles/build/files/thehive_button/public/vis.less b/roles/build/files/thehive_button/public/vis.less new file mode 100644 index 0000000..b6f887a --- /dev/null +++ b/roles/build/files/thehive_button/public/vis.less @@ -0,0 +1,3 @@ +.myvis-container-div { + padding: 1em; +} diff --git a/roles/build/files/thehive_button/public/vis_controller.js b/roles/build/files/thehive_button/public/vis_controller.js new file mode 100644 index 0000000..8b23222 --- /dev/null +++ b/roles/build/files/thehive_button/public/vis_controller.js @@ -0,0 +1,555 @@ +//import { Status } from 'ui/vis/update_status'; +import { toastNotifications } from 'ui/notify'; +import { createTheHiveCase, addCaseObservables } from './create_case'; +//import vis_template from './vis_template.html'; + +import React, { Component } from 'react'; +import { + EuiButton, + EuiButtonEmpty, + EuiModal, + EuiModalBody, + EuiModalFooter, + EuiModalHeader, + EuiModalHeaderTitle, + EuiOverlayMask, + EuiTitle, + EuiFlexGroup, + EuiFlexItem, + EuiSpacer, + EuiForm, + EuiFormRow, + EuiFieldText, + EuiTextArea, + EuiSuperSelect, + EuiBasicTable, + EuiCheckbox, + makeId, +} from '@elastic/eui'; + + +// ********** React components ********** + +// Main React component - the root of visualization +export class TheHiveButtonVisComponent extends Component { + render() { + //console.log("TheHiveButtonVisComponent.render(), props:", this.props); + return ( + <div> + <NewCaseButton params={this.props.vis.params} observables={this.props.visData} /> + </div> + ); + } + + componentDidMount() { + this.props.renderComplete(); + } + + componentDidUpdate() { + this.props.renderComplete(); + } +} + +// Button to show the pop-up window (modal) +// Props: +// .params - visualization parameters (from vis.params) +// .observables - object with lists of potential observables to add to the Case +// for each field in params.obsFields there should be a key in this object +// containing list of observables (this is returned by request_handler) +class NewCaseButton extends Component { + + constructor(props) { + super(props); + // Filter out invalid obsField specifications + this.obsFields = props.params.obsFields.filter( f => (f.name != "" && f.type != "" && f.cnt > 0) ); + //console.log("Filtered field specs:", this.obsFields); + + // The complete state is here, so it's kept even when modal is closed + this.state = { + isModalVisible: false, + isWorking: false, // used to show a spinner on submit button + ...this.create_initial_state(), + } + + this.resetCnt = 0; // used to change Modal component key on each form reset + + // Each handler function in a class (method) must be "binded" this way + this.closeModal = this.closeModal.bind(this); + this.showModal = this.showModal.bind(this); + this.resetForm = this.resetForm.bind(this); + + this.onTitleChange = this.onTitleChange.bind(this); + this.onSeverityChange = this.onSeverityChange.bind(this); + this.onTLPChange = this.onTLPChange.bind(this); + this.onDescriptionChange = this.onDescriptionChange.bind(this); + + this.onObsSelectionChange = this.onObsSelectionChange.bind(this); + this.onObsDataChange = this.onObsDataChange.bind(this); + + this.submitCase = this.submitCase.bind(this); + } + + create_initial_state() { + // create a new instance of initial state definition + let initial_state = { + // Case parameters + title: "", + description: "\n\n--\nCreated from Kibana", + severity: "2", // medium + tlp: "2", // amber + tags: [], // TODO (not implemented yet) + obsData: {}, // state of observables form fields (obsData->field->index->{descr,tlp,ioc,tags}) + obsSel: {}, // list of observable selections (obsSel->field->list_of_selected_indices) + } + // pre-fill state of each observable to defaults + const initial_field_data = {descr: "", tlp: 2, ioc: false, tags: []}; + for (let field of this.obsFields) { + const n_obs = this.props.observables[field.name].length; + // fill obsData with new copies of initial_field_data + initial_state.obsData[field.name] = new Array(n_obs).fill().map((_)=>({...initial_field_data})); + // nothing is selected + initial_state.obsSel[field.name] = new Array(); + } + return initial_state; + } + + componentDidUpdate(prevProps) { + // If list of observables was updated or obsFields setting has changed, + // reset the component state and precomputed variables. + if (this.props.observables != prevProps.observables) { + if (this.props.params.obsFields != prevProps.params.obsFields) { + // when obsFields change, observables must change as well, so this "if" + // can be inside the first one. + // Filter out invalid obsField specifications + this.obsFields = this.props.params.obsFields.filter( f => (f.name != "" && f.type != "" && f.cnt && f.cnt > 0) ); + //console.log("Filtered field specs:", this.obsFields); + } + //console.log("New list of observables, resetting form."); + this.resetForm(); + } + } + + resetForm() { + this.setState(this.create_initial_state()); + this.resetCnt += 1; // this changes the key of ModalContent, causing it to be replaced by new DOM elelments (otherwise, not all things are reset properly) + this.forceUpdate(); + } + + closeModal() { + this.setState({ isModalVisible: false }); + } + + showModal() { + this.setState({ isModalVisible: true }); + } + + // Event handlers for change of case parameter + onTitleChange(evt) { + this.setState({title: evt.target.value}); + } + onSeverityChange(value) { + this.setState({severity: value}); + } + onTLPChange(value) { + this.setState({tlp: value}); + } + onDescriptionChange(evt) { + this.setState({description: evt.target.value}); + } + + // Event handler for observable (de)selection + onObsSelectionChange(fieldName, selectedItems) { + // Extract indices from the items and store them into state + const selectedIndices = selectedItems.map(item4 => item4.i); + this.setState((state, props) => { + let newObsSel = {...this.state.obsSel}; + newObsSel[fieldName] = selectedIndices; + return {obsSel: newObsSel}; + }); + } + + // Event handler for edit of a form field in observable row + // - fieldName: which field (table of observables) + // - ix: index of the observable in the field's table + // - param: one of: descr,tlp,ioc,tags + // - value: new value of the form field + onObsDataChange(fieldName, ix, param, value) { + this.setState((state, props) => { + let newObsData = {...this.state.obsData}; + newObsData[fieldName][ix][param] = value; + return {obsData: newObsData}; + }); + } + + // Render function + render() { + let modal; + if (this.state.isModalVisible) { + modal = <ModalContent + resetCnt={this.resetCnt} // used to change "key" of modalBody, causing all form fields to be re-created (some things are not reset properly by reseting state only) + close={this.closeModal} + reset={this.resetForm} + fields={this.obsFields} + observables={this.props.observables} + // form state + title={this.state.title} + description={this.state.description} + severity={this.state.severity} + tlp={this.state.tlp} + tags={this.state.tags} + obsData={this.state.obsData} + obsSel={this.state.obsSel} + spinner={this.state.isWorking} + // event handlers + onTitleChange={this.onTitleChange} + onSeverityChange={this.onSeverityChange} + onTLPChange={this.onTLPChange} + onDescriptionChange={this.onDescriptionChange} + onObsSelectionChange={this.onObsSelectionChange} + onObsDataChange={this.onObsDataChange} + submitCase={this.submitCase} + />; + } + return ( + <div> + <EuiButton fill iconType="alert" color="danger" onClick={this.showModal}>Create new Case ...</EuiButton> + {modal} + </div> + ); + } + + // Submit case button handler + async submitCase(evt) { + const params = this.props.params; + + // Get case parameters + const title = this.state.title; + const descr = this.state.description; + const severity = parseInt(this.state.severity); + const start_date = null; + const owner = params.owner; + const flag = false; + const tlp = parseInt(this.state.tlp); + const tags = this.state.tags; + + if (!title) { + toastNotifications.addDanger("Title can't be empty"); + return; + } + + // Get list of selected observables and their params + let observables = []; + for (let field of this.obsFields) { + let selectionIndices = [...this.state.obsSel[field.name]]; // make a copy + selectionIndices.sort(); + for (let i = 0; i < selectionIndices.length; i++) { + const j = selectionIndices[i]; // index of a selected obs. in the list of all observables + // fill in observable definition according to model at + // https://github.com/TheHive-Project/TheHiveDocs/blob/master/api/artifact.md + const obs = { + dataType: field.type, + data: this.props.observables[field.name][j], + message: this.state.obsData[field.name][j].descr, + tlp: this.state.obsData[field.name][j].tlp, + ioc: this.state.obsData[field.name][j].ioc, + tags: this.state.obsData[field.name][j].tags, + }; + observables.push(obs); + } + } + + //console.log("Selected observables:", observables); + + // Check '/' at the end of base URL, add it if needed + let base_url = params.url; + if (base_url[base_url.length-1] != "/") { + base_url += "/"; + } + + // Show spinner at submit button + this.setState({isWorking: true}); + + // Submit request to create the case, handle response + let resp; + resp = await createTheHiveCase(base_url, params.apikey, title, descr, severity, start_date, owner, flag, tlp, tags); + + if ('error' in resp) { + // Error contacting The Hive + console.error("TheHiveButton: ERROR when trying to create new case:", resp.error); + toastNotifications.addDanger("ERROR: " + resp.error); + this.setState({isWorking: false}); // Hide spinner + return; + } + + console.log("TheHiveButton: Case created:", resp); + const case_id = resp.id; + const case_url = base_url + "index.html#/case/" + case_id + "/details"; + + // Show notification + let obs_text; + if (observables.length > 0) { + obs_text = "Adding " + observables.length + " observables in background ..."; + } + else { + obs_text = "(no observables added)"; + } + toastNotifications.add({ + title: "Case created", + color: "success", + iconType: "checkInCircleFilled", + text: ( + <div> + <p><b><a href={case_url} target="_blank">Edit the new Case</a></b></p> + <p>{obs_text}</p> + </div> + ), + }); + + // Close the popup window, reset form fields and hide spinner + this.closeModal(); + this.resetForm(); + this.setState({isWorking: false}); + + // Open a new window with the case in The Hive + // (adding observables may take some time, so the case is opened first; + // The Hive web is dynamic so the observables appear as they are added) + window.open(case_url, '_blank'); + + if (observables.length == 0) + return; + + // Submit request to add observables + console.log("TheHiveButton: adding " + observables.length + " observables ..."); + resp = await addCaseObservables(base_url, params.apikey, case_id, observables); + + if ('error' in resp) { + console.error("TheHiveButton: ERROR when trying to add observables: " + resp.error); + toastNotifications.addDanger("ERROR when trying to add observables: " + resp.error); + } + else { + console.log("TheHiveButton: Done, observables added."); + toastNotifications.add("Done, observables added."); + } + } +} + + +// The popup window with a form +// props: +// - spinner: when true, disable form and show a spinner over it +class ModalContent extends Component { + constructor(props) { + super(props); + // No state here, everything is in the parent class (NewCaseButton) + + // "Select" options + this.severityOptions = [ + {value: "1", inputDisplay: "low"}, + {value: "2", inputDisplay: "medium"}, + {value: "3", inputDisplay: "high"}, + ]; + this.tlpOptions = [ + {value: "0", inputDisplay: "white"}, + {value: "1", inputDisplay: "green"}, + {value: "2", inputDisplay: "amber"}, + {value: "3", inputDisplay: "red"}, + ]; + } + + // Main render function + render() { + // TODO: replace Modal with Flyout? + + // Note: onClick on EuiOverlayMask causes close of modal when clicked outside, + // implementation inspired by PR: https://github.com/elastic/eui/pull/3462/files#diff-c8fda532e48f75c94c343247cbc6b2d3R53-R60 + return ( + <EuiOverlayMask onClick={(evt) => {if (evt.target.classList.contains("euiOverlayMask")) this.props.close();} }> + <EuiModal onClose={this.props.close} maxWidth={false} initialFocus="[name=title]"> + <EuiModalHeader> + <EuiModalHeaderTitle>Create a new case in The Hive</EuiModalHeaderTitle> + </EuiModalHeader> + + <EuiModalBody key={this.props.resetCnt}> + <EuiForm style={{width: "800px"}}> + <EuiFlexGroup> + <EuiFlexItem grow={1}> + <EuiFormRow label="Title" fullWidth> + <EuiFieldText name="title" value={this.props.title} onChange={this.props.onTitleChange} required={true} fullWidth /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={false}> + <EuiFormRow label="Severity"> + <EuiSuperSelect + options={this.severityOptions} + valueOfSelected={this.props.severity} + onChange={this.props.onSeverityChange} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={false}> + <EuiFormRow label="TLP"> + <EuiSuperSelect + prepend="TLP" + options={this.tlpOptions} + valueOfSelected={this.props.tlp} + onChange={this.props.onTLPChange} + /> + </EuiFormRow> + </EuiFlexItem> + </EuiFlexGroup> + <EuiFormRow label="Description" fullWidth> + <EuiTextArea + defaultValue={this.props.description} + onChange={this.props.onDescriptionChange} + rows={4} + fullWidth + /> + </EuiFormRow> + + {this.props.fields.length > 0 && <EuiTitle size="s"><h3>Add observables from current query ...</h3></EuiTitle>} + {this.props.fields.map((field,ix) => ( + <ObservablesTable + key={field.name + ":" + this.props.resetCnt} + fieldName={field.name} + observables={this.props.observables[field.name]} + obsData={this.props.obsData[field.name]} + obsSel={this.props.obsSel[field.name]} + onObsSelectionChange={this.props.onObsSelectionChange} + onObsDataChange={this.props.onObsDataChange} + /> + ))} + </EuiForm> + </EuiModalBody> + + <EuiModalFooter> + <EuiButtonEmpty onClick={this.props.close}>Close</EuiButtonEmpty> + <EuiButtonEmpty onClick={this.props.reset}>Reset</EuiButtonEmpty> + <EuiButton onClick={this.props.submitCase} fill isLoading={this.props.spinner}>Create Case</EuiButton> + </EuiModalFooter> + </EuiModal> + </EuiOverlayMask> + ); + } +} + +// Table of potential observables taken from a given field, allowing to select +// which observables to send to The Hive. +// Props: +// fieldName - name of the field this table is for +// observables - list of observable IDs of this field +// obsData - array of objects specifying state of form fields in the table (.descr, .tlp, ...) +// obsSel - array of indices of selected observables +class ObservablesTable extends Component { + + constructor(props) { + super(props); + + // Table columns definition + this.columns = [ + { + field: "id", + name: "Observable", + }, + { + field: "descr", + name: "Description", + description: "Description of the observable in the context of the case", + render: (value, item1) => (<EuiFieldText + value={item1.descr} + onChange={(e) => this.props.onObsDataChange(props.fieldName, item1.i, "descr", e.target.value)} + disabled={!item1.selected} + />) + }, + /*{ + field: "tlp", + name: "TLP", + dataType: "number", + // TODO render and process changes + },*/ + { + field: "ioc", + name: "Is IOC", + dataType: "boolean", + description: "Indicates if the observable is an IOC", + render: (value, item2) => (<EuiCheckbox + id={"ioc-checkbox-"+item2.id} + checked={item2.ioc} + onChange={(e) => this.props.onObsDataChange(props.fieldName, item2.i, "ioc", e.target.checked)} + disabled={!item2.selected} + />) + }, + /*{ + field: "tags", + name: "Tags", + // TODO render and process changes + },*/ + ] + + // Create a reference to EuiBasicTable, so it's node can be accessed in componentDidMount + this.tableRef = React.createRef(); + } + + render() { + // Table data definition (convert props to format suitable for EuiBasicTable) + const n_obs = this.props.observables.length; + this.table_data = new Array(n_obs); + for (let i = 0; i < n_obs; i++) { + this.table_data[i] = { + id: this.props.observables[i], + descr: this.props.obsData[i].descr, + tlp: this.props.obsData[i].tlp, + ioc: this.props.obsData[i].ioc, + tags: this.props.obsData[i].tags, + // auxiliary fields, not shown in table: + i: i, // row index + selected: this.props.obsSel.includes(i), + }; + } + + return ( + <> + <EuiTitle size="xs"><h4>{this.props.fieldName}</h4></EuiTitle> + <EuiBasicTable + ref={this.tableRef} + columns={this.columns} + items={this.table_data} + itemId={(item3) => item3.id} + selection={ {onSelectionChange: (selectedItems) => this.props.onObsSelectionChange(this.props.fieldName, selectedItems) } } + noItemsMessage="No observables found" + rowProps={{ + // Hack to allow selection by clicking anywhere in the table row + // (except input elements) + onClick: (e) => { + if (e.target.tagName != "INPUT") { + // simulate click on the first checkbox in the row to (de)select the row + e.currentTarget.querySelector("input").click(); + e.currentTarget.blur(); // without this the focus remains on the row after click (results in different color) + } + }, + tabIndex: "-1", // prevents focus on row by keyboard navigation + }} + /> + <EuiSpacer size="l" /> + </> + ) + } + + componentDidMount() { + // There's no way to specify initially selected items in EuiBasicTable by + // props, but we may need to select some (in case a user selects some obs., + // closes the modal and opens it again). + // However, the selection is stored as a 'selection' field of table's state, + // so here we directly edit the state just after the table is created. + + // Prepare the 'selection' array - it should contain a list of selected row specifications + let selection = []; + for (let ix of this.props.obsSel) { + selection.push(this.table_data[ix]); + } + + // Get ref to EuiBasicTable element and update its state + const table_node = this.tableRef.current; + table_node.setState({selection: selection}); + } +} + diff --git a/roles/build/files/thehive_button/server/routes/newcase.js b/roles/build/files/thehive_button/server/routes/newcase.js new file mode 100644 index 0000000..175dee8 --- /dev/null +++ b/roles/build/files/thehive_button/server/routes/newcase.js @@ -0,0 +1,153 @@ +const request = require('request'); +//const fs = require('fs'); +//const path = require('path'); + +//const caFile = path.resolve(__dirname, '../../ca.cert.pem'); // TODO resolve where the CA file should be located / configured + +export default function (server) { + server.route({ + path: '/api/thehive_button/new_case', + method: 'POST', + handler: newCaseHandler, + }); + server.route({ + path: '/api/thehive_button/add_observables', + method: 'POST', + handler: addObservablesHandler, + }); +} + +// Handler of ajax requests to create a new Case in The Hive +function newCaseHandler(req, resp) { + // Parse the request to get connection parameters + // (everything is configured in forntend and sent as part of the request, + // since I don't know how to configure the backend) + var base_url = req.payload['base_url']; + var api_key = req.payload['api_key']; + var req_body = req.payload['body']; + + // check it's a valid URL with slash at the end + if (!base_url) { + return {'error': 'Base URL not set'}; + } + if (!base_url.match(/https?:\/\/(([a-z\d.-]+)|((\d{1,3}\.){3}\d{1,3}))(\:\d+)?(\/[-a-z\d%_.~+]*)*\//i)) { + //if (!base_url.match(/https?:\/\/.*\//)) { + return {'error': 'Invalid base URL (it must begin with "http[s]" and end with "/")'}; + } + if (!api_key) { + return {'error': 'API key not set'}; + } + + return new Promise( function(resolve, reject) { + request({ + method: 'POST', + url: base_url + 'api/case', + auth: {'bearer': api_key}, + json: true, + body: req_body, + //ca: fs.readFileSync(caFile), // TODO resolve the issue with custom CA, where to get its cert? + rejectUnauthorized: false, + }, + // handler of the reply from The Hive - just return as reply + function (error, response, body) { + // TODO: find out how to set response code, for now we always return sucess and encode original status code in the content + if (error) { + console.error("ERROR when trying to send request to The Hive:", error); + resolve({'error': error.message}); + } + else { + if (response.statusCode < 200 || response.statusCode >= 300) { + console.error("ERROR Unexpected reply received from The Hive:", response.statusCode, response.statusMessage, "\n", body) + } + resolve({ + 'status_code': response.statusCode, + 'status_msg': response.statusMessage, + 'body': body + }); + } + } // handler function + ); // request() + }); // Promise() +} + +// Note: +// There are two ways to create multiple Observables (artifacts) via The Hive API: +// 1. post one request with an array of observables in "data" field +// - this allows to create all in one request, but doesn't allow to set +// different parameters (IOC, TLP, etc.) to different observables +// 2. post each observable in a separate request +// The second way is used here. + +// Handler of ajax requests to add Observables to a Case in The Hive +function addObservablesHandler(req, resp) { + // Parse the request to get connection parameters + // (everything is configured in forntend and sent as part of the request, + // since I don't know how to configure the backend) + var base_url = req.payload['base_url']; + var api_key = req.payload['api_key']; + + // check it's a valid URL with slash at the end + if (!base_url) { + return {'error': 'Base URL not set'}; + } + if (!base_url.match(/https?:\/\/(([a-z\d.-]+)|((\d{1,3}\.){3}\d{1,3}))(\:\d+)?(\/[-a-z\d%_.~+]*)*\//i)) { + //if (!base_url.match(/https?:\/\/.*\//)) { + return {'error': 'Invalid base URL (it must begin with "http[s]" and end with "/")'}; + } + // TODO add "/" to the end automatically + if (!api_key) { + return {'error': 'API key not set'}; + } + + const caseid = req.payload['caseid']; + const observables = req.payload['observables']; // array of obersvable specifications + + return new Promise( async function(resolve, reject) { + // Run one request for each observable + // (A way to run multiple async tasks sequentially inspired by: + // https://jrsinclair.com/articles/2019/how-to-run-async-js-in-parallel-or-sequential/ ) + const starterPromise = Promise.resolve(null); + await observables.reduce( + (p, obs) => p.then(() => addObservable(base_url, api_key, caseid, obs)), + starterPromise + ).catch((err_msg) => { + console.error(err_msg); // log whole message + resolve({'error': err_msg.split("\n", 1)[0]}); // send the first line to frontend + return; + } + ); + resolve({}); + }); +} + +function addObservable(base_url, api_key, caseid, obs) { + return new Promise( function(resolve, reject) { + //console.log("Adding observable:", obs); + request({ + method: 'POST', + url: base_url + 'api/case/' + caseid + "/artifact", + auth: {'bearer': api_key}, + json: true, + body: obs, + //ca: fs.readFileSync(caFile), // TODO resolve the issue with custom CA, where to get its cert? + rejectUnauthorized: false, + }, + // handler of the reply from The Hive - just return as reply + function (error, response, body) { + if (error) { + reject("ERROR when trying to send request to The Hive: " + error); + } + else if (response.statusCode < 200 || response.statusCode >= 300) { + reject("ERROR: Unexpected reply received from The Hive: " + response.statusCode + " " + response.statusMessage + "\n" + JSON.stringify(body)); + } + else { + // success - continue with the next observable + resolve("OK"); + resolve({}) + } + } // handler function + ); // request() + }); //Promise() +} + + diff --git a/roles/build/files/thehive_button/thehive_button/.eslintrc b/roles/build/files/thehive_button/thehive_button/.eslintrc new file mode 100644 index 0000000..64eba86 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/.eslintrc @@ -0,0 +1,7 @@ +--- +extends: "@elastic/kibana" + +settings: + import/resolver: + '@elastic/eslint-import-resolver-kibana': + rootPackageName: 'thehive_button' diff --git a/roles/build/files/thehive_button/thehive_button/.kibana-plugin-helpers.json b/roles/build/files/thehive_button/thehive_button/.kibana-plugin-helpers.json new file mode 100644 index 0000000..2c63c08 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/.kibana-plugin-helpers.json @@ -0,0 +1,2 @@ +{ +} diff --git a/roles/build/files/thehive_button/thehive_button/index.js b/roles/build/files/thehive_button/thehive_button/index.js new file mode 100644 index 0000000..fa69c75 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/index.js @@ -0,0 +1,19 @@ +import newCaseRoute from './server/routes/newcase'; + +export default function (kibana) { + return new kibana.Plugin({ + require: [], //['elasticsearch'], + name: 'thehive_button', + uiExports: { + visTypes: [ + 'plugins/thehive_button/main', + ], + }, + + init(server, options) { // eslint-disable-line no-unused-vars + // Add server routes and initialize the plugin here + newCaseRoute(server); + } + }); +} + diff --git a/roles/build/files/thehive_button/thehive_button/package.json b/roles/build/files/thehive_button/thehive_button/package.json new file mode 100644 index 0000000..e1c070d --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/package.json @@ -0,0 +1,35 @@ +{ + "name": "thehive_button", + "version": "1.0.0", + "description": "Visualisation plugin which creates a simple button to create a new case in The Hive.", + "main": "index.js", + "kibana": { + "version": "7.4.2" + }, + "scripts": { + "lint": "eslint .", + "start": "plugin-helpers start", + "build": "plugin-helpers build" + }, + "dependencies": { + "request": "^2.88.0", + "@elastic/eui": "10.4.2", + "react": "^16.8.0" + }, + "devDependencies": { + "@elastic/eslint-config-kibana": "link:../../packages/eslint-config-kibana", + "@elastic/eslint-import-resolver-kibana": "link:../../packages/kbn-eslint-import-resolver-kibana", + "@kbn/plugin-helpers": "link:../../packages/kbn-plugin-helpers", + "babel-eslint": "^9.0.0", + "eslint": "^5.6.0", + "eslint-plugin-babel": "^5.2.0", + "eslint-plugin-import": "^2.14.0", + "eslint-plugin-jest": "^21.26.2", + "eslint-plugin-jsx-a11y": "^6.1.2", + "eslint-plugin-mocha": "^5.2.0", + "eslint-plugin-no-unsanitized": "^3.0.2", + "eslint-plugin-prefer-object-spread": "^1.2.1", + "eslint-plugin-react": "^7.11.1", + "expect.js": "^0.3.1" + } +} diff --git a/roles/build/files/thehive_button/thehive_button/public/create_case.js b/roles/build/files/thehive_button/thehive_button/public/create_case.js new file mode 100644 index 0000000..fc8edd6 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/create_case.js @@ -0,0 +1,101 @@ +// Functions to send data to Kibana endpoints + +import chrome from 'ui/chrome'; + +// Create a new Case in The Hive via its API +// Return a Promise which resolves to object with ID of the new case ('id' attr) or error message ('error' attr) +export function createTheHiveCase(base_url, api_key, title, descr, severity, startDate, owner, flag, tlp, tags) { + // Prepare data + var data = JSON.stringify({ + "base_url": base_url, + "api_key": api_key, + "body": { + "title": title, + "description": descr, + "severity": severity, // number: 1=low, 2=medium, 3=high + "startDate": startDate, + "owner": owner, // user name the case will be assigned to + "flag": flag, // bool + "tlp": tlp, // number: 0=white, 1=green, 2=amber, 3=red + "tags": tags, // array of strings + } + }); + console.log("TheHiveButton: Sending request to API endpoint 'new_case':", data); + var kibana_endpoint_url = chrome.addBasePath('/api/thehive_button/new_case'); + + return new Promise(function (resolve, reject) { + // Create AJAX request + var xhr = new XMLHttpRequest(); + + // Listener to process reply + xhr.onreadystatechange = function () { + if (this.readyState != 4) { + return; // response not ready yet + } + if (this.status == 200) { + const resp = JSON.parse(this.responseText); + console.log("TheHiveButton: Response from backend:", resp); + if ("error" in resp) { + resolve({"error": resp.error}); + } + else if (resp.status_code != 201) { + resolve({"error": "Unexpected reply received from The Hive: [" + resp.status_code + "] " + resp.status_msg}); + } + else { + resolve({"id": resp.body.id}); // return ID of the new case + } + } + else { + console.log("TheHiveButton: Error " + this.status + ": " + this.statusText); + resolve({"error": "Error " + this.status + ": " + this.statusText}); + } + } + + // Send the AJAX request + xhr.open("POST", kibana_endpoint_url); + xhr.setRequestHeader("Content-Type", "application/json"); + xhr.setRequestHeader("kbn-xsrf", "thehive_plugin"); // this header must be set, although its content is probably irrelevant + xhr.send(data); + }); +} + +// Add observables to an existing Case in The Hive +// (send the list of observables to our backend endpoint, it pushes them to The Hive) +export function addCaseObservables(base_url, api_key, caseid, observables) { + const kibana_endpoint_url = chrome.addBasePath('/api/thehive_button/add_observables'); + const data = JSON.stringify({ + "base_url": base_url, + "api_key": api_key, + "caseid": caseid, + "observables": observables, + }); + console.log("TheHiveButton: Sending request to API endpoint 'add_observables':", data); + + return new Promise(function (resolve, reject) { + // Create AJAX request + var xhr = new XMLHttpRequest(); + + // Listener to process reply + xhr.onreadystatechange = function () { + if (this.readyState != 4) { + return; // response not ready yet + } + if (this.status == 200) { + const resp = JSON.parse(this.responseText); + console.log("TheHiveButton: Response from backend:", resp); + resolve(resp); + } + else { + console.log("TheHiveButton: Error " + this.status + ": " + this.statusText); + resolve({"error": "Error " + this.status + ": " + this.statusText}); + } + } + + // Send the AJAX request + xhr.open("POST", kibana_endpoint_url); + xhr.setRequestHeader("Content-Type", "application/json"); + xhr.setRequestHeader("kbn-xsrf", "thehive_plugin"); // this header must be set, although its content is probably irrelevant + xhr.send(data); + }); +} + diff --git a/roles/build/files/thehive_button/thehive_button/public/env.js b/roles/build/files/thehive_button/thehive_button/public/env.js new file mode 100644 index 0000000..4321b85 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/env.js @@ -0,0 +1,4 @@ +// Default plugin configuration +export const THEHIVE_URL = 'https://hive.gn4-3-wp8-soc.sunet.se/'; +export const THEHIVE_API_KEY = '5LymseWiurZBrQN8Kqp8O+9KniTL5cE0'; +export const THEHIVE_OWNER = 'admin'; // default owner account of the created cases diff --git a/roles/build/files/thehive_button/thehive_button/public/main.js b/roles/build/files/thehive_button/thehive_button/public/main.js new file mode 100644 index 0000000..ee46d73 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/main.js @@ -0,0 +1,54 @@ +import { THEHIVE_API_KEY, THEHIVE_URL, THEHIVE_OWNER } from './env'; +import { TheHiveButtonVisComponent } from './vis_controller'; +import { theHiveButtonRequestHandlerProvider } from './request_handler'; +import { optionsEditor } from './options_editor'; + +import { VisFactoryProvider } from 'ui/vis/vis_factory'; +import { VisTypesRegistryProvider } from 'ui/registry/vis_types'; +import { DefaultEditorSize } from 'ui/vis/editor_size'; + + +function TheHiveButtonVisProvider(Private) { + const VisFactory = Private(VisFactoryProvider); + + //console.log("default URL:", THEHIVE_URL); + //console.log("default API key:", THEHIVE_API_KEY); + + return VisFactory.createReactVisualization({ + name: 'thehive_button', + title: 'The Hive Case', + icon: 'alert', + description: 'A button to create a new Case in The Hive.', + //requiresUpdateStatus: [Status.PARAMS, Status.RESIZE, Status.UI_STATE], + visConfig: { + component: TheHiveButtonVisComponent, + defaults: { + // add default parameters + url: THEHIVE_URL, + apikey: THEHIVE_API_KEY, + owner: THEHIVE_OWNER, + obsFields: [], // list of objects, e.g. {name: "clientip", type: "ip", cnt: 100} + } + }, + //editor: 'default', + editorConfig: { + optionTabs: [ + { + name: "options", + title: "Options", + editor: optionsEditor, + } + ], + defaultSize: DefaultEditorSize.LARGE, + }, +// optionsTemplate: optionsEditor, //optionsTemplate, +// //enableAutoApply: true, +// }, + requestHandler: 'theHiveButtonRequestHandler', // own request handler + responseHandler: 'none', // pass data as returned by requestHandler + }); +} + +// register the provider with the visTypes registry +VisTypesRegistryProvider.register(TheHiveButtonVisProvider); + diff --git a/roles/build/files/thehive_button/thehive_button/public/options_editor.js b/roles/build/files/thehive_button/thehive_button/public/options_editor.js new file mode 100644 index 0000000..38762bd --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/options_editor.js @@ -0,0 +1,176 @@ +import React from 'react'; +import { + EuiForm, + EuiFormRow, + EuiTitle, + EuiSpacer, + EuiFieldText, + EuiFieldNumber, + EuiSelect, + EuiFlexGroup, + EuiFlexItem, + EuiButton, + EuiButtonIcon, +} from '@elastic/eui'; + +// Default data types in The Hive +const DEFAULT_THE_HIVE_TYPES = [ + '', + 'autonomous-system', + 'domain', + 'file', + 'filename', + 'fqdn', + 'hash', + 'ip', + 'mail', + 'mail_subject', + 'regexp', + 'registry', + 'uri_path', + 'url', + 'user-agent', + 'other', +]; + +// Options for EuiSelect for selection of field's data type in TheHive +const typesOptions = DEFAULT_THE_HIVE_TYPES.map( dt => ({value: dt, text: dt}) ); + +export function optionsEditor(props) { + //console.log("editor render(), props:", props); + const { stateParams, setValue, setValidity, vis } = props; + + // onClick/onChange handlers + const obsAddNew = () => { + const newObsFields = [...stateParams.obsFields, {name: "", type: "", cnt: 100}]; + // For some reason, first click on the button after editor is loaded does + // nothing. Calling setValue twice here fixes it. + setValue("obsFields", newObsFields); + setValue("obsFields", newObsFields); +// setValidity(false); // since new row is empty, form is always invalid + }; + const obsRemove = (ix) => { + let newArray = [...stateParams.obsFields]; + newArray.splice(ix, 1); + setValue("obsFields", newArray); +// validate(); + } + const obsSetName = (ix, name) => { + let newArray = [...stateParams.obsFields]; + newArray[ix].name = name; + setValue("obsFields", newArray); +// validate(); + } + const obsSetType = (ix, type) => { + let newArray = [...stateParams.obsFields]; + newArray[ix].type = type; + setValue("obsFields", newArray); +// validate(); + } + const obsSetCnt = (ix, cnt) => { + let newArray = [...stateParams.obsFields]; + newArray[ix].cnt = parseInt(cnt); + setValue("obsFields", newArray); +// validate(); + } +// const validate = () => { +// let valid = true; +// for (let field of stateParams.obsFields) { +// if (field.name == "" || field.type == "" || field.cnt == "") { +// valid = false; +// break; +// } +// } +// // TODO check for duplicate fields +// setValidity(valid); +// } + + // Get list of all fields in index (except those beginning with "_" or "@") + // and create "options" parameter for EuiSelect. + // Also, fields with "aggregatable=false" are removed, as they can't be used + // with "terms" aggregation we need. + // See this for details: https://www.elastic.co/guide/en/elasticsearch/reference/7.x/fielddata.html + // Empty field is added at the beginning, meaning "no selection yet". + const fieldOptions = [{value: "", text: ""}].concat( + vis.indexPattern.fields.raw.filter( f => (f.name[0] != "_" && f.name[0] != "@" && f.aggregatable) ).map( f => ({value: f.name, text: `${f.name} (${f.type})`}) ) + ); + + return <EuiForm> + <EuiFormRow fullWidth={true} label="Base URL of The Hive"> + <EuiFieldText + fullWidth={true} + value={stateParams.url} + onChange={e => setValue('url', e.target.value)} + isInvalid={stateParams.url == ""} + /> + </EuiFormRow> + <EuiFlexGroup> + <EuiFlexItem grow={1}> + <EuiFormRow label="API key to access The Hive" helpText="API key of a user with write permission."> + <EuiFieldText + fullWidth={true} + value={stateParams.apikey} + onChange={e => setValue('apikey', e.target.value)} + isInvalid={stateParams.apikey == ""} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={1}> + <EuiFormRow label="Assignee" helpText="User to assign created cases to. Must be a valid username from The Hive instance."> + <EuiFieldText + value={stateParams.owner} + onChange={e => setValue('owner', e.target.value)} + isInvalid={stateParams.owner == ""} + /> + </EuiFormRow> + </EuiFlexItem> + </EuiFlexGroup> + <EuiTitle size="s"><h3>Fields to get potential observables from ...</h3></EuiTitle> + <EuiSpacer size="s" /> + {stateParams.obsFields.map( (field, ix) => ( + <EuiFlexGroup key={ix} gutterSize="s"> + <EuiFlexItem grow={3}> + <EuiFormRow label="Field name"> + <EuiSelect + options={fieldOptions} + value={field.name} + onChange={ e => obsSetName(ix, e.target.value) } + isInvalid={field.name == ""} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={2}> + <EuiFormRow label="Data type in The Hive"> + <EuiSelect + options={typesOptions} + value={field.type} + onChange={ e => obsSetType(ix, e.target.value) } + isInvalid={field.type == ""} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={1}> + <EuiFormRow label="Max items shown"> + <EuiFieldNumber + min={1} + max={1000} + value={parseInt(field.cnt)} + onChange={ e => obsSetCnt(ix, e.target.value) } + isInvalid={!(field.cnt > 0)} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={false}> + <EuiFormRow hasEmptyLabelSpace> + <EuiButtonIcon iconType="trash" iconSize="m" color="danger" aria-label="Remove field" onClick={ e => obsRemove(ix) } /> + </EuiFormRow> + </EuiFlexItem> + </EuiFlexGroup> + ))} + <EuiFlexGroup> + <EuiFlexItem grow={false}> + <EuiButton iconType="plusInCircleFilled" color="primary" onClick={obsAddNew}>Add new field ...</EuiButton> + </EuiFlexItem> + </EuiFlexGroup> + </EuiForm> +} diff --git a/roles/build/files/thehive_button/thehive_button/public/options_template.html b/roles/build/files/thehive_button/thehive_button/public/options_template.html new file mode 100644 index 0000000..ef99657 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/options_template.html @@ -0,0 +1,8 @@ +<div class="form-group"> + <p><label>Base URL of The Hive</label> + <input ng-model="editorState.params.url" class=form-control /></p> + <p><label>API key</label> + <input ng-model="editorState.params.apikey" class=form-control /></p> + <p><label>User name to use as the owner of cases created from here</label> + <input ng-model="editorState.params.owner" class=form-control /></p> +</div> diff --git a/roles/build/files/thehive_button/thehive_button/public/request_handler.js b/roles/build/files/thehive_button/thehive_button/public/request_handler.js new file mode 100644 index 0000000..bdbb0f4 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/request_handler.js @@ -0,0 +1,195 @@ +import { CourierRequestHandlerProvider as courierRequestHandlerProvider } from 'ui/vis/request_handlers/courier'; +import { SearchSourceProvider } from 'ui/courier/search_source'; +import { RequestAdapter, DataAdapter } from 'ui/inspector/adapters'; +import { VisRequestHandlersRegistryProvider } from 'ui/registry/vis_request_handlers'; +import { AggConfig } from 'ui/vis/agg_config'; +import { AggConfigs } from 'ui/vis/agg_configs'; +import { getTime } from 'ui/timefilter/get_time'; +import { i18n } from '@kbn/i18n'; +import { has } from 'lodash'; +import { calculateObjectHash } from 'ui/vis/lib/calculate_object_hash'; +import { getRequestInspectorStats, getResponseInspectorStats } from 'ui/courier/utils/courier_inspector_utils'; +import chrome from 'ui/chrome'; + +// Maximum number of unique values of each field (observables) to fetch +const MAX_NUMBER_OF_TERMS = 5; + +const handleCourierRequest = courierRequestHandlerProvider().handler; + +// Register new RaquestHandlerProvider +const theHiveButtonRequestHandlerProvider = function () { + return { + name: 'theHiveButtonRequestHandler', + handler: theHiveButtonRequestHandler, + } +} +VisRequestHandlersRegistryProvider.register(theHiveButtonRequestHandlerProvider); + +export {theHiveButtonRequestHandlerProvider, theHiveButtonRequestHandler}; + + +// The request handler function itself +async function theHiveButtonRequestHandler(params) { + //console.log("theHiveButtonRequestHandler params:", params); + + let index = params.index; + let partialRows = params.partialRows; + let metricsAtAllLevels = params.metricsAtAllLevels; + let timeRange = params.timeRange; + let query = params.query; + let filters = params.filters; + let inspectorAdapters = params.inspectorAdapters; + let queryFilter = params.queryFilter; + let forceFetch = params.forceFetch; + // our own confiuration: + // list of fields to get potential observables from + // (each "field" is object {name: str, type: str, cnt: int}) + let obsFields = params.visParams.obsFields; + + // filter out invalid field specifications + obsFields = obsFields.filter( f => (f.name != "" && f.type != "" && f.cnt > 0) ); + + if (obsFields.length == 0) { + //console.log("theHiveButtonRequestHandler: Empty obsFields, nothing to do") + return {} // no fields specified, nothing to do + } + + // === Prepare request to ask for unique values of all selected fields === + + // Construct a query for ElasticSearch + // Get "terms" (most common unique values) for each field of obsFields + const aggs_dsl = {} + for (let field of obsFields) { + aggs_dsl[field.name] = { + terms: { + field: field.name, + size: field.cnt, + order: {_count: "desc"} + } + }; + } + //console.log("aggs_dsl:", aggs_dsl); + + // Create empty AggConfigs + // (We could pass specifications of a metric and the buckets here, + // but default processing functions assume multiple buckets are sub-buckets, + // which is not what we want. So we must do a "hack" and manually create + // query directly in format for ElasticSearch) + const aggs = new AggConfigs(params.index, []); + + // === Some magic to get searchSource object === + // (inspired by https://github.com/fbaligand/kibana-enhanced-table/blob/7.4/public/data_load/enhanced-table-request-handler.js) + // (I don't understand it, but it works) + + let $injector = await chrome.dangerouslyGetActiveInjector(); + let Private = $injector.get('Private'); + let SearchSource = Private(SearchSourceProvider); + let searchSource = new SearchSource(); + searchSource.setField('index', index); + searchSource.setField('size', 0); + + inspectorAdapters.requests = new RequestAdapter(); + inspectorAdapters.data = new DataAdapter(); + + + // === Execute query === + // We could call standard "courier" here, but it tries to convert the response + // to a table, which fails in our case, so we copied the main code of courier + // and modified it here. + + const abortSignal = false; + + const timeFilterSearchSource = searchSource.createChild({ callParentStartHandlers: true }); + const requestSearchSource = timeFilterSearchSource.createChild({ callParentStartHandlers: true }); + + aggs.setTimeRange(timeRange); + + // For now we need to mirror the history of the passed search source, since + // the request inspector wouldn't work otherwise. + Object.defineProperty(requestSearchSource, 'history', { + get() { + return searchSource.history; + }, + set(history) { + return searchSource.history = history; + } + }); + + // This has been modified to override DSL format by ours +// requestSearchSource.setField('aggs', function () { +// return aggs.toDsl(metricsAtAllLevels); +// }); + requestSearchSource.setField('aggs', aggs_dsl); + + requestSearchSource.onRequestStart((searchSource, searchRequest) => { + return aggs.onSearchRequestStart(searchSource, searchRequest); + }); + + if (timeRange) { + timeFilterSearchSource.setField('filter', () => { + return getTime(searchSource.getField('index'), timeRange); + }); + } + + requestSearchSource.setField('filter', filters); + requestSearchSource.setField('query', query); + + const reqBody = await requestSearchSource.getSearchRequestBody(); + + const queryHash = calculateObjectHash(reqBody); + // We only need to reexecute the query, if forceFetch was true or the hash of the request body has changed + // since the last request + const shouldQuery = forceFetch || (searchSource.lastQuery !== queryHash); + + if (shouldQuery) { + inspectorAdapters.requests.reset(); + const request = inspectorAdapters.requests.start( + i18n.translate('common.ui.vis.courier.inspector.dataRequest.title', { defaultMessage: 'Data' }), + { + description: i18n.translate('common.ui.vis.courier.inspector.dataRequest.description', + { defaultMessage: 'This request queries Elasticsearch to fetch the data for the visualization.' }), + } + ); + request.stats(getRequestInspectorStats(requestSearchSource)); + + try { + // Abort any in-progress requests before fetching again + if (abortSignal) { + abortSignal.addEventListener('abort', () => requestSearchSource.cancelQueued()); + } + + const response = await requestSearchSource.fetch(); + //console.log("raw response:", response); + + searchSource.lastQuery = queryHash; + + request + .stats(getResponseInspectorStats(searchSource, response)) + .ok({ json: response }); + + searchSource.rawResponse = response; + } catch(e) { + // Log any error during request to the inspector + request.error({ json: e }); + throw e; + } finally { + // Add the request body no matter if things went fine or not + requestSearchSource.getSearchRequestBody().then(req => { + request.json(req); + }); + } + } + + // === Copy of courier code ends here, now we parse the response === + + const resp = searchSource.rawResponse; + // Return as object containing a list of unique values (terms) for each + // requested field + let unique_values_lists = {} + for (let field of obsFields) { + unique_values_lists[field.name] = resp.aggregations[field.name].buckets.map( (x) => x.key ); + } + + //console.log("Final lists:", unique_values_lists); + return unique_values_lists; +} diff --git a/roles/build/files/thehive_button/thehive_button/public/vis.less b/roles/build/files/thehive_button/thehive_button/public/vis.less new file mode 100644 index 0000000..b6f887a --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/vis.less @@ -0,0 +1,3 @@ +.myvis-container-div { + padding: 1em; +} diff --git a/roles/build/files/thehive_button/thehive_button/public/vis_controller.js b/roles/build/files/thehive_button/thehive_button/public/vis_controller.js new file mode 100644 index 0000000..8b23222 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/public/vis_controller.js @@ -0,0 +1,555 @@ +//import { Status } from 'ui/vis/update_status'; +import { toastNotifications } from 'ui/notify'; +import { createTheHiveCase, addCaseObservables } from './create_case'; +//import vis_template from './vis_template.html'; + +import React, { Component } from 'react'; +import { + EuiButton, + EuiButtonEmpty, + EuiModal, + EuiModalBody, + EuiModalFooter, + EuiModalHeader, + EuiModalHeaderTitle, + EuiOverlayMask, + EuiTitle, + EuiFlexGroup, + EuiFlexItem, + EuiSpacer, + EuiForm, + EuiFormRow, + EuiFieldText, + EuiTextArea, + EuiSuperSelect, + EuiBasicTable, + EuiCheckbox, + makeId, +} from '@elastic/eui'; + + +// ********** React components ********** + +// Main React component - the root of visualization +export class TheHiveButtonVisComponent extends Component { + render() { + //console.log("TheHiveButtonVisComponent.render(), props:", this.props); + return ( + <div> + <NewCaseButton params={this.props.vis.params} observables={this.props.visData} /> + </div> + ); + } + + componentDidMount() { + this.props.renderComplete(); + } + + componentDidUpdate() { + this.props.renderComplete(); + } +} + +// Button to show the pop-up window (modal) +// Props: +// .params - visualization parameters (from vis.params) +// .observables - object with lists of potential observables to add to the Case +// for each field in params.obsFields there should be a key in this object +// containing list of observables (this is returned by request_handler) +class NewCaseButton extends Component { + + constructor(props) { + super(props); + // Filter out invalid obsField specifications + this.obsFields = props.params.obsFields.filter( f => (f.name != "" && f.type != "" && f.cnt > 0) ); + //console.log("Filtered field specs:", this.obsFields); + + // The complete state is here, so it's kept even when modal is closed + this.state = { + isModalVisible: false, + isWorking: false, // used to show a spinner on submit button + ...this.create_initial_state(), + } + + this.resetCnt = 0; // used to change Modal component key on each form reset + + // Each handler function in a class (method) must be "binded" this way + this.closeModal = this.closeModal.bind(this); + this.showModal = this.showModal.bind(this); + this.resetForm = this.resetForm.bind(this); + + this.onTitleChange = this.onTitleChange.bind(this); + this.onSeverityChange = this.onSeverityChange.bind(this); + this.onTLPChange = this.onTLPChange.bind(this); + this.onDescriptionChange = this.onDescriptionChange.bind(this); + + this.onObsSelectionChange = this.onObsSelectionChange.bind(this); + this.onObsDataChange = this.onObsDataChange.bind(this); + + this.submitCase = this.submitCase.bind(this); + } + + create_initial_state() { + // create a new instance of initial state definition + let initial_state = { + // Case parameters + title: "", + description: "\n\n--\nCreated from Kibana", + severity: "2", // medium + tlp: "2", // amber + tags: [], // TODO (not implemented yet) + obsData: {}, // state of observables form fields (obsData->field->index->{descr,tlp,ioc,tags}) + obsSel: {}, // list of observable selections (obsSel->field->list_of_selected_indices) + } + // pre-fill state of each observable to defaults + const initial_field_data = {descr: "", tlp: 2, ioc: false, tags: []}; + for (let field of this.obsFields) { + const n_obs = this.props.observables[field.name].length; + // fill obsData with new copies of initial_field_data + initial_state.obsData[field.name] = new Array(n_obs).fill().map((_)=>({...initial_field_data})); + // nothing is selected + initial_state.obsSel[field.name] = new Array(); + } + return initial_state; + } + + componentDidUpdate(prevProps) { + // If list of observables was updated or obsFields setting has changed, + // reset the component state and precomputed variables. + if (this.props.observables != prevProps.observables) { + if (this.props.params.obsFields != prevProps.params.obsFields) { + // when obsFields change, observables must change as well, so this "if" + // can be inside the first one. + // Filter out invalid obsField specifications + this.obsFields = this.props.params.obsFields.filter( f => (f.name != "" && f.type != "" && f.cnt && f.cnt > 0) ); + //console.log("Filtered field specs:", this.obsFields); + } + //console.log("New list of observables, resetting form."); + this.resetForm(); + } + } + + resetForm() { + this.setState(this.create_initial_state()); + this.resetCnt += 1; // this changes the key of ModalContent, causing it to be replaced by new DOM elelments (otherwise, not all things are reset properly) + this.forceUpdate(); + } + + closeModal() { + this.setState({ isModalVisible: false }); + } + + showModal() { + this.setState({ isModalVisible: true }); + } + + // Event handlers for change of case parameter + onTitleChange(evt) { + this.setState({title: evt.target.value}); + } + onSeverityChange(value) { + this.setState({severity: value}); + } + onTLPChange(value) { + this.setState({tlp: value}); + } + onDescriptionChange(evt) { + this.setState({description: evt.target.value}); + } + + // Event handler for observable (de)selection + onObsSelectionChange(fieldName, selectedItems) { + // Extract indices from the items and store them into state + const selectedIndices = selectedItems.map(item4 => item4.i); + this.setState((state, props) => { + let newObsSel = {...this.state.obsSel}; + newObsSel[fieldName] = selectedIndices; + return {obsSel: newObsSel}; + }); + } + + // Event handler for edit of a form field in observable row + // - fieldName: which field (table of observables) + // - ix: index of the observable in the field's table + // - param: one of: descr,tlp,ioc,tags + // - value: new value of the form field + onObsDataChange(fieldName, ix, param, value) { + this.setState((state, props) => { + let newObsData = {...this.state.obsData}; + newObsData[fieldName][ix][param] = value; + return {obsData: newObsData}; + }); + } + + // Render function + render() { + let modal; + if (this.state.isModalVisible) { + modal = <ModalContent + resetCnt={this.resetCnt} // used to change "key" of modalBody, causing all form fields to be re-created (some things are not reset properly by reseting state only) + close={this.closeModal} + reset={this.resetForm} + fields={this.obsFields} + observables={this.props.observables} + // form state + title={this.state.title} + description={this.state.description} + severity={this.state.severity} + tlp={this.state.tlp} + tags={this.state.tags} + obsData={this.state.obsData} + obsSel={this.state.obsSel} + spinner={this.state.isWorking} + // event handlers + onTitleChange={this.onTitleChange} + onSeverityChange={this.onSeverityChange} + onTLPChange={this.onTLPChange} + onDescriptionChange={this.onDescriptionChange} + onObsSelectionChange={this.onObsSelectionChange} + onObsDataChange={this.onObsDataChange} + submitCase={this.submitCase} + />; + } + return ( + <div> + <EuiButton fill iconType="alert" color="danger" onClick={this.showModal}>Create new Case ...</EuiButton> + {modal} + </div> + ); + } + + // Submit case button handler + async submitCase(evt) { + const params = this.props.params; + + // Get case parameters + const title = this.state.title; + const descr = this.state.description; + const severity = parseInt(this.state.severity); + const start_date = null; + const owner = params.owner; + const flag = false; + const tlp = parseInt(this.state.tlp); + const tags = this.state.tags; + + if (!title) { + toastNotifications.addDanger("Title can't be empty"); + return; + } + + // Get list of selected observables and their params + let observables = []; + for (let field of this.obsFields) { + let selectionIndices = [...this.state.obsSel[field.name]]; // make a copy + selectionIndices.sort(); + for (let i = 0; i < selectionIndices.length; i++) { + const j = selectionIndices[i]; // index of a selected obs. in the list of all observables + // fill in observable definition according to model at + // https://github.com/TheHive-Project/TheHiveDocs/blob/master/api/artifact.md + const obs = { + dataType: field.type, + data: this.props.observables[field.name][j], + message: this.state.obsData[field.name][j].descr, + tlp: this.state.obsData[field.name][j].tlp, + ioc: this.state.obsData[field.name][j].ioc, + tags: this.state.obsData[field.name][j].tags, + }; + observables.push(obs); + } + } + + //console.log("Selected observables:", observables); + + // Check '/' at the end of base URL, add it if needed + let base_url = params.url; + if (base_url[base_url.length-1] != "/") { + base_url += "/"; + } + + // Show spinner at submit button + this.setState({isWorking: true}); + + // Submit request to create the case, handle response + let resp; + resp = await createTheHiveCase(base_url, params.apikey, title, descr, severity, start_date, owner, flag, tlp, tags); + + if ('error' in resp) { + // Error contacting The Hive + console.error("TheHiveButton: ERROR when trying to create new case:", resp.error); + toastNotifications.addDanger("ERROR: " + resp.error); + this.setState({isWorking: false}); // Hide spinner + return; + } + + console.log("TheHiveButton: Case created:", resp); + const case_id = resp.id; + const case_url = base_url + "index.html#/case/" + case_id + "/details"; + + // Show notification + let obs_text; + if (observables.length > 0) { + obs_text = "Adding " + observables.length + " observables in background ..."; + } + else { + obs_text = "(no observables added)"; + } + toastNotifications.add({ + title: "Case created", + color: "success", + iconType: "checkInCircleFilled", + text: ( + <div> + <p><b><a href={case_url} target="_blank">Edit the new Case</a></b></p> + <p>{obs_text}</p> + </div> + ), + }); + + // Close the popup window, reset form fields and hide spinner + this.closeModal(); + this.resetForm(); + this.setState({isWorking: false}); + + // Open a new window with the case in The Hive + // (adding observables may take some time, so the case is opened first; + // The Hive web is dynamic so the observables appear as they are added) + window.open(case_url, '_blank'); + + if (observables.length == 0) + return; + + // Submit request to add observables + console.log("TheHiveButton: adding " + observables.length + " observables ..."); + resp = await addCaseObservables(base_url, params.apikey, case_id, observables); + + if ('error' in resp) { + console.error("TheHiveButton: ERROR when trying to add observables: " + resp.error); + toastNotifications.addDanger("ERROR when trying to add observables: " + resp.error); + } + else { + console.log("TheHiveButton: Done, observables added."); + toastNotifications.add("Done, observables added."); + } + } +} + + +// The popup window with a form +// props: +// - spinner: when true, disable form and show a spinner over it +class ModalContent extends Component { + constructor(props) { + super(props); + // No state here, everything is in the parent class (NewCaseButton) + + // "Select" options + this.severityOptions = [ + {value: "1", inputDisplay: "low"}, + {value: "2", inputDisplay: "medium"}, + {value: "3", inputDisplay: "high"}, + ]; + this.tlpOptions = [ + {value: "0", inputDisplay: "white"}, + {value: "1", inputDisplay: "green"}, + {value: "2", inputDisplay: "amber"}, + {value: "3", inputDisplay: "red"}, + ]; + } + + // Main render function + render() { + // TODO: replace Modal with Flyout? + + // Note: onClick on EuiOverlayMask causes close of modal when clicked outside, + // implementation inspired by PR: https://github.com/elastic/eui/pull/3462/files#diff-c8fda532e48f75c94c343247cbc6b2d3R53-R60 + return ( + <EuiOverlayMask onClick={(evt) => {if (evt.target.classList.contains("euiOverlayMask")) this.props.close();} }> + <EuiModal onClose={this.props.close} maxWidth={false} initialFocus="[name=title]"> + <EuiModalHeader> + <EuiModalHeaderTitle>Create a new case in The Hive</EuiModalHeaderTitle> + </EuiModalHeader> + + <EuiModalBody key={this.props.resetCnt}> + <EuiForm style={{width: "800px"}}> + <EuiFlexGroup> + <EuiFlexItem grow={1}> + <EuiFormRow label="Title" fullWidth> + <EuiFieldText name="title" value={this.props.title} onChange={this.props.onTitleChange} required={true} fullWidth /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={false}> + <EuiFormRow label="Severity"> + <EuiSuperSelect + options={this.severityOptions} + valueOfSelected={this.props.severity} + onChange={this.props.onSeverityChange} + /> + </EuiFormRow> + </EuiFlexItem> + <EuiFlexItem grow={false}> + <EuiFormRow label="TLP"> + <EuiSuperSelect + prepend="TLP" + options={this.tlpOptions} + valueOfSelected={this.props.tlp} + onChange={this.props.onTLPChange} + /> + </EuiFormRow> + </EuiFlexItem> + </EuiFlexGroup> + <EuiFormRow label="Description" fullWidth> + <EuiTextArea + defaultValue={this.props.description} + onChange={this.props.onDescriptionChange} + rows={4} + fullWidth + /> + </EuiFormRow> + + {this.props.fields.length > 0 && <EuiTitle size="s"><h3>Add observables from current query ...</h3></EuiTitle>} + {this.props.fields.map((field,ix) => ( + <ObservablesTable + key={field.name + ":" + this.props.resetCnt} + fieldName={field.name} + observables={this.props.observables[field.name]} + obsData={this.props.obsData[field.name]} + obsSel={this.props.obsSel[field.name]} + onObsSelectionChange={this.props.onObsSelectionChange} + onObsDataChange={this.props.onObsDataChange} + /> + ))} + </EuiForm> + </EuiModalBody> + + <EuiModalFooter> + <EuiButtonEmpty onClick={this.props.close}>Close</EuiButtonEmpty> + <EuiButtonEmpty onClick={this.props.reset}>Reset</EuiButtonEmpty> + <EuiButton onClick={this.props.submitCase} fill isLoading={this.props.spinner}>Create Case</EuiButton> + </EuiModalFooter> + </EuiModal> + </EuiOverlayMask> + ); + } +} + +// Table of potential observables taken from a given field, allowing to select +// which observables to send to The Hive. +// Props: +// fieldName - name of the field this table is for +// observables - list of observable IDs of this field +// obsData - array of objects specifying state of form fields in the table (.descr, .tlp, ...) +// obsSel - array of indices of selected observables +class ObservablesTable extends Component { + + constructor(props) { + super(props); + + // Table columns definition + this.columns = [ + { + field: "id", + name: "Observable", + }, + { + field: "descr", + name: "Description", + description: "Description of the observable in the context of the case", + render: (value, item1) => (<EuiFieldText + value={item1.descr} + onChange={(e) => this.props.onObsDataChange(props.fieldName, item1.i, "descr", e.target.value)} + disabled={!item1.selected} + />) + }, + /*{ + field: "tlp", + name: "TLP", + dataType: "number", + // TODO render and process changes + },*/ + { + field: "ioc", + name: "Is IOC", + dataType: "boolean", + description: "Indicates if the observable is an IOC", + render: (value, item2) => (<EuiCheckbox + id={"ioc-checkbox-"+item2.id} + checked={item2.ioc} + onChange={(e) => this.props.onObsDataChange(props.fieldName, item2.i, "ioc", e.target.checked)} + disabled={!item2.selected} + />) + }, + /*{ + field: "tags", + name: "Tags", + // TODO render and process changes + },*/ + ] + + // Create a reference to EuiBasicTable, so it's node can be accessed in componentDidMount + this.tableRef = React.createRef(); + } + + render() { + // Table data definition (convert props to format suitable for EuiBasicTable) + const n_obs = this.props.observables.length; + this.table_data = new Array(n_obs); + for (let i = 0; i < n_obs; i++) { + this.table_data[i] = { + id: this.props.observables[i], + descr: this.props.obsData[i].descr, + tlp: this.props.obsData[i].tlp, + ioc: this.props.obsData[i].ioc, + tags: this.props.obsData[i].tags, + // auxiliary fields, not shown in table: + i: i, // row index + selected: this.props.obsSel.includes(i), + }; + } + + return ( + <> + <EuiTitle size="xs"><h4>{this.props.fieldName}</h4></EuiTitle> + <EuiBasicTable + ref={this.tableRef} + columns={this.columns} + items={this.table_data} + itemId={(item3) => item3.id} + selection={ {onSelectionChange: (selectedItems) => this.props.onObsSelectionChange(this.props.fieldName, selectedItems) } } + noItemsMessage="No observables found" + rowProps={{ + // Hack to allow selection by clicking anywhere in the table row + // (except input elements) + onClick: (e) => { + if (e.target.tagName != "INPUT") { + // simulate click on the first checkbox in the row to (de)select the row + e.currentTarget.querySelector("input").click(); + e.currentTarget.blur(); // without this the focus remains on the row after click (results in different color) + } + }, + tabIndex: "-1", // prevents focus on row by keyboard navigation + }} + /> + <EuiSpacer size="l" /> + </> + ) + } + + componentDidMount() { + // There's no way to specify initially selected items in EuiBasicTable by + // props, but we may need to select some (in case a user selects some obs., + // closes the modal and opens it again). + // However, the selection is stored as a 'selection' field of table's state, + // so here we directly edit the state just after the table is created. + + // Prepare the 'selection' array - it should contain a list of selected row specifications + let selection = []; + for (let ix of this.props.obsSel) { + selection.push(this.table_data[ix]); + } + + // Get ref to EuiBasicTable element and update its state + const table_node = this.tableRef.current; + table_node.setState({selection: selection}); + } +} + diff --git a/roles/build/files/thehive_button/thehive_button/server/routes/newcase.js b/roles/build/files/thehive_button/thehive_button/server/routes/newcase.js new file mode 100644 index 0000000..175dee8 --- /dev/null +++ b/roles/build/files/thehive_button/thehive_button/server/routes/newcase.js @@ -0,0 +1,153 @@ +const request = require('request'); +//const fs = require('fs'); +//const path = require('path'); + +//const caFile = path.resolve(__dirname, '../../ca.cert.pem'); // TODO resolve where the CA file should be located / configured + +export default function (server) { + server.route({ + path: '/api/thehive_button/new_case', + method: 'POST', + handler: newCaseHandler, + }); + server.route({ + path: '/api/thehive_button/add_observables', + method: 'POST', + handler: addObservablesHandler, + }); +} + +// Handler of ajax requests to create a new Case in The Hive +function newCaseHandler(req, resp) { + // Parse the request to get connection parameters + // (everything is configured in forntend and sent as part of the request, + // since I don't know how to configure the backend) + var base_url = req.payload['base_url']; + var api_key = req.payload['api_key']; + var req_body = req.payload['body']; + + // check it's a valid URL with slash at the end + if (!base_url) { + return {'error': 'Base URL not set'}; + } + if (!base_url.match(/https?:\/\/(([a-z\d.-]+)|((\d{1,3}\.){3}\d{1,3}))(\:\d+)?(\/[-a-z\d%_.~+]*)*\//i)) { + //if (!base_url.match(/https?:\/\/.*\//)) { + return {'error': 'Invalid base URL (it must begin with "http[s]" and end with "/")'}; + } + if (!api_key) { + return {'error': 'API key not set'}; + } + + return new Promise( function(resolve, reject) { + request({ + method: 'POST', + url: base_url + 'api/case', + auth: {'bearer': api_key}, + json: true, + body: req_body, + //ca: fs.readFileSync(caFile), // TODO resolve the issue with custom CA, where to get its cert? + rejectUnauthorized: false, + }, + // handler of the reply from The Hive - just return as reply + function (error, response, body) { + // TODO: find out how to set response code, for now we always return sucess and encode original status code in the content + if (error) { + console.error("ERROR when trying to send request to The Hive:", error); + resolve({'error': error.message}); + } + else { + if (response.statusCode < 200 || response.statusCode >= 300) { + console.error("ERROR Unexpected reply received from The Hive:", response.statusCode, response.statusMessage, "\n", body) + } + resolve({ + 'status_code': response.statusCode, + 'status_msg': response.statusMessage, + 'body': body + }); + } + } // handler function + ); // request() + }); // Promise() +} + +// Note: +// There are two ways to create multiple Observables (artifacts) via The Hive API: +// 1. post one request with an array of observables in "data" field +// - this allows to create all in one request, but doesn't allow to set +// different parameters (IOC, TLP, etc.) to different observables +// 2. post each observable in a separate request +// The second way is used here. + +// Handler of ajax requests to add Observables to a Case in The Hive +function addObservablesHandler(req, resp) { + // Parse the request to get connection parameters + // (everything is configured in forntend and sent as part of the request, + // since I don't know how to configure the backend) + var base_url = req.payload['base_url']; + var api_key = req.payload['api_key']; + + // check it's a valid URL with slash at the end + if (!base_url) { + return {'error': 'Base URL not set'}; + } + if (!base_url.match(/https?:\/\/(([a-z\d.-]+)|((\d{1,3}\.){3}\d{1,3}))(\:\d+)?(\/[-a-z\d%_.~+]*)*\//i)) { + //if (!base_url.match(/https?:\/\/.*\//)) { + return {'error': 'Invalid base URL (it must begin with "http[s]" and end with "/")'}; + } + // TODO add "/" to the end automatically + if (!api_key) { + return {'error': 'API key not set'}; + } + + const caseid = req.payload['caseid']; + const observables = req.payload['observables']; // array of obersvable specifications + + return new Promise( async function(resolve, reject) { + // Run one request for each observable + // (A way to run multiple async tasks sequentially inspired by: + // https://jrsinclair.com/articles/2019/how-to-run-async-js-in-parallel-or-sequential/ ) + const starterPromise = Promise.resolve(null); + await observables.reduce( + (p, obs) => p.then(() => addObservable(base_url, api_key, caseid, obs)), + starterPromise + ).catch((err_msg) => { + console.error(err_msg); // log whole message + resolve({'error': err_msg.split("\n", 1)[0]}); // send the first line to frontend + return; + } + ); + resolve({}); + }); +} + +function addObservable(base_url, api_key, caseid, obs) { + return new Promise( function(resolve, reject) { + //console.log("Adding observable:", obs); + request({ + method: 'POST', + url: base_url + 'api/case/' + caseid + "/artifact", + auth: {'bearer': api_key}, + json: true, + body: obs, + //ca: fs.readFileSync(caFile), // TODO resolve the issue with custom CA, where to get its cert? + rejectUnauthorized: false, + }, + // handler of the reply from The Hive - just return as reply + function (error, response, body) { + if (error) { + reject("ERROR when trying to send request to The Hive: " + error); + } + else if (response.statusCode < 200 || response.statusCode >= 300) { + reject("ERROR: Unexpected reply received from The Hive: " + response.statusCode + " " + response.statusMessage + "\n" + JSON.stringify(body)); + } + else { + // success - continue with the next observable + resolve("OK"); + resolve({}) + } + } // handler function + ); // request() + }); //Promise() +} + + diff --git a/roles/build/files/zookeeper/zookeepersupervisord.conf b/roles/build/files/zookeeper/zookeepersupervisord.conf deleted file mode 100644 index 3089c9b..0000000 --- a/roles/build/files/zookeeper/zookeepersupervisord.conf +++ /dev/null @@ -1,43 +0,0 @@ -[unix_http_server] -file=/tmp/supervisor.sock - -[supervisord] -pidfile=/tmp/supervisord.pid -nodaemon=true -logfile=/var/log/supervisor/supervisord.log -logfile_maxbytes=10MB -logfile_backups=10 -loglevel=info -childlogdir=/var/log/supervisor/ - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///tmp/supervisor.sock - -[program:zookeeper] -directory=/opt/zookeeper -user=root -group=root -command=/bin/bash -c '/opt/zookeeper/bin/zkServer.sh start-foreground' -autostart=true -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/zookeeper_stderr.log -stdout_logfile = /var/log/supervisor/zookeeper_stdout.log - -[program:filebeat] -directory=/opt/filebeat -user=root -group=root -command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml' -autostart=false -autorestart=true -logfile_maxbytes=10MB -stdout_logfile_backups = 0 -stderr_logfile_backups = 0 -stderr_logfile = /var/log/supervisor/filebeat_stderr.log -stdout_logfile = /var/log/supervisor/filebeat_stdout.log diff --git a/roles/build/files/zookeeperDockerfile b/roles/build/files/zookeeperDockerfile new file mode 100644 index 0000000..33ea38a --- /dev/null +++ b/roles/build/files/zookeeperDockerfile @@ -0,0 +1,34 @@ +FROM gn43-dsl/openjdk:7a20201004 +#LABEL maintainer="Apache NiFi <dev@nifi.apache.org>" +#LABEL site="https://nifi.apache.org" + +#ARG UID=1000 +#ARG GID=1000 +ARG ZOOKEEPER_VERSION=3.5.5 +ARG BASE_URL=https://archive.apache.org/dist +ARG MIRROR_BASE_URL=${MIRROR_BASE_URL:-${BASE_URL}} +ARG ZOOKEEPER_BINARY_PATH=${ZOOKEEPER_BINARY_PATH:-/zookeeper/zookeeper-${ZOOKEEPER_VERSION}/apache-zookeeper-${ZOOKEEPER_VERSION}-bin.tar.gz} + +ENV ZOOKEEPER_BASE_DIR=/opt + +#ENV ZOOKEEPER_PID_DIR=${ZOOKEEPER_HOME}/run +#ENV ZOOKEEPER_LOG_DIR=${ZOOKEEPER_HOME}/logs + +# USER nifi + +# Download, validate, and expand Apache NiFi binary. +RUN curl -fSL ${MIRROR_BASE_URL}/${ZOOKEEPER_BINARY_PATH} -o ${ZOOKEEPER_BASE_DIR}/apache-zookeeper-${ZOOKEEPER_VERSION}-bin.tar.gz \ +# && echo "$(curl ${BASE_URL}/${ZOOKEEPER_BINARY_PATH}.sha512) *${ZOOKEEPER_BASE_DIR}/apache-zookeeper-${ZOOKEEPER_VERSION}-bin.tar.gz" | sha256sum -c - \ + && tar -xzf ${ZOOKEEPER_BASE_DIR}/apache-zookeeper-${ZOOKEEPER_VERSION}-bin.tar.gz -C ${ZOOKEEPER_BASE_DIR} \ + && mv ${ZOOKEEPER_BASE_DIR}/apache-zookeeper-${ZOOKEEPER_VERSION}-bin ${ZOOKEEPER_BASE_DIR}/zookeeper \ + && rm ${ZOOKEEPER_BASE_DIR}/apache-zookeeper-${ZOOKEEPER_VERSION}-bin.tar.gz \ + && cp ${ZOOKEEPER_BASE_DIR}/zookeeper/conf/zoo_sample.cfg ${ZOOKEEPER_BASE_DIR}/zookeeper/conf/zoo.cfg + +# Web HTTP(s) & Socket Site-to-Site Ports +EXPOSE 2181 2888 3888 + +WORKDIR ${ZOOKEEPER_BASE_DIR}/zookeeper + +ENTRYPOINT ["/opt/zookeeper/bin/zkServer.sh"] +CMD ["start-foreground"] + diff --git a/roles/build/tasks/cassandra.yml b/roles/build/tasks/cassandra.yml new file mode 100644 index 0000000..1c0a2c6 --- /dev/null +++ b/roles/build/tasks/cassandra.yml @@ -0,0 +1,11 @@ +--- + +- name: Configure the cassandra Dockerfile + template: + src: cassandra/Dockerfile.j2 + dest: "{{role_path}}/files/cassandraDockerfile" + +- name: Build cassandra image + command: docker build -t {{repo}}/cassandra:{{version}}{{suffix}} -f {{role_path}}/files/cassandraDockerfile {{role_path}}/files + + diff --git a/roles/build/tasks/centos.yml b/roles/build/tasks/centos.yml index 62a8fb1..c7be287 100644 --- a/roles/build/tasks/centos.yml +++ b/roles/build/tasks/centos.yml @@ -5,115 +5,96 @@ name: "{{repo}}/centos:{{version}}{{suffix}}" register: centosimg -- name: Assert CentOS image - assert: - that: centosimg.images | length == 0 - fail_msg: "CentOS image already exists" - -- name: Create etc tree in build directory - file: - path: '{{ temp_root}}/{{ item.path }}' - state: directory - mode: '{{ item.mode }}' - with_filetree: templates/etcroot/ - when: item.state == 'directory' - -- name: Populate etc tree in build directory - template: - src: '{{ item.src }}' - dest: '{{ temp_root}}/{{ item.path }}' - force: yes - with_filetree: templates/etcroot - when: item.state == 'file' - -- name: Create dev tree in build directory - command: mknod -m {{ item.mode }} {{ item.dev }} {{ item.type }} {{ item.major }} {{ item.minor }} - args: - creates: "{{ item.dev }}" - with_items: - - { mode: 600, dev: "{{temp_root}}/dev/console", type: c, major: 5, minor: 1 } - - { mode: 600, dev: "{{temp_root}}/dev/initctl", type: p, major: '', minor: '' } - - { mode: 666, dev: "{{temp_root}}/dev/full", type: c, major: 1, minor: 7 } - - { mode: 666, dev: "{{temp_root}}/dev/null", type: c, major: 1, minor: 3 } - - { mode: 666, dev: "{{temp_root}}/dev/ptmx", type: c, major: 5, minor: 2 } - - { mode: 666, dev: "{{temp_root}}/dev/random", type: c, major: 1, minor: 8 } - - { mode: 666, dev: "{{temp_root}}/dev/tty", type: c, major: 5, minor: 0 } - - { mode: 666, dev: "{{temp_root}}/dev/tty0", type: c, major: 4, minor: 0 } - - { mode: 666, dev: "{{temp_root}}/dev/urandom", type: c, major: 1, minor: 9 } - - { mode: 666, dev: "{{temp_root}}/dev/zero", type: c, major: 1, minor: 5 } - -- name: Install centos-release in build directory - yum: - installroot: "{{ temp_root}}" - name: centos-release - state: present - -- name: Install Core CentOS in build directory - yum: - installroot: "{{ temp_root}}" - name: - - "@Core" - - yum-plugin-ovl.noarch - - epel-release - state: present - -- name: Install extra packages - yum: - installroot: "{{ temp_root }}" - name: - - daemonize - state: present - -- name: Clean yum cache - command: 'yum --installroot="{{ temp_root}}" -y clean all' - -- name: Remove unneeded directories - file: - path: "{{temp_root}}/{{item}}" - state: absent - with_items: - - usr/share/cracklib - - var/cache/yum - - sbin/sln - - etc/ld.so.cache - - var/cache/ldconfig - - usr/share/backgrounds - -- name: Create needed directories - file: - path: "{{temp_root}}/{{item}}" - state: directory - with_items: - - var/cache/yum - - var/cache/ldconfig - -- name: Download filebeat - get_url: - url: "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-{{ FILEBEAT_VERSION }}-linux-x86_64.tar.gz" - dest: "{{ temp_root}}/opt/filebeat.tar.gz" - mode: '0640' - -- name: Unarchive filebeat - unarchive: - src: "{{ temp_root}}/opt/filebeat.tar.gz" - dest: "{{ temp_root}}/opt/" - remote_src: yes - -- name: Delete filebeat archive - file: - path: "{{ item }}" - state: absent - with_items: - - "{{ temp_root}}/opt/filebeat.tar.gz" - -- name: move filebeat directory to /opt/filebeat - command: "mv {{ temp_root}}/opt/filebeat-{{ FILEBEAT_VERSION }}-linux-x86_64 {{ temp_root}}/opt/filebeat" - -- name: Import image in docker - shell: tar --numeric-owner -c -C {{temp_root }} . | docker import - {{repo}}/centos:{{version}}{{suffix}} - -- name: Remove temp directory - file: - path: "{{temp_root}}" - state: absent - +#- name: Skip if image exists +# meta: end_play +# when: centosimg.images | length != 0 + +# tags: +# - start + +#- name: Assert CentOS image +# assert: +# that: centosimg.images | length == 0 +# fail_msg: "CentOS image already exists" + +- name: Build CentOS image + when: centosimg.images | length == 0 + block: + - name: Create etc tree in build directory + file: + path: '{{ temp_root}}/{{ item.path }}' + state: directory + mode: '{{ item.mode }}' + with_filetree: templates/etcroot/ + when: item.state == 'directory' + + - name: Populate etc tree in build directory + template: + src: '{{ item.src }}' + dest: '{{ temp_root}}/{{ item.path }}' + force: yes + with_filetree: templates/etcroot + when: item.state == 'file' + + - name: Create dev tree in build directory + command: mknod -m {{ item.mode }} {{ item.dev }} {{ item.type }} {{ item.major }} {{ item.minor }} + args: + creates: "{{ item.dev }}" + with_items: + - { mode: 600, dev: "{{temp_root}}/dev/console", type: c, major: 5, minor: 1 } + - { mode: 600, dev: "{{temp_root}}/dev/initctl", type: p, major: '', minor: '' } + - { mode: 666, dev: "{{temp_root}}/dev/full", type: c, major: 1, minor: 7 } + - { mode: 666, dev: "{{temp_root}}/dev/null", type: c, major: 1, minor: 3 } + - { mode: 666, dev: "{{temp_root}}/dev/ptmx", type: c, major: 5, minor: 2 } + - { mode: 666, dev: "{{temp_root}}/dev/random", type: c, major: 1, minor: 8 } + - { mode: 666, dev: "{{temp_root}}/dev/tty", type: c, major: 5, minor: 0 } + - { mode: 666, dev: "{{temp_root}}/dev/tty0", type: c, major: 4, minor: 0 } + - { mode: 666, dev: "{{temp_root}}/dev/urandom", type: c, major: 1, minor: 9 } + - { mode: 666, dev: "{{temp_root}}/dev/zero", type: c, major: 1, minor: 5 } + + - name: Install centos-release in build directory + yum: + installroot: "{{ temp_root}}" + name: centos-release + state: present + + - name: Install Core CentOS in build directory + yum: + installroot: "{{ temp_root}}" + name: + - "@Core" + - yum-plugin-ovl.noarch + - epel-release + state: present + + - name: Clean yum cache + command: 'yum --installroot="{{ temp_root}}" -y clean all' + + - name: Remove unneeded directories + file: + path: "{{temp_root}}/{{item}}" + state: absent + with_items: + - usr/share/cracklib + - var/cache/yum + - sbin/sln + - etc/ld.so.cache + - var/cache/ldconfig + - usr/share/backgrounds + + - name: Create needed directories + file: + path: "{{temp_root}}/{{item}}" + state: directory + with_items: + - var/cache/yum + - var/cache/ldconfig + + - name: Import image in docker + shell: tar --numeric-owner -c -C {{temp_root }} . | docker import - {{repo}}/centos:{{version}}{{suffix}} + + - name: Remove temp directory + file: + path: "{{temp_root}}" + state: absent + diff --git a/roles/build/tasks/cortex.yml b/roles/build/tasks/cortex.yml new file mode 100644 index 0000000..9a5adbe --- /dev/null +++ b/roles/build/tasks/cortex.yml @@ -0,0 +1,11 @@ +--- + +- name: Configure the Cortex Dockerfile + template: + src: cortex/Dockerfile.j2 + dest: "{{role_path}}/files/cortexDockerfile" + +- name: Build the Cortex image + command: docker build -t {{repo}}/cortex:{{version}}{{suffix}} -f {{role_path}}/files/cortexDockerfile {{role_path}}/files + + diff --git a/roles/build/tasks/haproxy.yml b/roles/build/tasks/haproxy.yml new file mode 100644 index 0000000..9cb45f8 --- /dev/null +++ b/roles/build/tasks/haproxy.yml @@ -0,0 +1,10 @@ +--- + +- name: Configure the haproxy Dockerfile + template: + src: haproxy/Dockerfile.j2 + dest: "{{role_path}}/files/haproxyDockerfile" + +- name: Build haproxy image + command: docker build -t {{repo}}/haproxy:{{version}}{{suffix}} -f {{role_path}}/files/haproxyDockerfile {{role_path}}/files + diff --git a/roles/build/tasks/keycloak.yml b/roles/build/tasks/keycloak.yml new file mode 100644 index 0000000..f7a7c2b --- /dev/null +++ b/roles/build/tasks/keycloak.yml @@ -0,0 +1,18 @@ +--- + +- name: Configure the keycloak Dockerfile + template: + src: keycloak/Dockerfile.j2 + dest: "{{role_path}}/files/keycloakDockerfile" + +- name: Copy tools to build path + command: "cp -av {{role_path}}/templates/keycloak/keycloak-tools/ {{role_path}}/files/keycloak-tools/" + +- name: Build keycloak image + command: docker build -t {{repo}}/keycloak:{{version}}{{suffix}} -f {{role_path}}/files/keycloakDockerfile {{role_path}}/files + +- name: Remove tools from build path + file: + path: "{{role_path}}/files/keycloak-tools/" + state: absent + diff --git a/roles/build/tasks/main.yml b/roles/build/tasks/main.yml index eee4ba0..223766f 100644 --- a/roles/build/tasks/main.yml +++ b/roles/build/tasks/main.yml @@ -2,45 +2,19 @@ - assert: that: - - "'CHANGE_ME' not in soctoolsproxy" + - "'CHANGE_ME' not in dslproxy" fail_msg: "Review *all* settings in group_vars/all/main.yml" - include: centos.yml - -- name: Create main build dir - file: - path: "{{docker_build_dir}}" - state: directory - -- name: Create build dir - file: - path: "{{docker_build_dir}}/{{item}}" - state: directory - with_items: "{{services}}" - -- name: Configure the Dockerfile - template: - src: "{{item}}/Dockerfile.j2" - dest: "{{docker_build_dir}}/{{item}}/Dockerfile" - with_items: "{{services}}" - -- name: Copy thehive_button to build path - copy: - src: "{{role_path}}/templates/odfekibana/thehive_button" - dest: "{{docker_build_dir}}/odfekibana/" - -- name: Copy keycloak-tools to build path - copy: - src: "{{role_path}}/templates/keycloak/keycloak-tools" - dest: "{{docker_build_dir}}/keycloak/" - -- name: Copy build files - copy: - src: "files/{{item}}/" - dest: "{{docker_build_dir}}/{{item}}/" - with_items: "{{services}}" - ignore_errors: yes - -- name: Build image - command: docker build -t {{repo}}/{{item}}:{{version}}{{suffix}} -f {{docker_build_dir}}/{{item}}/Dockerfile {{docker_build_dir}}/{{item}} - with_items: "{{services}}" +- include: mysql.yml +- include: haproxy.yml +- include: openjdk.yml +- include: zookeeper.yml +- include: nifi.yml +- include: odfees.yml +- include: odfekibana.yml +- include: keycloak.yml +- include: misp.yml +- include: cassandra.yml +- include: thehive.yml +- include: cortex.yml diff --git a/roles/build/tasks/misp.yml b/roles/build/tasks/misp.yml new file mode 100644 index 0000000..d52c39c --- /dev/null +++ b/roles/build/tasks/misp.yml @@ -0,0 +1,20 @@ +--- + +- name: Configure the misp Dockerfile + template: + src: misp/Dockerfile.j2 + dest: "{{role_path}}/files/mispDockerfile" + +- name: Configure the misp supervisor + template: + src: misp/supervisord.conf.j2 + dest: "{{role_path}}/files/mispsupervisord.conf" + +- name: Configure the misp worker startscript + template: + src: misp/start.sh.j2 + dest: "{{role_path}}/files/mispstart.sh" + +- name: Build misp image + command: docker build -t {{repo}}/misp:{{version}}{{suffix}} -f {{role_path}}/files/mispDockerfile {{role_path}}/files + diff --git a/roles/build/tasks/mysql.yml b/roles/build/tasks/mysql.yml new file mode 100644 index 0000000..a028190 --- /dev/null +++ b/roles/build/tasks/mysql.yml @@ -0,0 +1,15 @@ +--- + +- name: Configure the mysql Dockerfile + template: + src: mysql/Dockerfile.j2 + dest: "{{role_path}}/files/mysqlDockerfile" + +- name: Configure the mysql supervisor + template: + src: mysql/supervisord.conf.j2 + dest: "{{role_path}}/files/mysqlsupervisord.conf" + +- name: Build mysql image + command: docker build -t {{repo}}/mysql:{{version}}{{suffix}} -f {{role_path}}/files/mysqlDockerfile {{role_path}}/files + diff --git a/roles/build/tasks/nifi.yml b/roles/build/tasks/nifi.yml new file mode 100644 index 0000000..423978d --- /dev/null +++ b/roles/build/tasks/nifi.yml @@ -0,0 +1,11 @@ +--- + +- name: Configure the nifi Dockerfile + template: + src: nifi/Dockerfile.j2 + dest: "{{role_path}}/files/nifiDockerfile" + +- name: Build nifi image + command: docker build -t {{repo}}/nifi:{{version}}{{suffix}} -f {{role_path}}/files/nifiDockerfile {{role_path}}/files + + diff --git a/roles/build/tasks/odfees.yml b/roles/build/tasks/odfees.yml new file mode 100644 index 0000000..5741223 --- /dev/null +++ b/roles/build/tasks/odfees.yml @@ -0,0 +1,18 @@ +--- + +- name: Configure elasticsearch Dockerfile + template: + src: odfees/Dockerfile-elastic.j2 + dest: "{{role_path}}/files/elasticDockerfile" + +- name: Build elasticsearch image + command: docker build -t {{repo}}/elasticsearch:{{version}}{{suffix}} -f {{role_path}}/files/elasticDockerfile {{role_path}}/files + +- name: Configure odfe elasticsearch Dockerfile + template: + src: odfees/Dockerfile-odfeelastic.j2 + dest: "{{role_path}}/files/odfeesDockerfile" + +- name: Build odfe elasticsearch image + command: docker build -t {{repo}}/odfees:{{version}}{{suffix}} -f {{role_path}}/files/odfeesDockerfile {{role_path}}/files + diff --git a/roles/build/tasks/odfekibana.yml b/roles/build/tasks/odfekibana.yml new file mode 100644 index 0000000..8e1980a --- /dev/null +++ b/roles/build/tasks/odfekibana.yml @@ -0,0 +1,22 @@ +--- + +- name: Configure kibana Dockerfile + template: + src: odfekibana/Dockerfile-kibana.j2 + dest: "{{role_path}}/files/kibanaDockerfile" + +- name: Copy tools to build path + command: "cp -av {{role_path}}/templates/odfekibana/thehive_button/ {{role_path}}/files/thehive_button/" + +- name: Build kibana image + command: docker build -t {{repo}}/kibana:{{version}}{{suffix}} -f {{role_path}}/files/kibanaDockerfile {{role_path}}/files + +- name: Configure odfe kibana Dockerfile + template: + src: odfekibana/Dockerfile-odfekibana.j2 + dest: "{{role_path}}/files/odfekibanaDockerfile" + +- name: Build odfe kibana image + command: docker build -t {{repo}}/odfekibana:{{version}}{{suffix}} -f {{role_path}}/files/odfekibanaDockerfile {{role_path}}/files + + diff --git a/roles/build/tasks/openjdk.yml b/roles/build/tasks/openjdk.yml new file mode 100644 index 0000000..8754ac7 --- /dev/null +++ b/roles/build/tasks/openjdk.yml @@ -0,0 +1,11 @@ +--- + +- name: Configure the openjdk Dockerfile + template: + src: openjdk/Dockerfile.j2 + dest: "{{role_path}}/files/openjdkDockerfile" + +- name: Build openjdk image + command: docker build -t {{repo}}/openjdk:{{version}}{{suffix}} -f {{role_path}}/files/openjdkDockerfile {{role_path}}/files + + diff --git a/roles/build/tasks/thehive.yml b/roles/build/tasks/thehive.yml new file mode 100644 index 0000000..35fe08e --- /dev/null +++ b/roles/build/tasks/thehive.yml @@ -0,0 +1,11 @@ +--- + +- name: Configure theHive Dockerfile + template: + src: thehive/Dockerfile.j2 + dest: "{{role_path}}/files/thehiveDockerfile" + +- name: Build theHive image + command: docker build -t {{repo}}/thehive:{{version}}{{suffix}} -f {{role_path}}/files/thehiveDockerfile {{role_path}}/files + + diff --git a/roles/build/tasks/zookeeper.yml b/roles/build/tasks/zookeeper.yml new file mode 100644 index 0000000..a61a6b3 --- /dev/null +++ b/roles/build/tasks/zookeeper.yml @@ -0,0 +1,11 @@ +--- + +- name: Configure the zookeeper Dockerfile + template: + src: zookeeper/Dockerfile.j2 + dest: "{{role_path}}/files/zookeeperDockerfile" + +- name: Build zookeeper image + command: docker build -t {{repo}}/zookeeper:{{version}}{{suffix}} -f {{role_path}}/files/zookeeperDockerfile {{role_path}}/files + + diff --git a/roles/build/templates/cassandra/Dockerfile.j2 b/roles/build/templates/cassandra/Dockerfile.j2 index f5d2a60..94b0ca0 100644 --- a/roles/build/templates/cassandra/Dockerfile.j2 +++ b/roles/build/templates/cassandra/Dockerfile.j2 @@ -1,20 +1,35 @@ FROM {{repo}}/openjdk:{{version}}{{suffix}} USER root +#COPY cassandra.repo /etc/yum.repos.d/cassandra.repo +#COPY supervisord.conf /etc/supervisord.conf +#COPY start.sh /start.sh RUN echo "[cassandra]" > /etc/yum.repos.d/cassandra.repo && \ echo "name=Apache Cassandra" >> /etc/yum.repos.d/cassandra.repo && \ echo "baseurl=https://downloads.apache.org/cassandra/redhat/311x/" >> /etc/yum.repos.d/cassandra.repo && \ echo "gpgcheck=1" >> /etc/yum.repos.d/cassandra.repo && \ echo "repo_gpgcheck=1" >> /etc/yum.repos.d/cassandra.repo && \ echo "gpgkey=https://downloads.apache.org/cassandra/KEYS" >> /etc/yum.repos.d/cassandra.repo && \ + echo '#!/bin/bash' > /start.sh && \ + echo 'export CASSANDRA_HOME=/usr/share/cassandra' >> /start.sh && \ + echo 'export CASSANDRA_CONF=$CASSANDRA_HOME/conf' >> /start.sh && \ + echo 'export CASSANDRA_INCLUDE=$CASSANDRA_HOME/cassandra.in.sh' >> /start.sh && \ + echo 'log_file=/var/log/cassandra/cassandra.log' >> /start.sh && \ + echo 'pid_file=/var/run/cassandra/cassandra.pid' >> /start.sh && \ + echo 'lock_file=/var/lock/subsys/cassandra' >> /start.sh && \ + echo 'CASSANDRA_PROG=/usr/sbin/cassandra' >> /start.sh && \ + echo '' >> /start.sh && \ + echo '$CASSANDRA_PROG -p $pid_file > $log_file 2>&1' >> /start.sh && \ yum install -y epel-release && \ - yum install -y cassandra supervisor rsync && \ + yum install -y cassandra supervisor && \ mkdir /usr/share/cassandra/conf && \ cp -a /etc/cassandra/conf/* /usr/share/cassandra/conf && \ chown -R cassandra:cassandra /usr/share/cassandra && \ chown -R cassandra:cassandra /var/lib/cassandra && \ sed -i -e 's,/etc/cassandra,/usr/share/cassandra,g' /usr/share/cassandra/cassandra.in.sh && \ + chmod a+x /start.sh && \ yum -y clean all -COPY cassandrasupervisord.conf /etc/supervisord.conf EXPOSE 7000 9042 -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER cassandra +# ENTRYPOINT ["/start.sh"] diff --git a/roles/build/templates/cassandra/cassandra.repo.j2 b/roles/build/templates/cassandra/cassandra.repo.j2 new file mode 100644 index 0000000..8fdb78c --- /dev/null +++ b/roles/build/templates/cassandra/cassandra.repo.j2 @@ -0,0 +1,6 @@ +[cassandra] +name=Apache Cassandra +baseurl=https://downloads.apache.org/cassandra/redhat/311x/ +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://downloads.apache.org/cassandra/KEYS diff --git a/roles/build/templates/cassandra/start.sh.j2 b/roles/build/templates/cassandra/start.sh.j2 new file mode 100644 index 0000000..fa91e92 --- /dev/null +++ b/roles/build/templates/cassandra/start.sh.j2 @@ -0,0 +1,10 @@ +#!/bin/bash +export CASSANDRA_HOME=/usr/share/cassandra +export CASSANDRA_CONF=$CASSANDRA_HOME/conf +export CASSANDRA_INCLUDE=$CASSANDRA_HOME/cassandra.in.sh +log_file=/var/log/cassandra/cassandra.log +pid_file=/var/run/cassandra/cassandra.pid +lock_file=/var/lock/subsys/cassandra +CASSANDRA_PROG=/usr/sbin/cassandra + +$CASSANDRA_PROG -p $pid_file > $log_file 2>&1 diff --git a/roles/build/templates/cassandra/supervisord.conf.j2 b/roles/build/templates/cassandra/supervisord.conf.j2 new file mode 100644 index 0000000..d1f405e --- /dev/null +++ b/roles/build/templates/cassandra/supervisord.conf.j2 @@ -0,0 +1,10 @@ +[supervisord] +loglevel=debug +nodaemon=true +[program:cassandra] +user=cassandra +directory=/usr/share/cassandra +stdout_logfile=/var/log/cassandra/cassandra.log +redirect_stderr=true +environment=CASSANDRA_HOME="/usr/share/cassandra",CASSANDRA_CONF="/usr/share/cassandra/conf",CASSANDRA_INCLUDE="$CASSANDRA_HOME/cassandra.in.sh" +command=/usr/sbin/cassandra -p /var/run/cassandra/cassandra.pid diff --git a/roles/build/templates/cortex/Dockerfile.j2 b/roles/build/templates/cortex/Dockerfile.j2 index ceeb6a5..d56dbf0 100644 --- a/roles/build/templates/cortex/Dockerfile.j2 +++ b/roles/build/templates/cortex/Dockerfile.j2 @@ -1,6 +1,9 @@ FROM {{repo}}/openjdk:{{version}}{{suffix}} USER root +#COPY thehive.repo /etc/yum.repos.d/thehive.repo +#COPY supervisord.conf /etc/supervisord.conf +#COPY start.sh /start.sh RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \ echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \ @@ -10,7 +13,7 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ yum install -y epel-release && \ rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ - yum install -y cortex supervisor rsync daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \ + yum install -y cortex supervisor daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \ rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.8.13.rpm && \ chown -R elasticsearch:elasticsearch /etc/elasticsearch && \ mkdir -p /home/cortex && \ @@ -24,5 +27,6 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ for I in responders/*/requirements.txt; do LC_ALL=en_US.UTF-8 pip3 install --no-cache-dir -U -r $I || true; done && \ yum -y clean all EXPOSE 9001 -COPY cortexsupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER cortex +# ENTRYPOINT ["/start.sh"] diff --git a/roles/build/templates/cortex/application.conf b/roles/build/templates/cortex/application.conf index afe42a6..0e28b4d 100644 --- a/roles/build/templates/cortex/application.conf +++ b/roles/build/templates/cortex/application.conf @@ -17,7 +17,7 @@ search { index = cortex3 # ElasticSearch instance address. # For cluster, join address:port with ',': "http://ip1:9200,ip2:9200,ip3:9200" - uri = "http://soctools-elastic:9200" + uri = "http://dsoclab-elastic:9200" ## Advanced configuration # Scroll keepalive. diff --git a/roles/build/templates/haproxy/Dockerfile.j2 b/roles/build/templates/haproxy/Dockerfile.j2 index 6c34d74..d9f84c4 100644 --- a/roles/build/templates/haproxy/Dockerfile.j2 +++ b/roles/build/templates/haproxy/Dockerfile.j2 @@ -24,8 +24,6 @@ RUN \ iptables \ pcre2-devel \ daemonize \ - supervisor \ - rsync \ pth-devel && \ `# Install newest openssl...` \ wget -O /tmp/openssl.tgz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \ @@ -64,5 +62,10 @@ RUN \ && cp -R /usr/src/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors \ && rm -rf /usr/src/haproxy -COPY haproxysupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +ENTRYPOINT ["/bin/bash"] + +# https://www.haproxy.org/download/1.8/doc/management.txt +# "4. Stopping and restarting HAProxy" +# "when the SIGTERM signal is sent to the haproxy process, it immediately quits and all established connections are closed" +# "graceful stop is triggered when the SIGUSR1 signal is sent to the haproxy process" +STOPSIGNAL SIGUSR1 diff --git a/roles/build/templates/keycloak/Dockerfile.j2 b/roles/build/templates/keycloak/Dockerfile.j2 index 561a646..d8c3b6b 100644 --- a/roles/build/templates/keycloak/Dockerfile.j2 +++ b/roles/build/templates/keycloak/Dockerfile.j2 @@ -11,7 +11,7 @@ USER root #ADD /{{role_path}}/templates/keycloak/keycloak-tools /opt/jboss/tools ADD keycloak-tools /opt/jboss/tools #ADD ../templates/keycloak/keycloak-tools /opt/jboss/tools -RUN yum -y install openssl supervisor rsync && yum -y clean all && \ +RUN yum -y install openssl && yum -y clean all && \ mkdir -p /opt/jboss/ && cd /opt/jboss/ && \ curl -L $KEYCLOAK_DIST | tar zx && \ mv /opt/jboss/keycloak-* /opt/jboss/keycloak && \ @@ -27,7 +27,6 @@ RUN yum -y install openssl supervisor rsync && yum -y clean all && \ adduser -u 1000 -g 0 -d /opt/jboss jboss && \ chown -R jboss:root /opt/jboss && \ chmod -R g+rwX /opt/jboss && \ - chmod a+x /opt/jboss/tools/x509.sh && \ mkdir -p /etc/x509/{https,ca} && chown -R jboss:root /etc/x509/{https,ca} ENV PATH="/opt/jboss/keycloak/bin:${PATH}" @@ -37,8 +36,6 @@ WORKDIR /opt/jboss/keycloak EXPOSE 8080 EXPOSE 8443 -RUN echo 'jboss ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - -COPY keycloaksupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER jboss +ENTRYPOINT ["/bin/bash"] diff --git a/roles/build/templates/misp/Dockerfile.j2 b/roles/build/templates/misp/Dockerfile.j2 index 85c9648..b99d2a8 100644 --- a/roles/build/templates/misp/Dockerfile.j2 +++ b/roles/build/templates/misp/Dockerfile.j2 @@ -2,7 +2,7 @@ FROM {{repo}}/centos:{{version}}{{suffix}} USER root RUN yum install -y epel-release centos-release-scl scl-utils ; \ - yum install -y gcc git zip openssl supervisor rsync rh-git218 httpd24 mod_ssl mod_auth_openidc rh-redis32 libxslt-devel zlib-devel libcaca-devel ssdeep-devel rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd mariadb devtoolset-7 make cmake3 cppcheck libcxx-devel gpgme-devel openjpeg-devel gcc gcc-c++ poppler-cpp-devel pkgconfig python-devel redhat-rpm-config rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel wget screen rh-python36-mod_wsgi postfix curl make cmake python3 python3-devel python3-pip python3-yara python3-wheel python3-redis python3-zmq python3-setuptools redis sudo vim zip sqlite moreutils rng-tools libxml2-devel libxslt-devel zlib-devel libpqxx openjpeg2-devel ssdeep-devel ruby asciidoctor tesseract ImageMagick poppler-cpp-devel python36-virtualenv opencv-devel zbar zbar-devel ; \ + yum install -y gcc git zip openssl supervisor rh-git218 httpd24 mod_ssl mod_auth_openidc rh-redis32 libxslt-devel zlib-devel libcaca-devel ssdeep-devel rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd mariadb devtoolset-7 make cmake3 cppcheck libcxx-devel gpgme-devel openjpeg-devel gcc gcc-c++ poppler-cpp-devel pkgconfig python-devel redhat-rpm-config rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel wget screen rh-python36-mod_wsgi postfix curl make cmake python3 python3-devel python3-pip python3-yara python3-wheel python3-redis python3-zmq python3-setuptools redis sudo vim zip sqlite moreutils rng-tools libxml2-devel libxslt-devel zlib-devel libpqxx openjpeg2-devel ssdeep-devel ruby asciidoctor tesseract ImageMagick poppler-cpp-devel python36-virtualenv opencv-devel zbar zbar-devel ; \ yum -y clean all ; \ sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/opt/rh/rh-php72/php.ini ; \ sed -i "s/memory_limit = 128M/memory_limit = 2048M/" /etc/opt/rh/rh-php72/php.ini ; \ @@ -76,12 +76,9 @@ RUN chown -R apache:apache /var/www/MISP ; \ chmod -R g+ws /var/www/MISP/app/files ; \ chmod -R g+ws /var/www/MISP/app/files/scripts/tmp -COPY misp_rh-php72-php-fpm /etc/logrotate.d/rh-php72-php-fpm - # 80/443 - MISP web server, 3306 - mysql, 6379 - redis, 6666 - MISP modules, 50000 - MISP ZeroMQ EXPOSE 80 443 6443 6379 6666 50000 -ENV PATH "$PATH:/opt/rh/rh-php72/root/bin/" - COPY mispsupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] + diff --git a/roles/build/templates/misp/supervisord.conf.j2 b/roles/build/templates/misp/supervisord.conf.j2 new file mode 100644 index 0000000..fbd4dea --- /dev/null +++ b/roles/build/templates/misp/supervisord.conf.j2 @@ -0,0 +1,25 @@ +[supervisord] +nodaemon=false +user=root + +[program:php-fpm] +# EnvironmentFile=/etc/opt/rh/rh-php72/sysconfig/php-fpm +command=/opt/rh/rh-php72/root/usr/sbin/php-fpm --nodaemonize + +[program:redis-server] +process_name = redis-server +directory = /var/opt/rh/rh-redis32/lib/redis/ +command=/opt/rh/rh-redis32/root/usr/bin/redis-server /etc/opt/rh/rh-redis32/redis.conf +user=redis + +[program:apache2] +command=/usr/sbin/httpd -DFOREGROUND + +[program:misp-modules] +command=/bin/bash -c "/usr/local/bin/misp-modules -l '0.0.0.0' -s" +user = apache +startsecs = 0 + +[program:workers] +command=/bin/bash /var/www/MISP/app/Console/worker/start.sh +user=apache diff --git a/roles/build/templates/mysql/Dockerfile.j2 b/roles/build/templates/mysql/Dockerfile.j2 index 393eb3f..c7b7d23 100644 --- a/roles/build/templates/mysql/Dockerfile.j2 +++ b/roles/build/templates/mysql/Dockerfile.j2 @@ -2,7 +2,7 @@ FROM {{repo}}/centos:{{version}}{{suffix}} USER root RUN yum -y update && yum install -y epel-release centos-release-scl scl-utils && \ - yum install -y rh-mariadb103 python36-PyMySQL MySQL-python supervisor rsync && \ + yum install -y rh-mariadb103 python36-PyMySQL MySQL-python supervisor && \ /usr/bin/scl enable rh-mariadb103 -- /opt/rh/rh-mariadb103/root/usr/libexec/mysql-prepare-db-dir /var/opt/rh/rh-mariadb103/lib/mysql RUN yum clean all diff --git a/roles/build/templates/mysql/supervisord.conf.j2 b/roles/build/templates/mysql/supervisord.conf.j2 new file mode 100644 index 0000000..e44e9fe --- /dev/null +++ b/roles/build/templates/mysql/supervisord.conf.j2 @@ -0,0 +1,7 @@ +[supervisord] +loglevel=debug +nodaemon=true +[program:mysql] +user=mysql +directory=/var/lib/mysql +command=/opt/rh/rh-mariadb103/root/usr/libexec/mysqld-scl-helper enable rh-mariadb103 -- /opt/rh/rh-mariadb103/root/usr/libexec/mysqld --basedir=/opt/rh/rh-mariadb103/root/usr diff --git a/roles/build/templates/nifi/Dockerfile.j2 b/roles/build/templates/nifi/Dockerfile.j2 index 63c5174..d3408b1 100644 --- a/roles/build/templates/nifi/Dockerfile.j2 +++ b/roles/build/templates/nifi/Dockerfile.j2 @@ -44,8 +44,6 @@ RUN groupadd -g ${GID} nifi || groupmod -n nifi `getent group ${GID} | cut -d: - && chown -R nifi:nifi ${NIFI_BASE_DIR} \ && yum -y install jq xmlstarlet procps-ng -RUN echo 'nifi ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - USER nifi # Download, validate, and expand Apache NiFi Toolkit binary. @@ -96,8 +94,4 @@ WORKDIR ${NIFI_HOME} # Also we need to use relative path, because the exec form does not invoke a command shell, # thus normal shell processing does not happen: # https://docs.docker.com/engine/reference/builder/#exec-form-entrypoint-example -USER root -RUN yum install -y supervisor rsync -RUN yum clean all -COPY nifisupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +ENTRYPOINT ["/bin/bash"] diff --git a/roles/build/templates/elasticsearch/Dockerfile.j2 b/roles/build/templates/odfees/Dockerfile-elastic.j2 similarity index 85% rename from roles/build/templates/elasticsearch/Dockerfile.j2 rename to roles/build/templates/odfees/Dockerfile-elastic.j2 index 6f273d6..dd2ad12 100644 --- a/roles/build/templates/elasticsearch/Dockerfile.j2 +++ b/roles/build/templates/odfees/Dockerfile-elastic.j2 @@ -15,8 +15,7 @@ RUN rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ chown -R elasticsearch /usr/share/elasticsearch/data && \ sed -i -e 's,ES_PATH_CONF=/etc/elasticsearch,ES_PATH_CONF=/usr/share/elasticsearch/config,g' /etc/sysconfig/elasticsearch -RUN echo 'elasticsearch ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - EXPOSE 9200 9300 -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER elasticsearch +ENTRYPOINT ["/bin/bash"] diff --git a/roles/build/templates/odfees/Dockerfile.j2 b/roles/build/templates/odfees/Dockerfile-odfeelastic.j2 similarity index 74% rename from roles/build/templates/odfees/Dockerfile.j2 rename to roles/build/templates/odfees/Dockerfile-odfeelastic.j2 index a4834a5..0803d0b 100644 --- a/roles/build/templates/odfees/Dockerfile.j2 +++ b/roles/build/templates/odfees/Dockerfile-odfeelastic.j2 @@ -12,8 +12,5 @@ RUN for PLUGIN in \ do bin/elasticsearch-plugin install -b ${PLUGIN}; done && \ chown -R elasticsearch plugins/opendistro_security -RUN echo 'elasticsearch ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers -RUN yum install -y supervisor rsync -RUN yum clean all -COPY odfesupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER elasticsearch + diff --git a/roles/build/templates/odfekibana/Dockerfile-kibana.j2 b/roles/build/templates/odfekibana/Dockerfile-kibana.j2 index 05a1c40..c443597 100644 --- a/roles/build/templates/odfekibana/Dockerfile-kibana.j2 +++ b/roles/build/templates/odfekibana/Dockerfile-kibana.j2 @@ -1,8 +1,5 @@ FROM {{repo}}/centos:{{version}}{{suffix}} -RUN yum install -y supervisor rsync -RUN yum clean all - ENV PATH="/usr/share/kibana/bin:${PATH}" RUN groupadd -g 1000 kibana && \ @@ -15,9 +12,7 @@ RUN rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ cp -a /etc/kibana/ /usr/share/kibana/config/ && \ chown -R kibana /usr/share/kibana/config/ -RUN echo 'kibana ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - EXPOSE 5601 -COPY kibanasupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER kibana +ENTRYPOINT ["/bin/bash"] diff --git a/roles/build/templates/odfekibana/Dockerfile.j2 b/roles/build/templates/odfekibana/Dockerfile-odfekibana.j2 similarity index 92% rename from roles/build/templates/odfekibana/Dockerfile.j2 rename to roles/build/templates/odfekibana/Dockerfile-odfekibana.j2 index 61f3254..ee69568 100644 --- a/roles/build/templates/odfekibana/Dockerfile.j2 +++ b/roles/build/templates/odfekibana/Dockerfile-odfekibana.j2 @@ -14,4 +14,5 @@ RUN for PLUGIN in \ ADD thehive_button /usr/share/kibana/plugins/thehive_button RUN chown -R kibana:kibana /usr/share/kibana/plugins/thehive_button -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER kibana + diff --git a/roles/build/templates/thehive/Dockerfile.j2 b/roles/build/templates/thehive/Dockerfile.j2 index 870e3ac..773c7c2 100644 --- a/roles/build/templates/thehive/Dockerfile.j2 +++ b/roles/build/templates/thehive/Dockerfile.j2 @@ -1,6 +1,9 @@ FROM {{repo}}/openjdk:{{version}}{{suffix}} USER root +#COPY thehive.repo /etc/yum.repos.d/thehive.repo +#COPY supervisord.conf /etc/supervisord.conf +#COPY start.sh /start.sh RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \ echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \ @@ -9,12 +12,13 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ echo "gpgcheck=1" >> /etc/yum.repos.d/thehive.repo && \ yum install -y epel-release && \ rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \ - yum install -y thehive4 supervisor daemonize vim net-tools telnet htop rsync && \ + yum install -y thehive4 supervisor daemonize vim net-tools telnet htop && \ mkdir -p /opt/thp_data/files/thehive && \ chown -R thehive:thehive /opt/thp_data/files/thehive && \ mkdir -p /home/thehive && \ chown -R thehive:thehive /home/thehive /etc/thehive && \ yum -y clean all EXPOSE 9000 -COPY thehivesupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +#ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +USER thehive +# ENTRYPOINT ["/start.sh"] diff --git a/roles/build/templates/thehive/start.sh b/roles/build/templates/thehive/start.sh new file mode 100644 index 0000000..fa91e92 --- /dev/null +++ b/roles/build/templates/thehive/start.sh @@ -0,0 +1,10 @@ +#!/bin/bash +export CASSANDRA_HOME=/usr/share/cassandra +export CASSANDRA_CONF=$CASSANDRA_HOME/conf +export CASSANDRA_INCLUDE=$CASSANDRA_HOME/cassandra.in.sh +log_file=/var/log/cassandra/cassandra.log +pid_file=/var/run/cassandra/cassandra.pid +lock_file=/var/lock/subsys/cassandra +CASSANDRA_PROG=/usr/sbin/cassandra + +$CASSANDRA_PROG -p $pid_file > $log_file 2>&1 diff --git a/roles/build/templates/thehive/supervisord.conf b/roles/build/templates/thehive/supervisord.conf new file mode 100644 index 0000000..d1f405e --- /dev/null +++ b/roles/build/templates/thehive/supervisord.conf @@ -0,0 +1,10 @@ +[supervisord] +loglevel=debug +nodaemon=true +[program:cassandra] +user=cassandra +directory=/usr/share/cassandra +stdout_logfile=/var/log/cassandra/cassandra.log +redirect_stderr=true +environment=CASSANDRA_HOME="/usr/share/cassandra",CASSANDRA_CONF="/usr/share/cassandra/conf",CASSANDRA_INCLUDE="$CASSANDRA_HOME/cassandra.in.sh" +command=/usr/sbin/cassandra -p /var/run/cassandra/cassandra.pid diff --git a/roles/build/templates/thehive/thehive.repo b/roles/build/templates/thehive/thehive.repo new file mode 100644 index 0000000..ff38064 --- /dev/null +++ b/roles/build/templates/thehive/thehive.repo @@ -0,0 +1,7 @@ +[thehive-project] +enabled=1 +priority=1 +name=TheHive-Project RPM repository +baseurl=http://rpm.thehive-project.org/stable/noarch +gpgcheck=1 + diff --git a/roles/build/templates/zookeeper/Dockerfile.j2 b/roles/build/templates/zookeeper/Dockerfile.j2 index 19ae977..209069c 100644 --- a/roles/build/templates/zookeeper/Dockerfile.j2 +++ b/roles/build/templates/zookeeper/Dockerfile.j2 @@ -29,8 +29,6 @@ EXPOSE 2181 2888 3888 WORKDIR ${ZOOKEEPER_BASE_DIR}/zookeeper -#ENTRYPOINT ["/opt/zookeeper/bin/zkServer.sh"] -#CMD ["start-foreground"] -RUN yum install supervisor rsync -y -COPY zookeepersupervisord.conf /etc/supervisord.conf -ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +ENTRYPOINT ["/opt/zookeeper/bin/zkServer.sh"] +CMD ["start-foreground"] + diff --git a/roles/ca/files/CA/.rnd b/roles/ca/files/CA/.rnd new file mode 100644 index 0000000000000000000000000000000000000000..b7292db0335ef4cf2d62de2a5e033524b2ad01a1 GIT binary patch literal 1024 zcmZ3+zv+--X62(;88!#2d)rJ{1j}aT6d%m~I^*V#^~!Uq&0K5dWjS=k?_d0R@5Dse zvqvtPw>_QsHYi~0xAx3Qi}UNA75RiV&b=3rc(u@}iQnWw%_Ze^*H~||D=7Q^uYNp1 z_E^#U{D+bCYaTt@!5m+*bk;iUJ3H2O^yJ->4UxHZWY*6u<+Hej4MitR-qSI8h14H8 zG42a_GLhR#E^j=p;&&o4cBaLyty%5LOnGPCT3t#`xxSw5^nS0n2ECe)`pw-ZqIY~K zYGysRNjiGs_l*^-b#sqiyY$3oV-)Z9DG7@XZdke?#Vs=Jl)lEJyH#wuR#yZn#9}tQ zW~y(kWGVb}(rxZ!WAR+J%_%`1D`c`}SSf34OV(`R`aI#Rfz-QcM!m;a{uM0anBUP5 zVq=>VlgYE}!MV&dQ!cMPj1oUg7Bjxyd}RK&_hx@)y7g{cv;Ty}{E6p%cU+xR%;NCe z;vQpB9ydqx!m!2GQC2NMEPCM|bxtg|otd5xczl-TOjhrQhcY7$MVyyvU=^<sx72yO zmP1{+ZRN76=UwyV*DrQ?$GP5Pd(%R{uvIa3j}EH4$gJR~WHh@P^~vDou0kQ>{YPvn zUrFA7yoWpQz^k@@@4^FC%<7!?)^)KAzxruUmRq4;uJ$MED%SAi*u^SX&b}#-y`sy& z<MYKN_vxF%w;C;qdUto{#}8i=TVLl-UVHQ8m$sxSn~zl)W##O9Csel8I{k=q_}Tlb z)0uW(GdaznpD0`TU`^DCPcfGqV)M;T-kEgU<YcEP<7K1sDYh)n8Z};q=y+D=C)G0C znKNgJ)9YIA-*4CDHec4tkH~2ZH>hm4d>DVv&L+Kz&Ell&#A|^|9>(=PN|QVi6Em6n zcJ}K(F=i@{e-+#8=-{h#zcx*vaJ}ED<DrTAv-e1@>)IFa>yBl`FVS>+>CHx`<Cf?K zBs~y3QowBepmJ64-ngi;s(H;zw@q*_y0(4pi?IH=%NRBbUU1!|^O^N#?0fEtiLVkZ zK3N=A@xAqbL4?Y~MqORW{l3*liqy`$<E}6^v43lH(Pa*|eHDjkQGrBCp~bEr+D!BJ zGcB!Q*B4hP+J1y<>#b5_SC6Ti54J7cqjk6?-LLNL?0H*H-sd>Ie9`~KS^~%F5?<97 z+3#+A)>ZI$Tke%fM%_P-xjf%_as9a@)f)#xzvxL{dcbGB+xvBvlJ0?h&TCxsdY`}K z^E$kqsq#sgv&!<enYXvzZc?7w%qMi0`LfB2b9d%1_u|W9%$)np-Qa@f2W_i>GqbB^ z2{d!%)l_Jl?l{4p8RE{(r2g*9Qbm_#kF;jU{|{VqflVkY@W<pue?#OVGamU{#ulAA u`P6w6lY8>)%&E(d<On^;J{{A}Z<=@6TtV#8M%SN54n}UiaDeUQG7|tcZuh+a literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/ca.crt b/roles/ca/files/CA/ca.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/ca/files/CA/ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/01EC4DAD3E5E47CF4E4B98495932B337.pem b/roles/ca/files/CA/certs_by_serial/01EC4DAD3E5E47CF4E4B98495932B337.pem new file mode 100644 index 0000000..ad6921c --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/01EC4DAD3E5E47CF4E4B98495932B337.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 01:ec:4d:ad:3e:5e:47:cf:4e:4b:98:49:59:32:b3:37 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:25 2020 GMT + Not After : Oct 15 10:47:25 2023 GMT + Subject: CN=dsoclab-nifi-1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c3:af:ef:b7:a1:95:47:5f:55:ea:7e:e8:d6:fd: + d5:e3:19:68:2e:72:1f:90:62:a8:79:76:d8:d2:f6: + 51:df:71:80:37:5a:ec:7d:fb:6d:78:6e:37:fe:e5: + 1b:c8:d5:73:e4:c9:a5:cb:e8:4a:48:26:c6:e0:a6: + 5e:14:2c:90:b1:81:b2:69:31:e2:44:85:97:f5:60: + 12:88:06:9d:8d:cf:4a:a2:77:b3:d9:ff:f3:41:40: + 4c:21:e1:73:8d:98:82:2f:37:27:0c:24:d8:67:bd: + c7:05:50:40:c5:a9:d0:e4:3f:bb:0c:72:29:7c:be: + 06:01:96:03:b8:a0:42:c4:6f:6f:da:aa:17:34:5f: + 5e:f3:73:0e:77:b5:7a:9a:59:e3:3c:d1:39:50:17: + 2f:53:18:05:82:34:29:1b:19:56:2e:c2:db:24:79: + 51:0f:a8:d9:66:3c:72:1e:a0:f7:03:d6:e9:e5:c6: + b9:be:94:e4:84:bd:cd:93:26:eb:3b:17:bb:cd:e5: + 58:25:f2:28:35:a4:b1:70:df:32:54:85:f6:3c:20: + 9f:88:8b:5d:83:a2:c4:1e:31:d9:a1:76:1d:2e:3c: + f8:78:64:a4:dd:3a:b2:56:65:bf:a8:2a:a8:ed:62: + c9:62:2c:72:bd:9d:7e:6b:1f:80:ea:bc:33:60:47: + d3:0f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 87:9A:8D:12:3A:69:8D:89:98:F6:95:D0:F2:ED:C3:DC:ED:A0:22:12 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-nifi-1, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 8d:23:38:a7:aa:d0:58:03:f2:98:19:da:62:c6:55:cb:d5:c5: + 05:dd:55:c5:f9:41:46:ec:75:06:be:0a:0b:7b:0f:ac:10:dd: + 86:bf:4f:6e:05:c1:7b:c1:1d:1c:ce:c7:f0:a9:0c:6e:79:fe: + c2:49:18:d5:5d:4a:ae:c8:d8:ab:ec:45:95:94:c1:8b:30:da: + 52:1a:42:3c:41:77:65:9e:8a:63:f5:52:c2:71:b7:e2:56:43: + bd:89:3a:fa:14:bd:d7:7a:b2:60:43:82:c0:df:4a:e0:a7:02: + fd:d7:f6:56:9a:0f:ad:f4:ee:00:06:fb:75:b9:96:63:c8:b3: + 75:1f:c6:9d:3b:9d:1a:29:cd:09:f0:80:31:5c:4e:97:62:91: + 73:84:aa:11:cc:4b:00:15:a1:92:62:2a:6b:d4:d6:4c:ed:a5: + 89:fe:12:c9:d1:0b:48:b8:97:26:e4:5b:ab:da:fe:2d:54:ca: + 55:23:8b:22:7f:a1:12:4a:21:3e:9e:bb:48:d6:82:b6:a2:cc: + 83:15:5d:5f:c7:52:a1:01:01:70:60:3f:64:b4:1d:85:4f:56: + b7:67:77:b8:ea:59:7a:85:ce:e3:4a:e1:d6:2f:e0:b2:60:44: + 3a:08:3a:b5:0e:fc:88:ad:e5:a1:f1:a8:79:37:c4:52:02:f0: + 5b:05:94:0e +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQAexNrT5eR89OS5hJWTKzNzANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjVaFw0yMzEwMTUx +MDQ3MjVaMBkxFzAVBgNVBAMMDmRzb2NsYWItbmlmaS0xMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAw6/vt6GVR19V6n7o1v3V4xloLnIfkGKoeXbY0vZR +33GAN1rsfftteG43/uUbyNVz5Mmly+hKSCbG4KZeFCyQsYGyaTHiRIWX9WASiAad +jc9Konez2f/zQUBMIeFzjZiCLzcnDCTYZ73HBVBAxanQ5D+7DHIpfL4GAZYDuKBC +xG9v2qoXNF9e83MOd7V6mlnjPNE5UBcvUxgFgjQpGxlWLsLbJHlRD6jZZjxyHqD3 +A9bp5ca5vpTkhL3NkybrOxe7zeVYJfIoNaSxcN8yVIX2PCCfiItdg6LEHjHZoXYd +Ljz4eGSk3TqyVmW/qCqo7WLJYixyvZ1+ax+A6rwzYEfTDwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFIeajRI6aY2JmPaV0PLtw9ztoCISMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1uaWZpLTGCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAjSM4p6rQ +WAPymBnaYsZVy9XFBd1VxflBRux1Br4KC3sPrBDdhr9PbgXBe8EdHM7H8KkMbnn+ +wkkY1V1KrsjYq+xFlZTBizDaUhpCPEF3ZZ6KY/VSwnG34lZDvYk6+hS913qyYEOC +wN9K4KcC/df2VpoPrfTuAAb7dbmWY8izdR/GnTudGinNCfCAMVxOl2KRc4SqEcxL +ABWhkmIqa9TWTO2lif4SydELSLiXJuRbq9r+LVTKVSOLIn+hEkohPp67SNaCtqLM +gxVdX8dSoQEBcGA/ZLQdhU9Wt2d3uOpZeoXO40rh1i/gsmBEOgg6tQ78iK3lofGo +eTfEUgLwWwWUDg== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/1DD9AF5415359961C578D1B98BFA6E9F.pem b/roles/ca/files/CA/certs_by_serial/1DD9AF5415359961C578D1B98BFA6E9F.pem new file mode 100644 index 0000000..af57c1e --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/1DD9AF5415359961C578D1B98BFA6E9F.pem @@ -0,0 +1,84 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 1d:d9:af:54:15:35:99:61:c5:78:d1:b9:8b:fa:6e:9f + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:52 2020 GMT + Not After : Oct 15 10:47:52 2023 GMT + Subject: CN=Bozidar Proevski + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:9a:de:00:fd:f1:e9:b9:29:d9:58:d0:47:21:cf: + 4b:67:17:f7:a9:02:93:17:cf:57:5b:6f:db:26:90: + 30:09:0b:d9:c5:66:5e:f6:22:66:ab:48:06:aa:6c: + 88:b3:fd:93:45:a4:60:c9:5f:2b:6c:af:db:68:5e: + 27:e6:85:71:27:b7:20:52:61:df:14:1b:da:06:39: + b2:21:20:4b:22:48:b7:4b:76:44:02:b1:89:5f:0e: + 59:22:cb:b9:c9:1e:8d:a0:ac:28:5d:e5:ae:c8:ea: + cc:05:20:a2:60:11:12:8d:6d:88:0a:73:e8:7c:68: + 9c:48:2c:c9:a8:c6:9d:c3:3c:c1:e7:f4:07:f7:5b: + 6e:42:3d:3d:0f:85:6f:e2:b9:88:a9:d0:02:84:b8: + 19:6a:ae:13:a1:97:50:98:16:c8:0c:1b:bd:02:c8: + 5f:a3:2f:73:7e:25:f8:8c:e7:92:43:c7:6a:75:bc: + 85:ea:1c:47:28:ce:2c:9b:3a:8f:a8:07:e9:8c:8a: + 75:3e:c1:97:32:ce:e3:c5:ca:1e:0a:d7:3c:77:0a: + d2:ab:51:c3:e5:dc:37:90:1a:35:bf:a0:4a:aa:bd: + 38:ef:9e:6d:f8:81:37:7f:d3:77:23:c6:5b:63:98: + 64:07:2f:47:fd:7d:21:2f:57:c2:d8:44:00:c2:29: + 22:79 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A3:9F:29:21:E0:E5:18:E4:CB:4C:2D:7F:84:2F:AF:F2:49:F0:83:3A + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha256WithRSAEncryption + ad:cb:66:5d:b7:29:e5:19:7b:7c:ae:23:50:58:34:db:c9:79: + 39:de:57:83:34:03:6d:bc:bf:e2:31:79:9d:2b:a2:7a:e0:c4: + c8:19:96:e0:20:f3:05:2a:a6:f4:b8:90:c4:ea:8d:5e:86:e1: + 13:99:59:0f:da:c8:3d:96:0d:78:04:4f:26:9c:6a:7c:8e:50: + 5a:30:f1:37:dc:26:99:28:35:f8:25:b9:4b:f8:d2:f0:d3:b5: + 61:32:c9:9c:43:39:21:43:c1:de:0d:4d:8e:e5:6f:a1:58:e5: + 01:84:d6:a5:de:88:2a:55:9f:ec:de:be:b1:13:61:33:dd:50: + 19:89:dd:11:48:5e:c2:14:8d:69:8f:a9:43:73:80:71:8f:54: + ba:da:74:b4:26:ec:5b:82:88:84:90:6d:f7:58:3f:78:d3:20: + 5b:c3:9b:82:85:b7:ef:98:12:4f:ba:e8:38:f3:8c:af:85:91: + 66:40:fe:a9:b2:fd:d6:76:ad:70:b7:b5:33:88:64:31:97:81: + d9:c6:ec:47:9b:af:3f:31:c8:de:0c:cc:88:3d:b7:6f:6f:19: + 24:f1:ae:ff:de:95:31:3f:38:e5:ed:a1:e1:e4:6b:54:1f:26: + b8:53:79:cf:fe:89:ba:bc:35:a1:bc:2f:8a:07:a2:eb:0d:90: + 72:ad:8a:60 +-----BEGIN CERTIFICATE----- +MIIDUzCCAjugAwIBAgIQHdmvVBU1mWHFeNG5i/punzANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3NTJaFw0yMzEwMTUx +MDQ3NTJaMBsxGTAXBgNVBAMMEEJvemlkYXIgUHJvZXZza2kwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCa3gD98em5KdlY0Echz0tnF/epApMXz1dbb9sm +kDAJC9nFZl72ImarSAaqbIiz/ZNFpGDJXytsr9toXifmhXEntyBSYd8UG9oGObIh +IEsiSLdLdkQCsYlfDlkiy7nJHo2grChd5a7I6swFIKJgERKNbYgKc+h8aJxILMmo +xp3DPMHn9Af3W25CPT0PhW/iuYip0AKEuBlqrhOhl1CYFsgMG70CyF+jL3N+JfiM +55JDx2p1vIXqHEcoziybOo+oB+mMinU+wZcyzuPFyh4K1zx3CtKrUcPl3DeQGjW/ +oEqqvTjvnm34gTd/03cjxltjmGQHL0f9fSEvV8LYRADCKSJ5AgMBAAGjgZcwgZQw +CQYDVR0TBAIwADAdBgNVHQ4EFgQUo58pIeDlGOTLTC1/hC+v8knwgzowRgYDVR0j +BD8wPYAUeQbKQNOfmlSu0zNN8jg+tgvzPc+hGqQYMBYxFDASBgNVBAMMC1NPQ1RP +T0xTLUNBggkAinSTJoBbQrcwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQD +AgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCty2ZdtynlGXt8riNQWDTbyXk53leDNANt +vL/iMXmdK6J64MTIGZbgIPMFKqb0uJDE6o1ehuETmVkP2sg9lg14BE8mnGp8jlBa +MPE33CaZKDX4JblL+NLw07VhMsmcQzkhQ8HeDU2O5W+hWOUBhNal3ogqVZ/s3r6x +E2Ez3VAZid0RSF7CFI1pj6lDc4Bxj1S62nS0JuxbgoiEkG33WD940yBbw5uChbfv +mBJPuug484yvhZFmQP6psv3Wdq1wt7UziGQxl4HZxuxHm68/McjeDMyIPbdvbxkk +8a7/3pUxPzjl7aHh5GtUHya4U3nP/om6vDWhvC+KB6LrDZByrYpg +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/560A99C5A03FC4B9FC92FDC62F419BB9.pem b/roles/ca/files/CA/certs_by_serial/560A99C5A03FC4B9FC92FDC62F419BB9.pem new file mode 100644 index 0000000..a648174 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/560A99C5A03FC4B9FC92FDC62F419BB9.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 56:0a:99:c5:a0:3f:c4:b9:fc:92:fd:c6:2f:41:9b:b9 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:27 2020 GMT + Not After : Oct 15 10:47:27 2023 GMT + Subject: CN=dsoclab-odfe-2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c7:a5:e1:3f:e0:a3:22:69:f1:b4:15:5e:b9:3c: + db:d7:44:bb:d9:c7:69:94:5b:c1:7d:a3:34:4d:3e: + 88:0a:e2:8f:2e:d3:98:94:ae:b4:1f:49:a3:fd:4b: + 27:16:70:ab:03:ab:cd:4c:02:2a:7b:ed:3a:ff:49: + 49:2e:3b:88:f6:59:85:26:de:37:b4:47:9e:1c:be: + a3:38:8e:b0:22:6b:ca:c5:12:e5:be:40:9c:57:7a: + 4d:02:0c:db:13:c5:9d:d2:85:df:99:57:32:90:37: + 54:08:16:46:01:54:da:0c:77:31:63:39:46:27:88: + 3f:f4:ad:4e:e6:fd:0a:3e:9d:98:9a:53:98:90:be: + 9b:ee:e3:b2:91:c7:7f:3f:a1:b9:62:f8:7a:1e:cc: + b4:23:ed:82:a0:5c:ad:86:7b:50:53:c9:ec:57:04: + 44:1c:12:f6:33:3f:68:42:f8:b7:2f:25:91:1c:aa: + b0:df:17:6b:ed:6d:cc:6d:a7:d6:b7:07:6b:61:a5: + 16:51:9f:02:07:ad:b2:42:42:ca:0b:b1:2e:c1:6e: + 94:2d:3e:5e:88:48:8f:b6:8b:15:b0:48:8e:35:58: + ea:b5:90:9c:fb:5a:fa:f5:c7:27:b7:11:30:7a:cb: + 36:7c:4f:ea:52:00:47:40:e9:f0:ca:67:63:32:e0: + 33:73 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + E6:41:BE:4B:A2:E1:07:EF:2A:FD:16:A7:B6:68:3D:0F:81:F5:15:80 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-odfe-2, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 84:64:d0:92:f6:96:07:be:f1:52:f6:49:15:cd:d0:99:ea:ca: + 7f:06:a8:d2:68:e3:8e:c3:a3:a9:2d:f2:b7:4a:74:75:9f:02: + b4:6f:77:14:ec:89:f9:a3:b5:35:c8:f2:ad:50:df:24:05:d3: + 0a:a8:49:be:19:de:fc:84:a4:61:af:ff:c0:2c:f7:8b:11:87: + 34:10:e3:dc:9b:d2:b8:66:0a:f7:3f:05:11:37:41:09:9f:3d: + f3:a1:97:b7:62:64:db:5a:46:d9:5a:7a:c8:f7:79:e4:f8:61: + 2e:5c:e8:82:8d:fc:0e:8d:a4:4f:fd:33:f1:76:0e:8d:21:f4: + 00:5a:e1:a6:96:21:e0:bb:e4:e6:35:8e:b6:61:49:8a:f2:c1: + 25:96:cf:c0:f6:e0:0a:0b:75:b5:d5:6c:be:ad:0c:a8:4b:33: + 44:72:cc:ef:5f:db:09:e7:b9:6e:60:80:7d:02:e9:ab:06:81: + 24:d3:9d:c3:de:f9:a1:f1:f7:77:ee:6d:49:ab:13:72:c6:62: + 39:b2:80:32:07:20:51:a3:3e:1a:cf:b9:3a:bc:e3:a1:58:33: + 22:6f:68:a9:e9:33:0b:8d:24:72:ea:e3:75:68:a3:69:11:a8: + 2d:86:ed:f2:00:74:d6:d4:ab:fc:30:3f:68:6b:b6:d3:61:30: + 51:84:09:da +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQVgqZxaA/xLn8kv3GL0GbuTANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjdaFw0yMzEwMTUx +MDQ3MjdaMBkxFzAVBgNVBAMMDmRzb2NsYWItb2RmZS0yMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAx6XhP+CjImnxtBVeuTzb10S72cdplFvBfaM0TT6I +CuKPLtOYlK60H0mj/UsnFnCrA6vNTAIqe+06/0lJLjuI9lmFJt43tEeeHL6jOI6w +ImvKxRLlvkCcV3pNAgzbE8Wd0oXfmVcykDdUCBZGAVTaDHcxYzlGJ4g/9K1O5v0K +Pp2YmlOYkL6b7uOykcd/P6G5Yvh6Hsy0I+2CoFythntQU8nsVwREHBL2Mz9oQvi3 +LyWRHKqw3xdr7W3MbafWtwdrYaUWUZ8CB62yQkLKC7EuwW6ULT5eiEiPtosVsEiO +NVjqtZCc+1r69ccntxEwess2fE/qUgBHQOnwymdjMuAzcwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFOZBvkui4QfvKv0Wp7ZoPQ+B9RWAMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1vZGZlLTKCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAhGTQkvaW +B77xUvZJFc3QmerKfwao0mjjjsOjqS3yt0p0dZ8CtG93FOyJ+aO1NcjyrVDfJAXT +CqhJvhne/ISkYa//wCz3ixGHNBDj3JvSuGYK9z8FETdBCZ8986GXt2Jk21pG2Vp6 +yPd55PhhLlzogo38Do2kT/0z8XYOjSH0AFrhppYh4Lvk5jWOtmFJivLBJZbPwPbg +Cgt1tdVsvq0MqEszRHLM71/bCee5bmCAfQLpqwaBJNOdw975ofH3d+5tSasTcsZi +ObKAMgcgUaM+Gs+5OrzjoVgzIm9oqekzC40kcurjdWijaRGoLYbt8gB01tSr/DA/ +aGu202EwUYQJ2g== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/5969918F10EF8D2BAE46B26D6D629D8E.pem b/roles/ca/files/CA/certs_by_serial/5969918F10EF8D2BAE46B26D6D629D8E.pem new file mode 100644 index 0000000..796e826 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/5969918F10EF8D2BAE46B26D6D629D8E.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 59:69:91:8f:10:ef:8d:2b:ae:46:b2:6d:6d:62:9d:8e + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:26 2020 GMT + Not After : Oct 15 10:47:26 2023 GMT + Subject: CN=dsoclab-nifi-3 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a7:48:a0:d3:ab:1e:8c:49:60:8b:b8:bd:9a:aa: + 5c:09:62:01:79:89:c9:e5:5f:30:64:38:ca:f1:95: + 2d:48:20:81:ef:60:aa:6f:d1:ef:b4:ac:89:8e:e9: + f5:16:7d:64:07:b0:3b:75:c3:e1:e1:15:71:64:60: + 8f:15:8e:16:8b:de:b8:97:79:a7:83:19:77:5b:aa: + 36:82:37:b9:51:a7:95:b5:1f:ac:9d:81:c6:ec:fb: + 14:3a:84:77:1e:9c:dd:3c:06:30:a1:5e:d0:8f:b0: + c9:5a:13:ad:0e:56:57:bc:1d:3f:be:d7:4c:4b:37: + a2:88:72:4d:1a:62:88:08:a0:57:bb:20:ce:7e:af: + b7:72:f2:ee:86:1a:b1:28:3b:41:f4:d3:ea:14:74: + 90:e1:33:41:1a:92:e2:2e:ec:d3:20:60:60:61:d6: + fc:0e:3f:57:43:88:5f:10:29:20:51:40:46:ed:5d: + 9f:d1:5a:e7:4b:52:f4:d4:23:60:4a:22:a7:92:6c: + d4:cb:20:01:a6:b9:53:71:7a:71:02:e1:05:72:41: + a5:42:9f:41:47:2c:30:7e:0c:b1:73:cc:f7:63:60: + 27:3f:3d:36:93:14:aa:7e:12:ed:1b:f1:cb:4d:e8: + 7c:32:20:50:f5:2d:7d:06:0a:93:cf:7a:85:2b:0b: + a6:b1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + C9:B8:02:23:C4:2E:F5:FE:C9:34:45:77:33:0D:89:CE:D9:A3:30:2A + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-nifi-3, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 32:20:b3:1c:e1:c9:a4:19:75:14:32:1b:cd:c2:83:59:49:07: + e3:b8:62:73:ec:4e:69:cb:9b:49:0d:f5:d0:ea:8b:b6:de:3e: + 76:03:c4:e8:68:0f:01:96:aa:40:b2:1e:99:06:d2:75:f5:31: + ec:b7:93:e6:1b:b0:ab:7e:1b:1d:65:46:6d:9f:ac:97:ed:55: + 53:ca:53:00:5a:ca:c5:83:48:c3:2a:51:db:e7:e7:e1:40:4a: + bf:b2:9d:d4:71:d4:54:84:2b:4b:d4:a2:22:73:95:e1:62:51: + ce:e3:e2:f6:24:dd:40:08:07:01:6f:ee:27:3e:fc:17:1d:1f: + 30:da:7f:37:78:7e:b8:af:d8:2c:d9:48:84:92:be:4e:8e:a7: + b8:e6:9f:d4:91:5d:44:c9:8b:82:9f:13:eb:d5:2c:00:fa:ef: + d6:49:ff:92:0d:83:22:57:45:4a:ac:b6:5e:a2:c6:c1:73:ff: + f5:dd:a7:d8:79:9a:a7:96:33:b4:51:17:7f:80:6e:3b:52:a8: + 61:53:ae:08:1f:02:5a:0c:5b:37:3c:3a:36:ee:74:e2:9e:df: + df:01:b5:f6:d0:b8:fa:58:79:53:fd:70:9e:54:c3:6c:68:a7: + 3f:b0:e4:20:a6:a8:2f:87:5a:8a:08:01:41:de:35:ed:5e:85: + ae:dd:e0:3e +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQWWmRjxDvjSuuRrJtbWKdjjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjZaFw0yMzEwMTUx +MDQ3MjZaMBkxFzAVBgNVBAMMDmRzb2NsYWItbmlmaS0zMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAp0ig06sejElgi7i9mqpcCWIBeYnJ5V8wZDjK8ZUt +SCCB72Cqb9HvtKyJjun1Fn1kB7A7dcPh4RVxZGCPFY4Wi964l3mngxl3W6o2gje5 +UaeVtR+snYHG7PsUOoR3HpzdPAYwoV7Qj7DJWhOtDlZXvB0/vtdMSzeiiHJNGmKI +CKBXuyDOfq+3cvLuhhqxKDtB9NPqFHSQ4TNBGpLiLuzTIGBgYdb8Dj9XQ4hfECkg +UUBG7V2f0VrnS1L01CNgSiKnkmzUyyABprlTcXpxAuEFckGlQp9BRywwfgyxc8z3 +Y2AnPz02kxSqfhLtG/HLTeh8MiBQ9S19BgqTz3qFKwumsQIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFMm4AiPELvX+yTRFdzMNic7ZozAqMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1uaWZpLTOCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAMiCzHOHJ +pBl1FDIbzcKDWUkH47hic+xOacubSQ310OqLtt4+dgPE6GgPAZaqQLIemQbSdfUx +7LeT5huwq34bHWVGbZ+sl+1VU8pTAFrKxYNIwypR2+fn4UBKv7Kd1HHUVIQrS9Si +InOV4WJRzuPi9iTdQAgHAW/uJz78Fx0fMNp/N3h+uK/YLNlIhJK+To6nuOaf1JFd +RMmLgp8T69UsAPrv1kn/kg2DIldFSqy2XqLGwXP/9d2n2Hmap5YztFEXf4BuO1Ko +YVOuCB8CWgxbNzw6Nu504p7f3wG19tC4+lh5U/1wnlTDbGinP7DkIKaoL4daiggB +Qd417V6Frt3gPg== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/5DC4BC495FA076A813A4C23261640D92.pem b/roles/ca/files/CA/certs_by_serial/5DC4BC495FA076A813A4C23261640D92.pem new file mode 100644 index 0000000..a743bd0 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/5DC4BC495FA076A813A4C23261640D92.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 5d:c4:bc:49:5f:a0:76:a8:13:a4:c2:32:61:64:0d:92 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-cortex + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cd:09:6b:14:33:4a:47:75:5b:d3:d9:67:3b:4d: + ad:1f:a7:1f:33:ab:86:b1:aa:3b:09:ab:1a:a6:fb: + a0:60:04:e3:68:33:0e:85:54:d1:70:61:8a:b9:d5: + d6:b5:6c:c2:b3:36:02:94:b7:1d:18:93:5f:88:81: + ff:2a:f4:99:58:6d:d7:96:e2:d2:64:77:b9:74:44: + 3c:f0:fb:5b:0f:43:7d:38:5d:fe:b0:db:05:7a:a9: + c5:10:24:75:13:c8:2d:da:69:be:e3:43:33:f0:28: + 30:9a:53:f8:f8:d3:10:32:35:ec:1d:87:ab:1e:2c: + b5:00:7c:9f:8f:61:e0:5d:56:15:8c:46:45:09:78: + 02:78:10:c0:af:2f:25:6c:c2:5b:ed:5f:c1:33:0b: + f8:c8:13:dc:df:c3:fc:05:90:ff:06:9e:cb:bc:1d: + 2b:c2:57:f2:bd:aa:22:b3:4b:f5:ca:b2:b8:00:18: + f1:14:10:b8:5e:69:9f:ed:fc:04:83:d9:2e:b7:9a: + 8a:45:1c:54:71:8f:61:02:6a:8a:84:2f:67:df:92: + 3a:0c:5f:e5:b6:e7:6c:27:69:1f:5b:06:d6:7f:e6: + df:ab:2f:31:a5:cd:63:32:60:c0:07:50:6c:0d:39: + cb:68:ae:3c:b2:da:0f:20:06:77:2c:28:ab:3a:30: + 92:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 9A:0E:E1:26:13:A7:12:5F:A4:F1:41:C0:09:FC:AD:EB:4E:66:C2:50 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-cortex, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 27:2e:a1:0c:8d:fb:b1:36:ff:4e:ac:00:91:75:81:4b:20:79: + 3f:da:1c:e1:80:b9:8c:6b:60:47:a5:8c:bf:1f:34:98:61:95: + 00:bb:79:d4:9e:c8:fb:dc:fb:6a:48:b2:69:d1:1a:04:cc:52: + ca:0b:48:01:3e:94:1e:68:0b:e3:4d:fa:12:c4:aa:ff:b6:5b: + 0c:3c:80:21:fe:50:87:8a:14:3a:7d:e7:a3:5e:b6:dc:22:ba: + cc:97:69:00:a8:78:08:dd:66:d1:cb:ca:28:41:b9:cc:8a:6b: + 7c:40:b7:5e:1d:a1:88:5a:b3:fd:18:77:e9:c4:48:fd:38:8f: + 06:6e:78:0e:f1:1a:1b:b2:6c:0a:df:38:11:e3:5a:3d:2a:5b: + de:41:63:14:ab:25:8e:a6:9f:a8:b7:32:9e:dc:23:45:f3:6b: + 6d:86:b7:17:b3:53:df:55:bd:cb:41:a1:b7:73:ae:21:1b:68: + b3:b1:0a:e5:e6:0c:2a:77:76:23:f3:87:ee:5f:0e:6d:cd:3b: + 94:9a:6f:f2:fd:4f:2d:72:a3:21:94:55:c0:4a:6c:2b:13:e3: + 82:13:a5:1f:82:6b:ae:6e:e2:ec:eb:7a:25:6a:f2:9e:45:d7: + 0a:7d:75:be:9d:f7:94:6f:ce:a5:27:d6:9b:dc:d2:12:54:64: + 09:c4:f6:a9 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQXcS8SV+gdqgTpMIyYWQNkjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBkxFzAVBgNVBAMMDmRzb2NsYWItY29ydGV4MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAzQlrFDNKR3Vb09lnO02tH6cfM6uGsao7Casapvug +YATjaDMOhVTRcGGKudXWtWzCszYClLcdGJNfiIH/KvSZWG3XluLSZHe5dEQ88Ptb +D0N9OF3+sNsFeqnFECR1E8gt2mm+40Mz8CgwmlP4+NMQMjXsHYerHiy1AHyfj2Hg +XVYVjEZFCXgCeBDAry8lbMJb7V/BMwv4yBPc38P8BZD/Bp7LvB0rwlfyvaois0v1 +yrK4ABjxFBC4Xmmf7fwEg9kut5qKRRxUcY9hAmqKhC9n35I6DF/ltudsJ2kfWwbW +f+bfqy8xpc1jMmDAB1BsDTnLaK48stoPIAZ3LCirOjCSGwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFJoO4SYTpxJfpPFBwAn8retOZsJQMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1jb3J0ZXiCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAJy6hDI37 +sTb/TqwAkXWBSyB5P9oc4YC5jGtgR6WMvx80mGGVALt51J7I+9z7akiyadEaBMxS +ygtIAT6UHmgL4036EsSq/7ZbDDyAIf5Qh4oUOn3no1623CK6zJdpAKh4CN1m0cvK +KEG5zIprfEC3Xh2hiFqz/Rh36cRI/TiPBm54DvEaG7JsCt84EeNaPSpb3kFjFKsl +jqafqLcyntwjRfNrbYa3F7NT31W9y0Ght3OuIRtos7EK5eYMKnd2I/OH7l8Obc07 +lJpv8v1PLXKjIZRVwEpsKxPjghOlH4Jrrm7i7Ot6JWrynkXXCn11vp33lG/OpSfW +m9zSElRkCcT2qQ== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/61095C2C8D35EE291C99CEABD42B3CA4.pem b/roles/ca/files/CA/certs_by_serial/61095C2C8D35EE291C99CEABD42B3CA4.pem new file mode 100644 index 0000000..0d474c2 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/61095C2C8D35EE291C99CEABD42B3CA4.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 61:09:5c:2c:8d:35:ee:29:1c:99:ce:ab:d4:2b:3c:a4 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-thehive + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ba:c5:4d:20:a4:60:b7:61:21:ed:16:a1:6f:72: + c4:de:a1:00:c0:ef:fc:5d:a1:89:34:07:15:d2:b4: + 3a:14:b8:95:75:8e:81:71:49:46:1d:c8:81:cb:f1: + ec:c7:5a:12:f6:89:60:e4:c8:98:1a:61:c8:2d:12: + 8f:73:ee:f8:9d:88:b5:7f:30:70:97:29:b4:ab:43: + 2d:dc:db:a7:10:47:c7:b5:26:9b:11:85:fb:d3:27: + 8f:3a:55:bc:ea:78:17:b8:89:10:a3:a4:10:60:39: + c3:7f:42:25:a9:fe:84:7f:38:5e:f4:3d:c3:98:3d: + 56:b9:ba:81:06:55:8d:65:12:f0:4e:23:88:1d:98: + 0c:2f:6e:4f:67:fd:4e:67:39:91:b9:01:52:12:aa: + 9e:bb:7a:c8:ea:8f:4a:2d:18:f8:69:9a:3a:a0:c8: + 6e:e3:de:c6:db:be:4c:59:e0:cf:bc:34:4f:2c:b0: + ef:3e:82:5a:df:68:be:b8:fb:cc:5f:6a:f2:3e:66: + d4:c6:c5:f6:0b:67:e9:64:85:15:87:60:6f:dc:b4: + 5b:13:6f:b0:9b:f8:f3:da:c1:91:9e:81:5f:16:ca: + 9e:14:01:c1:1c:ce:2a:d3:c8:3c:0f:be:b1:37:aa: + c9:08:68:2b:de:f9:44:6c:1e:90:a4:12:bc:f5:3c: + 46:bd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 5B:08:8E:F2:1B:8F:12:03:BA:31:02:9C:CE:CC:BC:9F:FC:19:D1:E1 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-thehive, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 7f:b2:fa:33:d6:e3:6c:57:8a:4a:9a:ef:8b:81:2b:df:f3:d6: + fb:8c:bc:02:cf:71:54:a0:f2:0d:ae:3b:30:cf:5c:69:d7:d0: + aa:cc:16:80:4d:9d:c8:1f:a7:98:9d:26:dc:ae:8e:24:2b:bc: + c1:11:a6:8d:4f:ca:13:1f:7f:8f:4c:ef:dd:46:df:d6:97:0a: + 88:51:4e:f7:46:aa:3d:e3:70:e9:19:e8:9f:7e:22:fa:b6:38: + 30:00:0a:94:38:09:bf:b8:64:6c:c1:b7:05:6d:4f:f3:27:0c: + df:04:ef:a1:4e:e8:2d:4c:06:d0:c0:4f:4f:da:d0:6d:b8:f2: + b3:79:18:63:bd:62:83:53:55:38:94:d9:64:ca:e7:4d:71:ce: + d1:05:6d:b1:6c:fb:1a:4c:b6:ef:70:2b:3d:9b:1d:66:d8:d9: + 9f:f0:e5:48:29:50:e8:1b:1a:fb:b4:d2:5e:38:ec:05:45:c2: + e7:de:9a:9d:aa:34:67:c5:66:18:e3:86:8b:0c:1a:c4:21:20: + 7e:b7:ad:e2:0b:d0:0d:d4:76:e6:53:ca:77:bc:ce:d0:9b:7b: + 7c:fd:42:94:da:63:d8:a7:52:d2:45:f2:d5:55:ef:37:f1:a5: + 0e:ba:29:c9:b4:ce:99:45:04:21:2b:86:27:bb:c1:f2:86:9a: + 7c:51:5c:3b +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIQYQlcLI017ikcmc6r1Cs8pDANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBoxGDAWBgNVBAMMD2Rzb2NsYWItdGhlaGl2ZTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALrFTSCkYLdhIe0WoW9yxN6hAMDv/F2hiTQHFdK0 +OhS4lXWOgXFJRh3Igcvx7MdaEvaJYOTImBphyC0Sj3Pu+J2ItX8wcJcptKtDLdzb +pxBHx7UmmxGF+9MnjzpVvOp4F7iJEKOkEGA5w39CJan+hH84XvQ9w5g9Vrm6gQZV +jWUS8E4jiB2YDC9uT2f9Tmc5kbkBUhKqnrt6yOqPSi0Y+GmaOqDIbuPextu+TFng +z7w0Tyyw7z6CWt9ovrj7zF9q8j5m1MbF9gtn6WSFFYdgb9y0WxNvsJv489rBkZ6B +XxbKnhQBwRzOKtPIPA++sTeqyQhoK975RGwekKQSvPU8Rr0CAwEAAaOB3TCB2jAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBRbCI7yG48SA7oxApzOzLyf/BnR4TBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDoGA1UdEQQzMDGCD2Rzb2NsYWItdGhlaGl2ZYIeZHNvY2xh +Yi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQB/svoz +1uNsV4pKmu+LgSvf89b7jLwCz3FUoPINrjswz1xp19CqzBaATZ3IH6eYnSbcro4k +K7zBEaaNT8oTH3+PTO/dRt/WlwqIUU73Rqo943DpGeiffiL6tjgwAAqUOAm/uGRs +wbcFbU/zJwzfBO+hTugtTAbQwE9P2tBtuPKzeRhjvWKDU1U4lNlkyudNcc7RBW2x +bPsaTLbvcCs9mx1m2Nmf8OVIKVDoGxr7tNJeOOwFRcLn3pqdqjRnxWYY44aLDBrE +ISB+t63iC9AN1HbmU8p3vM7Qm3t8/UKU2mPYp1LSRfLVVe838aUOuinJtM6ZRQQh +K4Ynu8Hyhpp8UVw7 +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/7587FCE4CF3EC68117199076B12CD5D2.pem b/roles/ca/files/CA/certs_by_serial/7587FCE4CF3EC68117199076B12CD5D2.pem new file mode 100644 index 0000000..f830104 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/7587FCE4CF3EC68117199076B12CD5D2.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 75:87:fc:e4:cf:3e:c6:81:17:19:90:76:b1:2c:d5:d2 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:28 2020 GMT + Not After : Oct 15 10:47:28 2023 GMT + Subject: CN=dsoclab-misp + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cf:b1:1b:e7:a2:ae:70:81:71:a5:57:46:14:2e: + 47:64:89:4e:bd:7d:f0:82:2d:03:19:d6:87:44:b3: + 42:bf:72:78:03:cc:91:98:5b:36:42:14:55:e2:82: + 16:12:58:60:54:44:8f:15:f6:1b:1f:76:36:22:2e: + e8:ac:d3:3c:0a:df:46:c7:f1:04:bc:3a:bf:fe:4b: + 8f:2a:53:83:e3:50:82:06:09:fc:2a:fa:fe:94:a0: + 7b:7f:c2:3e:0b:3e:dc:72:b8:94:10:0a:0b:90:fd: + 45:76:29:85:52:bf:0f:20:43:78:fe:3b:d3:49:20: + 8f:9a:a5:0c:89:bb:0e:97:f2:67:b0:2d:f0:17:53: + 25:a6:9b:4b:64:0e:72:8a:bf:c9:e3:8e:41:bb:ed: + f3:33:6a:55:5f:8d:52:84:fa:a3:67:1a:7b:71:fb: + 90:f1:5f:61:df:44:ea:0b:77:88:f2:e5:c1:83:71: + 58:c7:58:8a:9b:39:45:59:4e:e0:db:16:b6:96:72: + 90:8c:ee:c2:13:75:ea:15:c6:6b:e2:dc:3a:de:c8: + 07:de:18:84:2d:96:b6:c4:4c:e1:4a:4d:13:6f:6c: + 9a:1d:e5:f9:6f:cc:7e:1b:4a:3a:75:1a:b9:37:b0: + 6d:a0:1b:69:35:f1:b6:e6:c2:a5:d3:56:d3:57:c7: + 0e:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 65:C5:56:88:65:AF:77:F1:53:B2:71:5E:16:10:D1:0B:30:FF:28:BE + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-misp, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 5a:57:76:90:fd:a5:0d:ea:b0:22:c9:02:2e:18:91:81:04:d1: + f4:64:58:58:19:27:03:9b:5a:dc:de:6c:0e:fb:b7:76:eb:b1: + 97:36:e2:c7:76:ef:7d:d8:00:c3:20:c0:3d:a7:cf:61:f8:16: + 4c:96:4c:7c:c8:89:21:d6:d4:eb:3a:c1:3d:98:34:74:6e:39: + 81:20:6f:9b:4b:8d:b9:35:60:c5:76:19:30:30:06:0f:89:b1: + 1a:f6:c4:88:52:28:98:41:52:f1:9a:77:82:79:ae:c9:71:ba: + d9:e5:e9:b7:ba:08:32:59:eb:5e:7d:11:e0:a8:27:20:91:46: + 05:56:1e:e6:0b:4d:49:17:52:7f:4b:c4:a3:e0:cd:30:bd:4e: + 6a:70:2a:f5:77:4d:d1:d6:64:13:8d:4b:1a:d3:0b:0f:8a:49: + 1e:bf:b4:c0:4f:43:dc:92:e3:c0:f2:2f:4a:c8:30:45:fc:5a: + d2:de:92:b2:a1:48:b8:da:ff:f4:0b:04:5d:5d:a7:30:d8:4b: + ca:cf:0c:01:6a:50:45:5f:d4:a8:cf:dd:fa:f7:68:0c:4c:45: + 47:be:3a:c2:39:bb:04:ff:62:a0:bc:91:a0:f2:2b:67:09:89: + 5a:ff:e6:53:c1:89:18:12:a1:0f:5a:d7:e1:12:8b:88:88:89: + ca:b0:30:27 +-----BEGIN CERTIFICATE----- +MIIDkjCCAnqgAwIBAgIQdYf85M8+xoEXGZB2sSzV0jANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjhaFw0yMzEwMTUx +MDQ3MjhaMBcxFTATBgNVBAMMDGRzb2NsYWItbWlzcDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAM+xG+eirnCBcaVXRhQuR2SJTr198IItAxnWh0SzQr9y +eAPMkZhbNkIUVeKCFhJYYFREjxX2Gx92NiIu6KzTPArfRsfxBLw6v/5LjypTg+NQ +ggYJ/Cr6/pSge3/CPgs+3HK4lBAKC5D9RXYphVK/DyBDeP4700kgj5qlDIm7Dpfy +Z7At8BdTJaabS2QOcoq/yeOOQbvt8zNqVV+NUoT6o2cae3H7kPFfYd9E6gt3iPLl +wYNxWMdYips5RVlO4NsWtpZykIzuwhN16hXGa+LcOt7IB94YhC2WtsRM4UpNE29s +mh3l+W/MfhtKOnUauTewbaAbaTXxtubCpdNW01fHDosCAwEAAaOB2jCB1zAJBgNV +HRMEAjAAMB0GA1UdDgQWBBRlxVaIZa938VOycV4WENELMP8ovjBGBgNVHSMEPzA9 +gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9PTFMt +Q0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYD +VR0PBAQDAgWgMDcGA1UdEQQwMC6CDGRzb2NsYWItbWlzcIIeZHNvY2xhYi5nbjQt +My13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQBaV3aQ/aUN6rAi +yQIuGJGBBNH0ZFhYGScDm1rc3mwO+7d267GXNuLHdu992ADDIMA9p89h+BZMlkx8 +yIkh1tTrOsE9mDR0bjmBIG+bS425NWDFdhkwMAYPibEa9sSIUiiYQVLxmneCea7J +cbrZ5em3uggyWetefRHgqCcgkUYFVh7mC01JF1J/S8Sj4M0wvU5qcCr1d03R1mQT +jUsa0wsPikkev7TAT0PckuPA8i9KyDBF/FrS3pKyoUi42v/0CwRdXacw2EvKzwwB +alBFX9Soz93692gMTEVHvjrCObsE/2KgvJGg8itnCYla/+ZTwYkYEqEPWtfhEouI +iInKsDAn +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/7DFC33457573E8F16094A74E6B2F23F1.pem b/roles/ca/files/CA/certs_by_serial/7DFC33457573E8F16094A74E6B2F23F1.pem new file mode 100644 index 0000000..f47839f --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/7DFC33457573E8F16094A74E6B2F23F1.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 7d:fc:33:45:75:73:e8:f1:60:94:a7:4e:6b:2f:23:f1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:27 2020 GMT + Not After : Oct 15 10:47:27 2023 GMT + Subject: CN=dsoclab-kibana + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:4f:c9:0f:84:4d:4e:7b:dc:11:90:c9:49:a8: + f3:60:44:a8:25:1b:59:83:64:0b:d1:e0:bc:59:50: + 22:a5:f5:88:7a:c8:40:65:e4:22:3d:77:d2:8f:9e: + 30:17:80:5e:20:85:bc:70:67:61:cb:d8:e2:9f:9a: + 7c:7b:a6:e8:4e:79:7b:cd:86:6e:26:52:37:45:b6: + ab:b7:6f:40:8f:7a:55:8b:d1:91:cc:21:6f:55:37: + 50:3b:72:1f:2d:3b:bf:75:47:91:88:6a:1c:ea:39: + dd:8b:25:31:55:0e:bc:52:6f:bf:0b:96:ef:e3:12: + 5c:da:63:22:54:e5:b3:95:8b:02:9e:57:3e:7b:4f: + a0:f5:6f:07:a8:5b:45:7c:cb:34:83:77:34:a5:b1: + ff:05:12:88:8f:cc:c4:05:5d:e9:e7:7d:2b:12:fa: + bb:4d:25:f4:f7:04:e7:95:06:95:ea:a9:c4:75:4e: + f7:03:67:2d:9c:9a:f4:01:f6:2a:8d:6c:6d:d0:59: + a9:ce:1f:12:b1:76:39:c8:07:d4:20:73:1e:f3:9c: + b9:67:83:3b:a8:7c:6e:fb:86:ea:3f:6a:8e:98:4c: + 39:a9:d1:4d:be:9f:0a:43:49:1b:fd:09:67:b6:62: + 71:fd:87:9a:63:25:00:aa:c7:a1:4d:23:12:e3:56: + 0f:6f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 50:F3:7D:4F:B2:8C:A5:09:FD:64:CB:C1:97:F1:F8:49:C8:6B:30:4D + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-kibana, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + ae:be:82:6f:6d:e6:c4:cb:c3:2a:d9:d6:ee:11:52:a6:de:89: + 9e:31:a3:e2:86:07:e9:d1:fe:95:c9:a2:38:90:df:05:ff:e5: + 99:27:e8:d8:55:00:8a:85:b3:15:a5:e5:5b:ce:4e:4f:01:3b: + 74:a4:b2:09:fc:6e:95:92:94:2f:76:0d:c7:97:1b:78:c1:08: + 1e:3a:0e:fa:a6:ab:db:1e:22:26:86:39:f4:bb:89:a1:a1:d1: + 55:f6:c3:ff:9b:a5:eb:1b:6a:84:8a:1d:3c:5f:7c:03:0d:08: + 42:6f:d7:14:86:61:38:66:65:f7:c2:86:68:db:81:e9:41:0f: + 82:cf:bb:be:fd:d7:94:48:cc:f8:cf:4a:40:ce:33:c4:75:51: + 00:7e:c7:93:f6:3b:92:c1:5e:8a:ce:5f:2c:c2:f4:fe:ec:77: + 9e:ea:30:d9:53:ee:f9:b9:fd:50:f5:6b:92:1c:57:d2:e0:f3: + 05:d8:79:a9:63:16:13:09:cf:5f:39:dc:ec:43:e4:65:45:43: + 65:e4:7c:39:a3:a2:81:47:ab:8f:57:a9:89:9d:56:4b:77:b1: + 04:c8:9c:54:d2:5c:28:f5:d3:66:ae:9a:9c:a5:91:c7:eb:20: + 69:fb:58:99:c7:5e:be:ec:4a:7a:62:09:fe:3b:30:f2:4a:d7: + 1d:f9:0b:c3 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQffwzRXVz6PFglKdOay8j8TANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjdaFw0yMzEwMTUx +MDQ3MjdaMBkxFzAVBgNVBAMMDmRzb2NsYWIta2liYW5hMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAzk/JD4RNTnvcEZDJSajzYESoJRtZg2QL0eC8WVAi +pfWIeshAZeQiPXfSj54wF4BeIIW8cGdhy9jin5p8e6boTnl7zYZuJlI3Rbart29A +j3pVi9GRzCFvVTdQO3IfLTu/dUeRiGoc6jndiyUxVQ68Um+/C5bv4xJc2mMiVOWz +lYsCnlc+e0+g9W8HqFtFfMs0g3c0pbH/BRKIj8zEBV3p530rEvq7TSX09wTnlQaV +6qnEdU73A2ctnJr0AfYqjWxt0Fmpzh8SsXY5yAfUIHMe85y5Z4M7qHxu+4bqP2qO +mEw5qdFNvp8KQ0kb/QlntmJx/YeaYyUAqsehTSMS41YPbwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFFDzfU+yjKUJ/WTLwZfx+EnIazBNMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1raWJhbmGCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEArr6Cb23m +xMvDKtnW7hFSpt6JnjGj4oYH6dH+lcmiOJDfBf/lmSfo2FUAioWzFaXlW85OTwE7 +dKSyCfxulZKUL3YNx5cbeMEIHjoO+qar2x4iJoY59LuJoaHRVfbD/5ul6xtqhIod +PF98Aw0IQm/XFIZhOGZl98KGaNuB6UEPgs+7vv3XlEjM+M9KQM4zxHVRAH7Hk/Y7 +ksFeis5fLML0/ux3nuow2VPu+bn9UPVrkhxX0uDzBdh5qWMWEwnPXznc7EPkZUVD +ZeR8OaOigUerj1epiZ1WS3exBMicVNJcKPXTZq6anKWRx+sgaftYmcdevuxKemIJ +/jsw8krXHfkLww== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/8B69055F8586CEDD21660B2493412660.pem b/roles/ca/files/CA/certs_by_serial/8B69055F8586CEDD21660B2493412660.pem new file mode 100644 index 0000000..56a67ac --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/8B69055F8586CEDD21660B2493412660.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 8b:69:05:5f:85:86:ce:dd:21:66:0b:24:93:41:26:60 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:25 2020 GMT + Not After : Oct 15 10:47:25 2023 GMT + Subject: CN=dsoclab-nifi-2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ac:b7:4b:e2:d5:87:7f:8e:15:9b:cf:c0:17:eb: + db:8c:e3:1b:83:c0:69:b9:06:91:a0:9b:c6:35:dc: + 2f:e8:8c:72:28:50:02:82:c5:b1:eb:da:d9:e3:9d: + 95:d2:d9:dd:e1:08:35:6d:83:73:95:98:ba:19:fd: + 3e:04:67:9a:09:37:45:79:d3:1d:0b:ec:0a:43:cb: + b8:24:cc:68:5c:ce:2e:ae:db:48:d8:6e:5a:f3:31: + be:87:28:86:76:8e:8f:8d:68:95:1f:72:6c:65:4a: + fc:9e:b8:7d:e2:83:e2:3d:b0:30:5d:c1:73:06:ae: + 9b:f7:9a:54:b8:02:6b:82:90:11:08:3f:d6:5f:59: + 5c:df:aa:25:59:c0:67:7a:fc:e1:f0:c9:4a:8b:e0: + 31:b6:53:13:c2:bf:8c:4f:3a:e6:ed:11:30:a6:41: + 26:ad:56:8f:03:0b:ad:87:6c:b2:73:c4:2e:41:3e: + 99:1a:b6:29:6d:e0:dc:af:8f:45:6e:d5:69:17:0d: + f1:58:a6:7e:8c:80:32:72:24:21:d2:e9:b4:44:23: + f6:10:8f:9f:64:7f:ef:e6:ab:f1:43:94:d0:8a:97: + 0e:e4:91:bd:86:b9:1f:42:f4:96:39:85:05:26:ed: + 90:01:91:11:a3:1f:04:5b:46:ff:1b:a9:74:77:db: + 18:03 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 1F:5E:EF:0E:58:69:FD:21:93:48:19:98:81:48:13:2E:FC:31:61:0C + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-nifi-2, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 21:2d:9b:f7:0c:74:cd:d4:30:b1:42:5b:32:98:d8:ef:9f:a9: + 9b:1b:f0:54:67:c3:20:5b:f1:87:4d:ff:e4:a5:db:af:eb:34: + 8a:b3:fa:d6:14:4a:3c:31:11:8f:09:b0:af:25:39:5a:5e:89: + 32:cf:c7:48:68:f3:14:72:a0:35:15:ec:76:c7:bb:a7:5b:0c: + d5:7e:5b:8c:d8:40:a2:5e:fa:f8:f2:cf:dd:56:65:7e:94:ef: + b4:99:25:ba:9f:78:94:7d:54:0c:83:b9:cf:b8:b4:9d:78:6d: + 62:e3:6c:98:1f:40:b9:35:3c:51:b5:9f:82:7b:1e:77:db:25: + f2:71:df:3d:e9:56:93:86:fe:61:48:4f:db:76:5b:5f:b1:96: + f9:46:72:5e:01:80:87:b5:be:b4:00:3b:37:7f:5e:44:d4:7e: + c5:87:ed:40:6b:9e:f4:ca:1b:b0:4b:84:97:1f:07:0f:7c:8b: + d2:7b:b1:3d:a7:f8:ae:39:07:34:50:41:70:1f:07:ba:a6:a2: + 0d:ca:e5:7b:d4:77:2c:95:4d:16:0c:34:e0:a5:59:7f:43:c7: + a0:dd:a0:f0:ed:75:5a:0f:61:76:52:34:ef:7c:a7:21:e4:de: + 3a:24:cd:39:b6:77:3a:c8:f3:1f:09:2b:80:9a:f0:5d:7f:5e: + 73:9d:73:eb +-----BEGIN CERTIFICATE----- +MIIDlzCCAn+gAwIBAgIRAItpBV+Fhs7dIWYLJJNBJmAwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI1WhcNMjMxMDE1 +MTA0NzI1WjAZMRcwFQYDVQQDDA5kc29jbGFiLW5pZmktMjCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKy3S+LVh3+OFZvPwBfr24zjG4PAabkGkaCbxjXc +L+iMcihQAoLFseva2eOdldLZ3eEINW2Dc5WYuhn9PgRnmgk3RXnTHQvsCkPLuCTM +aFzOLq7bSNhuWvMxvocohnaOj41olR9ybGVK/J64feKD4j2wMF3Bcwaum/eaVLgC +a4KQEQg/1l9ZXN+qJVnAZ3r84fDJSovgMbZTE8K/jE865u0RMKZBJq1WjwMLrYds +snPELkE+mRq2KW3g3K+PRW7VaRcN8VimfoyAMnIkIdLptEQj9hCPn2R/7+ar8UOU +0IqXDuSRvYa5H0L0ljmFBSbtkAGREaMfBFtG/xupdHfbGAMCAwEAAaOB3DCB2TAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBQfXu8OWGn9IZNIGZiBSBMu/DFhDDBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDkGA1UdEQQyMDCCDmRzb2NsYWItbmlmaS0ygh5kc29jbGFi +LmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBACEtm/cM +dM3UMLFCWzKY2O+fqZsb8FRnwyBb8YdN/+Sl26/rNIqz+tYUSjwxEY8JsK8lOVpe +iTLPx0ho8xRyoDUV7HbHu6dbDNV+W4zYQKJe+vjyz91WZX6U77SZJbqfeJR9VAyD +uc+4tJ14bWLjbJgfQLk1PFG1n4J7HnfbJfJx3z3pVpOG/mFIT9t2W1+xlvlGcl4B +gIe1vrQAOzd/XkTUfsWH7UBrnvTKG7BLhJcfBw98i9J7sT2n+K45BzRQQXAfB7qm +og3K5XvUdyyVTRYMNOClWX9Dx6DdoPDtdVoPYXZSNO98pyHk3jokzTm2dzrI8x8J +K4Ca8F1/XnOdc+s= +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/97D2D0CF2300C0A966D103CA89A99212.pem b/roles/ca/files/CA/certs_by_serial/97D2D0CF2300C0A966D103CA89A99212.pem new file mode 100644 index 0000000..71baad0 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/97D2D0CF2300C0A966D103CA89A99212.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 97:d2:d0:cf:23:00:c0:a9:66:d1:03:ca:89:a9:92:12 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:26 2020 GMT + Not After : Oct 15 10:47:26 2023 GMT + Subject: CN=dsoclab-odfe-1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e5:46:f6:71:ce:a2:3f:61:5e:9b:f3:c6:61:88: + 87:99:0a:ac:b8:e8:9d:3c:5f:8c:60:2b:41:5b:36: + fb:39:0a:6f:a1:16:02:31:ac:0d:bd:0e:ff:95:59: + d8:f1:21:6b:bd:96:d6:7b:79:01:d1:65:1c:ca:09: + 22:50:30:01:ea:ed:b4:29:bf:b4:70:25:db:b3:1d: + e9:73:ed:63:93:02:4c:90:22:04:6d:31:74:31:ae: + 85:3c:12:8d:b3:f6:92:2f:de:75:75:8f:ca:a5:f2: + a2:12:94:fb:e8:73:30:37:f1:7c:b5:4e:59:ab:71: + 73:26:80:9a:46:8d:49:94:b0:09:e5:27:10:34:9d: + c0:53:3b:fa:77:2e:06:c0:73:8e:0f:9a:1e:8c:27: + 32:0c:eb:f2:d2:0c:a7:52:48:c6:ee:12:21:15:e3: + 45:30:89:81:63:7f:bf:0a:5b:d1:05:c8:1c:fc:5f: + bb:b8:82:2a:92:3b:3a:ae:19:9d:e9:a7:62:7c:0a: + f2:c2:2a:e6:a8:d4:9b:0a:a8:a2:5a:ec:e5:a3:1a: + 73:e0:83:3d:d2:e8:74:a9:0b:b0:e4:b0:fd:fe:ad: + 1e:57:e8:0d:20:7c:aa:1f:31:69:b5:0d:8c:3f:1c: + 8d:dc:d3:71:5b:f1:04:6a:ae:b9:2d:a8:be:28:11: + f5:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + DB:92:49:8B:D9:27:41:85:16:AE:C9:CA:F6:8D:11:53:8B:EE:B0:5E + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-odfe-1, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 0f:83:fb:ba:2a:0d:aa:14:3f:3f:0b:00:be:f9:37:f4:7f:29: + 1e:21:4e:18:07:e0:ae:e1:84:f7:cf:a1:21:a5:36:ba:77:6c: + 0c:00:11:d5:7d:d8:31:b3:f5:cc:fd:6b:27:8f:99:5f:99:4c: + 57:88:d0:1a:e7:66:6b:8a:fd:d1:01:e3:88:37:91:8c:7b:e9: + e2:22:dd:80:62:64:9e:22:e7:25:b5:b9:89:45:e4:24:f5:19: + c0:5d:10:50:57:80:66:23:0c:b1:8e:bd:b3:f1:fa:95:7e:6f: + 04:d1:da:c2:e8:a1:b2:55:55:66:3a:bc:5b:71:50:8c:a8:56: + 86:f4:a9:9c:c7:4b:d6:91:73:8e:a9:93:ef:e0:85:5e:5c:53: + ae:b3:a7:a4:31:80:f3:b3:e4:03:ad:da:96:f0:14:7b:25:e4: + ff:68:9b:8f:28:cd:fc:94:05:5f:38:80:84:d6:f5:d4:b7:bd: + 43:79:bd:fb:f2:ce:30:73:01:e8:ee:ad:45:4a:ea:88:3f:d1: + a2:ef:22:f5:49:cc:d4:27:22:3c:bc:1f:50:81:58:5a:65:9d: + d6:14:3b:3f:b2:8f:90:35:2b:e7:1a:9b:58:db:96:06:9b:cf: + 44:0b:f5:9f:aa:57:28:3c:ab:70:fa:bc:93:90:d9:94:d7:fe: + 6f:fe:39:2a +-----BEGIN CERTIFICATE----- +MIIDlzCCAn+gAwIBAgIRAJfS0M8jAMCpZtEDyompkhIwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI2WhcNMjMxMDE1 +MTA0NzI2WjAZMRcwFQYDVQQDDA5kc29jbGFiLW9kZmUtMTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAOVG9nHOoj9hXpvzxmGIh5kKrLjonTxfjGArQVs2 ++zkKb6EWAjGsDb0O/5VZ2PEha72W1nt5AdFlHMoJIlAwAerttCm/tHAl27Md6XPt +Y5MCTJAiBG0xdDGuhTwSjbP2ki/edXWPyqXyohKU++hzMDfxfLVOWatxcyaAmkaN +SZSwCeUnEDSdwFM7+ncuBsBzjg+aHownMgzr8tIMp1JIxu4SIRXjRTCJgWN/vwpb +0QXIHPxfu7iCKpI7Oq4ZnemnYnwK8sIq5qjUmwqoolrs5aMac+CDPdLodKkLsOSw +/f6tHlfoDSB8qh8xabUNjD8cjdzTcVvxBGquuS2ovigR9UsCAwEAAaOB3DCB2TAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTbkkmL2SdBhRauycr2jRFTi+6wXjBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDkGA1UdEQQyMDCCDmRzb2NsYWItb2RmZS0xgh5kc29jbGFi +LmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAA+D+7oq +DaoUPz8LAL75N/R/KR4hThgH4K7hhPfPoSGlNrp3bAwAEdV92DGz9cz9ayePmV+Z +TFeI0BrnZmuK/dEB44g3kYx76eIi3YBiZJ4i5yW1uYlF5CT1GcBdEFBXgGYjDLGO +vbPx+pV+bwTR2sLoobJVVWY6vFtxUIyoVob0qZzHS9aRc46pk+/ghV5cU66zp6Qx +gPOz5AOt2pbwFHsl5P9om48ozfyUBV84gITW9dS3vUN5vfvyzjBzAejurUVK6og/ +0aLvIvVJzNQnIjy8H1CBWFplndYUOz+yj5A1K+cam1jblgabz0QL9Z+qVyg8q3D6 +vJOQ2ZTX/m/+OSo= +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/A7217943DDD1145BC6F68CBA362CB35B.pem b/roles/ca/files/CA/certs_by_serial/A7217943DDD1145BC6F68CBA362CB35B.pem new file mode 100644 index 0000000..4baf981 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/A7217943DDD1145BC6F68CBA362CB35B.pem @@ -0,0 +1,84 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + a7:21:79:43:dd:d1:14:5b:c6:f6:8c:ba:36:2c:b3:5b + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:52 2020 GMT + Not After : Oct 15 10:47:52 2023 GMT + Subject: CN=Arne Oslebo + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:4c:02:19:21:6e:1c:f2:ed:93:d8:fd:bc:1a: + a4:c2:11:3b:e1:55:73:e5:26:92:d3:d9:e8:a6:dd: + 7d:a2:1d:be:6a:7c:64:06:39:60:33:38:7d:6a:ca: + 89:9d:e5:11:58:21:69:f3:3a:88:5e:ea:e5:2e:e1: + 9d:bb:00:1f:59:19:69:4f:6b:32:3d:2f:1a:da:95: + 3d:99:95:53:9f:b2:ea:db:13:48:63:2d:4a:dc:0c: + 4b:a6:1c:4c:62:e2:d0:11:25:67:cb:80:52:02:e8: + f8:3b:3c:eb:cb:f4:71:03:5a:be:d9:a0:49:fe:d1: + 72:fe:4f:be:e1:ac:a1:ed:a5:15:06:f4:4e:c9:06: + ab:9b:92:c2:3e:b9:58:0c:f4:15:0e:04:c0:91:1b: + 85:73:9d:b6:97:a1:6c:70:0a:1a:a0:ce:4c:8d:ac: + 29:e4:c5:17:00:26:03:44:32:a8:7b:83:52:49:43: + 60:11:53:c8:1e:b8:eb:9f:1f:e3:13:54:81:77:c4: + 47:4a:2e:20:8d:48:8c:91:2e:e0:d4:e5:37:0b:5c: + bb:5f:40:37:92:e9:60:3b:a0:f9:98:7f:6d:b3:20: + 92:3c:da:8c:f0:79:81:f2:ea:77:ba:b4:7b:06:54: + 75:89:77:7e:ad:08:3a:ae:1e:dc:1c:11:63:08:43: + 14:97 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + BA:57:27:B7:A6:72:56:05:70:2F:E2:6E:47:CA:0F:2F:C4:26:44:86 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha256WithRSAEncryption + 53:30:05:cf:78:2f:0b:25:a1:64:0a:94:06:11:9b:a8:07:d3: + 5d:4f:0c:80:78:9c:cb:8e:07:d8:21:29:68:d0:ea:43:55:3f: + 14:18:dc:40:cc:a4:84:da:11:24:07:71:35:63:49:3e:bc:10: + 3a:93:cd:b8:61:22:e1:43:a8:d4:c5:2b:13:e4:27:62:00:f1: + c8:31:d0:27:05:27:6b:0e:77:df:1b:f0:e5:6e:d9:0b:8a:9a: + 0b:5f:97:20:2c:dd:e1:37:64:94:1a:9e:f7:a7:63:37:88:71: + 0e:57:a2:da:10:1f:2c:a3:a9:e1:40:01:48:58:74:2e:b3:11: + 8f:d1:21:30:49:b9:53:29:c5:92:85:85:6b:51:20:05:b4:c5: + af:b9:b2:9b:a3:50:1d:59:ac:fa:bf:33:57:61:f4:f1:c3:ee: + a2:9a:99:b2:04:de:8b:fc:d2:3c:58:38:ab:9d:d2:6d:f2:e3: + 0c:69:a5:76:78:df:ae:c9:67:0a:97:55:3d:f0:8f:5a:5e:de: + e6:56:1b:4e:66:c9:34:77:97:54:d4:66:e2:24:3c:f0:43:01: + 24:05:0c:32:a0:65:38:09:53:6c:0e:38:ea:7c:b1:d6:51:11: + 60:8f:28:9f:ab:13:d0:75:f3:93:13:f2:1e:a4:bd:18:ae:b0: + 0f:f6:29:d4 +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIRAKcheUPd0RRbxvaMujYss1swDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzUyWhcNMjMxMDE1 +MTA0NzUyWjAWMRQwEgYDVQQDDAtBcm5lIE9zbGVibzCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAM5MAhkhbhzy7ZPY/bwapMIRO+FVc+UmktPZ6KbdfaId +vmp8ZAY5YDM4fWrKiZ3lEVghafM6iF7q5S7hnbsAH1kZaU9rMj0vGtqVPZmVU5+y +6tsTSGMtStwMS6YcTGLi0BElZ8uAUgLo+Ds868v0cQNavtmgSf7Rcv5PvuGsoe2l +FQb0TskGq5uSwj65WAz0FQ4EwJEbhXOdtpehbHAKGqDOTI2sKeTFFwAmA0QyqHuD +UklDYBFTyB64658f4xNUgXfER0ouII1IjJEu4NTlNwtcu19AN5LpYDug+Zh/bbMg +kjzajPB5gfLqd7q0ewZUdYl3fq0IOq4e3BwRYwhDFJcCAwEAAaOBlzCBlDAJBgNV +HRMEAjAAMB0GA1UdDgQWBBS6Vye3pnJWBXAv4m5Hyg8vxCZEhjBGBgNVHSMEPzA9 +gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9PTFMt +Q0GCCQCKdJMmgFtCtzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4Aw +DQYJKoZIhvcNAQELBQADggEBAFMwBc94LwsloWQKlAYRm6gH011PDIB4nMuOB9gh +KWjQ6kNVPxQY3EDMpITaESQHcTVjST68EDqTzbhhIuFDqNTFKxPkJ2IA8cgx0CcF +J2sOd98b8OVu2QuKmgtflyAs3eE3ZJQanvenYzeIcQ5XotoQHyyjqeFAAUhYdC6z +EY/RITBJuVMpxZKFhWtRIAW0xa+5spujUB1ZrPq/M1dh9PHD7qKambIE3ov80jxY +OKud0m3y4wxppXZ4367JZwqXVT3wj1pe3uZWG05myTR3l1TUZuIkPPBDASQFDDKg +ZTgJU2wOOOp8sdZREWCPKJ+rE9B185MT8h6kvRiusA/2KdQ= +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/D27B43CB9BFB09CFCC86EFD1019A42FC.pem b/roles/ca/files/CA/certs_by_serial/D27B43CB9BFB09CFCC86EFD1019A42FC.pem new file mode 100644 index 0000000..5be39cb --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/D27B43CB9BFB09CFCC86EFD1019A42FC.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + d2:7b:43:cb:9b:fb:09:cf:cc:86:ef:d1:01:9a:42:fc + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:30 2020 GMT + Not After : Oct 15 10:47:30 2023 GMT + Subject: CN=dsoclab-haproxy + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c9:c7:22:33:0b:0b:0f:a0:8c:c4:a9:81:37:bd: + 51:2f:47:32:fa:1b:88:45:b1:bb:11:43:3d:de:b3: + 70:67:d7:8b:39:5a:8f:13:fb:2f:78:08:b1:b1:32: + c6:d1:0e:e4:d3:2e:3a:db:84:db:d2:65:6b:26:24: + 6c:d7:16:e5:a5:90:8e:02:46:13:02:0a:96:66:46: + 87:b7:b0:ee:56:4c:3c:d8:ae:4c:7d:ef:5b:aa:6e: + 01:8e:89:fe:4c:b9:de:6c:ba:e4:3f:8d:f8:d7:3a: + ed:b2:29:9a:5b:ac:5a:86:66:05:f3:19:2f:59:8d: + 7c:8b:6a:97:1e:43:8a:36:80:b2:e9:e1:84:f6:94: + bc:13:11:31:b8:d2:5a:72:ed:68:c3:b1:37:e4:5b: + 91:82:62:aa:13:f2:b6:e0:3a:aa:85:66:70:0a:a9: + ad:5c:a7:52:ff:dc:f9:99:5e:e5:15:d5:0c:fe:cd: + 27:cb:98:9e:5a:69:ca:71:74:31:e6:26:df:ec:d2: + 42:43:b9:f3:04:8e:2c:7a:28:a6:f9:8e:ba:64:3c: + 69:0e:ac:f5:dc:d5:f3:2a:50:47:50:d4:8c:f5:ee: + 31:08:73:69:1f:ae:42:1d:52:84:5d:47:68:dd:a3: + 1f:07:57:ec:3e:9e:0d:23:78:16:41:bc:68:f2:4f: + e9:19 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 49:DC:74:02:17:71:C3:D0:A0:64:31:9E:60:2B:B4:38:43:62:DE:98 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-haproxy, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 04:a0:71:31:d2:11:93:09:96:c8:1b:2a:31:b8:b9:34:07:ac: + 89:cb:b0:6c:b0:f0:17:5f:18:3c:a6:96:ca:b3:fa:c7:af:40: + 17:e1:7e:e4:dc:ee:fe:5c:dc:86:40:b7:2f:9d:c0:9e:fd:16: + 6b:85:ab:c2:a8:63:1f:fe:03:2b:89:6a:80:c9:2e:ae:cc:3d: + 19:75:32:0e:56:57:16:27:02:51:49:1d:b3:78:aa:57:d3:00: + 9b:93:fe:6d:a3:37:ad:26:35:57:e1:5f:90:bf:ef:30:bc:68: + f3:bf:7c:59:69:4f:61:30:2d:48:66:a6:44:2a:51:63:6e:4f: + a7:8f:96:7e:91:b2:b2:46:bc:97:1b:01:df:c0:24:5c:b2:aa: + 8d:20:3a:25:5d:8a:1c:84:53:0d:d4:f6:d5:81:5d:30:de:c4: + d7:fa:42:9c:79:68:92:56:b7:76:69:c6:c9:ad:07:47:a6:d2: + 46:d4:a5:0c:10:a9:03:21:4d:56:40:e5:28:e3:fa:70:1b:23: + 32:68:07:3d:d6:8a:3a:fb:6d:3b:a6:20:16:1b:09:f3:47:f0: + 2a:4f:dc:97:86:56:37:96:42:1b:89:b8:76:1a:ab:7a:25:4e: + e8:62:d9:a0:3b:ec:62:72:64:64:ca:87:9c:be:0a:08:09:52: + ab:03:89:2b +-----BEGIN CERTIFICATE----- +MIIDmTCCAoGgAwIBAgIRANJ7Q8ub+wnPzIbv0QGaQvwwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzMwWhcNMjMxMDE1 +MTA0NzMwWjAaMRgwFgYDVQQDDA9kc29jbGFiLWhhcHJveHkwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDJxyIzCwsPoIzEqYE3vVEvRzL6G4hFsbsRQz3e +s3Bn14s5Wo8T+y94CLGxMsbRDuTTLjrbhNvSZWsmJGzXFuWlkI4CRhMCCpZmRoe3 +sO5WTDzYrkx971uqbgGOif5Mud5suuQ/jfjXOu2yKZpbrFqGZgXzGS9ZjXyLapce +Q4o2gLLp4YT2lLwTETG40lpy7WjDsTfkW5GCYqoT8rbgOqqFZnAKqa1cp1L/3PmZ +XuUV1Qz+zSfLmJ5aacpxdDHmJt/s0kJDufMEjix6KKb5jrpkPGkOrPXc1fMqUEdQ +1Iz17jEIc2kfrkIdUoRdR2jdox8HV+w+ng0jeBZBvGjyT+kZAgMBAAGjgd0wgdow +CQYDVR0TBAIwADAdBgNVHQ4EFgQUSdx0Ahdxw9CgZDGeYCu0OENi3pgwRgYDVR0j +BD8wPYAUeQbKQNOfmlSu0zNN8jg+tgvzPc+hGqQYMBYxFDASBgNVBAMMC1NPQ1RP +T0xTLUNBggkAinSTJoBbQrcwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MAsGA1UdDwQEAwIFoDA6BgNVHREEMzAxgg9kc29jbGFiLWhhcHJveHmCHmRzb2Ns +YWIuZ240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEABKBx +MdIRkwmWyBsqMbi5NAesicuwbLDwF18YPKaWyrP6x69AF+F+5Nzu/lzchkC3L53A +nv0Wa4WrwqhjH/4DK4lqgMkursw9GXUyDlZXFicCUUkds3iqV9MAm5P+baM3rSY1 +V+FfkL/vMLxo8798WWlPYTAtSGamRCpRY25Pp4+WfpGyska8lxsB38AkXLKqjSA6 +JV2KHIRTDdT21YFdMN7E1/pCnHlokla3dmnGya0HR6bSRtSlDBCpAyFNVkDlKOP6 +cBsjMmgHPdaKOvttO6YgFhsJ80fwKk/cl4ZWN5ZCG4m4dhqreiVO6GLZoDvsYnJk +ZMqHnL4KCAlSqwOJKw== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/certs_by_serial/FE7583DEF2355A2C2BBA09720BD80948.pem b/roles/ca/files/CA/certs_by_serial/FE7583DEF2355A2C2BBA09720BD80948.pem new file mode 100644 index 0000000..92b6893 --- /dev/null +++ b/roles/ca/files/CA/certs_by_serial/FE7583DEF2355A2C2BBA09720BD80948.pem @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + fe:75:83:de:f2:35:5a:2c:2b:ba:09:72:0b:d8:09:48 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:28 2020 GMT + Not After : Oct 15 10:47:28 2023 GMT + Subject: CN=dsoclab-keycloak + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ea:a9:ea:6b:2f:6c:9c:9f:6d:9c:89:4e:01:ba: + c6:c0:32:df:59:26:2b:95:f4:c2:3d:c8:7e:22:ce: + b6:78:03:e8:22:28:81:9c:9a:a6:a7:ba:fd:05:66: + a3:50:81:85:71:c1:d9:ea:bc:21:e1:5d:0a:87:7b: + be:55:b0:7d:01:57:de:4c:fe:3a:c5:c9:54:77:2e: + 15:fc:12:07:f8:ef:9f:7b:f7:09:01:70:75:53:3b: + dc:b1:0c:65:4d:49:c4:fb:1d:42:20:6f:81:45:42: + d3:db:1d:4c:57:1b:1d:3b:81:39:ee:b2:cf:95:4b: + 29:d0:a8:39:98:d6:93:36:99:bf:c5:43:26:8d:4d: + db:6d:24:3b:fc:16:76:a1:fd:6f:c6:19:11:c7:12: + 0d:80:16:4c:88:da:2c:09:78:3d:1b:7c:6c:ec:db: + 9e:01:50:5f:a3:56:7f:d4:3b:a4:26:d2:6d:42:7b: + 88:4e:8d:64:ed:1e:1a:0e:05:58:65:58:47:83:60: + 9e:b4:ed:15:ce:72:4f:a0:b5:22:dd:9f:a4:da:88: + 86:fe:cb:84:6e:72:3d:00:42:da:8b:85:2a:f2:ef: + d7:ee:bb:85:42:ba:b9:fb:d9:9d:d2:2c:58:0f:7c: + 02:23:b7:46:d0:69:06:37:40:9d:58:74:89:ca:b7: + 12:e5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + FD:C5:77:F8:79:AD:0A:7E:6A:A0:2E:3B:58:6A:9F:43:51:55:0B:DF + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-keycloak, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 9a:c0:35:a3:68:ec:ec:cc:c3:65:5a:bf:03:d0:ee:8d:a0:41: + db:6d:89:3e:97:d4:90:7d:63:8e:73:37:43:ae:9a:e2:d0:2b: + a7:5e:b2:88:9b:4d:8f:b6:81:bf:f6:46:a0:87:ca:77:ec:5c: + af:cd:6b:d8:e8:60:5a:aa:86:be:64:d5:ad:e9:1e:41:7b:6a: + df:01:1d:16:86:94:57:82:51:91:be:6b:d6:ae:f0:b9:8c:3d: + 11:99:c4:93:eb:f7:fa:9e:a3:e3:f8:97:19:cf:63:55:6a:6e: + 4f:e9:a2:64:a7:35:0d:7e:68:23:89:e1:c6:06:4b:34:67:38: + 40:d1:81:b3:73:95:3a:3b:67:d2:5a:e4:8e:49:34:b1:ab:6f: + b6:60:87:ac:55:5d:f5:59:c0:d5:d3:d8:de:3b:76:c9:41:28: + b4:d7:23:ec:a2:3f:1d:3f:74:2e:f0:45:40:35:38:d1:06:50: + b2:93:45:df:de:33:5e:0b:89:86:d8:c9:14:61:1c:d2:94:21: + 1f:bf:df:32:f0:2f:91:52:b0:08:b7:b9:c2:b7:55:2b:ca:05: + e4:eb:91:e1:63:45:5d:1a:6f:e8:76:07:89:e8:42:3e:ec:7b: + 51:0e:a0:d5:8e:c3:3d:26:e3:45:b0:5b:61:d1:98:3b:c3:d4: + 37:9f:c1:7c +-----BEGIN CERTIFICATE----- +MIIDmzCCAoOgAwIBAgIRAP51g97yNVosK7oJcgvYCUgwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI4WhcNMjMxMDE1 +MTA0NzI4WjAbMRkwFwYDVQQDDBBkc29jbGFiLWtleWNsb2FrMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qnqay9snJ9tnIlOAbrGwDLfWSYrlfTCPch+ +Is62eAPoIiiBnJqmp7r9BWajUIGFccHZ6rwh4V0Kh3u+VbB9AVfeTP46xclUdy4V +/BIH+O+fe/cJAXB1UzvcsQxlTUnE+x1CIG+BRULT2x1MVxsdO4E57rLPlUsp0Kg5 +mNaTNpm/xUMmjU3bbSQ7/BZ2of1vxhkRxxINgBZMiNosCXg9G3xs7NueAVBfo1Z/ +1DukJtJtQnuITo1k7R4aDgVYZVhHg2CetO0VznJPoLUi3Z+k2oiG/suEbnI9AELa +i4Uq8u/X7ruFQrq5+9md0ixYD3wCI7dG0GkGN0CdWHSJyrcS5QIDAQABo4HeMIHb +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFP3Fd/h5rQp+aqAuO1hqn0NRVQvfMEYGA1Ud +IwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NU +T09MUy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD +AjALBgNVHQ8EBAMCBaAwOwYDVR0RBDQwMoIQZHNvY2xhYi1rZXljbG9ha4IeZHNv +Y2xhYi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQCa +wDWjaOzszMNlWr8D0O6NoEHbbYk+l9SQfWOOczdDrpri0CunXrKIm02PtoG/9kag +h8p37FyvzWvY6GBaqoa+ZNWt6R5Be2rfAR0WhpRXglGRvmvWrvC5jD0RmcST6/f6 +nqPj+JcZz2NVam5P6aJkpzUNfmgjieHGBks0ZzhA0YGzc5U6O2fSWuSOSTSxq2+2 +YIesVV31WcDV09jeO3bJQSi01yPsoj8dP3Qu8EVANTjRBlCyk0Xf3jNeC4mG2MkU +YRzSlCEfv98y8C+RUrAIt7nCt1UrygXk65HhY0VdGm/odgeJ6EI+7HtRDqDVjsM9 +JuNFsFth0Zg7w9Q3n8F8 +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/extensions.temp b/roles/ca/files/CA/extensions.temp new file mode 100644 index 0000000..5680ec9 --- /dev/null +++ b/roles/ca/files/CA/extensions.temp @@ -0,0 +1,15 @@ +# X509 extensions added to every signed cert + +# This file is included for every cert signed, and by default does nothing. +# It could be used to add values every cert should have, such as a CDP as +# demonstrated in the following example: + +#crlDistributionPoints = URI:http://example.net/pki/my_ca.crl +# X509 extensions for a client + +basicConstraints = CA:FALSE +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always +extendedKeyUsage = clientAuth +keyUsage = digitalSignature + diff --git a/roles/ca/files/CA/index.txt b/roles/ca/files/CA/index.txt new file mode 100644 index 0000000..221d42d --- /dev/null +++ b/roles/ca/files/CA/index.txt @@ -0,0 +1,13 @@ +V 231015104725Z 01EC4DAD3E5E47CF4E4B98495932B337 unknown /CN=dsoclab-nifi-1 +V 231015104725Z 8B69055F8586CEDD21660B2493412660 unknown /CN=dsoclab-nifi-2 +V 231015104726Z 5969918F10EF8D2BAE46B26D6D629D8E unknown /CN=dsoclab-nifi-3 +V 231015104726Z 97D2D0CF2300C0A966D103CA89A99212 unknown /CN=dsoclab-odfe-1 +V 231015104727Z 560A99C5A03FC4B9FC92FDC62F419BB9 unknown /CN=dsoclab-odfe-2 +V 231015104727Z 7DFC33457573E8F16094A74E6B2F23F1 unknown /CN=dsoclab-kibana +V 231015104728Z FE7583DEF2355A2C2BBA09720BD80948 unknown /CN=dsoclab-keycloak +V 231015104728Z 7587FCE4CF3EC68117199076B12CD5D2 unknown /CN=dsoclab-misp +V 231015104729Z 61095C2C8D35EE291C99CEABD42B3CA4 unknown /CN=dsoclab-thehive +V 231015104729Z 5DC4BC495FA076A813A4C23261640D92 unknown /CN=dsoclab-cortex +V 231015104730Z D27B43CB9BFB09CFCC86EFD1019A42FC unknown /CN=dsoclab-haproxy +V 231015104752Z 1DD9AF5415359961C578D1B98BFA6E9F unknown /CN=Bozidar Proevski +V 231015104752Z A7217943DDD1145BC6F68CBA362CB35B unknown /CN=Arne Oslebo diff --git a/roles/ca/files/CA/index.txt.attr b/roles/ca/files/CA/index.txt.attr new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/roles/ca/files/CA/index.txt.attr @@ -0,0 +1 @@ +unique_subject = no diff --git a/roles/ca/files/CA/index.txt.attr.old b/roles/ca/files/CA/index.txt.attr.old new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/roles/ca/files/CA/index.txt.attr.old @@ -0,0 +1 @@ +unique_subject = no diff --git a/roles/ca/files/CA/index.txt.old b/roles/ca/files/CA/index.txt.old new file mode 100644 index 0000000..022f254 --- /dev/null +++ b/roles/ca/files/CA/index.txt.old @@ -0,0 +1,12 @@ +V 231015104725Z 01EC4DAD3E5E47CF4E4B98495932B337 unknown /CN=dsoclab-nifi-1 +V 231015104725Z 8B69055F8586CEDD21660B2493412660 unknown /CN=dsoclab-nifi-2 +V 231015104726Z 5969918F10EF8D2BAE46B26D6D629D8E unknown /CN=dsoclab-nifi-3 +V 231015104726Z 97D2D0CF2300C0A966D103CA89A99212 unknown /CN=dsoclab-odfe-1 +V 231015104727Z 560A99C5A03FC4B9FC92FDC62F419BB9 unknown /CN=dsoclab-odfe-2 +V 231015104727Z 7DFC33457573E8F16094A74E6B2F23F1 unknown /CN=dsoclab-kibana +V 231015104728Z FE7583DEF2355A2C2BBA09720BD80948 unknown /CN=dsoclab-keycloak +V 231015104728Z 7587FCE4CF3EC68117199076B12CD5D2 unknown /CN=dsoclab-misp +V 231015104729Z 61095C2C8D35EE291C99CEABD42B3CA4 unknown /CN=dsoclab-thehive +V 231015104729Z 5DC4BC495FA076A813A4C23261640D92 unknown /CN=dsoclab-cortex +V 231015104730Z D27B43CB9BFB09CFCC86EFD1019A42FC unknown /CN=dsoclab-haproxy +V 231015104752Z 1DD9AF5415359961C578D1B98BFA6E9F unknown /CN=Bozidar Proevski diff --git a/roles/ca/files/CA/issued/Arne Oslebo.crt b/roles/ca/files/CA/issued/Arne Oslebo.crt new file mode 100644 index 0000000..4baf981 --- /dev/null +++ b/roles/ca/files/CA/issued/Arne Oslebo.crt @@ -0,0 +1,84 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + a7:21:79:43:dd:d1:14:5b:c6:f6:8c:ba:36:2c:b3:5b + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:52 2020 GMT + Not After : Oct 15 10:47:52 2023 GMT + Subject: CN=Arne Oslebo + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:4c:02:19:21:6e:1c:f2:ed:93:d8:fd:bc:1a: + a4:c2:11:3b:e1:55:73:e5:26:92:d3:d9:e8:a6:dd: + 7d:a2:1d:be:6a:7c:64:06:39:60:33:38:7d:6a:ca: + 89:9d:e5:11:58:21:69:f3:3a:88:5e:ea:e5:2e:e1: + 9d:bb:00:1f:59:19:69:4f:6b:32:3d:2f:1a:da:95: + 3d:99:95:53:9f:b2:ea:db:13:48:63:2d:4a:dc:0c: + 4b:a6:1c:4c:62:e2:d0:11:25:67:cb:80:52:02:e8: + f8:3b:3c:eb:cb:f4:71:03:5a:be:d9:a0:49:fe:d1: + 72:fe:4f:be:e1:ac:a1:ed:a5:15:06:f4:4e:c9:06: + ab:9b:92:c2:3e:b9:58:0c:f4:15:0e:04:c0:91:1b: + 85:73:9d:b6:97:a1:6c:70:0a:1a:a0:ce:4c:8d:ac: + 29:e4:c5:17:00:26:03:44:32:a8:7b:83:52:49:43: + 60:11:53:c8:1e:b8:eb:9f:1f:e3:13:54:81:77:c4: + 47:4a:2e:20:8d:48:8c:91:2e:e0:d4:e5:37:0b:5c: + bb:5f:40:37:92:e9:60:3b:a0:f9:98:7f:6d:b3:20: + 92:3c:da:8c:f0:79:81:f2:ea:77:ba:b4:7b:06:54: + 75:89:77:7e:ad:08:3a:ae:1e:dc:1c:11:63:08:43: + 14:97 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + BA:57:27:B7:A6:72:56:05:70:2F:E2:6E:47:CA:0F:2F:C4:26:44:86 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha256WithRSAEncryption + 53:30:05:cf:78:2f:0b:25:a1:64:0a:94:06:11:9b:a8:07:d3: + 5d:4f:0c:80:78:9c:cb:8e:07:d8:21:29:68:d0:ea:43:55:3f: + 14:18:dc:40:cc:a4:84:da:11:24:07:71:35:63:49:3e:bc:10: + 3a:93:cd:b8:61:22:e1:43:a8:d4:c5:2b:13:e4:27:62:00:f1: + c8:31:d0:27:05:27:6b:0e:77:df:1b:f0:e5:6e:d9:0b:8a:9a: + 0b:5f:97:20:2c:dd:e1:37:64:94:1a:9e:f7:a7:63:37:88:71: + 0e:57:a2:da:10:1f:2c:a3:a9:e1:40:01:48:58:74:2e:b3:11: + 8f:d1:21:30:49:b9:53:29:c5:92:85:85:6b:51:20:05:b4:c5: + af:b9:b2:9b:a3:50:1d:59:ac:fa:bf:33:57:61:f4:f1:c3:ee: + a2:9a:99:b2:04:de:8b:fc:d2:3c:58:38:ab:9d:d2:6d:f2:e3: + 0c:69:a5:76:78:df:ae:c9:67:0a:97:55:3d:f0:8f:5a:5e:de: + e6:56:1b:4e:66:c9:34:77:97:54:d4:66:e2:24:3c:f0:43:01: + 24:05:0c:32:a0:65:38:09:53:6c:0e:38:ea:7c:b1:d6:51:11: + 60:8f:28:9f:ab:13:d0:75:f3:93:13:f2:1e:a4:bd:18:ae:b0: + 0f:f6:29:d4 +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIRAKcheUPd0RRbxvaMujYss1swDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzUyWhcNMjMxMDE1 +MTA0NzUyWjAWMRQwEgYDVQQDDAtBcm5lIE9zbGVibzCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAM5MAhkhbhzy7ZPY/bwapMIRO+FVc+UmktPZ6KbdfaId +vmp8ZAY5YDM4fWrKiZ3lEVghafM6iF7q5S7hnbsAH1kZaU9rMj0vGtqVPZmVU5+y +6tsTSGMtStwMS6YcTGLi0BElZ8uAUgLo+Ds868v0cQNavtmgSf7Rcv5PvuGsoe2l +FQb0TskGq5uSwj65WAz0FQ4EwJEbhXOdtpehbHAKGqDOTI2sKeTFFwAmA0QyqHuD +UklDYBFTyB64658f4xNUgXfER0ouII1IjJEu4NTlNwtcu19AN5LpYDug+Zh/bbMg +kjzajPB5gfLqd7q0ewZUdYl3fq0IOq4e3BwRYwhDFJcCAwEAAaOBlzCBlDAJBgNV +HRMEAjAAMB0GA1UdDgQWBBS6Vye3pnJWBXAv4m5Hyg8vxCZEhjBGBgNVHSMEPzA9 +gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9PTFMt +Q0GCCQCKdJMmgFtCtzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4Aw +DQYJKoZIhvcNAQELBQADggEBAFMwBc94LwsloWQKlAYRm6gH011PDIB4nMuOB9gh +KWjQ6kNVPxQY3EDMpITaESQHcTVjST68EDqTzbhhIuFDqNTFKxPkJ2IA8cgx0CcF +J2sOd98b8OVu2QuKmgtflyAs3eE3ZJQanvenYzeIcQ5XotoQHyyjqeFAAUhYdC6z +EY/RITBJuVMpxZKFhWtRIAW0xa+5spujUB1ZrPq/M1dh9PHD7qKambIE3ov80jxY +OKud0m3y4wxppXZ4367JZwqXVT3wj1pe3uZWG05myTR3l1TUZuIkPPBDASQFDDKg +ZTgJU2wOOOp8sdZREWCPKJ+rE9B185MT8h6kvRiusA/2KdQ= +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/Bozidar Proevski.crt b/roles/ca/files/CA/issued/Bozidar Proevski.crt new file mode 100644 index 0000000..af57c1e --- /dev/null +++ b/roles/ca/files/CA/issued/Bozidar Proevski.crt @@ -0,0 +1,84 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 1d:d9:af:54:15:35:99:61:c5:78:d1:b9:8b:fa:6e:9f + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:52 2020 GMT + Not After : Oct 15 10:47:52 2023 GMT + Subject: CN=Bozidar Proevski + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:9a:de:00:fd:f1:e9:b9:29:d9:58:d0:47:21:cf: + 4b:67:17:f7:a9:02:93:17:cf:57:5b:6f:db:26:90: + 30:09:0b:d9:c5:66:5e:f6:22:66:ab:48:06:aa:6c: + 88:b3:fd:93:45:a4:60:c9:5f:2b:6c:af:db:68:5e: + 27:e6:85:71:27:b7:20:52:61:df:14:1b:da:06:39: + b2:21:20:4b:22:48:b7:4b:76:44:02:b1:89:5f:0e: + 59:22:cb:b9:c9:1e:8d:a0:ac:28:5d:e5:ae:c8:ea: + cc:05:20:a2:60:11:12:8d:6d:88:0a:73:e8:7c:68: + 9c:48:2c:c9:a8:c6:9d:c3:3c:c1:e7:f4:07:f7:5b: + 6e:42:3d:3d:0f:85:6f:e2:b9:88:a9:d0:02:84:b8: + 19:6a:ae:13:a1:97:50:98:16:c8:0c:1b:bd:02:c8: + 5f:a3:2f:73:7e:25:f8:8c:e7:92:43:c7:6a:75:bc: + 85:ea:1c:47:28:ce:2c:9b:3a:8f:a8:07:e9:8c:8a: + 75:3e:c1:97:32:ce:e3:c5:ca:1e:0a:d7:3c:77:0a: + d2:ab:51:c3:e5:dc:37:90:1a:35:bf:a0:4a:aa:bd: + 38:ef:9e:6d:f8:81:37:7f:d3:77:23:c6:5b:63:98: + 64:07:2f:47:fd:7d:21:2f:57:c2:d8:44:00:c2:29: + 22:79 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A3:9F:29:21:E0:E5:18:E4:CB:4C:2D:7F:84:2F:AF:F2:49:F0:83:3A + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha256WithRSAEncryption + ad:cb:66:5d:b7:29:e5:19:7b:7c:ae:23:50:58:34:db:c9:79: + 39:de:57:83:34:03:6d:bc:bf:e2:31:79:9d:2b:a2:7a:e0:c4: + c8:19:96:e0:20:f3:05:2a:a6:f4:b8:90:c4:ea:8d:5e:86:e1: + 13:99:59:0f:da:c8:3d:96:0d:78:04:4f:26:9c:6a:7c:8e:50: + 5a:30:f1:37:dc:26:99:28:35:f8:25:b9:4b:f8:d2:f0:d3:b5: + 61:32:c9:9c:43:39:21:43:c1:de:0d:4d:8e:e5:6f:a1:58:e5: + 01:84:d6:a5:de:88:2a:55:9f:ec:de:be:b1:13:61:33:dd:50: + 19:89:dd:11:48:5e:c2:14:8d:69:8f:a9:43:73:80:71:8f:54: + ba:da:74:b4:26:ec:5b:82:88:84:90:6d:f7:58:3f:78:d3:20: + 5b:c3:9b:82:85:b7:ef:98:12:4f:ba:e8:38:f3:8c:af:85:91: + 66:40:fe:a9:b2:fd:d6:76:ad:70:b7:b5:33:88:64:31:97:81: + d9:c6:ec:47:9b:af:3f:31:c8:de:0c:cc:88:3d:b7:6f:6f:19: + 24:f1:ae:ff:de:95:31:3f:38:e5:ed:a1:e1:e4:6b:54:1f:26: + b8:53:79:cf:fe:89:ba:bc:35:a1:bc:2f:8a:07:a2:eb:0d:90: + 72:ad:8a:60 +-----BEGIN CERTIFICATE----- +MIIDUzCCAjugAwIBAgIQHdmvVBU1mWHFeNG5i/punzANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3NTJaFw0yMzEwMTUx +MDQ3NTJaMBsxGTAXBgNVBAMMEEJvemlkYXIgUHJvZXZza2kwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCa3gD98em5KdlY0Echz0tnF/epApMXz1dbb9sm +kDAJC9nFZl72ImarSAaqbIiz/ZNFpGDJXytsr9toXifmhXEntyBSYd8UG9oGObIh +IEsiSLdLdkQCsYlfDlkiy7nJHo2grChd5a7I6swFIKJgERKNbYgKc+h8aJxILMmo +xp3DPMHn9Af3W25CPT0PhW/iuYip0AKEuBlqrhOhl1CYFsgMG70CyF+jL3N+JfiM +55JDx2p1vIXqHEcoziybOo+oB+mMinU+wZcyzuPFyh4K1zx3CtKrUcPl3DeQGjW/ +oEqqvTjvnm34gTd/03cjxltjmGQHL0f9fSEvV8LYRADCKSJ5AgMBAAGjgZcwgZQw +CQYDVR0TBAIwADAdBgNVHQ4EFgQUo58pIeDlGOTLTC1/hC+v8knwgzowRgYDVR0j +BD8wPYAUeQbKQNOfmlSu0zNN8jg+tgvzPc+hGqQYMBYxFDASBgNVBAMMC1NPQ1RP +T0xTLUNBggkAinSTJoBbQrcwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQD +AgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCty2ZdtynlGXt8riNQWDTbyXk53leDNANt +vL/iMXmdK6J64MTIGZbgIPMFKqb0uJDE6o1ehuETmVkP2sg9lg14BE8mnGp8jlBa +MPE33CaZKDX4JblL+NLw07VhMsmcQzkhQ8HeDU2O5W+hWOUBhNal3ogqVZ/s3r6x +E2Ez3VAZid0RSF7CFI1pj6lDc4Bxj1S62nS0JuxbgoiEkG33WD940yBbw5uChbfv +mBJPuug484yvhZFmQP6psv3Wdq1wt7UziGQxl4HZxuxHm68/McjeDMyIPbdvbxkk +8a7/3pUxPzjl7aHh5GtUHya4U3nP/om6vDWhvC+KB6LrDZByrYpg +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-cortex.crt b/roles/ca/files/CA/issued/dsoclab-cortex.crt new file mode 100644 index 0000000..a743bd0 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-cortex.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 5d:c4:bc:49:5f:a0:76:a8:13:a4:c2:32:61:64:0d:92 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-cortex + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cd:09:6b:14:33:4a:47:75:5b:d3:d9:67:3b:4d: + ad:1f:a7:1f:33:ab:86:b1:aa:3b:09:ab:1a:a6:fb: + a0:60:04:e3:68:33:0e:85:54:d1:70:61:8a:b9:d5: + d6:b5:6c:c2:b3:36:02:94:b7:1d:18:93:5f:88:81: + ff:2a:f4:99:58:6d:d7:96:e2:d2:64:77:b9:74:44: + 3c:f0:fb:5b:0f:43:7d:38:5d:fe:b0:db:05:7a:a9: + c5:10:24:75:13:c8:2d:da:69:be:e3:43:33:f0:28: + 30:9a:53:f8:f8:d3:10:32:35:ec:1d:87:ab:1e:2c: + b5:00:7c:9f:8f:61:e0:5d:56:15:8c:46:45:09:78: + 02:78:10:c0:af:2f:25:6c:c2:5b:ed:5f:c1:33:0b: + f8:c8:13:dc:df:c3:fc:05:90:ff:06:9e:cb:bc:1d: + 2b:c2:57:f2:bd:aa:22:b3:4b:f5:ca:b2:b8:00:18: + f1:14:10:b8:5e:69:9f:ed:fc:04:83:d9:2e:b7:9a: + 8a:45:1c:54:71:8f:61:02:6a:8a:84:2f:67:df:92: + 3a:0c:5f:e5:b6:e7:6c:27:69:1f:5b:06:d6:7f:e6: + df:ab:2f:31:a5:cd:63:32:60:c0:07:50:6c:0d:39: + cb:68:ae:3c:b2:da:0f:20:06:77:2c:28:ab:3a:30: + 92:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 9A:0E:E1:26:13:A7:12:5F:A4:F1:41:C0:09:FC:AD:EB:4E:66:C2:50 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-cortex, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 27:2e:a1:0c:8d:fb:b1:36:ff:4e:ac:00:91:75:81:4b:20:79: + 3f:da:1c:e1:80:b9:8c:6b:60:47:a5:8c:bf:1f:34:98:61:95: + 00:bb:79:d4:9e:c8:fb:dc:fb:6a:48:b2:69:d1:1a:04:cc:52: + ca:0b:48:01:3e:94:1e:68:0b:e3:4d:fa:12:c4:aa:ff:b6:5b: + 0c:3c:80:21:fe:50:87:8a:14:3a:7d:e7:a3:5e:b6:dc:22:ba: + cc:97:69:00:a8:78:08:dd:66:d1:cb:ca:28:41:b9:cc:8a:6b: + 7c:40:b7:5e:1d:a1:88:5a:b3:fd:18:77:e9:c4:48:fd:38:8f: + 06:6e:78:0e:f1:1a:1b:b2:6c:0a:df:38:11:e3:5a:3d:2a:5b: + de:41:63:14:ab:25:8e:a6:9f:a8:b7:32:9e:dc:23:45:f3:6b: + 6d:86:b7:17:b3:53:df:55:bd:cb:41:a1:b7:73:ae:21:1b:68: + b3:b1:0a:e5:e6:0c:2a:77:76:23:f3:87:ee:5f:0e:6d:cd:3b: + 94:9a:6f:f2:fd:4f:2d:72:a3:21:94:55:c0:4a:6c:2b:13:e3: + 82:13:a5:1f:82:6b:ae:6e:e2:ec:eb:7a:25:6a:f2:9e:45:d7: + 0a:7d:75:be:9d:f7:94:6f:ce:a5:27:d6:9b:dc:d2:12:54:64: + 09:c4:f6:a9 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQXcS8SV+gdqgTpMIyYWQNkjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBkxFzAVBgNVBAMMDmRzb2NsYWItY29ydGV4MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAzQlrFDNKR3Vb09lnO02tH6cfM6uGsao7Casapvug +YATjaDMOhVTRcGGKudXWtWzCszYClLcdGJNfiIH/KvSZWG3XluLSZHe5dEQ88Ptb +D0N9OF3+sNsFeqnFECR1E8gt2mm+40Mz8CgwmlP4+NMQMjXsHYerHiy1AHyfj2Hg +XVYVjEZFCXgCeBDAry8lbMJb7V/BMwv4yBPc38P8BZD/Bp7LvB0rwlfyvaois0v1 +yrK4ABjxFBC4Xmmf7fwEg9kut5qKRRxUcY9hAmqKhC9n35I6DF/ltudsJ2kfWwbW +f+bfqy8xpc1jMmDAB1BsDTnLaK48stoPIAZ3LCirOjCSGwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFJoO4SYTpxJfpPFBwAn8retOZsJQMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1jb3J0ZXiCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAJy6hDI37 +sTb/TqwAkXWBSyB5P9oc4YC5jGtgR6WMvx80mGGVALt51J7I+9z7akiyadEaBMxS +ygtIAT6UHmgL4036EsSq/7ZbDDyAIf5Qh4oUOn3no1623CK6zJdpAKh4CN1m0cvK +KEG5zIprfEC3Xh2hiFqz/Rh36cRI/TiPBm54DvEaG7JsCt84EeNaPSpb3kFjFKsl +jqafqLcyntwjRfNrbYa3F7NT31W9y0Ght3OuIRtos7EK5eYMKnd2I/OH7l8Obc07 +lJpv8v1PLXKjIZRVwEpsKxPjghOlH4Jrrm7i7Ot6JWrynkXXCn11vp33lG/OpSfW +m9zSElRkCcT2qQ== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-haproxy.crt b/roles/ca/files/CA/issued/dsoclab-haproxy.crt new file mode 100644 index 0000000..5be39cb --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-haproxy.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + d2:7b:43:cb:9b:fb:09:cf:cc:86:ef:d1:01:9a:42:fc + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:30 2020 GMT + Not After : Oct 15 10:47:30 2023 GMT + Subject: CN=dsoclab-haproxy + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c9:c7:22:33:0b:0b:0f:a0:8c:c4:a9:81:37:bd: + 51:2f:47:32:fa:1b:88:45:b1:bb:11:43:3d:de:b3: + 70:67:d7:8b:39:5a:8f:13:fb:2f:78:08:b1:b1:32: + c6:d1:0e:e4:d3:2e:3a:db:84:db:d2:65:6b:26:24: + 6c:d7:16:e5:a5:90:8e:02:46:13:02:0a:96:66:46: + 87:b7:b0:ee:56:4c:3c:d8:ae:4c:7d:ef:5b:aa:6e: + 01:8e:89:fe:4c:b9:de:6c:ba:e4:3f:8d:f8:d7:3a: + ed:b2:29:9a:5b:ac:5a:86:66:05:f3:19:2f:59:8d: + 7c:8b:6a:97:1e:43:8a:36:80:b2:e9:e1:84:f6:94: + bc:13:11:31:b8:d2:5a:72:ed:68:c3:b1:37:e4:5b: + 91:82:62:aa:13:f2:b6:e0:3a:aa:85:66:70:0a:a9: + ad:5c:a7:52:ff:dc:f9:99:5e:e5:15:d5:0c:fe:cd: + 27:cb:98:9e:5a:69:ca:71:74:31:e6:26:df:ec:d2: + 42:43:b9:f3:04:8e:2c:7a:28:a6:f9:8e:ba:64:3c: + 69:0e:ac:f5:dc:d5:f3:2a:50:47:50:d4:8c:f5:ee: + 31:08:73:69:1f:ae:42:1d:52:84:5d:47:68:dd:a3: + 1f:07:57:ec:3e:9e:0d:23:78:16:41:bc:68:f2:4f: + e9:19 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 49:DC:74:02:17:71:C3:D0:A0:64:31:9E:60:2B:B4:38:43:62:DE:98 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-haproxy, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 04:a0:71:31:d2:11:93:09:96:c8:1b:2a:31:b8:b9:34:07:ac: + 89:cb:b0:6c:b0:f0:17:5f:18:3c:a6:96:ca:b3:fa:c7:af:40: + 17:e1:7e:e4:dc:ee:fe:5c:dc:86:40:b7:2f:9d:c0:9e:fd:16: + 6b:85:ab:c2:a8:63:1f:fe:03:2b:89:6a:80:c9:2e:ae:cc:3d: + 19:75:32:0e:56:57:16:27:02:51:49:1d:b3:78:aa:57:d3:00: + 9b:93:fe:6d:a3:37:ad:26:35:57:e1:5f:90:bf:ef:30:bc:68: + f3:bf:7c:59:69:4f:61:30:2d:48:66:a6:44:2a:51:63:6e:4f: + a7:8f:96:7e:91:b2:b2:46:bc:97:1b:01:df:c0:24:5c:b2:aa: + 8d:20:3a:25:5d:8a:1c:84:53:0d:d4:f6:d5:81:5d:30:de:c4: + d7:fa:42:9c:79:68:92:56:b7:76:69:c6:c9:ad:07:47:a6:d2: + 46:d4:a5:0c:10:a9:03:21:4d:56:40:e5:28:e3:fa:70:1b:23: + 32:68:07:3d:d6:8a:3a:fb:6d:3b:a6:20:16:1b:09:f3:47:f0: + 2a:4f:dc:97:86:56:37:96:42:1b:89:b8:76:1a:ab:7a:25:4e: + e8:62:d9:a0:3b:ec:62:72:64:64:ca:87:9c:be:0a:08:09:52: + ab:03:89:2b +-----BEGIN CERTIFICATE----- +MIIDmTCCAoGgAwIBAgIRANJ7Q8ub+wnPzIbv0QGaQvwwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzMwWhcNMjMxMDE1 +MTA0NzMwWjAaMRgwFgYDVQQDDA9kc29jbGFiLWhhcHJveHkwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDJxyIzCwsPoIzEqYE3vVEvRzL6G4hFsbsRQz3e +s3Bn14s5Wo8T+y94CLGxMsbRDuTTLjrbhNvSZWsmJGzXFuWlkI4CRhMCCpZmRoe3 +sO5WTDzYrkx971uqbgGOif5Mud5suuQ/jfjXOu2yKZpbrFqGZgXzGS9ZjXyLapce +Q4o2gLLp4YT2lLwTETG40lpy7WjDsTfkW5GCYqoT8rbgOqqFZnAKqa1cp1L/3PmZ +XuUV1Qz+zSfLmJ5aacpxdDHmJt/s0kJDufMEjix6KKb5jrpkPGkOrPXc1fMqUEdQ +1Iz17jEIc2kfrkIdUoRdR2jdox8HV+w+ng0jeBZBvGjyT+kZAgMBAAGjgd0wgdow +CQYDVR0TBAIwADAdBgNVHQ4EFgQUSdx0Ahdxw9CgZDGeYCu0OENi3pgwRgYDVR0j +BD8wPYAUeQbKQNOfmlSu0zNN8jg+tgvzPc+hGqQYMBYxFDASBgNVBAMMC1NPQ1RP +T0xTLUNBggkAinSTJoBbQrcwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MAsGA1UdDwQEAwIFoDA6BgNVHREEMzAxgg9kc29jbGFiLWhhcHJveHmCHmRzb2Ns +YWIuZ240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEABKBx +MdIRkwmWyBsqMbi5NAesicuwbLDwF18YPKaWyrP6x69AF+F+5Nzu/lzchkC3L53A +nv0Wa4WrwqhjH/4DK4lqgMkursw9GXUyDlZXFicCUUkds3iqV9MAm5P+baM3rSY1 +V+FfkL/vMLxo8798WWlPYTAtSGamRCpRY25Pp4+WfpGyska8lxsB38AkXLKqjSA6 +JV2KHIRTDdT21YFdMN7E1/pCnHlokla3dmnGya0HR6bSRtSlDBCpAyFNVkDlKOP6 +cBsjMmgHPdaKOvttO6YgFhsJ80fwKk/cl4ZWN5ZCG4m4dhqreiVO6GLZoDvsYnJk +ZMqHnL4KCAlSqwOJKw== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-keycloak.crt b/roles/ca/files/CA/issued/dsoclab-keycloak.crt new file mode 100644 index 0000000..92b6893 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-keycloak.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + fe:75:83:de:f2:35:5a:2c:2b:ba:09:72:0b:d8:09:48 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:28 2020 GMT + Not After : Oct 15 10:47:28 2023 GMT + Subject: CN=dsoclab-keycloak + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ea:a9:ea:6b:2f:6c:9c:9f:6d:9c:89:4e:01:ba: + c6:c0:32:df:59:26:2b:95:f4:c2:3d:c8:7e:22:ce: + b6:78:03:e8:22:28:81:9c:9a:a6:a7:ba:fd:05:66: + a3:50:81:85:71:c1:d9:ea:bc:21:e1:5d:0a:87:7b: + be:55:b0:7d:01:57:de:4c:fe:3a:c5:c9:54:77:2e: + 15:fc:12:07:f8:ef:9f:7b:f7:09:01:70:75:53:3b: + dc:b1:0c:65:4d:49:c4:fb:1d:42:20:6f:81:45:42: + d3:db:1d:4c:57:1b:1d:3b:81:39:ee:b2:cf:95:4b: + 29:d0:a8:39:98:d6:93:36:99:bf:c5:43:26:8d:4d: + db:6d:24:3b:fc:16:76:a1:fd:6f:c6:19:11:c7:12: + 0d:80:16:4c:88:da:2c:09:78:3d:1b:7c:6c:ec:db: + 9e:01:50:5f:a3:56:7f:d4:3b:a4:26:d2:6d:42:7b: + 88:4e:8d:64:ed:1e:1a:0e:05:58:65:58:47:83:60: + 9e:b4:ed:15:ce:72:4f:a0:b5:22:dd:9f:a4:da:88: + 86:fe:cb:84:6e:72:3d:00:42:da:8b:85:2a:f2:ef: + d7:ee:bb:85:42:ba:b9:fb:d9:9d:d2:2c:58:0f:7c: + 02:23:b7:46:d0:69:06:37:40:9d:58:74:89:ca:b7: + 12:e5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + FD:C5:77:F8:79:AD:0A:7E:6A:A0:2E:3B:58:6A:9F:43:51:55:0B:DF + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-keycloak, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 9a:c0:35:a3:68:ec:ec:cc:c3:65:5a:bf:03:d0:ee:8d:a0:41: + db:6d:89:3e:97:d4:90:7d:63:8e:73:37:43:ae:9a:e2:d0:2b: + a7:5e:b2:88:9b:4d:8f:b6:81:bf:f6:46:a0:87:ca:77:ec:5c: + af:cd:6b:d8:e8:60:5a:aa:86:be:64:d5:ad:e9:1e:41:7b:6a: + df:01:1d:16:86:94:57:82:51:91:be:6b:d6:ae:f0:b9:8c:3d: + 11:99:c4:93:eb:f7:fa:9e:a3:e3:f8:97:19:cf:63:55:6a:6e: + 4f:e9:a2:64:a7:35:0d:7e:68:23:89:e1:c6:06:4b:34:67:38: + 40:d1:81:b3:73:95:3a:3b:67:d2:5a:e4:8e:49:34:b1:ab:6f: + b6:60:87:ac:55:5d:f5:59:c0:d5:d3:d8:de:3b:76:c9:41:28: + b4:d7:23:ec:a2:3f:1d:3f:74:2e:f0:45:40:35:38:d1:06:50: + b2:93:45:df:de:33:5e:0b:89:86:d8:c9:14:61:1c:d2:94:21: + 1f:bf:df:32:f0:2f:91:52:b0:08:b7:b9:c2:b7:55:2b:ca:05: + e4:eb:91:e1:63:45:5d:1a:6f:e8:76:07:89:e8:42:3e:ec:7b: + 51:0e:a0:d5:8e:c3:3d:26:e3:45:b0:5b:61:d1:98:3b:c3:d4: + 37:9f:c1:7c +-----BEGIN CERTIFICATE----- +MIIDmzCCAoOgAwIBAgIRAP51g97yNVosK7oJcgvYCUgwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI4WhcNMjMxMDE1 +MTA0NzI4WjAbMRkwFwYDVQQDDBBkc29jbGFiLWtleWNsb2FrMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qnqay9snJ9tnIlOAbrGwDLfWSYrlfTCPch+ +Is62eAPoIiiBnJqmp7r9BWajUIGFccHZ6rwh4V0Kh3u+VbB9AVfeTP46xclUdy4V +/BIH+O+fe/cJAXB1UzvcsQxlTUnE+x1CIG+BRULT2x1MVxsdO4E57rLPlUsp0Kg5 +mNaTNpm/xUMmjU3bbSQ7/BZ2of1vxhkRxxINgBZMiNosCXg9G3xs7NueAVBfo1Z/ +1DukJtJtQnuITo1k7R4aDgVYZVhHg2CetO0VznJPoLUi3Z+k2oiG/suEbnI9AELa +i4Uq8u/X7ruFQrq5+9md0ixYD3wCI7dG0GkGN0CdWHSJyrcS5QIDAQABo4HeMIHb +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFP3Fd/h5rQp+aqAuO1hqn0NRVQvfMEYGA1Ud +IwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NU +T09MUy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD +AjALBgNVHQ8EBAMCBaAwOwYDVR0RBDQwMoIQZHNvY2xhYi1rZXljbG9ha4IeZHNv +Y2xhYi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQCa +wDWjaOzszMNlWr8D0O6NoEHbbYk+l9SQfWOOczdDrpri0CunXrKIm02PtoG/9kag +h8p37FyvzWvY6GBaqoa+ZNWt6R5Be2rfAR0WhpRXglGRvmvWrvC5jD0RmcST6/f6 +nqPj+JcZz2NVam5P6aJkpzUNfmgjieHGBks0ZzhA0YGzc5U6O2fSWuSOSTSxq2+2 +YIesVV31WcDV09jeO3bJQSi01yPsoj8dP3Qu8EVANTjRBlCyk0Xf3jNeC4mG2MkU +YRzSlCEfv98y8C+RUrAIt7nCt1UrygXk65HhY0VdGm/odgeJ6EI+7HtRDqDVjsM9 +JuNFsFth0Zg7w9Q3n8F8 +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-kibana.crt b/roles/ca/files/CA/issued/dsoclab-kibana.crt new file mode 100644 index 0000000..f47839f --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-kibana.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 7d:fc:33:45:75:73:e8:f1:60:94:a7:4e:6b:2f:23:f1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:27 2020 GMT + Not After : Oct 15 10:47:27 2023 GMT + Subject: CN=dsoclab-kibana + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:4f:c9:0f:84:4d:4e:7b:dc:11:90:c9:49:a8: + f3:60:44:a8:25:1b:59:83:64:0b:d1:e0:bc:59:50: + 22:a5:f5:88:7a:c8:40:65:e4:22:3d:77:d2:8f:9e: + 30:17:80:5e:20:85:bc:70:67:61:cb:d8:e2:9f:9a: + 7c:7b:a6:e8:4e:79:7b:cd:86:6e:26:52:37:45:b6: + ab:b7:6f:40:8f:7a:55:8b:d1:91:cc:21:6f:55:37: + 50:3b:72:1f:2d:3b:bf:75:47:91:88:6a:1c:ea:39: + dd:8b:25:31:55:0e:bc:52:6f:bf:0b:96:ef:e3:12: + 5c:da:63:22:54:e5:b3:95:8b:02:9e:57:3e:7b:4f: + a0:f5:6f:07:a8:5b:45:7c:cb:34:83:77:34:a5:b1: + ff:05:12:88:8f:cc:c4:05:5d:e9:e7:7d:2b:12:fa: + bb:4d:25:f4:f7:04:e7:95:06:95:ea:a9:c4:75:4e: + f7:03:67:2d:9c:9a:f4:01:f6:2a:8d:6c:6d:d0:59: + a9:ce:1f:12:b1:76:39:c8:07:d4:20:73:1e:f3:9c: + b9:67:83:3b:a8:7c:6e:fb:86:ea:3f:6a:8e:98:4c: + 39:a9:d1:4d:be:9f:0a:43:49:1b:fd:09:67:b6:62: + 71:fd:87:9a:63:25:00:aa:c7:a1:4d:23:12:e3:56: + 0f:6f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 50:F3:7D:4F:B2:8C:A5:09:FD:64:CB:C1:97:F1:F8:49:C8:6B:30:4D + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-kibana, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + ae:be:82:6f:6d:e6:c4:cb:c3:2a:d9:d6:ee:11:52:a6:de:89: + 9e:31:a3:e2:86:07:e9:d1:fe:95:c9:a2:38:90:df:05:ff:e5: + 99:27:e8:d8:55:00:8a:85:b3:15:a5:e5:5b:ce:4e:4f:01:3b: + 74:a4:b2:09:fc:6e:95:92:94:2f:76:0d:c7:97:1b:78:c1:08: + 1e:3a:0e:fa:a6:ab:db:1e:22:26:86:39:f4:bb:89:a1:a1:d1: + 55:f6:c3:ff:9b:a5:eb:1b:6a:84:8a:1d:3c:5f:7c:03:0d:08: + 42:6f:d7:14:86:61:38:66:65:f7:c2:86:68:db:81:e9:41:0f: + 82:cf:bb:be:fd:d7:94:48:cc:f8:cf:4a:40:ce:33:c4:75:51: + 00:7e:c7:93:f6:3b:92:c1:5e:8a:ce:5f:2c:c2:f4:fe:ec:77: + 9e:ea:30:d9:53:ee:f9:b9:fd:50:f5:6b:92:1c:57:d2:e0:f3: + 05:d8:79:a9:63:16:13:09:cf:5f:39:dc:ec:43:e4:65:45:43: + 65:e4:7c:39:a3:a2:81:47:ab:8f:57:a9:89:9d:56:4b:77:b1: + 04:c8:9c:54:d2:5c:28:f5:d3:66:ae:9a:9c:a5:91:c7:eb:20: + 69:fb:58:99:c7:5e:be:ec:4a:7a:62:09:fe:3b:30:f2:4a:d7: + 1d:f9:0b:c3 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQffwzRXVz6PFglKdOay8j8TANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjdaFw0yMzEwMTUx +MDQ3MjdaMBkxFzAVBgNVBAMMDmRzb2NsYWIta2liYW5hMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAzk/JD4RNTnvcEZDJSajzYESoJRtZg2QL0eC8WVAi +pfWIeshAZeQiPXfSj54wF4BeIIW8cGdhy9jin5p8e6boTnl7zYZuJlI3Rbart29A +j3pVi9GRzCFvVTdQO3IfLTu/dUeRiGoc6jndiyUxVQ68Um+/C5bv4xJc2mMiVOWz +lYsCnlc+e0+g9W8HqFtFfMs0g3c0pbH/BRKIj8zEBV3p530rEvq7TSX09wTnlQaV +6qnEdU73A2ctnJr0AfYqjWxt0Fmpzh8SsXY5yAfUIHMe85y5Z4M7qHxu+4bqP2qO +mEw5qdFNvp8KQ0kb/QlntmJx/YeaYyUAqsehTSMS41YPbwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFFDzfU+yjKUJ/WTLwZfx+EnIazBNMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1raWJhbmGCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEArr6Cb23m +xMvDKtnW7hFSpt6JnjGj4oYH6dH+lcmiOJDfBf/lmSfo2FUAioWzFaXlW85OTwE7 +dKSyCfxulZKUL3YNx5cbeMEIHjoO+qar2x4iJoY59LuJoaHRVfbD/5ul6xtqhIod +PF98Aw0IQm/XFIZhOGZl98KGaNuB6UEPgs+7vv3XlEjM+M9KQM4zxHVRAH7Hk/Y7 +ksFeis5fLML0/ux3nuow2VPu+bn9UPVrkhxX0uDzBdh5qWMWEwnPXznc7EPkZUVD +ZeR8OaOigUerj1epiZ1WS3exBMicVNJcKPXTZq6anKWRx+sgaftYmcdevuxKemIJ +/jsw8krXHfkLww== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-misp.crt b/roles/ca/files/CA/issued/dsoclab-misp.crt new file mode 100644 index 0000000..f830104 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-misp.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 75:87:fc:e4:cf:3e:c6:81:17:19:90:76:b1:2c:d5:d2 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:28 2020 GMT + Not After : Oct 15 10:47:28 2023 GMT + Subject: CN=dsoclab-misp + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cf:b1:1b:e7:a2:ae:70:81:71:a5:57:46:14:2e: + 47:64:89:4e:bd:7d:f0:82:2d:03:19:d6:87:44:b3: + 42:bf:72:78:03:cc:91:98:5b:36:42:14:55:e2:82: + 16:12:58:60:54:44:8f:15:f6:1b:1f:76:36:22:2e: + e8:ac:d3:3c:0a:df:46:c7:f1:04:bc:3a:bf:fe:4b: + 8f:2a:53:83:e3:50:82:06:09:fc:2a:fa:fe:94:a0: + 7b:7f:c2:3e:0b:3e:dc:72:b8:94:10:0a:0b:90:fd: + 45:76:29:85:52:bf:0f:20:43:78:fe:3b:d3:49:20: + 8f:9a:a5:0c:89:bb:0e:97:f2:67:b0:2d:f0:17:53: + 25:a6:9b:4b:64:0e:72:8a:bf:c9:e3:8e:41:bb:ed: + f3:33:6a:55:5f:8d:52:84:fa:a3:67:1a:7b:71:fb: + 90:f1:5f:61:df:44:ea:0b:77:88:f2:e5:c1:83:71: + 58:c7:58:8a:9b:39:45:59:4e:e0:db:16:b6:96:72: + 90:8c:ee:c2:13:75:ea:15:c6:6b:e2:dc:3a:de:c8: + 07:de:18:84:2d:96:b6:c4:4c:e1:4a:4d:13:6f:6c: + 9a:1d:e5:f9:6f:cc:7e:1b:4a:3a:75:1a:b9:37:b0: + 6d:a0:1b:69:35:f1:b6:e6:c2:a5:d3:56:d3:57:c7: + 0e:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 65:C5:56:88:65:AF:77:F1:53:B2:71:5E:16:10:D1:0B:30:FF:28:BE + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-misp, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 5a:57:76:90:fd:a5:0d:ea:b0:22:c9:02:2e:18:91:81:04:d1: + f4:64:58:58:19:27:03:9b:5a:dc:de:6c:0e:fb:b7:76:eb:b1: + 97:36:e2:c7:76:ef:7d:d8:00:c3:20:c0:3d:a7:cf:61:f8:16: + 4c:96:4c:7c:c8:89:21:d6:d4:eb:3a:c1:3d:98:34:74:6e:39: + 81:20:6f:9b:4b:8d:b9:35:60:c5:76:19:30:30:06:0f:89:b1: + 1a:f6:c4:88:52:28:98:41:52:f1:9a:77:82:79:ae:c9:71:ba: + d9:e5:e9:b7:ba:08:32:59:eb:5e:7d:11:e0:a8:27:20:91:46: + 05:56:1e:e6:0b:4d:49:17:52:7f:4b:c4:a3:e0:cd:30:bd:4e: + 6a:70:2a:f5:77:4d:d1:d6:64:13:8d:4b:1a:d3:0b:0f:8a:49: + 1e:bf:b4:c0:4f:43:dc:92:e3:c0:f2:2f:4a:c8:30:45:fc:5a: + d2:de:92:b2:a1:48:b8:da:ff:f4:0b:04:5d:5d:a7:30:d8:4b: + ca:cf:0c:01:6a:50:45:5f:d4:a8:cf:dd:fa:f7:68:0c:4c:45: + 47:be:3a:c2:39:bb:04:ff:62:a0:bc:91:a0:f2:2b:67:09:89: + 5a:ff:e6:53:c1:89:18:12:a1:0f:5a:d7:e1:12:8b:88:88:89: + ca:b0:30:27 +-----BEGIN CERTIFICATE----- +MIIDkjCCAnqgAwIBAgIQdYf85M8+xoEXGZB2sSzV0jANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjhaFw0yMzEwMTUx +MDQ3MjhaMBcxFTATBgNVBAMMDGRzb2NsYWItbWlzcDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAM+xG+eirnCBcaVXRhQuR2SJTr198IItAxnWh0SzQr9y +eAPMkZhbNkIUVeKCFhJYYFREjxX2Gx92NiIu6KzTPArfRsfxBLw6v/5LjypTg+NQ +ggYJ/Cr6/pSge3/CPgs+3HK4lBAKC5D9RXYphVK/DyBDeP4700kgj5qlDIm7Dpfy +Z7At8BdTJaabS2QOcoq/yeOOQbvt8zNqVV+NUoT6o2cae3H7kPFfYd9E6gt3iPLl +wYNxWMdYips5RVlO4NsWtpZykIzuwhN16hXGa+LcOt7IB94YhC2WtsRM4UpNE29s +mh3l+W/MfhtKOnUauTewbaAbaTXxtubCpdNW01fHDosCAwEAAaOB2jCB1zAJBgNV +HRMEAjAAMB0GA1UdDgQWBBRlxVaIZa938VOycV4WENELMP8ovjBGBgNVHSMEPzA9 +gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9PTFMt +Q0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYD +VR0PBAQDAgWgMDcGA1UdEQQwMC6CDGRzb2NsYWItbWlzcIIeZHNvY2xhYi5nbjQt +My13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQBaV3aQ/aUN6rAi +yQIuGJGBBNH0ZFhYGScDm1rc3mwO+7d267GXNuLHdu992ADDIMA9p89h+BZMlkx8 +yIkh1tTrOsE9mDR0bjmBIG+bS425NWDFdhkwMAYPibEa9sSIUiiYQVLxmneCea7J +cbrZ5em3uggyWetefRHgqCcgkUYFVh7mC01JF1J/S8Sj4M0wvU5qcCr1d03R1mQT +jUsa0wsPikkev7TAT0PckuPA8i9KyDBF/FrS3pKyoUi42v/0CwRdXacw2EvKzwwB +alBFX9Soz93692gMTEVHvjrCObsE/2KgvJGg8itnCYla/+ZTwYkYEqEPWtfhEouI +iInKsDAn +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-nifi-1.crt b/roles/ca/files/CA/issued/dsoclab-nifi-1.crt new file mode 100644 index 0000000..ad6921c --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-nifi-1.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 01:ec:4d:ad:3e:5e:47:cf:4e:4b:98:49:59:32:b3:37 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:25 2020 GMT + Not After : Oct 15 10:47:25 2023 GMT + Subject: CN=dsoclab-nifi-1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c3:af:ef:b7:a1:95:47:5f:55:ea:7e:e8:d6:fd: + d5:e3:19:68:2e:72:1f:90:62:a8:79:76:d8:d2:f6: + 51:df:71:80:37:5a:ec:7d:fb:6d:78:6e:37:fe:e5: + 1b:c8:d5:73:e4:c9:a5:cb:e8:4a:48:26:c6:e0:a6: + 5e:14:2c:90:b1:81:b2:69:31:e2:44:85:97:f5:60: + 12:88:06:9d:8d:cf:4a:a2:77:b3:d9:ff:f3:41:40: + 4c:21:e1:73:8d:98:82:2f:37:27:0c:24:d8:67:bd: + c7:05:50:40:c5:a9:d0:e4:3f:bb:0c:72:29:7c:be: + 06:01:96:03:b8:a0:42:c4:6f:6f:da:aa:17:34:5f: + 5e:f3:73:0e:77:b5:7a:9a:59:e3:3c:d1:39:50:17: + 2f:53:18:05:82:34:29:1b:19:56:2e:c2:db:24:79: + 51:0f:a8:d9:66:3c:72:1e:a0:f7:03:d6:e9:e5:c6: + b9:be:94:e4:84:bd:cd:93:26:eb:3b:17:bb:cd:e5: + 58:25:f2:28:35:a4:b1:70:df:32:54:85:f6:3c:20: + 9f:88:8b:5d:83:a2:c4:1e:31:d9:a1:76:1d:2e:3c: + f8:78:64:a4:dd:3a:b2:56:65:bf:a8:2a:a8:ed:62: + c9:62:2c:72:bd:9d:7e:6b:1f:80:ea:bc:33:60:47: + d3:0f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 87:9A:8D:12:3A:69:8D:89:98:F6:95:D0:F2:ED:C3:DC:ED:A0:22:12 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-nifi-1, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 8d:23:38:a7:aa:d0:58:03:f2:98:19:da:62:c6:55:cb:d5:c5: + 05:dd:55:c5:f9:41:46:ec:75:06:be:0a:0b:7b:0f:ac:10:dd: + 86:bf:4f:6e:05:c1:7b:c1:1d:1c:ce:c7:f0:a9:0c:6e:79:fe: + c2:49:18:d5:5d:4a:ae:c8:d8:ab:ec:45:95:94:c1:8b:30:da: + 52:1a:42:3c:41:77:65:9e:8a:63:f5:52:c2:71:b7:e2:56:43: + bd:89:3a:fa:14:bd:d7:7a:b2:60:43:82:c0:df:4a:e0:a7:02: + fd:d7:f6:56:9a:0f:ad:f4:ee:00:06:fb:75:b9:96:63:c8:b3: + 75:1f:c6:9d:3b:9d:1a:29:cd:09:f0:80:31:5c:4e:97:62:91: + 73:84:aa:11:cc:4b:00:15:a1:92:62:2a:6b:d4:d6:4c:ed:a5: + 89:fe:12:c9:d1:0b:48:b8:97:26:e4:5b:ab:da:fe:2d:54:ca: + 55:23:8b:22:7f:a1:12:4a:21:3e:9e:bb:48:d6:82:b6:a2:cc: + 83:15:5d:5f:c7:52:a1:01:01:70:60:3f:64:b4:1d:85:4f:56: + b7:67:77:b8:ea:59:7a:85:ce:e3:4a:e1:d6:2f:e0:b2:60:44: + 3a:08:3a:b5:0e:fc:88:ad:e5:a1:f1:a8:79:37:c4:52:02:f0: + 5b:05:94:0e +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQAexNrT5eR89OS5hJWTKzNzANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjVaFw0yMzEwMTUx +MDQ3MjVaMBkxFzAVBgNVBAMMDmRzb2NsYWItbmlmaS0xMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAw6/vt6GVR19V6n7o1v3V4xloLnIfkGKoeXbY0vZR +33GAN1rsfftteG43/uUbyNVz5Mmly+hKSCbG4KZeFCyQsYGyaTHiRIWX9WASiAad +jc9Konez2f/zQUBMIeFzjZiCLzcnDCTYZ73HBVBAxanQ5D+7DHIpfL4GAZYDuKBC +xG9v2qoXNF9e83MOd7V6mlnjPNE5UBcvUxgFgjQpGxlWLsLbJHlRD6jZZjxyHqD3 +A9bp5ca5vpTkhL3NkybrOxe7zeVYJfIoNaSxcN8yVIX2PCCfiItdg6LEHjHZoXYd +Ljz4eGSk3TqyVmW/qCqo7WLJYixyvZ1+ax+A6rwzYEfTDwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFIeajRI6aY2JmPaV0PLtw9ztoCISMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1uaWZpLTGCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAjSM4p6rQ +WAPymBnaYsZVy9XFBd1VxflBRux1Br4KC3sPrBDdhr9PbgXBe8EdHM7H8KkMbnn+ +wkkY1V1KrsjYq+xFlZTBizDaUhpCPEF3ZZ6KY/VSwnG34lZDvYk6+hS913qyYEOC +wN9K4KcC/df2VpoPrfTuAAb7dbmWY8izdR/GnTudGinNCfCAMVxOl2KRc4SqEcxL +ABWhkmIqa9TWTO2lif4SydELSLiXJuRbq9r+LVTKVSOLIn+hEkohPp67SNaCtqLM +gxVdX8dSoQEBcGA/ZLQdhU9Wt2d3uOpZeoXO40rh1i/gsmBEOgg6tQ78iK3lofGo +eTfEUgLwWwWUDg== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-nifi-2.crt b/roles/ca/files/CA/issued/dsoclab-nifi-2.crt new file mode 100644 index 0000000..56a67ac --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-nifi-2.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 8b:69:05:5f:85:86:ce:dd:21:66:0b:24:93:41:26:60 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:25 2020 GMT + Not After : Oct 15 10:47:25 2023 GMT + Subject: CN=dsoclab-nifi-2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ac:b7:4b:e2:d5:87:7f:8e:15:9b:cf:c0:17:eb: + db:8c:e3:1b:83:c0:69:b9:06:91:a0:9b:c6:35:dc: + 2f:e8:8c:72:28:50:02:82:c5:b1:eb:da:d9:e3:9d: + 95:d2:d9:dd:e1:08:35:6d:83:73:95:98:ba:19:fd: + 3e:04:67:9a:09:37:45:79:d3:1d:0b:ec:0a:43:cb: + b8:24:cc:68:5c:ce:2e:ae:db:48:d8:6e:5a:f3:31: + be:87:28:86:76:8e:8f:8d:68:95:1f:72:6c:65:4a: + fc:9e:b8:7d:e2:83:e2:3d:b0:30:5d:c1:73:06:ae: + 9b:f7:9a:54:b8:02:6b:82:90:11:08:3f:d6:5f:59: + 5c:df:aa:25:59:c0:67:7a:fc:e1:f0:c9:4a:8b:e0: + 31:b6:53:13:c2:bf:8c:4f:3a:e6:ed:11:30:a6:41: + 26:ad:56:8f:03:0b:ad:87:6c:b2:73:c4:2e:41:3e: + 99:1a:b6:29:6d:e0:dc:af:8f:45:6e:d5:69:17:0d: + f1:58:a6:7e:8c:80:32:72:24:21:d2:e9:b4:44:23: + f6:10:8f:9f:64:7f:ef:e6:ab:f1:43:94:d0:8a:97: + 0e:e4:91:bd:86:b9:1f:42:f4:96:39:85:05:26:ed: + 90:01:91:11:a3:1f:04:5b:46:ff:1b:a9:74:77:db: + 18:03 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 1F:5E:EF:0E:58:69:FD:21:93:48:19:98:81:48:13:2E:FC:31:61:0C + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-nifi-2, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 21:2d:9b:f7:0c:74:cd:d4:30:b1:42:5b:32:98:d8:ef:9f:a9: + 9b:1b:f0:54:67:c3:20:5b:f1:87:4d:ff:e4:a5:db:af:eb:34: + 8a:b3:fa:d6:14:4a:3c:31:11:8f:09:b0:af:25:39:5a:5e:89: + 32:cf:c7:48:68:f3:14:72:a0:35:15:ec:76:c7:bb:a7:5b:0c: + d5:7e:5b:8c:d8:40:a2:5e:fa:f8:f2:cf:dd:56:65:7e:94:ef: + b4:99:25:ba:9f:78:94:7d:54:0c:83:b9:cf:b8:b4:9d:78:6d: + 62:e3:6c:98:1f:40:b9:35:3c:51:b5:9f:82:7b:1e:77:db:25: + f2:71:df:3d:e9:56:93:86:fe:61:48:4f:db:76:5b:5f:b1:96: + f9:46:72:5e:01:80:87:b5:be:b4:00:3b:37:7f:5e:44:d4:7e: + c5:87:ed:40:6b:9e:f4:ca:1b:b0:4b:84:97:1f:07:0f:7c:8b: + d2:7b:b1:3d:a7:f8:ae:39:07:34:50:41:70:1f:07:ba:a6:a2: + 0d:ca:e5:7b:d4:77:2c:95:4d:16:0c:34:e0:a5:59:7f:43:c7: + a0:dd:a0:f0:ed:75:5a:0f:61:76:52:34:ef:7c:a7:21:e4:de: + 3a:24:cd:39:b6:77:3a:c8:f3:1f:09:2b:80:9a:f0:5d:7f:5e: + 73:9d:73:eb +-----BEGIN CERTIFICATE----- +MIIDlzCCAn+gAwIBAgIRAItpBV+Fhs7dIWYLJJNBJmAwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI1WhcNMjMxMDE1 +MTA0NzI1WjAZMRcwFQYDVQQDDA5kc29jbGFiLW5pZmktMjCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKy3S+LVh3+OFZvPwBfr24zjG4PAabkGkaCbxjXc +L+iMcihQAoLFseva2eOdldLZ3eEINW2Dc5WYuhn9PgRnmgk3RXnTHQvsCkPLuCTM +aFzOLq7bSNhuWvMxvocohnaOj41olR9ybGVK/J64feKD4j2wMF3Bcwaum/eaVLgC +a4KQEQg/1l9ZXN+qJVnAZ3r84fDJSovgMbZTE8K/jE865u0RMKZBJq1WjwMLrYds +snPELkE+mRq2KW3g3K+PRW7VaRcN8VimfoyAMnIkIdLptEQj9hCPn2R/7+ar8UOU +0IqXDuSRvYa5H0L0ljmFBSbtkAGREaMfBFtG/xupdHfbGAMCAwEAAaOB3DCB2TAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBQfXu8OWGn9IZNIGZiBSBMu/DFhDDBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDkGA1UdEQQyMDCCDmRzb2NsYWItbmlmaS0ygh5kc29jbGFi +LmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBACEtm/cM +dM3UMLFCWzKY2O+fqZsb8FRnwyBb8YdN/+Sl26/rNIqz+tYUSjwxEY8JsK8lOVpe +iTLPx0ho8xRyoDUV7HbHu6dbDNV+W4zYQKJe+vjyz91WZX6U77SZJbqfeJR9VAyD +uc+4tJ14bWLjbJgfQLk1PFG1n4J7HnfbJfJx3z3pVpOG/mFIT9t2W1+xlvlGcl4B +gIe1vrQAOzd/XkTUfsWH7UBrnvTKG7BLhJcfBw98i9J7sT2n+K45BzRQQXAfB7qm +og3K5XvUdyyVTRYMNOClWX9Dx6DdoPDtdVoPYXZSNO98pyHk3jokzTm2dzrI8x8J +K4Ca8F1/XnOdc+s= +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-nifi-3.crt b/roles/ca/files/CA/issued/dsoclab-nifi-3.crt new file mode 100644 index 0000000..796e826 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-nifi-3.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 59:69:91:8f:10:ef:8d:2b:ae:46:b2:6d:6d:62:9d:8e + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:26 2020 GMT + Not After : Oct 15 10:47:26 2023 GMT + Subject: CN=dsoclab-nifi-3 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a7:48:a0:d3:ab:1e:8c:49:60:8b:b8:bd:9a:aa: + 5c:09:62:01:79:89:c9:e5:5f:30:64:38:ca:f1:95: + 2d:48:20:81:ef:60:aa:6f:d1:ef:b4:ac:89:8e:e9: + f5:16:7d:64:07:b0:3b:75:c3:e1:e1:15:71:64:60: + 8f:15:8e:16:8b:de:b8:97:79:a7:83:19:77:5b:aa: + 36:82:37:b9:51:a7:95:b5:1f:ac:9d:81:c6:ec:fb: + 14:3a:84:77:1e:9c:dd:3c:06:30:a1:5e:d0:8f:b0: + c9:5a:13:ad:0e:56:57:bc:1d:3f:be:d7:4c:4b:37: + a2:88:72:4d:1a:62:88:08:a0:57:bb:20:ce:7e:af: + b7:72:f2:ee:86:1a:b1:28:3b:41:f4:d3:ea:14:74: + 90:e1:33:41:1a:92:e2:2e:ec:d3:20:60:60:61:d6: + fc:0e:3f:57:43:88:5f:10:29:20:51:40:46:ed:5d: + 9f:d1:5a:e7:4b:52:f4:d4:23:60:4a:22:a7:92:6c: + d4:cb:20:01:a6:b9:53:71:7a:71:02:e1:05:72:41: + a5:42:9f:41:47:2c:30:7e:0c:b1:73:cc:f7:63:60: + 27:3f:3d:36:93:14:aa:7e:12:ed:1b:f1:cb:4d:e8: + 7c:32:20:50:f5:2d:7d:06:0a:93:cf:7a:85:2b:0b: + a6:b1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + C9:B8:02:23:C4:2E:F5:FE:C9:34:45:77:33:0D:89:CE:D9:A3:30:2A + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-nifi-3, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 32:20:b3:1c:e1:c9:a4:19:75:14:32:1b:cd:c2:83:59:49:07: + e3:b8:62:73:ec:4e:69:cb:9b:49:0d:f5:d0:ea:8b:b6:de:3e: + 76:03:c4:e8:68:0f:01:96:aa:40:b2:1e:99:06:d2:75:f5:31: + ec:b7:93:e6:1b:b0:ab:7e:1b:1d:65:46:6d:9f:ac:97:ed:55: + 53:ca:53:00:5a:ca:c5:83:48:c3:2a:51:db:e7:e7:e1:40:4a: + bf:b2:9d:d4:71:d4:54:84:2b:4b:d4:a2:22:73:95:e1:62:51: + ce:e3:e2:f6:24:dd:40:08:07:01:6f:ee:27:3e:fc:17:1d:1f: + 30:da:7f:37:78:7e:b8:af:d8:2c:d9:48:84:92:be:4e:8e:a7: + b8:e6:9f:d4:91:5d:44:c9:8b:82:9f:13:eb:d5:2c:00:fa:ef: + d6:49:ff:92:0d:83:22:57:45:4a:ac:b6:5e:a2:c6:c1:73:ff: + f5:dd:a7:d8:79:9a:a7:96:33:b4:51:17:7f:80:6e:3b:52:a8: + 61:53:ae:08:1f:02:5a:0c:5b:37:3c:3a:36:ee:74:e2:9e:df: + df:01:b5:f6:d0:b8:fa:58:79:53:fd:70:9e:54:c3:6c:68:a7: + 3f:b0:e4:20:a6:a8:2f:87:5a:8a:08:01:41:de:35:ed:5e:85: + ae:dd:e0:3e +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQWWmRjxDvjSuuRrJtbWKdjjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjZaFw0yMzEwMTUx +MDQ3MjZaMBkxFzAVBgNVBAMMDmRzb2NsYWItbmlmaS0zMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAp0ig06sejElgi7i9mqpcCWIBeYnJ5V8wZDjK8ZUt +SCCB72Cqb9HvtKyJjun1Fn1kB7A7dcPh4RVxZGCPFY4Wi964l3mngxl3W6o2gje5 +UaeVtR+snYHG7PsUOoR3HpzdPAYwoV7Qj7DJWhOtDlZXvB0/vtdMSzeiiHJNGmKI +CKBXuyDOfq+3cvLuhhqxKDtB9NPqFHSQ4TNBGpLiLuzTIGBgYdb8Dj9XQ4hfECkg +UUBG7V2f0VrnS1L01CNgSiKnkmzUyyABprlTcXpxAuEFckGlQp9BRywwfgyxc8z3 +Y2AnPz02kxSqfhLtG/HLTeh8MiBQ9S19BgqTz3qFKwumsQIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFMm4AiPELvX+yTRFdzMNic7ZozAqMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1uaWZpLTOCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAMiCzHOHJ +pBl1FDIbzcKDWUkH47hic+xOacubSQ310OqLtt4+dgPE6GgPAZaqQLIemQbSdfUx +7LeT5huwq34bHWVGbZ+sl+1VU8pTAFrKxYNIwypR2+fn4UBKv7Kd1HHUVIQrS9Si +InOV4WJRzuPi9iTdQAgHAW/uJz78Fx0fMNp/N3h+uK/YLNlIhJK+To6nuOaf1JFd +RMmLgp8T69UsAPrv1kn/kg2DIldFSqy2XqLGwXP/9d2n2Hmap5YztFEXf4BuO1Ko +YVOuCB8CWgxbNzw6Nu504p7f3wG19tC4+lh5U/1wnlTDbGinP7DkIKaoL4daiggB +Qd417V6Frt3gPg== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-odfe-1.crt b/roles/ca/files/CA/issued/dsoclab-odfe-1.crt new file mode 100644 index 0000000..71baad0 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-odfe-1.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 97:d2:d0:cf:23:00:c0:a9:66:d1:03:ca:89:a9:92:12 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:26 2020 GMT + Not After : Oct 15 10:47:26 2023 GMT + Subject: CN=dsoclab-odfe-1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e5:46:f6:71:ce:a2:3f:61:5e:9b:f3:c6:61:88: + 87:99:0a:ac:b8:e8:9d:3c:5f:8c:60:2b:41:5b:36: + fb:39:0a:6f:a1:16:02:31:ac:0d:bd:0e:ff:95:59: + d8:f1:21:6b:bd:96:d6:7b:79:01:d1:65:1c:ca:09: + 22:50:30:01:ea:ed:b4:29:bf:b4:70:25:db:b3:1d: + e9:73:ed:63:93:02:4c:90:22:04:6d:31:74:31:ae: + 85:3c:12:8d:b3:f6:92:2f:de:75:75:8f:ca:a5:f2: + a2:12:94:fb:e8:73:30:37:f1:7c:b5:4e:59:ab:71: + 73:26:80:9a:46:8d:49:94:b0:09:e5:27:10:34:9d: + c0:53:3b:fa:77:2e:06:c0:73:8e:0f:9a:1e:8c:27: + 32:0c:eb:f2:d2:0c:a7:52:48:c6:ee:12:21:15:e3: + 45:30:89:81:63:7f:bf:0a:5b:d1:05:c8:1c:fc:5f: + bb:b8:82:2a:92:3b:3a:ae:19:9d:e9:a7:62:7c:0a: + f2:c2:2a:e6:a8:d4:9b:0a:a8:a2:5a:ec:e5:a3:1a: + 73:e0:83:3d:d2:e8:74:a9:0b:b0:e4:b0:fd:fe:ad: + 1e:57:e8:0d:20:7c:aa:1f:31:69:b5:0d:8c:3f:1c: + 8d:dc:d3:71:5b:f1:04:6a:ae:b9:2d:a8:be:28:11: + f5:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + DB:92:49:8B:D9:27:41:85:16:AE:C9:CA:F6:8D:11:53:8B:EE:B0:5E + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-odfe-1, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 0f:83:fb:ba:2a:0d:aa:14:3f:3f:0b:00:be:f9:37:f4:7f:29: + 1e:21:4e:18:07:e0:ae:e1:84:f7:cf:a1:21:a5:36:ba:77:6c: + 0c:00:11:d5:7d:d8:31:b3:f5:cc:fd:6b:27:8f:99:5f:99:4c: + 57:88:d0:1a:e7:66:6b:8a:fd:d1:01:e3:88:37:91:8c:7b:e9: + e2:22:dd:80:62:64:9e:22:e7:25:b5:b9:89:45:e4:24:f5:19: + c0:5d:10:50:57:80:66:23:0c:b1:8e:bd:b3:f1:fa:95:7e:6f: + 04:d1:da:c2:e8:a1:b2:55:55:66:3a:bc:5b:71:50:8c:a8:56: + 86:f4:a9:9c:c7:4b:d6:91:73:8e:a9:93:ef:e0:85:5e:5c:53: + ae:b3:a7:a4:31:80:f3:b3:e4:03:ad:da:96:f0:14:7b:25:e4: + ff:68:9b:8f:28:cd:fc:94:05:5f:38:80:84:d6:f5:d4:b7:bd: + 43:79:bd:fb:f2:ce:30:73:01:e8:ee:ad:45:4a:ea:88:3f:d1: + a2:ef:22:f5:49:cc:d4:27:22:3c:bc:1f:50:81:58:5a:65:9d: + d6:14:3b:3f:b2:8f:90:35:2b:e7:1a:9b:58:db:96:06:9b:cf: + 44:0b:f5:9f:aa:57:28:3c:ab:70:fa:bc:93:90:d9:94:d7:fe: + 6f:fe:39:2a +-----BEGIN CERTIFICATE----- +MIIDlzCCAn+gAwIBAgIRAJfS0M8jAMCpZtEDyompkhIwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI2WhcNMjMxMDE1 +MTA0NzI2WjAZMRcwFQYDVQQDDA5kc29jbGFiLW9kZmUtMTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAOVG9nHOoj9hXpvzxmGIh5kKrLjonTxfjGArQVs2 ++zkKb6EWAjGsDb0O/5VZ2PEha72W1nt5AdFlHMoJIlAwAerttCm/tHAl27Md6XPt +Y5MCTJAiBG0xdDGuhTwSjbP2ki/edXWPyqXyohKU++hzMDfxfLVOWatxcyaAmkaN +SZSwCeUnEDSdwFM7+ncuBsBzjg+aHownMgzr8tIMp1JIxu4SIRXjRTCJgWN/vwpb +0QXIHPxfu7iCKpI7Oq4ZnemnYnwK8sIq5qjUmwqoolrs5aMac+CDPdLodKkLsOSw +/f6tHlfoDSB8qh8xabUNjD8cjdzTcVvxBGquuS2ovigR9UsCAwEAAaOB3DCB2TAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTbkkmL2SdBhRauycr2jRFTi+6wXjBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDkGA1UdEQQyMDCCDmRzb2NsYWItb2RmZS0xgh5kc29jbGFi +LmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAA+D+7oq +DaoUPz8LAL75N/R/KR4hThgH4K7hhPfPoSGlNrp3bAwAEdV92DGz9cz9ayePmV+Z +TFeI0BrnZmuK/dEB44g3kYx76eIi3YBiZJ4i5yW1uYlF5CT1GcBdEFBXgGYjDLGO +vbPx+pV+bwTR2sLoobJVVWY6vFtxUIyoVob0qZzHS9aRc46pk+/ghV5cU66zp6Qx +gPOz5AOt2pbwFHsl5P9om48ozfyUBV84gITW9dS3vUN5vfvyzjBzAejurUVK6og/ +0aLvIvVJzNQnIjy8H1CBWFplndYUOz+yj5A1K+cam1jblgabz0QL9Z+qVyg8q3D6 +vJOQ2ZTX/m/+OSo= +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-odfe-2.crt b/roles/ca/files/CA/issued/dsoclab-odfe-2.crt new file mode 100644 index 0000000..a648174 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-odfe-2.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 56:0a:99:c5:a0:3f:c4:b9:fc:92:fd:c6:2f:41:9b:b9 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:27 2020 GMT + Not After : Oct 15 10:47:27 2023 GMT + Subject: CN=dsoclab-odfe-2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c7:a5:e1:3f:e0:a3:22:69:f1:b4:15:5e:b9:3c: + db:d7:44:bb:d9:c7:69:94:5b:c1:7d:a3:34:4d:3e: + 88:0a:e2:8f:2e:d3:98:94:ae:b4:1f:49:a3:fd:4b: + 27:16:70:ab:03:ab:cd:4c:02:2a:7b:ed:3a:ff:49: + 49:2e:3b:88:f6:59:85:26:de:37:b4:47:9e:1c:be: + a3:38:8e:b0:22:6b:ca:c5:12:e5:be:40:9c:57:7a: + 4d:02:0c:db:13:c5:9d:d2:85:df:99:57:32:90:37: + 54:08:16:46:01:54:da:0c:77:31:63:39:46:27:88: + 3f:f4:ad:4e:e6:fd:0a:3e:9d:98:9a:53:98:90:be: + 9b:ee:e3:b2:91:c7:7f:3f:a1:b9:62:f8:7a:1e:cc: + b4:23:ed:82:a0:5c:ad:86:7b:50:53:c9:ec:57:04: + 44:1c:12:f6:33:3f:68:42:f8:b7:2f:25:91:1c:aa: + b0:df:17:6b:ed:6d:cc:6d:a7:d6:b7:07:6b:61:a5: + 16:51:9f:02:07:ad:b2:42:42:ca:0b:b1:2e:c1:6e: + 94:2d:3e:5e:88:48:8f:b6:8b:15:b0:48:8e:35:58: + ea:b5:90:9c:fb:5a:fa:f5:c7:27:b7:11:30:7a:cb: + 36:7c:4f:ea:52:00:47:40:e9:f0:ca:67:63:32:e0: + 33:73 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + E6:41:BE:4B:A2:E1:07:EF:2A:FD:16:A7:B6:68:3D:0F:81:F5:15:80 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-odfe-2, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 84:64:d0:92:f6:96:07:be:f1:52:f6:49:15:cd:d0:99:ea:ca: + 7f:06:a8:d2:68:e3:8e:c3:a3:a9:2d:f2:b7:4a:74:75:9f:02: + b4:6f:77:14:ec:89:f9:a3:b5:35:c8:f2:ad:50:df:24:05:d3: + 0a:a8:49:be:19:de:fc:84:a4:61:af:ff:c0:2c:f7:8b:11:87: + 34:10:e3:dc:9b:d2:b8:66:0a:f7:3f:05:11:37:41:09:9f:3d: + f3:a1:97:b7:62:64:db:5a:46:d9:5a:7a:c8:f7:79:e4:f8:61: + 2e:5c:e8:82:8d:fc:0e:8d:a4:4f:fd:33:f1:76:0e:8d:21:f4: + 00:5a:e1:a6:96:21:e0:bb:e4:e6:35:8e:b6:61:49:8a:f2:c1: + 25:96:cf:c0:f6:e0:0a:0b:75:b5:d5:6c:be:ad:0c:a8:4b:33: + 44:72:cc:ef:5f:db:09:e7:b9:6e:60:80:7d:02:e9:ab:06:81: + 24:d3:9d:c3:de:f9:a1:f1:f7:77:ee:6d:49:ab:13:72:c6:62: + 39:b2:80:32:07:20:51:a3:3e:1a:cf:b9:3a:bc:e3:a1:58:33: + 22:6f:68:a9:e9:33:0b:8d:24:72:ea:e3:75:68:a3:69:11:a8: + 2d:86:ed:f2:00:74:d6:d4:ab:fc:30:3f:68:6b:b6:d3:61:30: + 51:84:09:da +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQVgqZxaA/xLn8kv3GL0GbuTANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjdaFw0yMzEwMTUx +MDQ3MjdaMBkxFzAVBgNVBAMMDmRzb2NsYWItb2RmZS0yMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAx6XhP+CjImnxtBVeuTzb10S72cdplFvBfaM0TT6I +CuKPLtOYlK60H0mj/UsnFnCrA6vNTAIqe+06/0lJLjuI9lmFJt43tEeeHL6jOI6w +ImvKxRLlvkCcV3pNAgzbE8Wd0oXfmVcykDdUCBZGAVTaDHcxYzlGJ4g/9K1O5v0K +Pp2YmlOYkL6b7uOykcd/P6G5Yvh6Hsy0I+2CoFythntQU8nsVwREHBL2Mz9oQvi3 +LyWRHKqw3xdr7W3MbafWtwdrYaUWUZ8CB62yQkLKC7EuwW6ULT5eiEiPtosVsEiO +NVjqtZCc+1r69ccntxEwess2fE/qUgBHQOnwymdjMuAzcwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFOZBvkui4QfvKv0Wp7ZoPQ+B9RWAMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1vZGZlLTKCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAhGTQkvaW +B77xUvZJFc3QmerKfwao0mjjjsOjqS3yt0p0dZ8CtG93FOyJ+aO1NcjyrVDfJAXT +CqhJvhne/ISkYa//wCz3ixGHNBDj3JvSuGYK9z8FETdBCZ8986GXt2Jk21pG2Vp6 +yPd55PhhLlzogo38Do2kT/0z8XYOjSH0AFrhppYh4Lvk5jWOtmFJivLBJZbPwPbg +Cgt1tdVsvq0MqEszRHLM71/bCee5bmCAfQLpqwaBJNOdw975ofH3d+5tSasTcsZi +ObKAMgcgUaM+Gs+5OrzjoVgzIm9oqekzC40kcurjdWijaRGoLYbt8gB01tSr/DA/ +aGu202EwUYQJ2g== +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/issued/dsoclab-thehive.crt b/roles/ca/files/CA/issued/dsoclab-thehive.crt new file mode 100644 index 0000000..0d474c2 --- /dev/null +++ b/roles/ca/files/CA/issued/dsoclab-thehive.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 61:09:5c:2c:8d:35:ee:29:1c:99:ce:ab:d4:2b:3c:a4 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-thehive + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ba:c5:4d:20:a4:60:b7:61:21:ed:16:a1:6f:72: + c4:de:a1:00:c0:ef:fc:5d:a1:89:34:07:15:d2:b4: + 3a:14:b8:95:75:8e:81:71:49:46:1d:c8:81:cb:f1: + ec:c7:5a:12:f6:89:60:e4:c8:98:1a:61:c8:2d:12: + 8f:73:ee:f8:9d:88:b5:7f:30:70:97:29:b4:ab:43: + 2d:dc:db:a7:10:47:c7:b5:26:9b:11:85:fb:d3:27: + 8f:3a:55:bc:ea:78:17:b8:89:10:a3:a4:10:60:39: + c3:7f:42:25:a9:fe:84:7f:38:5e:f4:3d:c3:98:3d: + 56:b9:ba:81:06:55:8d:65:12:f0:4e:23:88:1d:98: + 0c:2f:6e:4f:67:fd:4e:67:39:91:b9:01:52:12:aa: + 9e:bb:7a:c8:ea:8f:4a:2d:18:f8:69:9a:3a:a0:c8: + 6e:e3:de:c6:db:be:4c:59:e0:cf:bc:34:4f:2c:b0: + ef:3e:82:5a:df:68:be:b8:fb:cc:5f:6a:f2:3e:66: + d4:c6:c5:f6:0b:67:e9:64:85:15:87:60:6f:dc:b4: + 5b:13:6f:b0:9b:f8:f3:da:c1:91:9e:81:5f:16:ca: + 9e:14:01:c1:1c:ce:2a:d3:c8:3c:0f:be:b1:37:aa: + c9:08:68:2b:de:f9:44:6c:1e:90:a4:12:bc:f5:3c: + 46:bd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 5B:08:8E:F2:1B:8F:12:03:BA:31:02:9C:CE:CC:BC:9F:FC:19:D1:E1 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-thehive, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 7f:b2:fa:33:d6:e3:6c:57:8a:4a:9a:ef:8b:81:2b:df:f3:d6: + fb:8c:bc:02:cf:71:54:a0:f2:0d:ae:3b:30:cf:5c:69:d7:d0: + aa:cc:16:80:4d:9d:c8:1f:a7:98:9d:26:dc:ae:8e:24:2b:bc: + c1:11:a6:8d:4f:ca:13:1f:7f:8f:4c:ef:dd:46:df:d6:97:0a: + 88:51:4e:f7:46:aa:3d:e3:70:e9:19:e8:9f:7e:22:fa:b6:38: + 30:00:0a:94:38:09:bf:b8:64:6c:c1:b7:05:6d:4f:f3:27:0c: + df:04:ef:a1:4e:e8:2d:4c:06:d0:c0:4f:4f:da:d0:6d:b8:f2: + b3:79:18:63:bd:62:83:53:55:38:94:d9:64:ca:e7:4d:71:ce: + d1:05:6d:b1:6c:fb:1a:4c:b6:ef:70:2b:3d:9b:1d:66:d8:d9: + 9f:f0:e5:48:29:50:e8:1b:1a:fb:b4:d2:5e:38:ec:05:45:c2: + e7:de:9a:9d:aa:34:67:c5:66:18:e3:86:8b:0c:1a:c4:21:20: + 7e:b7:ad:e2:0b:d0:0d:d4:76:e6:53:ca:77:bc:ce:d0:9b:7b: + 7c:fd:42:94:da:63:d8:a7:52:d2:45:f2:d5:55:ef:37:f1:a5: + 0e:ba:29:c9:b4:ce:99:45:04:21:2b:86:27:bb:c1:f2:86:9a: + 7c:51:5c:3b +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIQYQlcLI017ikcmc6r1Cs8pDANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBoxGDAWBgNVBAMMD2Rzb2NsYWItdGhlaGl2ZTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALrFTSCkYLdhIe0WoW9yxN6hAMDv/F2hiTQHFdK0 +OhS4lXWOgXFJRh3Igcvx7MdaEvaJYOTImBphyC0Sj3Pu+J2ItX8wcJcptKtDLdzb +pxBHx7UmmxGF+9MnjzpVvOp4F7iJEKOkEGA5w39CJan+hH84XvQ9w5g9Vrm6gQZV +jWUS8E4jiB2YDC9uT2f9Tmc5kbkBUhKqnrt6yOqPSi0Y+GmaOqDIbuPextu+TFng +z7w0Tyyw7z6CWt9ovrj7zF9q8j5m1MbF9gtn6WSFFYdgb9y0WxNvsJv489rBkZ6B +XxbKnhQBwRzOKtPIPA++sTeqyQhoK975RGwekKQSvPU8Rr0CAwEAAaOB3TCB2jAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBRbCI7yG48SA7oxApzOzLyf/BnR4TBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDoGA1UdEQQzMDGCD2Rzb2NsYWItdGhlaGl2ZYIeZHNvY2xh +Yi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQB/svoz +1uNsV4pKmu+LgSvf89b7jLwCz3FUoPINrjswz1xp19CqzBaATZ3IH6eYnSbcro4k +K7zBEaaNT8oTH3+PTO/dRt/WlwqIUU73Rqo943DpGeiffiL6tjgwAAqUOAm/uGRs +wbcFbU/zJwzfBO+hTugtTAbQwE9P2tBtuPKzeRhjvWKDU1U4lNlkyudNcc7RBW2x +bPsaTLbvcCs9mx1m2Nmf8OVIKVDoGxr7tNJeOOwFRcLn3pqdqjRnxWYY44aLDBrE +ISB+t63iC9AN1HbmU8p3vM7Qm3t8/UKU2mPYp1LSRfLVVe838aUOuinJtM6ZRQQh +K4Ynu8Hyhpp8UVw7 +-----END CERTIFICATE----- diff --git a/roles/ca/files/CA/openssl-easyrsa.cnf b/roles/ca/files/CA/openssl-easyrsa.cnf new file mode 100644 index 0000000..1139414 --- /dev/null +++ b/roles/ca/files/CA/openssl-easyrsa.cnf @@ -0,0 +1,140 @@ +# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL + +RANDFILE = $ENV::EASYRSA_PKI/.rnd + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = $ENV::EASYRSA_PKI # Where everything is kept +certs = $dir # Where the issued certs are kept +crl_dir = $dir # Where the issued crl are kept +database = $dir/index.txt # database index file. +new_certs_dir = $dir/certs_by_serial # default place for new certs. + +certificate = $dir/ca.crt # The CA certificate +serial = $dir/serial # The current serial number +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/ca.key # The private key +RANDFILE = $dir/.rand # private random number file + +x509_extensions = basic_exts # The extentions to add to the cert + +# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA +# is designed for will. In return, we get the Issuer attached to CRLs. +crl_extensions = crl_ext + +default_days = $ENV::EASYRSA_CERT_EXPIRE # how long to certify for +default_crl_days= $ENV::EASYRSA_CRL_DAYS # how long before next CRL +default_md = $ENV::EASYRSA_DIGEST # use public key default MD +preserve = no # keep passed DN ordering + +# This allows to renew certificates which have not been revoked +unique_subject = no + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_anything + +# For the 'anything' policy, which defines allowed DN fields +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +name = optional +emailAddress = optional + +#################################################################### +# Easy-RSA request handling +# We key off $DN_MODE to determine how to format the DN +[ req ] +default_bits = $ENV::EASYRSA_KEY_SIZE +default_keyfile = privkey.pem +default_md = $ENV::EASYRSA_DIGEST +distinguished_name = $ENV::EASYRSA_DN +x509_extensions = easyrsa_ca # The extentions to add to the self signed cert + +# A placeholder to handle the $EXTRA_EXTS feature: +#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it + +#################################################################### +# Easy-RSA DN (Subject) handling + +# Easy-RSA DN for cn_only support: +[ cn_only ] +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = $ENV::EASYRSA_REQ_CN + +# Easy-RSA DN for org support: +[ org ] +countryName = Country Name (2 letter code) +countryName_default = $ENV::EASYRSA_REQ_COUNTRY +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = $ENV::EASYRSA_REQ_PROVINCE + +localityName = Locality Name (eg, city) +localityName_default = $ENV::EASYRSA_REQ_CITY + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = $ENV::EASYRSA_REQ_ORG + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = $ENV::EASYRSA_REQ_OU + +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = $ENV::EASYRSA_REQ_CN + +emailAddress = Email Address +emailAddress_default = $ENV::EASYRSA_REQ_EMAIL +emailAddress_max = 64 + +#################################################################### +# Easy-RSA cert extension handling + +# This section is effectively unused as the main script sets extensions +# dynamically. This core section is left to support the odd usecase where +# a user calls openssl directly. +[ basic_exts ] +basicConstraints = CA:FALSE +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always + +# The Easy-RSA CA extensions +[ easyrsa_ca ] + +# PKIX recommendations: + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +# This could be marked critical, but it's nice to support reading by any +# broken clients who attempt to do so. +basicConstraints = CA:true + +# Limit key usage to CA tasks. If you really want to use the generated pair as +# a self-signed cert, comment this out. +keyUsage = cRLSign, keyCertSign + +# nsCertType omitted by default. Let's try to let the deprecated stuff die. +# nsCertType = sslCA + +# CRL extensions. +[ crl_ext ] + +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + diff --git a/roles/ca/files/CA/private/Arne Oslebo.key b/roles/ca/files/CA/private/Arne Oslebo.key new file mode 100644 index 0000000..677703b --- /dev/null +++ b/roles/ca/files/CA/private/Arne Oslebo.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDOTAIZIW4c8u2T +2P28GqTCETvhVXPlJpLT2eim3X2iHb5qfGQGOWAzOH1qyomd5RFYIWnzOohe6uUu +4Z27AB9ZGWlPazI9LxralT2ZlVOfsurbE0hjLUrcDEumHExi4tARJWfLgFIC6Pg7 +POvL9HEDWr7ZoEn+0XL+T77hrKHtpRUG9E7JBqubksI+uVgM9BUOBMCRG4VznbaX +oWxwChqgzkyNrCnkxRcAJgNEMqh7g1JJQ2ARU8geuOufH+MTVIF3xEdKLiCNSIyR +LuDU5TcLXLtfQDeS6WA7oPmYf22zIJI82ozweYHy6ne6tHsGVHWJd36tCDquHtwc +EWMIQxSXAgMBAAECggEAe0rx9hMEvEhztOj6vHEwBsxF/WYU3d8v4W1anl/BtiIQ +q5OsNAwWcoZQboKdvMAqnYFa0QMqfY/laR9uJVTtZ1LIna5zWB3O7tRC/IdCcy97 +LXNYz+1B0EGI9L306SSlNZolbnpCiXqy4LSIOFzfLiIN7gLeNmz3TQZcDoQeQuhT +SA42/6EW1GFWWlFjqFy/W9X9VY3AHZAuf4M9Sv5YK6L7w8dwv190F/JXZz/7z0ad +ElDfUh09xqsfvFhqvAzpWkGglhh6Ns9DGfH4bueoHZ0gF3nbdLxfpPp4eyRv/Ox4 +Ozf0E0snyJPG2N93Pluks5BKnC8yYYAvGo6hE2/wAQKBgQD2nrK2XCvh36uQIhGe +iGIzRFGeeKB4jt4ZAM45PryrzBqtXMnndV8V4WoZkPRl5D8/HmoeMVbA6Bb1zdLy +SDLs/U0IquMe8K6QR+F+wjWFLebu+aNaPsKnu8fJOVmDmNGReX7q3thTja+rcSDA +5h5dEi9viM0OsRl2Xf5zLuzUSQKBgQDWJLDem/cV7vyrB3r60EeVSY9pwj0AD7oZ +Tbcx2DuibP6ojvsDpUDbh3nuIlu69jRO0kl0rdCVnoWu3eaerDtFKd8EUsoQJv9B +CV+rD4xoNa/1C+1DggIyAcTrAGxTS+Z/qsgVBy1YGLWtdaqg1TZI47F7m+fVtZRZ +BMgW8lLh3wKBgQCRltRHxZf+Sw28E/C01yypuT45wFpzcVv6BLi5oKi+/soM6Acl +heuxPhZlq2YsNJeFyo2470WYsirDx1MtxqORtmNgp4lW/Zz//f9H1pzD13pKP8NI +hl5hqQBjcWC/yFqHd+MOAqpQgQdgvXMpjXAFX7PzMx5i+vfeIdUR6HTVSQKBgQCR +fVAljjVrU3mbAXQOX9+ij9297tfe6NB5TJHAbbbmfcLu5mWobmgIPp0aq4FDHu8e +9kQt38GtRYxx6BU9jKqgLPh2SYE7RCN8HlA/Okscqg0oIbhLe1LegtE1EI6IcTLj +XjaeAshN6EvW0/DfYLyG/RuibaQvUDS/3j3LSUwCZQKBgGbI4n8JyQx0N5N7seLH +E874B33QrURfoZqm1Pu03jWzzupzIL3Li+osgS/IAeh2tscCifaWX4eop973NGUe +FfSGoQal+iQStVoEhKG79k5q3Yut8YFNt0Oy6tYrl7rWm5kSdok97u10lylPJKJY +jryMaRsmZMcFRwby70+VtnoW +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/Arne Oslebo.p12 b/roles/ca/files/CA/private/Arne Oslebo.p12 new file mode 100644 index 0000000000000000000000000000000000000000..273c8018b7bed8f691d9e9c24f5fa9d6425a0e79 GIT binary patch literal 3325 zcmXqL;`zzM$ZXKWv!9JqtIebBJ1-+U<ANrh4J=JOYYdurRv0v~$0MZJ7BsO37&Ni_ zFflS1G_kuPWEc%(*tno3@G!C&@Ud`s@lK!gTfNSPiHU=up^05$Z{d_(t&GJt7$3D7 z$8I!c_ItQJ%%!Ef(cf$BntMCfy>FjpJMUrthy3#6H32Jc-q;#=_Lq04#;r@IWqa~v z_b(_qa_(it#~T4L)*+Pzm#fxq_sSM*O=p+Xu5f&P`qNwI{IV#^!*;n7T4xG<o*eeG z`)<5itWm)%{?^@B{n!70HTkWW`#rhxRnKGET-OBEO!s~3BKVy90o!X<6<K?>iiwAc zGCX#qIUQ_Nn{F}PCg;M*<*5uOHrWd;f49j$>~d1Crpr;2Ggp>~_59V;ycjuQQd6Jw zIrk!Fn@;h~CY!IxY%5!;bVBiU&#j4J6_%&B2#6?ISV~X+XMONJ_a?2={0l=f`!CIx z`n<rO-E-I3TG{ka-McB;^=nSpshYkQu-Ce^Y>r=G`E8&1Axv(UFa9=~KH2#5jZJIx zTPDgLUb8aykInjN4toy03-3#RVbJyd*`|_(e-3{*&H7<K+y3gtbJzC%&&XrFH=`;0 z?L5<;#wI3vMfJmWiR`@2!uyCjvml4zzxivM3eOGCB|;e{s$6rDU%P+RhH5wA1fk|O zfs0MkyxBBky#CtmQf0kwd%R32WMM#$zT3CzbM?MK(^Q^3YB3g+-=Nc|9wbzn5+pBN z^)WI=uVD2QzAb+WBwC}N8(;d=kZ^9>+Wa0zLxb(NOus4^m+^NUWDOBt&pem^pw7*e z*KQiVH(Ijs+ltxW;sSMS)B|T+Q|x9t;qgk`itl7oxPMdWscy{zw!=>>3)-G673aIK zQtg_Q-VCb)I&8;Ja2~XDaTWVsoN794f^^Egm#19s-LZL=bNy^?iKoiBlndM4tMBYw zub{f)a=Y+@bsnNVF<)0y-G5S+)YD?Evv%YAZ2q}gEp6&o=I(ZVCy{A+J>;C8@chRs zgj#kR-gvU?^x@|-3cuV96)rn37qdU>`oD!c)x%k0V!niW?8-~&h*YxuwQ`1z<*YNa zw!E=1I{9q!|EMF8d#s8+Z+j^8_p3w9pV<bVrySSsNQ>4}x7wAk=Tok66o=TV2NPFk z%sg2m#B+DuhP$76*qhs>*q!Gp*e#N|QPsazWnTXNsT`(<#06~I*2yY8vwADYCjad> zr{brrr&mZ9zy3C1>uw+Yt8C&~C3ARR6*zJ%J-owx1M{+(PE*|sbn4;{USjI@+}NHy zDeJGlhshFW`K27cu1yHyniks~9C5D3u-|jZ`vs@U>vtPSy8lkA_MW!)>63K=(=r)c zG|J`_TVI~`zb(#xPtY#*Lyscc{Lim7<7Ts+bdslGs*!v`)Pakes*Y-(_BIh)6{}a+ zUy^!wFU$5P4~q}`E?dpYQMBX9>!_5?Q6lEd=U%^a@%Gf1e}3|u{4ym$r|=sWqy-;K zaLo6(Hq%~n;eXS*+3$^&q%J6)ubr-SD0R(sgALkKC$l_o(VUfc?B5L56<1$fV3S!m zU&`@<{`<1kdj2k6F8o(hnt3~Nx?3H}Rf?opX6~85J>BKy_fL#=5tiAv4yXUk%)7or z<Bo*F(KR2MmacsAZmHAk+`Up&GM@Je0uJ+<Ot|vYWYx#M?lm&&BA+;De3VcA6Y_ES zB<<)0KDTa75ecntJhkW3uk{=y*Zu0dH{4IFJD&bG=0x6wCwFH#roH;I@6qoYk`}yQ zE`6%AYBYOyZq1$s-j1_Z;@C4~KRgp%QI^!FU~;RCGqxjd&yl?+MDlufSzg)DcB48) zVLsdY=V20Yso8p0<y1V^nC_h1a_%kXu|K@)lASM|U9msUsZ}XN=5q4|hrBh<x9eUo zo7gtV|5Rh@LUolFHS_%MPW0L7Wubm-@|3;(MPUc{j%57xpL)JIde+mpeJUrqA1^-i zV(~WZ=gx-%Jomros5<!S!M$e^`DHfK^;WmDZWGHre!6{=gulR{0{J6#vYUUg#544> zpV;PCntEy*kN;BB*gnB&+-!dyxh@X){JdJhZ^s0m_3cw$u<nhz6sq(o+Q(McSheBZ zf-=3Qc9o_vLUzLE&hAY59k=C9jGkK7<HkO7^YXS6J12&2sJR)WCSv=%c2k|^L!IN+ zjVGTP`nNxx%lhNmJlCIkTAwqg|7vZ2HuKKLc{AQ5ip~vM^yU1IS$>_`Ow*3DJ1M?h z*0<xbR!vFRy7QGGQI?<l&gW#rZZWMW`mW=%pC><CuOrF7GrII%75}NeWv8clw$A5u zx^nsUl*5~ERL|y9`*^iEDDu_rBk!BD&iHPa9@J=YShPp5ggrlh(wwS{-<kKf)yw$> z{pI?gXCGyLfPHdI`nos`@0a#JHU`waym+8y+H;S`MVI<I%DSdE?Q%6b9rNn?Ql1zI z!N*^!6ic7ZemsGfeFgIst%%ijJ!?Mco}Ir~d>NC%t{<Nzjec2d%{#lCty*e&?_;U0 zAEnDZ@?T!Mm0Eitia#fP<+aq?dQXLd70zWl<zGB>L+RSg_bM$frUdi8n0Eff@<%OS z8YXVfyfnwiIiYl75uZWg;k^8pXI*5a*}6Z^yqU7ppo!HHsUls_#A?LS#Hwe|#HwY` z#Hz-|4XakU7?~C{vAi>AVtIv9+cJY{+fPy9`>*qd6oYD8mL`@Hg$9p`N~*qoV_CFv z!T!C`OI}#)Xqq3>*nhUSSlLc6>{0thwl9gbB3I`n&f9QR#8fEod;PsPB7e5%?~=T@ z{Ni8ty&PNe^Ho|M=l2D&-n}s`>GsXDN1OY1-T1j^(VwZJ8%mjYFEgCfO+5H*kDt`O zqNHt4qB$paJa7uy5~;15wD--UiCK;xrSHu<)KOHRDmF>NdDZ3gOYH9)Z){RY(flf7 z_UivMlj(B1kE}U!{^!}Za&ud^$5?uw49o55nI9yj9r7%P_r&XrCB>6!crU4Ntk*r& z_~n*Po!*nbYm)8zSFQ||GT89S`t!4({!e>e_O{(wzQ3#CX6~+#d14ELuJ>50#w*2~ zQQhFx`07&h4d?4QvoG&Dbk&e`-}l+GcsKRD`z6Q{lW=<H{_cIVba+da?=5|Q*J*(Q z^WOehLAJl&_#I@~Qma_<!^=7O&CC#QjR*b$4!rWS>v?h`UQHKMU8U&h^5p8-2VvX& zTUPIxaGTqA`J!)M_TK#7c_Gnv)rmcwPLt<|Uf?@A^HccGyblFy5Bk1e$5%N0rkPBH zWJ<k$hId3(QKaH!CQ}0@hQB%sysloKU$LA${NDP%d-WN`mY-|Nz1lG4*VWT;M^dBn z_pP}lB&R=XRnFhLi~s(z3`!}NKRq*3L&qy*`q!^n(fbQKWz%(h{SH~rb1k^O#3j){ z#9YL}<LTnMS?Qq{s&^IGpFUL`)wtiMUS28q!|O8_E#r5;*83b=yHD8U<G<NAZtSlM z{&iVg>)*FWb3S!SPN@!B6E(T7eI<``sfFbW<^HnNdowST2&Pq>c)(p0amJEG=+(KI zoZ;tUIgZSHD0P0)oT@bYz?EOGz5liJ+|L^#pD$0kEc*A6lIq)Uj~1^o*RP*)cZ1DO z|GTxG9s%<df)1`^nw9Y={<is6rd0;4FT$?Zo_(?B+sg|azQ%vWbjxCe%eA@`&iEdm zxJN2LP5bTB<2Pg76<9-$^G%qclAf*kuygzAH~LczFU|eiyT^rrMey3!XMca|Hb#~| zN@VWqG2lB@JW*cTpzz{1Ri=`Qb6LH1trPC&uzYmeL7Q*Ft@)cyo^03ku<l@z_<Hn5 z<w^^gdfm-`EVh0~_xVujb7ki*IXCybe$&4hJkuL<Vs6+()iY)8XgfOP_FK76wKZ+Y zz8`NhU63?0&ia0w<ATESq=m;EZ#-Xe%Pf4}iSy<gDwASEt(W=-Zfh%X5nSWQ^x*%O zqR)z7-BSIZfB3XR;r1yr%?sxaUh&LjHeS-w(4V&N<=b16OQcej<mc53Ykg4s!yA>{ zEN8dKOLB{olBQ-lpYNvpJ0_h10lK%OQq+!x1TcPdGFJY>_G2|etneAl9}iPQ))}b& zw9>w_#l+bBZM1woYZ~|du4%6|9#kIQ(yJ+7?KR2eZUNJ>!_uKORi_tTu+bCVX3{0J zJmf^*)C+lRH>yvS-i^FF;kaXH;L!#NYo2FEmoco2E7`haUAb#%vFy`@m##l;Og^!@ znf2|8S(W;0{&qV=9@bB@keHx(f#WCVOVvZ4y(e!_y886MrFoI=pS#XvinaxX1m3wM z+-JVc!gF^1@3Rw(@Ag#OtX!s|*6}v$#;R4RKB`7pOtZabTUpAc>CP~bxMLq@)Oljb z7wd{0k1qKdzP@tV`^7)kEqA%}#b;-pOyJjHaO&{eW2kDN3@;ryMGeJRL~<S}UzA#8 zYkq%z-NWzqxrKDo7&QzG4HOMH*;uvtn3<$l8CXOXI(Jsjc9K0YG0yS`!>c|%<;nN% SvT*onuj~K4uqy#nN&)~L2}KS7 literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/Bozidar Proevski.key b/roles/ca/files/CA/private/Bozidar Proevski.key new file mode 100644 index 0000000..8a141bb --- /dev/null +++ b/roles/ca/files/CA/private/Bozidar Proevski.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCa3gD98em5KdlY +0Echz0tnF/epApMXz1dbb9smkDAJC9nFZl72ImarSAaqbIiz/ZNFpGDJXytsr9to +XifmhXEntyBSYd8UG9oGObIhIEsiSLdLdkQCsYlfDlkiy7nJHo2grChd5a7I6swF +IKJgERKNbYgKc+h8aJxILMmoxp3DPMHn9Af3W25CPT0PhW/iuYip0AKEuBlqrhOh +l1CYFsgMG70CyF+jL3N+JfiM55JDx2p1vIXqHEcoziybOo+oB+mMinU+wZcyzuPF +yh4K1zx3CtKrUcPl3DeQGjW/oEqqvTjvnm34gTd/03cjxltjmGQHL0f9fSEvV8LY +RADCKSJ5AgMBAAECggEABfbe2ujiM3tlH4KF+stdAA9wPlYXDCe0GZVpP0b2UqLe +NDgJGDmi8p3Hg/DCIwx1C42VHKxJo9nx/UcDCmHBReJLoGCcks2vy+WU8qmnux5J +0OIxJFlqDPske66U7SX8FmAK/fLGlH5WdSwYlNKTgFbjkmN8ZK4ytqTi71kW4ln5 +VUlXPd9FYlHc29u4qXJeaRLj9PIz/6FxYl0Ub13dXV8hfVEG8JaeosFjOhZqpgLg +t1oNaPrKBywYvJ1P+PKfX7lsFV6dllpaosP1j0OEjAVZ3USOAyVgMHmKqqvCynlg +IuKKF169bsJAb02KKtz1RMY3/Tao3VboHIGSNFSM8QKBgQDOALdl8uRaLSFHjJ6x +UQWks+Hzs8eCC4qJ39Yj7Eqznat3GmZwc6S5/1s414VAOz8lX1S+xKLEiuxRH1kL +etFRpGGA7XBHGI7EpRiHc4jyuzt/vMDZyA1Hh8iSsr03uDA5okVi6YWM647b/byU +Xl9aWZzqX72RDerikpRPMvERgwKBgQDAdCar1Y3flctOl4iRatpya3PWCLVDNGTA +88/m2DEGtwJxRdhfztNsrXIao8WkwPkvW+fnS5c6M8cXDOph3j5E56xsH4w+9vXG ++eN0/w6ci1ajZtCu6fCttwCVPBu5dzMSWAfNmnYbnnFQvzHLCV5ZbR3Z0dDMLM7o +2gD3JdynUwKBgD+aBQWa6lnVGTNH/S7tvvpM93QQi4ZhHdLXovvQVngCNBA/vGT3 +r2IlrvprwB5GrIZTWozTlRVtduzM6ucacknsoJX3uPSaZmncNyiKyTt4BzS3CCu1 +EjSFfa2dNcJgQbNpoFablrodeCv/uRttz67LgCD0kkiYrW5qpxOUvM0VAoGBAKbx +msIgg+tZs3y/clZCjLAIifk2oJZlkqjWVph3HUAn7NR5tBKYBUsWwg5d1oruYro0 +TVyUc+CnHaLfL0oqUXXQSf+Y9j2AWP97sVXCEti0/jjMbWXtxTvLrZPHCn296u2U +s2AlByM6NC3JTNZFkDSetPBIU4lprSrMQV4i19/FAoGAe7iRaTkcmMZaE1cvZs2j +Uv2TzZrXtj9MWtjxV7Tu1NrAcMV2WG4FJHxt+2V30beUrWFlg647Wo62ww2ylrze +kyQoE0/eccfGI6z7qh8D8026xAoh7oeoLubhzFszz/dqOfJPiUv1GyzyD2m2kSvZ +DlY3mCb9rL+6jbbXcS+7Iuw= +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/Bozidar Proevski.p12 b/roles/ca/files/CA/private/Bozidar Proevski.p12 new file mode 100644 index 0000000000000000000000000000000000000000..24010a64063a960d554cd4e895e17b9e2e62362a GIT binary patch literal 3325 zcmXqL;`zzM$ZXKWv!9JqtIebBJ1-+U<ANrh4J=JOYYdurRv0v~$0MZJ7BsO37&Ni_ zFflS1G_kuPWEc%(*tno3@G!C&@Ud{@pAm@?KUTG!iHU=up^07M-_B68Da(!WpME~x zZCt6<q<!Sk^6!!@7xVufn0!ucb)Kus@z>Mc_Z_UC{lcqxBg3VQyN|7Czu4*hGdcg- z9%do$moM+!oByiiZR#dlK8>)xK5y>ZF*!5O@g7z9px(g!_F<Q^E7P^TpSR6B?z)!c zs1ftlMYo+3=7%M%;BTH8p#S~;`iVz%w@DevvuE947LM0w*J~->zvhQuzRh7NU#axD zCwCN2`|QHMXm?$jR#Ez{*Aar2((SyrW;LI9eB<naBPXJFMi>`xAANIOWQwBtA$@}n zc30FAC*R&_w2eLPZ_YmHH(PDR6SNL}w|nr-XnKWW_;>cDFIMMXdX*dItnvEEKW%Qt z_o64abM$o9#k>_S+sm<U>dvOk9&g^~zWO}#saAmf3F9lXSO4DV+pojg)LXOmpvB%- zj$f@R&D#2dZvEZOdCPOUZ{vL}nY}T(dt^&JKRx17Ta(T4>8#B9hr0P~KOI%}2<ENM z$Sr6(@WxZ`#H7mnvs`~~NX8s2G|3c83n|hv4cULg=W*~NQ4e>u7s-p_wD-Sx&b(-e z;%UZhoFUu(`B(0CeWk0reCpQQ>+D09%zEmxcS_msm+>qTJ&sQVm>cd@E&QA*^v+=R zH?t3?I#muH?#%x4t+eP_@(jz#3mhw0xl)2`bUZ|ic55&7DcZbFPbRZ~?QK?S-p;jY z3~#UP&AvCQ<8e!y*lFjQ1?%%1&5C&yj+rNv?cQ$4Dzn4Q`BEe6_Wc4W=N9MjIwVa@ zJ(=)lH@~F4+Z4;d$mXvCzmDHu%JS8iaq>h{gXE6ozc1zQc>7|tP_rOwkGJsU2ZtSB z%yL#QxgFg8DEvGVdt!&{s*=Qm|AJ<vYByc>x%p5@#il=w%~$r&7ulX8oMCfKYz4o) z4o;9g`Sj@j^0u0fm5Uxle_~j?!1O~{dx8kdmxB7qegD>Eu^rm|MC;58Q#Xr>*z+0> zm#qyKs$Xh<>#E4p$K@BlnH^#Ins{FS=;YN}DMwBl1$SAt$R7w@en;fRb`$wh!<~`Q zbHb|DJ^T1LrTB!-;#Y3ET`Lz{dR4z=SzKDKk>JM9y<C2)r|s?8Thcz^;qHAwCoFz^ z+EU;Cx9a?n)6xPz;+<z09g_a!?dv<|_Zp3P;fni|&RR>q3JJd~#x=V@#<@bixH0-^ z)&}Xkjr#<XW9+9SWt<lO{7a3~YR~?F-t%8RdJFVstTvM=nruAxYWREQAXC$8vWXq; z^HU!QWPC|-+%@UKrJw0qyx$L7?VfcxZEoy_+AnKrB7^;}DW7=Pv}DVbh~Jh1w$7Wg zjQ@+?{^v5k$L)}K`t6nX5BH@=*UCyd@?_rFP|#3hEpS0+b3=#vUr}@S$2#f4Y{_k& zCeJ$dIhMq?xjyz)y!KWsxz8Y@<K6GOZyN&E6}O*zKWlR2uH+AYe$V;2&tb1kL7w~L z%RjgemVQf{@HRqs{^mU{OJXuqs`FO=(5m>txHES7?Dv;Ex7TSJ_g0%I^K_(oE}pPL z#&Mr?z2^zrMoV3l1<d8qZ}sOsZ1ZJUByhg>r-NTl;k{jdzwRpfop5{eylLzAaDB{7 z>u}!J=;vdYbno3SrWkYghsTr>?%cLM`R0IL&$>JPR|@{@TIXPQ!BvZ);c?23yC<zO zn1tij3YO0nxyxw%-Y=g~BFpXe>_)-j5Xo-W$JeX9kH+lUQIaR=z3cVCQ}-QaTDW_2 zOmA5|uhGA2dF!`0N9C=v;}lx%R%qQ*EuX%iGD3nwur$}-O?RRb@9w>ND^j$juEy+B zo~Z1!raB;IF<<|T6JKIdHgM|vp83{HwE5X*`9}8dy0dsTFgDzb>B!XloUv|Yg0{eJ zelA~;fRA49<ZPR}7!CNp2AqEvKA|Q`&7?EcvC8-Sg+g!Db?V!TOV~WVKYs0RIj>K4 z-I6=T26B(>W^RdJwC#HdyQjvzN|Az&$(2%%i<SAcS@_-C?<e?A(qoeHmOJRSEb)rL zf}bS`N4`~a)=tiq7s%Y^u2<XT;>11ERsZ|bk8UrwNZ;=%SAIW#!=Y!tetc#>{4b^~ z^yu?N7Ns{A<mpezS<)c7#Q6RPBh#f$bIjD-H{3thcjWl?SC0c1#a!@Sqs`H)mX|tP z-a~)chWWl$HM6JIb<Z){cVUeU$Kx~0#d|Y0{!~tua9WjM#(wI=-tFRLofF=K{@=0d z&^ZnJQ@w4yipIC=CU}OQ&&Z69)#lGrNc*|_bmSM`701F0fBapwda(@C#3MVdFRfF% z;g`}_^6ulJ<Lqw)yYja0UJ)W~=*1;8pK;?^?ww|AqHc4JdY;Kyw5R$Z$LVyn&E6)r z8}m9P(igr=ZA(+M;7o1aZozBRY^%D?SFGMigr_3H%u2@RKzvQ?`hVr0wy2*~$P@Rk z{J>PO^#)5*?wJ+ga%<a{_H-!TE}pY8DE}6FnOsSS_{>LtoqHlb@aEgjpRVV#dG2!g z?|H0D^ZLI%DCw7YdGPFyzwytK92|B2lq{AoXkv9lsz?_!u^O>7vFaH#v1%DKv8u6g z!>Uy-My3T#Ebk1OSYDyjw#=Z~_OLUD%=deLZ9ugxOB2h9y|ZkO8Qpd{D*K}G=b{%p z2agwX-997VvsRYJG_b5@8~aa}P}QwP=klUupY%NMo8FLe-_)PY`a!_e_j7Xmo-~~Q zxVR%K|AzYC$&c>K#9I0mWnR4^8(36X<tkOJaj)y4Zl}Jxf(4gd%ys5Z;sR=2X^j@n zZ&y~Ve*aT^)(f5HN{>IH(|o7Q5m{H(`O!ej^<DB4cb^H&;a%Tm{;GYq^n<Us#&^~0 z%PY-3>F8}PH7J}d!}h6{sluC0=fF=B-l@B-ulAX5ONy(JscGIM`LXYA_TAeHVpMhs zXryp3{5X|+Fy(Og)u}RFj}8|V#s2%rQ(~!EkSEWZvviZ+egEy-6aTb#9(7Pudi==i z55w=1hHL>biHg@O68x_1_uUpHSrVBq=s%&CZC6KOsnUwn$sG4sw$9k{#@FC?$?uC- zBAnZ$mFBlFX{_C{MdtVF|4nu3=g!GGy)KV9s(+Pt-c8#Tt4s@aPLVOOi+EjebiYC8 zZkEM$r6qAoc}ssSb*SN3w6#|Khuiri{%!V?H5N88?7q;m)R*@-@5h}otJ{*}w@+BL zG*zJNJMXJ6j(#Ua9hU7#FY+_LY_{s`DW8A|Z%f?%zj{`9Y02FaVf_`8j;T4{+Q4FC znI`jKRms(No0YznMDI8KsweBYH;4VylpKr8r(SX$=3y<G>uPVZDAe>CTlkKp`F~dW zPI>LAm%6@8ezSbD!Su6sUaHIm678aH{VgHZFA7?ho$JYB5y;6~!C4z;bFuWDM(YfX zDWSFzO38;cUIos2+<ivt`1&15^WJKDM10ZnE0%wFTjJ)t{fE@+xf7X%PfHywd@`}d zQtfQx44vBM+&i;Ud}<PF&pw(ic6`Z!S^7I{A3pPYbyOrHbQg<$-JiQ2XF{F?&e#9m zbG&xSx|TWTXI{vZH+|t(e&XIgjp(a;VoNVAj1D|M_oAYz6=SyHm9Tw1I+;5rty=j_ za;+5qfrm%Svl)6{e>T72yHUpC&^<NFjdhE>>W{qfemGHe(&M@_N36^DeB(TI?&R9! zw5f*{Tl&50Z!~D@+AtyYCeNcwZ!R92UHNvxjPNYR$V11c9Ap<MEY6yx700PP=e2}- z<BFTYk!$W>Ocrd)*Wb^zO(^}?`(M|Eu6$2j7yNx$NY(x+E4n^KOq`HVs(Rsvk%!co zoh1`{9>)o^sr>lhc>CYZk`o-(v(7Hxw_kq6-@D~qY1fuJyqLT6Uij`-pSycXUtcoY z+I9NPb=GHJ_>{sK@9r#rzW%1SfRv@~Nv6f=*LvH}hcTAg&p-e6Nc5~)k?Fx2Y1K_C z+#9E?EWG9+WZWv08Z`Im^P{JW!q|NGi-fp6mH2n0I8%JlcGf>VT)m4Tx6W*rd(0+n zUg+R9)8$=Ru<Js0wP)6|?RdnFUY`Bn%1=Z8NVmq<tGucbuN^G4{8r1iYV$w0Et`%N z9nDogG<W`lX|Hl3PByz7NeZqJve@gv7<x?P-<zwKci%Xx(w^EIe{tr*^CrKeC+Z3@ zrJN5}EY`n!--OldUPF@C#x?Gm_rDn5Q(xJ(zP)$)-A^or8jp9R&)R=VStR`rYq(kc zhgWv)4RhXx@GEx;y=S_$nL+Jf-ej}?%i|?gFW-Lp*rKene3JaVs-@e*?M$Of&IqK1 zExIbJF1mY3srTo_l`9fAN6mhu<o<@?OuM(Cs(~`RbmSB@6k`#Q^!q4Qsr+Z!8T0S^ za!#*YsA%<jlYyauq5&rxt2Q4qlN2ihi^u|21Mj}M-czp`eKY;fw>tO-Z!sSWM<5IL MzLJB#K7&e00Bh$qdH?_b literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/ca.key b/roles/ca/files/CA/private/ca.key new file mode 100644 index 0000000..3c45faa --- /dev/null +++ b/roles/ca/files/CA/private/ca.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAtRmQxWST0ewGJIRLAfVOqrSvuNHYtyjnk8EaLCe4bz9RUI8J +yAt+wVJVateShIEUwnF4Cx9AnbcwtUZM/gFAi8ikzhpjQqpr8jHBEnabqCNTVC5L +9EHmFzI+ENS4dEZXamaRK99lH7FaMATz4YowFJVQB3iS744v7Z1LyPvvZ6NocdN1 +AIY0zDOfQL4mLEU9w1JHIjUpZacFfuwdqYJ6UYM7G1Rj9nIXmmkWBvQwG0Uy6wLV +cTtFiXP8zRkqb17jsgSt9P6cBjL4TRj3nJBJUqQ32nqbgPGQ3H2ijZNJBAb8yJVK +6WQZr7QXOQ5qXxAZUpOVCv9F0m5ShOXTqpVnNQIDAQABAoIBAFg1QJd0mq9Hx+In +caVdh1iMM37Q7z6fNNR53LafDi1ZaNDVKs1+E9ozsRkeMOZLPQJMZEz+humK3bWd +rUiW8YpkSyl8HtbMzVElPMYycTSfKCo7dpFdO6YWubZW9hTkYhWYKaN15vpd1vDG +qMc1GKAd7eIFr4Pw/JU+5TfaxkvysCuih6Q6/MZwddM61eCZO6VBYMf0k94RHn0I +gIY4hCeyJQ3RoIpzZr4XqUAGdLOvTmzPSTlqT4g7RVgsGQT1p6yG3o42kev0l+Y4 +L92dA25xWeHirWkaQLRj46tX4un67SWA8OkxwA1D49i3keIfhRjsa0d3YELmV8tG +60l6RcECgYEA6alfHn3zGMw7npN4V/iGEwv7Y4xDcDPdlWTCQ8Btc8XanHuVxcTu +bENrMouddeM6GI6sz7GVg4vXVyPXa0ZCBPIK61ArS8aNlmggqRd86pgQRWkgCVi2 +gXANwrV6NZNXYZ3X+glIljlRoqlNm7rH9hMQ2KwUW02Q9AdclgvpfQUCgYEAxmnM +leiSy+s0H/0Wo+LdvpC1NaZPTML6N8cmjwH9xe2mcsGI2a8EQdfqMHE6aWTuHErj +I3juwSDSBbPlQsf0nRku+qMuLTzsVbCVfG9NiYr5YPxdT7LnW/F/Kuxyn3mW1wgD +WXi4DM0muRPskw6c8f604crFShSpszLTcYE12HECgYA/exlxgkxiR1JHQc9nLwjV +8eJpaDkGKcEgjlBM8eGKm41KCDVnlpoj5akhAVdVKNemxlRi1N9G7t4hOYaUCXF0 +QIIA7jXlD1t2KnH9Hnl8jrWU9fuTLnve7J+Ab6d1GMObrLN5pb4HuijYpWCFV5ht +3T4tb4rUR12DPuDDjxbvNQKBgGEzb4B5IYE4xp5tNGwxNgSni76urOakFkTBEYi5 +pwMR+5r4aPyLmwBOsHHu5ni/c070+PVlx0FhvMICcWwX3SQhNDyhOHv8/qK0EWeW +d1vMc4Mp3uSudl06n9v9XeH2hQju6gUo+LF8x12f/yPD4utCpoZ++cvi94fMfH18 +mU5hAoGADsoT85//n1VPQLysZpW6FjYIp8quuGS94FAdkiQVKa7u6vO/Vy19ZxFI +7Cub8sg+e80wGakCCEi22AN6RwJyV9R8ec8ct+K/HeNqujKoDZN6ZDQzXo0a/vgj +BibssPr6+b3DVE+/e2qlfzjwQA+GqcSmP70fmg8tGlKbZwwBJxk= +-----END RSA PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-cortex.key b/roles/ca/files/CA/private/dsoclab-cortex.key new file mode 100644 index 0000000..827da54 --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-cortex.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNCWsUM0pHdVvT +2Wc7Ta0fpx8zq4axqjsJqxqm+6BgBONoMw6FVNFwYYq51da1bMKzNgKUtx0Yk1+I +gf8q9JlYbdeW4tJkd7l0RDzw+1sPQ304Xf6w2wV6qcUQJHUTyC3aab7jQzPwKDCa +U/j40xAyNewdh6seLLUAfJ+PYeBdVhWMRkUJeAJ4EMCvLyVswlvtX8EzC/jIE9zf +w/wFkP8Gnsu8HSvCV/K9qiKzS/XKsrgAGPEUELheaZ/t/ASD2S63mopFHFRxj2EC +aoqEL2ffkjoMX+W252wnaR9bBtZ/5t+rLzGlzWMyYMAHUGwNOctorjyy2g8gBncs +KKs6MJIbAgMBAAECggEAIdhGJqV4w2bp64Rdd/qQc0Mg8WSE7VrOOABYe+vZQ0BL +UW3sHbIsiEJxpc9Yi8YSNYba0jWPxfi9skjTGAIcNe6bwbpbRF5G7Jw++wBivZhE +WUOawRLGSsMvVkTOVp+agg0mh1kWf7QCodbuqBQe/krMWOuGIYr7rcLki8R6Rq2d +WuW8Kf697ciklh/6cyy1J6axe1LNT906lYvyRock246KbN517wWw7/fu47Mb2fdC +U6beFxbmbc5vk4lrViE7gSNkY97Vr/uXW9xlyRzvpNJuzZrm00CgNF1MnOnwf3l1 +k8kc63RMkUJGVWcxo5ubzLXpv4CnnmUNPfaSx+CeUQKBgQDuUT8JOu2vfzAC2VOQ +OfKR4NgMQ8fnK6T67zpLDeNUAGW+hBi62ewD8xxRse0j/rWXgvADBE1GplPXicZI +Q0o0VgIiL3NFQgCP7rvtPGE9VQXHYgd+ULKCHcPEBwonlbAhiHSwVnBqSFoqWdj+ +SHiBn4AD1ARoD6WSEVi3X6UU/QKBgQDcQATvzbbcr41vQHm9u1O7v0slk306A4yY +ItXk+GbtLEoLAiLy7n0REKybZAzniuLCDAQ1h1bWLkqRle26XqVfg3YaxGpoJODy +gPgr2Hi4Y/lcFrwRThUHEu8eaUWVRtY3B9Rgi5VjLVqydgI3/AFWdlzIVkhBeN0w +MOtKdEg69wKBgG+wD/TJcz8+QkfzhiAfqDkJwPbuhS8n2yfnGdC274UcspI44kYf +f2bSdsEqu9KUupIJQWaIi5bCuKRY415Wet5QOKvAxSr+JblOzy/9jizqPc0VeiGO +vDoSrP6ftfibRHJSuy0xNXn58pfKh9GUMTW+hIZGxNHoE1aDXqqB3qIZAoGBAIIc +A46SDLNDtZ6CDSjrD6T6dW8GONTboeOBuK+hmlQDdN4Z7gFqp1E8c2r8aK8jmZ8e +MCJbCA5QnFZyplQRc0oAQ/W+EEnjd0tqqrBkGbR7wqQG/iSO5tcd9UoW0DdF+Gfb +5Tb/XkmPUmPYWKkv4q5sD5V9ewPKXYgJbgW2ubCzAoGACfaFTBM3zZ2rqjJUk8+F +fGcuDeh/ZFk4MgcN5nbdKHwyXDhBlUY1FzLZlKi5J1lRyTInZUP8KYnXogw757Md +oa5wPlnw0a6VSHX1ZZUwa0yz1Rrv5M5CA4vyNBENCaHELKLoRWwbAook1gFie6cV +nrCXNbsWttgWkzqLDWkPT5M= +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-cortex.p12 b/roles/ca/files/CA/private/dsoclab-cortex.p12 new file mode 100644 index 0000000000000000000000000000000000000000..252b3e7ef466cf7a4090ab3d5c551bd8dcaf5e5f GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#aTyiR9(y|32OiUaM4NdF`^3v+fOukvCq+fAX zxwrpy-L%(J+a#$?@WjvS3qNVdxRoDP(K`2b;}nx=99~^XCZVdU94A^HSuLYqyTnao z=Z}8XPeuD3d>>`L{#MwxcG~Tm&lPTYOv_Z;IZa3Vtp6eRYi6~lWGu?NqxDwKeEH;} z(9YVnT%*;;7nn31xF2a1a<u62hG*A)tDHS^&3K=q@ZpJ{Y~nRGHnas#KUNZLE^+*` zdYyS<#>}jp54J1v?C5dJ*}F{0N4r3W{iW^Gw^ys<4HVZ(oqG6q^Y^V{%wAh6?=HW( zaOcE`s@>}?&%5b+PUCSt9qN5pUw%=P;{~Puq7<Q`OTw2cH{E#|%K7r#(XPkg^I4xg z=ukbvwD+o$|MK%DhcmRjojA(>&D!{7rMt?3kkcI(e#~Fh@ZKw`Yh#c(%c4NulL2vB z>rbf6oqp}|44Wfg-md+<CuUFS0`WPP-<v~TS$W@ZsMg5bXZCP+;tuV<Q}6U|7x1xr z{#m$o-^AS&yI=RrE#+!($ZfOUrDAThgY|nX%MrfWJEyd`Z$4n%p|_m(#ec5WJK^Cg z-Co`^45`(U_20a3>Y|A2EOBnn3Qir@RCoI!e<WIR<1L|O#}20K^i+R%)$Zjzrv)~w z)`eSqi|zVfXw-77c~r;iH;eCl;THym>TGZO_n*BL1Gh!QFuW7tl5xEu*m(4dr+G!o z*2GUUtHrf8i)}spL@>kFX7+C0sdG<zh^amj(J0RJ(7uqsmTkN=__ih|qlt#arj?o> zclw&n-y}J)VX{s51gVb<tBf?5T|ZX^_dCuune#n_r}|y^ntvHPuFg8FJ89m(1?*Wm z;qTWz6HW_P4|%?1+mbBZpC+?~EKSaZJ+;4|rTpqc&*Uo!Hx(_LZz+4)-#a`%mVK>7 zYK+vp?>F>nW~9#)nR5MU?Q(9tLtE~y^sq3nJl^|pp{$Wh#Y5#+Zyjw;95l`Djdf}~ zDC}Al5wT((kM^G||HmD(5~l0@mg81D|EK0&+;_+NKN8(>U%q|TJdr2j&5(S^L@?i` zdFlBu$-lmvJbHq7uPD2|Ic|L5{S}{@Q1$J$!kQ1(f7`~U;-D7szJ9`j^2$b=41Vd= zHo4J^ygXkQubwN;w#)pSF(cc|;@T@e{eD(SrEf5;i8k56x>ljIj`?hE;k8TmdQF5M zy-8uph%aqOSHJvfnm*t5i}TVrUsqX7{55Bddvl___t(y2H$?aO`WefX&UVz4c=w5E z#mqF5BezO7dZr4WyJfyza8cB*M*f6p8O0wCJq)y&^<eh~%WOW=2T#u2x0{o{(NwhN zz~rD;-M1^k%)flw=e}>{<|u}Fy8`D08Aq94{gj)X&-ifu*Ai2~_jyOJs2OMQy{fH$ z!hGbOr`V0An}=?CTE4av$v-eBwe#kGpM}3RXt=G+&pLX!V3iclRKvPN#$_zUKR&UA z-2T*ktM_wBdDZ6a9@0<y_2uU?e*ZCT*`1Z271((@)m|KlGW9m7wNG2F?Q-t&spO|K z87f0;FGt+6EAr{vySr_P|0_>Z<^x69vO6w)oKx_EwOex@WAn-9iu+e6E^CZ>63k#x zlY08ue`9a=%u`k~#6HJ3g_THp*9z}cE0p`SC*p%zn3MVIz*V<=PcC42H}mi|nT>nb ztrnAa65Va_{e^Gg7rWB3l>dkS$h7Y&{-3(6W?jDidA3873^{*V{+trLck0BY*2iz` zy|>-$YoETv(z#Mgn^)N-y5ACvlVo4${#!JrV~NeQoE?JEWjZeXyPR7}555f6N>B5x z{T-rExoFAix#9DY)W7_FQ_JclP;b;6!OI(4wv{WpqO!x=>B^~jeOec{KA4=Uvn*}O z42h<YUCEwD*QIVz%ipbYTe)%N#d{{4Yi}HqX_`ALyJKZF^VQkgv{UYUuT!;Kz+%2s zZofsX>l)RUSyk5eV!mpKao_Cxz3<bTCoXmDN3#r`J$>sNBF0{DaM6Y|6V6v!b8aL= zm$vcE?2CI;&am>$Iy1RRmM52AF6-iVz59XR;YHvbkMzA|k{Vkxy(iA>G%c3Po)#vU zzxk5X(&^i#wL8q4l4!*3wrVBQl-`Bq?|5YL51oAb!mTKPCI01J`<grMffq$<-aT(n z3e8n6)aMFa*7LjTXChb8JFa;RQ*#@yU*4|VJafkKP4PR|ct=0p-u!!4?<(JwlO~DO zutz-i3GDxK>Uf`z*zyiP?eE$vggo`<*Em03%*=S4rN5|DhAnZo{BN^Bp1!qwR}Q6o z(vdTgbxAAxQJUuXT=ezNl#BU^oV>+PkNJKO_~@IqJo;9}t#^;>g>F1xZMSW`>A3fD zJ)3(E%m147&ZZN)JAW%>SuVe7b8zwU-@3fFHf0^1ct@k>aZSvlAEBqx7aM#?4p`&) zEcn?WiBmQSG7Bbr-)DXQY*_7nrG(hVhTG!L*`Beq{*m2zqV?)Yl^I4wSsX?m_NX68 z_c?!NbDKt1U4ZGGJ87D7nFq4x+rL`7wzaY43D2J9Q0H%fAHvR6w;aw$x+Rr8?aFH{ zK@mNslr0%cH|KY+dS86-)SP+wTQ0ts`ZL)~&hcENL0ijd(fo8NmGe85d|n>8FuT2G zuR#;5BT|LDpo!IprHNI~povw>povwDjT=@yb1^b4XkvM1(8TfzrPgK!)!L@B6qp3= zPJaNZwON{2PJGz>IQ>P)r1M7KIbQWW{bL-w#k28%4!5)zhbPY>gZn3pj%2-(n6p}O zW%Io1Ee7qp1=CM_^)7y#d_#7ZukVT1kM3VA*ws7#jy&f(uZL1!3Vjx=PI<pT$o{=c zM?rCs(Bzzr*B#T2UNd_0&82<j)QPG#MGrZrM9ly5{ot0%$9<Rgd$?^{wfU*(LeDD0 zh^WT%5{@f<OA^m{Dk%%gzq`{l-C!591DDTr)6Is;fp7GAudDQVv7552jCT3h%FFj* z<{XJ*j9(H~ls~$=A}5*oo`TFn`-Kvx^$pJo{ODaid)edEnzcQPBevzWNeKy0-)^y= z@&CEpGrv=I7(8bzy3=I2vPK|%!HHuBHr<@K{Y8^kgzF@}$9J<sE1n<R@_OmKZW+t( zz8j|exA9hZde=5zmb>M^mcx}&pC3fHZ#HzZlrEA^W|*p8+<obpLZaP+qamt4R#@C} zago1zm|w3-HB(f2Q~GB6IM&@(7dPhRM4#m1V9egMTPiPc|9q>Nx(~KJDL?u1WLRrx z+M$21Ebg)V+q&}E&fC^ClkaI&t-kg!y<}DH%b@D`-+o5@r(ar~5Y0H&W<BqT`pa+I zrQ)6cOjZuL)v?BY)6C6vrtx*=8aFj1<HT*<H@_3*%k&js<~hn`rs<qH%dds?)`ZlY zm-$S>2V`vA3)f!H|CXwA=#l8rz2}!!PmNmdvCU?}lkS_-ep+0aYqurwqW+2gP1ovW zt&CPhMEpLb|3hy7I@zzDX&m#GGPp&&Yx@<olu3be7l%O&<K0<VV%ywiC9Pe5CSo>M zN81tMmO1{8_cavGu95rb$*lQt2b&GUAv3?(+l*dx__vx&2;TWjL)Fi@qfxQYNV#p_ z@%N?|#j5vSnWOly^TdXyuY~IpWpABWbo5^ELM}F!Q-4oOb}zD!^$)ricKqA(qW+Ru zXAHG-xkP^Y+fGmqIIcOz*U|lv+=YF+=X0*xm?Lq#YcZ?)nV`f&xlUzmldoQ0c#5+> zJ16ORsnz%S?e;J3Rn`1!_;;_TwR6X0#nQvs(~i&8aOTQC_{+GE!Q4?S*ns_wh-s&C z*(Vk!_PK`w4Xz}w-0x}Za&+;86|1JddZeD<)nyy>bLE{6QgV)6xf*-C%L;EubF?K) zD|*w$yy6bixrjf@KR-CI*l`uh5)aQ)-K)-T;B(n5-}~%oUP$joS3_BE<Cab5H~Y+E zti4+oZ|?Nf)&I`T8&VH6b}j8$(~|bC*)T3`Z3f%dxzfqC5eqGq^fu3~<}FcpxGec# z!mSBkFWItRe;NK($glK>*yZoM+156az85)MZ`}K4ab!WU<2AP_ca;{$zOfW%>5J*x zetWM#fYQ7UpOpQpDlhJN!DMzco6DL*TJ80Ev7d^!81Li<tCpt+>OXZ_E_3k>%YUDy zEv!M(%%)72IJO(xh;2-p>H9(X`j%XKxdnOu|Lu8n#p^xa+u1j*4T8%4Y9Dg!nANgf z`gT{d-S?yVmjq>v;_vU35kB(C^Q8Ls>q=4{>?b=I^<FYhvYHZP!}Et>`U8gY*tB;Y z!X1h?7tdhXDt&I-LI0d{Gj={X)%@Yc8P-;ZWr4qQl@1v$m3=I+<jp3*jjVk-FZN`w zT)scT;=1|l1>O5AjRdXvPKk<Y-rM<T)%A`4et*3w9&7YLD^ODVhQ`C2?<-F-{#nd^ z$xzim8D2VaiW-Wsh$Lmr7xlgxQR}V}cWAG!`_(P(?$-?r4HOMH*;uvtn3<$l8CXO* mJ8Y!w|0unBy2wC4<ixN4tpN{Dvv4HxUw`#7%G(uGN&*0kPfV2n literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-haproxy.key b/roles/ca/files/CA/private/dsoclab-haproxy.key new file mode 100644 index 0000000..abcca5e --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-haproxy.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJxyIzCwsPoIzE +qYE3vVEvRzL6G4hFsbsRQz3es3Bn14s5Wo8T+y94CLGxMsbRDuTTLjrbhNvSZWsm +JGzXFuWlkI4CRhMCCpZmRoe3sO5WTDzYrkx971uqbgGOif5Mud5suuQ/jfjXOu2y +KZpbrFqGZgXzGS9ZjXyLapceQ4o2gLLp4YT2lLwTETG40lpy7WjDsTfkW5GCYqoT +8rbgOqqFZnAKqa1cp1L/3PmZXuUV1Qz+zSfLmJ5aacpxdDHmJt/s0kJDufMEjix6 +KKb5jrpkPGkOrPXc1fMqUEdQ1Iz17jEIc2kfrkIdUoRdR2jdox8HV+w+ng0jeBZB +vGjyT+kZAgMBAAECggEAUcxwiNDJQySK7I7q23XcG5Z5i/rtW5OZin3/7vA/eVlg +D3gu2KLTs42Su4siHk4zZYkwQx2xH7INpgDOPsQBhQT9DN7rhcBVCFE/Y7BObp2p +bQ375HHMb2L5Lpeyh9gx21JIhZtAbcBt6/QBp3hPmnxxnQNwtpUtEDe923714PHD +SfJ1Nd+mgeJ3ShPrk2jhcDdU82/mQrk5eH8M5QJqlTEWCvBgJaKhBf89T2XrX8jf +oPzeVijOqgLg49QEtAPmI98GlE1OAp3boFx4/QA/s76pgWZhYIm1hcm1AguYhQvJ +bi96IgdgVQQp/y7L+ix8zsq+YRxwPuCSBl+9BotYoQKBgQDm4neNC87XV4RhGuHG +w8WpFXFe1uOucPfyfTMmjifh61GZa4aWgBQByBQxBs729MOr9TFrNApTGWPO8Lag +ANnREyNndaUAUFgtCdY7Gc99deWyIx861aAVU7GGIFVkCo3OK0twbbyzqOj+B+H8 +c/P1tXXMayt/gPVuRDj7sq90VwKBgQDfuh6Clxa2sq0GdKsRkiDXaY8eZxJZchYw ++0MsYQjX8hPOGn0YWGy14ppE7JEPTEWSRuzCf5cwem/em8AIESgdCUWcGkgcQO5n +DvZeXrHHpVrTmGE5xEVNYrD/NPY7VizUsyLNvn5yC4hyByWkwLV+AUGpACE3HP2s +7xTakmmoDwKBgHKEfXuuEafptrVbWgT2cYHOKu85crDBQ5o40zgaZlm+GDkahiT7 +3fCMRseScvE2sh8GfL6Jj11sSH8KEesGwQLclUDpry+aqkGckW+6+5lk8ssKdKD/ ++GjbnD/EpdX7Dh7mhoJ7S49pBjeJvWM0OBr1KDp+JZMWaaWJnSHqnO/9AoGAXvM4 +m6fP5f3y3PiK2cwwz/tm2DpaWUfID0Wz/pO4Ex4UNbacPMbabF8dpf7Ymat/I1Oi +i/FmkxaDf/COEV5mrdwPhO7Kh+MuyuJYwThjLx4IbCERsliQKQWnpMgvcINkR2k3 +biZYt8IZSHusCD4ZSL7zxOvfLOrK5qgZK6JT4RUCgYEAk94TNC+rYRZOfOIaYA7+ +K1qTQAe8tawTBlKauXptWCzMFtMSEwozuHuxgnyAS/uRUKFMgRk00KrSvnuyGEBX +5QxqqhBOMvGDs672q/kVZ5C9M06+y5+Zpg0Mf3r+zOBqB5tCASnl2KfOCZkAt8rV +kyb4KyOsi81/fpVM/WeOL7w= +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-keycloak.key b/roles/ca/files/CA/private/dsoclab-keycloak.key new file mode 100644 index 0000000..8c5ebed --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-keycloak.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDqqeprL2ycn22c +iU4BusbAMt9ZJiuV9MI9yH4izrZ4A+giKIGcmqanuv0FZqNQgYVxwdnqvCHhXQqH +e75VsH0BV95M/jrFyVR3LhX8Egf475979wkBcHVTO9yxDGVNScT7HUIgb4FFQtPb +HUxXGx07gTnuss+VSynQqDmY1pM2mb/FQyaNTdttJDv8Fnah/W/GGRHHEg2AFkyI +2iwJeD0bfGzs254BUF+jVn/UO6Qm0m1Ce4hOjWTtHhoOBVhlWEeDYJ607RXOck+g +tSLdn6TaiIb+y4Rucj0AQtqLhSry79fuu4VCurn72Z3SLFgPfAIjt0bQaQY3QJ1Y +dInKtxLlAgMBAAECggEBAIj6HCLq8NxP15zLLSSnUQK571PLix+iWovT74UD4tEV +frgJqvat81/vL2iqq+P/ZtSrUjfKD4DMXawOGGFOfvl8v/9zWv0+8zYKSbz1DYBK +525mGfSkH2gxhjY2xR8jU389ae8jB3NVefLqHDiwVBT67sUdzTwZPtRUjiJgBliU +soJCsCutHAy7GW68N79F0BQItHhjMt02fYybnFxNvBntD4lodZDn7K9iqBoZPduX +TBsH1FcwZQyvQuiUlJgjUFM//5zrZUMjErv+3ev5c/WdpY4ycbo6VVBGZouVbyeX +RAWeDUE1nrsEsLBSnTkXVInFjPS6mBxsIi/+hlf6XCECgYEA+bWYDKPgelSe8ii5 +mK94wcLr6MybO+GrBHT4lIP1UggGsvPtXTifNvgGrYx90gmmL6F9QWHE+4lxyh5L +yEXCTHXl4QopgZCxWnnKekz0ma0lFlGYGr4KA0Z3Ntp+sCb/hcqVW/n24wVhNnmo +z3ztlSI/GY3B598R7dO9sR/RoYkCgYEA8JNKbTegmeeaAyBehEPy3eajAiT6759p +7m6Ml1P6IC3Ff3fllJrNWRi+JDKnJF9SUePOVWLWSgYSJyFLoiWK1CzoyLPdbcW9 +Ap9XNzD/aoDi6DBbKCFhRpBCsmTPnT8eFvA9PhuYY60w2UoM7byH+i2aJ1Do3izl +tLsHJbcT230CgYEA5S4Sl/9MBlpl6xEPjh/2L7drdyVaj/IFWLjWcNBPtnMhWtrf +joBqODQZRO09iSlL+kk3wWsvNEEoS33UxcGomy5Vxl3iTET1UXmYKPk6QVUVRc+r +T1f9rpXc0l5kid2xBSUyQdFAE4obd7jfA1fAYfClgxmEzv//34xHfCoc5ykCgYEA +01sD00pA3ZXc+AwzHY64y3z6D0M/9s+d+GzFNZoAsM6lqaRDXbhW2oTjX9fkgg8A +upMiTl/kFeqZfilBUnYbLuc5qEJlMjC8KpakwAdbDk2njAgXvfz9gknxXts0j1jJ +bauokm0aB9A7j1sAWsj8ya3QtePegnr9YDfEQr1CQ90CgYBfAQaYG9ldXcxTlERG +jOGu0bh9DtnmwsenwTZQD4mNHpvL0MkmIQxR5FAL8XXbNBq50zCiOapLLrhdqbh0 +ih3WoOdqxLIDQtAJYs3ANhOmEAxvQPxpPKhRHRKPGXxyzgW9zeQ08GpYoR/M7VRF +TypqufvopzWOpbxpgbfiJQmd8g== +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-keycloak.p12 b/roles/ca/files/CA/private/dsoclab-keycloak.p12 new file mode 100644 index 0000000000000000000000000000000000000000..41e7ba3a2fe1ed26a9e29ffe24a723a5812760d3 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7!1y&c?}<+*7u6B7qRLlb*~o9*=(D~h@ORwc$R zW7(e6P#$DyKDVv5pz`VQNc$vZ?>_0be2W(^6PEcBd*e}C&uqRG_n9-BA5XdSkz=X8 zQ~G}2jSH(Ix0{L=2rszWe|wRx)#KX+_K$>G)~@{0s&V{By2A(U!d;z91isuZK76xy zpXCqjkPFpMrk-+G^<-kw3HF&DlKM9Fd%}&IrFTjQ%nF;=S)9r7#ANZ~^Ky#!FKUF( zGdkgsoo&YcnEU1P^FHm*&0JcnI8;B)U4GMNhtuVV-Gv5%-|Nptl|}Ps*>=slwpFHe zQoHXKrG0OcEmQUSAN|RX=`NJmu*M+x>6x2OJWh8D?kuqsl(;#YF+^Xg`jYRQR6cF( zmB);Jig}-MUEm|z`;GVgjIdG(#lVZ2%r{ix;<iP}#08#W{+-@rY;y7Jg@5P1-St*= zTs_zHipx8Xn#msj4yex4$@ksi7^s?BR^`e!lT$!F|CBqk_5apK{O5vNxxT5+jjz$S zH_Kt0Y^eCj<kyy|^Buq6DPm4v*~qKXFo)-e``t>hAG!$wizRIqZl5k2T^afIGWXX> za)xPX8`mArn#C-mFR|BU;msFbn;GvsG)@Xmbul&E^LF~O*CKa+7k}C=YS5nD$HCHd zBSYinmguG1L>1VAlRob7KDc&5OrV4HDgVox%aaYhJ-JuPzhlRX<v&h*w_atl!ge8p zSl2y{z5LNTzj?;}JbP8lMzm(xjsM>(6y3O!Esj0bR0`f%acHJ_+I+sE$xfbg0!!sY zGx@JZEa_e3cU^vMy_VbEd-9tfmS)bnA-7TfPq@<BPfUNgC*1G8$kfp*`7~sm$Hv1I zQ`47+oi+WtT6f1A?+HG_{}0%N7;2`vyb&-D^|Hv(^uL`m_l(i9ONOf-&MkU*PIQS} z@be`(9LL=xMN513?AR2vSA*wDVB%Vn%Fi|L9yEI=u3ySl7PqPUe4pvD{P|UH1=lZs zd8j3qPh;Ood-32e%Z_c2-e&esb@hRV6J@rCDyH>`FmA8<wmrLVpRI4_SKTIszX}r` z$LW1hH(ns0BK?jdpl1I!iw<U6RxYtf%>>7@iB~?oZcCpvPoO(*R`bDazc09P`s8g7 ztXyM#A$3c$`0B))92?tBe46T;-#yoHD(qhJJeTuxa)}XFQcP=gbE(?K9sa&P0m;1! z-n;m#7CrrW{-N$mz3ST^<9u71K67qb=3l)ylv(HHr5SraTThu2w_w{e%^%*6J_f(M zIUzMnMP&DNjqQIz5+?n4up`~@-Q&;)(+?<}D%dsQ!<HDy+eIn$Q5P@!9axf@fB13u zoO0!({)?_Hbr)y+b8h24?P&S1g_+lNB-X3Fd>?XO_ldgGL3YMR+k$2+n!Q}JPxSKj zJ(p@YZf$;h#a1xy*oFM3oT0YfCUZX5-Is`3TRzFW%GO!7G*Vdq*xar5meY+lEq`~5 zc{kg-fR^vfcc1RFI;!~dwY<=ox*0NGHZo~mWSjZymy-HT-#h93(L0&`3(6Fh$R6w3 zzHaxv*}aho+#OB5U1#oAUtHrZtrKV6X!FeI2lvlhi`{ug&N*hbEmu)4aNK!XO?bhY z(6u*~%fHmCe3F&NAriCGWWrH3d0+RXsfQwR@1Apg;=#0Se@?}ND_jpZ&Q7j&d1|yv z^PZ7aef_rjFthbC$;TLkEsautl(hbI_<ql2jnCaVomK~bcvMcY{Fddq%`V^E`OD@@ z(_BOj+V7cqr1j16D-BNHWzrLBmwdi`sYpHRTtU)?DXY5qQ<*nhGn}z~^{TZ;oKG<N z?pyZms-yR|v?b@?-C6pA`>zCx>5Bb|&i9|KKOF18JHue#^v<ZQax*vQiES6_T>T>< ze@<|q@a1-m<2#BDugEH0VcT9_`c};O`yysZj`Tu<8sW6#!EX;Z{CIEJtXylqVe-5A zCR+RMyZt_)(!B2a<2mjQ(<YrO6y44&Q&RJD6Z48^W<Gw?r2gjlyDxpwAmMr{G)iFB z=}&I&eoC<&%oKM1&G*>hk#_Dk2Zw_P{FojY{Nr*=+)*?$`lsf1o7_Z=mG?M)o0Lt` z`Wt+!a^Fn}j&I%XtQw^I82$eD=UAOxci8RFI&Gc(VZM@Sm*W4p^^45@eQ58@YQNV% zi_TxxYLN-#`s*wf#Z&o2U|p(dbF6I9*XNZp@2xreL1EvTnyS}#|6iK;M)QTb2+wAr z9h`ht8{|)~Jk0y#z2-g%g>0TWpGltVS<JT^G~A{n&QhHD^ALyn(XUn4?k6RkRV}&u z@!|uQ2UiYxnuZG(ubMlf!7lTj#?$wkZacJG>sRNt+URusv*lGS-Gd+RFD|{o@3+KD zW_M|8@dWu<&-(;IxDrmBtrqlmcU#|h^xWR#_f?af7cA62`6Wm}Vq@vA&uhOooxFMO zxo*E|<NPJO2fjG&E0+45b(1CX$NSkYt@nL-vQb|q<m1Bd=D0J>hyIj2bNbX=vqYIE z`hlX&se8^J`hGr8JGZVTePxsV{dniI7d(vxv=sAg#bs}>h&VmgeETEqsb=f`qw#T! z`_|X|UjN|DEUDV7L5Xq)E2^E2Ot|eIA8<%lNHgZha;6JTOv@5eIhDTr)Y)~C>)rg) zu6#d(CRRtJ3VA^js}V~RtDZp<tCm3%s~Q_Ota|2RWLnU~^3I@%<rPY;%?zrw=WV%t z)#S85I;hrWX<|8Xe#MVH5f51I)m~c?Wb){zV@xhL=X24olVZgt8J(^4sC;tx<f3cN zs;O5c{hjuP8J_4~S9!Smm0<h#MOSBiC|;qW{)T(<io0%iesJ`22rfSoxBS7(v*xS4 zq+CS3GeXoKEf45Fa=kO8OylK>#|`)QUfB?QW}jtKU{vx&!Fh9YTzV{)C+_5#zf3e= zc=nQ<zjsn%IbPP^yndSViTlEt$3kBn?NpZa{Qcdcwk^m0oBH3fg|}UnvpZ@hPx_%? z|5d){Pg_#A^d9bz2yt!seY>t+s?nd^Ir)<0My~?j^LwhN|LV$+b9l$6tuy`j`oCu{ z=klzzGL$%WyeuU}`e9t@DfR<K{ww&7y5Hzay*7(8^P<HzYg3J%^U_6jK4MF~HT6>B zkE2JGWV}r5*3>@=dhH{VD}8Hw%%TK;jrT>tVrz>XtnW+371VWQZj}3J|3s$nWI?Q7 zOZ%JDDL<lwuhkSMzUbp{RQ!_neBHx`5xburxgOm(uRgrwl;M(NFYLQk%C)qscI^y* zGd1CUvCt%`bwAasmiB+Y;8{5TLVr+#*xLPnr@nf5S=f?|`LA7?^Od%pZ?3JroBrld z^4nv2Hx$;~ko>vG``+wrYptKTJ8|nzP(1K`(#-mx+aAhVhZLN-t?c_8dFq_h#k?lm zZ(f`-NBm*G(OCw8mq#n@<s~*9J*#o7JMv^y(bNjD##E;3&dRf;9<8@Oec;AvqlM`c zrvGWl_<iJu)W>)cwr#&`3P0aX+hml~@v8HmoU_<$fdlp2&MzZhnW|R5-E8^bp6dHW zb%vY^Zr<gs*I%pIw%u@T=kt|~bvul|SKga<r*nH)W7YNi)aT!Xl-N5wtMs#yt1U$5 zwmnJWdf%$6C-&7detxp&>j^S%{_k&izm}<qQ8>YSjiBAG9+8+&-(xQEzRKrLS+-T3 zH|nNtoQ;t77Y;TX6F*Z2mfVn*ZyB10EDi|u8rPm)G{>ja*{k!MU9o~!yj$3%=wnNh zo}ZZ^a?`N)P@=_`^tI}H>Z5Y>J2m?b2F&~tcKV7|b-E?PGrsF#v+9hL8&c!gcD61{ zG&)%>@bH<>txtj;;@oGZ32%{&S~KgtQ&5NV#Kd`8b52QV6!Yg?SShIRLRzG5Np#fN zg^w5gefY`v(nssX2QnF)tTQ6N6nn;gwVkSKo%woQ(3J3?q9w-8$!;1t8_Xk(-YuOk zz$iCk@#m&}YTG4R_9Un8n-x&u(pmI%asRD9!nxahE?$k)UG!SJYUv%{3qIWfuUZ^W zy)cX8+`m8K8|Tuk%FAB*3+hagFZN?<dp+H%<*xAc>028=ehOZ%GU=a3>O|jddn6C4 z<n&3-FM4;P{d>%w;2%{hr|f*!bl*m5!M~r`Ex%3Nd&Dk2WWT0={969|8Gog>h)g;A zJ^%ZK=)}m!YCr0B)GW{Z@M@pZ;m=B@Y}tipcKmES>t)5d@j`*R&Cd4xw%D}XSvlNy z&cApfyN~OwaYwlSmMh^54^tMcR!lh<7?tjk^kVv>OM5~zHs`0GJ>jE}^SYrYwPTu~ zRiF5B_C><&df^K%skuI$H1(X(iI6;v>RK_LB&C8s9KyPHK3x(!+S%Q-z}ILEhhCpS zl>LdWHwqq(N4Ew3m@)0vjfh7ET1PnJe_5;*V|EvqZWe#)K=VtlGZEA3RDzlgD4TdX z7^)g5!%Ig_QA05nkv-D0w`HHT6m>OueysY}-B+tCSP~2j4HOMH*;uvtn3<$l8CXOL l3x0`cr`sK||F`G0{K`6~$o2OdSU3c|FVA2Pm>CW#B>~lqTi*Zx literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-kibana.key b/roles/ca/files/CA/private/dsoclab-kibana.key new file mode 100644 index 0000000..9eec2e4 --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-kibana.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDOT8kPhE1Oe9wR +kMlJqPNgRKglG1mDZAvR4LxZUCKl9Yh6yEBl5CI9d9KPnjAXgF4ghbxwZ2HL2OKf +mnx7puhOeXvNhm4mUjdFtqu3b0CPelWL0ZHMIW9VN1A7ch8tO791R5GIahzqOd2L +JTFVDrxSb78Llu/jElzaYyJU5bOViwKeVz57T6D1bweoW0V8yzSDdzSlsf8FEoiP +zMQFXennfSsS+rtNJfT3BOeVBpXqqcR1TvcDZy2cmvQB9iqNbG3QWanOHxKxdjnI +B9Qgcx7znLlngzuofG77huo/ao6YTDmp0U2+nwpDSRv9CWe2YnH9h5pjJQCqx6FN +IxLjVg9vAgMBAAECggEBAKJC7gdeLs8Da1oFXcqpLoEQfo5wrD5CeWlgL8Ku3BFa +wzSOOtfoTWW6z8hUyc4yD9XUWRiutqP0uIh+oFlANIVD1rMWf5t0HjSeLv/eaBBw +Tsfg06KQyVdkYZ3fa9XPoA1FdJitnIA7cpr1bY9QP502djNPSux0jMLWJTJQVqXN +fXykLoIvB8xIPWbJAJMgF75turJMFT3wGN+qjCzbsZqIHmqp4eaKoH4Mz+Y6SJcA +uSzCdGKVPxHUVZbtkXn5GZXFx5YQ0wwRHJRWQ6Fn49HtKc5vBc7PN8fG18+s3DA2 +BR7MLgIaHGBKsnJgcOOZQiRCQP/uBBEIxIF0qU3h5UECgYEA6aiUvvBNcShCRaaH +Wf5GpYTT1ANNv5+3sCTy4KKt3yCxyyn5ENEFL1i8w6/LffGIAsoLnoEcxWV/fhLy +ZH5FzIYxlR/w2rddUyOXENx/9CWw/IhL91U9525JCJ0B0TBkZ9842ORX7kcI8+0g +4oaC5bDYTZotAto4ftNIzmfznesCgYEA4gnREIl4nv9v28x5aUS+HhSpsH9kkVrr +FQ0amCJSHu4U9J39MXS3Fju3rlmZG59J9ymEQ4tr0Hq3S+tsTy4hP5d67/KtoxKr +3smyKduX6gfOmEy3TjCSc+OMebM7lX0crX2+0JCm355yDC8fxdAGxpmqYvwmVw9Q +NbIb2mHR/40CgYEAjshlnQhbSnq/hLBupZ+srBivGS+rox2Gsizh/kNq3J6uBuhv +Osd/0572Ot6CC0Q9SPcOgp2DZ1zOu8v4M1C2dnTKd8Y8+Gp0rQlilvsndZpSvP7M +7Sc53OKX3puTMLHRqWfO5TskQIdIAUc2gTaRZqragxFj0App25ZhN0BurmECgYEA +uM8L5vhu7ZitjUk17zKsOo3sW4kc4ZczY4fOOZq+B9niukm+LMRfuUbkHCHXg/UN +lY6VPGBuqwraeLEoYei2eHbSpgKFozHt4f6Is55+K3Nsn6sBqGUgKK5gOVSon8Wm +P9byvzW1qlmyp3GUCbjXAWO8IqhEdKPpka1pBnk6KDUCgYAhGqRGJ7NG4+Wz/0/5 +Z/IQeEsLO4lB7EuIADn9udmrYgYqv7sHDzhIUOviJPRgf2ag68LEXXZsC029famu +/wbhD6pw1yq0QKGDcgH/LzHL9+74TqRlT7drPyOFPqOGPKtc88wL/aXRC90n7dsT +jFEbunnLOfUUjgxXiJpNU0FtjQ== +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-kibana.p12 b/roles/ca/files/CA/private/dsoclab-kibana.p12 new file mode 100644 index 0000000000000000000000000000000000000000..f9e8737d615ab77c25857cf3b3c8eb2d77f03104 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7zkz3X<M_;O+c6B7qRLlb+#{#WVQ=WboLTA<Bx z_;#%94`HK*EBdpqgb7EV()ly9`tzHXpTRnB|8KLm3||$dGt=tWqsPD3B+WejGSNKM zd%sDrX=Z-#S>r=lXR0=QU)HxbD2VZPOH;}1?xTVQx!V-nvi`k2ch@yXT2XIWtylVG zYsvMl&MudVXP*`9uQNYlp?j1$wB-Ec;FB|c7|&WPlP)WxwP_xQ;th%N>-~jF5^4WT zi>K?R?w88@b&K!JcKrq0pYlC_d+Pk{@Vb2c{&Qs(@~849C||m_?%ipH{yi@qsz=`Y z865k=|7_caBO8k5C5J1ShTRKsbAP&ewM+OpV>>g~)5q>u+k3s0Uf}HAzBKhoovq{A z{}SaqS>k@V$I}lRulCwF&0(>8pp97iD=mMEn~%jmdGs~D>b-LKg>NH!n5l-QLzSm> zxYhC7LFzlT?v^f}=y*|9yGEMX&V1V0(|T{561wMHN^yRDmpjiXr>gk%zIQjWBChT7 zJ8)BL(w(@Q%iLz4d6KFTrZDUJlPb}|;Lhl6OO$^;IDGiUbzzZzJMYUbxL+K-|5=;m z8NaBb{cjq)7`OhAXk^=9ec?wwTR_eC&4zwijfpRAy?;Jc+x8o$#F7>1d*5+}n6@%@ zmo<q;vDStQZ;4*B??}FMu=gpp)9<e@*?4Qou4WOp#*f??S6z?0yD44V5W4?(?Nf!C zS@BKF@3hT5ZSQ@n?XS;qm7dF+y!STxPdc{s-{zc?+ooKfpwxXVY?V>=*Rm}a4oh5P zPC6m+nZ-@c{BHNdwnb@ak7m2Q_<u)ciPZ9tQk}minM$r%ea#Z8icvZ2)^RY;a{g0! zvnIui9kUPrwG|KFkXOU>Ym)oxTS_SpJKjnhNLh8R$MM&{$(mw37eZ&UDt-NS^<mDO zUalqFk-HtIC-PRaob+7CB3gfI@1LkE6(POHeq^X>hMP;R)qU}0zm>t^AO(}7SJLdA z#1gfZJ~j1Tq-Pq-Ftu~x-G@aDU-=#|9NV8VHLa!C|NVM*-^**Jq;aou2zV407Tn&; z&ab<nwCT)hyD9g$7Om1TH_}<(#PHHC-}%5j<5j7;i&j0CwCS28qLyxF>d))BRQuPJ z=_T%SPhX$)U{6Mo{xmKdVJWx0fzK5ceyLZ9ESPcn&Kse<_A2q+Tob$*?|1(@^X|XV zwY@SzSC72lm})F=z-Fy5AKO&9u%B;4l#fK;dna&V!HHA%TpE-OEZ@oZ_*+ft>0HRw z6SDogH;Yn`v&hk(I~x>C9T)N*S(Vw$WtjQ-mz^Y2!OK6s*K2yeJpA{gbUk;1xyNj~ zo^Y8GC5EQ?Gpw$iK9w=aM4*N5-rl}#H!3Sk&j?9=U9DyD$n5hK+XH79YCI-OuwTA@ zamk6(KbT|A`W#OGTzt6v07HPOYKhpXis?y>$BxfAB>nS-hG@Y@rtRS@*-7o1b1$Eo z%`@A1cY~L)e`dJQYVA|@zdDL?|L`lD8^ks62#Q_qEYOah`exy&{Tn*^QdxuLuE{>l z-WmIB@#aIDJF6}lUt`p2(fv1JQ>1TO@$clS1(q5XPv;u`-DJ_`y)0sN&yxA!kNVi$ z%pBI&tc$yK$H;f?%q^cLew*nKzk2;LHP>A)&bOx7G{67#PhjO$m1_}ou4kEb%jP^` zytHZV^x3-?cCXp>pYQYe<jIVdOiGiOE{HB_oSgMJS9;a8yUT+fKJBkMeDhn>p2u<y z=MCSd1-a*`X2*Fil&-W8KGGMEdT!IQsj5NAE(>K7dEFN+d;6t2WajB_x55tgCCu-C z^IM!{%5Awj0b*~?JD<(mH`5_z%fa$(2lguI&bS+=6VTqd{Lviyth+VmW?Ytbe1B$M zVzZi2;I=r4TU^q|jvCv{mYqDc$F*o@k>>TAe$W58bU)M#*5a32dVb@xqQfB$>Sy%3 zDrf9ixZnv(^n^=qG%VIjFS&a#<d*Wf?1dT{CLijqKHUC`d6n6c`%khSFs$NSzH;G& zjt}{pwThA@G?j$TwXB<-K2zw^+v(5DAK7ep?wRcRT;Gnj?VjFM|ISa9ix;ztD~a|! zT=S-K*V;9zn=)2--h8EdPPWy`-&t>i%f`p74<7ePu2_@e|2!)#bke!|FW0aZi9ZzL z@#R{t$m2RgFj7-nMDt8cb$@UhYp1kV3^#9NX`Q_9x8|=K*GVL6@a$NVXnEk<1wW2D z7bWf$m#kXvFE0@)&z@-6y2q%+?9#sY{b^F{^%oYb$e#XN*sJq3%cKpmiFX7Z&hn`K zb5C*0%OHVe*M9EK2%qq%CpYR)dG$snkq(!~`O*jf%{Y1T&@l$7wKr@h?=1g4*WGgV zzQ?z%Yh~4r@p?@B8X6^XvRO2eT{tT1)AHwakBt;x=O!@c{qCQ8zr<NR@7g6lEuosf zorxD#1srK)np^goy-N5^<}AI-tNdPkI+a{~>sxna-j=!lk`2V-Pk${@=sVc=B4OE8 zkK(rv=iD)gdpQ4N(A;WCR->P%TVK7}<*8P-d-blBQB02yg=H%DKb-vP`j%~9&oMc@ z(ePwfzjPurxu{>}$oxlXo4BG2wWAf*uTV%6-`ug9BWP0D!>NDtyefCDK6zNM;z#Ye zx2AT^22HGvNEPyeCRQVsCRROzCRQzjCRQ~zZdmoq#mKaviRGO^6U!@<TALYEYv=L` zY+d>!<vys^W@%zM(Nklr_Hcpi+OxHeRa{)Fgi{)yeYWpQEt)wuIrqWgO8aRss|t4I zr1CCnyxpSy$<yWVCIRykE_=6KcK;sz>}4an?E3`~q5Eqh<}b~N6Lx3(eZKp)=$5A} zwY$PU9SbgVddu&da{kFCk-Y5^Ez&OE4<ER(<HK5o*L^YlM{E!L3*30Xv3jHCHkH&T zH9LPVh`zl2@GG9Q#mmfFT|@g$pJFqQ?tQ2K+r47{@>7e})w$2-+^y~>#%OvrRYJ_? z&q>{PMP3^g8Mj=LYq9$^=gJh-7L@~SYm0CC%URejO|W|1yI(UVM|Gom=t=STTf9uK zD*lL8O*2Sg5Q@IOB<^O{frQih^}M%qce-tP<H0+jvG4EflbpB3_+twhYJ_!vT(9?? zoXvl{qG_>)^se{z{B6m0-K);nvX)M9-}*oFb>#eg=E=LSuGgE&w5iihie-AEX!T`} zvWaYu+ApLxvA<)R*3eYS%@bmG_~W(YE4TJ`oit>6eJ6-#x_Z(U+xe02Hr!8+unRNS zocky|M*NK7uK=Z3xp^IhAs3c(zv11-@owtBf7f?O=WOx5U8$&=X7}fP;^es^+4@Rz zW*+kRTf8dB-FlyamF0=>9ky1D`}}`0g}weGa8`Ho2CKq=Dc9FbvfFWLnbqMm`=?*- zKde9fT!TTy{aK>)jmf^o+gdkvUo7f;%K2$i%4NZq_oEy?ar<!{)X_}i;<uG8<<7aX ziE*F9B&G+G+H7vzDv6$RX?}226E7!=;F)P`UksUbr0!oT5eRloet$fD)rL(io3DTM zU(x>e-SnfgR$Qq6IHSVbyKhnSk$by2LwGn}<@D7VGfmStwb%b1L+nob2Xj={U7M(% zS-N{d)6DOT&kuCAT~gNTDox_JT6=TW%Fip~7ajQL7X9>x{h>hdkoiuhg<YPDHw%^T zWUSn3<Dr-E%2NL9?N?o2xq}sT`zxz$bToLrwJ}&Mdv`L4>Du~DVntJ|-6yU7t=3%M zF5y4(>a6Jxx7Dd|8JNwxtRWZFxc!>!jwYpTduo<lVtSx`hj&u-&6=lTa=U*TD@b}p z-?LY05S!Se^?Y8k#ie%T`}0z+tzqDvXBgw=rj%%T?W?Opzr=L8c`cRwAFLyy_A)<E znr&9vd)#YM>dwVmjl;HFQ<}f%yztU{Hiu@aY!f@A{PV%lbiQX1Is%`cZn6AQRFk=U z$)BAsUm5o=wpni)+Q_ukK6Co!6D^+BM-sdD?x|?bo0w(9E-+Cb(uYTvFLOU5UwU-C z-CP-&_jlA*Z`im)Mt+X|+ORdx!k@-m+GM`rcFHWz$$q^rukLS-KKf?KwAZc=gtv3Q zxb~`)Eon>X8J&Y&a?Q5Z*EZhEp1%Ag)A~9gHg}2d7uH3`n&dy~zhuyCSl5{7es-eF zqAJ1S=QRqd;?e6{Jq`Wddhg1yx#Lzi)pF+2s+AWDqjgflS8uJ<x3;;L(Y8wKV1-V& zYQBw7XGF$}zH^PMmuz^>udumr|4e>2sRiLI-A`gRX@p<viZ(6zEA~%Q^VgaM*{<sT zn~dITi{v*pZBRU`7TLiZ>~LI4{T;&t|35RH`v1+nIQhMNGC$icm#543M%zX!pZs&{ zwC5+YsK2SXdtN>``5{u=_>%Xvbt`@-?ta7cpd&#@IYx=)_bmZM56)!_Wfdn^&A$62 zkJ(VwKp9>-a*7&?v51`WJ*KDBa$wW1ra3m%KWxu05n69#U}&Idz{$p{&Bx3n#mc}U m(*G#1OKZ{c+x>ps?;lI6@E$Qpo5R8(rlp+|ogU&1DkTBWK2}fw literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-misp.key b/roles/ca/files/CA/private/dsoclab-misp.key new file mode 100644 index 0000000..9b8a5d6 --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-misp.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDPsRvnoq5wgXGl +V0YULkdkiU69ffCCLQMZ1odEs0K/cngDzJGYWzZCFFXighYSWGBURI8V9hsfdjYi +Luis0zwK30bH8QS8Or/+S48qU4PjUIIGCfwq+v6UoHt/wj4LPtxyuJQQCguQ/UV2 +KYVSvw8gQ3j+O9NJII+apQyJuw6X8mewLfAXUyWmm0tkDnKKv8njjkG77fMzalVf +jVKE+qNnGntx+5DxX2HfROoLd4jy5cGDcVjHWIqbOUVZTuDbFraWcpCM7sITdeoV +xmvi3DreyAfeGIQtlrbETOFKTRNvbJod5flvzH4bSjp1Grk3sG2gG2k18bbmwqXT +VtNXxw6LAgMBAAECggEBAIb/4VqMVQTOLvfBJc0iU8eWtLbZMMb8ySI3Xs+aEc3t +cvNNOmolB7ymCTllQ0GDboH32mX1BaZKqV9IzHbiCwoqHZEDKgfLzFZX+OQTSwwr +nYidXur1IRuswPnHYZrfrl1net5+GQyShF8NGBs0E3nuQaxHaMwEvTNRCzhPfWnn +u/g3IExtSdE/XSxRnTGRQqSnMAf9OXs9bw/iTSR5cQO2mW/dRLr4aUCQOJ5Hx4mO +ub172vkNeNwOSUzc9FjtZyQZOtn25WoS7SusK7y9ToDqqR5OcI5M+kxq+fQo8Wvu +XlIeOvTKTHOBaih6QYEzHo9zq893I/c0xiOmfOr0v7kCgYEA7WQ7g5z+2Lyt35Sq +XmzyQyAEbx+PMPc7yTQC62YuvpEAaDFDHMphDw1zM2mraLO+2IuBuDz7CTlsf1zl +xwEJoEZa3odRi2McpqiUVQgJYD+bCUv35J8X93K4/7tLHvXDJQ3BKBNNoLHxjD5P +SlR5xBCFwZiiXAkquWpZaaWAbg0CgYEA3/jjf723dlWRrVcG/m7VJrhTWq10Jltp +8y786INKU1IUrwqFt7ph4c9/Jbop40QVkJKzsPojzWreDf3EZYGnBVhOLA5p4MC0 +X1ZTzN86dn1Y3SDCopGnJVP8X2EdDGfsTkfXxOjRCzSPOyZzxzseACw9WWAmullU +zQs4K6/4YPcCgYB117znb8bepoMVqwILz79PbRRmaV82qnRGRAhy/I2V0ftGvbWY +FCqsQzv9uKX7WscRTed+It9nS9c9PkteR3iU1HgFYV0seW3emW7Q6yVkXw7CRbDw +D73g+1U0ta/r1Yoi2boZ/8MYU10aBlBsEJVFrAIKAZAPagmIc2+hTyP6/QKBgQDX +FHSr3C0NJzkhA7zEovxwFXx+TKmImCqTjKD0S/gZMW6JdYpZmFOc/Jz2RuMoyt4G +msqSfnPZNPIO744liC8zM8zGBAVq/sN39je9OvUyikbG+0nNwh+H+jIWCfVST44e +0mEDSCxPHWcaf1+ZiEzUD6fOZ0Zpl5WW3lpPocncmwKBgQDIR7uJctv3UZkEO+oq +g1Q4jLUYJFUb/3fk1mEmpq+b90e/xQMqZHlu/KHiHcKrukdWj67d/LY4mrw4DebR +PTgdj9e0O8V9M7BYxDN+zEYrvmmY4A+tg07zm8aqmhCNKpOMsW0MkKFFuRiMkiCh +bopZVfjdd+d/56vLZW+GSBaCew== +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-misp.p12 b/roles/ca/files/CA/private/dsoclab-misp.p12 new file mode 100644 index 0000000000000000000000000000000000000000..34e63cf61702da91592e85b97cc2c41066f4089a GIT binary patch literal 3389 zcmXqL;<aRAWHxBx`On6w)#lOmotKfFaX}N$2bLzDHwH~SFASR4=Od)p7BsO>Flb`$ zVPa%3Xku?g$S@knuyH|6;9+Dl;A7#~W`A?S%O4B!n3y;i8k*Q69HY1z_Oa@3PW_hK zk~?LZ*^ARp`yUuP8mMekesuhy(1|Hq6N9hie_pxfYDiO#;hz~g`{j)G`?7?eiZE4Z zjP7^fJ9uOlzmBZ0&;QCtYxk#Y|E%z0*1Uq_`TG?b-*!F;iAb8gWRs2d8s}SlpF$U2 zNywH7(z_$>+uyJ>YV&jH?{^%+jmw1Q?~FMiy5`^^yI}A8th^iMtDH|i$$I3ZwPLWE z&!Y;B*5y|xEbcrJlI7cJ|ETiZQr#n}pPLu`on^eIK%e#b!{BWPw=V2y<DR!fIJf!r zq<xK7`wIiCxY&N|HsJL=nSIxI#mU8=_FR2ub+BQ<siQ~EO{fw4vaoD#$Fd!1d)lWw zD`nhLV83F%(U}i?G5z%o*W?P<2Ieo4sNQt$$)&Y-?!9uHyVgU4XUfyO-ig0o#GiXF zyL>*A%cX|y`)$mON3!3m>dcy4GcPXw?hAW^q=<cAw;D~-p5)eR?PN9c`<L4X|D8<q zu@kIG;Y#TYvwk8Qz}%j=OZn=Nl2G59X=mThpD335nIrJR{M(`3Q|u-@EdQx_+n-zW zJmcgKQD3Trt2+;KR2`f7&|7Ot*A>-TsScg}B1dfU67{a>Je_V*U~YJ1*V~^#e;<4c z5lwyjYSyADi#|mqab4eYRQW`gz%Fb3t@B<g`mf@iEqmwo>GM{*oHnuFc+LA@v+vPr zKVA75Lcask`Ab_W*9y7o-!#?UCZZ^G-k-hk&H^*8Yy4Gns?I-Y`*AFK9kce0qtmv2 z;PaerdV6lfEyl#D57umY_Obkv{M6hTyVl&URSEXG{Lf!Hx-Vm|-t1Xx0z9XcG$*pn zcPP;CwJj3Q4tr5==l^R1Ut;0Ocl+ge1fHC?x>e78$>P|`w+_?4wMoCURkcgHdC%(f zj++lHIbO~2c0LjLJ7KrG=UX?)kdF&K%-Q;Ka|7GkFF&I?9pxj%Y{fW!e0LQItbE;Y zKu&+}mW`FhGcC_GF_%2=*_bEs**^N8`L%+cM&4BiU5z@=Ha>sC@$N^p+1^&ke9rX- zVn0%Um)|x~x!1VnT;=Ncl<<h@(!Q>i7e3~TicWmxWN2U0BXQ~Gi`7XNLQ}ThxRSCn z_jYs3oan>Pof<{h@9u1T!|f(@|4G`d75{xK+{+7>RsT!6`0o6)@P}7B_kQ?z)tPT+ zZl{9w37?Z*FO{n&)riP&?~JdrGK(#8y}aAZ#@6-hB)_Ec%9!J+drpi0d16+Ut@7j9 z+I#O>i(^)rPkv%pY}x(yw=3@iNtJm0<Uct#Cx#Wj_*GzL_<ib?!;iWD?3G&O@I>2v z`j3@0ihG~e9>4vSm3<x4SuUnp<!@CMtwALs8}d$ky!(A+di#rco*rBdk<*iV>x}I; z>(y;vb^U;O-FfHAsHJMRmNNy{+~a3BesEFpwf9GL4#s|W+g)b<Ptt7v6g~e9PldjJ z`hIigbKXM>U(MM4{>v}(oxYEj)-n9sIOnb0yL|Dp8>Fw9e?Kab#(Qr*@6R85a!<^i zy=Q&--;NvWv?V{su7BJ=-I{IM)^$ree+W-gys4VZ(5V&c5P#EWeoX8#)to~N<>zlc zEY=aqztrtnbE9}iVMDW=^c1!z_LoauTqrAgA(A+)VL{HJTgT>YJ*M$aRNt*IqvZ6v zwBN@WOu3FKub8na@UYt)pUZQm^grA*)rS3@NYbCT*3%pFey;cSUo_icGu!vGpZI#h zPhYttRIw`j%O2~w@%=6)A&Z1#yA>DRoA7dp$}OWKu?=4)u!Wwfi~DWNdUBPxWxk_c znW^(<r@OOm>0Z3-XDXm_pj(1<!NKf%XYaoVxN<kU&vLm_#=}w-qn|8~J>&cYZdIJn zYJI~h>m<1LQi*=hqTQ03JElK8xcAqOTS;oG=j1;Bb>c<3(2heVge`jy#%D;sQfr_8 zK;|32<!W{w#?uQP?)oX%#k_Y%(=;vC(CA$L*!Uvm4~(0>@xH8Hw0Zs)ABOL4)9W_Q zewQfzA^v-;@4ce^3$jyBi&|A4*V0P}dMwMgS#Ggxf8~z<MxS*Y+~4Rf^*d4{b@t|- zxn*Ha>1!70Snj-?e0*x-+dY~eH9uukY?wK(>(<Q$rm@)`C#P~(bXYv&U)}d$=O;zI zsl|4NVQ2O+O?-E_aa}3%)XR=ZRr-$)ecZU}tn-Q3-?cYimS$eubx@FD?)sbZK@NQP z)^7U#dHKFG=4(2?pEj(^b*|d(xx(OCrrU}7=7jCbJ~4)D-8D<MYw8N!o&Nh&T791G z_|W5#;{SK5%x|TPRcaN}-$sZW`o%EUGA!({=%R<q8ic)S)bsYti?d3YlCVo|QAWJZ z2QQAd!MA$;XEcPHNJpC8a9lQR*OR`oZ8L=hw;FqGpVMI?-hN7ap*a^%>gl)_-<LIg z;J@YRmUTj<;!90XYNEHFQ*E&9`^NAyuhM5|?mypk_~A|2+%%4Ze)l=GXGFi3D`9-U zw)yJA%DHV_d&7?vwRH$^RmuNgoBe+FEU7!Gz0+J~i7Oubn>c;i<O^$s9&TivtM#v( z|Gf31^q;y$?#{Xo6l#q;xCPI$72kAO?eUUBc(%%+TV<J|yABth53M`M)5~##^HH6e zK@+PZQboL=iPeauiB->_iB-#>iB*k_8&)lIF)}S^VtHrK#PZ4jxwd8o)z(wG|GYY} z_DvY5wq|K!Il;9iq@mn?vqJiL!C32q8y##Oub2|OLMYqkosnZWgJ~x#i`%63?I)%+ zz7IQiRbk%anFV>P@;011WY4~H_Wz^_>EYJbb~QM@ymxG|xSp}w^i2*Q4jz2md`bCq z;)YBet~G(p$;{pvZO6QS>#8SIa9n<`c+2hmqoqF=`8@e+d9C8HRd=8dbG=pWZ6@Ax zKi>VAl+{`z$80=tOO$MNMKQnKgQ%BYM>KUWiLcyK&Jf=aV(&8Rmh`h#TWe1)c)=)b zG5d!4qY0JFMlP#;j>UAC1?e>17p<77!0hrVWmnj&@bLG|&laq9XWv&C@yDom@lWrK zvA<?-Exz-t;#qzCy|R>kW}}ULJEJ>Xzglmq+;Y!ZX#LL}`4it%%)j<By8qmE!<&VB zzcbnY=i&WRzIo0|`-hruencvLXDK;;X_a})M~~$jy6c&vdREyAe)23{XMfV&AhYKQ zPsHuz&iXE=TO4;jbnJ7tQ44SCUNrG;!Lx-o10S%JhsE=2PyLqgAac*2sgLD8Pl}gu zdJ=xDQ))Gj$~;NGIg*~S5{>WdB7goDyLrXYdWQ$!B1QF=lb=*P5l`=o`n)w(t=Zdt z^CWqn9nGR&v-i$8slg|4)8G8qbJ2?q4Lee<&6~`)CFaGNCkzqp+z&#hs!8cdy7|5j zyLPD4C{6s}<o-B@-bDvjzGnTrW$lK8k;U=bi-VZgJByc2nti%ej^*1^BW5;(yecE7 z{u3-JJyRzepM0EmpfT3w5KG1#!MT3LUnZ1t=60Rf)h=sd{#fC@h1z-{?Xxv^<o_0* zF}U;AKZAYGCVR2Vyew{;F8uT8`u(|dN`&!h!>s0T4|~?v6YgvjyJ2wi^06PkAJsik znY=S?$C{VACqw7&JoNMWDh7on=9X;9t3Qn9|I*Pg^__iS5|3-{x{Iq#Cp^yLJOB0p zL+dX^>oYGEW=^?S?a`*TefBq=E31RUjwCBCOup9MDb!aH|7q&NLrk}Oo>g4%VSIh) zUb0!Aj$hU6xy}*Yy-7Kb9z<LfDKvGsw9vil>q5_+i&L1DcCds$;eYkQYR0;Q9d|ts zbaS+B+L5Yfm16Zy*dbHzVE)S%FNG-q+iKdG70wte{<iBeZ<*@atv6gXe5L9Wi>#_Q z=F6MBW}h%iJF(W}@9fs;^W(R@a?&cDezqujn$oSzBe#@wQdyU$xAZQ4G0Uv>XT*c# z=9uMwC+`g0wMglHxLIGwiR&Wj7FCB&muG&+G!#1Rd~HE!i+Eb|44FepraB*@)<-Y4 z5N6)yB^fT?_y23(eox_BC9Qw7zvrawzjI%#X5zGa%9D>~SLLVm^5=+7?(~?$(`eT< z*FofPd2X#CZ?^Ux(}*{g(@&*_oL$v?>iGY?SJntGdFWjz=8^a!?`?ZX?QFx9_w>*B zW^L`!xK@yMJ#NK`>Acb}W_f&lzIAc0ib>zyblFsgKYgq$m)~i<6TK%lQ?2@XOW<lF zp=9^yH~(3yJU-RT*_nE9u29vC4F>+1UoUO_Dfmn9J^K@dPyhEiv>aUR{P-&~^RcHh z99KW|JCw8~`L}oJ3bx6YW%tiLYgxu~b*&~tbl8LTC11{-wccL$bl!yhZ^GZ3Nv)o| zr&}|aL*JXLFxYzf%}2MV99=j`T2gssP*%TuyJt#{{>$qke&-wyAG!SJr;*+y#{HKb z8LAp6!%Ig_QA05nkqf`2U({Ggv})@~91c+xsGHRF+1S9)K+%Acja8eEnMsP3fkotV mW$DQ@l~)zV#Wwza;JDoG%hh*RSvV$Nc+hQXyW1U9N&*08xp)Zx literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-nifi-1.key b/roles/ca/files/CA/private/dsoclab-nifi-1.key new file mode 100644 index 0000000..2d054af --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-nifi-1.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDr++3oZVHX1Xq +fujW/dXjGWguch+QYqh5dtjS9lHfcYA3Wux9+214bjf+5RvI1XPkyaXL6EpIJsbg +pl4ULJCxgbJpMeJEhZf1YBKIBp2Nz0qid7PZ//NBQEwh4XONmIIvNycMJNhnvccF +UEDFqdDkP7sMcil8vgYBlgO4oELEb2/aqhc0X17zcw53tXqaWeM80TlQFy9TGAWC +NCkbGVYuwtskeVEPqNlmPHIeoPcD1unlxrm+lOSEvc2TJus7F7vN5Vgl8ig1pLFw +3zJUhfY8IJ+Ii12DosQeMdmhdh0uPPh4ZKTdOrJWZb+oKqjtYsliLHK9nX5rH4Dq +vDNgR9MPAgMBAAECggEAJ4fH/il3FXbtzTQb5ypZ5cmBITjOpYU4kWjvvhYiTegI +xaXpdj2vTI+/Yg94QGbWRZZylrFzKAYlUMZq5Npn1GPl3ZhFJCB0pQ3mUHI9q6L/ +abiSrWwmAL1zY7i+dhEj41PZ4Hsk+Df/F1Sx8PwwBZvWNlpthRSB9BoQ4GAHfNTH +qkJPz7IZ8ZCWZRRve71+h7rBSJVnrz3iWUmKgGigFWErD/vW0PpD4apGkwe9egkR +2MDvf+x/QQ1vudzYHJEkKg2OMdsKokLmoJGmSh3Cq1dswAjnBqM+MPXUklHK6gZm +L3x3GwBowQSVI/EHJT6MeMyZSGAwJlouX0oN/Prg2QKBgQDkY2ZTbV7ih1wgIJDS +hKYqo7swHOo84JaMtz2FZBfv7KdYYUwAQObPD7jnrvV6EqI6yIOfo0WN28obz6fw +rgugYeAlFka5g1Gg5fTGCgWIy8yTm5RvOrNn7lOsE8xx1dPuSqniCtTHjGVqc0EJ +6yL+uZSKfL3Mgfli/RHTXmcv1QKBgQDbWHE5ZyudNF61xHAn6sFjESSOwLA4LsIG +qeZN0l1WIZjwq33HrK9YK4F3k7AySYGlla03rOWVArM13fAPlNq+1WRZ4a6iArdx +s3Wri9b7spzxz+OD9e+sPMjR3+odSAamZyWzk0++F+wQlu13rCX2kNO71laWOrSE +u6vvmg+NUwKBgQClMYxy7ZoDCdtF1ahKzO2Py+v6Sf/XVq8uSt/x2stBnBAS6hVZ +3ZfUz090LOWbjVzQXfZugl8t03slkJatjIYWVJUW3jz7tBNX6NyaXedQ4fAwGAlO +Rsw7cXQN9CgdcoefRVwJhsIPL+qvC3xQm0YtrrfVT5LNGHn08o1xMEg8nQKBgBDy +3Iza8/vJuCfDbgcnlJnbEUAWk4dD1ao+JpWM07l8Dx1JowZyyXm+otpihxLbqzDo +R+Itce/5rW9UHuCVV/G2+3IWhi/ulc4rV8RRoeMBAi+NKL9hmYtthvbwnl502k6x +WbBuiZLetlbx0peUrbpHppS1Eyu4jYpUFg0Fkn4RAoGAZsuipVjJpM/nj+aS6aUJ ++FNYaqZRsSpad/IY509ZD9G8lf/ANNxjwZuX4P3Im/m3772LcCe2LEv4f8sOfaF6 +wz/noWgJxaTqSaNmugNDhPJpXTgdgsTeqnq20MtHrpi4ZXUs21CDsJph5dlS/gWl +AQQhj15wJkiYTHv093f2vaY= +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-nifi-1.p12 b/roles/ca/files/CA/private/dsoclab-nifi-1.p12 new file mode 100644 index 0000000000000000000000000000000000000000..0076ad1207c243f877de929e2424ed953f60469c GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#4ZIbWgSC<rJV&Y(EXkt%zP#db>QP)$rSZBd} zzN;mSmBBNYo|TqpvE9D?<G;ttE*bo|74&xIs~-kB6V5CD7nEb@?|WXz!p3o6&*wMS zFE5DsFL`;vyF8{H0U6&_sy5{B^%jijzoHb<H%E_4Le<JYlJ!JL<bT$TNymQiYjEoS z3O=$uaIZ*rRVM#cuA3!Hj-RFSDwpo<+v3o0)x>}Hg`iWc7q36`NpRs<@6yE2!r&{& zw!JUzgXpj55SAxxrj2)YtuCIu;hFc<Ro1$j`xSXpTz4(nUViRkknC9|M#b&wfuS8g z;=g~}8OpL)?EAgNS6myK+0NAZCU)F9nHIF8gGGPtV$L+T;O0d=31<&Y{<6M6)ZuNX zM0VDn86qsTd`*icC%c82ZG6ac=$0MJRyiR(xrHa|MB|lb^gn1jQQ*>XrBMIS>m7>? z&(2hw$`e(x@Ma6wy0r&)GKQ8N=UkrD6~Jv(wxb~PY=q)@RvCpk%Sx;ldM^qz`8UO+ zqN~6$`1bFWUpA)Ic30kWvA_3m(~Xo#!q3eLxti>4i@1yOgD%A1XGy*!a^-{kC9@+& z3eIN@nlpFKXQ=z{vee^JTlJn<Q3fhCdgbEt<qesVvNQhNp4fS?M(n19z*dp{#!c<k zn@aWMl*-C3GhDW3xv0LN#WCXFbe?@X^LH$Y5IKF}ctO^IuRMBx&3$iZ1f6)Hxv*J# z+ok7*Oba)CKV)7pWr|M56!qAU4z)QCmoiyo`tR)9S8eXH<Ke+mQId0A|H_vBzPF)9 ze#Mq^;f$M&;-9_>t_kI@&TPr~8=BU1+M->}N;CI+W}ei9ZH>3Sa7<|X8}nFcL#u+# zy)}JIA*PaZ-!1zSallo;Y1@Ju<y+=2c(9Pu%Exo!K8G{UmKSdSroH&+C7!F7+RjPY zR;<+ibinVi>!f3@Yx>#r=Xag+4A`=;Xxhi<=G?@Rz%ymlsX6=CE9^S5ku|~7SToT> z<l^u9Y_Fni?#l@Zx;h^J*t2NE%re#T&+iY+-g5fwZ);gThtJ#9j%V3!n-jvgMR|`u z&$X@QYp?85GXB)IbMcW#o*Ch`Uze=qe7D3VySTSpQ$oaSgV>Kbe?L}Ab+rXg@ezw| zJs<M@{0BZ}hb`*$hGjQA-wHkHSaNIjw29f9R!ur)_5N|K>dGZwr}Qh`yO$Sz{``T$ zvXWM-bYD}uxAoS77lIoaIWqe1ZOeYSb=sW`XAOequ_W6RT=7l4u3Mx%Z~aa_ucum# zFEyn1m#e>i?kBS0j?3E~8yz2;bZPDt+Yf~I*B;a@|20+Z?TO-5J9t9VIq&s*{8HN* zontsR@p`P-kJWPdWk(nnWIL+fITbiZC!SZJd-ruot=s!%cPdO1Q;jlQ_{S{l%IgR7 zV_9yV>3s3id8cU8frl4LcI$idO_Ub0<_PF9yu3G!Z}!Ud_q%w1-q2Z{vGsvx#UwxT z9icH>?p=zV`0$nX<|F+A>$G3%3aIn4A8g&q(rNbex@FSt&c)?tTOBkH{`I(Q{#U2S z@-KgK#8>4Xm8$d3-cIVg{7lC->94=mZkHCr6=r!BUZ#5A9$xUCvwF|u2l*F$OW4$v z(#lnju_Ur=zwx&`czXNnPfyZkE&A{+AntZSsnz<|+tQmJ6_!UC{Ev63{jl_#{G@y5 z^rlV|)IO8Juv3xG_G09wo%|O+gzcOWvC`wSt0-@~#v`S3-;ON{X%Y6yW{R%=7<lmZ z&S_y+XS4s-UAD|xVXB^X`h_F+9-g{b%2fT$&tv|b8<$T{Zu4EWxUsy%#I(v`&WEJx zN3AK=&$0!LT;64G-+e4P+BE#g>Me$9R*fPBUp8{OUK3*q|6qOT|FczWR$@{+f4pe6 z)XDU7n4vzcBeY`8m6_~E%I@(kyYPdNv01#|MB;w;fhp6LUA@wK|Cq3#-}G0`x?87* ze&=mC@9cJtLEzZ?i|St|e=N!}dTrE@Z}(LF&bQ}s{sq5OzGc_6De&iS+opM2ojce# zdbQNFU*=O1Cx`By{!?|e<HNoie36ck+qM7ScFGdI!MDO+G&$xt1KW$RqN%s)w<zS_ ze|7%VvXUjLleXC2pL%2||6EIdk-UXpl0HbOi3WA@XkPn&$$Gxc;RZK-xhUUGtt6jl z*A%9Y7O@{x(!boT%hvdLL{~QKT<kyZ@7LLuE?wWfd)m~f_I%z0tJLJ*DXyBKC2@T1 zvAItVoe^0ub8A}Pj}MKX9?m)z*Oq_t@&3Mkwl1R|R%wnc#!-8Md!7H4JZIUrKbG;x zQ_*v|2PexnTb*BNf8M>!I^ygnR);IMCWuLd+Rd<d-YnPqU~5B&z+s~ap8FMpJq2G( z&n(%Jx=Y!qy?Xfu?j6;VEc@AC8n&uB@mF`vJhlAy3KxER;S28fzwCIluBg-7cv|@G zc~1^0iR?eqx8z#*&!hth|F)IS>pa;tDJ#6%VZPG>Z}A|ZV{!7Igx>!V(b(8oo2436 z5~J30V)@f>gDU}YB~=#>yX}3j^P$Gn9m192`TNebGG|I>Fg65zdVi`)_i^Z#7MIz* zayy?|<gL!`IyX&H?Fqx<xkq;j?oi`%c<wnrWsSDO*0K=&a`vwc?_a3~CciqDw05^$ zszDR0BT|LDpo!IprHNI~povw>povwDjT=@yb1^b4XkvM1(8Th}0J+v?2G!b}^O-_> zTv)h3wKhu=%ZbTrmi_HdE?}Bo{PLTpU+u~3r{vFd=LWm+KF*Lm_2l&r<KT@lE&gB5 zhA!IOIP*()`kUwkPS<-sUf*+bDd?Wcm(v(5Q|JC$K6T>$JJV0GCi-l;o%`dX$kxt1 z?q7;D+s&@7)_9${ENGkBr!z;awS4b29gNx+F#oHx?Cq*M3jYJRkNoqy8&z+)+wZ?X z>6=(3@9vn~q%5xDd%JaZHeT7<Q|snxf5=```rE~C$FCmX_#xv~y`$vNitgo)db|Z= zH-C+M`E-Mt+UM?!XPZJdIlbp$i+B<x)@;_|7U&UsU~Ry4$tt0B7JPzJj;gNgZ!?~q zC|%-I-(dA>iu{%@nO{Of_j=A<QWB!VtEaK*t;Xl2XZM_z->+`SXtZ9=`Fj7J{GC15 zgFl}45ejz<P`I*|yZm8{Tg-8j>zA&r4Ey=wt4mZ+ukBKo37U)v$rBGe(v2z?vQ_Fo z_~^OfHY4p@_g-9$J}&4tled4xbD1CdjE5%wNSJ<bYIe^4=_~lwnp7vAD>CmCoKn4S zgY3pV=DY`=>2NM~Fbh#CUY@jL>e2U`omkg={;93MljFvl3N`(A1*MVulQwK{Gbla! zsh?>pi~4od5Z~oH`7VfRA7{Pg8IZhb`iC8SGr287&u8^aKdchFCXUHxqDSmzuU|sJ zi2|E~SM^^?Y418T@703TOZVQ-DK}4Bx2DFzYSWGj^Bz1goD{NPqmXybkG0S0Quk_Y z`M$ZRj`b7ktQD(lw=aA6QtF9o<eO{WUfC^&-*YC0Rv+%wXEi!tH21Gz+n(4TVm~YQ zthLg~xw`NU+l%U-4!y^@UBsBqEj*UI$oPK8$Bh4Hr}XwmS>(Uju*|_SNKi|Hd)9m3 zIo}0h%r@M+6PvXDr;MoeuifRm9Y2CIEhm4w^`>#^zG#icx{rAgdvezZJ`b6jx%b`i zrloGWCvMMXJaheaQ-X%a%||Z2ox8#nO^$5e<Ewr=e{%Du9{Zi{`$GhnT}!qa&v@Ud zKa1ts`(1w?9j#(<{XTK|)B}c_1U~K+;&9(4!Mp8GC&%(14E^tz<}OGN6Lfv$th4{& zjE|3Q<pd;(JQABEd%1LXW`CzZTI=6OS@yM$mz|P7XR`nIx;%|;t!0<=H0M^gIUj4E z5fjG!YvK<^n}1i<`t}wt@SFa_YOmRL>864P?r%4*npB_aEhv8aR><js`m22kGSbTC zP7_)dDj81h%jCGSf7$+UYmPd{&1)~m9+dq0{;lW<d((w2g{`SGC62kyTb%f9^)bDd zXVffqJufs?%{>;Bc<0e8wy0Crzg)YvEzM-bc7w|c5A!k~om#@K+OPVO#qM~9nAtS@ z9nq`hcdOXH%VqLp&D#4!Y4*+9%eCK{r_@c3Q02(t3()H5Xypz{wTl-^d#LOAK>Exw zwTU%hYc_6K_)yHNQvd2|JqzvS67StMRDGW_OLW7j9Fv_stSOg@SD#F-NPe-@^=+H~ zY#BROMoo{KrjwVijeX~`qgQX;53U~9Bl0foy;-8B9zU*^M_%$ujDND@n6~#f*-D0` z`?Xq(!YBP+Ga;lxb?OB3ukpKov<Fz;Re#{IO-}ml(&NnvCh`V5(k8J#@O$=k|L^=e z%6iM<?=`bk9A4aI`)x)o|LxNcCAoR|FP_-XU|HxH|2CnuyN%azmqYE92fu98&pnkt z$zZ5zpbRe^IYkY{SVY!)?NL4%<!^B}s_dyW`_iX#PI1&37#b)VaI&##^D#3?u`;lT mM0`zA5i#{unO7`1SC6sfsP~=+CM+EG5A!4vE<`bbN=X1(3{!Ui literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-nifi-2.key b/roles/ca/files/CA/private/dsoclab-nifi-2.key new file mode 100644 index 0000000..a6d1733 --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-nifi-2.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCst0vi1Yd/jhWb +z8AX69uM4xuDwGm5BpGgm8Y13C/ojHIoUAKCxbHr2tnjnZXS2d3hCDVtg3OVmLoZ +/T4EZ5oJN0V50x0L7ApDy7gkzGhczi6u20jYblrzMb6HKIZ2jo+NaJUfcmxlSvye +uH3ig+I9sDBdwXMGrpv3mlS4AmuCkBEIP9ZfWVzfqiVZwGd6/OHwyUqL4DG2UxPC +v4xPOubtETCmQSatVo8DC62HbLJzxC5BPpkatilt4Nyvj0Vu1WkXDfFYpn6MgDJy +JCHS6bREI/YQj59kf+/mq/FDlNCKlw7kkb2GuR9C9JY5hQUm7ZABkRGjHwRbRv8b +qXR32xgDAgMBAAECggEAIutEGm5VYMKXN9M+4Rc8YjWgYHjMZy4ezzvvTQBhZ0DN +67yRZWMW37p1hwFbQy/tHgwM0UFcYwhnx81ddoKDsA1OrJy0KK7mPGK5ribtiqXc +5llLVwaouLZ78NOOq/WSrGJSk/MMW0ZX4LcoLF3BpfszLCFqYhV3Tw4Sxskmd1TY +DAIJ8P0mcAuiEw1G2VuVEsy8c6Ojkp/cJZudlhUk4J/Dqzhq3XcdRu+IoTOg1FTY +Tw6aW0dwW9niZWaTCzksjnsY6ydIoe6v2GMiCOzCnfmogAgfuTH8Hg2oDvJDqFel +zXNwxn52Q7HMvySnDn5j2BAYOyfybNkUDvjq170BkQKBgQDfwI+q22h24zg6ZLiC +0AlqdKNliU1qdtaXu1bU1Mm0/9/o70+TP6GUDeZ0xJVPDpgf/qULaY8k2H4Ucb7i +PNCPVYNF21qd591qaZA3i/YDNbXmzYNgy+hCPjY9+jW+DBEKOMDSCbUgUP9RJpNj +CgEadH2xvumPeuLLhFwnmDn3XQKBgQDFm7tWnpUiyOVWcdEZ+xXPiqRr3JZFcjHk +N3vSOVsS0xjaYPbyBnUNiw8Mxdm0xmaCCDHjv7lmIOCEUtD1YU/bp/e6UqvAULg7 +UasrT0h63eQPxS4tLpDaIjk5Zk7A/NFAHoTKrtbZEs1YONL8ltkrqOYUv4jaX1ae +76f+1/s23wKBgAUDDzTIjWJ8XHoSX3+uoUddLXvMw4sq9kuXyq4hxhLj2GQjWCj4 +N+pVFWBwNtf6f7XXwmKrDqXIo6pZkekHa7SKOdKKw1DeLLuBedWEsRIJVfXBjLvS +VXWGZzikLif/pTIRa2BJD2GV7uImdw603ql1Cou8twabvhDI+jd41XORAoGAW8b2 +fUZt8Zfom/uEqFJrUNcNgmMTD/H3pgz23y5wVA/jDRnX15SULNQXC1GgyUsUNPRl +Z2eWTg6a+BoWnsCxfE1Iyyq2Rj23MyW9IAJUoWwJDiIATk/ASu92MGiJzywca3FB +L3mAo5UN9hl+NH5DIvnw0lYa04FQE8Uu+zeIn3UCgYAgWQECDVgkUgoTtUZBmUAT +wL5cXXfmDnMNLVn2TJNQRDvLMkdI0naQ94Dxvky6BIbSqaKx67PA3I7yRIDUYhGZ +RM4RC0WpGtjxYmWyHkdClGLAJjSp4RPDUcCNAqmQhTySGCL4gBMalERbDzo16SSM +lyWQP3MOrilDi/GjbUi3JA== +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-nifi-2.p12 b/roles/ca/files/CA/private/dsoclab-nifi-2.p12 new file mode 100644 index 0000000000000000000000000000000000000000..fdbd25a1e50851b8ea865781bc903dcc78a1cc8f GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#CldqpBfAU)#6B7qRLlb+#*4<IrYbFNQ1q()2 zW$?s*US7GN>z8qJRdnn71gqz6;f*{YlMXy8c({r8OPyxkB+<{YQ;L@}DjKi+>1+1& z#m|-b+^6<36n_11d<xg`6UX~wtJXcLf9UW`w0+xL7e7U*eOu=In5kH#x7{&unV!kp zdv6t1{o=8xI_Ms8`rJDut)25L1h?I&w@_X$a;tmGYQ7cHiq>z`dP*O>t}xPmtzyCy z{BHImlgwquj$68IlL>3H^L-Nk;HqEA;c^BUkHS*@nI$_8KG;6z$aHHRlXl@PcjH9( z&ddwAx~16ctm6Tp>=$!#%AGvgqnobYeP4O;QLx#bDjV6<eOW7SE_BOx;pOe$b!~cY zS=#cRa1&4G&5a71jhH_jwV!n;YJ<68>-nVX%N0I{-@eMn9;1HQ;cnTtsctPZgk$F# zY*^^EOmTbE!6#yh&7rlwUMF_+rM*4&Dvl}Ux`Wn}K*QsGPJO;59Uc6}AB#21cb0FO z5g*m4(i}NCZqAV@MT!0bGiEM0!B97K+RQ&zev{5UEd96oM0fZ)c{>Bq^vcF7$4ehL zR@^F>rRSOcNoz)&F8>#ct6co95)Y>LatPXP{B51H&xG4NvG|C_xA(R2HrI4-ttfVW zA)EB}^c9cZx%+Ru>T<c=Gf81l+VwDowFd+YMd$ro{O-jY-**m-WeWPMofj_XdT=a8 z?1i`^=a%h8Kd-w_s1Lc_b4!D}`E$GAqu-~SuL-}su_<uIqt_R7L-h9gOZ0tqN~kEE zUADcYhi7F}iOb5udNvj348e*&LbDUj1iJ*r?YO%qUFVgB{d1*F`m1*)-D|nsx^gC4 zoderf2ai?rz6sA~P|IDWvEg9eU!HXj+CH6Rc~`#KRGPUoz3r40d+w2{8&|h}NV{R< zURmh8ef{ZtnedxmUta%Qv!Km=k6%ROY9|vB*&yK^%Vs4VGT5<GUM{=!i&uv9%d6Hu zjN^lN-mJYZchS5o^Q_-BgO~far%v8lENRB>=AE(ozT%NNt-l{UIot5Zj7w})^psRz z!=7tf4>9_^oab^lINfH+x3d2SkBU9+k%*S&mgat;S2K6joZ78RgMTaT=6lVV6n)U; zuv|gDrM=_*t#fPFKFO>7ARi_FarU}Rp3_}lOn5uBzLWQMV0zgf`@+JBuMWid8BW}@ z`+}@q;Vz%3kIDz_1Ua0a8&p3jE-&ui>iBbo=9HytQiN9WtT@$uapFVgSsa(_o(0?t z>s}H!i(zrvr^x}mCl+-qeG{Z%@TEP;<>%L+JF>q57AifMey_zYwB?1(fu%vYhd$j~ zU#<5hKIDDuMg7?;Tp!#|t~e4?Kj|cg1>a<zt*Vaio;^CZ=_0RSUx_v+v-huA?1y7- z%hkDeZLBtOm8d>!a)agFL8%UfzIVM#_5@GcvgrS|7?zbq_R=4@7C0xIOOI{3zv-pB zqwsf2=BCY-`ve5?&Twq5WqGW+M%X!iNdr$x&F++K2anv8m{GaT`c07Q!X+8&@>3?o z6#diOm}2$UraLa~vd!x9Z>k>`FvjS)FTD^d^Er!CNh9dY#H>WsZ5pzn+M?W1+Ya!a zzxC$oU0uz)rD9@7IKt$NU0R!NDX?v3KIx^W5hXQSt*XNArsmSa$xD~F94=J6eYMr< zhJSzQhu#aumFrH{EO^J-a9m}k?uROd36myeeJ>W@z4N0d$GqbiPyU_LW4bW;(w)32 zW3OLsDtc?QGOiYRRj^;%s(wo~lXtD-U2RoaA(kpxaleO5N@qJI*S!evXHeL@_QS>; z{<qh2ZW+HZe)%bbvu)<KtTv{l+7stYNI8CN!L{cMtW%E_Gso=O{cUCF#zwX+&xKAe zS-VQ|Ygc}4*sQC{Z|Cmf-xL({<+4{;)Ss8XFaHUWd*%P&pS(<ScYOZ*ABLBwxtY$X z;>v!YXE0;KO131wZ?jL_%XFQ$;mowj5f}FzSbDEK=J}7;Y+s*<>~!?{VEtj1<*G>@ zQnlw6ybcvERm?At|J&bL_A#APro;Mj_&;%{6Q|eos3<(^XSt#9mm`&F_qJoAk0i1$ z@toKg_~%V)<8*O`*><gt69cL{<#l(iytuWoeMis<waRZn<!AT2s;%Afz%OW>xt#n( zSG7Ms+i%X4JaVk<ue8*my}g(1{@lENMBe@BBVX-_f2Y2_(xL49etMSMp{Z9mDh?gu z3F-0;-oS8jcCX9N7wdk%c<}VaPS>xt@&y-~I83D0>2qz~Fw-HS?p&F8*(^W(D4kQ* z4hk|$g?hI7i}v-{R&rOH>ANuc+8=Mz+P^9KS=Y85$MVfjCvHo68_l|>B~W<lp%ZLw z^S-%H{N5B|z2#{RPu=xY!7Z7I<!bY$JF*&WxL^42e9+4On>Oag`Mo$gb)BE_C%(0b zhegfXLv|c%yFZ<Ga?-4r7pK_N&uTI|*NSLQ|6G5z?DN%yKf(iUt#-0=V|2?&y)1J_ zj^$_YPO}HQrx<MW7uFB3a$DDUp;*Hv#cI}zxpI!DMgQJ*of#Q=I-^6f<oy&8@rJ$A zN}S$q+x~3x|EF0AZT~jya+jGR=68PQlbZd@wEcC9E}S~`*UD+z<ZfSPv9750?|<fP zTz@9epo!HHsX|`R#A?LS#Hwe|#HwY`#Hz-|4Xd8H7?~C{vAi>AVtIv9Ycqpt?cnEk z{`TAdRRh)9EKMvYq*(Gl@V-0wh&k;1((2>O`QqJUrth3TGon^5d(Vl#bD!KW`*0-W zXXopAg{}4X_$#A!{84XnD`nnd6Ee+Cpl^Pi*AZLY@PqbYt3(d8m<hbf@4O~HV})I! z?vz}1lU2Ls9WL#Nx;KL-Ui{56!-MH@c6;p>`2F=-Wn*<-Y=*ayj(bYdFWWWQb4CBI zj@3K5UBPI}4FlP~9E*9J)^A=XYj*y`)17MUE8Gp9rzd@zwf@ZZfNP2(aW8A%eA4rC zVK~_)aKFBTX<HnVFz2+zfm@jMr<`_Kw6FBSBQ=9t@4dD<NZe4~&%`6ZGy8zZUr)Z! zL<5VL8(6<AV|bIg(8JYigZ;rRyH}e1o#!Kz5GKR;EpFq!!p{aXvc1)-!rBVwuTTv! zGj2{*dd^|fspNkn=;HMm>f6OcW~`Hpxy9<B^egevp8%FzpF<mRpUXN#-!3}qpD^Q@ z!)j-*oJDJ=Z#Z%+SNP7_?3>j#vpyFIuU=sxYxJi!?>bxBkuw2Nid_?~uGf-~m-4Ue zyO+19d~RNQ&OwIXO8@p<^3wnO=LWauX}gz7?i0+Ia^9IIzH9h+C-Or?@FY<&<^1CL zHMS8`S*>T=t7){lUsl^y_48vzEko!Br5Q6?zumHC<@;OW)pQ_tUZsCETfX7N%wU-< zuVP(4hCX}#+S}sm&U-D-3px6Yc5_bH;%K#6^+4ag?`yWQNtiBA<mi9Fa@R*(-0HW` zj@eq#>oYeUaB~TpdM)lu=e>KAd1KD1mA;Rb6mgpLp#JI(ixoe4?l;HH?OiFm^!URg z2`=epW?lPq>G5oNo`k?D*^1J~%1>t9Pl{7xG|k*r*L?T;a_!KAXP$N*yMAfLj<dpg zPgG21tnWPY_ozz9@|)}Zw@%-(J=ThEZ{VjhTi)s4@`&j+{yK|~^~c77FcHUlk{l98 zGoE@c7rP<ydiTw)ZAaC2m;C+IwRn4u<UPhOxzjcWNrt4~d)2VMUjI<zk=_q`b4+$O z|K#Yk5We~{<+J(y3a?BX=93>}_Vdopwf*zDJ3+okVd0(EDY4la%U=a49y@$g+QRJ4 z8{zZsJmY?OywutCLXi1|bnuTIeRZ9R;szz_UArf}vsSPE_H|a>gEPB>dmr-2K3#G$ zM*3<6TUIjT#Wbfa0h|}IIyOseF-&iL@N}=B)up=H<sM7Dr?=hSdg0o=^?g&;*yv1| zaOvaU|9di1PgkiuI>VGCJw@nSQ2HVLBPJqYOndAjPgnglJai!4VttaPi2s5=5zM^j z1o#Zs`de<u_@7)eRlAJ${aSIg6C0OvbI9_q*`YK4<!sTJ-fofJ%@NwITmAc<tookG z&VQ2UeN&T04$G#9+=iyyi)}JO)<#@jnU9TJa^r(8eh#gY;QYKbTx{D^Erw}lKYq?n zdK8<MBqQM!v}@X-%{@Oazb`I-61`}ViE-S_eEHWZ^;b-`eUQGSwv{<%W^ccaV~P92 z_N<AyyA~eV@#(hMn(9ObRj)NJLVb6xa;rBchc>>-xo0%R*SEXYyyVj2|6i{eZ&$d% z{`*s{vRH1%Ul*ojte!#ZUCp+3&RH?pw5D%=Ol=BZ=7S$!zO3HDxOuZj{8QnH>Ke~E zk1S7{`CKncBy!=zHJ_gTGydJDWK;OO@CjGr^PCu8rAKR}<)T-+2AA^)Uj3o`dYQ?G z_pc094V2-fBd4gL7>kHw9sj9s#;T`p1RV&O*I};`X0)Nzz|cU^fRl|?n~#}Eij{#y nB$)3<qSM72SA)OJnwIjcb9Y6b1QQEKOoy0v_C53Opi&Y5zxP{D literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-nifi-3.key b/roles/ca/files/CA/private/dsoclab-nifi-3.key new file mode 100644 index 0000000..4c508b0 --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-nifi-3.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCnSKDTqx6MSWCL +uL2aqlwJYgF5icnlXzBkOMrxlS1IIIHvYKpv0e+0rImO6fUWfWQHsDt1w+HhFXFk +YI8VjhaL3riXeaeDGXdbqjaCN7lRp5W1H6ydgcbs+xQ6hHcenN08BjChXtCPsMla +E60OVle8HT++10xLN6KIck0aYogIoFe7IM5+r7dy8u6GGrEoO0H00+oUdJDhM0Ea +kuIu7NMgYGBh1vwOP1dDiF8QKSBRQEbtXZ/RWudLUvTUI2BKIqeSbNTLIAGmuVNx +enEC4QVyQaVCn0FHLDB+DLFzzPdjYCc/PTaTFKp+Eu0b8ctN6HwyIFD1LX0GCpPP +eoUrC6axAgMBAAECggEAIwh9zfZvTlfrpTdKVgLJhZmFz4tAwg2eV87hCZkBQ7Kz +I4uuBf8EYWUk5c4vasdV1JpeyXn9ayMPfUMPlCcOp7o8FFUA9N63dXX/NmQvJl+f +ZbA9eTr9ixHGGb82Jy4Y0wJE2va9XOpcMMYgHvmMJDRH7lKugq4jFspBRX5PGOcM +6MxlzOSEcPZFrccDFcVJIU57rJ3HO85mF8OUmQoReA7SH9qNLFFtERrsgCSkWlwq ++Pdz+FwkK2tmSBU6+4J2YTyJ0AvF5DUex8tf6rAD7H1AGz70VEFumlbjyz+OZgsS +oeoAFRm6Uzoo2kU7mB3fPpA2oCGVWVIY6fgHbyZHsQKBgQDR0L/WuzeTpYB3oXbX +2rPcbZVa/wK0Evl1dfj1UZUBqazkVntMVko02Xt5RHt8FTaorTqi2ieEGfcbOonn +cSZzChPNCvyr6MJJHRcqNP4pgxd4b1LfP8sCLZTvi7HdBA1DPamgWuiKOkqGghHs +38BX7SPz3/gTxEjwCE7g9970FQKBgQDMGy+CjGI8btlbKBK4LkebuGGWgWUIXa+V +2OhoEZzIwDQf6LotauA8pdljTeeQ0VG4kO365hN2v5bL02SOCo3ciaLkQ2tQhRNt +1xSDoKf2ipbjFZr9o6uDHGtVKZF1B20j48vEWBu5EEZ8yf7L68BWBm/RCVeN32oL +jpmIMySDLQKBgQCwbv/CzDASAkwjTS2omgpBRA0iNerKDmKjeY7ei7nnag0u/eI0 +8SL5iiCgewvz7crG0NTL+PLdzQ/UX8dzTdztQ/4eoCyVSueFn+bI4UMRGWF1Lvfb +L8PAkx/4x9nLZwrYDlRDue5tvlLJBTuZmxYdWhavjxkHVjmXTwU1fHqJeQKBgQCO +Rgj5FEhJ3e8PFsDtt/zcdEs6MVou2bdSWc+u80/5s9jhwUU98Xj7bZQ6H4ziKrav +U/8/XG+G4AgKboFybbLzXtG4EbLVft3LPBilpDBQr8x74IyYbyVYEFBVHdOx4wpV +8S0R4WT5vHmV9OvyU5RPos8AxGVOlMSD59Pn19aExQKBgFTfUARZ/liWznEU8X5Q +krL97ge1+oaqQBI0iS3jmi8cfRNpwWFxc+uRgHW5WybGC9PxV/n3yu1i4wIyrwfC +g4f0HH19x+VTFs9+H09wudytJh0K8LLTns5G3Nu3WW+o0gtJDQDcAxijvEr2jn08 +qnSQ95GLsDqLTauqOMzEyhM8 +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-nifi-3.p12 b/roles/ca/files/CA/private/dsoclab-nifi-3.p12 new file mode 100644 index 0000000000000000000000000000000000000000..4d4b23daaa41114bb1ab95eea974f0c2618dbbeb GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7!1x_UZtSw-|=CMFJsh9>rePtUS0g<U8(SfyO@ z)M(#ayG+M=?>kG&E~+qFtozPB<IX-s58c&A4i|*n{rjb>Cb^Vfl(RU!?4*pP>*tP} zMQP2och82MIVZH$qjj%PQT9cbpSMr>d#PWa<EGdhct52i;G<l7T8=}KPG*Ls)C=F^ zH<$UnKFa%ci>dR69dB2?>8M&_bNK5X^@0hip=_(Kx!*0>_%T_U{dMZm6TvU9#)oQL zy#CNpPUFUd#pk0er>O|CZvXxwZ}D#<%O#6GpU8FgoH4a~sn~M!(5_Qk@19PNU7Rsl zf49Yi>E}LlzJI84M7MZtNm!6^Mejz--pzME-qhUkDy!)H@=J4m{$_TI&XeSIwBf2u zJUMql|EZ-WZJ}WT%XwUR|Njcw5p*DH?}~*H(zl|%T@Q3?`P*FY<J@{$Jj3jClcR^G z>y@Kcy*b+VR_LEzDROA7ztQsp57!#~RQbttX)=Gyb`I{T=l3!G|Enro#%ap7=&r-X zSHI^?(a-<QE?Zo9!*`O<n-J%{jh96G%J)t=t|mKS!mYx>FRu?Q&ba8@v~ioQzLSTu zPs?<k)HSV2k`eq*|4%iSe3%$e{gP4NF1wy{kB-=~8?$!)U%XiH^)^AJc?}^=cjqkV zGpXf1AFkqJabB|SOw+8@_j``z%x$l(C<%C3`XKP6+`Zt2m0#Ry)=u6e8YLxbIitq^ zXC(WR{^Pa&Z=WT-4)kC+{b+yA$=tV6HpiaHJ~(klVAD3%uknw?1G$^`*4w|=Q!#c} zI>lV2=1I_#zM{qVKgY+NPGntnfk*Dq&npuSY<<0V>BE<YfAz~>duz9Ex9>NOvo8Yn zSFAZA)cftC|B>#?Yo#3=u7*~di+)J8d|j9GhW$G0Ug=I&hOR&J`o!mo@3#NY|FH0A zF{@+pU;Q~^?19`V^OgJF1hhNrT$uQH*Xj<@i$~iZXViY(^G?)0Hf}<p>cYC^UljQK zXZD?KGpe^eAr!%*6(l5{a3oQ`blHBTJB`az+NOWfFJYOs_qvOq#yPK|Il6+Wmy9o+ z4m#!~GNX2D@)6;#iFPYoc&03MbXu+2Uzu<%{q^zBH?Dcy-*7JEvS-i95arO6>X>Si z6L)SE$k-&XZ+WddQ^ZF~@1&_wSj?kC=CfTZGxO(aPvK{@a`63fT*Rn*&F<H#8nZqr zSf1mznU}lB?Dp<>%Na7Y=9S7Dm3nm>w;DWtdCq5R=c4OU%RNtjEl_%Oc<Y&Tqq9~m zr>C>K2hP+g4>Ho0a28n2*kDq*c8ifr!a3e8wkfO6TlAe)F%pwKFwbL>XCB9sj@oVQ z3s*gB@-jEtm;TOp=T<h!84vw0e?1y{^vV{iE8*SB?GIaDZk|6Y@z-Uq_ZK($uY5jZ zr+hc>ljVzcS<PSTvtL&+-q!Ya!;IT$)1Q4yvo{Dmy1egU+Ej_>pQdDW`}i&soc7Ue z|Ln&Z_rv2?E&cjHZg22s+XupvYaewOcWC~WklWC|A;oOUg2z4?XFJ5$=4QQ?F=V-4 z*s|rg+Wn@O>rxued7qu|y>@c*Qy=ZhC$if*yY~LFT0iyuuN$k_H6~c6ud?4388!3x zv_g$@vzjDJH@<H8d$hdE?uKr!`EqMd&6~bUk7P_~+N^P)=>LO*J)ZX$q_~7AUp>6n zZ%L!s!=#g^Lsw3ly;^({XZJHH&!tLt@7;Ij<uU)jsvr=zWP!no=|7gbFZsIRseRF! z9kze`OnAQsU!Nz%yYKsvF1dKl{*bjMZ1G~M5^qoLnr^nelKa1iUhS95Q}6v;^>ZCV z`fd)93tye`9+=(9?kj(Na;eRX&SIt&?cM@CzqB0$IWsq$sdvpWkiEFew>ZnUIK$Ae zGGboIo~zv{_a6(0><%-^ExmX<`OmTJvs$mV=xhz%_Pp<I+)36a2RWh`Q<pu9{kX*S z=+C8G-tRK^Ea_gDRF_^7<32rh(^}`PfiF0ApS~wDC0!-9@Y_rljw*x8ITvEp9d9@v zNl|L$n6>7r`+>^3wmIszQd9qI`=**-t1tKa!DsOu39+JlqDP&pW;k8?vPpI;=R5`( zHNPsi1@Eo?Z0<Dp!@gQkw6ZzA=T~}2<;=owTxl^Lk3<W$Oj>_&evj^MmS@L5c6^YT zKILWPsy=x>g+1X4l4pJ_5AN1JE^*#r1IMemrUu-5A58rtWn-K9PC@YUiD%pzcW#}0 znb^3hsJv|5s!ZXH4L(tY_r>;AZhswJvEiI&--=mR*1kGY^Dj<)dcbYt<KLCTJ}=Mw zzQNy*-(Gb|eU+U2sSh{ULpMsl?chC`v+x#kOYin6>azuR2x!Jw2TN)fEfBj@vSqS= z;M0%)zNejvywktyssY~u$E_=Fn&rmIXh<$w+TDAqM(&0{-J=Vv%Nq{I`_8#}Jof{4 zP~WagceEvLH~skiMzUA&`d@*by@sosyyH*Y|K<0fdP+pK=qJVY#-HK(!O3&)F<kGJ zDr0ca`LuaYX|CYGpU2<pngoBk{8&B2DUfgLnN99SGi^m)AMiHWIGOvzzkoUNlY9CS zIIi;RPk*rc@{F4Kb06zmPR(k`ReBL6X7|qZH+#T_-`5^U9azmZrCU7qpL6y8H`b1y zJF3DC)EhLhIwDob3z}GsSejV%44PQA44PQg*tlWUGZ!P%f+m)C22CulP-<;vP^~RL z{oa;#fzmagTAQVb<wQV#Ov9-l!F8f8TTcq*J<5KQeW<_m=whqKQ70ySogb>_cIAIM z%TJDTvEo~n&0i5Nso0k){G<HiZP$nEx-}2|F+OFNZyDdwcFI}CeNk1StW;3E;)6T( zo7U`jnsKt*+uY{WlvSoj`6Qfn=v>*9`fI|8f`9k@F2yMC3P{$?i`=As>GjKRZww12 zw=D^}>u<mJ=vIc7=x2ZYZG+2mC!3{fAMLmy5ct4ivfx7T-He`WrS|`vWTduFN%{N3 zMkc9g(zdlvBc82$RI<Hujnl(pce7=@ckym|Y1zKY{=%Ks|C<XnS|{=Ud-BUAy~wUK zE>U~e9`?Hb+}z6fJ@eW2+}?5Hce=P+tK(beh2jk5)vF#xdrI9pFf;3!`O^5WbDwBD zIC1z~4*#R8<|$So_RDtWd9@w3Ia79f(XPe38zWEh^960;w_(cUn!e#tlWnIwf1~C0 zw@W@mtZ&`F_Vcc-W()Wh6`GhB`n|~6ocHbFpX*L1ro6PXe!7nR(antls{*-CKdhhJ zx08R7!M3(D&o@u4cU<ffnV{lZJ4rv{<utp>H16WEJ$rkcws;4#q*oV<xk>PghWB33 zll}Na<?y;&T}KaF2&%kvx0hXfvG&@INAJ0NI=-_6^z3#xFZEzU+o`0|)4Ug#a7=zK zxaenwUGSVehvyu;w`11j2BZ8ndBrbI-<XnQ{dvXn-@EuKLh2+Mcc1On65RK;{dVq= zzeaLC4p#+BVsD<y>yYDZpV(!mGe^s7Nuh(^KC%5=9M2UromZ4SOFjE{zU-5N-T!76 z-M(M<UT<yQj2io*HTz2S|F=whay0$$-t@NLr6&J>7jRt;tXCAQ^R6_mKOh*qsI#%Y zFYR5o{l>em-^%V4id_F;+q~qN|4$`<x)H4~F|BgCYU2BboF_IsKU5SJTq^HAwngt) z!<wZ_ZA4z)a8=v?qQRlvxMur-IlZcVGYcQDV0dp_AoXHKea5_2p_o@izgo54ElF{* zciwk6Hm=xCtLT|Q>8jQ+_np@n{Vp`RZ4>S0+SXRwJkRMA*Lwwbs{<Fz_iFq;(aa@S zzsP9eDY^Ln&--^~3pk!rI39C>RrrI|bj!ZwKZ+M+O??@*dEr%^lk5DQl>6uZ-TwW% zr>Eu1wak%n0hTv+$}XO<zUjK-;^y;D&iNN=nVy<E?SqW>@*COWnGgJgvg;;_i)8ft zJNEVK)D71JrYzcaihGTWde^+D8+z*9r56vb6SaTb#h~_CH0|>PxdV~@_ZSX-ynZ9q z{F2e>ePO3=Z0d>P`1ss5^WU8CJzqs~W2SRV_p^4|cY4E#15MZ1icF$cXl0%|>|eUR z<h-0oh3eN!y=p5DE4=-%jk#c9L&u)Y)0#JKk$y1c`|R~cyjAk{wHwcTA(_ZyulDN1 z*^`~q@1-s>QtrE_vAzBDq>J*W!g;5ApWH5fe^<`@h^x_(d77`5?7cCeX0E5r+)JBg zYlzt7N^Hw8v|VU-{>tb7S&CM5oMPTtUHc?&uGEd6)+BI0bK;B4pf(5H+agzI&0gdB zzvb)3ddo$RTlej|B;nw^sQ=gfu61YKmj1uHLvZ=zPaiI|uK3c++Wjle{O?ucoHbp? zWu>>tO8ssNN$FFnQVnc3x&LLd-^#%A4^5uET-DH)qtMiSMrY{^CaY5gW~;-`9N?Mz zBcOT>+j`z<hN=e2@Y0b})KH8?<X>a<xymgZrJ;Xw)~??q|Gq`(<`n}&14RQ)Hdbvu tW+o|C1{RT@yk}k>G<K<GZjLT2)(i->`@D2B3y0*+l5@t<9}a;^NdS_9f~Eif literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-odfe-1.key b/roles/ca/files/CA/private/dsoclab-odfe-1.key new file mode 100644 index 0000000..f10604d --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-odfe-1.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDlRvZxzqI/YV6b +88ZhiIeZCqy46J08X4xgK0FbNvs5Cm+hFgIxrA29Dv+VWdjxIWu9ltZ7eQHRZRzK +CSJQMAHq7bQpv7RwJduzHelz7WOTAkyQIgRtMXQxroU8Eo2z9pIv3nV1j8ql8qIS +lPvoczA38Xy1TlmrcXMmgJpGjUmUsAnlJxA0ncBTO/p3LgbAc44Pmh6MJzIM6/LS +DKdSSMbuEiEV40UwiYFjf78KW9EFyBz8X7u4giqSOzquGZ3pp2J8CvLCKuao1JsK +qKJa7OWjGnPggz3S6HSpC7DksP3+rR5X6A0gfKofMWm1DYw/HI3c03Fb8QRqrrkt +qL4oEfVLAgMBAAECggEAGkUQNaf8VRC9+1ZqE4DGMJXVhnY4ldNIzTgHjAD3tehp +M+bGp5RUGqZeSGl7/tzacGWY+5q4x5ozOz7irJdjkNxdeS8a6IKd8p7pwbugXha0 +WQtcwHobGxoo7+IcVFNbGpr9kFPCX1M2mLRzTIXuL2q+5DMu+QLNs8qmYpELrjpp +wiY3yQ6zcv4ndWJloMWo+CzTXq+Gh0L7cWB8dk9NOGu0dAF1HIVokvud+xUejyIB +2bBN/J9ErGBX366C5yqzMei1JhDXBT7N3XATs/i5tx5jHxO9/G7Psz6Ka7wQ2XlF +9gY9AndkXGFNt/YnKpvN+h39caH7lRvC/AADwidsYQKBgQD+dHoAUKrCKfrHDazQ +gQRPGNOY/J9anHhKvPKUwkoY8VZ2MDqB1uwSWioambx2CVc81eeHWmRQUAp7Qw94 +p9DWhqcPdhqGZDRQGSolw8uXnSLKLkJ0f1VxRv7B16wwLyaMgdcwn0JaZ0iaQqwk +VX7V3OnRpbaji+7pkoJUetbyOwKBgQDmq1mSa8G+/5K8CURJz6K7/ItI29VCFm4t +ggeQ2QdjpCEhg7b5wyW7Y+CjbWoUx/zKnT4FFX213Ca3TaOKn/sU2lu0J7AP4A85 +yV6JizecpU/aDsAelezO4PfpAdHiUN49lWt6VCTWzOM/+hKdLE1GVpOfqBCtEEYZ +DJwS8JdIMQKBgHm9Sl16OqhYo1W20jaTc3dQXnQ0cR1N/TNswPaxGfhjBsXW/zb9 +l8aUAs7lPMiQYX+Gq5YThijykoE0rWNBjuYEWEtKaxhfOrQTxhl5Wp+4G1v10++e +uEdQ+zPMtuH6vQu+VzE5EOrlvVOokGl1yhAR+IBIM2B945k2ckpu1wXfAoGAEGtY +B+UluGvGzR23v61I/yqd24TSbE7ebtzXnwbj0MLpHNKcXrD2aZ1VayyppWsK4n1I +4eHCvgQ6uUeMgZybqcNVTcCZdrfTPaDI2u+O+NaHlZUBNewkHCHFY8+eWga5mxac +vOtqZ+PTtUUeuBNkOMKG5ZF4BmmnI7dTEMIRcrECgYEA0LJjKYwHmqHXe7Yel/f5 +6U3fQka70cpS0hg9T1qHlC2A8Goj4p2uchJmRkH3uYd0FTtImkoiAqksnWu949pI +YFdI65eKm/7a7Pmoy0C7TMM6pN2ibbN7XBoZ7bZ6Fj6FI74MLgUBUIwMyKXWRhTX +RWpegcD8h8CCEagLjZ6PN3I= +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-odfe-1.p12 b/roles/ca/files/CA/private/dsoclab-odfe-1.p12 new file mode 100644 index 0000000000000000000000000000000000000000..ed4bd60a1d96595774f510ecfd8c864a09e8d338 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7!neEr7FF8!J!6B7qRLlb*KLgF=lr}DlvSH7<H z)8`4|a(~+UXJ2EDNgVrSk@W4hOMBW5Ybm6DjO4yj`0^0D!G+cbAv640H&!^ePuF$n zyAxo1*s$tNP^|WBeXqK_{DdQJ`%cZ^eZf9Oe9hS>HQo~IPh6PtuSqO5pzw9(91Fc` z7Pj|hrS|22bT}KI&g-F`)a^LKZJG7fv_92(w@;pYj<uS~jX4kcy4a4Um<y`5)Hl{k zE2U5DQ<gu}_WZ?e-L@Z+k)6)@YyB=hT4^(7)`ADNG8)_ML;vb|l%(ETnQhabpTl7M z*j4QQoV_V-a~_JMW?#C|HnB!v_LI}DyuYXP@MUgNm>c9G?A7;i-ab{kcKy`nRsz#X ztDCB|^TKi&bd58=B>ZXl`$VQC=bz4WJ655+cRS90|Hu5MbGnh#jb-K*?|Tv)OxIu2 zIym$BwIyva)<+I(FFE=|{Au&${17jRT)r3UyKV$sw)DPH<#~VN^+}V@X#{Wjwf*xZ zk^A4TyevK!fBp}jpJ|s5XT&|---<_Kza}fJ>et-Mw@y@%XSKXgnW4~!v$eC?Ca*tH zf6IEV$ikzye&4^HUYoz6{Xy(p?><92&b5v6_s2|r^;Y%oH#TSf@QdG>9~kmA_dek` zf9Y_!)4BT|t0h<8IDKY8#ta5iC#}-17Wu1%QHgu>KQ^n~aM|JE6tQyYqJ6Eu9Bi2b z)|)-Zw`xC<J1=X3etKxh)_<mpKSmu}zxm<L`t$ENPi!z<(xP$FjNdQ9t2;(%9+LyV z=DO1h7O&WP&UODD!zW=0^8K18=QAYTY0rHUWnX)JiH?-cFRjD*3#MhS-RUydqW#SN z<wi{A8&7&X%L`NvD9b))lzIB_8t3KP_I$Zp>ZH)H>$aiRxB31rJ5~qJ(=1#koyqU< zuru$!4)f$yVtktYf6iPMnep&QRE3(vntKx(moTgkzjbBS(%Ayco5FY1-o7>QLz#T% zx{LC2C3na#%ZkXgu6J$9+I8&V(Ja3TcK)oWq&@FuY-g4<N!+>C_V*d@!<|aIC+u6b z)wt=`hd{5#C-+_sEGhc2uCm75B#dS10fBW!Oj&Wy1$bh1RUO~-B~s*~l%&yCA?YoT za&21=R*F7lf0FucLC{6nDH~@mJt&f~=Y*M<SzWbM&$K4f$ugX~H9U+s@6XrJU~%Jp zvN?O%E}NQw#%JylyM9G~Tea%X+VH0WlT_A6NiBHB=5bIvPvPB_tHrag`zL=)NJ}m} zx_`sE->&aI%iLgoJ+Wc&+qs<ISrVr#+RWZ*UM4>)d%~}YH{5Ro2;7mJH+OTIvzx~5 z*RFg1H?KNzGf#EZ?K!F8b6$MoX!DysY4Z79GZGCh{mc8IV(dC;mv-I5?Qgour!Ts; zO{&zdC}-cxUB6avd@KL_W?$HIpLMa>N^0g@M-H!#<Sv}^Z*shx-_@qsFRyhT-D2;< z{=a<kX49OQ8TWtKJYTCOu}b*BX(_FHiro$eZ2qX~Ox!Eoaa2USWSYc<X%Tu>Hy4~u z&=ZT@q1yIphrE*<i)OIvgt(>Edw4axOXn<mz_IH=p&!3}*u`D`OLj<xeOnQ}S4U^V z4>jf()rR$*EShKK&x!J`&ga>~ovW(2I#cnaHIMuM=N->(N{6Ui7P@#&>fMQCz2(=U zv~P?4>F0jCU7>TGSb;=W;@cXnq?Y*2dSYK+zuo)yh2NLdV+BWVF+csVI8iNn0{4x} z)nbx0K9c@gB0dh@O_6nWSNnF>hN#v|_}rV|RCca%b(8vnJTVtFv0%qzOZquJr8{rn zdOmMvYg$Bx(8Is?pB!3od+NNo#TV56{CiY7>uN;I`Tg?_oZiiOYi(KJTa`arTjt+B z&ZJ*6XUbd0Cr5vNvPk<=Ah1j}t9*90Vo-b&UtI8)m51-Nh6fsmGkfrdMg6~5xMx;g z>_!c@$jE-7BK086+_!4NK7~=6O|q5-J$S~Ouc+T>I(?qYtkzIhDba@=nr0I@Pneq@ zmXL2#VCej8yewYE!*A}Yya+kH$lnJuf2wkZ#J>LG+tkD09{F;A)SZnsiQz(vUL58V z`!2pVtwyr+h_;fr(^D<Z^|RH!*M-0EeR--;x4(PCvDI&We36oSKPhv|{|zb8lCI5K z?<f7T3I3)~n|}DJO6i7wJ&ztr9^ZUJj<J6FMdrEP|1L7N1_jMEn)hT&Q;ky@*V}XM zn^w=#7yjk<?O}$^-0A%vyzOdN-T3RegY)He=B4@p-`2M=-|3wHNqNGfeG?<zP2c(O z%$J`P7O!^v7FptTBaD0PO63(tA~zq={FC{Lt#IPRMc+*B^_-csRjA|QpBbktALo9G z@SD*q^Jqoek?kM18e8u@BX924w$AD9tN<zTr&r|GeZF_s=Z>who^a`kg-mMKZ#pS= zZ*RS%alNoga*y}a`G2k6bWgjs$7r7KKX!Xnv&21n=e@DGukW35c?L_3%$Kgedy9Jx zpFFnkceayl&7!AQGqfI@ew^`D`PHr$%{u>jzi!#TSf25wMlS2kfXCOJA70A~mi%nK zLhY%0>}mb)r3a)KUPPSSQL|G`Pe9N^X7_(DtNH7*UrzQH_}Ka8zSjPKd?kK8ZkriS zW{NsA8Z@ywB2~x>npllknppJ=npm|AnpoA?xM9^Z7bDYxCYE;wO)RfaYHemvt^IV7 ztGU5lM|DuG&C<kjB9#51n~U#3{>vH?S@tqZL`|0II#2y8ao;;ku-B6(G)AkP@n#Qm zP-u<ETGu?$n}?t9{(7L@>u%3^F+=T7NYoepIZS($UtRpVSVFpCUexxo;^3b~(rvyU z`F_V9{u0qLz5ev6A`yGZpEm9CTxK&Yzr?mbX`7InW>^2xeY;OKmu+Oe{5|U$9o~cS zf7Y2f-hVRPJ3%|zSYC6Ich+-;7r!P%cXbE+mlu`Xal%SY$nchFVWm7*yz1ZXn)8#s zi}qeuuzXy+eD+<gGfFEDbF!%#PFK6I^Te$Oo&isrx-0(|&FVJE%v68OBc@+{t<FN@ z$R(ZMmM2a*K6sVVHg~)Cc9VqKsxuiczUJ*Yd4?nArr452JGQ;4EVNUNR{4{!AhM!9 zdU;xI)N(D}a~C(P_{T11%lzXI`|(b`S$|JXEX>Z{y>$7}yCPp=E9@(~+x=Is7JbcC zb3$VBjaJEpO~2lSE^NIR`+HfadFIj^?Rl+{g-P!76)Jl^v)XN}J1k^(eoA71ozjD; z0?{vTYX$$~JREEG_2VLD=`9Bv&zgKI_O?51pmoo9hiA%3&9W;&^{ZWzM1*R2^>tS_ z&YiV!g<7JKcZ1fQE$!Uj(#>`#FH%VB&AAaYU3-D!>-~#+t3%8$@~dy}oMY9Y^kl|| zrM5RjXV3D#axHpAy2F$FYN=@Vd(-wkv6MUPaqeMe;Jex+o(s{hf49AxWU$tTi{sA6 zE%m|o`Ooh9)$!!uIscv0m_-*X|K<{{G*S8fmh_pgW1^~4g}A<j+ip0^(tow(4F7}l zgZmH9+bX>Gr{LTgS&x5i^Tqc3^yl-u_S<~-S;=bwZ(IxJBrcMeBQJbFIpEi_KcCoC zmd(iTm$*F9FQP!8bn`sl(@$<~*S4y!3bVNXAw5G=Txa$Yu8`AG>`~^L7sD&g%v`@$ zu$?EmGKxD`K6CZ77PDfP1N=WM{(QK*xY>L1<mcD>1FXbc)_GdboqTA=?uGGIM#(cw zr<8e}eph(0?ogq=q#V=yX=lY&J$-j~%M?qw+kHDc`z#OL%qW`G?)@=}eOJn_yXp<e zTkQ82Jhx@$E8ccQFh#Sv>yFR#lBZ&l!CC4o(Pj@~3|oWMYS$S>`af7x^nJ%whOEc+ zRkxnR|JuFFUfd~rHt!C>pT<kmwx1}w`F?77ZV%6mHO|-U6;`iVbK}``)`Vxv`PV<a zl3<-)-yA;ab=9Y~>qcsl_quP^9ekOW(POCOV|VKP&c+!{bNBGao$lCVqv@|JATWVb z#>7m?Oa7kJ*~ODC1*U6EG}-*N#f`;{gEQ?ZlXZ>F2VOzl6-?7hC$Bhu@YUo0e|}eQ zn%;S(KEYpS^RFd>9L`5se=qgvlUb1Hu;9YX*}We%Z|D?%l-g?fn0-Q|^wUF~Wzok= zd|ojYEpo2?$i!UnUu2CrtIzdQst*-*s7L7ueyB;SQaHY?vVWTFthu)o-%cyH^in%~ zk*jraa*NWYpXb+IpERfG^0|+qa+Nbyos(ISrfn(~ve{+PvqLBLI~XcTsvNslqL-=Z zP%WLJ(R|l&o4KgNY~9F{SG2B0YiNDr<uEp{y1nGF)$h{i?Sa~i{K8>JZr+OCxjsI; zF{sltI>XAV+Of-Py8j8uOZQDa9BW!5P`zQFU-`R@dF!{W{Arunm|1=>(ENPkNh6+{ zhN=e2@Y0b})KH8?q~`pKQ}f>IO-(bHto10O^+~!+!F&Tl14RQ)HdbvuW+o|C1{RTn m&03dMC`O3BTK~lJ=bx^%1@WHoEFAZom)ywXe)9xWN&*0g3sWxu literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-odfe-2.key b/roles/ca/files/CA/private/dsoclab-odfe-2.key new file mode 100644 index 0000000..6b56b08 --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-odfe-2.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHpeE/4KMiafG0 +FV65PNvXRLvZx2mUW8F9ozRNPogK4o8u05iUrrQfSaP9SycWcKsDq81MAip77Tr/ +SUkuO4j2WYUm3je0R54cvqM4jrAia8rFEuW+QJxXek0CDNsTxZ3Shd+ZVzKQN1QI +FkYBVNoMdzFjOUYniD/0rU7m/Qo+nZiaU5iQvpvu47KRx38/obli+HoezLQj7YKg +XK2Ge1BTyexXBEQcEvYzP2hC+LcvJZEcqrDfF2vtbcxtp9a3B2thpRZRnwIHrbJC +QsoLsS7BbpQtPl6ISI+2ixWwSI41WOq1kJz7Wvr1xye3ETB6yzZ8T+pSAEdA6fDK +Z2My4DNzAgMBAAECggEBAJlsPTQ0cckRd1/3iCp7vUmplV5fYyBSftgI4jl2E1+i +CXxnuPqRYvQkSDRvW2NgQ9t3XDXL+E/x14O1EtrHf5Io6y0aWd5dpwDZ816UMIDT +KyjVQ943kq2a27D2piiElarhnBofq0iubBIm47dEOKiZtEdXDTV1/AgQYvEZhZTl +dZWsX21gP6YbMgGE/ZFz2tMjFlaK/f0XygJd64gGwwt0wzhBnJsb5Nf1nyrqfuNk +XIKXQCBx3IbFxxHSd0LxeokYR1+nWcdw2i2T396UjlFJn4n58oPJEQSQAuq5RXHe +aJDCiPLx16Hx0sqSgwXfjptXwdxYt7DQKYZkYHdUZtkCgYEA44g/xK6aUJWfhc5n +QeOAB/maCa6GmSaGhvjIjOVu2nimmHl4jBF3Fi6FyWG8Tqj7XBgDaByuLBy5NIAQ ++/cQ3IGMHlI7SboQRllmsUMrCApOFyENBn5V+2dyCIRIqzstYHWGefv9ElrCroZa +a/XZrDGO2zj3psoaKwat+b9i710CgYEA4KCC2NnP7henjH/rDbQfebIg+NSBeSn4 +1PDh37p3vm0gIclhygWS9vL1ERlvt9N3o272ago9jM+PaVK9fFBiqGuMU8X0/2qx +LnPppWUKY3WKPkDKSBgz5J5jkTTneL6wPLY0saHB8Ob4zIKpfh8dsIXBwmiYsmO1 +x+q+HAL7EQ8CgYAjKZsxOgp/CaBtfUhX1mCi2uADPwVuBZYkpa3YmFxZRuv4BE2s +18Yfl3D1fjUrstGlmdBs9oG0L3wvsNrvFW91pE+TIAIpkqeRN5+3JToxM+Z9jI4G +wt9mysXEqyzPyYVpsr/lehvSClSrw/eVV5kcE0yQdG1RSUph+9ZHElynwQKBgEcy ++WaM27iHLOd+4F1um49yY7sbeJKUODgeximpLC1i3412DJYBYE0AQ6eQ3XVyBPj7 +wgVoi4vneniS7lbKEAt8U3V2SKrxAYpM2WFAfqN57UDAPp3Ndh1gCwVKtJf0MV59 +DoTDVfrq6y+/tsOwTzPVoc3iY4wfyM2+XVX5p+UHAoGABD84C3yYWYZ9gBkEkXHH +jjKUcDCWUTcbErUtaloI9AU+Fw3XP+H21b1ahblQ8JtGcGIosYLOGreZyjN/gVJO +Us14LTFkYwnSQMJ0KLmfZ2qEL89xl8fIFbjmccJUmW01F1y2M9yZVTVeNiAiq/VL +j+8aCEyjHb06KrRCjseb1u4= +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-odfe-2.p12 b/roles/ca/files/CA/private/dsoclab-odfe-2.p12 new file mode 100644 index 0000000000000000000000000000000000000000..106170ff7a325bccade7cfecf2f60642e866a4a0 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7$NFWMiy)qmX`CMFJsh9>re&Pl(Xy6;x^3s|yq z%WvL8`P<bsnrzbbCT=)C?Tw6%bvm0skyq<+ZW+V+6Gfh<cC+VgoOavnc8u)y%bWt+ zeed7)%<ANM>U5)}*ZfRu?&;EkU8`H>uU^o}yddxO1JjCC{i|NaPyEX=he17?cY0uR zL#%f0UfC%RKM4fJ-Munf@1NjbP1mRY8GLU2m&^;VT)<h@{r37@hRJ7_{c7IAt1cxd zRT*PdJ#+0Jn{1Dl%S|rJZ2TEo@_W5V)>jjzT-AT+U2`0KAHGOV5X`BP=xpR;vv$0B zyW))O?o`cNhhK??t1<1?ni7*JSS56*;Ue$Uq8IA^=bi?z8}DxrE|?&1$bJ2%DATlE z+m~PF>Z-iQ?kp}A7^-<U-qkf{OGkG@faB~F{Z~%Z+`Xl>qDTI<bxq4mqvI~g9VL!k zH~S~wbhslu>qUZm!1|vG6?-3TXI)}-?UWtYqC3BSm+Uq>IKj%Wl5b^QpR&6dgYjJE z`E#x9v{v$%DNoZ`awn15_ha$Xo~y-&GuM9dao?TvReGZIxy=l!L1jI^u65f@?QJYt zA@pQxU81{!#@YPsEvXq@ukB+GOg0m{VRPGpZ*6~P<r+KR*G<`Kfi8(EiP=Kh<}c%V zw@)`*afs)%l%4l7MWqVX-D|7+SNNa#@ajj`#<#PMPd*@?n*MoBu3plkwySRgKHW*{ z+G*IsG$H!_D~3o8mfuUCoK>4N^={kK4{v^Ge%SGK`If^~n<I*S>`!Wms4lheOZ=a6 z_~e60&Nt^wllEnk=UUVB;qvx~8+J!E?oO)^`yl53;A`udxz84N*@ZWrIGt*kHFdq( z*}}EE8YZeG{P3-mdp+e&|Ap*Jn{WT{4cN7l^R)P-zrVC1`z~tiIKtUsZO`mC>xn)~ zgimzmTHYI_H*JLaJ$Jld^4QyFo~uy&>V3+y|DV|A%C8oBAz^3~yN<K5>C|P*-D=5o z>p$DAYqa?NoZ(!^rSKW$?UO%oUzu=p`wW+^W6QUn`_=y-JgTL4O5b6bUuk_mO}>~f z@0eAgv&5P|wJd0hl;iO&(@To?v>TU9c3bdjcJ$#)0pWYIpBXm_{F}9B_Tu`<My5qs zi=F1pn5l5q=xu)N{2yhSXa8t#IXii_>i&KFi$3d0)vUSb|6WU;pUG;)?SS}glP9z7 zO;T-1{!n}5%FfUVvk7|-u9v<de(6CFvklkBy7mnw0;&6owLB{uB92VVm&k2>6|2>B zT1v`H?7jWFwVMpM#de<-50&ZouuR{`W!L7igk@Ew>cvv&0ny=a4$MEe?$T`W`rGll znhpxAnDL}*Pore&f*@PvxovydQ$FhcsxnXGb=t2~w`|M(Mt#F6OAa@+aa(v_(s*RM z`OBNH-%fr%5b>YI_60lN4z5|E_3>xU=U(QY{^0=IglSIv%8%ECEHt;Om~ecC&Ofh5 ze<vKY?6AE0=<17)Ki8dYUwfkA+QPRdSf<MUs(iW1X;RRZ>YdMy)+zj5yUVr8<)(J( zY|lLo)|$$*G@_aWJ5=WWV`urY_Iby?^1yR@n>^I#+Ui|<|1<gQXO(OBwub0)pRp3w zJayB(U}I2M{nLJNlQ(|VQyuTzEMJ%+)}r7q@71tGxcoVjMV;w|_qX+8@)Pcyx}9H; zwnz3mPkq4@=Cp9z;!?%l6N1+kuX}%YO6a^rbveDy`sEg7{x6)6{=u0+A+n8Wj*aFL zk6P2Ie_r-Z`OV+NY~r~s^6RhDEi)DQ+I9u>W%eqY|C%RaZSURd`cOIi$HLH}Jq;2c zZryuwERC6YO1O^N^>_chjmosM9{riVrNZ-gx#XvYeGJE~e@{zHJ9+i|nh5XgWTWnB zPcQtMXfkDs#^YNlEmjZeKgpkz&U~!G`e3hjz?Iq$mX|9&NL+D~(Z4IAyGH-W?e53t zR4m^2Pk#Eia$4+@O$|M7el1cf=h?m}yy2nb>PtVh_T5&0pM88=#6Goy%RG+6&b(`W z<B|j?!}n$>w=EAuc^A&8zb(pHY^Py6>o>!}?-{8lw>@O5NQ|B8B=BlZTnL}?hLp*6 zpVV|eynggIC0HwC%CWmE^d>QVG~O)!PW08A+{Wkgul<^n^^M>8%b_^0o!5BgWymQ- z$N9$H-7FtChdbc#7J+GRa!owNTxJJ0Mwvx1%)7GoFW14p)0`%Yoj!eLSq<CC=Eqqf z+5wq=r+-$^V(D(}=dE;J_3@=iSDtacXQSC2g9eXV(|?;>nsfVL;#|)g2_J(p9y+P# zvE{^G+w(-zPF?G;)3WfmcA-Tghk{K-h4v;$ZvVy4C41<k>YeLV@28%Ww*TSqHT=#; zD?aAtI{|s2GZw#?JtO~+r(c^*=9yoyo9dq>$F&K(U#j(UwdGa^%hYq<W4f76n7K<D zoWF3_(Dp;d^(Dnq=O!7P>2}v&?wM3SZ)Jl0<mG&-4=eVX$*;_l`}cCcckmC3X0~%v zpDXHJF1F5Gpk(42o|~}L?wBQC;&w~PKI2yt?mz!jImNzbf<fEslx}n71@}T7>h?@K z!P78JW~m={$#HkNsx>cTqn^b)o;rKy1J6YZ_7vQ>r4Z%cS@!a{&iQ}$52^>NuBa?u zBiPho(8TJ9R3R^DVl`rEV%0NfV%0KeVpU_~hE>m8j7$rfSl$^lvAja5wV6S+HmmiP zjf{eMcR{r_OB2h9UAy12HHyz@<ydCz_Tg)K@*2O&xbp`Ba{|+Nv_#rIJlkgBrWWUr zI-!$KR%Wl)qk?4|Cz97U&#)<EI-fWHM||0IN57|MSg-8MXO3LS8aVBd4(}P}A6<(i zr^=jp`k8x^;u=3A&*rICm*p}Sd);<hcGpw<2VVg@*WUv-54;j`sLR|{Qed)aqr_rw zwsW&iu=>5<*QB;sec9|{dDo!qUC-|<KP6oAHbMRUxy7!PV)2vrChNWCUf#6Zf7N5{ z8I!Mya+{x0F@IOSaABMu)2@|wqk4?0D}^sezFNz=rJuoXC(B)1;jhp3+^}d>JO5~} zt#02z<pobG=I6;Q%3O5vp7!gM?QR8@wv4;W+KoIG9Tu>8(*8*Hkov8<B~K#$?n&3+ zF`Rq6;6c4>_SKj6xeNPvTGr=D-q<}`YS;C*9}CZHickHvC*-_=?RxX<PrU9cl{T$e zmgg|FR3&ukh69Z2LXJi3di?oiNY94EZ%rR(XoV=XY+bt4Gvck<?alYae)3#c<kVQR ztM^Ig+zENnEGbLZY*|x(Zgrr`=7mu?3%7-xkTC8zw0w!!>3nNWql(agseSG?2lFxu zUd}L>?eBj-+$g;7(NA`*S1UI4zPxR9c!^4r;q!~#<q1`7cJEH}Y^z;iQ_r#?*81FO z+dS<JadEnCHbP&&ZG8RA{sDWR^ek14V&<904?f7-c4OO1p%cP-+WP9Vne;Zg_v&!1 z;yLzkhlb`Wr3Xsf3%*C!9T2~))t1`!_VuYE5#ev2t7d*{Rbko}xid!NVvWbKJrDle zOTLu#d(HXd3%%Ydx$V$+U-0z&t-HV5c+^gBS?#PeX99oawQtfw7uA|~m>gN#dq%`w zf02+)?2a<V#n)zMn0;aWr<WJz7`^&BZ@~+zZkE&ERp$R*Khf?yr=mfKj95`-h1CN? z^RL+&=KSaXs7!nEJEOf}-kYPXx6VrFJ>#A9NBx$=>*Tzs{rjD>Z{01_i0``AwNdxL zLBsBsW-6h{&Pn$cYlmBj#$IqJUXd>=cDnzqU`O=dvVZlhqT8>uy2$>L=3991^xFfW z9wMtBOGce+3rv)fd@}#<$(OqP3KjzD$DZ8(`m_IggrxRq^Z2c+n<Zy_cq@O%n9auW znCuI)Pex0(Mjd-)sbR4x*-d!+D*Zcqqw<^=NzObG$8~Jw`XkZ5)MlE0s9oMW!>wNZ z>wW7fw@<boe6{h@#0ARxGxl~q*uao~Y9(uLm*Tru&t&%H?z(Yw=d|x)1sl%ned@K$ z@0&2EvsQW5rovhY^?;*WME@v6O~1M(q-fP%zyH}klg;m&E!;eBCeuaXo8f=7zb<`I zU2c>h-LGcCuJ$axdHwP~-L|(jOx`WN@C&Pm+1>0jC35e7*VSzMD%n<XFX+sU9MPX~ zeC$_bU4KnG<97A*k@l1=i@znGIQH~p%Ra^fEx{H?=KV7Jc}Q}S2g`x2nO1K3FXUzS z<%%uIHduDtYm@td%!pUpnb+(q`T3+{jmCs0`}0FHy3C}08OBWK`Py+pTjN2;TC29~ zBfmuDZ8!XW@P89i@&(03kA&wu)Iaj($FkPntvLsE*tRa&u)^-t`l_4jn}w%0ObXat zkWt*cx_?RA*Q%|bjjz8*e7x}Xp@^IQcLjZew0+)dh#9`vqvaHpTOTi%Tb19=8S+6v z>w~Mol{Q0F17&#W$SG<l#v)?IEs>|G9H1@lc5zz9gf8Fi*FEkAh6aiToNTPxe9TNz rtPCt7zw_Sx7GtztIJ0d9TgX&_wKv|daj<YyCC{DnYrp7hP$>xjbF^(F literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/private/dsoclab-thehive.key b/roles/ca/files/CA/private/dsoclab-thehive.key new file mode 100644 index 0000000..6d4d8bb --- /dev/null +++ b/roles/ca/files/CA/private/dsoclab-thehive.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6xU0gpGC3YSHt +FqFvcsTeoQDA7/xdoYk0BxXStDoUuJV1joFxSUYdyIHL8ezHWhL2iWDkyJgaYcgt +Eo9z7vidiLV/MHCXKbSrQy3c26cQR8e1JpsRhfvTJ486VbzqeBe4iRCjpBBgOcN/ +QiWp/oR/OF70PcOYPVa5uoEGVY1lEvBOI4gdmAwvbk9n/U5nOZG5AVISqp67esjq +j0otGPhpmjqgyG7j3sbbvkxZ4M+8NE8ssO8+glrfaL64+8xfavI+ZtTGxfYLZ+lk +hRWHYG/ctFsTb7Cb+PPawZGegV8Wyp4UAcEczirTyDwPvrE3qskIaCve+URsHpCk +Erz1PEa9AgMBAAECggEARJH9cBeJfqoFp6LgYCd1yfq4aR1yvPl6gwR66aHLlSHz +lXZdZbcuK+8aYEMQ2FvkjGkBjt1qonz13j5rNngtBMFVST4CiC0CrMH8S5LFMj/4 +PTTQR822F971QciKlFbE9rYzyrCIZpuuf8FMTK4p/P84NVmbvv/+IDAuAKJWSB3b +TXVeYzqET/cENXrNZNsTMHVoPAudtsHXXa5w3yXJXhTlRQrjMtMHgV+H1O2iOvi5 +IAJUm2HVmGON9aqQKZlzYvx9txSBRczEwQK+fLPoXGEG/KhskiBPMU0y9a60SV5F +Oi94zzBCOSf/k+C4+EhkvfSq727ZFs60zGcoEW7rzQKBgQD08umyOtqJEB6dk5hg +RA1mc3qx332Li0Ep9ciPD0oOyt9H/pQBMYHlV4Vf26dmjxg7XMPqB38topjbnVcY +r1QigQ8tnHXktcO1tUpx6MhTkN4sBH9dvZE4TdBiarlcThgnuCfZUhjyfyr715tR +BIC8TA9bd/6oUaf/zd0S4aGcEwKBgQDDMnKe7PoDlHtjxaiDs8VLRRgNKocT/jaD +SZ5j5a1e+fvIK+lqpW7pXT/AlBVvxC6ke2Zb1csgndgF0p45ZO9WsB5fV3x8AREM +zIvrqpH4hdRBEF7o1syVDMXmTQLsPOLzj6B2UC5mpqoo2GkI9yyXpJhNR0kqzkDy +Pclu3xZL7wKBgQCZsFAxI/w6Q4LyG8lfnVNLFOnG8RM0mwsn6K8OE+nDnka6RWFX +3lhCLcfhfVBraR0rIelKzaleWMbQBMjBFEEV5SRA2gqele1V9YngLs6CoELGG4xO +pMKZMTmuhogHAnjlcwaNtJUykdfGbGFnVAvyGUcJfSCrO5DNT72GO0vLQQKBgQCF +WyPf2/r7Eygxg8qbH+h8ghnqdNGQIS9RBqzFhxapOpR/rzBrAdcCbAiwIvt6Pke3 +a+8Ecs2x3OTHJZufjovNZ8l4TaboeToSynQVb5UGezgFs4+D96wRcIaLzrVefEJ5 +L/jqm+D3lInQGfm4fFXkzDiZI0ijjAHm/btumc771QKBgBTu4KvY6rzgmHbymux1 ++tr+xl3/Nb29XQJHpZV+hgFGg1+aWaR9c0WXz9mKovBanEUHJb5khqFQDFZuWMNG +tNQ1JbwTXwxmAfVJbLYbSHnuePkh+qtpmTVa3H5NdRBI/062/Km6Rxcf5JljB8/J +k+SqVxdKSTfaWxGqyyAZgVis +-----END PRIVATE KEY----- diff --git a/roles/ca/files/CA/private/dsoclab-thehive.p12 b/roles/ca/files/CA/private/dsoclab-thehive.p12 new file mode 100644 index 0000000000000000000000000000000000000000..4651a2126460e39b52b3c9404b73b982758cf006 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#qs6Xw*oW;M^F)?v4G&Hd%END=)U6*!(LtgVl z9z%z07^mut{mJ{z?+I0&w&m%*X9~V~%i`N!DKFMCUo0mh8tLQ2V|R<;kmSbcw(E;H zma<r{Sd%HtzTNB4v==`A#qV;>pO6~#xQzK_1Xud(Z_0aaSkKD4eM}`#qjKf?Z^Ac! z-cftl{NOapj)D^tIfAmE{wZV#Elw^J6yud*oO7>D^y#~K_wF;;9agP<B>6DVrKM$) zaPzSeq0_V4C;q#0mvzk(pDCp^>Fy%?&-EIFwZ5!)^K=TolGnWS8%ra3*Rlu)T<&y@ zJ2mb5oT-lW&#JrB>RC4W<y7mLTK#|j@IQB7zV`&z;`_e0o2z~P>aZC;nP@Y`KYmYC zO|87l48PYpt12ybgw;%$c=CUd$ALPP-<@_P^ER`%oS&^?C$RLz#-4c_!|!@dGx=)N zWyG*VTvCAl(PwK-7O9C{&#juooQfRpHC~$$FIjZYeD}gV(+ZSs@4dxzcfMEsI*yRd z+BzyP8Cw6Pn(03}Z(TUypzcyT)zjyWsC7gg?OFHSV@erU$u6O&a|?Ftc8Frx_^>zU zGE1ShtuVtk=kw9m<L>K)c-CL^|KhIsu)p@6s(b%Qzp0PsRn^_=_xiQJD*UM??`vQ6 z<dOil)j#%Lz4Q5}=HH{I;yT(gO={|Q_RZF}?5c9Q@F-Ttr~l_it-96X!DUOQ{h!6Y z*H?1=gCmTVs)31CuQc9k`v)AWo)We{#PP7&%csTLVs+w!x0X9JF1_D0{Z`7h)9Wlw zhkT7PWIQ;-FIA$xt1k40`;Hm)xi@|q-(D=Q;_Fph^GsRD=Dae$f%vOt|NCdJTwbB! zTHv%nizj~7hbNEXk|yu3{k(%mz2K;9@%QdkbDeFI-<xgQ>cIJ)Atio)cYoVcmlf5M zGCyBAp<&sVc5)`m6}yO+OhwmSjSszF7qh*t@o~jGYhA6)Y%30)`qS1gUg8;OBeCJ} z_TY#kM_lxtbLFm(Ql7UW!hZjuB$eOHca}_FEaFpMk?<|dLv`!tJ#G?Hdt$vd-&lS- zeMa}9)my)x*|e~{kmci?nabh2BvT(x^Z2_q^1(vUXz?7C>J;~!W2a?&7;1&y{drSs z&u$|Zu|v5frP+o5NR^Fz*@@5lCTs}%we`N)9&X8lx}E3Js&?gDZC<i}iuMirqt~wF zG(MMjm{G1ePu0suvv@%d-|X{SzIT?!)E4F5*_8G3gz&L28D^o~ec62hpV(M?6N^=L zJz{awda2<W_up7cI;1tpEZtRy<;0Y!?fY{3H?Xfe(rzf-q4DgY;?-n5!@}#jW*nzh zx9QXxo3=8$^nJIxmt671VpC#jQis9=+oZtjKJ^_-b{XXEEqvD{Grv5K&&YwjA;E!D z&_j3Umc3z}yW{OSkMDQ!;FetMW4!E7`No~abq@Thwaih>m-419IB%f2-*WwhmyFN% zd^_NMzj)HerP)We*Ryh2`6>Ttjb;58SoOVb)*Q2|GfaGiul!%}myz#}^U`H+d=K{W z7{9l<|2p;7lxOp-%?^eIbjOuAUNlS;?|wZwn9*^q$|74)mxBduKiej2O`H<8_fDB~ z!M$7C>n<9+vecTjZF|AKtNh;=ik@0E=aZpzZ|iOy72ZXbi#+fD+P+eGj&6b<*Q`{l zls@ShS~nDK?bT}(@p^oP{iu{fLyPgtqdyKVbE=zYKGn<Skd^7%B}*T_O^IyvF@Chf zVYO0K=!g8~2er=S3UyyBcosDYsGRAmn5tB%{eYF*J$UMiSCRE4=O<1zYxsY8S!9Dv zshiiTuWz^C-&D;}zj<f>;cuVKeHdTw{q&@~bjjtHe{IdyC0Q=M#uc&TRJ#B5sm%hR zQIjGI>T+K>y%m@ioBT@d<q5laf|LK3{f)`!ZjH@;`8%nByKr?xV2V(n#E*5FQ*W8g zkYYCJS(MJN9kA$`<(--DMQ)e>-uW*lDCG0C64~np!W%<o9&F&8u5k30a&~=R{}X}p zqFGJ;p*AO`PuTxqHRC<`H_3)~U#m?1y~F&ZzKKEpiN%-KE!lWrsnn#b&SukW8?WfV z`)8%4<#w!e+SM62;Xz<&jnd;wZCQQO%r`37)o7fJ*O{rDeAnjgd5ii9zZ9=#nM>`S z$Z(LSv^^ltW6{+2Y0N8sUuXF~cmMsc%ZFFnE!xq&SiCeLAjx1$-9|R0nWvXeWL|Bs zHu<~f#iZ5gjGfabZ@;o<he(cO_(Z;S&VE<rFZ%7|<=5tC?`@NvR^+##B2Oh~hrrIy zZ25mU4c0ELZ#`wAvgSXhK(mhh&iQk<ZeHD^FW>%pcKw^%;<FFV{dR5XhP30y(%xvU z_<77l@7#_ZJULy5q#rl_<P$Amcx`gEM^ZZ7X4RgfTdXvfsZ{E3Khc-DKmBXoZ^rLJ zR$GKlf4}zZ+595a)T8~Z6Uye9)t&U$oMoZ0<bqP`oV5r0?#x>(68`7+>&dOINgRec z;axmsN8d~NhUSJOyB<->VKtRdPX5n+Mf6dGl3r8oW}o;K-PP|ppS&|W6eruepllg) zyZHor(G^wh5s3>g$=p-Pd)47m$)9}rvh2+_C(bNgJJEN3(U!?2GS`0b$h}uy?!@`c zpo!HHsX|`R#A?LS#Hwe|#HwY`#Hz-|4Xd8H7?~C{vAi>AVtIv9Ycqpt?dKP4^H-m* za01oZEKMvY&ON9+ob%g3!llobzkBMMe)A^*`^$?z-|T<t9dt3cdTHq)2BxK6OLUhC zY9&d@eCSV$=6kCs+{H9?vgK{nuSSxtr#jR=tP?#ZF@0Zso`mXTiFto*3?7|dWFn!= zthm=itWnUUisN9+uWAFC3DXw6S2>UpFd^_xvFcGZ`He?1jkZMwFkZHheZ||6x1*W$ z_r+R+-f7qOFjz-T*<pI%MoK^X=Izn}>-J@GRNB0=4BM_#IVbb8;EpN#B+iAjJ^8|6 zw4#V5a`o=ZH~zb@uFP!T<5SI*{KRZl&e3x<^~-W!T{UXE^*{T+al7o><?gSJ{<!_n zgu6ubehX*bl>c+yF-uL|EBEoq9qynHeLR)rtkd5d+keWa|BZTW>VnjA_BpK^ie{af z{x`(n*#pn&&A0E*|7h}IO5Svxs}b6V7??Q@=1Ulq%b$|nXSSUG&*@E8acK`&!ghJ} zF38hu+%Y|Is<eUVf$EJeGcE^69O#qoYX12)F6;l{C0E1Nx2}IR)#mZL6Z1ElUTPIs z_n!Mp^PBp{Ir+7_K9zb1XlY+k*_Lf_ZY#UL%O(~3b^0qmy9%6K<n%`3%h&Xmg({xA zyLK~f6j`!#dvbre+1C%|lRNiz|2Vu&_FL7~!w1eUf6H~FjA{4xGZ*)V7?&jk$e(fg z{fd7@MQt%_zu1zu?{o|!#l?+wO7xsyR(6q{Vi2>Y_sc8IKx^qjvyxTDim#vDp0Ui- z{$%vb(2OqSORHUHO!>yg#K-QYY?37H)UcOnhcnx}qIll}-)<#}Ty^mJdUZ}O=Z|UP zyDZMn6yB;U!nDKo&Ekcv8ZpysUa=h&&As;M!-ZolX)LMo*6oUyznq#LIC1j+tcewT zKGu<2+BWnUFO&NGU1sI91>p}^x8C{uN?X`3Wk<umD_8P#Jfo!6Xiv^x^XoYKj?}77 zmB}|l=YM;<bLW<27OdAicDdS~UX;~XZvXC9^3%Dk%gX{bxzF#mXixK3Fxu?<l2hQ5 z2T!iAaa8d|wdGYAvjiTCUfI2Hp31*tYf>|9J<Q)M>+3Qu+SfOQGbBkZoAGqU!L~%t z-hJ`+ygugb2vON`JHgBN5>Ijb(Z4#1t`&);Ml9Or19x354OlllIJ|tDEQiMAw<ZBj z?J=8!#LoSXc2k)eFy-WtPyg87OgWgHCo2|r;1~CAg>Slt@46ofmwB_Wmu>yBzl%jL z%4Z)A*4)2Rl<j)w0{ctL3ZpxJZ0mM;dizYx(%nw3{#Rx8vHspv%+DP8?tK1*L=pEj z2Qq_ZaVOc_otHFY!kQ~tx|84k&vGw4_e^5PoEb;{csxC)anbZn+XkUlfqPD=vscXS zWZbYpbZUarrXal>MaddoGvRld5}W5}8`$zKY42`+_IcScc3<h4Z83+`m#DR|Uil#9 zC0eX(J&Ri-pwyGC-)O^gm&MWdADoJOUjE8ZGkZhM(g`A0u1zhfD%Ur@Br-WJ{t(x) z&<(u*E(+|kd>ScT_@g<vZu0bdYYewu2|Ti*==VwGecxA0u1%OQ`Q)>j@5^Oe;<v5m zeaOQ7`%}Z&^u}O|#VbFm)*SX@*>7~Z^>B1nk=<67Wv4f=Dr|Z5AWeAZhuw3+bXYyB z#rIF^NN87GD7TY8ZFfzEe)WTe;yY`9y^u<rBJjb$%bazw*vu1`wZH9Ir!cXI`%q4b zp{jv0ymaIgH56kJ$vQBhL@aEXzN($o!gJZ$`{vv$+GJp8plHC!#;VQ7%p}Fiz#{T` l!}C|k3Qszkr|Ktsw6Xl+eyr&=3&+B;&DWid&fo!+k^r%JNe=)3 literal 0 HcmV?d00001 diff --git a/roles/ca/files/CA/reqs/Arne Oslebo.req b/roles/ca/files/CA/reqs/Arne Oslebo.req new file mode 100644 index 0000000..dcf6392 --- /dev/null +++ b/roles/ca/files/CA/reqs/Arne Oslebo.req @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICWzCCAUMCAQAwFjEUMBIGA1UEAwwLQXJuZSBPc2xlYm8wggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDOTAIZIW4c8u2T2P28GqTCETvhVXPlJpLT2eim +3X2iHb5qfGQGOWAzOH1qyomd5RFYIWnzOohe6uUu4Z27AB9ZGWlPazI9LxralT2Z +lVOfsurbE0hjLUrcDEumHExi4tARJWfLgFIC6Pg7POvL9HEDWr7ZoEn+0XL+T77h +rKHtpRUG9E7JBqubksI+uVgM9BUOBMCRG4VznbaXoWxwChqgzkyNrCnkxRcAJgNE +Mqh7g1JJQ2ARU8geuOufH+MTVIF3xEdKLiCNSIyRLuDU5TcLXLtfQDeS6WA7oPmY +f22zIJI82ozweYHy6ne6tHsGVHWJd36tCDquHtwcEWMIQxSXAgMBAAGgADANBgkq +hkiG9w0BAQsFAAOCAQEAg1Qb6ZHRANNpMip4Swkowrq8EqkMwnaei5l9ODVzlYa9 +Wo5f+kiGVMnza76E40/OOTRT8624hZEbaOzh2bLRd/9MCxE3oGWeSVtu/MOkN0f4 +vERTql3zlcIzOmQHXp2obtJXdpSt+8jlYbFQm9HV9k6qCnv+k9zjkIEkNaZ26NIa +CzsR4d6J5l9B9eEnpZHEcbtD5SyB8pde3d5lGDkJ7tdwVc874cbxSA/402lOf6Gh +5huX7ID1xN92VHEdtiwtOkcWjtzp87Dr0GxlFd9u48ctOmvfvxL/wBPXAYDnwLrB +d89p+JzRZzr8eRj5KCEW2W7AbOVpaL05IBAR6a/4GQ== +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/Bozidar Proevski.req b/roles/ca/files/CA/reqs/Bozidar Proevski.req new file mode 100644 index 0000000..cde307a --- /dev/null +++ b/roles/ca/files/CA/reqs/Bozidar Proevski.req @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICYDCCAUgCAQAwGzEZMBcGA1UEAwwQQm96aWRhciBQcm9ldnNraTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJreAP3x6bkp2VjQRyHPS2cX96kCkxfP +V1tv2yaQMAkL2cVmXvYiZqtIBqpsiLP9k0WkYMlfK2yv22heJ+aFcSe3IFJh3xQb +2gY5siEgSyJIt0t2RAKxiV8OWSLLuckejaCsKF3lrsjqzAUgomAREo1tiApz6Hxo +nEgsyajGncM8wef0B/dbbkI9PQ+Fb+K5iKnQAoS4GWquE6GXUJgWyAwbvQLIX6Mv +c34l+IznkkPHanW8heocRyjOLJs6j6gH6YyKdT7BlzLO48XKHgrXPHcK0qtRw+Xc +N5AaNb+gSqq9OO+ebfiBN3/TdyPGW2OYZAcvR/19IS9XwthEAMIpInkCAwEAAaAA +MA0GCSqGSIb3DQEBCwUAA4IBAQBI2j+FMBWk7pwuvK10IHSgJl+MW/PS4LALPy00 +QCo6DUrkN3EsIY+wsY+jCUS2VGTlOehilOywH/RpmhFBxT3N+NmSyRHPhCBAJAHF +lmziZfPU25xOt/q5TAbBgEgWJuZuMVUEXY0EV/BxHyaZLPOFogXMijP6jhLxx3yg +8XU3aWYyFu3Dl5wwvhgtgXN4Bt5jHK7y4Cy+ChrybXabU6x380XlBDnlBLCmLmPP +ASQ+xzmacFGIY3SVqI1sHBgSMGueVQLWmGEgT3uD7mX0sD1teFR4MA6pySrkhJeg +7kZiw1lMNnFziruBsrk0wfVK5X4fy13lfOBZEc0YgVykUklo +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-cortex.req b/roles/ca/files/CA/reqs/dsoclab-cortex.req new file mode 100644 index 0000000..1959ae3 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-cortex.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1jb3J0ZXgwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNCWsUM0pHdVvT2Wc7Ta0fpx8zq4axqjsJ +qxqm+6BgBONoMw6FVNFwYYq51da1bMKzNgKUtx0Yk1+Igf8q9JlYbdeW4tJkd7l0 +RDzw+1sPQ304Xf6w2wV6qcUQJHUTyC3aab7jQzPwKDCaU/j40xAyNewdh6seLLUA +fJ+PYeBdVhWMRkUJeAJ4EMCvLyVswlvtX8EzC/jIE9zfw/wFkP8Gnsu8HSvCV/K9 +qiKzS/XKsrgAGPEUELheaZ/t/ASD2S63mopFHFRxj2ECaoqEL2ffkjoMX+W252wn +aR9bBtZ/5t+rLzGlzWMyYMAHUGwNOctorjyy2g8gBncsKKs6MJIbAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWItY29ydGV4gh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBABmN +TbZUl+mAgRYgyBhG8QxYAD8sLcKqPDrldqy/5qsGuLQSA4txQ7uEMFb9mr5RsjvA +rsKljltvjmEMyLjOio00NanddY/qTAwqfk8VoPK49g0Sf1c73E/84JwhzjzTqR5v +4Evckh4r2lrgtqos0sZHr5SUdYiMpAJ18WUAp+PCa6RydUt5+Upwu391lgjQpSr+ +M7DCM+KDSZ4X0eaSf6oFrfNA035FlDaHdRHGMIW5aE+fBXSXEU7EwgjCEMuy6iLR +Arpjo8t2Kj5P+zJVXo5021VhWtTR221GI1v+JJxSkolHAziTohsj45m0jA1cCKbL +bzpzNH/WwlpNEH7tWGs= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-haproxy.req b/roles/ca/files/CA/reqs/dsoclab-haproxy.req new file mode 100644 index 0000000..7377346 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-haproxy.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwGjEYMBYGA1UEAwwPZHNvY2xhYi1oYXByb3h5MIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycciMwsLD6CMxKmBN71RL0cy+huIRbG7 +EUM93rNwZ9eLOVqPE/sveAixsTLG0Q7k0y4624Tb0mVrJiRs1xblpZCOAkYTAgqW +ZkaHt7DuVkw82K5Mfe9bqm4Bjon+TLnebLrkP4341zrtsimaW6xahmYF8xkvWY18 +i2qXHkOKNoCy6eGE9pS8ExExuNJacu1ow7E35FuRgmKqE/K24DqqhWZwCqmtXKdS +/9z5mV7lFdUM/s0ny5ieWmnKcXQx5ibf7NJCQ7nzBI4seiim+Y66ZDxpDqz13NXz +KlBHUNSM9e4xCHNpH65CHVKEXUdo3aMfB1fsPp4NI3gWQbxo8k/pGQIDAQABoE0w +SwYJKoZIhvcNAQkOMT4wPDA6BgNVHREEMzAxgg9kc29jbGFiLWhhcHJveHmCHmRz +b2NsYWIuZ240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEA +afvEI0PRtJHdn9wjijMSmeFqcKb7LrV3cXKgMNlps/7+D9S3E2id457QpHLteOLn +G7YOlL+xddxa/rn95ovL/p+qU4i4bPfE3tG/Yj6GclQTNb4JWocZq6ukgDzPaLPu +7XyS42sreCN8QlDuHDM+lNpb4wyzyLVKV8pUGLn9QjskKvAFmwXNOV9X20RLSlAo +NhOYFxCoiwcCT/wyOh83uh5FcGOzZOPrG/J95rV+RyYOQGttu2l00nDVTD7Gbjza +tv30d2Gj6tJAxTqXZm99qJ8zi7wBgymX7uQoaw+D4uZqRCzUqgEe9j72N0Jh+yF0 +/wo9Lx4oVJj6GR0I7jY24Q== +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-keycloak.req b/roles/ca/files/CA/reqs/dsoclab-keycloak.req new file mode 100644 index 0000000..c9316cf --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-keycloak.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrjCCAZYCAQAwGzEZMBcGA1UEAwwQZHNvY2xhYi1rZXljbG9hazCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOqp6msvbJyfbZyJTgG6xsAy31kmK5X0 +wj3IfiLOtngD6CIogZyapqe6/QVmo1CBhXHB2eq8IeFdCod7vlWwfQFX3kz+OsXJ +VHcuFfwSB/jvn3v3CQFwdVM73LEMZU1JxPsdQiBvgUVC09sdTFcbHTuBOe6yz5VL +KdCoOZjWkzaZv8VDJo1N220kO/wWdqH9b8YZEccSDYAWTIjaLAl4PRt8bOzbngFQ +X6NWf9Q7pCbSbUJ7iE6NZO0eGg4FWGVYR4NgnrTtFc5yT6C1It2fpNqIhv7LhG5y +PQBC2ouFKvLv1+67hUK6ufvZndIsWA98AiO3RtBpBjdAnVh0icq3EuUCAwEAAaBO +MEwGCSqGSIb3DQEJDjE/MD0wOwYDVR0RBDQwMoIQZHNvY2xhYi1rZXljbG9ha4Ie +ZHNvY2xhYi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IB +AQAFuWENWuE+yIOLn3KkTz1HoJrOwzn6g/XkrhMcmQtRucKd9T1CMr384yWXkGcP +f+BrrW/m2WSpPGikR6i+gW5aW1zKOtu+IABFpjsOcHTuKZGjsAgzSWXIffuNzrMt +TvmOdtlez0sBmxPQ+JmpmNkGzSzEr/qnMxdxHonn17/pLV5P5Z4Dy5vMhTKlw32I +1C6gD1yfjoF1nI0BWmu6vSih1IBApR2tdexa/gGZT68z1XncTD7zzUnPBoqWJjJf +7NZ/HUxmQBcM4/sYNFnfx+XHY83Hm4+i2PS18SgC7WN+GTaGnOYdgLPbUGwCEv0t +TnDRqK0EfRbr8E/6wCgkyhz6 +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-kibana.req b/roles/ca/files/CA/reqs/dsoclab-kibana.req new file mode 100644 index 0000000..c742520 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-kibana.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1raWJhbmEwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOT8kPhE1Oe9wRkMlJqPNgRKglG1mDZAvR +4LxZUCKl9Yh6yEBl5CI9d9KPnjAXgF4ghbxwZ2HL2OKfmnx7puhOeXvNhm4mUjdF +tqu3b0CPelWL0ZHMIW9VN1A7ch8tO791R5GIahzqOd2LJTFVDrxSb78Llu/jElza +YyJU5bOViwKeVz57T6D1bweoW0V8yzSDdzSlsf8FEoiPzMQFXennfSsS+rtNJfT3 +BOeVBpXqqcR1TvcDZy2cmvQB9iqNbG3QWanOHxKxdjnIB9Qgcx7znLlngzuofG77 +huo/ao6YTDmp0U2+nwpDSRv9CWe2YnH9h5pjJQCqx6FNIxLjVg9vAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWIta2liYW5hgh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAD3L +9U2PcNoNGQu7wDkVblw29QoEkbm7yXvcXt5fFlcd85Tw3+Wig4fXC2AVLBxTvK7C +1wLGTMVtQfzH7+H+xQvhiQG+Rz2dLD6K10sPK+Uj5iXZyyeb82cqw7QwaH40jCot +uLgvSIIrChFWGijW0tHy2UmHjTh6+cPzwGe58yYXTK/OBJwbEKKox3IL9XtF3QJJ +wNhuCYPNbNmy1qZQ7Fny9cCU+syHDRkJwIYBAcfKVvq4/L7txkYZasnoQqE8H2Tq +UnCOD97mt85wXID6vhi8gqUvujr/NHqCIJqd4yZ3fi8/uxbK2Igw6sr4d1y90Dj5 +iUsJ9h+hlzojGLzqB98= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-misp.req b/roles/ca/files/CA/reqs/dsoclab-misp.req new file mode 100644 index 0000000..051c713 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-misp.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpjCCAY4CAQAwFzEVMBMGA1UEAwwMZHNvY2xhYi1taXNwMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7Eb56KucIFxpVdGFC5HZIlOvX3wgi0DGdaH +RLNCv3J4A8yRmFs2QhRV4oIWElhgVESPFfYbH3Y2Ii7orNM8Ct9Gx/EEvDq//kuP +KlOD41CCBgn8Kvr+lKB7f8I+Cz7ccriUEAoLkP1FdimFUr8PIEN4/jvTSSCPmqUM +ibsOl/JnsC3wF1MlpptLZA5yir/J445Bu+3zM2pVX41ShPqjZxp7cfuQ8V9h30Tq +C3eI8uXBg3FYx1iKmzlFWU7g2xa2lnKQjO7CE3XqFcZr4tw63sgH3hiELZa2xEzh +Sk0Tb2yaHeX5b8x+G0o6dRq5N7BtoBtpNfG25sKl01bTV8cOiwIDAQABoEowSAYJ +KoZIhvcNAQkOMTswOTA3BgNVHREEMDAuggxkc29jbGFiLW1pc3CCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAdn/gw4DW +EuPNCWcDYqlXVmwo0a0Enf5awha/1A9IxU22Tl4jv7KOb+SFRRy6d2UURGP+12EB +iUq7e27L9byhs2gR9xXrw4CQlLjZ7egRg4a6fW1YeL2gKU68PvppOyMGxxH0saCL +LmAM5N8ClvujX8wvLudCXu/NNrsBwQGaQ5CXtysYXrV7FyHwkO7FP2CTbvGbyYj/ +WJT8g3P4RM3PKd7+7+mmNoqKCOySj1gnB6xEn0iPoBWRRcC/2SlyUXi6idG45C0p +G04CKFxHJHn2x2nV+3Ym/1ctCTaxg5tGTrZ7Mw3Fkp2QGsmlQuq8ukeO0wTMJlyt +41DA9acx/R0vAg== +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-nifi-1.req b/roles/ca/files/CA/reqs/dsoclab-nifi-1.req new file mode 100644 index 0000000..6984cbb --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-nifi-1.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1uaWZpLTEwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDr++3oZVHX1XqfujW/dXjGWguch+QYqh5 +dtjS9lHfcYA3Wux9+214bjf+5RvI1XPkyaXL6EpIJsbgpl4ULJCxgbJpMeJEhZf1 +YBKIBp2Nz0qid7PZ//NBQEwh4XONmIIvNycMJNhnvccFUEDFqdDkP7sMcil8vgYB +lgO4oELEb2/aqhc0X17zcw53tXqaWeM80TlQFy9TGAWCNCkbGVYuwtskeVEPqNlm +PHIeoPcD1unlxrm+lOSEvc2TJus7F7vN5Vgl8ig1pLFw3zJUhfY8IJ+Ii12DosQe +Mdmhdh0uPPh4ZKTdOrJWZb+oKqjtYsliLHK9nX5rH4DqvDNgR9MPAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWItbmlmaS0xgh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAHM0 +gTZ4mCfbnMSSETTVJM90A9LvYRYegrDd9iiyrHnA1ybJh4wfvmKYq1UfD04Q/wT5 +MT5ebLiCOtnicU1XtZIOdqVjrdHgYh5AiNuqGfWPTJ5714XtUfuV0U47iGgs8OtV +W0C+DvWOm2v5xMs66QIMZRJObXiNjz/5NnigHAf0eyKj+fkmfB7oW3O28vD9drPk +WCZYRFOTxEviwWAgapI5JCmlpvAu61gljYEDJhk7x+l2obOxEt1ibTJoobQCSt5U +BF2ZBNI/nAKz6pQhj1bW25Gc5o2QM5bkv7uIzjHMprgGMKnJnbBZjEBdHKRxv7n7 +Pa0EZRioaWxc7VVDYbM= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-nifi-2.req b/roles/ca/files/CA/reqs/dsoclab-nifi-2.req new file mode 100644 index 0000000..31f0180 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-nifi-2.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1uaWZpLTIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCst0vi1Yd/jhWbz8AX69uM4xuDwGm5BpGg +m8Y13C/ojHIoUAKCxbHr2tnjnZXS2d3hCDVtg3OVmLoZ/T4EZ5oJN0V50x0L7ApD +y7gkzGhczi6u20jYblrzMb6HKIZ2jo+NaJUfcmxlSvyeuH3ig+I9sDBdwXMGrpv3 +mlS4AmuCkBEIP9ZfWVzfqiVZwGd6/OHwyUqL4DG2UxPCv4xPOubtETCmQSatVo8D +C62HbLJzxC5BPpkatilt4Nyvj0Vu1WkXDfFYpn6MgDJyJCHS6bREI/YQj59kf+/m +q/FDlNCKlw7kkb2GuR9C9JY5hQUm7ZABkRGjHwRbRv8bqXR32xgDAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWItbmlmaS0ygh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAG7p +jsz6CmL0Am6fDwlnBWML8EMgYcBhhFyiemX+6hrGxZLeTXCfFn/rSKpA8oDTfNyf +OK2BceBxePb4JJDzqkH3lAdqsuEqByJMnUQfEpLHEorXl1CN2iMaQ4F/1aX7H2g4 +dwtdYcHD/vsBu9bP3q4FM+SKE6GHcpgM+R6gyJ/yRhSWO2pmdbxSGM7MWRHc9XBz ++8kJNwhraGqNRYlwruCFxtqL3iMyMzz0x9QS4To1T/klybmCxZ+JJaFTdZtD5fFa +aL1/PoTJUl01ycxiL8nS0vVwh/UyFe/9c2z2OnUdJo2rsKp8NHRnHpkm8SfxYy/D +J2jaavn1ViQDB7T8OUc= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-nifi-3.req b/roles/ca/files/CA/reqs/dsoclab-nifi-3.req new file mode 100644 index 0000000..be09de6 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-nifi-3.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1uaWZpLTMwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnSKDTqx6MSWCLuL2aqlwJYgF5icnlXzBk +OMrxlS1IIIHvYKpv0e+0rImO6fUWfWQHsDt1w+HhFXFkYI8VjhaL3riXeaeDGXdb +qjaCN7lRp5W1H6ydgcbs+xQ6hHcenN08BjChXtCPsMlaE60OVle8HT++10xLN6KI +ck0aYogIoFe7IM5+r7dy8u6GGrEoO0H00+oUdJDhM0EakuIu7NMgYGBh1vwOP1dD +iF8QKSBRQEbtXZ/RWudLUvTUI2BKIqeSbNTLIAGmuVNxenEC4QVyQaVCn0FHLDB+ +DLFzzPdjYCc/PTaTFKp+Eu0b8ctN6HwyIFD1LX0GCpPPeoUrC6axAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWItbmlmaS0zgh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAKKZ +4Wy4xgX3E+O7mrt791MpRJTTl4qE0bgn54Y7Pzz2Do3SNeC7OpCtFHAVVfGDjpKY +vac+9+rtdn21ttT7IjwOIao2vKUdxzbLhqM5onUDQmattCqvh5ewMtH4rVfbKg4C +S7MlCb9tezg8zBx6T9ZO7eoTcIZwnS6jEoRhNABb1D46AAfEkW/4psXUpJ/e1Vv8 +UFt+mGqLIzZ2MLwINv7RM5koCEw/9WU4haEjJWvvTLmXVedV3eDidJCFQrNwRF68 +/VHLs21e+lZK7t0wAWGf/tzQOTzgy1AydtMI1cpRVFV1OcjEvSwjZProAVNjqBoq +CHJSL39w3B0+e51cKUo= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-odfe-1.req b/roles/ca/files/CA/reqs/dsoclab-odfe-1.req new file mode 100644 index 0000000..c680ab2 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-odfe-1.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1vZGZlLTEwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlRvZxzqI/YV6b88ZhiIeZCqy46J08X4xg +K0FbNvs5Cm+hFgIxrA29Dv+VWdjxIWu9ltZ7eQHRZRzKCSJQMAHq7bQpv7RwJduz +Helz7WOTAkyQIgRtMXQxroU8Eo2z9pIv3nV1j8ql8qISlPvoczA38Xy1TlmrcXMm +gJpGjUmUsAnlJxA0ncBTO/p3LgbAc44Pmh6MJzIM6/LSDKdSSMbuEiEV40UwiYFj +f78KW9EFyBz8X7u4giqSOzquGZ3pp2J8CvLCKuao1JsKqKJa7OWjGnPggz3S6HSp +C7DksP3+rR5X6A0gfKofMWm1DYw/HI3c03Fb8QRqrrktqL4oEfVLAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWItb2RmZS0xgh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAKzr +ygHDc8j5mTfhtfsRGfnEGfZiLYCV6YGBDazc+JaQiKzRXb5FWWTPbWZ0EtiQyVJA +J/yfkRQug6qQKLaNa22br7iP1LrPu0xQD6uTH9FgYu6J9YyfibBb0aav8em10JGQ +fdW7AmpLRwdLVii+DwJURcd5GEBBYyRPJzwloQmktPoBsnQ1EATqcStasE6AVoGu +1h2jlb6amEGJzUIe22CDuYs0SO5wHrn/t32EC4sub1I+jjmbiLo0r7uku1JAHT/C +wL19wSfauW079sNjgBPgJkFbjIW8lC4VQe8X0YmCXT/d6dqsPc3mJPK3AojYZGaM +Df8uQI9AQthiaGo1Yr8= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-odfe-2.req b/roles/ca/files/CA/reqs/dsoclab-odfe-2.req new file mode 100644 index 0000000..e97a639 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-odfe-2.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICqjCCAZICAQAwGTEXMBUGA1UEAwwOZHNvY2xhYi1vZGZlLTIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHpeE/4KMiafG0FV65PNvXRLvZx2mUW8F9 +ozRNPogK4o8u05iUrrQfSaP9SycWcKsDq81MAip77Tr/SUkuO4j2WYUm3je0R54c +vqM4jrAia8rFEuW+QJxXek0CDNsTxZ3Shd+ZVzKQN1QIFkYBVNoMdzFjOUYniD/0 +rU7m/Qo+nZiaU5iQvpvu47KRx38/obli+HoezLQj7YKgXK2Ge1BTyexXBEQcEvYz +P2hC+LcvJZEcqrDfF2vtbcxtp9a3B2thpRZRnwIHrbJCQsoLsS7BbpQtPl6ISI+2 +ixWwSI41WOq1kJz7Wvr1xye3ETB6yzZ8T+pSAEdA6fDKZ2My4DNzAgMBAAGgTDBK +BgkqhkiG9w0BCQ4xPTA7MDkGA1UdEQQyMDCCDmRzb2NsYWItb2RmZS0ygh5kc29j +bGFiLmduNC0zLXdwOC1zb2Muc3VuZXQuc2UwDQYJKoZIhvcNAQELBQADggEBAA0a +Y6OxjtMpOkPMMTCOeMniiS4yzTxgfWe4ky6wOGE0E7ZXuQgb58CypGd7vJuUJvv2 +scIov+MH65NqswlHXoENSi1j042gc9+ce/Jr1MsLMwVW0JaY2fb5uxj8oi2GTcyF +ldcLvD6Ga/zCcyttkMy3zidOlWUd0VsMJFyQl+N9BaiUOoNP3M0ux22FQ0a6OcG4 +GlsD0w59dx/jYKlmp0eKFQ7ogaYWu3O2X+BFMigGFq2rISd57WdEZk+K8ZGazNW8 +li3076e1DflticRO/uy7q9xzvuLFlfSFLoQgem8Zp9CgNJYfa/QVnfVQH7iZLm2K +8AHzPPLphDavqr2iy5o= +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/reqs/dsoclab-thehive.req b/roles/ca/files/CA/reqs/dsoclab-thehive.req new file mode 100644 index 0000000..1bcb046 --- /dev/null +++ b/roles/ca/files/CA/reqs/dsoclab-thehive.req @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwGjEYMBYGA1UEAwwPZHNvY2xhYi10aGVoaXZlMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusVNIKRgt2Eh7Rahb3LE3qEAwO/8XaGJ +NAcV0rQ6FLiVdY6BcUlGHciBy/Hsx1oS9olg5MiYGmHILRKPc+74nYi1fzBwlym0 +q0Mt3NunEEfHtSabEYX70yePOlW86ngXuIkQo6QQYDnDf0Ilqf6Efzhe9D3DmD1W +ubqBBlWNZRLwTiOIHZgML25PZ/1OZzmRuQFSEqqeu3rI6o9KLRj4aZo6oMhu497G +275MWeDPvDRPLLDvPoJa32i+uPvMX2ryPmbUxsX2C2fpZIUVh2Bv3LRbE2+wm/jz +2sGRnoFfFsqeFAHBHM4q08g8D76xN6rJCGgr3vlEbB6QpBK89TxGvQIDAQABoE0w +SwYJKoZIhvcNAQkOMT4wPDA6BgNVHREEMzAxgg9kc29jbGFiLXRoZWhpdmWCHmRz +b2NsYWIuZ240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEA +SrEnsOQ1zqalbv8SBBMBhRXlrKH74UUc8uhwqS9peQv0ILmJQqZ2FZx3HRyRcM2X +30qhiND97sMs0H1D4ViDAk5lScX4LNCgPx7YhAVtxXAR8Y1An47GQHF2ln1veRGo +UJ6kZO0VTnf0TSWAbEv2EwHIT6GsRiWv9xDebrtRByZXWEJF2z/PkAMfXOaYHu+9 +ZHc7oyHm06/iN9bC7n6dfPSq+odfuYKYc90Bc5pS/bOLZuUCNuWS8fZ1QdtaTAdK +FGms4qBL3IIWWrKzxGBtCa0B/fvCrqrNENaE0J5In2nYiobU2A8wdAb3qCrMHsDW +sXrXrXiWYjb0jUyMIOsKhg== +-----END CERTIFICATE REQUEST----- diff --git a/roles/ca/files/CA/safessl-easyrsa.cnf b/roles/ca/files/CA/safessl-easyrsa.cnf new file mode 100644 index 0000000..936ba8b --- /dev/null +++ b/roles/ca/files/CA/safessl-easyrsa.cnf @@ -0,0 +1,140 @@ +# For use with Easy-RSA 3.1 and OpenSSL or LibreSSL + +RANDFILE = roles/ca/files/CA/.rnd + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = roles/ca/files/CA # Where everything is kept +certs = roles/ca/files/CA # Where the issued certs are kept +crl_dir = roles/ca/files/CA # Where the issued crl are kept +database = roles/ca/files/CA/index.txt # database index file. +new_certs_dir = roles/ca/files/CA/certs_by_serial # default place for new certs. + +certificate = roles/ca/files/CA/ca.crt # The CA certificate +serial = roles/ca/files/CA/serial # The current serial number +crl = roles/ca/files/CA/crl.pem # The current CRL +private_key = roles/ca/files/CA/private/ca.key # The private key +RANDFILE = roles/ca/files/CA/.rand # private random number file + +x509_extensions = basic_exts # The extentions to add to the cert + +# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA +# is designed for will. In return, we get the Issuer attached to CRLs. +crl_extensions = crl_ext + +default_days = 1080 # how long to certify for +default_crl_days= 180 # how long before next CRL +default_md = sha256 # use public key default MD +preserve = no # keep passed DN ordering + +# This allows to renew certificates which have not been revoked +unique_subject = no + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_anything + +# For the 'anything' policy, which defines allowed DN fields +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +name = optional +emailAddress = optional + +#################################################################### +# Easy-RSA request handling +# We key off $DN_MODE to determine how to format the DN +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +default_md = sha256 +distinguished_name = cn_only +x509_extensions = easyrsa_ca # The extentions to add to the self signed cert + +# A placeholder to handle the $EXTRA_EXTS feature: +#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it + +#################################################################### +# Easy-RSA DN (Subject) handling + +# Easy-RSA DN for cn_only support: +[ cn_only ] +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = ChangeMe + +# Easy-RSA DN for org support: +[ org ] +countryName = Country Name (2 letter code) +countryName_default = US +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = California + +localityName = Locality Name (eg, city) +localityName_default = San Francisco + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Copyleft Certificate Co + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = My Organizational Unit + +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = ChangeMe + +emailAddress = Email Address +emailAddress_default = me@example.net +emailAddress_max = 64 + +#################################################################### +# Easy-RSA cert extension handling + +# This section is effectively unused as the main script sets extensions +# dynamically. This core section is left to support the odd usecase where +# a user calls openssl directly. +[ basic_exts ] +basicConstraints = CA:FALSE +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always + +# The Easy-RSA CA extensions +[ easyrsa_ca ] + +# PKIX recommendations: + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +# This could be marked critical, but it's nice to support reading by any +# broken clients who attempt to do so. +basicConstraints = CA:true + +# Limit key usage to CA tasks. If you really want to use the generated pair as +# a self-signed cert, comment this out. +keyUsage = cRLSign, keyCertSign + +# nsCertType omitted by default. Let's try to let the deprecated stuff die. +# nsCertType = sslCA + +# CRL extensions. +[ crl_ext ] + +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + diff --git a/roles/ca/files/CA/serial b/roles/ca/files/CA/serial new file mode 100644 index 0000000..a09a0c3 --- /dev/null +++ b/roles/ca/files/CA/serial @@ -0,0 +1 @@ +A7217943DDD1145BC6F68CBA362CB35C diff --git a/roles/ca/files/CA/serial.old b/roles/ca/files/CA/serial.old new file mode 100644 index 0000000..5762571 --- /dev/null +++ b/roles/ca/files/CA/serial.old @@ -0,0 +1 @@ +a7217943ddd1145bc6f68cba362cb35b diff --git a/roles/ca/files/truststore/SOCTOOLS-CA.crt b/roles/ca/files/truststore/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/ca/files/truststore/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/ca/files/truststore/cacerts.jks b/roles/ca/files/truststore/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/ca/tasks/main.yml b/roles/ca/tasks/main.yml index e851761..6ca350a 100644 --- a/roles/ca/tasks/main.yml +++ b/roles/ca/tasks/main.yml @@ -1,18 +1,8 @@ --- -- name: Create secret directory - file: - path: "{{playbook_dir}}/{{item}}" - state: directory - loop: - - secrets - - secrets/certificates - - secrets/tokens - - secrets/passwords - - name: Check for existing CA folder stat: - path: "{{playbook_dir}}/secrets/CA" + path: roles/ca/files/CA register: capath - name: build ca root key and cert @@ -24,19 +14,27 @@ environment: EASYRSA_BATCH: 1 EASYRSA_REQ_CN: "{{ ca_cn }}" - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA when: not capath.stat.exists +- name: Copy cert to truststore + copy: + src: roles/ca/files/CA/ca.crt + dest: "roles/ca/files/truststore/{{ ca_cn }}.crt" + - name: Remove previous truststore file: - path: '{{playbook_dir}}/secrets/CA/cacerts.jks' + path: roles/ca/files/truststore/cacerts.jks state: absent - name: Generate truststore command: > - docker run --rm -v {{playbook_dir}}/secrets/CA/:/opt/cafiles/:z + docker run --rm -v {{role_path}}/files/truststore/:/opt/cafiles/:z "{{repo}}/openjdk:{{version}}{{suffix}}" keytool -import -noprompt -trustcacerts - -alias "{{ ca_cn }}" -file "/opt/cafiles/ca.crt" -keystore /opt/cafiles/cacerts.jks -storepass "{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}" + -alias "{{item}}" -file "/opt/cafiles/{{item}}.crt" -keystore /opt/cafiles/cacerts.jks -storepass "{{tspass}}" + with_items: + - "{{ ca_cn }}" + #- GN43WP8T31_CA - name: Check for existing host certificates command: roles/ca/files/easyrsa/easyrsa show-cert {{item}} @@ -49,17 +47,16 @@ - "{{ groups['thehive'] }}" - "{{ groups['cortex'] }}" - "{{ groups['haproxy'] }}" - - "filebeat" environment: EASYRSA_BATCH: 1 - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA register: hostcerts ignore_errors: true - name: Generate host certificates command: > roles/ca/files/easyrsa/easyrsa - --subject-alt-name="DNS:{{item}},DNS:{{soctoolsproxy}}" + --subject-alt-name="DNS:{{item}},DNS:{{dslproxy}}" build-serverClient-full {{item}} nopass with_items: - "{{ groups['nificontainers'] }}" @@ -70,10 +67,9 @@ - "{{ groups['thehive'] }}" - "{{ groups['cortex'] }}" - "{{ groups['haproxy'] }}" - - "filebeat" environment: EASYRSA_BATCH: 1 - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA ignore_errors: true loop_control: index_var: my_idx @@ -97,7 +93,7 @@ expect: command: roles/ca/files/easyrsa/easyrsa export-p12 {{item}} responses: - Enter Export Password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/keystore')}}" + Enter Export Password: "{{kspass}}" with_items: - "{{ groups['nificontainers'] }}" - "{{ groups['odfeescontainers'] }}" @@ -108,7 +104,145 @@ - "{{ groups['mispcontainers'] }}" environment: EASYRSA_BATCH: 1 - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA + +- name: Copy nifi host certs to nifi role + copy: + src: roles/ca/files/CA/private/{{item}}.p12 + dest: roles/nifi/files/{{item}}.p12 + with_items: + - "{{ groups['nificontainers'] }}" + +- name: Copy odfees host certs to odfees role + copy: + src: roles/ca/files/CA/private/{{item}}.p12 + dest: roles/odfees/files/{{item}}.p12 + with_items: + - "{{ groups['odfeescontainers'] }}" + +- name: Copy odfekibana host p12 certs to odfekibana role + copy: + src: roles/ca/files/CA/private/{{item}}.p12 + dest: roles/odfekibana/files/{{item}}.p12 + with_items: + - "{{ groups['odfekibanacontainers'] }}" + +- name: Copy cortex host p12 certs to cortex role + copy: + src: roles/ca/files/CA/private/{{item}}.p12 + dest: roles/cortex/files/{{item}}.p12 + with_items: + - "{{ groups['cortex'] }}" + +- name: Copy odfekibana host certs to odfekibana role + copy: + src: roles/ca/files/CA/issued/{{item}}.crt + dest: roles/odfekibana/files/{{item}}.crt + with_items: + - "{{ groups['odfekibanacontainers'] }}" + +- name: Copy odfekibana host keys to odfekibana role + copy: + src: roles/ca/files/CA/private/{{item}}.key + dest: roles/odfekibana/files/{{item}}.key + with_items: + - "{{ groups['odfekibanacontainers'] }}" + +- name: Copy haproxy host cert to haproxy role + copy: + src: roles/ca/files/CA/issued/{{item}}.crt + dest: roles/haproxy/files/{{item}}.crt + with_items: + - "{{ groups['haproxy'] }}" + +- name: Copy haproxy host key to haproxy role + copy: + src: roles/ca/files/CA/private/{{item}}.key + dest: roles/haproxy/files/{{item}}.key + with_items: + - "{{ groups['haproxy'] }}" + +- name: Copy keycloak host certs to keycloak role + copy: + src: roles/ca/files/CA/issued/{{item}}.crt + dest: roles/keycloak/files/{{item}}.crt + with_items: + - "{{ groups['keycloakcontainers'] }}" + +- name: Copy keycloak host keys to keycloak role + copy: + src: roles/ca/files/CA/private/{{item}}.key + dest: roles/keycloak/files/{{item}}.key + with_items: + - "{{ groups['keycloakcontainers'] }}" + +- name: Copy misp host certs to misp role + copy: + src: roles/ca/files/CA/issued/{{item}}.crt + dest: roles/misp/files/{{item}}.crt + with_items: + - "{{ groups['mispcontainers'] }}" + +- name: Copy misp host keys to misp role + copy: + src: roles/ca/files/CA/private/{{item}}.key + dest: roles/misp/files/{{item}}.key + with_items: + - "{{ groups['mispcontainers'] }}" + +- name: Copy thehive host cert to thehive role + copy: + src: roles/ca/files/CA/issued/{{item}}.crt + dest: roles/thehive/files/{{item}}.crt + with_items: + - "{{ groups['thehive'] }}" + +- name: Copy thehive host key to thehive role + copy: + src: roles/ca/files/CA/private/{{item}}.key + dest: roles/thehive/files/{{item}}.key + with_items: + - "{{ groups['thehive'] }}" + +- name: Copy cortex host cert to cortex role + copy: + src: roles/ca/files/CA/issued/{{item}}.crt + dest: roles/cortex/files/{{item}}.crt + with_items: + - "{{ groups['cortex'] }}" + +- name: Copy cortex host key to cortex role + copy: + src: roles/ca/files/CA/private/{{item}}.key + dest: roles/cortex/files/{{item}}.key + with_items: + - "{{ groups['cortex'] }}" + +- name: Copy truststore to roles + copy: + src: roles/ca/files/truststore/cacerts.jks + dest: "roles/{{item}}/files/cacerts.jks" + with_items: + - nifi + - odfees + - odfekibana + - keycloak + - misp + - cortex + - thehive + +- name: Copy ca cert to roles + copy: + src: "roles/ca/files/truststore/{{ ca_cn }}.crt" + dest: "roles/{{item}}/files/{{ ca_cn }}.crt" + with_items: + - nifi + - odfees + - odfekibana + - keycloak + - misp + - thehive + - cortex - name: Check for existing user certificates command: roles/ca/files/easyrsa/easyrsa show-cert {{item.CN | regex_escape()}} @@ -116,7 +250,7 @@ - "{{soctools_users}}" environment: EASYRSA_BATCH: 1 - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA register: usercerts ignore_errors: true @@ -126,7 +260,7 @@ - "{{soctools_users}}" environment: EASYRSA_BATCH: 1 - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA ignore_errors: true loop_control: index_var: my_idx @@ -136,17 +270,24 @@ expect: command: roles/ca/files/easyrsa/easyrsa export-p12 "{{item.CN}}" responses: - Enter Export Password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/{{item.CN}}')}}" + Enter Export Password: "{{item.password}}" with_items: - "{{soctools_users}}" environment: EASYRSA_BATCH: 1 - EASYRSA_PKI: "{{playbook_dir}}/secrets/CA" + EASYRSA_PKI: roles/ca/files/CA + +- name: Copy user certs to odfees + copy: + src: "roles/ca/files/CA/private/{{ item.CN }}.p12" + dest: "roles/odfees/files/{{ item.CN }}.p12" + with_items: + - "{{soctools_users}}" -- name: Copy user certs to certificates +- name: Copy user certs to odfekibana copy: - src: "{{playbook_dir}}/secrets/CA/private/{{ item.CN }}.p12" - dest: "{{playbook_dir}}/secrets/certificates/{{ item.CN }}.p12" + src: "roles/ca/files/CA/private/{{ item.CN }}.p12" + dest: "roles/odfekibana/files/{{ item.CN }}.p12" with_items: - "{{soctools_users}}" diff --git a/roles/cassandra/tasks/main.yml b/roles/cassandra/tasks/main.yml index f26e13b..7912910 100644 --- a/roles/cassandra/tasks/main.yml +++ b/roles/cassandra/tasks/main.yml @@ -1,17 +1,28 @@ --- -- include: start.yml +- name: Configure Cassandra + template: + src: cassandra.yaml.j2 + dest: /usr/share/cassandra/conf/cassandra.yaml tags: - - start -- include: stop.yml + - start + +- name: Start Cassandra + command: "/start.sh" tags: - - stop - - stop-cassandra -- include: update-config.yml + - start + +- name: Wait for Cassandra + wait_for: + host: "{{groups['cassandra'][0]}}" + port: 9042 + state: started + delay: 5 tags: - - update-config - - update-cassandra-config -- include: restart.yml + - start + +- name: Stop Cassandra + command: "pkill -SIGTERM -F /var/run/cassandra/cassandra.pid" tags: - - restart - - restart-cassandra + - stop + diff --git a/roles/cassandra/tasks/restart.yml b/roles/cassandra/tasks/restart.yml deleted file mode 100644 index b6e575b..0000000 --- a/roles/cassandra/tasks/restart.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Restart Cassandra - remote_user: root - command: "supervisorctl restart cassandra" - diff --git a/roles/cassandra/tasks/start.yml b/roles/cassandra/tasks/start.yml deleted file mode 100644 index 1018944..0000000 --- a/roles/cassandra/tasks/start.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -- name: Configure Cassandra - remote_user: cassandra - template: - src: cassandra.yaml.j2 - dest: /usr/share/cassandra/conf/cassandra.yaml - -- name: Start Cassandra - remote_user: root - command: "supervisorctl start cassandra" - -- name: Wait for Cassandra - remote_user: root - wait_for: - host: "{{groups['cassandra'][0]}}" - port: 9042 - state: started - delay: 5 - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' - - diff --git a/roles/cassandra/tasks/stop.yml b/roles/cassandra/tasks/stop.yml deleted file mode 100644 index 29742c7..0000000 --- a/roles/cassandra/tasks/stop.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Stop Cassandra - remote_user: root - command: "supervisorctl stop cassandra" - diff --git a/roles/cassandra/tasks/update-config.yml b/roles/cassandra/tasks/update-config.yml deleted file mode 100644 index ceb0b60..0000000 --- a/roles/cassandra/tasks/update-config.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- - -- name: Configure Cassandra - remote_user: cassandra - template: - src: cassandra.yaml.j2 - dest: /usr/share/cassandra/conf/cassandra.yaml - -- name: Wait for Cassandra - remote_user: root - wait_for: - host: "{{groups['cassandra'][0]}}" - port: 9042 - state: started - delay: 5 diff --git a/roles/cortex/files/SOCTOOLS-CA.crt b/roles/cortex/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/cortex/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/cortex/files/cacerts.jks b/roles/cortex/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/cortex/files/cortexsecret b/roles/cortex/files/cortexsecret new file mode 100644 index 0000000..3119d12 --- /dev/null +++ b/roles/cortex/files/cortexsecret @@ -0,0 +1,3 @@ +{ + "value" : "06ca9734-9621-4c6d-bb04-8ee68e028dd9" +} \ No newline at end of file diff --git a/roles/cortex/files/dsoclab-cortex.crt b/roles/cortex/files/dsoclab-cortex.crt new file mode 100644 index 0000000..a743bd0 --- /dev/null +++ b/roles/cortex/files/dsoclab-cortex.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 5d:c4:bc:49:5f:a0:76:a8:13:a4:c2:32:61:64:0d:92 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-cortex + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cd:09:6b:14:33:4a:47:75:5b:d3:d9:67:3b:4d: + ad:1f:a7:1f:33:ab:86:b1:aa:3b:09:ab:1a:a6:fb: + a0:60:04:e3:68:33:0e:85:54:d1:70:61:8a:b9:d5: + d6:b5:6c:c2:b3:36:02:94:b7:1d:18:93:5f:88:81: + ff:2a:f4:99:58:6d:d7:96:e2:d2:64:77:b9:74:44: + 3c:f0:fb:5b:0f:43:7d:38:5d:fe:b0:db:05:7a:a9: + c5:10:24:75:13:c8:2d:da:69:be:e3:43:33:f0:28: + 30:9a:53:f8:f8:d3:10:32:35:ec:1d:87:ab:1e:2c: + b5:00:7c:9f:8f:61:e0:5d:56:15:8c:46:45:09:78: + 02:78:10:c0:af:2f:25:6c:c2:5b:ed:5f:c1:33:0b: + f8:c8:13:dc:df:c3:fc:05:90:ff:06:9e:cb:bc:1d: + 2b:c2:57:f2:bd:aa:22:b3:4b:f5:ca:b2:b8:00:18: + f1:14:10:b8:5e:69:9f:ed:fc:04:83:d9:2e:b7:9a: + 8a:45:1c:54:71:8f:61:02:6a:8a:84:2f:67:df:92: + 3a:0c:5f:e5:b6:e7:6c:27:69:1f:5b:06:d6:7f:e6: + df:ab:2f:31:a5:cd:63:32:60:c0:07:50:6c:0d:39: + cb:68:ae:3c:b2:da:0f:20:06:77:2c:28:ab:3a:30: + 92:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 9A:0E:E1:26:13:A7:12:5F:A4:F1:41:C0:09:FC:AD:EB:4E:66:C2:50 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-cortex, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 27:2e:a1:0c:8d:fb:b1:36:ff:4e:ac:00:91:75:81:4b:20:79: + 3f:da:1c:e1:80:b9:8c:6b:60:47:a5:8c:bf:1f:34:98:61:95: + 00:bb:79:d4:9e:c8:fb:dc:fb:6a:48:b2:69:d1:1a:04:cc:52: + ca:0b:48:01:3e:94:1e:68:0b:e3:4d:fa:12:c4:aa:ff:b6:5b: + 0c:3c:80:21:fe:50:87:8a:14:3a:7d:e7:a3:5e:b6:dc:22:ba: + cc:97:69:00:a8:78:08:dd:66:d1:cb:ca:28:41:b9:cc:8a:6b: + 7c:40:b7:5e:1d:a1:88:5a:b3:fd:18:77:e9:c4:48:fd:38:8f: + 06:6e:78:0e:f1:1a:1b:b2:6c:0a:df:38:11:e3:5a:3d:2a:5b: + de:41:63:14:ab:25:8e:a6:9f:a8:b7:32:9e:dc:23:45:f3:6b: + 6d:86:b7:17:b3:53:df:55:bd:cb:41:a1:b7:73:ae:21:1b:68: + b3:b1:0a:e5:e6:0c:2a:77:76:23:f3:87:ee:5f:0e:6d:cd:3b: + 94:9a:6f:f2:fd:4f:2d:72:a3:21:94:55:c0:4a:6c:2b:13:e3: + 82:13:a5:1f:82:6b:ae:6e:e2:ec:eb:7a:25:6a:f2:9e:45:d7: + 0a:7d:75:be:9d:f7:94:6f:ce:a5:27:d6:9b:dc:d2:12:54:64: + 09:c4:f6:a9 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQXcS8SV+gdqgTpMIyYWQNkjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBkxFzAVBgNVBAMMDmRzb2NsYWItY29ydGV4MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAzQlrFDNKR3Vb09lnO02tH6cfM6uGsao7Casapvug +YATjaDMOhVTRcGGKudXWtWzCszYClLcdGJNfiIH/KvSZWG3XluLSZHe5dEQ88Ptb +D0N9OF3+sNsFeqnFECR1E8gt2mm+40Mz8CgwmlP4+NMQMjXsHYerHiy1AHyfj2Hg +XVYVjEZFCXgCeBDAry8lbMJb7V/BMwv4yBPc38P8BZD/Bp7LvB0rwlfyvaois0v1 +yrK4ABjxFBC4Xmmf7fwEg9kut5qKRRxUcY9hAmqKhC9n35I6DF/ltudsJ2kfWwbW +f+bfqy8xpc1jMmDAB1BsDTnLaK48stoPIAZ3LCirOjCSGwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFJoO4SYTpxJfpPFBwAn8retOZsJQMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1jb3J0ZXiCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEAJy6hDI37 +sTb/TqwAkXWBSyB5P9oc4YC5jGtgR6WMvx80mGGVALt51J7I+9z7akiyadEaBMxS +ygtIAT6UHmgL4036EsSq/7ZbDDyAIf5Qh4oUOn3no1623CK6zJdpAKh4CN1m0cvK +KEG5zIprfEC3Xh2hiFqz/Rh36cRI/TiPBm54DvEaG7JsCt84EeNaPSpb3kFjFKsl +jqafqLcyntwjRfNrbYa3F7NT31W9y0Ght3OuIRtos7EK5eYMKnd2I/OH7l8Obc07 +lJpv8v1PLXKjIZRVwEpsKxPjghOlH4Jrrm7i7Ot6JWrynkXXCn11vp33lG/OpSfW +m9zSElRkCcT2qQ== +-----END CERTIFICATE----- diff --git a/roles/cortex/files/dsoclab-cortex.key b/roles/cortex/files/dsoclab-cortex.key new file mode 100644 index 0000000..827da54 --- /dev/null +++ b/roles/cortex/files/dsoclab-cortex.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNCWsUM0pHdVvT +2Wc7Ta0fpx8zq4axqjsJqxqm+6BgBONoMw6FVNFwYYq51da1bMKzNgKUtx0Yk1+I +gf8q9JlYbdeW4tJkd7l0RDzw+1sPQ304Xf6w2wV6qcUQJHUTyC3aab7jQzPwKDCa +U/j40xAyNewdh6seLLUAfJ+PYeBdVhWMRkUJeAJ4EMCvLyVswlvtX8EzC/jIE9zf +w/wFkP8Gnsu8HSvCV/K9qiKzS/XKsrgAGPEUELheaZ/t/ASD2S63mopFHFRxj2EC +aoqEL2ffkjoMX+W252wnaR9bBtZ/5t+rLzGlzWMyYMAHUGwNOctorjyy2g8gBncs +KKs6MJIbAgMBAAECggEAIdhGJqV4w2bp64Rdd/qQc0Mg8WSE7VrOOABYe+vZQ0BL +UW3sHbIsiEJxpc9Yi8YSNYba0jWPxfi9skjTGAIcNe6bwbpbRF5G7Jw++wBivZhE +WUOawRLGSsMvVkTOVp+agg0mh1kWf7QCodbuqBQe/krMWOuGIYr7rcLki8R6Rq2d +WuW8Kf697ciklh/6cyy1J6axe1LNT906lYvyRock246KbN517wWw7/fu47Mb2fdC +U6beFxbmbc5vk4lrViE7gSNkY97Vr/uXW9xlyRzvpNJuzZrm00CgNF1MnOnwf3l1 +k8kc63RMkUJGVWcxo5ubzLXpv4CnnmUNPfaSx+CeUQKBgQDuUT8JOu2vfzAC2VOQ +OfKR4NgMQ8fnK6T67zpLDeNUAGW+hBi62ewD8xxRse0j/rWXgvADBE1GplPXicZI +Q0o0VgIiL3NFQgCP7rvtPGE9VQXHYgd+ULKCHcPEBwonlbAhiHSwVnBqSFoqWdj+ +SHiBn4AD1ARoD6WSEVi3X6UU/QKBgQDcQATvzbbcr41vQHm9u1O7v0slk306A4yY +ItXk+GbtLEoLAiLy7n0REKybZAzniuLCDAQ1h1bWLkqRle26XqVfg3YaxGpoJODy +gPgr2Hi4Y/lcFrwRThUHEu8eaUWVRtY3B9Rgi5VjLVqydgI3/AFWdlzIVkhBeN0w +MOtKdEg69wKBgG+wD/TJcz8+QkfzhiAfqDkJwPbuhS8n2yfnGdC274UcspI44kYf +f2bSdsEqu9KUupIJQWaIi5bCuKRY415Wet5QOKvAxSr+JblOzy/9jizqPc0VeiGO +vDoSrP6ftfibRHJSuy0xNXn58pfKh9GUMTW+hIZGxNHoE1aDXqqB3qIZAoGBAIIc +A46SDLNDtZ6CDSjrD6T6dW8GONTboeOBuK+hmlQDdN4Z7gFqp1E8c2r8aK8jmZ8e +MCJbCA5QnFZyplQRc0oAQ/W+EEnjd0tqqrBkGbR7wqQG/iSO5tcd9UoW0DdF+Gfb +5Tb/XkmPUmPYWKkv4q5sD5V9ewPKXYgJbgW2ubCzAoGACfaFTBM3zZ2rqjJUk8+F +fGcuDeh/ZFk4MgcN5nbdKHwyXDhBlUY1FzLZlKi5J1lRyTInZUP8KYnXogw757Md +oa5wPlnw0a6VSHX1ZZUwa0yz1Rrv5M5CA4vyNBENCaHELKLoRWwbAook1gFie6cV +nrCXNbsWttgWkzqLDWkPT5M= +-----END PRIVATE KEY----- diff --git a/roles/cortex/files/dsoclab-cortex.p12 b/roles/cortex/files/dsoclab-cortex.p12 new file mode 100644 index 0000000000000000000000000000000000000000..252b3e7ef466cf7a4090ab3d5c551bd8dcaf5e5f GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#aTyiR9(y|32OiUaM4NdF`^3v+fOukvCq+fAX zxwrpy-L%(J+a#$?@WjvS3qNVdxRoDP(K`2b;}nx=99~^XCZVdU94A^HSuLYqyTnao z=Z}8XPeuD3d>>`L{#MwxcG~Tm&lPTYOv_Z;IZa3Vtp6eRYi6~lWGu?NqxDwKeEH;} z(9YVnT%*;;7nn31xF2a1a<u62hG*A)tDHS^&3K=q@ZpJ{Y~nRGHnas#KUNZLE^+*` zdYyS<#>}jp54J1v?C5dJ*}F{0N4r3W{iW^Gw^ys<4HVZ(oqG6q^Y^V{%wAh6?=HW( zaOcE`s@>}?&%5b+PUCSt9qN5pUw%=P;{~Puq7<Q`OTw2cH{E#|%K7r#(XPkg^I4xg z=ukbvwD+o$|MK%DhcmRjojA(>&D!{7rMt?3kkcI(e#~Fh@ZKw`Yh#c(%c4NulL2vB z>rbf6oqp}|44Wfg-md+<CuUFS0`WPP-<v~TS$W@ZsMg5bXZCP+;tuV<Q}6U|7x1xr z{#m$o-^AS&yI=RrE#+!($ZfOUrDAThgY|nX%MrfWJEyd`Z$4n%p|_m(#ec5WJK^Cg z-Co`^45`(U_20a3>Y|A2EOBnn3Qir@RCoI!e<WIR<1L|O#}20K^i+R%)$Zjzrv)~w z)`eSqi|zVfXw-77c~r;iH;eCl;THym>TGZO_n*BL1Gh!QFuW7tl5xEu*m(4dr+G!o z*2GUUtHrf8i)}spL@>kFX7+C0sdG<zh^amj(J0RJ(7uqsmTkN=__ih|qlt#arj?o> zclw&n-y}J)VX{s51gVb<tBf?5T|ZX^_dCuune#n_r}|y^ntvHPuFg8FJ89m(1?*Wm z;qTWz6HW_P4|%?1+mbBZpC+?~EKSaZJ+;4|rTpqc&*Uo!Hx(_LZz+4)-#a`%mVK>7 zYK+vp?>F>nW~9#)nR5MU?Q(9tLtE~y^sq3nJl^|pp{$Wh#Y5#+Zyjw;95l`Djdf}~ zDC}Al5wT((kM^G||HmD(5~l0@mg81D|EK0&+;_+NKN8(>U%q|TJdr2j&5(S^L@?i` zdFlBu$-lmvJbHq7uPD2|Ic|L5{S}{@Q1$J$!kQ1(f7`~U;-D7szJ9`j^2$b=41Vd= zHo4J^ygXkQubwN;w#)pSF(cc|;@T@e{eD(SrEf5;i8k56x>ljIj`?hE;k8TmdQF5M zy-8uph%aqOSHJvfnm*t5i}TVrUsqX7{55Bddvl___t(y2H$?aO`WefX&UVz4c=w5E z#mqF5BezO7dZr4WyJfyza8cB*M*f6p8O0wCJq)y&^<eh~%WOW=2T#u2x0{o{(NwhN zz~rD;-M1^k%)flw=e}>{<|u}Fy8`D08Aq94{gj)X&-ifu*Ai2~_jyOJs2OMQy{fH$ z!hGbOr`V0An}=?CTE4av$v-eBwe#kGpM}3RXt=G+&pLX!V3iclRKvPN#$_zUKR&UA z-2T*ktM_wBdDZ6a9@0<y_2uU?e*ZCT*`1Z271((@)m|KlGW9m7wNG2F?Q-t&spO|K z87f0;FGt+6EAr{vySr_P|0_>Z<^x69vO6w)oKx_EwOex@WAn-9iu+e6E^CZ>63k#x zlY08ue`9a=%u`k~#6HJ3g_THp*9z}cE0p`SC*p%zn3MVIz*V<=PcC42H}mi|nT>nb ztrnAa65Va_{e^Gg7rWB3l>dkS$h7Y&{-3(6W?jDidA3873^{*V{+trLck0BY*2iz` zy|>-$YoETv(z#Mgn^)N-y5ACvlVo4${#!JrV~NeQoE?JEWjZeXyPR7}555f6N>B5x z{T-rExoFAix#9DY)W7_FQ_JclP;b;6!OI(4wv{WpqO!x=>B^~jeOec{KA4=Uvn*}O z42h<YUCEwD*QIVz%ipbYTe)%N#d{{4Yi}HqX_`ALyJKZF^VQkgv{UYUuT!;Kz+%2s zZofsX>l)RUSyk5eV!mpKao_Cxz3<bTCoXmDN3#r`J$>sNBF0{DaM6Y|6V6v!b8aL= zm$vcE?2CI;&am>$Iy1RRmM52AF6-iVz59XR;YHvbkMzA|k{Vkxy(iA>G%c3Po)#vU zzxk5X(&^i#wL8q4l4!*3wrVBQl-`Bq?|5YL51oAb!mTKPCI01J`<grMffq$<-aT(n z3e8n6)aMFa*7LjTXChb8JFa;RQ*#@yU*4|VJafkKP4PR|ct=0p-u!!4?<(JwlO~DO zutz-i3GDxK>Uf`z*zyiP?eE$vggo`<*Em03%*=S4rN5|DhAnZo{BN^Bp1!qwR}Q6o z(vdTgbxAAxQJUuXT=ezNl#BU^oV>+PkNJKO_~@IqJo;9}t#^;>g>F1xZMSW`>A3fD zJ)3(E%m147&ZZN)JAW%>SuVe7b8zwU-@3fFHf0^1ct@k>aZSvlAEBqx7aM#?4p`&) zEcn?WiBmQSG7Bbr-)DXQY*_7nrG(hVhTG!L*`Beq{*m2zqV?)Yl^I4wSsX?m_NX68 z_c?!NbDKt1U4ZGGJ87D7nFq4x+rL`7wzaY43D2J9Q0H%fAHvR6w;aw$x+Rr8?aFH{ zK@mNslr0%cH|KY+dS86-)SP+wTQ0ts`ZL)~&hcENL0ijd(fo8NmGe85d|n>8FuT2G zuR#;5BT|LDpo!IprHNI~povw>povwDjT=@yb1^b4XkvM1(8TfzrPgK!)!L@B6qp3= zPJaNZwON{2PJGz>IQ>P)r1M7KIbQWW{bL-w#k28%4!5)zhbPY>gZn3pj%2-(n6p}O zW%Io1Ee7qp1=CM_^)7y#d_#7ZukVT1kM3VA*ws7#jy&f(uZL1!3Vjx=PI<pT$o{=c zM?rCs(Bzzr*B#T2UNd_0&82<j)QPG#MGrZrM9ly5{ot0%$9<Rgd$?^{wfU*(LeDD0 zh^WT%5{@f<OA^m{Dk%%gzq`{l-C!591DDTr)6Is;fp7GAudDQVv7552jCT3h%FFj* z<{XJ*j9(H~ls~$=A}5*oo`TFn`-Kvx^$pJo{ODaid)edEnzcQPBevzWNeKy0-)^y= z@&CEpGrv=I7(8bzy3=I2vPK|%!HHuBHr<@K{Y8^kgzF@}$9J<sE1n<R@_OmKZW+t( zz8j|exA9hZde=5zmb>M^mcx}&pC3fHZ#HzZlrEA^W|*p8+<obpLZaP+qamt4R#@C} zago1zm|w3-HB(f2Q~GB6IM&@(7dPhRM4#m1V9egMTPiPc|9q>Nx(~KJDL?u1WLRrx z+M$21Ebg)V+q&}E&fC^ClkaI&t-kg!y<}DH%b@D`-+o5@r(ar~5Y0H&W<BqT`pa+I zrQ)6cOjZuL)v?BY)6C6vrtx*=8aFj1<HT*<H@_3*%k&js<~hn`rs<qH%dds?)`ZlY zm-$S>2V`vA3)f!H|CXwA=#l8rz2}!!PmNmdvCU?}lkS_-ep+0aYqurwqW+2gP1ovW zt&CPhMEpLb|3hy7I@zzDX&m#GGPp&&Yx@<olu3be7l%O&<K0<VV%ywiC9Pe5CSo>M zN81tMmO1{8_cavGu95rb$*lQt2b&GUAv3?(+l*dx__vx&2;TWjL)Fi@qfxQYNV#p_ z@%N?|#j5vSnWOly^TdXyuY~IpWpABWbo5^ELM}F!Q-4oOb}zD!^$)ricKqA(qW+Ru zXAHG-xkP^Y+fGmqIIcOz*U|lv+=YF+=X0*xm?Lq#YcZ?)nV`f&xlUzmldoQ0c#5+> zJ16ORsnz%S?e;J3Rn`1!_;;_TwR6X0#nQvs(~i&8aOTQC_{+GE!Q4?S*ns_wh-s&C z*(Vk!_PK`w4Xz}w-0x}Za&+;86|1JddZeD<)nyy>bLE{6QgV)6xf*-C%L;EubF?K) zD|*w$yy6bixrjf@KR-CI*l`uh5)aQ)-K)-T;B(n5-}~%oUP$joS3_BE<Cab5H~Y+E zti4+oZ|?Nf)&I`T8&VH6b}j8$(~|bC*)T3`Z3f%dxzfqC5eqGq^fu3~<}FcpxGec# z!mSBkFWItRe;NK($glK>*yZoM+156az85)MZ`}K4ab!WU<2AP_ca;{$zOfW%>5J*x zetWM#fYQ7UpOpQpDlhJN!DMzco6DL*TJ80Ev7d^!81Li<tCpt+>OXZ_E_3k>%YUDy zEv!M(%%)72IJO(xh;2-p>H9(X`j%XKxdnOu|Lu8n#p^xa+u1j*4T8%4Y9Dg!nANgf z`gT{d-S?yVmjq>v;_vU35kB(C^Q8Ls>q=4{>?b=I^<FYhvYHZP!}Et>`U8gY*tB;Y z!X1h?7tdhXDt&I-LI0d{Gj={X)%@Yc8P-;ZWr4qQl@1v$m3=I+<jp3*jjVk-FZN`w zT)scT;=1|l1>O5AjRdXvPKk<Y-rM<T)%A`4et*3w9&7YLD^ODVhQ`C2?<-F-{#nd^ z$xzim8D2VaiW-Wsh$Lmr7xlgxQR}V}cWAG!`_(P(?$-?r4HOMH*;uvtn3<$l8CXO* mJ8Y!w|0unBy2wC4<ixN4tpN{Dvv4HxUw`#7%G(uGN&*0kPfV2n literal 0 HcmV?d00001 diff --git a/roles/cortex/files/logback.xml b/roles/cortex/files/logback.xml new file mode 100644 index 0000000..2dfba26 --- /dev/null +++ b/roles/cortex/files/logback.xml @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration debug="false"> + + <conversionRule conversionWord="coloredLevel" + converterClass="play.api.libs.logback.ColoredLevel"/> + + <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>/var/log/cortex/application.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>/var/log/cortex/application.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern> + </encoder> + </appender> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%coloredLevel %logger{15} - %message%n%xException{10} + </pattern> + </encoder> + </appender> + + <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="FILE"/> + </appender> + + <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT"/> + </appender> + + <logger name="play" level="DEBUG"/> + <logger name="application" level="DEBUG"/> + + <logger name="com.gargoylesoftware.htmlunit.javascript" level="OFF"/> + + <root level="INFO"> + <appender-ref ref="ASYNCFILE"/> + <appender-ref ref="ASYNCSTDOUT"/> + </root> + +</configuration> diff --git a/roles/cortex/tasks/main.yml b/roles/cortex/tasks/main.yml index 5216d2c..06b2639 100644 --- a/roles/cortex/tasks/main.yml +++ b/roles/cortex/tasks/main.yml @@ -1,17 +1,108 @@ --- -- include: start.yml +- name: Copy cacert to ca-trust dir + remote_user: root + copy: + src: "files/{{ca_cn}}.crt" + dest: /etc/pki/ca-trust/source/anchors/ca.crt tags: - - start -- include: stop.yml + - start + - startcortex + +- name: Install cacert to root truststore + remote_user: root + command: "update-ca-trust" + tags: + - start + - startcortex + +- name: Copy certificates in cortex conf dir + copy: + src: "{{ item }}" + dest: "/etc/cortex/{{ item }}" + mode: 0600 + with_items: + - "{{ inventory_hostname }}.p12" + - "{{ inventory_hostname }}.crt" + - "{{ inventory_hostname }}.key" + - cacerts.jks + - "{{ca_cn}}.crt" + tags: + - start + - startcortex + +- name: Get openid authkey + set_fact: + cortexsecret: "{{lookup('file', 'files/cortexsecret',convert_data=False) | from_json }}" + tags: + - start + +- name: Configure embedded Elasticsearch 6 + remote_user: root + template: + src: jvm.options.j2 + dest: /etc/elasticsearch/jvm.options + tags: + - start + - startcortex + +- name: Start embedded Elasticsearch 6 + remote_user: root + command: > + daemonize + -u elasticsearch + -c /usr/share/elasticsearch + -p /tmp/elasticsearch.pid + -o /tmp/elasticsearch-stdout.log + /usr/share/elasticsearch/bin/elasticsearch tags: - - stop - - stop-cortex -- include: update-config.yml + - start + - startcortex + +- name: Configure Cortex + template: + src: application.conf.j2 + dest: /etc/cortex/application.conf tags: - - update-config - - update-cortex-config -- include: restart.yml + - start + - startcortex + +- name: Configure Cortex logging + copy: + src: logback.xml + dest: /etc/cortex/logback.xml tags: - - restart - - restart-cortex + - start + +- name: Start Cortex + command: > + daemonize + -c /opt/cortex + -p /tmp/cortex.pid + -o /tmp/cortex-stdout.log + /opt/cortex/bin/cortex + -Dconfig.file=/etc/cortex/application.conf + -Dlogger.file=/etc/cortex/logback.xml + -J-Xms1g + -J-Xmx1g + -Dpidfile.path=/dev/null + tags: + - start + - startcortex + +- name: Wait for Cortex + wait_for: + host: "{{groups['cortex'][0]}}" + port: 9001 + state: started + delay: 5 + tags: + - start + - startcortex + +- name: Stop Cortex + command: "pkill -SIGTERM -F /tmp/cortex.pid" + tags: + - stop + - stopcortex + diff --git a/roles/cortex/tasks/restart.yml b/roles/cortex/tasks/restart.yml deleted file mode 100644 index d7b6e6a..0000000 --- a/roles/cortex/tasks/restart.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- name: Restart Elasticsearch - remote_user: root - command: "supervisorctl restart elasticsearch" - -- name: Restart Cortex - remote_user: root - command: "supervisorctl restart cortex" - -- name: Wait for Cortex - remote_user: root - wait_for: - host: "{{groups['cortex'][0]}}" - port: 9001 - state: started - delay: 5 - diff --git a/roles/cortex/tasks/start.yml b/roles/cortex/tasks/start.yml deleted file mode 100644 index ddb37bc..0000000 --- a/roles/cortex/tasks/start.yml +++ /dev/null @@ -1,59 +0,0 @@ ---- - -- name: Copy cacert to ca-trust dir - remote_user: root - copy: - src: "{{playbook_dir}}/secrets/CA/ca.crt" - dest: /etc/pki/ca-trust/source/anchors/ca.crt - -- name: Install cacert to root truststore - remote_user: root - command: "update-ca-trust" - -- name: Copy certificates in cortex conf dir - remote_user: cortex - copy: - src: "{{ item }}" - dest: "/etc/cortex/" - mode: 0600 - with_items: - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12" - - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt" - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key" - - "{{playbook_dir}}/secrets/CA/cacerts.jks" - - "{{playbook_dir}}/secrets/CA/ca.crt" - -- name: Configure embedded Elasticsearch 6 - remote_user: root - template: - src: jvm.options.j2 - dest: /etc/elasticsearch/jvm.options - -- name: Start embedded Elasticsearch 6 - remote_user: root - command: "supervisorctl start elasticsearch" - -- name: Configure Cortex - remote_user: cortex - template: - src: application.conf.j2 - dest: /etc/cortex/application.conf - -- name: Start Cortex - remote_user: root - command: "supervisorctl start cortex" - -- name: Wait for Cortex - remote_user: root - wait_for: - host: "{{groups['cortex'][0]}}" - port: 9001 - state: started - delay: 5 - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' - diff --git a/roles/cortex/tasks/stop.yml b/roles/cortex/tasks/stop.yml deleted file mode 100644 index ee4516b..0000000 --- a/roles/cortex/tasks/stop.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- - -- name: Stop Elasticsearch - remote_user: root - command: "supervisorctl stop elasticsearch" - -- name: Stop Cortex - remote_user: root - command: "supervisorctl stop cortex" - diff --git a/roles/cortex/tasks/update-config.yml b/roles/cortex/tasks/update-config.yml deleted file mode 100644 index a49f24f..0000000 --- a/roles/cortex/tasks/update-config.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: Configure embedded Elasticsearch 6 - remote_user: root - template: - src: jvm.options.j2 - dest: /etc/elasticsearch/jvm.options - -- name: Configure Cortex - remote_user: cortex - template: - src: application.conf.j2 - dest: /etc/cortex/application.conf - diff --git a/roles/cortex/templates/application.conf.j2 b/roles/cortex/templates/application.conf.j2 index e45e446..6d6d09c 100644 --- a/roles/cortex/templates/application.conf.j2 +++ b/roles/cortex/templates/application.conf.j2 @@ -6,7 +6,7 @@ # # IMPORTANT: If you deploy your application to several instances, make # sure to use the same key. -play.http.secret.key="{{lookup('password', '{{playbook_dir}}/secrets/passwords/cortex_secret_key')}}" +play.http.secret.key="{{cortex_secret_key}}" ## ElasticSearch search { @@ -34,18 +34,18 @@ search { ## ## Authentication configuration ## search.username = "cortex" -## search.password = "{{lookup('password', '{{playbook_dir}}/secrets/passwords/cortex_odfe')}}" +## search.password = "{{cortex_odfe_pass}}" ## ## ## SSL configuration ## search.keyStore { -## path = "/etc/cortex/soctools-cortex.p12" +## path = "/etc/cortex/dsoclab-cortex.p12" ## type = "PKCS12" # or PKCS12 -## password = "{{lookup('password', '{{playbook_dir}}/secrets/passwords/keystore')}}" +## password = "{{kspass}}" ## } ## search.trustStore { ## path = "/etc/cortex/cacerts.jks" ## type = "JKS" # or PKCS12 -## password = "{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}" +## password = "{{tspass}}" ## } } @@ -66,7 +66,7 @@ auth { # the "ad" section below. # - ldap : use LDAP to authenticate users. The associated configuration shall be done in the # "ldap" section below. - provider = [local] + provider = [local,oauth2] ad { # The Windows domain name in DNS format. This parameter is required if you do not use @@ -108,6 +108,84 @@ auth { # If 'true', use SSL to connect to the LDAP directory server. #useSSL = true } + oauth2 { + # URL of the authorization server + clientId = "dsoclab-cortex" + clientSecret = {{cortexsecret.value}} + redirectUri = "https://{{dslproxy}}:9001/api/ssoLogin" + responseType = "code" + grantType = "authorization_code" + + # URL from where to get the access token + authorizationUrl = "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/auth" + authorizationHeader = "Bearer" + tokenUrl = "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/token" + + + # The endpoint from which to obtain user details using the OAuth token, after successful login + userUrl = "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/userinfo" + scope = "profile" + userIdField = "email" + #userUrl = "https://auth-site.com/api/User" + #scope = ["openid profile"] + } + + ws.ssl.trustManager { + stores = [ + { + type = "JKS" // JKS or PEM + path = "cacerts.jks" + password = "{{tspass}}" + } + ] + } + + + # Single-Sign On + sso { + # Autocreate user in database? + autocreate = true + + # Autoupdate its profile and roles? + autoupdate = true + + # Autologin user using SSO? + autologin = true + + # Name of mapping class from user resource to backend user ('simple' or 'group') + #mapper = group + #mapper = simple + #attributes { + # login = "user" + # name = "name" + # groups = "groups" + # organization = "org" + #} +# defaultRoles = ["read", "write", "admin"] +# defaultOrganization = "uninett.no" + #defaultRoles = ["read"] + #defaultOrganization = "csirt" + #groups { + # # URL to retreive groups (leave empty if you are using OIDC) + # #url = "https://auth-site.com/api/Groups" + # # Group mappings, you can have multiple roles for each group: they are merged + # mappings { + # admin-profile-name = ["admin"] + # editor-profile-name = ["write"] + # reader-profile-name = ["read"] + # } + #} + + mapper = simple + attributes { + login = "user" + name = "name" + roles = "roles" + organization = "org" + } + defaultRoles = ["read", "analyze"] + defaultOrganization = "uninett.no" + } } ## ANALYZERS diff --git a/roles/docker/tasks/cassandra.yml b/roles/docker/tasks/cassandra.yml index b913425..a26bd28 100644 --- a/roles/docker/tasks/cassandra.yml +++ b/roles/docker/tasks/cassandra.yml @@ -10,6 +10,7 @@ networks_cli_compatible: yes volumes: - "{{cassandra_name}}:/var/lib/cassandra" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['cassandra'] }}" tags: diff --git a/roles/docker/tasks/cortex.yml b/roles/docker/tasks/cortex.yml index 15a0732..c8d7b1e 100644 --- a/roles/docker/tasks/cortex.yml +++ b/roles/docker/tasks/cortex.yml @@ -12,6 +12,7 @@ # - "9001:9001" volumes: - "{{item}}:/var/lib/elasticsearch/" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['cortex'] }}" tags: diff --git a/roles/docker/tasks/haproxy.yml b/roles/docker/tasks/haproxy.yml index b018076..10dc08e 100644 --- a/roles/docker/tasks/haproxy.yml +++ b/roles/docker/tasks/haproxy.yml @@ -15,10 +15,9 @@ - "9443:9443" - "9200:9200" - "7750:7750" - - "5000-5099:5000-5099" - - "6000-6099:6000-6099" - "9000:9000" - "9001:9001" + entrypoint: "/bin/bash" interactive: "yes" tags: - start diff --git a/roles/docker/tasks/keycloak.yml b/roles/docker/tasks/keycloak.yml index 1fddf2a..c910408 100644 --- a/roles/docker/tasks/keycloak.yml +++ b/roles/docker/tasks/keycloak.yml @@ -10,6 +10,7 @@ networks_cli_compatible: yes published_ports: - "12443:8443" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['keycloakcontainers'] }}" tags: diff --git a/roles/docker/tasks/misp.yml b/roles/docker/tasks/misp.yml index f32e440..34a42ad 100644 --- a/roles/docker/tasks/misp.yml +++ b/roles/docker/tasks/misp.yml @@ -7,8 +7,9 @@ image: "{{ misp_img }}" networks: - name: "{{ soctools_netname}}" - interactive: "yes" networks_cli_compatible: yes + entrypoint: "/bin/bash" + interactive: "yes" published_ports: - "6443:6443" tags: diff --git a/roles/docker/tasks/nifi.yml b/roles/docker/tasks/nifi.yml index e85fb61..7023444 100644 --- a/roles/docker/tasks/nifi.yml +++ b/roles/docker/tasks/nifi.yml @@ -10,6 +10,7 @@ networks_cli_compatible: yes volumes: - "{{item}}:/opt/nifi/nifi-current/conf" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['nificontainers'] }}" tags: diff --git a/roles/docker/tasks/odfees.yml b/roles/docker/tasks/odfees.yml index fa35ddd..d54ebd5 100644 --- a/roles/docker/tasks/odfees.yml +++ b/roles/docker/tasks/odfees.yml @@ -10,6 +10,7 @@ networks_cli_compatible: yes volumes: - "{{item}}:/usr/share/elasticsearch/data" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['odfeescontainers'] }}" tags: diff --git a/roles/docker/tasks/odfekibana.yml b/roles/docker/tasks/odfekibana.yml index a1c88a2..c24611b 100644 --- a/roles/docker/tasks/odfekibana.yml +++ b/roles/docker/tasks/odfekibana.yml @@ -10,6 +10,7 @@ networks_cli_compatible: yes published_ports: - "5601:5601" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['odfekibanacontainers'] }}" tags: diff --git a/roles/docker/tasks/thehive.yml b/roles/docker/tasks/thehive.yml index 68fdd3c..30b11c8 100644 --- a/roles/docker/tasks/thehive.yml +++ b/roles/docker/tasks/thehive.yml @@ -10,10 +10,12 @@ networks_cli_compatible: yes # published_ports: # - "9000:9000" + entrypoint: "/bin/bash" interactive: "yes" with_items: "{{ groups['thehive'] }}" tags: - start + - thehivestart - name: Disconnect thehive containers from network and remove docker_container: @@ -22,4 +24,4 @@ with_items: "{{ groups['thehive'] }}" tags: - stop - + - thehivestop diff --git a/roles/filebeat/README.md b/roles/filebeat/README.md deleted file mode 100644 index 225dd44..0000000 --- a/roles/filebeat/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/filebeat/defaults/main.yml b/roles/filebeat/defaults/main.yml deleted file mode 100644 index 4a9a7a6..0000000 --- a/roles/filebeat/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# defaults file for filebeat diff --git a/roles/filebeat/files/.gitkeep b/roles/filebeat/files/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/roles/filebeat/handlers/main.yml b/roles/filebeat/handlers/main.yml deleted file mode 100644 index 40c1d20..0000000 --- a/roles/filebeat/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for filebeat diff --git a/roles/filebeat/meta/main.yml b/roles/filebeat/meta/main.yml deleted file mode 100644 index 3a212a9..0000000 --- a/roles/filebeat/meta/main.yml +++ /dev/null @@ -1,53 +0,0 @@ -galaxy_info: - author: your name - description: your description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Choose a valid license ID from https://spdx.org - some suggested licenses: - # - BSD-3-Clause (default) - # - MIT - # - GPL-2.0-or-later - # - GPL-3.0-only - # - Apache-2.0 - # - CC-BY-4.0 - license: license (GPL-2.0-or-later, MIT, etc) - - min_ansible_version: 2.4 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. - \ No newline at end of file diff --git a/roles/filebeat/tasks/main.yml b/roles/filebeat/tasks/main.yml deleted file mode 100644 index 02ac9c7..0000000 --- a/roles/filebeat/tasks/main.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- - -- include: start.yml - tags: - - start -- include: stop.yml - tags: - - stop - - stop-filebeat -- include: update-config.yml - tags: - - update-config - - update-filebeat-config -- include: restart.yml - tags: - - restart - - restart-filebeat diff --git a/roles/filebeat/tasks/restart.yml b/roles/filebeat/tasks/restart.yml deleted file mode 100644 index cf2c893..0000000 --- a/roles/filebeat/tasks/restart.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# tasks file for filebeat - -- name: Restart filebeat - remote_user: root - shell: "supervisorctl restart filebeat" - ignore_errors: yes - diff --git a/roles/filebeat/tasks/start.yml b/roles/filebeat/tasks/start.yml deleted file mode 100644 index 1944c1f..0000000 --- a/roles/filebeat/tasks/start.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# tasks file for filebeat - -- name: Copy filebeat certificates - copy: - src: "{{ item }}" - dest: "/opt/filebeat/" - mode: 0600 - with_items: - - "{{playbook_dir}}/secrets/CA/issued/filebeat.crt" - - "{{playbook_dir}}/secrets/CA/private/filebeat.key" - become: true - -- name: Copy filebeat configuration file - template: - src: filebeat.yml.j2 - dest: /opt/filebeat/filebeat.yml - become: true - -- name: Restart filebeat - remote_user: root - shell: "supervisorctl restart filebeat" - ignore_errors: yes diff --git a/roles/filebeat/tasks/stop.yml b/roles/filebeat/tasks/stop.yml deleted file mode 100644 index c5d5dd6..0000000 --- a/roles/filebeat/tasks/stop.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# tasks file for filebeat - -- name: Stop filebeat - remote_user: root - shell: "supervisorctl stop filebeat" - ignore_errors: yes - diff --git a/roles/filebeat/tasks/update-config.yml b/roles/filebeat/tasks/update-config.yml deleted file mode 100644 index a4c4e30..0000000 --- a/roles/filebeat/tasks/update-config.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# tasks file for filebeat - -- name: Copy filebeat configuration file - template: - src: filebeat.yml.j2 - dest: /opt/filebeat/filebeat.yml - become: true - diff --git a/roles/filebeat/templates/filebeat.yml.j2 b/roles/filebeat/templates/filebeat.yml.j2 deleted file mode 100644 index 78af99c..0000000 --- a/roles/filebeat/templates/filebeat.yml.j2 +++ /dev/null @@ -1,35 +0,0 @@ -filebeat.inputs: -{% if FILEBEAT_FILES is defined %} -- type: log - paths: -{% for file in FILEBEAT_FILES %} - - {{ file }} -{% endfor %} -{% if FILEBEAT_LOG_FORMAT == 'json' %} - json.keys_under_root: true - json.overwrite_keys: true - json.add_error_key: true - json.message_key: log - multiline.pattern: '^{' - multiline.negate: true - multiline.match: after -{% endif %} -{% else %} -- type: syslog - protocol.udp: - host: "localhost:{{ FILEBEAT_SYSLOG_PORT }}" -{% endif %} - fields: - log_type: {{ FILEBEAT_LOG_TYPE }} - -filebeat.config.modules: - path: ${path.config}/modules.d/*.yml - reload.enabled: false - -output.logstash: - hosts: ["{{ FILEBEAT_OUTPUT_HOST }}:{{ FILEBEAT_OUTPUT_PORT }}"] - workers: 3 - loadbalance: true - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - #ssl.certificate: "{{ FILEBEAT_CERT }}"" - #ssl.key: "{{ FILEBEAT_KEY }}" diff --git a/roles/filebeat/tests/inventory b/roles/filebeat/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/filebeat/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/filebeat/tests/test.yml b/roles/filebeat/tests/test.yml deleted file mode 100644 index 12223ca..0000000 --- a/roles/filebeat/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - filebeat diff --git a/roles/filebeat/vars/main.yml b/roles/filebeat/vars/main.yml deleted file mode 100644 index 137cdf3..0000000 --- a/roles/filebeat/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for filebeat diff --git a/roles/haproxy/files/.empty b/roles/haproxy/files/.empty deleted file mode 100644 index e69de29..0000000 diff --git a/roles/haproxy/files/dsoclab-haproxy.crt b/roles/haproxy/files/dsoclab-haproxy.crt new file mode 100644 index 0000000..5be39cb --- /dev/null +++ b/roles/haproxy/files/dsoclab-haproxy.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + d2:7b:43:cb:9b:fb:09:cf:cc:86:ef:d1:01:9a:42:fc + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:30 2020 GMT + Not After : Oct 15 10:47:30 2023 GMT + Subject: CN=dsoclab-haproxy + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c9:c7:22:33:0b:0b:0f:a0:8c:c4:a9:81:37:bd: + 51:2f:47:32:fa:1b:88:45:b1:bb:11:43:3d:de:b3: + 70:67:d7:8b:39:5a:8f:13:fb:2f:78:08:b1:b1:32: + c6:d1:0e:e4:d3:2e:3a:db:84:db:d2:65:6b:26:24: + 6c:d7:16:e5:a5:90:8e:02:46:13:02:0a:96:66:46: + 87:b7:b0:ee:56:4c:3c:d8:ae:4c:7d:ef:5b:aa:6e: + 01:8e:89:fe:4c:b9:de:6c:ba:e4:3f:8d:f8:d7:3a: + ed:b2:29:9a:5b:ac:5a:86:66:05:f3:19:2f:59:8d: + 7c:8b:6a:97:1e:43:8a:36:80:b2:e9:e1:84:f6:94: + bc:13:11:31:b8:d2:5a:72:ed:68:c3:b1:37:e4:5b: + 91:82:62:aa:13:f2:b6:e0:3a:aa:85:66:70:0a:a9: + ad:5c:a7:52:ff:dc:f9:99:5e:e5:15:d5:0c:fe:cd: + 27:cb:98:9e:5a:69:ca:71:74:31:e6:26:df:ec:d2: + 42:43:b9:f3:04:8e:2c:7a:28:a6:f9:8e:ba:64:3c: + 69:0e:ac:f5:dc:d5:f3:2a:50:47:50:d4:8c:f5:ee: + 31:08:73:69:1f:ae:42:1d:52:84:5d:47:68:dd:a3: + 1f:07:57:ec:3e:9e:0d:23:78:16:41:bc:68:f2:4f: + e9:19 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 49:DC:74:02:17:71:C3:D0:A0:64:31:9E:60:2B:B4:38:43:62:DE:98 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-haproxy, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 04:a0:71:31:d2:11:93:09:96:c8:1b:2a:31:b8:b9:34:07:ac: + 89:cb:b0:6c:b0:f0:17:5f:18:3c:a6:96:ca:b3:fa:c7:af:40: + 17:e1:7e:e4:dc:ee:fe:5c:dc:86:40:b7:2f:9d:c0:9e:fd:16: + 6b:85:ab:c2:a8:63:1f:fe:03:2b:89:6a:80:c9:2e:ae:cc:3d: + 19:75:32:0e:56:57:16:27:02:51:49:1d:b3:78:aa:57:d3:00: + 9b:93:fe:6d:a3:37:ad:26:35:57:e1:5f:90:bf:ef:30:bc:68: + f3:bf:7c:59:69:4f:61:30:2d:48:66:a6:44:2a:51:63:6e:4f: + a7:8f:96:7e:91:b2:b2:46:bc:97:1b:01:df:c0:24:5c:b2:aa: + 8d:20:3a:25:5d:8a:1c:84:53:0d:d4:f6:d5:81:5d:30:de:c4: + d7:fa:42:9c:79:68:92:56:b7:76:69:c6:c9:ad:07:47:a6:d2: + 46:d4:a5:0c:10:a9:03:21:4d:56:40:e5:28:e3:fa:70:1b:23: + 32:68:07:3d:d6:8a:3a:fb:6d:3b:a6:20:16:1b:09:f3:47:f0: + 2a:4f:dc:97:86:56:37:96:42:1b:89:b8:76:1a:ab:7a:25:4e: + e8:62:d9:a0:3b:ec:62:72:64:64:ca:87:9c:be:0a:08:09:52: + ab:03:89:2b +-----BEGIN CERTIFICATE----- +MIIDmTCCAoGgAwIBAgIRANJ7Q8ub+wnPzIbv0QGaQvwwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzMwWhcNMjMxMDE1 +MTA0NzMwWjAaMRgwFgYDVQQDDA9kc29jbGFiLWhhcHJveHkwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDJxyIzCwsPoIzEqYE3vVEvRzL6G4hFsbsRQz3e +s3Bn14s5Wo8T+y94CLGxMsbRDuTTLjrbhNvSZWsmJGzXFuWlkI4CRhMCCpZmRoe3 +sO5WTDzYrkx971uqbgGOif5Mud5suuQ/jfjXOu2yKZpbrFqGZgXzGS9ZjXyLapce +Q4o2gLLp4YT2lLwTETG40lpy7WjDsTfkW5GCYqoT8rbgOqqFZnAKqa1cp1L/3PmZ +XuUV1Qz+zSfLmJ5aacpxdDHmJt/s0kJDufMEjix6KKb5jrpkPGkOrPXc1fMqUEdQ +1Iz17jEIc2kfrkIdUoRdR2jdox8HV+w+ng0jeBZBvGjyT+kZAgMBAAGjgd0wgdow +CQYDVR0TBAIwADAdBgNVHQ4EFgQUSdx0Ahdxw9CgZDGeYCu0OENi3pgwRgYDVR0j +BD8wPYAUeQbKQNOfmlSu0zNN8jg+tgvzPc+hGqQYMBYxFDASBgNVBAMMC1NPQ1RP +T0xTLUNBggkAinSTJoBbQrcwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MAsGA1UdDwQEAwIFoDA6BgNVHREEMzAxgg9kc29jbGFiLWhhcHJveHmCHmRzb2Ns +YWIuZ240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEABKBx +MdIRkwmWyBsqMbi5NAesicuwbLDwF18YPKaWyrP6x69AF+F+5Nzu/lzchkC3L53A +nv0Wa4WrwqhjH/4DK4lqgMkursw9GXUyDlZXFicCUUkds3iqV9MAm5P+baM3rSY1 +V+FfkL/vMLxo8798WWlPYTAtSGamRCpRY25Pp4+WfpGyska8lxsB38AkXLKqjSA6 +JV2KHIRTDdT21YFdMN7E1/pCnHlokla3dmnGya0HR6bSRtSlDBCpAyFNVkDlKOP6 +cBsjMmgHPdaKOvttO6YgFhsJ80fwKk/cl4ZWN5ZCG4m4dhqreiVO6GLZoDvsYnJk +ZMqHnL4KCAlSqwOJKw== +-----END CERTIFICATE----- diff --git a/roles/haproxy/files/dsoclab-haproxy.key b/roles/haproxy/files/dsoclab-haproxy.key new file mode 100644 index 0000000..abcca5e --- /dev/null +++ b/roles/haproxy/files/dsoclab-haproxy.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJxyIzCwsPoIzE +qYE3vVEvRzL6G4hFsbsRQz3es3Bn14s5Wo8T+y94CLGxMsbRDuTTLjrbhNvSZWsm +JGzXFuWlkI4CRhMCCpZmRoe3sO5WTDzYrkx971uqbgGOif5Mud5suuQ/jfjXOu2y +KZpbrFqGZgXzGS9ZjXyLapceQ4o2gLLp4YT2lLwTETG40lpy7WjDsTfkW5GCYqoT +8rbgOqqFZnAKqa1cp1L/3PmZXuUV1Qz+zSfLmJ5aacpxdDHmJt/s0kJDufMEjix6 +KKb5jrpkPGkOrPXc1fMqUEdQ1Iz17jEIc2kfrkIdUoRdR2jdox8HV+w+ng0jeBZB +vGjyT+kZAgMBAAECggEAUcxwiNDJQySK7I7q23XcG5Z5i/rtW5OZin3/7vA/eVlg +D3gu2KLTs42Su4siHk4zZYkwQx2xH7INpgDOPsQBhQT9DN7rhcBVCFE/Y7BObp2p +bQ375HHMb2L5Lpeyh9gx21JIhZtAbcBt6/QBp3hPmnxxnQNwtpUtEDe923714PHD +SfJ1Nd+mgeJ3ShPrk2jhcDdU82/mQrk5eH8M5QJqlTEWCvBgJaKhBf89T2XrX8jf +oPzeVijOqgLg49QEtAPmI98GlE1OAp3boFx4/QA/s76pgWZhYIm1hcm1AguYhQvJ +bi96IgdgVQQp/y7L+ix8zsq+YRxwPuCSBl+9BotYoQKBgQDm4neNC87XV4RhGuHG +w8WpFXFe1uOucPfyfTMmjifh61GZa4aWgBQByBQxBs729MOr9TFrNApTGWPO8Lag +ANnREyNndaUAUFgtCdY7Gc99deWyIx861aAVU7GGIFVkCo3OK0twbbyzqOj+B+H8 +c/P1tXXMayt/gPVuRDj7sq90VwKBgQDfuh6Clxa2sq0GdKsRkiDXaY8eZxJZchYw ++0MsYQjX8hPOGn0YWGy14ppE7JEPTEWSRuzCf5cwem/em8AIESgdCUWcGkgcQO5n +DvZeXrHHpVrTmGE5xEVNYrD/NPY7VizUsyLNvn5yC4hyByWkwLV+AUGpACE3HP2s +7xTakmmoDwKBgHKEfXuuEafptrVbWgT2cYHOKu85crDBQ5o40zgaZlm+GDkahiT7 +3fCMRseScvE2sh8GfL6Jj11sSH8KEesGwQLclUDpry+aqkGckW+6+5lk8ssKdKD/ ++GjbnD/EpdX7Dh7mhoJ7S49pBjeJvWM0OBr1KDp+JZMWaaWJnSHqnO/9AoGAXvM4 +m6fP5f3y3PiK2cwwz/tm2DpaWUfID0Wz/pO4Ex4UNbacPMbabF8dpf7Ymat/I1Oi +i/FmkxaDf/COEV5mrdwPhO7Kh+MuyuJYwThjLx4IbCERsliQKQWnpMgvcINkR2k3 +biZYt8IZSHusCD4ZSL7zxOvfLOrK5qgZK6JT4RUCgYEAk94TNC+rYRZOfOIaYA7+ +K1qTQAe8tawTBlKauXptWCzMFtMSEwozuHuxgnyAS/uRUKFMgRk00KrSvnuyGEBX +5QxqqhBOMvGDs672q/kVZ5C9M06+y5+Zpg0Mf3r+zOBqB5tCASnl2KfOCZkAt8rV +kyb4KyOsi81/fpVM/WeOL7w= +-----END PRIVATE KEY----- diff --git a/roles/haproxy/files/haproxy.cfg b/roles/haproxy/files/haproxy.cfg new file mode 100644 index 0000000..e102cf4 --- /dev/null +++ b/roles/haproxy/files/haproxy.cfg @@ -0,0 +1,17 @@ +global + quiet + +defaults + mode http + maxconn 5000 + + timeout connect 5s + timeout client 20s + timeout server 20s + +frontend public + bind *:80 + default_backend apps + +backend apps + server nifi_1 nifi_1:8080 check diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index 00ff357..d8bcefb 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -1,17 +1,68 @@ --- +# tasks file for haproxy -- include: start.yml +- name: Copy haproxy configuration file + template: + src: haproxy.cfg.j2 + dest: /usr/local/etc/haproxy/haproxy.cfg tags: - - start -- include: stop.yml + - start + +- name: Create required directories + file: + path: "{{ item }}" + state: directory + mode: 0755 + owner: root + group: root + with_items: + - /opt/haproxy + - /etc/ssl/haproxy + tags: + - start + +- name: Generate dhparam file for haproxy + shell: "openssl dhparam -out /usr/local/etc/haproxy/dhparam.pem 2048" tags: - - stop - - stop-haproxy -- include: update-config.yml + - start + +- name: Copy haproxy certificates + copy: + src: "{{ item }}" + dest: "/opt/haproxy/{{ item }}" + mode: 0600 + with_items: + - "{{ inventory_hostname }}.crt" + - "{{ inventory_hostname }}.key" tags: - - update-config - - update-haproxy-config -- include: restart.yml + - start + +- name: Combine crt and key for haproxy + assemble: + src: /opt/haproxy + dest: /etc/ssl/haproxy/{{ inventory_hostname }}.crt + owner: root + mode: 0600 tags: - - restart - - restart-haproxy + - start + +- name: Delete temporary files and directory + file: + path: "{{ item }}" + state: absent + with_items: + - /opt/haproxy/{{ inventory_hostname }}.crt + - /opt/haproxy/{{ inventory_hostname }}.key + - /opt/haproxy + tags: + - start + +- name: Start haproxy + shell: "daemonize -c / -p /haproxy.pid /usr/local/sbin/haproxy -f /usr/local/etc/haproxy/haproxy.cfg" + tags: + - start + +#- name: Stop haproxy +# tags: +# - stop + diff --git a/roles/haproxy/tasks/restart.yml b/roles/haproxy/tasks/restart.yml deleted file mode 100644 index 30c56b2..0000000 --- a/roles/haproxy/tasks/restart.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# tasks file for haproxy - -- name: Restart haproxy - shell: "supervisorctl restart haproxy" - diff --git a/roles/haproxy/tasks/start.yml b/roles/haproxy/tasks/start.yml deleted file mode 100644 index f33f0ea..0000000 --- a/roles/haproxy/tasks/start.yml +++ /dev/null @@ -1,55 +0,0 @@ ---- -# tasks file for haproxy - -- name: Copy haproxy configuration file - template: - src: haproxy.cfg.j2 - dest: /usr/local/etc/haproxy/haproxy.cfg - -- name: Create required directories - file: - path: "{{ item }}" - state: directory - mode: 0755 - owner: root - group: root - with_items: - - /opt/haproxy - - /etc/ssl/haproxy - -- name: Generate dhparam file for haproxy - shell: "openssl dhparam -out /usr/local/etc/haproxy/dhparam.pem 2048" - -- name: Copy haproxy certificates - copy: - src: "{{ item }}" - dest: "/opt/haproxy/" - mode: 0600 - with_items: - - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt" - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key" - -- name: Combine crt and key for haproxy - assemble: - src: /opt/haproxy - dest: /etc/ssl/haproxy/{{ inventory_hostname }}.crt - owner: root - mode: 0600 - -- name: Delete temporary files and directory - file: - path: "{{ item }}" - state: absent - with_items: - - /opt/haproxy/{{ inventory_hostname }}.crt - - /opt/haproxy/{{ inventory_hostname }}.key - - /opt/haproxy - -- name: Start haproxy - shell: "supervisorctl start haproxy" - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' diff --git a/roles/haproxy/tasks/stop.yml b/roles/haproxy/tasks/stop.yml deleted file mode 100644 index 60f875f..0000000 --- a/roles/haproxy/tasks/stop.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# tasks file for haproxy - -- name: Stop haproxy - command: "supervisorctl stop haproxy" - diff --git a/roles/haproxy/tasks/update-config.yml b/roles/haproxy/tasks/update-config.yml deleted file mode 100644 index dc5cb8b..0000000 --- a/roles/haproxy/tasks/update-config.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# tasks file for haproxy - -- name: Copy haproxy configuration file - template: - src: haproxy.cfg.j2 - dest: /usr/local/etc/haproxy/haproxy.cfg - diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 index d566981..e62740e 100644 --- a/roles/haproxy/templates/haproxy.cfg.j2 +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -1,6 +1,6 @@ global #quiet - log 127.0.0.1:9000 local0 + log stdout format raw local0 nbproc {{ HAPROXY_PROCESSES }} ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets @@ -22,7 +22,7 @@ listen stats stats hide-version stats uri / stats realm HAProxy Statistics - stats auth haproxy:{{lookup('password', '{{playbook_dir}}/secrets/passwords/haproxy_stats')}} + stats auth haproxy:{{ HAPROXY_STATS_PASS }} listen nifiserv bind *:9443 ssl crt /etc/ssl/haproxy alpn h2,http/1.1 @@ -31,7 +31,6 @@ listen nifiserv fullconn 5000 balance source option tcpka - option httplog {% for nifihost in groups['nificontainers'] %} server {{nifihost}} {{nifihost}}:9443 ssl check verify none {% endfor %} @@ -43,7 +42,6 @@ listen odfeserv fullconn 5000 balance source option tcpka - option httplog {% for odfehost in groups['odfeescontainers'] %} server {{odfehost}} {{odfehost}}:9200 ssl check verify none {% endfor %} @@ -55,7 +53,6 @@ listen keycloakserv fullconn 5000 balance source option tcpka - option httplog {% for keycloakhost in groups['keycloakcontainers'] %} server {{keycloakhost}} {{keycloakhost}}:8443 ssl check verify none {% endfor %} @@ -68,7 +65,6 @@ listen thehiveserv balance source option tcpka option forwardfor - option httplog {% for thehivehost in groups['thehive'] %} server {{thehivehost}} {{thehivehost}}:9000 check verify none {% endfor %} @@ -81,7 +77,6 @@ listen cortexserv balance source option tcpka option forwardfor - option httplog {% for cortexhost in groups['cortex'] %} server {{cortexhost}} {{cortexhost}}:9001 check verify none {% endfor %} @@ -95,7 +90,6 @@ listen nifiservtcp77{{port}} balance source option tcpka option tcp-check - option tcplog tcp-check connect port 77{{port}} {% for nifihost in groups['nificontainers'] %} server {{nifihost}} {{nifihost}}:77{{port}} check @@ -112,7 +106,6 @@ listen nifiservtcp7771 balance source option tcpka option tcp-check - option tcplog tcp-check connect port 7771 {% for nifihost in groups['nificontainers'] %} server {{nifihost}} {{nifihost}}:7771 check @@ -127,7 +120,6 @@ listen nifiservhttp{{port}} fullconn 5000 balance source option tcpka - option httplog {% for nifihost in groups['nificontainers'] %} server {{nifihost}} {{nifihost}}:{{port}} check {% endfor %} @@ -144,7 +136,6 @@ listen nifiservtcp{{port}} balance source option tcpka option tcp-check - option tcplog tcp-check connect port {{port}} {% for nifihost in groups['nificontainers'] %} server {{nifihost}} {{nifihost}}:{{port}} check diff --git a/roles/keycloak/files/SOCTOOLS-CA.crt b/roles/keycloak/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/keycloak/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/keycloak/files/cacerts.jks b/roles/keycloak/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/keycloak/files/dsoclab-keycloak.crt b/roles/keycloak/files/dsoclab-keycloak.crt new file mode 100644 index 0000000..92b6893 --- /dev/null +++ b/roles/keycloak/files/dsoclab-keycloak.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + fe:75:83:de:f2:35:5a:2c:2b:ba:09:72:0b:d8:09:48 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:28 2020 GMT + Not After : Oct 15 10:47:28 2023 GMT + Subject: CN=dsoclab-keycloak + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ea:a9:ea:6b:2f:6c:9c:9f:6d:9c:89:4e:01:ba: + c6:c0:32:df:59:26:2b:95:f4:c2:3d:c8:7e:22:ce: + b6:78:03:e8:22:28:81:9c:9a:a6:a7:ba:fd:05:66: + a3:50:81:85:71:c1:d9:ea:bc:21:e1:5d:0a:87:7b: + be:55:b0:7d:01:57:de:4c:fe:3a:c5:c9:54:77:2e: + 15:fc:12:07:f8:ef:9f:7b:f7:09:01:70:75:53:3b: + dc:b1:0c:65:4d:49:c4:fb:1d:42:20:6f:81:45:42: + d3:db:1d:4c:57:1b:1d:3b:81:39:ee:b2:cf:95:4b: + 29:d0:a8:39:98:d6:93:36:99:bf:c5:43:26:8d:4d: + db:6d:24:3b:fc:16:76:a1:fd:6f:c6:19:11:c7:12: + 0d:80:16:4c:88:da:2c:09:78:3d:1b:7c:6c:ec:db: + 9e:01:50:5f:a3:56:7f:d4:3b:a4:26:d2:6d:42:7b: + 88:4e:8d:64:ed:1e:1a:0e:05:58:65:58:47:83:60: + 9e:b4:ed:15:ce:72:4f:a0:b5:22:dd:9f:a4:da:88: + 86:fe:cb:84:6e:72:3d:00:42:da:8b:85:2a:f2:ef: + d7:ee:bb:85:42:ba:b9:fb:d9:9d:d2:2c:58:0f:7c: + 02:23:b7:46:d0:69:06:37:40:9d:58:74:89:ca:b7: + 12:e5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + FD:C5:77:F8:79:AD:0A:7E:6A:A0:2E:3B:58:6A:9F:43:51:55:0B:DF + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-keycloak, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 9a:c0:35:a3:68:ec:ec:cc:c3:65:5a:bf:03:d0:ee:8d:a0:41: + db:6d:89:3e:97:d4:90:7d:63:8e:73:37:43:ae:9a:e2:d0:2b: + a7:5e:b2:88:9b:4d:8f:b6:81:bf:f6:46:a0:87:ca:77:ec:5c: + af:cd:6b:d8:e8:60:5a:aa:86:be:64:d5:ad:e9:1e:41:7b:6a: + df:01:1d:16:86:94:57:82:51:91:be:6b:d6:ae:f0:b9:8c:3d: + 11:99:c4:93:eb:f7:fa:9e:a3:e3:f8:97:19:cf:63:55:6a:6e: + 4f:e9:a2:64:a7:35:0d:7e:68:23:89:e1:c6:06:4b:34:67:38: + 40:d1:81:b3:73:95:3a:3b:67:d2:5a:e4:8e:49:34:b1:ab:6f: + b6:60:87:ac:55:5d:f5:59:c0:d5:d3:d8:de:3b:76:c9:41:28: + b4:d7:23:ec:a2:3f:1d:3f:74:2e:f0:45:40:35:38:d1:06:50: + b2:93:45:df:de:33:5e:0b:89:86:d8:c9:14:61:1c:d2:94:21: + 1f:bf:df:32:f0:2f:91:52:b0:08:b7:b9:c2:b7:55:2b:ca:05: + e4:eb:91:e1:63:45:5d:1a:6f:e8:76:07:89:e8:42:3e:ec:7b: + 51:0e:a0:d5:8e:c3:3d:26:e3:45:b0:5b:61:d1:98:3b:c3:d4: + 37:9f:c1:7c +-----BEGIN CERTIFICATE----- +MIIDmzCCAoOgAwIBAgIRAP51g97yNVosK7oJcgvYCUgwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwHhcNMjAxMDMwMTA0NzI4WhcNMjMxMDE1 +MTA0NzI4WjAbMRkwFwYDVQQDDBBkc29jbGFiLWtleWNsb2FrMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qnqay9snJ9tnIlOAbrGwDLfWSYrlfTCPch+ +Is62eAPoIiiBnJqmp7r9BWajUIGFccHZ6rwh4V0Kh3u+VbB9AVfeTP46xclUdy4V +/BIH+O+fe/cJAXB1UzvcsQxlTUnE+x1CIG+BRULT2x1MVxsdO4E57rLPlUsp0Kg5 +mNaTNpm/xUMmjU3bbSQ7/BZ2of1vxhkRxxINgBZMiNosCXg9G3xs7NueAVBfo1Z/ +1DukJtJtQnuITo1k7R4aDgVYZVhHg2CetO0VznJPoLUi3Z+k2oiG/suEbnI9AELa +i4Uq8u/X7ruFQrq5+9md0ixYD3wCI7dG0GkGN0CdWHSJyrcS5QIDAQABo4HeMIHb +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFP3Fd/h5rQp+aqAuO1hqn0NRVQvfMEYGA1Ud +IwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NU +T09MUy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD +AjALBgNVHQ8EBAMCBaAwOwYDVR0RBDQwMoIQZHNvY2xhYi1rZXljbG9ha4IeZHNv +Y2xhYi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQCa +wDWjaOzszMNlWr8D0O6NoEHbbYk+l9SQfWOOczdDrpri0CunXrKIm02PtoG/9kag +h8p37FyvzWvY6GBaqoa+ZNWt6R5Be2rfAR0WhpRXglGRvmvWrvC5jD0RmcST6/f6 +nqPj+JcZz2NVam5P6aJkpzUNfmgjieHGBks0ZzhA0YGzc5U6O2fSWuSOSTSxq2+2 +YIesVV31WcDV09jeO3bJQSi01yPsoj8dP3Qu8EVANTjRBlCyk0Xf3jNeC4mG2MkU +YRzSlCEfv98y8C+RUrAIt7nCt1UrygXk65HhY0VdGm/odgeJ6EI+7HtRDqDVjsM9 +JuNFsFth0Zg7w9Q3n8F8 +-----END CERTIFICATE----- diff --git a/roles/keycloak/files/dsoclab-keycloak.key b/roles/keycloak/files/dsoclab-keycloak.key new file mode 100644 index 0000000..8c5ebed --- /dev/null +++ b/roles/keycloak/files/dsoclab-keycloak.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDqqeprL2ycn22c +iU4BusbAMt9ZJiuV9MI9yH4izrZ4A+giKIGcmqanuv0FZqNQgYVxwdnqvCHhXQqH +e75VsH0BV95M/jrFyVR3LhX8Egf475979wkBcHVTO9yxDGVNScT7HUIgb4FFQtPb +HUxXGx07gTnuss+VSynQqDmY1pM2mb/FQyaNTdttJDv8Fnah/W/GGRHHEg2AFkyI +2iwJeD0bfGzs254BUF+jVn/UO6Qm0m1Ce4hOjWTtHhoOBVhlWEeDYJ607RXOck+g +tSLdn6TaiIb+y4Rucj0AQtqLhSry79fuu4VCurn72Z3SLFgPfAIjt0bQaQY3QJ1Y +dInKtxLlAgMBAAECggEBAIj6HCLq8NxP15zLLSSnUQK571PLix+iWovT74UD4tEV +frgJqvat81/vL2iqq+P/ZtSrUjfKD4DMXawOGGFOfvl8v/9zWv0+8zYKSbz1DYBK +525mGfSkH2gxhjY2xR8jU389ae8jB3NVefLqHDiwVBT67sUdzTwZPtRUjiJgBliU +soJCsCutHAy7GW68N79F0BQItHhjMt02fYybnFxNvBntD4lodZDn7K9iqBoZPduX +TBsH1FcwZQyvQuiUlJgjUFM//5zrZUMjErv+3ev5c/WdpY4ycbo6VVBGZouVbyeX +RAWeDUE1nrsEsLBSnTkXVInFjPS6mBxsIi/+hlf6XCECgYEA+bWYDKPgelSe8ii5 +mK94wcLr6MybO+GrBHT4lIP1UggGsvPtXTifNvgGrYx90gmmL6F9QWHE+4lxyh5L +yEXCTHXl4QopgZCxWnnKekz0ma0lFlGYGr4KA0Z3Ntp+sCb/hcqVW/n24wVhNnmo +z3ztlSI/GY3B598R7dO9sR/RoYkCgYEA8JNKbTegmeeaAyBehEPy3eajAiT6759p +7m6Ml1P6IC3Ff3fllJrNWRi+JDKnJF9SUePOVWLWSgYSJyFLoiWK1CzoyLPdbcW9 +Ap9XNzD/aoDi6DBbKCFhRpBCsmTPnT8eFvA9PhuYY60w2UoM7byH+i2aJ1Do3izl +tLsHJbcT230CgYEA5S4Sl/9MBlpl6xEPjh/2L7drdyVaj/IFWLjWcNBPtnMhWtrf +joBqODQZRO09iSlL+kk3wWsvNEEoS33UxcGomy5Vxl3iTET1UXmYKPk6QVUVRc+r +T1f9rpXc0l5kid2xBSUyQdFAE4obd7jfA1fAYfClgxmEzv//34xHfCoc5ykCgYEA +01sD00pA3ZXc+AwzHY64y3z6D0M/9s+d+GzFNZoAsM6lqaRDXbhW2oTjX9fkgg8A +upMiTl/kFeqZfilBUnYbLuc5qEJlMjC8KpakwAdbDk2njAgXvfz9gknxXts0j1jJ +bauokm0aB9A7j1sAWsj8ya3QtePegnr9YDfEQr1CQ90CgYBfAQaYG9ldXcxTlERG +jOGu0bh9DtnmwsenwTZQD4mNHpvL0MkmIQxR5FAL8XXbNBq50zCiOapLLrhdqbh0 +ih3WoOdqxLIDQtAJYs3ANhOmEAxvQPxpPKhRHRKPGXxyzgW9zeQ08GpYoR/M7VRF +TypqufvopzWOpbxpgbfiJQmd8g== +-----END PRIVATE KEY----- diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index d7668ba..2bb6a62 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -1,17 +1,97 @@ --- -- include: start.yml - tags: - - start -- include: stop.yml - tags: - - stop - - stop-keycloak -- include: update-config.yml - tags: - - update-config - - update-keycloak-config -- include: restart.yml - tags: - - restart - - restart-keycloak +- name: Copy certificates in keycloak x509 conf dir + copy: + src: "{{ item.local }}" + dest: "{{ item.remote }}" + mode: "{{ item.mode }}" + with_items: + - local: "files/{{ inventory_hostname }}.crt" + remote: /etc/x509/https/tls.crt + mode: '0644' + - local: "files/{{ inventory_hostname }}.key" + remote: /etc/x509/https/tls.key + mode: '0600' + - local: "files/{{ ca_cn }}.crt" + remote: /etc/x509/ca/ca.crt + mode: '0644' + - local: "files/cacerts.jks" + remote: /opt/jboss/keycloak/cacerts.jks + mode: '0644' + tags: + - start + - startkeycloak + +- name: Generate Keycloak secure config + command: "/opt/jboss/tools/x509.sh" + environment: + X509_CA_BUNDLE: "/etc/x509/ca/ca.crt" + tags: + - start + - startkeycloak + +- name: Set admin password + command: /opt/jboss/keycloak/bin/add-user-keycloak.sh --user "admin" --password "{{keycloak_adminpass}}" + ignore_errors: yes + tags: + - start + - startkeycloak + +- name: Configure Keycloak start script + template: + src: "{{item}}.j2" + dest: "/opt/jboss/tools/{{item}}" + mode: 0750 + with_items: + - startkeycloak.sh + - initkeycloakrealm.sh + tags: + - start + - startkeycloak + + +- name: Start Keycloak IdP + command: /opt/jboss/tools/startkeycloak.sh + tags: + - start + - startkeycloak + +- name: Wait for Keycloak + wait_for: + host: "{{groups['keycloakcontainers'][0]}}" + port: 8443 + state: started + delay: 5 + tags: + - start + - startkeycloak + +- name: Initialize Keycloak realm + command: /opt/jboss/tools/initkeycloakrealm.sh + tags: + - start + - startkeycloak + +- name: Copy secrets from Keycloak + fetch: + src: "{{ item.remote }}" + dest: "{{ item.local }}" + flat: yes + with_items: + - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/nifisecret" + local: "roles/nifi/files/nifisecret" + - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/kibanasecret" + local: "roles/odfekibana/files/kibanasecret" + - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/thehivesecret" + local: "roles/thehive/files/thehivesecret" + - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/cortexsecret" + local: "roles/cortex/files/cortexsecret" + tags: + - start + - startkeycloak + +- name: Stop Keycloak + command: "pkill -SIGTERM -F {{inventory_hostname}}.pid" + tags: + - stop + - stopkeycloak diff --git a/roles/keycloak/tasks/restart.yml b/roles/keycloak/tasks/restart.yml deleted file mode 100644 index 4ea5519..0000000 --- a/roles/keycloak/tasks/restart.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -- name: Restart Keycloak - remote_user: root - command: "supervisorctl restart keycloak" - -- name: Wait for Keycloak - remote_user: jboss - wait_for: - host: "{{groups['keycloakcontainers'][0]}}" - port: 8443 - state: started - delay: 5 diff --git a/roles/keycloak/tasks/start.yml b/roles/keycloak/tasks/start.yml deleted file mode 100644 index 468cb25..0000000 --- a/roles/keycloak/tasks/start.yml +++ /dev/null @@ -1,96 +0,0 @@ ---- - -- name: Copy certificates in keycloak x509 conf dir - remote_user: jboss - copy: - src: "{{ item.local }}" - dest: "{{ item.remote }}" - mode: "{{ item.mode}}" - with_items: - - local: "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt" - remote: /etc/x509/https/tls.crt - mode: '0644' - - local: "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key" - remote: /etc/x509/https/tls.key - mode: '0600' - - local: "{{playbook_dir}}/secrets/CA/ca.crt" - remote: /etc/x509/ca/ca.crt - mode: '0644' - - local: "{{playbook_dir}}/secrets/CA/cacerts.jks" - remote: /opt/jboss/keycloak/cacerts.jks - mode: '0644' - -- name: Generate Keycloak secure config - remote_user: jboss - command: "/opt/jboss/tools/x509.sh" - environment: - X509_CA_BUNDLE: "/etc/x509/ca/ca.crt" - -- name: Set admin password - remote_user: jboss - command: /opt/jboss/keycloak/bin/add-user-keycloak.sh --user "admin" --password "{{lookup('password', '{{playbook_dir}}/secrets/passwords/keykloak_admin')}}" - ignore_errors: True - -- name: Configure logging format - remote_user: jboss - lineinfile: #TODO: Change to community.general.xml - path: /opt/jboss/keycloak/standalone/configuration/standalone.xml - regexp: '.*<formatter name="PATTERN">.*' - line: "<formatter name=\"JSON\"><json-formatter date-format=\"yyyy-MM-dd'T'HH:mm:ss.SSS'Z'\" pretty-print=\"false\" print-details=\"true\" zone-id=\"UTC\"/></formatter><formatter name=\"PATTERN\">" - -- name: Enable event logging - remote_user: jboss - lineinfile: - path: /opt/jboss/keycloak/standalone/configuration/standalone.xml - regexp: '.*<spi name="eventsStore">.*' - line: '<spi name="eventsListener"><provider name="jboss-logging" enabled="true"><properties><property name="success-level" value="INFO"/><property name="error-level" value="WARN"/></properties></provider></spi><spi name="eventsStore">' - -- name: Specify logging format - remote_user: jboss - lineinfile: - path: /opt/jboss/keycloak/standalone/configuration/standalone.xml - regexp: ".*<named-formatter name=.*" - line: '<named-formatter name="JSON"/>' - -- name: Configure Keycloak start script - remote_user: jboss - template: - src: "{{item}}.j2" - dest: "/opt/jboss/tools/{{item}}" - mode: 0750 - with_items: - - startkeycloak.sh - - initkeycloakrealm.sh - -- name: Start Keycloak IdP - remote_user: root - command: "supervisorctl start keycloak" - -- name: Wait for Keycloak - remote_user: jboss - wait_for: - host: "{{groups['keycloakcontainers'][0]}}" - port: 8443 - state: started - delay: 5 - -- name: Initialize Keycloak realm - remote_user: jboss - command: /opt/jboss/tools/initkeycloakrealm.sh - -- name: Copy secrets from Keycloak - remote_user: jboss - fetch: - src: "{{ item.remote }}" - dest: "{{ item.local }}" - flat: yes - with_items: - - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/nifisecret" - local: "{{playbook_dir}}/secrets/tokens/nifisecret" - - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/kibanasecret" - local: "{{playbook_dir}}/secrets/tokens/kibanasecret" - - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/mispsecret" - local: "{{playbook_dir}}/secrets/tokens/mispsecret" - -- name: Set Autostart for supervisord's services - shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf" diff --git a/roles/keycloak/tasks/stop.yml b/roles/keycloak/tasks/stop.yml deleted file mode 100644 index 0f9c490..0000000 --- a/roles/keycloak/tasks/stop.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -- name: Stop Keycloak - remote_user: root - command: "supervisorctl stop keycloak" diff --git a/roles/keycloak/tasks/update-config.yml b/roles/keycloak/tasks/update-config.yml deleted file mode 100644 index c64229a..0000000 --- a/roles/keycloak/tasks/update-config.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- - -- name: Configure Keycloak start script - remote_user: jboss - template: - src: "{{item}}.j2" - dest: "/opt/jboss/tools/{{item}}" - mode: 0750 - with_items: - - startkeycloak.sh - - initkeycloakrealm.sh - -- name: Copy keycloak-tools - remote_user: jboss - synchronize: - src: roles/build/templates/keycloak/keycloak-tools/ - dest: /opt/jboss/tools/ - -- name: Copy secrets from Keycloak - remote_user: jboss - fetch: - src: "{{ item.remote }}" - dest: "{{ item.local }}" - flat: yes - with_items: - - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/nifisecret" - local: "{{playbook_dir}}/secrets/tokens/nifisecret" - - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/kibanasecret" - local: "{{playbook_dir}}/secrets/tokens/kibanasecret" - - remote: "{{ ansible_facts.env['JBOSS_HOME'] }}/mispsecret" - local: "{{playbook_dir}}/secrets/tokens/mispsecret" - diff --git a/roles/keycloak/templates/initkeycloakrealm.sh.j2 b/roles/keycloak/templates/initkeycloakrealm.sh.j2 index 3d790f2..d6fc946 100644 --- a/roles/keycloak/templates/initkeycloakrealm.sh.j2 +++ b/roles/keycloak/templates/initkeycloakrealm.sh.j2 @@ -5,8 +5,8 @@ exec 7>&2 exec > /opt/jboss/keycloak/initkeycloak.log 2>&1 -kcadm.sh config truststore --trustpass {{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}} /opt/jboss/keycloak/cacerts.jks -kcadm.sh config credentials --server https://{{groups['keycloakcontainers'][0]}}:8443/auth --realm master --user admin --password "{{lookup('password', '{{playbook_dir}}/secrets/passwords/keykloak_admin')}}" +kcadm.sh config truststore --trustpass {{tspass}} /opt/jboss/keycloak/cacerts.jks +kcadm.sh config credentials --server https://{{groups['keycloakcontainers'][0]}}:8443/auth --realm master --user admin --password {{keycloak_adminpass}} kcadm.sh create realms -b '{ "enabled": "true", "id": "{{openid_realm}}", "realm": "{{openid_realm}}"}' kcadm.sh create realms/{{openid_realm}}/authentication/flows/browser/copy -b '{ "id": "browser-x509", "newName": "X.509 Browser" }' BROWSERFORM=$(kcadm.sh create realms/{{openid_realm}}/authentication/flows/X.509%20Browser/executions/execution -i -b '{ "provider": "auth-x509-client-username-form" }') @@ -18,18 +18,22 @@ kcadm.sh create realms/{{openid_realm}}/groups -b '{"name":"GN43WP8T31"}' {% for user in soctools_users %} kcadm.sh create realms/{{openid_realm}}/users -b '{"enabled":true,"attributes":{"DN": ["{{user.DN}}"],"CN": ["{{user.CN}}"]},"username":"{{user.username}}","emailVerified":"","email":"{{user.email}}","firstName":"{{user.firstname}}","lastName":"{{user.lastname}}","groups": ["/GN43WP8T31"] }' -kcadm.sh set-password -r {{openid_realm}} --username {{user.username}} --new-password {{lookup('password', '{{playbook_dir}}/secrets/passwords/'+user.CN)}} +kcadm.sh set-password -r {{openid_realm}} --username {{user.username}} --new-password {{user.password}} {% endfor %} -NIFICLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"soctools-nifi","protocol":"openid-connect","clientAuthenticatorType": "client-secret","redirectUris": ["https://{{soctoolsproxy}}:9443/*" ],"webOrigins": [], "publicClient": false }') +NIFICLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-nifi","protocol":"openid-connect","clientAuthenticatorType": "client-secret","redirectUris": ["https://{{dslproxy}}:9443/*" ],"webOrigins": [], "publicClient": false }') kcadm.sh create realms/{{openid_realm}}/clients/${NIFICLIENT}/protocol-mappers/models -b '{"protocol":"openid-connect","config":{"id.token.claim":"true","access.token.claim":"true","userinfo.token.claim":"true","multivalued":"","aggregate.attrs":"","user.attribute":"DN","claim.name":"DN","jsonType.label":"String"},"name":"SendDN","protocolMapper":"oidc-usermodel-attribute-mapper"}' kcadm.sh get realms/{{openid_realm}}/clients/${NIFICLIENT}/client-secret --fields value > /opt/jboss/keycloak/nifisecret -KIBANACLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"soctools-kibana","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{soctoolsproxy}}:5601","adminUrl": "","redirectUris": ["https://{{soctoolsproxy}}:5601", "https://{{soctoolsproxy}}:5601/auth/openid/login", "https://{{soctoolsproxy}}:5601/app/kibana" ],"webOrigins": [], "publicClient": false }') +KIBANACLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-kibana","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{dslproxy}}:5601","adminUrl": "","redirectUris": ["https://{{dslproxy}}:5601", "https://{{dslproxy}}:5601/auth/openid/login", "https://{{dslproxy}}:5601/app/kibana" ],"webOrigins": [], "publicClient": false }') kcadm.sh get realms/{{openid_realm}}/clients/${KIBANACLIENT}/client-secret --fields value > /opt/jboss/keycloak/kibanasecret -MISPCLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"soctools-misp","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{soctoolsproxy}}:6443","adminUrl": "","redirectUris": ["https://{{soctoolsproxy}}:6443/users/login/keycloak"],"webOrigins": [], "publicClient": false }') -kcadm.sh get realms/{{openid_realm}}/clients/${MISPCLIENT}/client-secret --fields value > /opt/jboss/keycloak/mispsecret +THEHIVECLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-thehive","protocol":"openid-connect","clientAuthenticatorType": "client-secret","adminUrl": "","redirectUris": ["https://{{dslproxy}}:9000/api/ssoLogin"],"webOrigins": [], "publicClient": false }') +kcadm.sh get realms/{{openid_realm}}/clients/${THEHIVECLIENT}/client-secret --fields value > /opt/jboss/keycloak/thehivesecret + +CORTEXCLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-cortex","protocol":"openid-connect","clientAuthenticatorType": "client-secret","adminUrl": "","redirectUris": ["https://{{dslproxy}}:9001/api/ssoLogin"],"webOrigins": [], "publicClient": false }') +kcadm.sh get realms/{{openid_realm}}/clients/${CORTEXCLIENT}/client-secret --fields value > /opt/jboss/keycloak/cortexsecret + kcadm.sh config truststore --delete diff --git a/roles/misp/files/SOCTOOLS-CA.crt b/roles/misp/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/misp/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/misp/files/cacerts.jks b/roles/misp/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/misp/files/dsoclab-misp.crt b/roles/misp/files/dsoclab-misp.crt new file mode 100644 index 0000000..f830104 --- /dev/null +++ b/roles/misp/files/dsoclab-misp.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 75:87:fc:e4:cf:3e:c6:81:17:19:90:76:b1:2c:d5:d2 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:28 2020 GMT + Not After : Oct 15 10:47:28 2023 GMT + Subject: CN=dsoclab-misp + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cf:b1:1b:e7:a2:ae:70:81:71:a5:57:46:14:2e: + 47:64:89:4e:bd:7d:f0:82:2d:03:19:d6:87:44:b3: + 42:bf:72:78:03:cc:91:98:5b:36:42:14:55:e2:82: + 16:12:58:60:54:44:8f:15:f6:1b:1f:76:36:22:2e: + e8:ac:d3:3c:0a:df:46:c7:f1:04:bc:3a:bf:fe:4b: + 8f:2a:53:83:e3:50:82:06:09:fc:2a:fa:fe:94:a0: + 7b:7f:c2:3e:0b:3e:dc:72:b8:94:10:0a:0b:90:fd: + 45:76:29:85:52:bf:0f:20:43:78:fe:3b:d3:49:20: + 8f:9a:a5:0c:89:bb:0e:97:f2:67:b0:2d:f0:17:53: + 25:a6:9b:4b:64:0e:72:8a:bf:c9:e3:8e:41:bb:ed: + f3:33:6a:55:5f:8d:52:84:fa:a3:67:1a:7b:71:fb: + 90:f1:5f:61:df:44:ea:0b:77:88:f2:e5:c1:83:71: + 58:c7:58:8a:9b:39:45:59:4e:e0:db:16:b6:96:72: + 90:8c:ee:c2:13:75:ea:15:c6:6b:e2:dc:3a:de:c8: + 07:de:18:84:2d:96:b6:c4:4c:e1:4a:4d:13:6f:6c: + 9a:1d:e5:f9:6f:cc:7e:1b:4a:3a:75:1a:b9:37:b0: + 6d:a0:1b:69:35:f1:b6:e6:c2:a5:d3:56:d3:57:c7: + 0e:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 65:C5:56:88:65:AF:77:F1:53:B2:71:5E:16:10:D1:0B:30:FF:28:BE + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-misp, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 5a:57:76:90:fd:a5:0d:ea:b0:22:c9:02:2e:18:91:81:04:d1: + f4:64:58:58:19:27:03:9b:5a:dc:de:6c:0e:fb:b7:76:eb:b1: + 97:36:e2:c7:76:ef:7d:d8:00:c3:20:c0:3d:a7:cf:61:f8:16: + 4c:96:4c:7c:c8:89:21:d6:d4:eb:3a:c1:3d:98:34:74:6e:39: + 81:20:6f:9b:4b:8d:b9:35:60:c5:76:19:30:30:06:0f:89:b1: + 1a:f6:c4:88:52:28:98:41:52:f1:9a:77:82:79:ae:c9:71:ba: + d9:e5:e9:b7:ba:08:32:59:eb:5e:7d:11:e0:a8:27:20:91:46: + 05:56:1e:e6:0b:4d:49:17:52:7f:4b:c4:a3:e0:cd:30:bd:4e: + 6a:70:2a:f5:77:4d:d1:d6:64:13:8d:4b:1a:d3:0b:0f:8a:49: + 1e:bf:b4:c0:4f:43:dc:92:e3:c0:f2:2f:4a:c8:30:45:fc:5a: + d2:de:92:b2:a1:48:b8:da:ff:f4:0b:04:5d:5d:a7:30:d8:4b: + ca:cf:0c:01:6a:50:45:5f:d4:a8:cf:dd:fa:f7:68:0c:4c:45: + 47:be:3a:c2:39:bb:04:ff:62:a0:bc:91:a0:f2:2b:67:09:89: + 5a:ff:e6:53:c1:89:18:12:a1:0f:5a:d7:e1:12:8b:88:88:89: + ca:b0:30:27 +-----BEGIN CERTIFICATE----- +MIIDkjCCAnqgAwIBAgIQdYf85M8+xoEXGZB2sSzV0jANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjhaFw0yMzEwMTUx +MDQ3MjhaMBcxFTATBgNVBAMMDGRzb2NsYWItbWlzcDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAM+xG+eirnCBcaVXRhQuR2SJTr198IItAxnWh0SzQr9y +eAPMkZhbNkIUVeKCFhJYYFREjxX2Gx92NiIu6KzTPArfRsfxBLw6v/5LjypTg+NQ +ggYJ/Cr6/pSge3/CPgs+3HK4lBAKC5D9RXYphVK/DyBDeP4700kgj5qlDIm7Dpfy +Z7At8BdTJaabS2QOcoq/yeOOQbvt8zNqVV+NUoT6o2cae3H7kPFfYd9E6gt3iPLl +wYNxWMdYips5RVlO4NsWtpZykIzuwhN16hXGa+LcOt7IB94YhC2WtsRM4UpNE29s +mh3l+W/MfhtKOnUauTewbaAbaTXxtubCpdNW01fHDosCAwEAAaOB2jCB1zAJBgNV +HRMEAjAAMB0GA1UdDgQWBBRlxVaIZa938VOycV4WENELMP8ovjBGBgNVHSMEPzA9 +gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9PTFMt +Q0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCwYD +VR0PBAQDAgWgMDcGA1UdEQQwMC6CDGRzb2NsYWItbWlzcIIeZHNvY2xhYi5nbjQt +My13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQBaV3aQ/aUN6rAi +yQIuGJGBBNH0ZFhYGScDm1rc3mwO+7d267GXNuLHdu992ADDIMA9p89h+BZMlkx8 +yIkh1tTrOsE9mDR0bjmBIG+bS425NWDFdhkwMAYPibEa9sSIUiiYQVLxmneCea7J +cbrZ5em3uggyWetefRHgqCcgkUYFVh7mC01JF1J/S8Sj4M0wvU5qcCr1d03R1mQT +jUsa0wsPikkev7TAT0PckuPA8i9KyDBF/FrS3pKyoUi42v/0CwRdXacw2EvKzwwB +alBFX9Soz93692gMTEVHvjrCObsE/2KgvJGg8itnCYla/+ZTwYkYEqEPWtfhEouI +iInKsDAn +-----END CERTIFICATE----- diff --git a/roles/misp/files/dsoclab-misp.key b/roles/misp/files/dsoclab-misp.key new file mode 100644 index 0000000..9b8a5d6 --- /dev/null +++ b/roles/misp/files/dsoclab-misp.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDPsRvnoq5wgXGl +V0YULkdkiU69ffCCLQMZ1odEs0K/cngDzJGYWzZCFFXighYSWGBURI8V9hsfdjYi +Luis0zwK30bH8QS8Or/+S48qU4PjUIIGCfwq+v6UoHt/wj4LPtxyuJQQCguQ/UV2 +KYVSvw8gQ3j+O9NJII+apQyJuw6X8mewLfAXUyWmm0tkDnKKv8njjkG77fMzalVf +jVKE+qNnGntx+5DxX2HfROoLd4jy5cGDcVjHWIqbOUVZTuDbFraWcpCM7sITdeoV +xmvi3DreyAfeGIQtlrbETOFKTRNvbJod5flvzH4bSjp1Grk3sG2gG2k18bbmwqXT +VtNXxw6LAgMBAAECggEBAIb/4VqMVQTOLvfBJc0iU8eWtLbZMMb8ySI3Xs+aEc3t +cvNNOmolB7ymCTllQ0GDboH32mX1BaZKqV9IzHbiCwoqHZEDKgfLzFZX+OQTSwwr +nYidXur1IRuswPnHYZrfrl1net5+GQyShF8NGBs0E3nuQaxHaMwEvTNRCzhPfWnn +u/g3IExtSdE/XSxRnTGRQqSnMAf9OXs9bw/iTSR5cQO2mW/dRLr4aUCQOJ5Hx4mO +ub172vkNeNwOSUzc9FjtZyQZOtn25WoS7SusK7y9ToDqqR5OcI5M+kxq+fQo8Wvu +XlIeOvTKTHOBaih6QYEzHo9zq893I/c0xiOmfOr0v7kCgYEA7WQ7g5z+2Lyt35Sq +XmzyQyAEbx+PMPc7yTQC62YuvpEAaDFDHMphDw1zM2mraLO+2IuBuDz7CTlsf1zl +xwEJoEZa3odRi2McpqiUVQgJYD+bCUv35J8X93K4/7tLHvXDJQ3BKBNNoLHxjD5P +SlR5xBCFwZiiXAkquWpZaaWAbg0CgYEA3/jjf723dlWRrVcG/m7VJrhTWq10Jltp +8y786INKU1IUrwqFt7ph4c9/Jbop40QVkJKzsPojzWreDf3EZYGnBVhOLA5p4MC0 +X1ZTzN86dn1Y3SDCopGnJVP8X2EdDGfsTkfXxOjRCzSPOyZzxzseACw9WWAmullU +zQs4K6/4YPcCgYB117znb8bepoMVqwILz79PbRRmaV82qnRGRAhy/I2V0ftGvbWY +FCqsQzv9uKX7WscRTed+It9nS9c9PkteR3iU1HgFYV0seW3emW7Q6yVkXw7CRbDw +D73g+1U0ta/r1Yoi2boZ/8MYU10aBlBsEJVFrAIKAZAPagmIc2+hTyP6/QKBgQDX +FHSr3C0NJzkhA7zEovxwFXx+TKmImCqTjKD0S/gZMW6JdYpZmFOc/Jz2RuMoyt4G +msqSfnPZNPIO744liC8zM8zGBAVq/sN39je9OvUyikbG+0nNwh+H+jIWCfVST44e +0mEDSCxPHWcaf1+ZiEzUD6fOZ0Zpl5WW3lpPocncmwKBgQDIR7uJctv3UZkEO+oq +g1Q4jLUYJFUb/3fk1mEmpq+b90e/xQMqZHlu/KHiHcKrukdWj67d/LY4mrw4DebR +PTgdj9e0O8V9M7BYxDN+zEYrvmmY4A+tg07zm8aqmhCNKpOMsW0MkKFFuRiMkiCh +bopZVfjdd+d/56vLZW+GSBaCew== +-----END PRIVATE KEY----- diff --git a/roles/misp/tasks/config.yml b/roles/misp/tasks/config.yml deleted file mode 100644 index 864c61d..0000000 --- a/roles/misp/tasks/config.yml +++ /dev/null @@ -1,93 +0,0 @@ ---- - -- name: Change password of default user - shell: "/var/www/MISP/app/Console/cake Password admin@admin.test {{ lookup('password', '{{playbook_dir}}/secrets/passwords/misp_admin') }}" - -- name: Configure MISP - shell: '/var/www/MISP/app/Console/cake Admin setSetting {{item.var}} {{item.value}}' - with_items: - - {"var":"Plugin.CustomAuth_enable","value":"true"} - - {"var":"Plugin.CustomAuth_header","value":"X_REMOTE_USER"} - - {"var":"Plugin.CustomAuth_disable_logout","value":"true"} - - {"var":"MISP.external_baseurl","value":"https://{{soctoolsproxy}}:6443"} - - {"var":"MISP.live","value":"true"} - -- name: Init default user - shell: '/var/www/MISP/app/Console/cake user_init | /usr/bin/tail -n1' - register: init_output - ignore_errors: True - -- name: Set API key fact - set_fact: - misp_api_key: "{{ init_output.stdout }}" - when: '"initialised" not in init_output.stdout' - -- name: Get API key - shell: '/var/www/MISP/app/Console/cake Admin getAuthkey admin@admin.test | /usr/bin/tail -n1' - register: get_output - ignore_errors: True - when: '"initialised" in init_output.stdout' - -- name: Set API key fact - set_fact: - misp_api_key: "{{ get_output.stdout }}" - when: '"initialised" in init_output.stdout' - -- name: add users - uri: - url: "https://{{soctoolsproxy}}:6443/admin/users/add/1" - method: POST - body_format: json - headers: - Authorization: "{{misp_api_key}}" - Accept: "application/json" - Content-type: "application/json" - body: '{"email": "{{item.email}}","org_id": "1","role_id": "1","external_auth_key":"{{item.email}}","external_auth_required":"1","change_pw": "0","external_auth_key":"{{item.email}}"}' - ignore_errors: yes #Ignore error when user already exists - with_items: - - "{{soctools_users}}" - -- name: Get user API key - shell: '/var/www/MISP/app/Console/cake Admin getAuthkey {{soctools_users[0].email}} | /usr/bin/tail -n1' - register: user_key - -- name: Store user API key - copy: - content: "{{ user_key.stdout }}" - dest: "{{playbook_dir}}/secrets/tokens/misp" - delegate_to: 127.0.0.1 - -- name: Enable feed - uri: - url: "https://{{soctoolsproxy}}:6443/feeds/edit/1" - method: POST - body_format: json - headers: - Authorization: "{{misp_api_key}}" - Accept: "application/json" - Content-type: "application/json" - body: '{"enabled": true, "caching_enabled": true, "distribution": "1","publish": true}' - -- name: Fetch feed - shell: '/var/www/MISP/app/Console/cake Server {{item}} 1 all&' - with_items: - - fetchFeed - - cacheFeed - -- name: Add example event - uri: - url: - url: "https://{{soctoolsproxy}}:6443/events" - method: POST - body_format: json - headers: - Authorization: "{{misp_api_key}}" - Accept: "application/json" - Content-type: "application/json" - body: '{"Event":{"date":"{{ansible_date_time.date}}","threat_level_id":"1","info":"testevent","published":true,"analysis":"0","distribution":"0","Attribute":[{"type":"domain","category":"Network activity","to_ids":false,"distribution":"0","comment":"","value":"example.evil"},{"type":"ip-dst","category":"Network activity","to_ids":false,"distribution":"0","comment":"","value":"10.10.10.10"}]}}' - -- name: Set Autostart for supervisord services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' diff --git a/roles/misp/tasks/main.yml b/roles/misp/tasks/main.yml index 9b53c6c..826e9dc 100644 --- a/roles/misp/tasks/main.yml +++ b/roles/misp/tasks/main.yml @@ -1,19 +1,59 @@ --- -- include: start.yml +- name: Copy certificates in apache cert dir + copy: + src: "{{ item.local }}" + dest: "{{ item.remote }}" + mode: "{{ item.mode}}" + with_items: + - local: "files/{{ inventory_hostname }}.crt" + remote: /etc/ssl/certs/misp.crt + mode: '0644' + - local: "files/{{ inventory_hostname }}.key" + remote: /etc/ssl/certs/misp.key + mode: '0600' + - local: "files/{{ ca_cn }}.crt" + remote: /etc/ssl/certs/ca.crt + mode: '0644' tags: - - start -- include: config.yml + - start + +- name: Configure Apache web server for misp + template: + src: misp.conf.j2 + dest: /etc/httpd/conf.d/misp.conf + tags: + - start + +- name: Configure MISP database access + template: + src: database.php.j2 + dest: /var/www/MISP/app/Config/database.php + tags: + - start + +- name: Configure MISP app + template: + src: config.php.j2 + dest: /var/www/MISP/app/Config/config.php tags: - - start - - config -- include: stop.yml - tags: stop -- include: update-config.yml + - start + +- name: Configure MISP database initialization script + template: + src: checkdb.sh.j2 + dest: /var/www/MISP/checkdb.sh + mode: '0700' tags: - - update-config - - update-misp-config -- include: restart.yml + - start + +- name: Check if database is initialized + command: /var/www/MISP/checkdb.sh tags: - - restart - - restart-misp + - start + +- name: Start MISP + command: "/usr/bin/supervisord -c /etc/supervisord.conf" + tags: + - start + diff --git a/roles/misp/tasks/restart.yml b/roles/misp/tasks/restart.yml deleted file mode 100644 index 5878940..0000000 --- a/roles/misp/tasks/restart.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- name: Restart php-fpm - command: "supervisorctl restart php-fpm" - -- name: Restart redis-server - command: "supervisorctl restart redis-server" - -- name: Restart apache2 - command: "supervisorctl restart apache2" - -- name: Restart misp-modules - command: "supervisorctl restart misp-modules" - -- name: Restart workers - command: "supervisorctl restart workers" diff --git a/roles/misp/tasks/start.yml b/roles/misp/tasks/start.yml deleted file mode 100644 index c07917f..0000000 --- a/roles/misp/tasks/start.yml +++ /dev/null @@ -1,73 +0,0 @@ ---- - -- name: Set PHP symbolic link - file: - src: /opt/rh/rh-php72/root/bin/php - dest: /usr/bin/php - state: link - -- name: Copy certificates - copy: - src: "{{ item.local }}" - dest: "{{ item.remote }}" - mode: "{{ item.mode}}" - with_items: - - local: "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt" - remote: /etc/ssl/certs/misp.crt - mode: '0644' - - local: "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key" - remote: /etc/ssl/certs/misp.key - mode: '0600' - - local: "{{playbook_dir}}/secrets/CA/ca.crt" - remote: /etc/ssl/certs/ca.crt - mode: '0644' - - local: "{{playbook_dir}}/secrets/CA/ca.crt" - remote: /etc/pki/ca-trust/source/anchors/ca.crt - mode: '0644' - -- name: Update CA trust - command: update-ca-trust - -- name: Get openid authkey - set_fact: - mispsecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/mispsecret',convert_data=False) | from_json }}" - -- name: Configure Apache web server for misp - template: - src: misp.conf.j2 - dest: /etc/httpd/conf.d/misp.conf - -- name: Configure MISP database access - template: - src: database.php.j2 - dest: /var/www/MISP/app/Config/database.php - -- name: Configure salt - lineinfile: - path: /var/www/MISP/app/Config/config.php - regexp: "'salt'.*=>" - line: "'salt' => '{{lookup('password', '{{playbook_dir}}/secrets/misp_salt')}}'," - -- name: Configure MISP database initialization script - template: - src: checkdb.sh.j2 - dest: /var/www/MISP/checkdb.sh - mode: '0700' - -- name: Check if database is initialized - command: /var/www/MISP/checkdb.sh - -- name: Start php-fpm - command: "supervisorctl start php-fpm" - -- name: Start redis-server - command: "supervisorctl start redis-server" - -- name: Start apache2 - command: "supervisorctl start apache2" - -- name: Start misp-modules - command: "supervisorctl start misp-modules" - -- name: Start workers - command: "supervisorctl start workers" diff --git a/roles/misp/tasks/stop.yml b/roles/misp/tasks/stop.yml deleted file mode 100644 index 6a56d87..0000000 --- a/roles/misp/tasks/stop.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Stop php-fpm - command: "supervisorctl stop php-fpm" - -- name: Stop redis-server - command: "supervisorctl stop redis-server" - -- name: Stop apache2 - command: "supervisorctl stop apache2" - -- name: Stop misp-modules - command: "supervisorctl stop misp-modules" - -- name: Stop workers - #command: "supervisorctl start workers" - command: 'su - -s /bin/bash -c "/var/www/MISP/app/Console/worker/stop.sh" apache' - diff --git a/roles/misp/tasks/update-config.yml b/roles/misp/tasks/update-config.yml deleted file mode 100644 index cd21505..0000000 --- a/roles/misp/tasks/update-config.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- - diff --git a/roles/misp/templates/checkdb.sh.j2 b/roles/misp/templates/checkdb.sh.j2 index c8eb4ab..5aba69f 100644 --- a/roles/misp/templates/checkdb.sh.j2 +++ b/roles/misp/templates/checkdb.sh.j2 @@ -1,5 +1,5 @@ #!/bin/bash -x -MISPINIT=$(echo "SELECT COUNT(DISTINCT 'table_name') FROM information_schema.columns WHERE table_schema = '{{misp_dbname}}';" | mysql -s -h {{mysql_name}} -u {{misp_dbuser}} -p{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}} {{misp_dbname}}) +MISPINIT=$(echo "SELECT COUNT(DISTINCT 'table_name') FROM information_schema.columns WHERE table_schema = '{{misp_dbname}}';" | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{misp_dbpass}} {{misp_dbname}}) if [ ${MISPINIT} == "0" ]; then - cat /var/www/MISP/INSTALL/MYSQL.sql | mysql -s -h {{mysql_name}} -u {{misp_dbuser}} -p{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}} {{misp_dbname}} + cat /var/www/MISP/INSTALL/MYSQL.sql | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{misp_dbpass}} {{misp_dbname}} fi diff --git a/roles/misp/templates/config.php.j2 b/roles/misp/templates/config.php.j2 new file mode 100644 index 0000000..46ca1ca --- /dev/null +++ b/roles/misp/templates/config.php.j2 @@ -0,0 +1,84 @@ +<?php +$config = array ( + 'debug' => 0, + 'MISP' => + array ( + 'baseurl' => 'https://{{dslproxy}}:6443', + 'footermidleft' => '', + 'footermidright' => '', + 'org' => 'ORGNAME', + 'showorg' => true, + 'threatlevel_in_email_subject' => true, + 'email_subject_TLP_string' => 'tlp:amber', + 'email_subject_tag' => 'tlp', + 'email_subject_include_tag_name' => true, + 'background_jobs' => true, + 'cached_attachments' => true, + 'email' => 'email@address.com', + 'contact' => 'email@address.com', + 'cveurl' => 'https://cve.circl.lu/cve/', + 'cweurl' => 'https://cve.circl.lu/cwe/', + 'disablerestalert' => false, + 'default_event_distribution' => '1', + 'default_attribute_distribution' => 'event', + 'tagging' => true, + 'full_tags_on_event_index' => true, + 'attribute_tagging' => true, + 'full_tags_on_attribute_index' => true, + 'footer_logo' => '', + 'take_ownership_xml_import' => false, + 'unpublishedprivate' => false, + 'disable_emailing' => false, + 'manage_workers' => true, + 'Attributes_Values_Filter_In_Event' => 'id, uuid, value, comment, type, category, Tag.name', + 'uuid' => '6ec3e533-99f9-42ac-952d-002664d1500f', + 'live' => true, + ), + 'GnuPG' => + array ( + 'onlyencrypted' => false, + 'email' => '', + 'homedir' => '', + 'password' => '', + 'bodyonlyencrypted' => false, + 'sign' => true, + 'obscure_subject' => false, + ), + 'SMIME' => + array ( + 'enabled' => false, + 'email' => '', + 'cert_public_sign' => '', + 'key_sign' => '', + 'password' => '', + ), + 'Proxy' => + array ( + 'host' => '', + 'port' => '', + 'method' => '', + 'user' => '', + 'password' => '', + ), + 'SecureAuth' => + array ( + 'amount' => 5, + 'expire' => 300, + ), + 'Security' => + array ( + 'level' => 'medium', + 'salt' => '{{misp_salt}}', + 'cipherSeed' => '', + ), + 'Session.defaults' => 'php', + 'Session.timeout' => 60, + 'Session.cookieTimeout' => 60, + 'Session.autoRegenerate' => false, + 'Session.checkAgent' => false, + 'site_admin_debug' => NULL, + 'Plugin' => NULL, + 'CertAuth' => NULL, + 'ApacheShibbAuth' => NULL, + 'ApacheSecureAuth' => NULL, +); diff --git a/roles/misp/templates/database.php.j2 b/roles/misp/templates/database.php.j2 index 867e5fb..0cf1934 100755 --- a/roles/misp/templates/database.php.j2 +++ b/roles/misp/templates/database.php.j2 @@ -63,11 +63,11 @@ class DATABASE_CONFIG { 'datasource' => 'Database/Mysql', //'datasource' => 'Database/Postgres', 'persistent' => false, - 'host' => '{{mysql_name}}', + 'host' => '{{groups['mysql'][0]}}', 'login' => '{{misp_dbuser}}', 'port' => 3306, // MySQL & MariaDB //'port' => 5432, // PostgreSQL - 'password' => '{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}}', + 'password' => '{{misp_dbpass}}', 'database' => '{{misp_dbname}}', 'prefix' => '', 'encoding' => 'utf8', diff --git a/roles/misp/templates/misp.conf.j2 b/roles/misp/templates/misp.conf.j2 index 2ca0521..3a9cb85 100644 --- a/roles/misp/templates/misp.conf.j2 +++ b/roles/misp/templates/misp.conf.j2 @@ -1,7 +1,7 @@ Listen 6443 https <VirtualHost *:6443> -ServerAdmin admin@{{soctoolsproxy}} -ServerName {{soctoolsproxy}} +ServerAdmin admin@{{dslproxy}} +ServerName {{dslproxy}} DocumentRoot /var/www/MISP/app/webroot <Directory /var/www/MISP/app/webroot> Options -Indexes @@ -10,25 +10,15 @@ AllowOverride all DirectoryIndex index.php +# ProxyPassMatch ^/info$ fcgi://127.0.0.1:9000/var/www/MISP/app/webroot/info.php ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/MISP/app/webroot/$1 -SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - -OIDCCryptoPassphrase {{lookup('password', '{{playbook_dir}}/secrets/passwords/misp_crypto')}} -OIDCProviderMetadataURL https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration -OIDCRedirectURI https://{{soctoolsproxy}}:6443/users/login/keycloak -OIDCClientID soctools-misp -OIDCScope "openid profile" -OIDCClientSecret {{mispsecret.value}} -OIDCRemoteUserClaim email -OIDCProviderTokenEndpointAuth client_secret_basic - -<Location /users/login> - AuthType openid-connect - Require valid-user - RequestHeader set X-Remote-User %{OIDC_CLAIM_email}e -</Location> - +#<FilesMatch "\.php$"> +# SetHandler "proxy:fcgi://127.0.0.1:9000" +# ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" +# AddHandler php72-fcgi .php +# Action php72-fcgi /cgi-bin/php72.fcgi +#</FilesMatch> SSLEngine On SSLCertificateFile /etc/ssl/certs/misp.crt diff --git a/roles/misp/templates/mysql_secure.sql.j2 b/roles/misp/templates/mysql_secure.sql.j2 index dd8ffd5..7b8dd28 100644 --- a/roles/misp/templates/mysql_secure.sql.j2 +++ b/roles/misp/templates/mysql_secure.sql.j2 @@ -1,4 +1,4 @@ -UPDATE mysql.user SET Password=PASSWORD('{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_root')}}') WHERE User='root'; +UPDATE mysql.user SET Password=PASSWORD('{{mysql_dbrootpass}}') WHERE User='root'; DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); DROP DATABASE IF EXISTS test; @@ -6,7 +6,7 @@ DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'; CREATE DATABASE {{misp_dbname}}; {% for misp_host in groups['mispcontainers'] %} -GRANT USAGE on *.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}' IDENTIFIED by '{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}}'; +GRANT USAGE on *.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}' IDENTIFIED by '{{misp_dbpass}}'; GRANT ALL PRIVILEGES on {{misp_dbname}}.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}'; {% endfor %} diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 69395fe..f915611 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,20 +1,4 @@ --- - include: secure.yml - tags: - - start - include: misp.yml - tags: - - start -- include: stop.yml - tags: - - stop - - stop-mysql -- include: update-config.yml - tags: - - update-config - - update-mysql-config -- include: restart.yml - tags: - - restart - - restart-mysql diff --git a/roles/mysql/tasks/misp.yml b/roles/mysql/tasks/misp.yml index c541e99..60e1d0a 100644 --- a/roles/mysql/tasks/misp.yml +++ b/roles/mysql/tasks/misp.yml @@ -4,26 +4,23 @@ mysql_db: name: "{{misp_dbname}}" state: present + tags: + - start - name: Create misp user mysql_user: name: "{{misp_dbuser}}" - #host: "{{item}}.{{soctools_netname}}" - host: "%" - password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}}" + host: "{{item}}.{{soctools_netname}}" + password: "{{misp_dbpass}}" priv: "{{misp_dbname}}.*:ALL" with_items: "{{groups['mispcontainers']}}" - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' + tags: + - start # CREATE DATABASE IF NOT EXISTS {{misp_dbname}}; # {% for misp_host in groups['mispcontainers'] %} -# GRANT USAGE on *.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}' IDENTIFIED by '{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}}'; +# GRANT USAGE on *.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}' IDENTIFIED by '{{misp_dbpass}}'; # GRANT ALL PRIVILEGES on {{misp_dbname}}.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}'; # {% endfor %} # diff --git a/roles/mysql/tasks/restart.yml b/roles/mysql/tasks/restart.yml deleted file mode 100644 index 79a5ef4..0000000 --- a/roles/mysql/tasks/restart.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -- name: Restart MySQL - shell: "supervisorctl restart mysql" diff --git a/roles/mysql/tasks/secure.yml b/roles/mysql/tasks/secure.yml index 80db96c..18f098e 100644 --- a/roles/mysql/tasks/secure.yml +++ b/roles/mysql/tasks/secure.yml @@ -4,7 +4,7 @@ mysql_user: name: root host_all: yes - password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_root')}}" + password: "{{mysql_dbrootpass}}" tags: - start ignore_errors: true @@ -54,7 +54,7 @@ # # # -# UPDATE mysql.user SET Password=PASSWORD('{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_root')}}') WHERE User='root'; +# UPDATE mysql.user SET Password=PASSWORD('{{mysql_dbrootpass}}') WHERE User='root'; # DELETE FROM mysql.user WHERE User=''; # DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); # DROP DATABASE IF EXISTS test; @@ -64,9 +64,9 @@ # # # #!/bin/bash -x -# MISPINIT=$(echo "SELECT COUNT(DISTINCT 'table_name') FROM information_schema.columns WHERE table_schema = '{{misp_dbname}}';" | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}} {{misp_dbname}}) -# #MISPINIT=$(echo "select count(id) from users;" | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}} {{misp_dbname}}) +# MISPINIT=$(echo "SELECT COUNT(DISTINCT 'table_name') FROM information_schema.columns WHERE table_schema = '{{misp_dbname}}';" | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{misp_dbpass}} {{misp_dbname}}) +# #MISPINIT=$(echo "select count(id) from users;" | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{misp_dbpass}} {{misp_dbname}}) # if [ ${MISPINIT} == "0" ]; then -# cat /var/www/MISP/INSTALL/MYSQL.sql | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_misp')}} {{misp_dbname}} +# cat /var/www/MISP/INSTALL/MYSQL.sql | mysql -s -h {{groups['mysql'][0]}} -u {{misp_dbuser}} -p{{misp_dbpass}} {{misp_dbname}} # touch /var/www/MISP/dbchecked-$(date +%Y%m%d_%H%M%S) # fi diff --git a/roles/mysql/tasks/stop.yml b/roles/mysql/tasks/stop.yml deleted file mode 100644 index dcfc34a..0000000 --- a/roles/mysql/tasks/stop.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -- name: Stop MySQL - shell: "supervisorctl stop mysql" diff --git a/roles/mysql/tasks/update-config.yml b/roles/mysql/tasks/update-config.yml deleted file mode 100644 index cd21505..0000000 --- a/roles/mysql/tasks/update-config.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- - diff --git a/roles/mysql/templates/dotmy.cnf.j2 b/roles/mysql/templates/dotmy.cnf.j2 index 79fe59e..56feaea 100644 --- a/roles/mysql/templates/dotmy.cnf.j2 +++ b/roles/mysql/templates/dotmy.cnf.j2 @@ -1,3 +1,3 @@ [client] user=root -password='{{lookup('password', '{{playbook_dir}}/secrets/passwords/mysql_root')}}' +password='{{mysql_dbrootpass}}' diff --git a/roles/mysql/templates/mysql_secure.sql.j2 b/roles/mysql/templates/mysql_secure.sql.j2 index 5b8474e..c1f602d 100644 --- a/roles/mysql/templates/mysql_secure.sql.j2 +++ b/roles/mysql/templates/mysql_secure.sql.j2 @@ -1,4 +1,4 @@ -UPDATE mysql.user SET Password=PASSWORD('{{playbook_dir}}/secrets/passwords/mysql_root')}}') WHERE User='root'; +UPDATE mysql.user SET Password=PASSWORD('{{mysql_dbrootpass}}') WHERE User='root'; DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); DROP DATABASE IF EXISTS test; @@ -6,14 +6,9 @@ DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'; CREATE DATABASE IF NOT EXISTS {{misp_dbname}}; {% for misp_host in groups['mispcontainers'] %} -GRANT USAGE on *.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}' IDENTIFIED by '{{playbook_dir}}/secrets/passwords/mysql_misp')}}'; +GRANT USAGE on *.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}' IDENTIFIED by '{{misp_dbpass}}'; GRANT ALL PRIVILEGES on {{misp_dbname}}.* to '{{misp_dbuser}}'@'{{misp_host}}.{{soctools_netname}}'; {% endfor %} -INSTALL SONAME 'server_audit'; -SET GLOBAL server_audit_logging=ON; -SET GLOBAL server_audit_file_rotate_now = ON; -SET GLOBAl server_audit_file_rotations = 2; -SET GLOABL audit_log_format = JSON; FLUSH PRIVILEGES; diff --git a/roles/nifi/files/CountriesWithRegionalCodes.csv b/roles/nifi/files/CountriesWithRegionalCodes.csv deleted file mode 100644 index f9b67f9..0000000 --- a/roles/nifi/files/CountriesWithRegionalCodes.csv +++ /dev/null @@ -1,250 +0,0 @@ -name,alpha-2,alpha-3,country-code,iso_3166-2,region,sub-region,intermediate-region,region-code,sub-region-code,intermediate-region-code -Afghanistan,AF,AFG,004,ISO 3166-2:AF,Asia,Southern Asia,"",142,034,"" -Åland Islands,AX,ALA,248,ISO 3166-2:AX,Europe,Northern Europe,"",150,154,"" -Albania,AL,ALB,008,ISO 3166-2:AL,Europe,Southern Europe,"",150,039,"" -Algeria,DZ,DZA,012,ISO 3166-2:DZ,Africa,Northern Africa,"",002,015,"" -American Samoa,AS,ASM,016,ISO 3166-2:AS,Oceania,Polynesia,"",009,061,"" -Andorra,AD,AND,020,ISO 3166-2:AD,Europe,Southern Europe,"",150,039,"" -Angola,AO,AGO,024,ISO 3166-2:AO,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Anguilla,AI,AIA,660,ISO 3166-2:AI,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Antarctica,AQ,ATA,010,ISO 3166-2:AQ,"","","","","","" -Antigua and Barbuda,AG,ATG,028,ISO 3166-2:AG,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Argentina,AR,ARG,032,ISO 3166-2:AR,Americas,Latin America and the Caribbean,South America,019,419,005 -Armenia,AM,ARM,051,ISO 3166-2:AM,Asia,Western Asia,"",142,145,"" -Aruba,AW,ABW,533,ISO 3166-2:AW,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Australia,AU,AUS,036,ISO 3166-2:AU,Oceania,Australia and New Zealand,"",009,053,"" -Austria,AT,AUT,040,ISO 3166-2:AT,Europe,Western Europe,"",150,155,"" -Azerbaijan,AZ,AZE,031,ISO 3166-2:AZ,Asia,Western Asia,"",142,145,"" -Bahamas,BS,BHS,044,ISO 3166-2:BS,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Bahrain,BH,BHR,048,ISO 3166-2:BH,Asia,Western Asia,"",142,145,"" -Bangladesh,BD,BGD,050,ISO 3166-2:BD,Asia,Southern Asia,"",142,034,"" -Barbados,BB,BRB,052,ISO 3166-2:BB,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Belarus,BY,BLR,112,ISO 3166-2:BY,Europe,Eastern Europe,"",150,151,"" -Belgium,BE,BEL,056,ISO 3166-2:BE,Europe,Western Europe,"",150,155,"" -Belize,BZ,BLZ,084,ISO 3166-2:BZ,Americas,Latin America and the Caribbean,Central America,019,419,013 -Benin,BJ,BEN,204,ISO 3166-2:BJ,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Bermuda,BM,BMU,060,ISO 3166-2:BM,Americas,Northern America,"",019,021,"" -Bhutan,BT,BTN,064,ISO 3166-2:BT,Asia,Southern Asia,"",142,034,"" -Bolivia (Plurinational State of),BO,BOL,068,ISO 3166-2:BO,Americas,Latin America and the Caribbean,South America,019,419,005 -"Bonaire, Sint Eustatius and Saba",BQ,BES,535,ISO 3166-2:BQ,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Bosnia and Herzegovina,BA,BIH,070,ISO 3166-2:BA,Europe,Southern Europe,"",150,039,"" -Botswana,BW,BWA,072,ISO 3166-2:BW,Africa,Sub-Saharan Africa,Southern Africa,002,202,018 -Bouvet Island,BV,BVT,074,ISO 3166-2:BV,Americas,Latin America and the Caribbean,South America,019,419,005 -Brazil,BR,BRA,076,ISO 3166-2:BR,Americas,Latin America and the Caribbean,South America,019,419,005 -British Indian Ocean Territory,IO,IOT,086,ISO 3166-2:IO,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Brunei Darussalam,BN,BRN,096,ISO 3166-2:BN,Asia,South-eastern Asia,"",142,035,"" -Bulgaria,BG,BGR,100,ISO 3166-2:BG,Europe,Eastern Europe,"",150,151,"" -Burkina Faso,BF,BFA,854,ISO 3166-2:BF,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Burundi,BI,BDI,108,ISO 3166-2:BI,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Cabo Verde,CV,CPV,132,ISO 3166-2:CV,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Cambodia,KH,KHM,116,ISO 3166-2:KH,Asia,South-eastern Asia,"",142,035,"" -Cameroon,CM,CMR,120,ISO 3166-2:CM,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Canada,CA,CAN,124,ISO 3166-2:CA,Americas,Northern America,"",019,021,"" -Cayman Islands,KY,CYM,136,ISO 3166-2:KY,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Central African Republic,CF,CAF,140,ISO 3166-2:CF,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Chad,TD,TCD,148,ISO 3166-2:TD,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Chile,CL,CHL,152,ISO 3166-2:CL,Americas,Latin America and the Caribbean,South America,019,419,005 -China,CN,CHN,156,ISO 3166-2:CN,Asia,Eastern Asia,"",142,030,"" -Christmas Island,CX,CXR,162,ISO 3166-2:CX,Oceania,Australia and New Zealand,"",009,053,"" -Cocos (Keeling) Islands,CC,CCK,166,ISO 3166-2:CC,Oceania,Australia and New Zealand,"",009,053,"" -Colombia,CO,COL,170,ISO 3166-2:CO,Americas,Latin America and the Caribbean,South America,019,419,005 -Comoros,KM,COM,174,ISO 3166-2:KM,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Congo,CG,COG,178,ISO 3166-2:CG,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -"Congo, Democratic Republic of the",CD,COD,180,ISO 3166-2:CD,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Cook Islands,CK,COK,184,ISO 3166-2:CK,Oceania,Polynesia,"",009,061,"" -Costa Rica,CR,CRI,188,ISO 3166-2:CR,Americas,Latin America and the Caribbean,Central America,019,419,013 -Côte d'Ivoire,CI,CIV,384,ISO 3166-2:CI,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Croatia,HR,HRV,191,ISO 3166-2:HR,Europe,Southern Europe,"",150,039,"" -Cuba,CU,CUB,192,ISO 3166-2:CU,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Curaçao,CW,CUW,531,ISO 3166-2:CW,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Cyprus,CY,CYP,196,ISO 3166-2:CY,Asia,Western Asia,"",142,145,"" -Czechia,CZ,CZE,203,ISO 3166-2:CZ,Europe,Eastern Europe,"",150,151,"" -Denmark,DK,DNK,208,ISO 3166-2:DK,Europe,Northern Europe,"",150,154,"" -Djibouti,DJ,DJI,262,ISO 3166-2:DJ,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Dominica,DM,DMA,212,ISO 3166-2:DM,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Dominican Republic,DO,DOM,214,ISO 3166-2:DO,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Ecuador,EC,ECU,218,ISO 3166-2:EC,Americas,Latin America and the Caribbean,South America,019,419,005 -Egypt,EG,EGY,818,ISO 3166-2:EG,Africa,Northern Africa,"",002,015,"" -El Salvador,SV,SLV,222,ISO 3166-2:SV,Americas,Latin America and the Caribbean,Central America,019,419,013 -Equatorial Guinea,GQ,GNQ,226,ISO 3166-2:GQ,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Eritrea,ER,ERI,232,ISO 3166-2:ER,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Estonia,EE,EST,233,ISO 3166-2:EE,Europe,Northern Europe,"",150,154,"" -Eswatini,SZ,SWZ,748,ISO 3166-2:SZ,Africa,Sub-Saharan Africa,Southern Africa,002,202,018 -Ethiopia,ET,ETH,231,ISO 3166-2:ET,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Falkland Islands (Malvinas),FK,FLK,238,ISO 3166-2:FK,Americas,Latin America and the Caribbean,South America,019,419,005 -Faroe Islands,FO,FRO,234,ISO 3166-2:FO,Europe,Northern Europe,"",150,154,"" -Fiji,FJ,FJI,242,ISO 3166-2:FJ,Oceania,Melanesia,"",009,054,"" -Finland,FI,FIN,246,ISO 3166-2:FI,Europe,Northern Europe,"",150,154,"" -France,FR,FRA,250,ISO 3166-2:FR,Europe,Western Europe,"",150,155,"" -French Guiana,GF,GUF,254,ISO 3166-2:GF,Americas,Latin America and the Caribbean,South America,019,419,005 -French Polynesia,PF,PYF,258,ISO 3166-2:PF,Oceania,Polynesia,"",009,061,"" -French Southern Territories,TF,ATF,260,ISO 3166-2:TF,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Gabon,GA,GAB,266,ISO 3166-2:GA,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Gambia,GM,GMB,270,ISO 3166-2:GM,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Georgia,GE,GEO,268,ISO 3166-2:GE,Asia,Western Asia,"",142,145,"" -Germany,DE,DEU,276,ISO 3166-2:DE,Europe,Western Europe,"",150,155,"" -Ghana,GH,GHA,288,ISO 3166-2:GH,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Gibraltar,GI,GIB,292,ISO 3166-2:GI,Europe,Southern Europe,"",150,039,"" -Greece,GR,GRC,300,ISO 3166-2:GR,Europe,Southern Europe,"",150,039,"" -Greenland,GL,GRL,304,ISO 3166-2:GL,Americas,Northern America,"",019,021,"" -Grenada,GD,GRD,308,ISO 3166-2:GD,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Guadeloupe,GP,GLP,312,ISO 3166-2:GP,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Guam,GU,GUM,316,ISO 3166-2:GU,Oceania,Micronesia,"",009,057,"" -Guatemala,GT,GTM,320,ISO 3166-2:GT,Americas,Latin America and the Caribbean,Central America,019,419,013 -Guernsey,GG,GGY,831,ISO 3166-2:GG,Europe,Northern Europe,Channel Islands,150,154,830 -Guinea,GN,GIN,324,ISO 3166-2:GN,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Guinea-Bissau,GW,GNB,624,ISO 3166-2:GW,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Guyana,GY,GUY,328,ISO 3166-2:GY,Americas,Latin America and the Caribbean,South America,019,419,005 -Haiti,HT,HTI,332,ISO 3166-2:HT,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Heard Island and McDonald Islands,HM,HMD,334,ISO 3166-2:HM,Oceania,Australia and New Zealand,"",009,053,"" -Holy See,VA,VAT,336,ISO 3166-2:VA,Europe,Southern Europe,"",150,039,"" -Honduras,HN,HND,340,ISO 3166-2:HN,Americas,Latin America and the Caribbean,Central America,019,419,013 -Hong Kong,HK,HKG,344,ISO 3166-2:HK,Asia,Eastern Asia,"",142,030,"" -Hungary,HU,HUN,348,ISO 3166-2:HU,Europe,Eastern Europe,"",150,151,"" -Iceland,IS,ISL,352,ISO 3166-2:IS,Europe,Northern Europe,"",150,154,"" -India,IN,IND,356,ISO 3166-2:IN,Asia,Southern Asia,"",142,034,"" -Indonesia,ID,IDN,360,ISO 3166-2:ID,Asia,South-eastern Asia,"",142,035,"" -Iran (Islamic Republic of),IR,IRN,364,ISO 3166-2:IR,Asia,Southern Asia,"",142,034,"" -Iraq,IQ,IRQ,368,ISO 3166-2:IQ,Asia,Western Asia,"",142,145,"" -Ireland,IE,IRL,372,ISO 3166-2:IE,Europe,Northern Europe,"",150,154,"" -Isle of Man,IM,IMN,833,ISO 3166-2:IM,Europe,Northern Europe,"",150,154,"" -Israel,IL,ISR,376,ISO 3166-2:IL,Asia,Western Asia,"",142,145,"" -Italy,IT,ITA,380,ISO 3166-2:IT,Europe,Southern Europe,"",150,039,"" -Jamaica,JM,JAM,388,ISO 3166-2:JM,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Japan,JP,JPN,392,ISO 3166-2:JP,Asia,Eastern Asia,"",142,030,"" -Jersey,JE,JEY,832,ISO 3166-2:JE,Europe,Northern Europe,Channel Islands,150,154,830 -Jordan,JO,JOR,400,ISO 3166-2:JO,Asia,Western Asia,"",142,145,"" -Kazakhstan,KZ,KAZ,398,ISO 3166-2:KZ,Asia,Central Asia,"",142,143,"" -Kenya,KE,KEN,404,ISO 3166-2:KE,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Kiribati,KI,KIR,296,ISO 3166-2:KI,Oceania,Micronesia,"",009,057,"" -Korea (Democratic People's Republic of),KP,PRK,408,ISO 3166-2:KP,Asia,Eastern Asia,"",142,030,"" -"Korea, Republic of",KR,KOR,410,ISO 3166-2:KR,Asia,Eastern Asia,"",142,030,"" -Kuwait,KW,KWT,414,ISO 3166-2:KW,Asia,Western Asia,"",142,145,"" -Kyrgyzstan,KG,KGZ,417,ISO 3166-2:KG,Asia,Central Asia,"",142,143,"" -Lao People's Democratic Republic,LA,LAO,418,ISO 3166-2:LA,Asia,South-eastern Asia,"",142,035,"" -Latvia,LV,LVA,428,ISO 3166-2:LV,Europe,Northern Europe,"",150,154,"" -Lebanon,LB,LBN,422,ISO 3166-2:LB,Asia,Western Asia,"",142,145,"" -Lesotho,LS,LSO,426,ISO 3166-2:LS,Africa,Sub-Saharan Africa,Southern Africa,002,202,018 -Liberia,LR,LBR,430,ISO 3166-2:LR,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Libya,LY,LBY,434,ISO 3166-2:LY,Africa,Northern Africa,"",002,015,"" -Liechtenstein,LI,LIE,438,ISO 3166-2:LI,Europe,Western Europe,"",150,155,"" -Lithuania,LT,LTU,440,ISO 3166-2:LT,Europe,Northern Europe,"",150,154,"" -Luxembourg,LU,LUX,442,ISO 3166-2:LU,Europe,Western Europe,"",150,155,"" -Macao,MO,MAC,446,ISO 3166-2:MO,Asia,Eastern Asia,"",142,030,"" -Madagascar,MG,MDG,450,ISO 3166-2:MG,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Malawi,MW,MWI,454,ISO 3166-2:MW,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Malaysia,MY,MYS,458,ISO 3166-2:MY,Asia,South-eastern Asia,"",142,035,"" -Maldives,MV,MDV,462,ISO 3166-2:MV,Asia,Southern Asia,"",142,034,"" -Mali,ML,MLI,466,ISO 3166-2:ML,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Malta,MT,MLT,470,ISO 3166-2:MT,Europe,Southern Europe,"",150,039,"" -Marshall Islands,MH,MHL,584,ISO 3166-2:MH,Oceania,Micronesia,"",009,057,"" -Martinique,MQ,MTQ,474,ISO 3166-2:MQ,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Mauritania,MR,MRT,478,ISO 3166-2:MR,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Mauritius,MU,MUS,480,ISO 3166-2:MU,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Mayotte,YT,MYT,175,ISO 3166-2:YT,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Mexico,MX,MEX,484,ISO 3166-2:MX,Americas,Latin America and the Caribbean,Central America,019,419,013 -Micronesia (Federated States of),FM,FSM,583,ISO 3166-2:FM,Oceania,Micronesia,"",009,057,"" -"Moldova, Republic of",MD,MDA,498,ISO 3166-2:MD,Europe,Eastern Europe,"",150,151,"" -Monaco,MC,MCO,492,ISO 3166-2:MC,Europe,Western Europe,"",150,155,"" -Mongolia,MN,MNG,496,ISO 3166-2:MN,Asia,Eastern Asia,"",142,030,"" -Montenegro,ME,MNE,499,ISO 3166-2:ME,Europe,Southern Europe,"",150,039,"" -Montserrat,MS,MSR,500,ISO 3166-2:MS,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Morocco,MA,MAR,504,ISO 3166-2:MA,Africa,Northern Africa,"",002,015,"" -Mozambique,MZ,MOZ,508,ISO 3166-2:MZ,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Myanmar,MM,MMR,104,ISO 3166-2:MM,Asia,South-eastern Asia,"",142,035,"" -Namibia,NA,NAM,516,ISO 3166-2:NA,Africa,Sub-Saharan Africa,Southern Africa,002,202,018 -Nauru,NR,NRU,520,ISO 3166-2:NR,Oceania,Micronesia,"",009,057,"" -Nepal,NP,NPL,524,ISO 3166-2:NP,Asia,Southern Asia,"",142,034,"" -Netherlands,NL,NLD,528,ISO 3166-2:NL,Europe,Western Europe,"",150,155,"" -New Caledonia,NC,NCL,540,ISO 3166-2:NC,Oceania,Melanesia,"",009,054,"" -New Zealand,NZ,NZL,554,ISO 3166-2:NZ,Oceania,Australia and New Zealand,"",009,053,"" -Nicaragua,NI,NIC,558,ISO 3166-2:NI,Americas,Latin America and the Caribbean,Central America,019,419,013 -Niger,NE,NER,562,ISO 3166-2:NE,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Nigeria,NG,NGA,566,ISO 3166-2:NG,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Niue,NU,NIU,570,ISO 3166-2:NU,Oceania,Polynesia,"",009,061,"" -Norfolk Island,NF,NFK,574,ISO 3166-2:NF,Oceania,Australia and New Zealand,"",009,053,"" -North Macedonia,MK,MKD,807,ISO 3166-2:MK,Europe,Southern Europe,"",150,039,"" -Northern Mariana Islands,MP,MNP,580,ISO 3166-2:MP,Oceania,Micronesia,"",009,057,"" -Norway,NO,NOR,578,ISO 3166-2:NO,Europe,Northern Europe,"",150,154,"" -Oman,OM,OMN,512,ISO 3166-2:OM,Asia,Western Asia,"",142,145,"" -Pakistan,PK,PAK,586,ISO 3166-2:PK,Asia,Southern Asia,"",142,034,"" -Palau,PW,PLW,585,ISO 3166-2:PW,Oceania,Micronesia,"",009,057,"" -"Palestine, State of",PS,PSE,275,ISO 3166-2:PS,Asia,Western Asia,"",142,145,"" -Panama,PA,PAN,591,ISO 3166-2:PA,Americas,Latin America and the Caribbean,Central America,019,419,013 -Papua New Guinea,PG,PNG,598,ISO 3166-2:PG,Oceania,Melanesia,"",009,054,"" -Paraguay,PY,PRY,600,ISO 3166-2:PY,Americas,Latin America and the Caribbean,South America,019,419,005 -Peru,PE,PER,604,ISO 3166-2:PE,Americas,Latin America and the Caribbean,South America,019,419,005 -Philippines,PH,PHL,608,ISO 3166-2:PH,Asia,South-eastern Asia,"",142,035,"" -Pitcairn,PN,PCN,612,ISO 3166-2:PN,Oceania,Polynesia,"",009,061,"" -Poland,PL,POL,616,ISO 3166-2:PL,Europe,Eastern Europe,"",150,151,"" -Portugal,PT,PRT,620,ISO 3166-2:PT,Europe,Southern Europe,"",150,039,"" -Puerto Rico,PR,PRI,630,ISO 3166-2:PR,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Qatar,QA,QAT,634,ISO 3166-2:QA,Asia,Western Asia,"",142,145,"" -Réunion,RE,REU,638,ISO 3166-2:RE,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Romania,RO,ROU,642,ISO 3166-2:RO,Europe,Eastern Europe,"",150,151,"" -Russian Federation,RU,RUS,643,ISO 3166-2:RU,Europe,Eastern Europe,"",150,151,"" -Rwanda,RW,RWA,646,ISO 3166-2:RW,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Saint Barthélemy,BL,BLM,652,ISO 3166-2:BL,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -"Saint Helena, Ascension and Tristan da Cunha",SH,SHN,654,ISO 3166-2:SH,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Saint Kitts and Nevis,KN,KNA,659,ISO 3166-2:KN,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Saint Lucia,LC,LCA,662,ISO 3166-2:LC,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Saint Martin (French part),MF,MAF,663,ISO 3166-2:MF,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Saint Pierre and Miquelon,PM,SPM,666,ISO 3166-2:PM,Americas,Northern America,"",019,021,"" -Saint Vincent and the Grenadines,VC,VCT,670,ISO 3166-2:VC,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Samoa,WS,WSM,882,ISO 3166-2:WS,Oceania,Polynesia,"",009,061,"" -San Marino,SM,SMR,674,ISO 3166-2:SM,Europe,Southern Europe,"",150,039,"" -Sao Tome and Principe,ST,STP,678,ISO 3166-2:ST,Africa,Sub-Saharan Africa,Middle Africa,002,202,017 -Saudi Arabia,SA,SAU,682,ISO 3166-2:SA,Asia,Western Asia,"",142,145,"" -Senegal,SN,SEN,686,ISO 3166-2:SN,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Serbia,RS,SRB,688,ISO 3166-2:RS,Europe,Southern Europe,"",150,039,"" -Seychelles,SC,SYC,690,ISO 3166-2:SC,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Sierra Leone,SL,SLE,694,ISO 3166-2:SL,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Singapore,SG,SGP,702,ISO 3166-2:SG,Asia,South-eastern Asia,"",142,035,"" -Sint Maarten (Dutch part),SX,SXM,534,ISO 3166-2:SX,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Slovakia,SK,SVK,703,ISO 3166-2:SK,Europe,Eastern Europe,"",150,151,"" -Slovenia,SI,SVN,705,ISO 3166-2:SI,Europe,Southern Europe,"",150,039,"" -Solomon Islands,SB,SLB,090,ISO 3166-2:SB,Oceania,Melanesia,"",009,054,"" -Somalia,SO,SOM,706,ISO 3166-2:SO,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -South Africa,ZA,ZAF,710,ISO 3166-2:ZA,Africa,Sub-Saharan Africa,Southern Africa,002,202,018 -South Georgia and the South Sandwich Islands,GS,SGS,239,ISO 3166-2:GS,Americas,Latin America and the Caribbean,South America,019,419,005 -South Sudan,SS,SSD,728,ISO 3166-2:SS,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Spain,ES,ESP,724,ISO 3166-2:ES,Europe,Southern Europe,"",150,039,"" -Sri Lanka,LK,LKA,144,ISO 3166-2:LK,Asia,Southern Asia,"",142,034,"" -Sudan,SD,SDN,729,ISO 3166-2:SD,Africa,Northern Africa,"",002,015,"" -Suriname,SR,SUR,740,ISO 3166-2:SR,Americas,Latin America and the Caribbean,South America,019,419,005 -Svalbard and Jan Mayen,SJ,SJM,744,ISO 3166-2:SJ,Europe,Northern Europe,"",150,154,"" -Sweden,SE,SWE,752,ISO 3166-2:SE,Europe,Northern Europe,"",150,154,"" -Switzerland,CH,CHE,756,ISO 3166-2:CH,Europe,Western Europe,"",150,155,"" -Syrian Arab Republic,SY,SYR,760,ISO 3166-2:SY,Asia,Western Asia,"",142,145,"" -"Taiwan, Province of China",TW,TWN,158,ISO 3166-2:TW,Asia,Eastern Asia,"",142,030,"" -Tajikistan,TJ,TJK,762,ISO 3166-2:TJ,Asia,Central Asia,"",142,143,"" -"Tanzania, United Republic of",TZ,TZA,834,ISO 3166-2:TZ,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Thailand,TH,THA,764,ISO 3166-2:TH,Asia,South-eastern Asia,"",142,035,"" -Timor-Leste,TL,TLS,626,ISO 3166-2:TL,Asia,South-eastern Asia,"",142,035,"" -Togo,TG,TGO,768,ISO 3166-2:TG,Africa,Sub-Saharan Africa,Western Africa,002,202,011 -Tokelau,TK,TKL,772,ISO 3166-2:TK,Oceania,Polynesia,"",009,061,"" -Tonga,TO,TON,776,ISO 3166-2:TO,Oceania,Polynesia,"",009,061,"" -Trinidad and Tobago,TT,TTO,780,ISO 3166-2:TT,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Tunisia,TN,TUN,788,ISO 3166-2:TN,Africa,Northern Africa,"",002,015,"" -Turkey,TR,TUR,792,ISO 3166-2:TR,Asia,Western Asia,"",142,145,"" -Turkmenistan,TM,TKM,795,ISO 3166-2:TM,Asia,Central Asia,"",142,143,"" -Turks and Caicos Islands,TC,TCA,796,ISO 3166-2:TC,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Tuvalu,TV,TUV,798,ISO 3166-2:TV,Oceania,Polynesia,"",009,061,"" -Uganda,UG,UGA,800,ISO 3166-2:UG,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Ukraine,UA,UKR,804,ISO 3166-2:UA,Europe,Eastern Europe,"",150,151,"" -United Arab Emirates,AE,ARE,784,ISO 3166-2:AE,Asia,Western Asia,"",142,145,"" -United Kingdom of Great Britain and Northern Ireland,GB,GBR,826,ISO 3166-2:GB,Europe,Northern Europe,"",150,154,"" -United States of America,US,USA,840,ISO 3166-2:US,Americas,Northern America,"",019,021,"" -United States Minor Outlying Islands,UM,UMI,581,ISO 3166-2:UM,Oceania,Micronesia,"",009,057,"" -Uruguay,UY,URY,858,ISO 3166-2:UY,Americas,Latin America and the Caribbean,South America,019,419,005 -Uzbekistan,UZ,UZB,860,ISO 3166-2:UZ,Asia,Central Asia,"",142,143,"" -Vanuatu,VU,VUT,548,ISO 3166-2:VU,Oceania,Melanesia,"",009,054,"" -Venezuela (Bolivarian Republic of),VE,VEN,862,ISO 3166-2:VE,Americas,Latin America and the Caribbean,South America,019,419,005 -Viet Nam,VN,VNM,704,ISO 3166-2:VN,Asia,South-eastern Asia,"",142,035,"" -Virgin Islands (British),VG,VGB,092,ISO 3166-2:VG,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Virgin Islands (U.S.),VI,VIR,850,ISO 3166-2:VI,Americas,Latin America and the Caribbean,Caribbean,019,419,029 -Wallis and Futuna,WF,WLF,876,ISO 3166-2:WF,Oceania,Polynesia,"",009,061,"" -Western Sahara,EH,ESH,732,ISO 3166-2:EH,Africa,Northern Africa,"",002,015,"" -Yemen,YE,YEM,887,ISO 3166-2:YE,Asia,Western Asia,"",142,145,"" -Zambia,ZM,ZMB,894,ISO 3166-2:ZM,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 -Zimbabwe,ZW,ZWE,716,ISO 3166-2:ZW,Africa,Sub-Saharan Africa,Eastern Africa,002,202,014 diff --git a/roles/nifi/files/SOCTOOLS-CA.crt b/roles/nifi/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/nifi/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/nifi/files/cacerts.jks b/roles/nifi/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/nifi/files/common-cacerts.jks b/roles/nifi/files/common-cacerts.jks deleted file mode 100644 index 200a005f89ab6e2ba316460b071979aa9f5b8c58..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 152651 zcmezO_TO6u1_mYu28Jdut(20Ql$n@km6(>6S(IB+R9ajTUr>~qn^~G0pPHPkSCE>^ zz`$7G^omb`fi*(U)WDK~fr-hWiSeI76JzTFW+p}^CXSNns$IwJt3nL8*f_M>JkHs& zFf$vt8gd(OvN4CUun9AT1{;bP2!S|UJlu|8t3p6l87dgafkc^k#F0c50w4}haCLSz zkQ3)MG%zqUvNSX?GB7fU66ZBBFf=kYgmS56O__lJ8#~zTOpI)-+Kns>O3X<NEW8GB z(xP*jFD$Gy-EL(wsp^!d%-N*RbJSwkZJ&nxT72z{(5o*Z@h|!$SL^F}JX<5-T(RbY z`Qg2r&gwjKe<bxRd55i@e#H_0+h6#XWcY*@Wlxp$lW>|^amL(c;-lHA+M0`<3>*w( z*_cCR`B=nQL}snmtU4fQYN{4!z;HP0pTpI4*K7><LDIsEjQ?3!4VW1j{~Pdu1o%M$ zEX+)dY{;R`oX%j7!ek)M`MJF#AZq=I15W$h<G<!)wLLhZUh>2u_&RI7w8`UR`kPO2 z+L+J1{(Ohq$G;076*3t(MYcO%3B14SGN)10xsJMU+d1)0*<aapw|;1v{4+9tUCOVB zr`>XollN_HJe$wdQwdHyve3kno|+FyIq5n1Nr^e}$%#nmrURaCm?I3Dm_rPjm~0^F zhMCDE%z&4TQ>)FR?K>|cBP%O|ffH(~5i<}0r4KG)UiZ{|aFS8*%uCiYls1qAi8Bie z!NuLdb}KkLf|87Zk%6g^p@E5kfq_AkIIj^hmnwENF)ATDospG+xrvdV!Jvtei>Zl` zk>S=EiDZMnU&NKA!s?>$+vHe0DcoK$@yecsH++7qaNfrJ(pQn4qvKYDewwA`Ue=24 zxfU;2w`bKAE_rq&VcCZF4Np2X_~)r!d)xeZ?Xro-XPk7BFcq1*c81#|J^xc5+no=J zO%2x#c;BhpP!+!R)4TZWOANg`MSh5gn%+F%wz#_J#Kiq4L$%Ldm~J;mE#=JpbIp>4 zr~IB>xmvwa@@(k66K^iXSp+|g@$b?77ocqRC+*qkz9p8D4BMwNSx)5U`)8qdQI>Vq zH($Gaes<aQI&%F9mXCg!1q)kViBr?QZM#BbuhDA>W{n`0!l$c^Z68|fW;bg|np62o z%-~D>0qqxs*-w5lF*7nSE)F&b#7w@3<bI%PMn-Sv@71g+Jc6~WYEyTdI^$;`4@%w2 zED{D{4I)?-pr#mRP-vSz*35dU9~;uA88Bu3Oev8k{S{hCQx>VG&%1D5D$f1o!A(of z-*uE?^_%Ve&MQAOXtT;fbFSAZWm<YVpZ{8yPT2pe@Wydl^GjP<rzY)OcCXXctlFa7 zWBQt93jKP^PVyYuG}D#g_&LEqC8Y;TUu_fh;7oZH=U?)j)$Vv#5YKJVEqilkKRvcF zBxB{{%n93OE#=>_(_W!=o!8bKbDqd<Tm5Xx(u2pF*WUiB-p<F8bM^n-1+j12gSKmn zGOe>*mR0id){*CXd`;w5#`qe?PvX??NQ*6>eq6Rpc;(fnAH_HYO|P!Gtx{N^Gb4=q zrudeNj{~*iN?%;PaL3=|?IG5*hJ~k}8H019A~ZJ^muD6i7iXsD#i!@zq{JsD#_PtX z8zFKeKO;OxvhFizV%=rX#JmWSBRLs%JIFYHjq~4toVY>x61g;Y_AnGR5C-KxE@7Tv zkZr-4>3Ir{?uPQ<vW$gUSPUWTo}ZJV;OwZNtKe<~&YEV121cd^7RCm~rcvU&#>iZh z(wqWonwT(iCle@lGI23AF)=c%fAX%bTZK<3Z)Je4n2YtKNinB(#I{Uw64u(28s6k! z7p`(Ppj%aId;XvIi!L0HXHxMJp4P7{{7fT)VX^yhw&g9#+Pn8o)2<Ia(|s^po-Zkt z|E_IVSMjZNb-BA5W$K)I6ijbA`?maQxgDhQnNPi(JA1#Neo@7Iy&HDVB+R3<ihkZo znlNeVDfu}sH`{2R{>&)6KkEF!ty~Fv?{1x$61-!<w9WaC)XFFJJV+8?ns36t<mx2j zz<c|8cePX{*ks+Ful?rUJx2RH-=_g>r?;$s>*8?qR8-HcOWHLn-tAlVlxr2=()+AI z+e42l#TsQzpPnpy`{eCPv+7nWucJYoKUJR3EnnI6KU8LEVW##)CY4W{)vjdUVhMeE zkn4D^f%ycjC-X#%<HW>6k4A4jZPGdE<6O1=h3r?3ZK?>k&BMc8!`<U}edo)&JssZ{ z`))Eib3^>r+3n}j=3e<5_kZtnJI&JPb<2|?)~lK<bv$mnhd1C9Gc!L&l>F4<ilqJP zi$pT{mOf?XtLRhHaQeW`ounX;Zt3=GCG!~;i>kEu3e8)4yu$h>GW_X_X}Z_3;P9i2 zyxQLPHg{9M#I6Z^uhOt?RoL|WpKEJxCECv@w^=%In@o?|t<*)Fxd$JGJl=WA$ETsc zygFf)-2H8zJmmOx`Gw@pc<^wM)S~i$^GA{=y>XYE`}$e-xr30>sd0@#<4TO$6r;LD zlvmNJ)zg-w2G;Gc{CuDyE$)TY^AGP($}6l2+&~4I0*k$Yt${TgXF_WUV<aOJBcp+y zfessoHX9==D?1aTm_kNLNr9EVeo<;cesN|=eo>_!JR|ER=jZC9<w#~wI#%EHcuLL3 zbqDT=KYM!P>erAB&0lt(jbp9$pI@4`-sVME-JhZg3+9{JNzx2Ef4odMd*)nV*YN<u zyoX+O68f2u+iX)BwI4UPJX31#t9|f}X=dUMxi34kJA}kq4jE3im}a<ar**LXVU@{Y z(V3Ip96h+(g5mKS@s&I79Is()o^Ry7D@e&i)~JdzY<Z2U*-BgQTL+r*xpoVkX!lkZ z{3)k<e6sz#+wp4IK{xffK8hT3=@nhMegEEj%cS0|)BWvHF8*)#oAnZ3wE{m_woIRz zlP7&x`$$PbrRoMQ_51hZE?J&;t#$Igzgb7_=&{&Sp;im#WX|fp^?uU^oB8cILfWYX zqCtjID(CYJl>_8^{QH#;mpCTNgsu>|Yxf{9;QU8vgD}2H8=6{gG@n*V*`vEd^=inX z9c-`GPFkX};9%QUFX1fr^LpH2Q$tRln{_*D%d$<k9XZ<6%fDwWaLVDfICs4?z-ZE; z``QLd9v7}UTByb@c^NzZ*p$)>u73@tJNHjm&2_x3IKeAZ_ukTq>uk5O=6TzdTPX-D zF<#i8F)ukG+timkch^GO1Ct-rD{l^6Tcqme_Vbe1`wb}v8Rxw`wIFK--}xH}pY%O< zJaKwxVJi0JM4tcm#;_N=7VlGDzwU27^8+SpgR)=JxsK-<H@@6)GVRN4wa->dN<Mk2 zM4#MnA^hMkyQ+uNPlC&R5oo!en4DZzl$cp%h$!m$1mHzI`*njR_R9uMth*saJxAQ( z?aQ3&mpnjAR|ZaoLIwh$!kw9i)6v;EEXdI_%Fs{%oKIM|dDsKIJwd{TyawDLRa`tQ zU@oGu?-~p$<_!%EObtv8ERD^L%|XRHxX}*fQpFBJW&G@wtM?~*O<%7+J#AJ={Dqs- z{+@sIB<;Ptyu0xsm&NyI-IL!Ma#yq_(^N2j_X(c9ED5<A{Wrz-2zZ#qd`R9rAu2}2 z{QBZ+r#TCEeq=0a*-(4ix8dxc%lRjN+}g(1bjh`Kg>=RW+ZSJ4a`rAfbeefzkDV|> z%Y8481CN!sUc5A4F5$D0lUF&cp2hd3c#Fi+6So|u6u&;l7jDDcXf>B>VYqYVn(*Ap z2^CMbZn3_x$ER0g;qt}HcQN^?UesFmb{(_Qj%)>f1C5ZW^$*^i<4T)*(Lpy)Y5iQO zgRGL5@(+BP|D$>{lhf~jm9n~%`IT26JIFuj|Aj@OUxPUdW&XPgw>(pe`|+SdhU<^m zwiU%}J3b`0FfBM1_2zlW{epFin^j+3J3hUA^73O{UB=TB%mwVG+vRDBUR%h2u|r2_ ze*UT@$DCd}E_yuG`7&c`Zr^U}&&p=U|5-m+sLJlK`ebLxe~$i!{RgI{et!4HJ7e$M zj>CqV9X`G||IK3eoF^CSuRM*IUGwY8XTI5`6QAq~(vz&a`1Nd*<eyz^-+l+J@Se$X z_s7pI-2sdJk~%-MtNdzqI@tc}s;;J1RAE(0)^+uSWZv87JiqqJPv|rf|55C`<5JY* zw!~`>OSxWErj>R07rtguy~Y()HTmgIZ*d3yjoWs9z2|@D!R9sAf&~dJUe0+l6%J?? zavey8l<`eWrwy8zjvLg%idsfSmO_Jk10NXQfT_&^TJ)Bem+OHtkzQ)Cep+TuYGO)m zW}d!dQF2CRS$?s8a%xdYW?E))VoH9oJ}9Gs)Eep~7nK;u!%bss6NZ|WpIlr3GY;G= zf^_jNwQqTR-&}oi=(n&}jZe+a^vK!o#cU%ZH-fS1XksjeR4Yx4Sq4pvX$DP<No*{k zvI?LsNQ6NXqY}(X;NH53Toa=JgCj#JLkUAZLlHwJLkdG8LkfceLkdGGg93vyLn=cN zLkUABLmERSLo!1mLo!1q!)Jy(1_g#7hD3(93{`NoISh#m3Ji`6&J4~BVGIfk8VrsM z=?tk1d0;&tIf$7d45<vs40#Os3^@$>4CxGS!TKr**yhTR1J+l<Pz1Ig;u;;WE>8wG z1_g#d1``G|1_K5|215o@1~Ud%22BP%uzUbRFoOcvB?=4~3?&RD3<V5U4EhZE4CP>` z2liJoLm7h}Ln=eDfdM>>7{yee(T1D|a#GVXi*pi_GxPJ}ll3x6at%U3fiBPDXW(Pt zwZLP6Tbm0OZA7P?_>|Nlz2u@CaM>!0)T0*%StH0IV8GYN14?BMAVM#-7_F=Zw*jUb zGR=Sf*E!w8MdXQQ`&%E4v<v;Fw|o<~drkM<dV9hHRz1FBl@~ru&*b0B;(l}A?X8-( zX5U=5a^}^`HU^Ww_AXrUhppG;%PFy`HO6<6x>uP0P`|;cEB*e2h`Pec6qo;c*GgCA z_$D|=dOC+B-+FXrSK3p5m#XNSS&iBbSL=T=sz>OYc<V8-#(o*Y`6HUef@b&HB<<$D zlkAedy5Vh~?HsKGyf<vq9^3Hly*ef4(WB+2(ku+$?4x>LIq!|{lwEmn!<m_nd>OcI zom7v0E<7RT$yeh=p}BV+aQf<RREt(GW#BxLRIbSpKQD64wz{?RLkyId56Ts${QGIa zHBI6!lgJw7(`+(wOKN+0@2NY!SbIx!`v&E^+AA*KQf+_xBGkpV<BM5c%dCnu-}%Bk z`K}qOUTX<(%25!K)w;TG&!>XMB?SrlShvoe$KtXtQF+bFr7Asw4O5~PE!ydM>ENA< z%ikIb>dcc|_U>Wm!vn9*^R_$@-@d43>Ag@@ws&U^w8uEyIy2Qi^nvN|9WDE|#Gb8c zW-NNw{w!X0-PYD)YWJTVob^(U$$h@oirkga=ij)N*UwO&WfZIRxaHl^8EN{{6lCw- zIIMns!_R*=YtLSo-_I=)5jbDJ`>=)Xy%+u0dfS(L4RaQosq<w?*cOu=iRLE{MKnk+ zn7;5&WbaGCZx{K!LrvVYy4$S5Z2(x`4?GN$oL>}Ql%HP$DzM^{6LpdMe&X;30h_Tw z6Pvz46N@;sL7=+u{wd?rkxa;mjGL9gpm7P(m`s49A-@4HsN(0~VGBsiOUzA#4ehb> za6<$XoHI)*4OI-3K+3pyq`~7h&iO?O!Ii}&sky}p!FmcQsR}`QK6-}g2C5)c+&pq{ zRnD+-wj@=-v9u&3zX)WUJh%*HVdfEoD-6odF99i5aCX!McP$Og42%p+42_J9jEq5T z4iMAO(A>z(*fMIUc!N;0X1PM%A+1G8DpMzvov^5DxU~A<>{Qk%Uk-8!TxDAGcK+n! z?I$*<Ydi7Sa@jdX%`3gzd+NdLHyK7tGACv9a5wUWEwGcitD`E?q(A*~irbfvm3OQ{ zbPcs<HhsFOb^U!I!w$nG`>Isf4?8J*>bf$CMLIRiC+EuVZHZCt%3E$^ZrN^ip~Qx# zbYYKQ*}|8%wU%1{I=A6}U6#gQb(s?zUuu2~&r8{I;h<<P-#$G)w-a$+0{^||OSZBu z+;u)b@)XbG*|DBGd>(~woYCbJKBw&c`@I)4R$ThRxx3tSpK24w5iuPXg|L+_g5~dH zx5%!F%eLz_`o^vw&NAuL*MD;ly?n8`&&Qj|@a7X6k0$l+5=~_uR)rgd7g}D`J8E)B zHmUVK^FQA&>uvAHMECwGc(}Aq{dk*RR=?1(mN@6YfH{)0E1v!N_SU_w+BWUIuy9Ab z&BEm0Ki9OI&i~vrZ;3tE9K+1+nM*pn`ts6z--{jLuhdXX;B6JFy&humaZ=ddt;Rmh zcdiS}_x^kAhtu9&HN{L1{@0$3et2a~Vs-dcuj=S4tr6<6`+sOBtXZJ8PDD}tSotjD z2AeoH`|pQ0E^aeE_9BjVr>V{=w}Y)rr40*StNa#S^(4JMuiX9%OP794^<(kG4|h3N zDxBEIx#U8f%i&E1UKXoXzLA*4-lTnd#~g{Zw;s5OuQ?wJY1SkgB!cq;q)l=2pQ1zF zlzDq*+s>(-p&<FR#~^7FO1~7V0*sC>>bP<nS~&o&Z05Pn<FVfM{-M>0nu`p!=O4Xd z+q%hWH=B1x)dl70CCha_aNMYjx*pZibwg;D^v&8B--4q{f3AMIxU=&v<F7Y&f4-bF z{q_bor_Yy@R!#k9m@bkTF@b9p_d9dt;{kzNzShlqT>bsY87CuMPoC5NJ$Yu!nf%Sm zo7Ppyye<DW=jp%ksUqeNExvwE6pMJWHJ6v0McO_<w|?{SDk-ssgdbh<FQv7P{oKVU zmAU^?#PN`Dj{b+13FY2vB3q<7KHfd;Uvd5ULu1`P?;L+AY}j}DyTz0P4==Rx?|!RO zy!!3GNo7(g_0hb>ob1NcZ1#dnVhU_p51fBIVMTNKuiMX#_GF|Bq%RH9{cvPvfBpW8 z*^jomU%Ppsb*Ar>+5FzU?--)oWd)hnI7+N<-=5E7)qm>z9p;0JI8QwN+Yomm!HH2? zDmZGl`LgYMcD1~e%aOX0a_frozscR+pL8n41g=cx?&x25qfNwZqWf$OmG|L6elbpS zR(<z;qyEA{Zu7EErJ^}sd5yP3EH<#ddnGGm@;)iw&y%No|I@;4-=Yv>!t8SN*4jN> z2bs>xJ)Ls%b6@lgpAU22B#Q4AF$&>f(wr<esqI_+`{$Eb`6BPm<j~XmHHRVS^3gQS zC(Eb1EaB5=6gEBjEkEU%<B_ZSXG~mG&pR?qv-Q$DG;M~zpVyq}+i%NHGCJ{}KQQmw z8&1^9CL^)DBsIREC^I*)s1jV|pbY)<^TI0|78Qdg76pSQW)4VYBVgipHC*B9+c%zH z^v{{!*3LyvY@qSR#+68wPG~UFfMW^RRvpMZfQEq@xcU&52UP^%)_F;0ex5>bYEfBc za%!=HOJ-SSab|v=p@o4NM5Vq)vZjKOfq|I<vPlZM3U2vD3W<>VrYbc>p|m(vAwMst z5@}EqqCp`5;$a0){R5kCFf%kXG&cYPP|agzU~Xt;WNd0_3aWXAkY5PRYphxD;devi zl{v?koS(ZevY1oAm4{a+FXLlQv`2<#r1>9iW64A1^=AZhr<%w-d+p1)T;|e_lhe(Z zws&4piDx@-#%0QsUZ$k{*HL!`do^aov`i4F;@w-4rk`c8;L+6(m)ElF^VxUhzkB)D zk6ZJrUCRQ-k8@W4kg4lj@?znQ!c^YHfz|K!TvAHl-5EXi{;ofP(cJ52Y<j8plI2BG z`#tRw*ZmIqq{!Vp-yX5c%l}jcyR6JyuVYvBC!VP(ERs2TApNz`-;<MKrrc^hFnfP+ ztv2VEp1Bj{r)LG7zQ<{{r2Iy8dw|PTyFAUz-<F<ga-2&WsvUG+zff;I`7iNr-LsnM zvRCIqieJ#I9f9JL4XJ#tj&?o2{@m%RzlM{fvbKG8dmZi(fR^CF(-@V42fQ~=-1g_g z%k(R}d9M3HUrfGqj@kb0E!7RO;iu)S$`<&%2`GD!QpB@l<;NY}*RHj<>^6GpD0ra! z=H`UCucfbE%yV&Bxs35mXp(ICj+j0V&zd>b;eu<{7Mu6!SHw)naKD+5@azw}t&)QH zk?&$JkK8Ewd7`-HzL>t~O1r;V>f08+j@mUt{_11j6t20#ClYskwUlY!wPSC!QvJ7o zYaA+{t`W$$?U$}B>po(>Sy7_psTsrTWQCbKU;Z;@+3k4ZAk$BmWQBQ+=bSEIv)3uR zoIEG;ZvV1}d<*m(zw1qPKfmX%@#k;ciFI`owHw_JsT;goE)Z+pA7iQggylnZZ&*(T zxOCBi4rk?O7MG;PmuD8IW~WxhLuVF2&D!|%B$Q%??+m<{Vcu!b#Jts@iD@phm?_(+ z5LEJ^wcTy=4`r!uhYlczI;d@%i&V-ud%#AyxP;lmJ%dxdQ!5RX3=|;6hNQn|aEPmd zTYhO?N+P(7am`D~FDgz=F@zRE%);^zHBh|@&>2Z^G2!k6Eh!9542=v74NVOUjEz7g zg(ZY*Xkcs@Wk6@=5X$T~#J9_Msc2oBzVXx}x!<)G?`M47WI4l6eTQId^(ECQ9ZjNY zS<;5PS41l+YTw}Zn;-RYW7Lz%Yevf24};Ilbd9O@U%O|2yBD|j^r#izJl@n+^PW{? zyFX9#uVa_Tc7-nstE9uP#0LD|m3~8cru+%}$M^o{N0)ER&f9S^<@>`^j&6LKg%@@z z|2f$h@Ap0b{{EJ=#VNbDJN0FLyHX}wH+T7t@UFo0qU%>y?3fzjP|W=8)tA@*G@Q!q z=PFBY+Gg7z!tSHz|NSbL81LRRXY)E`=gPwlZC`yfZ}rVu%e$1Ny+f|`@yp<=vrlw0 zCs(|FAnBF2TR+=4C1Ud0%>Dh+@0&c1Lo$1yfj@YtQ<k3vG~eEaIa-65Au#1XVU`^C zXz`n$)@h>W0)rk;oMmeuz{aV~#>m3hWG>1GGJydt6@v4=gU|2wO*0!O)XhD*VT0P) zj%sbA-n<=(g%Q(h*O`l~w|oA5)}z{Qg)?Tdta2`?Sp3*C(XP11cglmGg-5oD@da1N zUt83!&t%!CX|rB*hN8hgjR_1r7ayMf6?fwA4*@spMHNmH#Y;lD?gga#rd?eA|L@HM zTURXZI+ym9-}&rv?eOYkx2#oqK{vj<eVDseb3%p3u7}F27I(hcx_a7yE#8Y{r_ZbU zl;==*KjUMn@3|V*`@yLzmwwndouxq3jd{kEOZ!8%EQqKL%D)w+mUQLD?M}mdnGZ^b zE+@&Dp7qHT4Uw8K<KAnz_*3P_Pxsk6XU>@waY4oUzO=)%I@7g{$NdU-bqIs=z7aI< z=cSgE=NDzi7w6}cg7R8%Jg6@VsoqoLp_Oz=CDK6m2}Bw2%Akq)nL!iNIcOOWe%d(y zP>k3!cQNtD6AUvj2E3Dy%7D;dLq%}QnT1PO!VlsKg<zN~6nyl2^qln!4Gi=^g#xp% zI;IjtI|Qls3K|eMFazaua0>yvB*7B2iUrn0pobd><@P6g>LwZF9=p+}&ArF%+ynJ# z_wN1tC3M-wxOg**{+_~~r}MWdCD_Hsp5y%A#3MZ`FhEMJ^X}EeSjjs={JLC=oMXi= zm`qZ5Reat;hfR&Ms_6T#0HYs=CST56q<qeC<C!N{<;^a3S^elqek2l^`Ih%`efEnT z%uoHZp3X?l^kChm_uqKi%juDsKhh=FO-`KVB6_)KgZ-YY+BY8cy@yw?D%1|nbPP7x zx?$&0Hm)NZT)#TT=5@MO+ghvjlpK0`>0<3B!7INbjFe_IoV@dw=Vg5y^YnAp3?l97 z1r{s&@;0lN%?NzJ`dD$b)YVoc8_lh=#Ev$s__90OpkLpOY0*X=r3aTGxxI0^LE{vp zx?9oU<Zp)Selu>huhP1(TyLX;;c_30@j8sQKoDpEPoBlwz|+8ef$IY2Hb>|<VRBK9 zUS4WRaehv5agH8nUJsgt;E4<=0l`N<z=MQX);;WA=ly(p`0M&ry4#E0TeA*6St|SF zxy{Qjk*VcdtD>WNRm~n$P1mzH5T4LHgROb~&a$e!fCsxebpE)Wk=QVEY9QYm*&QAK z+XG~p4n2Ng)Uba6xBH31hVN&l8#VZgD^~Jk#@vfDS;w?h?Nz}2dWlq>lb@0wu4MmL zQz)Nptdb?i`kgi7K$g&Hy|~2F>ohLc9omvMQ7zs^PbL0z1pjM|H|qtbeZEtje_(mX zr{MC<332PzY1}f^$v1JmtoHEUn`nRaY_XcXE-VsFn>#DT1qyAe7K!<NWjwniCpBZC zXIYH%$s2pj(sPzh*?Q&7&b?WtVT$)|9De=#^pXUh4WSDbREKW@7aAteLL)V=1hl3M z6uj^yY(@qq7V*WY$)!c9@x`e{WvNA|O@}ggvB9Ee(8Qu;(8MeRDK=OvlJEUME~r^S zLt$HBgI!$0+^z`w3>^&YKqUgVh&gEd7|A92&H=&kAXg}4<|XGB73e7>RVoyvrs*kY z<YeY%mJ}=GWF{u*X&R~;D1%K9mI3uo3@t4!6_6}Y@Bt}KO))e!Fa#-M7S=+RMWh)} z=Leo_6f{6KYl2E2OG`r|BNIb&Qv*{&(1IvS19Kx2LlZ+&L!&5z#-ZsgLIv7dU+<Md zZJS;#R$vzuOVQHyzPO*;%eU`sL)p^w?G+9Oik(hm9Jn2<eK&4L*$mUk-BNRFgsu4G zqqobQf2txPx3O_$Z|#mV+1|__nRxE3Uh1I2P+u}-;am>Q%^lod+so&Mo_%t-?s`_r z>Q<4qsnOGo0`hH7>`LQ#{AceD&x2*1o|1nLtk~PRI9>nP{5^$|2|ILO>YSWVmR3FG z(fW#Osll-}*XC?GugUyVe@VcmD<0=qjY7NrZc6dtdoqK)^mhIIogASFtp=Jut38%v zwmmkrmuriysuJD%o}o`vDMXxMg4*Oge4ZH-_y2IeJa?+oK|bI6`D*76ODHC#ITu{J zdVu{Qq(E~ra3EY>AzCn@PZ}=@Htf66xszkD;m?ICoMJl*(6Rxzy<$DPKWw(a^Wd2^ zRh7$qr(c(xI^j2){3+uax8(k5X)3=Qq!raqJu52y<p0lb=HC-MJ{iHs8k&S>{Mxqm zR;=yEb9vuH1*bIeytALWUT`)4b^Uwt%>Cgyawm7sl5&~)TEc&s{Mp)Y0sYx5oKY=X z^KQsmJ-jyWVoqgTrHshY#}|AiTc_H*y>Gj3+0&^~hqp=|-WwOa`@i!049U|%lhtFG zb@L4_$ZeBab1&-q#Z@cRm;I}3JW@H+IDD7ThLsPTaweY&yZ0}*g`1<huJ_gT8H&d~ zKewsWkDGJRN3{3h8zu8Ivz)o7-)Wf8yE%P!z6XbB*!le*wQJ&LmA#CdaI~h`R4_FV zT=Ymniym;n0~&TuO-|G`L^MnIg%ITn+6V|ILrarRyiC#s2jtKN^+_7%AT>w^Y`k6E zKonfi@bJOM+g+U<bqzs<i6MNP-54~^ZUk=17@8Yd7??*H407iaDm2dbKM>qHe??i@ z?fd*8?~9W)o7TD?Tb%v&U%c@T=fIaz#uE+27nB^ivYheRrb%{LbKmm)ESceO*`B$9 zt;ylV#z)Hom&-P*Wv{;XOMIgCjbm%%HqMh|ygGf^E8gu#Lgm$KE^%Bflh+h&cd)!` z;VM{qVb*e!2m8;S2$J3DUdOv*_c5Mt#o=O6b<PvzL#>YGy0EO8vvSUIpHA`Sb&FZz zf*QKzgj5A3uk+N_8oD^Xy1jmb%=^X*I!9+I&bEE)WF4UP>CL&qM7AWw5Wo6^bM5LC zdKyk^-I$(qqS<(2?S@5B{NXRG&wNtdbfrfBjqkCAR-#qUx5b)%{pR6i=9+e8*Nh10 z(kRsNWtVv#U(e)vTv^~<|1VNSzj^x1S#97}vMh9+CRPO)jUqzh%Z!W+tahd`q6M>0 z9xqPJFVenpsQ;65EYrCoQ+7@fY)+4Tl%7*swtqLzDzjs2-6tpCk*m9QPw(GLNh1s9 zdXaAo#X6B271<vCUL!G;XYv1;)4pq~&%Ua1M)vMOs|Pb&HXM0kSH7`$Ws1%>8O9p> zSl8AAt<P2ar`{3&Y%^afZ^Nm_vRW^Fl7FcrCSAK#w@oJJE0gRMt-GNUUTX=u+vvrW zY-&<kS{p3y`bK?X?Q<ou7Y8!TZXEmQ-{4~O^Wnvdva9Z`SUrbj{aOXSlo`HDvk!Pg zOw07W!`>4(dC~p({I=Z*Tbg=Tarh;<KKRLf>A?e==zB4R>Z*sHF*kM#1V26=x@gP% z>(9WYiZrxTNz6^G%Flz1tHv86$`w8}c)7y3%b<yIn?Vy}G^E`k%$76%YRPo7G<$3A zSvOzID`WoTg|tGP$-ok+bO{ZH&E|0lvpIsTGn6y{%|5d*3kyI5V8fgW#^9`PYG7() z2Jgj~7$9*eF*?#f7_t7I1H2HQnUS5@iGf9P`toCr^#^!ozhIOOJN7AP=`P((LN6}q zUH^6R=#5pm^2LqT)-$p#YmAp3^=s>E5YI?*4X<^Hklk$lG@avh+CA_RdxB{ZQ30;r zcKbTpJo7aMZR`^Zj?XzFxv}B^asV=WG8niqDKb20owQhdd+$$ewxyHTNX^JdEc*3u z;f3Ea6$#6nXCB>ggh`QM4%7ROQ|4@*_Ve{ItsmQT{#i{B5xd@#tl}Ya-=Owt24w11 z2^!mw5ian$UGOLuc-?N18B(M#hDSPUyFn9cvq2McHYC#dT%YY`ZZ<yLn(FcFziS|J zjl#pqVBiDWXTdEj4jGgJFW3bSOo3PC2ALTO8wi5RdoE!vgbJ7-GqNB!6_^+r8A1{P zs4r`b%%!qzgyuu1vcD)kmG<+E$f;_Z@4Orzx43faG;Q%X_Bz^TUGomdNyZ{e^6Ot} zojJClBm3yK&Wp!3{TDeGD5Chr>#lUvv1{$`e62*;-ln8+Pii>ja<6!b-{<9>_5Kyf z94CYVa-GujeRo!B_y$RJNi}SjY~-su(zPeWM^VN(<GQU)*U?RBS0~KcZpe0Y-=kb3 zwq<fZcfMY=c*p*IP00ZlK1g)lf5Kn+_0=MItxE-Z)z9}#-klr#$fKr5fZgJM+NScv zx(Ba%Y*uYq^6m3fFCq5azdf5e&tF)OSbid+WWyC@tM9Q^rxx9w%Xu%>MR&r-#<Ss* ze%0*>U`aN)pFLS(U$)sM%O`78%(j1czfDFseDbz?n|?fM-Cn$Chv_QUPY>prEzA$; z`dAc}r`K^b(8)z~%Dcr!EvC)(^NZqk|IB9QS#GeW(ERDLH;Npkf1V|Z*_U6vIdOUm zSI!kC-;x6&Z~t2UZvGS}vXEs1_sf6p`XA<TZ{paTn8um4k<BV~TI7KbrhiY~(&&{E zY%gf!S~06scAixmE5p3o4cAnE-eH}m9_dqN8U5<#(uFsg`7i#zZy@-y^}Mmi*HgJE zB05zO{+GQuJdaLIkxJ&PwEeod=TyYnIZm#Xd3^1XF(DgMx9#tleMk5uZ~hLwJL!2R zy9Kwlh;%VX7Bp8*oIdf2l=^;iIV1KPBFQ!yKI<WkTu^<5TD`F08>U;A!@78~@S{b~ zA6=KZcKk#AiS*zFC>0u31xOum9?*UdCPs#4)weG${+$|hcHRM&1rsx$#aw8)cW3P) z{}=8R*HUM!j9y{WUc=ONF>kwA@w4~?Av3O)>^pe&k>JF&$`ZDB9~QYx+cGuoKy}~D z3NdHlu<*@`Hd}8kzvED}X7TIUrgj@S6c;`};%r`Nv~TP4IXXUjoHb|m8C+hY_~5bZ zuN&;fWg!eoT04Ce^a?U=Jq`ZT9CLZ@r~fWIE@_`GJ>KiaAeGCsOEtE4p<&?N5H}g$ z+cT%Vmy%(LStk0v;z8xV*xPoid_w=u5?z`9aM|zs1qLq<zjJbXduTFi=dar2YWoX? zjWrA}W~}3@FgdLHdp*~Dh3vc5!u>)$j~t~us)`qsXCB`cQ{Qw#?q7tohW3h_wQ;!z zST9v?f8Fp;)%+jR?2I)|v4`J%J#*(nK<Op3%sJ1hS?=etWp2C2#pw~*{<>Nup(<rn zrt|xW$9>*N+|79(tlKm5Vce%8yYnF@_NKpC!tdky|ME@)Wp<x_f&FdMZqAI_GBaFe z$(h}vox!_wSoxnEnJ2kX!sM#Y++A<K%dc0N%2Kg{dH1`<r?=v3y1f=oC{bO$+0Off zPT1b#C*E5;ikbAG^81{YT_w7Sj0$yi7eD#4N5*&SItRUW<C*gCYnppy`PGnU`L!zM zr(L7`7PxqvxUpg8QPCF8Z`V9M52WsRCRLcXV8zF#7p`_W*O;zzr8l!iom?USuCFzr zC3t2EwBsM2oS&PUT9llbm;<l9k$MGun-K+hia`@=f<Y6r2c#eu;9_)YU|?W$RX*Xe z6=XPaQ4Z=Hc%jzb(51Ru!knHdsd?a*I&4V|v#=aoOu-rMAb52SX~~-y7#f-xS{TAs z%ph?MsA(6WVtjdk<URYDwpWbZKIR7|Hf>tz-=E$Y+j2AbE|12|>mUBFo9bLN^XJys zny!OR4-ErKE;jPkoSm(>+WFC%wQ+5EpE<kaqm1@0dOhXmix{pq|7ToUU$}Wo@O;1a z_mlSQedBLr(BUl}7k(u8&^M;(y*HDz_p8V!_1-_cL(|){!e(+phti*!x6Do)T69Gx zgdyEDuXsOG#D^t!pKe&BR(0xu*-}ZduYb3{UuW;|H8+ao?>UoGDtAhhrDKhSg<_8| zs(v%L%M?5R!BzLYTV6{q-0kUkV}3N#=dLFz6P_gb`yX82%~vA6;$l%pRu!Y?nJsRW z$HX_@njyy?`Kwg1HTCX<uyemxFHM+xWbV(P4c&X&fA(uDb19cue>Z-3lHqgaPwzz! z{PxsMwrpYl?ov?qk3H(?#x)lu&U`X`>gmaGD(s}~Z+?l|ZtH`>hkW}_`tzB;lwZh~ zbw5e(v?*I)rOpXei!Z;tmv_d@x%8OVvdycc=4xd7A$vcbn4mAV--DVyzFNHIucwKW z#%IS4E8%x9?){%B8^7!H3%O4_0}>7xUM_z6e&2$(#@r?Q6cmo6=X~H`t_p3ack`RJ z{EM93!*4e@9~!4<Cto*;oB#7bHGf6^^gWYj{hT8-p`xmxUG#cU$(+!VijBJ-<`uB) z@?Wqk<8bwV!w<!_wo|k=ay#-Z_~+Y^nq6tU<vOGoCvmLet&8M=%OBXf-z}-$=k#1H z<V2rY8Cr$`uUg?<H^J!JGVdCfGRZ_ab&a!eA@5c9Jm#42Q}g<|4339W7$V;5>D2`X z^=yk_f7P*TW_Q4p>rD;!6FC_sujLhacJAOO^C=Y@;^%B$RJ@~~b+X0TUb_uDejhl$ z@zWb!UFkD#R?XVHDxpbQ*ZOdaZFtu-xjCgfE*qRp;Aoz3xi93SZ`y&_5@v_R?^^2) z$(PSzdvS2NL~PL1w<qta&ddF^^6g?PlM9j6x84SPHr@aBwTQ3b@q{n8KDN(!<nid( zQS;wy0>4Tl(+u4;Z<WoGdD*n?{j8mV-#e6NWll}9c^cYac0GjY|HqxN=dLK{-*9d5 zicWps$#Yj^xx#6QrK($ae=>epbm<GjiITpBS{{9=w}p>9QWdX#y{|o5Tp=WIvR5!O z_nX*L#&47Ux*pe$z7w&a!SdO!>;HsBmc6x|;^kCw<#2gq@!5X2eW4cbf4!J!^lEwp zi_$%d!)Ny7o;0?~;>xsNaN<=_e@}9o^4?sVY4fH&@bp==Xs4F+9J9uXw})T2JyMHw zDV4if+8KCOpk;1i!s*zb)0KStW;}ab|1Em=y0fRe8nffLKL<W6(SBK{zWnA)Prn~a z8*Z!e%Oodtoit9*wh?GPw)WnNvtoU{AK1+c=YLxL$MNgI?l%nPv7Ar+8s7if7-PY< zRNCv|9SdEXJFDd<NL}@s^X_6n&Y5>#!hcBYYRPK{6{HNXu^Px|FnGiUbu9QXyi{i1 zW6;FB!=Q<20kl-+`Op``A+~g_Q~ih6>JpI`kP{hbT-XD(REF+q<`NbU1`j=lfX1a2 zob!tc@{7Q8$A+-c6=6OU6^@|BwSk$Tp@F%frLm!*MU*(N5oC15(!{{jG|GT_HW3;K zS-qt3>D04dzlro6@;`OuQN`4VIgSr`XF8~eTTV1id%5pn^ZKNi&WnFkq7yei5EOKj zk<I(CWA~4H%Nuts^EftNcJIEvm5z2hro7dZy3%)vS(f>IE^oR__;t3mr%rtR$G1LB z)q`akckJR_Vuv~WFS`8@iTQLQj&Wx0-;OhFD-PxxI^_h}Wt{#jX>xyeyF^%n+K~%) z4&>jzx8Tr3u>~oD-Y$FOzCHhyd@pTH*^<J=Z_K7-RFyB;_?%C_vFg#*qPF*ovb#U< z-@Y7azpH4Ei^`nG#hbsc57&26o4c}P7emk|@3X-*?%Zard}%8=ri+<`A58n+@c3;( z$nnV!^fW{x+js4Tlt_(p4H{<|2*YP^MVMIF<X9M-861h86LvD%CiaWv@4r~@s>6T3 z`#8u(Ij=V`flLtT8fY76E>K^f+NO*&L4=e<!Ba%RA<mBADImNv$*iC@DI+6;!CQZ? zhY?mmMbTTAEl!nKwmZ<e{N>zNm*>Yka80e|Jr(_^AYjuJR*`j{$9o;wg^H)t@hB_) z-6K$+AP`mbbq3#>H#_U^R^`WDmih9(gEiA>C2Qe{?Q7It=xyoA`d@fw$Hx0J_tYqc zXg`Tqv^!jL-Mp2HCDr(6>Tzs%|2OmeOexOZ$IItypENV6R@q$PGgW*Eo0{CVlpwSC zg!G$pj<S|;KTlV_#PO%&<+|?rhX!BF>;4`yx}`hM#lRrv9s9jYCVwvdclhT0CC!a3 zWZ5Spu4FZX?AaIZbi40*xbte#g+&X#q_b9NCQIeBT>Ej%XYs6!=39E7YIw`e(>b&w zW6xWrcZT5H?hb8}m8BMC7K8S}Cg&s;7sngN7nCODWG2HGts&->L5uw1Gs~bYv!;ly zH@_~tY+$)=(8O}tpotl}k4iw|*2Q^hwJ&yiDMp+<lWpyVUN$tILM<GiS)WUoFD$hv z6Vwrhu4RL+aOM^kgGner3J&NDp`n$51*nV8Eo`U(TfzoY2{8iCA~sh8XOLcIVH=nh z1!qu*C>SdQfI|enstwm%lCFZgDZF^HfOP&r3s_K>x(z4K5-K6rt8j2=R+-LA;92$D z+uH9=%^n+9ncdnC{%JD(4Ch#!(kiO{_2b$ThMloWFSJ%IbK2bhV`u30joZC9|Ld<~ z4}bIC`F2{8XyW+<-X%Bg{djOViNiKT__gP$$dFdGr`r9}^Iv~mIPs9N=MCrNtRU}8 z{VxgveJ^%qRv$0;w)u`w$?fV`@370$_KTJ;-0)?Q>ZkQGlhP%geqm#IKVjz+h9`He zwo3kI+V#ce-GlDe=G||;Twn9)+XvhAcS|Q4OUlYPoGww3RGfTM<lh>tpyT~lSv;Tg zCcAgoWHz7v=e}3F&j0Atb$oNLTy#E=Ui?^uqwcBw{Nf$PT<2r$P1>h*y$gP!Dhe$j zHyJdp$LwsQ_r`N!du<qbSP~857sf7#Hi$F`HwYEu%*;(pPt{M)Ofyh4kT+mwW7Xzk zW|CqN>3@1zs%=egU-sei4Ov$_By_4J^$b+SU?pWvetNzhEPsQ`$+BXw7|0~VcwYVG z)a8fnzS;f3fb+An<u9i7#)igdc@#XMHCe^WAU^5*4XGLWwy*BY)ZJVDZE2;F#hW9` z7gPwXP2zJcNICj^dYbMG&bs*Z*Uo69eqvn3A?1GW=g*o+Q5=~Hyf^J~^K5wYZaia~ z=peE4$HBMvZ#%AfFiqj)*%VQW#*<UtEo#x^7S8Xx&2v|k>GqOtNta8GRjip_5&j9M z>YB2+nO3QaTW-Bw|GXttYiiftwtI1nV$He&XYT!7(WI5DA<xTw<mq!MHOYrx1oH*9 zPW|)TiPh-#xw(OH8r$ZzUXFghwAR(3sBb%8HXqw>V^fd99dp&YkEF))ww29ssroiG z=3A^0hw+k-Z4&kwF`t~gS}j7F<1fC@`Lssx+KRWyS>R$5HW-<bnVtzM8d28Wp&aXx z051`lHyboDuQzC7nhtF(aacbHo8aWOabaoJ$;gSvF-pWl)B+K4mVirUdZu$~Q3+^m zFKir|TUY=zr4DltD4t=XnaslCa2=3AOIYU?R!$+0Q5qT=!np=?Z~~#y<B|14!J>OB zmRw#OzA9i*KX>_rlZ%$V6FN67nvqlC4CCbGeg@lvzdIkvWC)-8s8{K3JDUSTBj>qu z(#`wtpS3P@dvq=BIP2yzb+P{Hd2&;0-);9;%yH}5`YIkvw$ysBSouBTKUVL1r*XZc zzN%toWNSuVjIxpUe!l}RqH-S>>@OGC|A+Bg>&+D|0ue?lOC_#eT(r;qk$TpbS;jv+ zITE_B#BZ@`*}rg=mrt$TdH?vFvbY7_<`d`LQF@kpPDH9N>-4{~n?+K@k4J0HGur>@ z-LK2sPFGfMcQm@ibLIVy#;dz~BkZ?Izwp#pRB+3X<?i=QVxN4t{Mc8#^|FoITEBS0 z;q~f}(j(a*5p8xF@A^9CdjY0l7kzf8eOUZRTKe$xO|}<9Q3md?DnJ^zgEf*)&oN)+ zAuPo8>#oZj|DX+D?yqC{T3N}lSViKGw|2_`-JMsD|NC-KKH~I_+&NVx&u3_^7To%{ zV8Oz(J{>bB_e?B!w3=UL-{h75ldnEuPq@5z|J-QKk5~I12Y=~H{$;=X_Lj8!Nom(E z<~jC$(%t&1+-v^ah)3Fy2ON~&>S{E(+Es>3Qk(Ih!DEH_`w!PD6U6SVdBJx!Z;gw% zg}&#lhpu*7JI#X6TLrLv*L!g!+%qRpQQ|7g+6o&TtA_05uh)x;yu8tQaHmDiqlr0P z|5J9BtA-mKkXBjz@XpKo?loJtsBo|vywTmuz29|zz|NJQU(a9^T6?17*bI~SUM`zs zFRxCWntKnN+tr|rB*?mUc$)|@{g95lb&L<5<C%I4nwUBanwWT@Io|Y-TFlKB|C6?A zw&AnaT@OQ=FJU%lY{8Y^A@)MrE|?4S&52#058Y|TEG!K%5Z;tQOmIMt9x(^+N(Z-H zKus4514Ba#*b=-!;><DwtOrpox;m$+dg|PdK^5))y2SRgKD)n|$)A_~7(?JL9;P5& zr6o?5NB;G{I(cy472p5!tL8o0STk$w@;1)m_KVMFJ+4~1D)0BM%>@V2I~JK<Sv+gw z-?fL{8~$3c^Yd?xV-qj_)|^VrEEyZpvbb3{7z`MmXV<q%yzAa}u8Ze~;KSX>vCf>y zV35XS$Z+?^gK+og<<Gbd@BP})HQkg~y3;14tz6^O!Y`Hgwm!4i@FBIJr=BU~(Ek57 z7TVoB&t%AOq<6}nJHeOk%&icU7d2K64tgAA7(4gWy1l}hF1+f|E1qY}5&9lsuUEtr zzPNv(h#oj8!!|%7pJRp?g+;XF`J~~gm^r|piP^`XiOB?#iaE;5+0@lmZmdCW9e~DM zT~O06_LIz@t#@V~F-OGtW=P|%pehM=kePv*ff*?MfzL!RGy!uBsACJETIZXze>%JN zLeZ~mN~h%+H$5(PWpnY=+3l$+a_!vV?W=YCk2xAm3I8RuJeu!Ozr0+V<nmQpb$7<| zb{$&ZYFcTeyIUs7{L{v0FWXaR3*%op?VIxA#J!(N9x2D3u0E!nyO#CCudCeWXFdH8 zu%z4CeW`MERn-q;`yKCRPJgU$@R~;F`6<75y1sqvATD^N<O8?iBW<;;**@Xx)+pHR za;;+hymxk{=(<`zh2$fqWmfD=C(ZvJcYpWdW0`ER=%?vRww|b}yy>(`yFTXMIW_;q zX^p1qU3P`Y$ru==&V6PxIWEAj>ao?8yfae2e_k?Qr=qnwoLNbO*R!;KyT+~3{e6$` z@KqW@Y8}uxBcg>kck;2|?zmIy?dQw!Kb<*skIJ_x{e&B|NR<jVwC5eM<_ino*#o@) zx&B_+B^Ix_w>o2Hgy*F#vgW?^>a}icvChZZ^z4c^snz;VUb*dv)~wZv(?vGk>$$wT zQ}jl*%9W2|>uxNGxl$k4_f~>&<K*PMdwwJ~%$m3HoKwN0m9=cDwdxE1<-gf1r*iAD zcc>JDwdoe?o7ZCv{x%ACemcaa{Wkqb-%009G1;P>OnZ|4_<h=HylPYaWv)d5kH1;J z&~rI-JI!LHahS))TxsK8-X8k|^SPH#<<^<h@y;(Q>z1Bh^f$=V(UobMzRads#h!{A zJ>6a1x4h3X5j^QT>rCYKYfST^{8G10Stos8bA#B&{S5Qit;AEdvTRjWoXIuSdV0-! zl$@ATS^*hkgG_8gCPI+v6TZFhoXC3Ipo#UcK@;<8NKO>ts#|v7+hyLZES1)I&vuAj z7OUUA5j|JBA>~S+P(#>BaXh>}r4^8VbFiMH9(?x}j~HAWxvdD<H*9KPY+!0=Y-DH( zKC1+oYd|e~2+e?8Z=JqhaK_6INzFbs?LULF%(*}D+q9p{zoVwP_h{#?lg+l@-<^s+ zmg`x(<)qtUX%k`lgPpG7Uv6&vZI<f&o8ys3q2P%;>v?nUccz*zYyD>JBC+k5xj~Z4 zr0JQpP6jGZczHUrlkXjUc;9cONKWvB#B<-o^<{1LK2!3Mo%~hc$ilKWS@(|S+@H23 z%)#kE(j<e0x}sASTvA};%*)Ds`g;4mD<3|J)^tDf+a-L)TRm>3jd*N-W4*Dh|7CmW zH!=1fY<x=dJ}tXC_m(buGSji5ms9rmcuw{22s&~5MP}2FGbYhWAKI38?)BixO>4|O zaU$h6<HIix@7<ht_jdFZt(j_~(sDkNG@IsKozytVu|V?slBbis_mrm_-j(@lSimbj zljkRorKFblR)fOOtNiOC9@^@g%sxN=TSe=k$yG&mY5jA=1QYt_b>^q<d*B{r%`+># z`@Gw+bry?1E#LF(T5GnkN`aF1X^z>uPyArgl-;Mm<F-G$efDOpG$&KHoK?Hl{+v<$ zG9XmMaR0_zx^ElSW~ltmTz#WZ*x*_E=5~j_opqm_FACn*Pt{L37ca7N<9@@v?G;gx zsU55SL>hUtUGv$g={@yw+2?ZATqhZeX5YVy<7e0FuBnvfb26NsyySOR=2azLlL-cT zE4Dny-8N;-o^HSE1%HlO^rfgi^tGID?qqvQL?NVPYFuH^xD>PSaRLn&DzI1^SQ?nK zv1>PKGcq!A8R!^j!Ftt9jAC-25yWEDBcx!NP%ozxt(nb+(ro@Op;7kJgH>nYx{un@ z+M9xZc-L%3s_n5#qZfcoj0{<lB5(6559+jE;Vr1U{;lF9H;dnqjprs8{M!(6!07Bu zgB0=o{7)Yl|7ACGDB_damKAx8;c14#UA-b+`K%N}g_c^+Wl`p@T~D@ty>eW9Ci}D5 zp-*^TtlV<0Cwi-3%=s=p-fL^h8~+*2QJGhCF68rt{6%5c-W)d9NsZVS&LH*4^w;ZZ z!`MRyg>0uac1-I$7#UObtiHhHdGn)<4<GJ`cz<Q;lY}`RrcE#EdELUKm)gH%`=$Ey zyC*Ksi&?dD$pTdow%Kp|>vXy6WlKLA-*|g&M`^BI^v)TwhP+`nocRqVZeq#48@6w1 zLumTG8)utuO1#tKZ_}MLuR!?Cy}*;s6--NgPyCEOGBLtUtURh@mBSwP`35^TeistI z`}n_#gKSmSMSlsdRTE@iJILK%DCaUsVAiMJhZnuw=Dl!rn*Pdl=I1wQSDAi&TIQv) z>fX7Xr+(T`&i}c1*Q=#=GuQt8Up@0{>bnn-8tK<3OkE<}va;pii*x5nCnrnov3Yeh zMP64+$nx0XD5JOT6UF%USR4$v*MCZDf{DyK$0>8-B=vr{dd@7FxPc}AF-z3O)mp3n z9ltPb+pULQDQtNOzI&bg{#V>mIVHX2`ZUX&bszawEwA<HR`5BWa&5<Sw+((5wZg0x zOy0Y`LFEBg-SbmdPrYajy<?{Ja7xDH<7q`M{0)jmIjYB%8=ARZgDU`eXs@E8C^5GH zHh_?v2(ADS4KaR0c=69-V$j55V9>-Y0V)0k0;c4=k$81=j_=j!?@Rj^tVJ&RLDMab zO-N;bXt1H2fedJHlUrC6G*ke#7d(WXSyBleFMxIsxP+x6f)aBJ6u@&XnI)BoZNi>; z$%eWH+8|Syg;gM`pw$FuKmxM!2xV<Os6A(3VrXb!XlQO|VqgMl&zTw+8W<Xw8k-w} zcKr?pM-pld&QOutE4pRZ{o_4L)wfx2XMW!1w?aoxQ8vcqzG7^ha>>8Ax-DMYm#vjw z_kd08(d_7(=_T2*4gH#P+oW&K;hm9NCZG}VBy~f**Nn>f4-OmFHE3_`IpAO|*mmLc zqBgUHC07laa&P8c;1^;so*wU?81>=F&xxy_%UbVwasErTu1U=!k3^Zi&xtN)@)vlm zoU+09*7KDnRYevn9M9NH5v+ZEVp-4jw$rDKt#8_zcmJ-kYtwmNe4Q(NP0DP^*I)Qq zIJ(v_i%X__iBeVSHPPAhEkjl)_i~q<$gLy&%N{AWUajKYoAu!3n>XUSout!OslIh> zR{V4DWX;tiyI-G<>R$eP1$szS<9vh0Ih0NE9P?jf%a+{2Ip<u`6P7i-F<W15lLqfN zmz8JHH_$cEUZA-^y-gKVL|f_WgLVO7BvbtecO26^jA$7EJYG3b)RLJ|I{mko%ulX_ z=!Lg@rzibX30A+}l;Sr*@35z|_N+U9R#c>$ew6(nxOcn9V}WnH_w6s8+_oxoiN`Lc z+xH^%M5C?eiq*PbH-8oHTP9?-TmJgOMiw`P#X7kw=P}mVYo246eE;vsNyVL=Df6Cd zKarWJb7|+f+H?7aGcP~ecS&x-2Tqa780FQzmu@M_`_8PK`|!N_e1X|A9lRU5QXCC; z@a0TUSu#7Ouz%O?IvMHPSq=P(dtTmNw%y^&rtXy+pS+(Xb-^}s=DQUdiyzu-{;)}K z&iNXLXLp}F*DktYwRL6hCzF{+t_VD2`^(uPVEyih&zCpqHBN_0YMQz@Pi|pW-2*Ob zjG<)>bTbvWj6vEfh&rc(dY<(=c=^LL(V&T`*Pw|>1XBKRls>zE`d~)%3ZxD#lR*t? znZswm11c>zcvwSHD-w%gTZh?s*gf(~i%atJ3?&T2Kq|O+_=AIeP-cG(4fH`W%sd*w z!9Ji83Oa5HKllcvq=6rUZDwF(Xk=(%Xkq|bb#G#b#2sMQ;TW`V&0868WSO$rym*aX z@zc|kQta<k^~s*$*u1DvWmli)P8MnRX%VY+r=EB_kHhqY`s>b~;E2~rUH?8r^Jg0d zB|BPoo_+IXTd(A06ZSj1kFnJsa-I6-bo~nD2b?b(e|>hpycjfki0H>PU2H8jcy7va zxsPem@25*H9#MR87PBdZe6$)?9jG%GZODlLdc1c2^VgArOA^i}ZkSg6mi4E;@WeZB zpZ*ER7IbslEThPfw0qy-=P%B(&-}^D9b05~WEGQv{GMIhj|^0P*W@;Ya?P}B;5B}l zws`a6-Ak`__jBqji>-U~ft@2G_fkz}Ui|&1S*hT}Z2?W(>9FIqVJB^XM&{vF5@I`S zyl#9t@*?p*cnW7>GH7D{XVAp-43feHMAzg^k=#`2?f6Z7<zWeadE^2HH004Z12wh7 zdROS@aD$qo%%LpY!UoVONecz|f!v^jy7A0Nnt|uQS(t@&;W}UkYv8DIK}QIK7oi(i z7?>Csfrs(H%a6@LJ8R+Nc!SsJglgkEkK&RdWR1fujf{W2KHc84{EF9IwvJaReTFlZ zT1=3eab7Q3`-9samrb1u4`}ds7AQ`gpK@T?WFe+hwYFnRJ3suo-m;)zy}#6Sdp4J= zCtnu{)IKrP_$`z8OoQE}c#=})a^{YlxydJjZp~1C&f!yFx8<bJ!K3NTvBsa71>a;{ z2!3>Nms!G;hTVzDInm;E_Z_Clt>!(Xs8P`I|C(A(P6CUnUua$J`~6cq?roR7ThPlI z-?4P|r$g^vU375FO|p;;V>`<19;hJsr&@rUFKJy_=>GWfeRiIV!L~D0nafn7WVhVz zd{y~$+h%L~T|OF)^=xah`VL<B#wuI;%&G11(yQ)}E)ZyNhQNA#<dMiDm8bd^`Z3GO z+{wOe7(K<#-k@F=EjfehOWmWw=ffJRt19-+U#Bzk`TJY<r^In)E`Oev(X+Q`pZiL_ z=|VfaKBio@ysv6<<=|Pr#t-}~M^rYOOgpx0mBIat#Nz8e`&v8S^Tkco@X}K67wFTg zX*<F+?-oyaDxVAQq`!YRi<$ir<dyB=WADt;4EtX6<*w+Qa?`Z%)xyCy`VKlAy)G;k zRdjrNCgYK+jm?Z1wY`oDr$`)BjrsH8Uo%sC4KMF`J&qVJ2VT23jfu}xZl8L<r^~*{ zF6>V4SI1U%kJ&ujr#<a!-)#STx;MR3YW3UQa*G)_IK;J@Vhm&5x^(&5W|!P_{e8t@ zW7Vn*-L_3Ll^!0{K0fEi=lB&(La!wSb-_i7G_*)bPK-|ht&4zEm_^9LGUo77gEiNn zi8a%pi8&BbYH%`4+R<@)L)XD%wD2_uLMknSy<yu1*oC>AK<k}~a}vuEVS-%3TrMD+ z6%zG|^<a~H%)$cBjtUTQ@SuH=5vYA_XargZWngJ&Y7ENfCdgcx*hy%NX3^p!44l_m zV|8;yz8yMTJkRt{VQ5|B@6~Pr4-VFNRy<o>8DVqle~rxi8`GI8?6MtMUOMjG$E@S} zO+V$z>e$8Zwkfk;X3RQvM%sSYzD?aGOnNgyCI9r~uZq9rbIzApaq*2yCX>Uao%Z2j z5VMJwI(y=H&a$<a4VUkE@$_NZwM)O5w>YMr6j;Z{ntZGwE7RcbrFRqF^QzyUKehPF zL)BY3V)q;^OkQ>Wx%h%bBvIF~Zq4y>zte#szvCuJNV7y`96NdB*LL9rGqwwAZ@(6P zre>b_#nY<)+Wb`X!gwlt=P?Q`(_YS)npcw~+tPCX)q(7-OSPsp9}X7eDVF8l<Tl}= zlhrwgys2ydADgl^Z+c5#ZT`Hj242tH;z!k!<PLv6`1!RSYyM5?^X6qNC$>aA5nq1# zZkhZA$+8zZtedaRF}X4APGb8+)+a6;#s_ch<Vd};Zj%}B>s=PRc%IIl_qsRj?#%Po zIvu~UOzP6q%+0ovd0tw}RLJ-F!1KMQCGXBn*mNi@VcSNQcPF2<?VOe7u;RJk+eTOB z?r-UlFAlN^?!9}yfyqDBp(4gT;Kb}_@{QF`TvkN4&U$n&>gw^IRxWAYPmDrpp5)Bg z%x5dUXp@Q1wYp6!Ja=EL(s0<fNKF3z6LWdN;@=avQk@s^*8E^&3^lIZz`Nti*L6#s z!fVU~d#dA(FwgC&oJ&>#wRPr?^&6&qeXMYeYwbC|uqAqVPH)jN5O|fU8e3e!^Hk## zO?fxxh+9clrEOyTR$-kPr~m4|-%pLhGqe(Ywx|eo)#eI{e4n%R)U!SF)cbrSPpsTq zb>O-gUv6tr-il+3a=-m5POjgRSIHqWw`;ysSMahMyKkC?ZWKJal6iBO_0E>bN^x}u zzX=6(ztTzH^UuuZ>yGmmH+xR9zO2bNQ+nF>#2wa0w6|5{Y*Eht@b~hjxKjC<Q&+6{ zcI)9$!|LA`-8Ns^lfES>WEbc6<PDP-&HDK=NUu9VX!W1331ROAV!Dq=Io)ZFPT@Pf zb<Z{bgEcmJy~4S_t6v*jxZ}J2=+$jYeWD9bzA)VP!h+3Xq12;Sm+lE!Mo9f{;A<*< zw*4e~4&VF#79VF69@$>cCwf6ObFb1|?YFGo+}zi^J@Da*^`kfMrbSN>_LB><dcEQO zwB6H`1$TXNZYxQddP1Z0zO3o4OXkfM!4_uL=W|~E%;vlBo8^Un`Sn!BiZ-4qJH@1r z^~r@iC+EA|UZK9IbYEVh-Sq>nrDyOL#F%XAI&+{^;&oot=I>Dp+4rw>n)EqAY5Eh9 zh3vEa$`16^{#~Ma-2Lr;`QkNa4ljL~&($|O^-w_T*2N2gh0cVwCw^{RC*YR2*F|y1 zA={Gkbt<O6WZ3y;+bW%UZ>Zn1MriMQ2aP|P>GL-U`=_ZK36^{*rz!gWS?-2<-Soeo zbEHe%7C-e8f4Ss3H@JX?&0~Rw&OtkhL6fnd_8#aUPozBr{37sT8h!YLli}9vH-(>> zH%OwTvY~MVCS+d%e21~28Db5rxskD<*$_F&(-3q9GjarAToJRsZ~N3oht!0!jU|se zL~yN+T-D34_)o*}fa<<03TnHIgl;H@c&Z90&6w+U>EOwEe$sk6d={UjR5N6jMX^4U z>-N|`V_Jz_=BbxkE0(hDxylg7$@NLSD(H{y)s3&VbSA2NmJ+_b@_f)+9+h1?=e?<8 zDET#cZI0%ob%9%UUk=~D`SXh2IbT$~wXV&a_hsI{19eVT&$*`t-`bwRH^Jw3fqlQ1 z&Xmt;cat+$PPrlAchsF@!c1v#-<>&m?-Qm9_9-@O-MgUp#)VDgM_gY;sr^nXEBnDF zpP0)ZdbD}FKv)qQ`_j)FrI=Y$_~u4+U27|lR=M|2qf7fj)`mY-i|%Zy<m*o5hZLr$ zUATAIo;FqXypK0>Ztps=T5^7|almtwfoiM@2(%V4PqJiWWKfm3GO=IyUB8^HVDK$n z7fs0pa@mISeEH_BwT*GipQ^30uyTf#h1u`jY4be(PnhuD_R5agTiQ$Q6=t6+I=?XV zpl`||Nw$UT#ys4bPd~m|z4*;mu96AIYl}WzkC{L5{lxC=ciyHgI^UOOy=T4^(*yOp zVlxg*y~4HRN#m^2DW-EK#CMppt&N<@wc%p=Wyw>W&yAwYWbB$&L`~jz>_W=KZRc-p zlQ@67?o#UFWk>qN4G;dVE4zKU^>M_e@~SfH9Q^>9=eNJ5SIU2FnmUVpxybtdI~t1V zoR_ZoM#)IZ^p(dPo}yxFl<i%2rD96+K6Br5@yF%-Y#wwPPvz!cYIMyes!~T1T-v~f zYKuz}i_$VvLAS+#7KO$ep{|VojVNn`4VqZ^4Vsv~Lz;w)C}&xL#%42+nu4LhuwzZQ zgk^$Zb|{3TCTHa3=j5knrWQjNe;64UfJQ{Pg*6e%AnQ|&6mawgK@CI$69Y3NOG9&G zOK>q^jLbElpG%q;6)<x;FX$w84)A4A+l@~Ads(=QrFAWjV9Nb-zVA;kOSIcBT>aZ- z+58WO7v8#ZBTqYc!f%x&b}b*~y@-GFRNdvP#xncrdk?feoLC>MKkpPP<7B!1G#Sg~ zzQ3Zj6|<<Oy)LhR9(l}brm9HDYqjH_>m{!m6!fp(;HLF|?Q6}q*XOTdX<vNhXXjFr z_}k7Co6K&e*=*dgv+3^~D?5P`*6-O;)2e1mO4$A{474%Oi{EEkUc4!mE$6Uu*evZ< zwMjC|nKnPM=UvZH*|fvV_SKxrrknR<p89%b?u)-Ez2XhVd2wE`Gf&F3Z<#A~;A)<* zsdC)?+3~jTuYE5&^vZ5`1+R=#dN#|AAJ=Z>cYktOz_^-;k$G|BQG>=qNK;Dt<F{Wt zcUQjcOLXX(JJ$sc@vZE5ZqPUhG|#2X(%5Ct*xn$5P0hlbC0X=~+9pN@@Hn5WFzoU* zq**Uk=(IoUT>Fl>7f(usE?krO`E%s0*^KQ{{^2VZR&r|H{;t1C?#%JHtQ*bk3#Y&L zG_@;dbBsvZ-xsliE8YIh=DUh%@+U)n6`is5ak$aAzI<MD)$T>dznX~m-4t~A@<&I@ zSG0b4QmmfpWd?2qDcOvl;yb?V?S88fdDmC0TfF(irqtuQRZCax32w{18@}Y!4+Tf= zj1OOam+T9Rt*ZR`Q?~W7?$mu>3nw_A>6M?wz}2q#GE^yoLHX5VA!p5KcaFO~j#;T} zE1oK@a@;aiaq7<6izcguudUs4=aH@D*}Zn91q&r2nNKQh>7R2oPV4&8ZCAK*e{6RU zbekn#$(OXBfBKsT`tssaz(on{F1W(d{IbN9%wkB-GC2|D*n%7If`o0MK@;0tgC>?% zNI}BHdJH)Wfl3lrq>{wR7uHqe5*7$7%?|@v0Y4N8aT^?53fzlyc7z;S0NPPwWMXJ( zXb3qM+|bYv#5FK8F^NLCa*6_L2z4FLggc3a%y~BB@@3z5|K1*-?`-Lny7`4zhskZ; z$cZKAC+%QySj*&XxOz|T#EcsXd{T^$q^kYIV;^;Gx1T9>_I2XwL#fN;w{PFOz5mbO zf`0A=>H8QLMV>Ew#;;lSe`8pstG4{Ss*o3pHBB>?F#7W^(KCN9z5j8)z>1>P5#i56 z+D@GO9DPgYR%~CM&0@P-znh-k{S>o_)i}S)?A!%mzyJHacuahj9ah{Mz!Lg;<L<e? zUFA|l?}ak<FqLgRz0lq%bC3Ss3}>;hPA&7qiGP=^^E+@_Bz20p_awIWEEi79>A1~Z z-MD_Et=5rLtBP&!?lf$?bb00+t9RK^*_(T}Up+VH(7vVK`eGaBWmvQ2udAK^<KCMy zn#*S_R&~~Y|1n<eVTbRJxV-B(Me-z#GnZSpbWT1J94fppu)^WTj+2YtRqqONYMv+Z zmNh6UGHm(uKXdK5G;iGTpU5Y?=ibyM_q%8ATQl3Z<Nemg_0q?bf=_%q{%*R+hNCqV zK_@<(%PUW4S@u$^OyO+=qqxE3mr~siij!|<O`78Aw`HwY>ygDu27fr;W+)Xe>);7h zj5zwxYQEOpQx7LRxLLe9r(wqn?v%+3=JZJZ-+YPZ%|x~KuFZ=c7WC_IJw2P75%~I+ zJ!^fp(KF$g?0@kNkCaYq*^=UaZC9;_-HJ?}>$}?uPZsa6x1Ou&ee1u&Ye;LSiE*ky z6XQe!j227dLr}@5z|wfrpz)eP<7GBZ@R5=GA{dwrKt<<d_(VUGL1UX#W3yvkCFF?W zG=-9k%wh#ZEt#s2oS#=*l37w(l3J{gn4FwiP?DIJoT`uyQktrOnMY7G2ju5uCRZxx zBME}0BLa#NlS?v_Qx$?s5=&BZQ}asn40Pd+ViZ$^PHll^U}0qdWaSTNf<r&Kpcr|> z6!HMxrvt(dnw;%^ztc}Qnr0evd&g;}3kG?h;812sH%M&|!KPrL=Mr}+W!)ysvIpEB z_g}j}$LH69Px;@|LRTxBynC*B>u~h84b3+%TzI7T`*Xr_>)3=~^+mJ4aVTj$-@l;f z=^T|T!;KTF)Ni*4cB(HckFvPFe@)w;cd^ZT*p6K+&*sln(f6*(S<XJ~)Z>=<YdgAS zSBv#Vr-|Pb`_kQT>F$qBWrzP*2(RL~=ai|P_u1xkgZk~S%UpQpM}<amU*!$*IJ$2B zC;f(_uZ#jrg{JEreE9#Paz~)W{7-3NWzYEor!NiS@%0RxYG%8CkvETkY}-tqRiBFl zCqH@hZT77dvCDn8&tqCw%y8nCGV_a{uOv&77^a+7QrI_TdF0lntbH>pt5$yUQVIHA z@^_ctvlX&Tc^i2fTn?_gtZW{?yR}AplHQBDrQLUDKHRUKuN%9ny8R#5UGG1AU)7%E z6*%P?zcHLwJ^A31lbKSs2eSQ?a^J0v@I7|H@u2oAf1&oc*RD5mzRqB}yx>M?7u!t9 zMGML=8q8aBru1F&*9}RQ=X1gz`COXF%~z@+J!}78Dd&%;%70t;C+^795OZRQE6|cr zywU$~uX40*iNmCu$&$RqcQf}Sx$k*UqP^*L?LJ58tq0tWE>t=l?{`pR(mjb?SG6>D z3wDc7o-s3FN{sUPDD~-a+^lSq&E>2!&0epZmnhqBbgPf&T8UjXr^+qHa`z+FXH9x$ zem(V2HPLuer1Yb_>*nFxcvlMD0#|Fc&;iq8SnCyhj3DS}acBhxpR+?cmlQM+gFK}A zA71S-e>P}hes9pkbRAOdp|+o~&AdP_-r^8ucPz@R%Flxjq_PWh1t;g1loY2V=A;ta z&bBtN1huo7g^dvHZ1`E}kUA6LAqB)ig7C{5Ee$LU3{hrYj16(kybL0z6PkIs%42mz z>!;tNulppY$M<yvZ<Mz`eSW@zaIU7+3I1A}@7ZM*$v4dsR?LozVQAQ-A6fsc{imvP z+w)B6pji_h7CyeA%j=i_?S$veZJ(vW)@g4m5qW+7x7uT=U9!{kvaBPfbh?NAS6wi< zAh`KfONq$g^m!~9R`>fHqGY}N&O1-Eejav>q2P4TyXx9?R?qhs{&f9zDB-+tB$IZ- z858&WJMT?M&1E{TGjZ9n=l5DAJZsYY7F*@6-1^Q$Zx=7~4&(douQz7*s@|M^uJNL) zo6)p__Ipfxp3be?a*B7Syh?OjbMi{a{dWE1N}JTq%#RGonEz*=mj01YnNo)Y@m8i# z%kFwsNbN-8%*&j3hWo1+uN!DvbS&DD>ow<-;KXL+MjUKethd>+mh#NI){^tnl{xbH z5>NhZxf6fGtnus(X-D1p33rc6W!$`&*Y>bO`MmHw=kt$DHnYr?*Sxy_N8E|42lu|4 zly6k>X=0Q9-X^E2wOZR1YJK-qg$f-KeYN*{)>OTmlKJOlwtPCuxVZH~k=@$j)!eg7 zd2(I1_f1(d&3x;E3;m+*e2-r=-|heV-jT8VjQYx?R^w0R9PbOym$ThFAt~G8aK6?} z_P^Zmhv)t)-#+%MH`H$>({p!0H@h!?_f~7F?OvIfWUjGISL>TVTgu6T<(JlO*DR=f zWpgW8b^hOs?FMfOewTJ_&rL|*BzI!x%Nr~5nYz<?ebvGXZz=pa=oQerQDYalAkl{w zB(NhwK;wG2Rw^J?N%2*}iw>5l22Csz4VsuMAw>s^Yj!{ga&Uv%%#9n68qJ}>@Kv$G zywKx9q5W;dye+7{hPnxKaw_P&QiaT71;}ZopzZ3ZDbOQJQ;Smbl2c&|YPp5Qpi{nP zu!BmWW+T>7LG8r5x&hpcH#0OeGB+|XGByF7iEaetnu53nL(ofvN}Fv{w>dlgI+m-I z?{R;Mk7YRPyTg@&ju~ce-~5}!*uT(1<Ii^iw=_LpIjN0Oe#b5znA)-7<bT6%W9Hl2 zo2%^<TH@Yr3e#Br<H1gcLi3}i-T9_#WgJkNnk0JL{pQyT+W(upPp-AQ=W}~PLx4SJ zR|~@%11?*Mv%mjpMb1*5Dz4)?Pd?ANGM6W2#y^kcN0r@U;{N76m)r6!!}VfYbM&IF z-i?nn8~&*lcC6jEr+-b*H1Ab`y-$P<C13dY&cD58bJo>8mLY|ws;cTI+^v;uxY@Wn zQtgo7zh{#leQ$V@`rE{uPqU%GcfCcM-n{zo_4CBny_Pwxp%}kS=En0yEJ{Bw-@0)c zQra|bFlbzBzz1sR@gpuX$7mUY7Ujtbu&5X)HSmM3?LbN@jr>LisEGx6aYx34C+SO; z1veaTOIz~sySMZ2mc6-10}wc*!MBlrt7Ug&0A0T(%@Jm<XJ}=jXTZ$FG65~Ofv1%x zUoqHlomoNa!q4Ov6M0w_R>n)7sxI=ovhntXX}?3FBz1T=zHi#ox?*m9u6596t=rG9 zwDcr@<3Fv&I58mSOT5UV$t4Gb=NVW9Jl>LUROW+{OK+k3niEndU(TMzkRbfOpe|m} z*He14Xi)XZkX!rbPF<fp>&Cp7AD=k)J`!}X+P{8pvr}<U_p05?HP3%dk>T>axM$Ux z`C1qL*Vo^weYNqef$G7QTPByHE1JXJ%rQHx_DJwsx~J@<)jhvo|F3%2>a{$e;luJ6 zuPJ)*tTSzb93PzBl6;=gdDoogJN*gPpQE;Hsa|)BdxAyj`$pNcOW(r_%r@`;qp`kF zwKZD!pIm*^78`KkCI&6sN)j{66Z7KJi;%a9@^iq;FxE1ICe|W@Cgvze873e<H!|wF z{vkG(r41aJkK?|fg|LA=QgId%ZU{Yior_1^J-;lqC=b*PAzZo`85)6C_Zx#xD>X*u zQf>jEe*Y}h9dFJoDqT_i{akcp*U5`*LL4D)=6rhY_O0V{&C8|teca8KNHfaR%Y}FK z9zJ?e@$oGcdk^j3^Ys=^d9EWf`Qm<Q#`fTu=azrvQY<U~zjFJr;wk=a-vvC)f31l0 zjLm9f5Bt>hlkLLy0wv!q+Z}fr?b!HX<Ka2>1%HF@Hm<snT=DHjaNfc-SuH9>A#KMl zZ8{~xSJ`-NYe5nRqn@8X-&Mi&E7w1rwg1kU_FT0mC&L&0p7!(1L;K*K9G|+`!5rK< z;=j{R99p~aY{Qo6cgh&WL|<lIU-GcR{aoAC--e%m8SXP#rSZGKN7nQBdY!qsY0I|t zrqpd!$eL^2xUJuTA>F&PZO56^f1<%JSq@%{mvy<$rLR8At#%=A>DrJs(L0{jAE%w; zpS|GC;;PtvSG7u=o>t#mx^2~ZjWuf~tg+aBHN#Y`>dtrT&wpKKU)=3nk(d9`DI{yg z2i~>QUk1g!yqZ;XFYCK>g2<PpPqr1NuabZD$oHU=!@qPlaSMHS`@%Wvo+_S7)XimI z(Nd%PE>QJj@`QPRABJ~izwc7c-S}*;{o0GR)3{rE&t|Ld-p)Gv&F+aSx!8r6ru!*O z`0$@s?vbPQWe2P0y|K5_o-l1-51J9f*JnKE(6Xt&LnZTk`qp{#?>%VY8`s|=n|AhS z!n7?xQLLSPQ>$hioM<yuc@y84$}J~r4tgm<%DOCr45Xsx%$fIRG!vFsZ=AHv=9f`Y z{~A?MYqViTOE#8tEp`SLLj!#ST_#2b15W6+cvc3`4*7H~W(Ecp5$4$+l!X6J)iAq! zXWjv$--cFQfvIR&2;7x*Xz==_cJf@D!Cn8hlCp@e>ozwVS1hS25tsCP8MJlh1Fn*! zRT-x$7WmBS(^1yDnkA&N|4PQ?t_wHj%-<r<bI+nK+~QB~BmX#_`Kzrj{V$z<ddcH- zj{i>&h;8*?tbO^D>%a8VtjzrtiYpE+S6<n+x-9GkAI~@8yIN^oDW0}c673UM<~s## z_dos5-LcH{{eOlsGgqV8$J|<DAE|7Rd+af7M!5Tw&?<h%jV>ym5B`(N-rw=};Idnj z6XF`ZW-83_NR!;kP#MC%Lr33x&&t^7g!-QLr4NFVwf5bxZgmj-C$}xt{;2n@x~)~F znv3<SW+W&r{!**%r~7J4iOoy?CC2;$f_sD+uRZ0vynn0EqKB@^2hMQhC2sFr-TYWZ z?pZARb9n{3^XVs^uQA9~_s+=k){0@`FuDDs>`D4!wK?{Sj1GAnZImz+2wT<iUYG0t z4*Bv+`<F&6NP2SJdtzyCXTyxT+|$8+aqGWrn%+8n=dDn-oht9HAG454mKL&}`Y>Y6 zr~55e<7evghDJZLxUFYj^wOjC^lnYzemRTKou4-yF_@|B7yHR$p%Bj<p$VK5LMAfX zxIevmGWEfB@7g!+mp60Ut(|wFgn{q%-oUj7?&%yjob~Vh9q#47-0mmbp0g}6pj0`t zc=D#7f0!=2KPx;Z!1PYNr{(_|S6<<mW}^qHOWSm6z6gN}X$5E@omi4z91osfPE7%~ zLX8Xzk!F_pG~vZHbG1PebGbniQ#_=&=7=#qoum`L*$6p}fjX@=uqF7+Jfe;z`Nfcf zOHxz7JxY-A$hSq8<QF5A>MpLJ7NDV_fw_UXp^2#lc%_dqcxNQ6UrCwigc@U0Tdk+( zYgy}ApI`P_({$f?i8XesZvOCHU?=6ibI+{%pZ=Y(bAM4a?T|{J>6eu}f13X09xO^y z-}@^2_4BSXA$Ai2&Np0{`uoM!rYj;xx2+6S4ZpoH;M<0Tl*p>g^UT}xdH0>N%P%Q< zwaP%NIBB2f#KaSV|M-}-zGo@iVG`wy6V3Ybxar{5qjOU@a~4O=U{^mbJxx2Yq%g<% z<9E|efd}*6gf28!TGY<Ms^ea}MP_G`W}3#S?GGn^T{4Av=FWoFt<OAO^#=U8dGAa< zJKtUIqPYzQV(e4xHTeD>E%gt+Rx)dgie4Yn#PelGXUm0_%&Ab^_(At0_xwXwr%A|v z2vMr)VTTk@wFcD&h?TU<m$GftS;m?0?&9>91?%=$OXl2G#2m9kZfs%IApvUJDX<6{ zfUXSX1`lX%&}C*}WJGKAVV$5=D>u14#iLEjajuRX+k}K8J!`l_cF6CnzRYg<<d<Fb zCR@L^^Og5b|C}B3{@q`PW%n0OUdYw9=Dos&O2)kv-z9IT7@Dv!F54wK>#+Kr8~*%f zB$EHn<ma21T`Kla@y`vl<L=v+osTFgtlRa_cdEPf$@RGlw;X)a`E3io#nwkDcT~?W zyZw4r%*=&HIqv;^cI)c3C|8~%+YfCOdA~*QKcDE<uU~H;+xt3d`G+v2l{Tp%$3$1` zZJT$td0IwQVPoe*?uV}gr879rWX^jt&vBlMky_QGcCJF(*H5CBT)KVq?6G?Z^*cZN zyG(kowOzt)x#Ugm+KuLpP8)V5$bS0ADY)T7d-d|U;5-XEv@E5#1UlZ77+-<B#y1O* zS^W%}n7s^|n2aEqRlsHahK6g4)pvCoShnf?aL7i^w4lDCJ^YGRVQJ7g8YPK23c;D_ zd5I;ZMX8V+tl*rlhjdn%OK=FZwdJS~0a=M_U|?x%U}R`$WM~Omr(p=<8iEd$G>tN# z*aAXX_x}2q(*rn~!?&DCO8qvW>CN%WI@t!NqTk#+TzlN%poB>GgBQkSo?4IX6+I`f z@#9->=W#mq-Ji>f{Hd3;ZW{IXJpEq2L8yA`)B~N1SMGXStXIXuX4Jf>u1mz=tl)x& zS{6GixeWgX>}^QBzdbOy`NX4+#8=*ljc<aocP@J5Eu}HvWAQwmTbzA%;(Bs-74AnL z)9PBSx3^&JQEn;K2_;2GtFu;{Tr=qW|1?9mI)wYgwRLZz=1h{aP1)RY?Ee0fjs<VT zims}?u?V$vzVPR-M2y47>94QOn%yhA>z3-yV>j*}6lJnneJk&yo!-|NjyX2hnlqmW z%$C&JrWyYDsqO6fADEzbfs#0Cb7c9(CDl5GzivPDo>2P#h-gA<rvO^g0C#K_OX<uO zXNXxT_f8|t+-iUGaeME>oC~HZ#6G?m>2k@A*KTi@_kt4na{^6sN~C1#W=P#VE$qEn z!R5)smuLReF1?-g^xw0;5B%<KXRz8@;JN<O)7MNNFEVvYo}OYA=W#?rE<!S1jw$K` z&&Q2xSKf(i>&|;Q@oU?uUpv!`S4Bpjd$e4v*!{HjnVB2RJ<dN4^Zt6CpQp&E{n!VW z-N8k<&R^9$W(B2hk68ULy{xd}Ht(V^5n)Re!`4MBn4%2aAKndM-^0W?f#G#Za>8t} zJsl^7o?WV)*!|Pis5f=X%bJbhWv`BI)3DqxnksYRTlussuHJI)8xy%%`q*!4ZsU44 zx5?BLa<nUKy)4>M?8t+=s_-1h>T1x$>S)l!tO?11prhC?O*3tq&&B_=t>Q<t+U_oM z<d6m(&25QP6_RusJ7j?@O-^GsG9c8cSvzgM?i?>4ug1#2nQyvIXD0*-@A1uL`?G<g z_pYQs)^Rl+(;El!6<S_S**LqE`Ec}YuNNnNOenh<?f=;41)G`gnOSRWc_wI2y22)z zu*Te_vbC{kZIt-~-ZOKT`2>}{a-O@L<zm3M&<9s9E%R)BY5ww5-MW~mz8<se*C|Bh zc1*o#vLi^!dBTSMIjlRkRcwEC;fa-vP;k<JuTRzcOj%b7nLPfSQj(-&%itNM@z2O* zcl+H`b*4h=TVCJgZ=L<F7&^h9|INClhx4;<x?bM>A-?^sjgDp8E&F?Kib7vkE?#^4 zZq0^WGUxu>^EWL!&;O%BKFci7O+7LC<-GGB7KPT<sCMP+Z#jCtMNj)LZ=gWV?|A7w z(sf7IS<hfJob;bN{L8FOJHubDe$QKW@x!|>=h~J($a}dZbK(8WZ^p+m^`;BYTiU)M zT%ghXWbo$Q_1`94oO40q%cQ(p&Hl@hXZkGt9rs=_rAi?_C#6;NwE4><9&RnMJB)fp zx9q&X&a?U^?l9&3yonrbzxE}sh%$b2y2N?v&z#I4v*Viie?pmK<bTiK>;C$=r~6cH zzfL7i&j()<<v#A$>nh4?i2NUJ^|RDyv0wa~w;D+|eTzSxX%tU*d-nC6+sjWKtz+8z zDTE{B?-pH79q|ya85cty2BvdddYf05Z+}U*F;X+_^aRVPf^sG5|L(qq9=c6L!PAD+ zsMx^s!N=eWYXp<WU*o4i>%ChZrv;&92XJR))ry9GzKX>U7F{{}?CXpw>sJiS8>aJ3 z-V?Rrn@&$r`^t@f>Wlv-7gj87k34VikXK-na8z#7*Q{p^^B1skXFPGwKAv@d+uw4d zqNftSIKM2ItP^{wr?j;!bpj7_<#t2m<h2#eoNXB`r~dyuuQqE^<@2-NN1rDy7eD=Z zrO@Qb*~?$(2TwYZ5V7G5Q=mk2Yj09y^0u{G?#=qG_MJifKy0Xa$;^`h^^YU<TpsJF zzI)?iRK8`t)JyMJg`>Cr%Cw6ebAEAUx7sY%g1D93=E0BLs@4BKaQoD`{fyJL(;8}d zH<zBYI^igs@I9bMbls+0DN(8Lif5CwZl+FXvd>{!zfQ<XeVQ4|b=gG?$t!1ne7b8( zjmQSSlN;qr;w`=fzMB0@XOZBQmAdLut{c~H@+;&$5aD($lkIfy>COML9nU(})%x() z6jfG5o{jV3TQhs*jN;0gEnm*;+`-PXsU&8{@%)a36PABj^>cr^)fXwzB)RSL_t|dL zT%W#B=u?D%WH7UV^bV=cZ*%reXYO0f`B}DG@#B{JPh>96Pi10z6?08^bIbchOJjP< zHJ4``$X@4gX~mXTXFv3MTg;K1C9M&%qjSRhQ>Be|a-ULEj!Uff`|m!F{hMj(lFM9S z|G$c-<h);@r0O|&+kFP{TM>1!?~Y1uxOg#MQQ-K`&%2no)Y*@IymtKZgWsG9IpBtm zI<&J=qFa)hlUkgb4Bbc!?yx}5azqT1^UJ^sVdmooP0WW4nwX$xNiZ@Zr!i1x1!ecJ zi>slwfhK59jEhGpL^l|EL%nNWNor9+QD$)}Vvn$UZjuLl^qWTvp%`-7gmWrL4{Rci znMWo>HzYMDH8?d{0kV@A+!=x_YJ;?$EI{YM7#bK^nu6B28XJSSus+YAa3rDj*WS{} zACi>vRn|SIDqB;#_om9#9ozq${owTAbwx*5-0WE)vc5cB-!7jo_!6}B#$=YqZf%8* zUfLhDbV8Z0c^rOVY4P?`jE%j^p2@a}tNqUM?)#vi9>M2Q&mz^n^!hXrvk4bGs~493 zmdY;P_~YD4PMuG|R}YK0>}Xs1ty|mj)?(w3o4<;rzAK5!bWF^yPkVYet6_u6=lgB0 z9e*Y3OWWn;H%fCAt3>ZieV`L^BH?nHxc$R3A;!fMnXH!8SC?5XlApHCV%^pglS^dh z?cDM-VXl7I#RsqBqJ4x4cye46Rtw(vBKhsooFMb(zqTDRwD!6pGIQ;5sjso|zu0%w z@XB9nmfH;JIuTI}A}@E?%KW{|I<YBBXq80pYi7kM`~RIgg_cCY?XNJ~_fxL!y;Zy^ zV&A$6YiFoW|Hrs-LlDCb-zU<FCDL^V-o<5VsjiQ?CVT5r<;l;}H6OIK-(!j7{}_2C zrPX`pdQ}#=lWr@g-)q_=T`+&nxAldFcdJ>K>RjG=%Kh7^Pv4%e-RWV!M{N7S+%K;< z*T4C^^*QUjWpZ7?f!8KCo++99ZRf3Js;niIQFRV>P2OsP26+$d9gn*+m|p#Q`Fn_6 zqwOuvtXZ4i3)nt;oqzF!lKbg1=NSzr-IRE&w2xCx$}VctlWd-ls#<5i9i2<7uP?Hl z)^_HTnu%`Kq`9-CE*LzD^<&u(->pzre$aMm(?z#g);1M8@)us<O<7bSr|CEO@RAUb zXmBwAJE07A{9k-xadBx;YD#=&3amebC<XYU5v9OxgC^$f22D)!Ax$v>p63sqir;Yi z*Z(x(kMsuvOXLs-b%s(=+hL@iNeDe-fEm)40<FeTaD=#3!P5oSYXS{*7=W${hs>aZ zHZ>WeoJ&Y2XAsKRYxzXaJ#lV`+1UPhd&18`p{48Ys7>iu_2t}G1xt;H1fCxaw^oWy zHA=MEx>2L0tLx5uE}mxbs{RRUx}H}C#~8L~edC{DWL9?O-d&p&i{5AbR{Ru{cz?da zb@@jdZ~l`=xg-=F|1(0ubdUSlg=Rmq>#uCEusbMyxX1YB4Sk7!8vL7=H(xuP=W-y? zbeh<|$T{6*xz|4~^5)h4&s}tDUc!aG38u#?LfaJ<o`0Ilb;7g8aE5V?(#!S>Mp27) z2{#G8wG^K_)2e9UvtLVYUKKYiUDsNxw9cN<t?ipe<%x~Ao`j1ZsgvQ`uw~M+u+4in zO@F&;`G@UCSJ+P#yYPSEwAUQ*66OAoj15|vjygTnhB*j=7&LKxy=eWHNvE3(bpyMX zFISxVIrjuV%G!0T3b3pvUBtKN{-d`a9v2l?rA*oXy(sO5(G#cAq;>7DKV7|fFKqMt zGv`D!cJfY7h!OIMcyigc+0!**x@o4=3inrG$0}C~-AHe2xnIv|Gv(P1H64Y$wwpCN zzsLVqdNjR7{$=X>_6PS5rh9IVeZ7fO>$Te3ihZ^A+Ml<pndZiKGH&yXp3lfSd$q0V z!86<H4}HvUJN7Fj<8`C%l-Ew%fAz@SP5QVmAboqz-p?Q9vw6(e#p=y#Rz~MmeH3y_ zXuht_vd{b6^nHiZwK4?nH$3MtPTMccE0XuQUOrhs?pLq0YHm*d((Q?i8!s(ZTPRRC zckQFYKM&6g+^)^eaZc}9z^3KDxLoxYefR{<`NGf!0BG+EXix$vn_D8X`5J>J<`o7_ zOcNm4oRi_-oyUy)Cq4e7=Wi3F{OuNGC}bc2sq;BqGBR^3^Gh;|4F$oG%figV0m{7~ zJHgr29K6Kb)X><#6g0wt%rzj-R6@D$M8?OH*RE|gDOGEdd$VQVtC)vsZw1{GA1<m9 zt8h?!k}xmoMDoKU8>dbBFOi$6{7^gT``t%o`V-lAdYtEbQ@Ks&xruiHhw5URc4^5^ zjqLmu6C^JS{%hOv>0+Fm+_bX|Ip?emCvW?-;KItOLbXe0oyk7Y64qtB^0|^|u-Jz) z;%~y^UoPUB!Flg-{G9wd9*<kOMWdGOn!m>5G3Tc5UySa>ne3CPh;@oS$EVcqJK=h* zk;G<hovi(R_9B9v3Vh`vTWzOsw0~EXySgcX;Z44lhH9RcokX&@s=b|yg4j2;6RPW2 zy|z40*7@8c7F-weTTqJQpj*;>r5zs+^=97rWfj48ACmhT_ZT$p1V@RiFlc(1)qt6i z@jp_3Lh9{5N6QIYR3i5=ehRwk`Yp=xj-Wvb8*`|vGE1yMbb|;s1q&^fn2{H4O-P9g zwNzj;5M<*_X!Brf`{BgM$il+R#K4Z0{=hYQE3@3B!f#INA1+Ru_xkez{!dG<+?x9A z+P(}k+qyh?pRV^8`4w~HmIfuC6Z-L9>sJ12^MArj$4^_^DP`YE)T_TzWP8`(p`4F{ zWDo!KITxD^s%J#rsXexnN7HAa@uJu1R;ewQr#*UG=33CdRr}sg<!hdKHX>V(%{P?` zxNxvPtH6aR>GV3;49DfG!e0chV!y=p?WzbH_eADWot&briBo6scJJhU{`G#y*?Z4! zT;t@Jp8WKn-iGZiY6sK~tPeGqXMNR7OOoYFjNJe8I@|wW_}lIvcvVn&x5oj+l}j{q z|BC+D;HUk?AX@Q{;6#&sj_<4IPA~mGed>W}5&ExoyItS?<R;{xM%ZOJkhP)l$r*{c zNvTEPBig}jd);^=0|N`B+&&$i+u3~$n%F%Jnph2Cx&7qX%P+6iDxX6OZG*-&NZH*r z)X>?$5tQB8g{^!OQ;ITE6f}xcQx%d+i;7b7N)!@PQi@WGixm<}6hNzCk`r@Ni_$WS zaudNTSD~_+urh;HnA6e1$lS!($imzZy7HV$Sjf>?!5OYm0etkFx`8UlR%T&2NC!Z{ z8R1z-i$GTa<XLbrV_^U~jnv54&;;BnurM$;1}#?yafh0B2#p>cxF2@;iPh{f*Db=g z{~z2Y*=_D9F*V5jwfJ1kjy}^IHX}Xvq|cr#`)ggyHWr@Q8^u|C^=7Nf|B2zM_v6g^ z3NFSJI?LX?^*-j(Z|S{OTTicDe8y!t?>a?M`<+$MlS*$a5whr%?AqRN>5)->*qn*i zIs~{km!wQ8N%;Kjyo7(kCglsqt<NQT&+I?MbHQQLj61w5{1)%zT9>e3t!q&7uC%=w z4}R{GTG6;$&atBO^1*)$p&QymUZ_tnmGv=RJN?gey%{b0bxtnce{qJO$lK%}r)G3S zh|hfM$~?W!rcJJ+XWyrZE&Zt`HyC_sw;PH_X;yJbs2D6Z-&(bju~zNcPrkm$kAJ0& zw`y98TRU!3ynE$<?b7-4<(&gg?%tDAHGRgrvpw>^=LD|nF4(I+zwkizn%W6zFRsU0 z@ou<!sQ2oLxpNQZUbwJ7@X6yJhb_$3U0YuIY<-J!?Bq#2S?u?$WoIZ|TXWF#_TmMq z|BJSk$==I-sgtG?)N;Xf(m9!@PmN{oum^`MUe#nh%Uu7?-32KxpWWTN?oUdqtj+S1 zZ1-CJXTQjnvN^hFv(xWxPP=%HpyNqLuCNyFKa%p~$HL|pc0#jP$Xzk>)i3<ktMRRQ zrSPT1gA;dq95Cs3?D6)wohkG`V9FeY=E&l=H48s|{CoGi=Vj-J1!2jjY;B*KhDE;Q zJEd?&+k3JmbmLzWW0pY^W14{wsKf@B@EitgjEw)87<rHi`JJ4n=E&W?oMV-}?rq4& z=*euRdT|Dj#q!FK#qtdz*wid++_a=|{SeDJO`Hty5)HkIu>}Q_0*e{w<P$cQP+0{A z11$p$qy_jg&;|Gf;Pv}@sHGTM0SO*wYv`yixHn1TChHWp{}aMje$>A&#hd-BhEK** zrBeNd+p2uc$e@k_p;vcpzs?R0$$yxzXa(oaH?JdWj+uVEBk}TM`qTBhTpw`WJLSTE zNSv>HqHC3LeEc+>jP8T({WE6U9(Z&5>(!=7Ev6UunOTGt8AiM7t`c989Qc}xac%vZ z(s`#B%73gE+PL#cN`3k@WvwqeEMsT9P+b0SudS0*$*h9)894#5p6CDn=8Ju%<9@x- zDw1Jqadxu8H$ztrOTI4!bq)nl_7}39R+iXm=riS(7ER^s^+-N;OgVhg<T%rVy+66W z>(`L?#^?lMEUZ5xl*wW|GElC||#vcbjolg&4!>DRJ;f4<#&#uU>7H?1@e&fOGX zEbFy0YS~HV_iw*EUy;|fCA{VJ68j79R;_A}PJS`@QTB=}JBli@rQcdUi9J1gRr^(c zKZbudv*z0v@@p_L*3Njbe8ZxYd6hprK8db8^X!DnYx|0spQ;P(Y(CCdepEup{@HE~ zW2cv{Ts66$+A8&rHc8fUcGhePDeG8w@8IV%5A$vtUYopb=7RUCS;aFtqpkFWJLL8s zm^8&i`my@<Zn=D?|Ic5V&km5)UG$Ub-RX!3tHM1Qk5?UBFQXy9=#Fx#edDWjGcVsT zI4{iWFM6_N&vFml9|p?hH{84{bHDYxwW?1LtoZVB_PVPf2TB?)ay!jG2ySL;L7UmB zx+SIQMTtbLNNtAK$87!vO>Eu<O)SQc`j{gt!){LC?9;)>sSP~hwh5^^4hb>@O$RfF zvas{8Ip$?279|=w7}$YoN-iFASKW}(BlC+A6<nR%6`V42GLO#B%vA_U%?524&C1M4 zEy`3VOI7g5tjbL-0rMR7j?U9FR5MTknZV5>3o;?SC=oPnSCW~QnVnc%nV+ZNn_85e zT9s+2VW0+5$IK%SQwMJBr)4H5mVmaoz?Zy(DrG}s@VT%?29_q^o0vdcV?zknpm8XA zicr=3=&Su?)<C(|q>#8O?ynN;&Fkvc*L=UymAy3C*>b1%_ru3hI&G)ug){_NTC#h4 z-)&_tYd^DJf2z-!+U2%;-1%n|{OD<wE9sk*EA4P`ChzXjyb~+4XB}uUTz|^>^lNRC z7yZ+-8E0SR^Ws<)J*lMC`EtX$g&ooBHouBHEjFv%<;22oAsOfH^-tH{745*plOld# z>*TW!KMJRv<EeaqaiYfR_ys~i2E~$n{SSNC7aiX1_2HGg=!$o$XO_7AkXCxXna_Eb zj>?XsIx$yde#EBiJv=#1W4XQh$3D5sS^=z!LvNmbZW(-F#=M@8q;9nh-)nnoo*bK( z<`mlG{(MtJZ`ybE8a=aT0W$WtomGzRZ*#BQTq*NC>WlE3oFDd&BIT#PbF$mHc7;)^ z=XAG!-iG~Ar`MLa%fFns{k{f^(t<1ev5zYKU*)v6?On0#+>>92A8uZE&nEEQY2g~i z`WC*}z$x>DdA8{-_4#R8V3t4alpc>u=+RTZVwo1-zn0PywV9D?<yJ0t@&E59I%xGR zbh9#?@l^27ncbdYU4M37NSu|Qn)B@NX}eO-fBnlJbskN>KG#jy&#=r|W%E42)V9_2 z?`5z2*z<f%RLu4$_n6Rgp<9#+qocV$oWHXmG3C|D>ls|h%OCLCFIazh)up=kfeW4m zYKKk|6%RhWJ&iBT=f}@dp9#-}3XZ!%x?Z4x55%~J-s9VwJTJ@%sf_uhuJ!MX-=!CR zAqE)BbdeW>VAX+Mp&<=?aDz6|GBGl+np=JG-R}CxwN#~lTY1n6nHvI=Q$K%-WLsh< zr}-xK;)T^U54a|HRJ`?@!94SyM#4l{1KAzPH7lN(ZvAyRvFzD3cJEV}vo^I<l}~mR z7oD$iVTQ2K|J@7p{`&c}|2P-3YKAoH0|qy*riP`)-5Ph^T3o*W)b8cK-;s9{Tl_DD zOcPENw(D=m+&9^MtEuy)sNJ?P?>9TSpS2DZX4}Ad`)~3$s}8Q2`E?J^Ne5@Sq$vk- zRPTunTJ)FA+`=KT-)q{A3Fbf2j#o@z5Y_8m8)zELz9Ktg-A_LocD1t{tOaK*?aTHq zy_~Mb*tRVAQi64jbA4#no~cp?H7tGPoi9!NQWV*>GwhH3mbteI=9ESCI0wAzGbr-C z|KIcbv6bmJbJs8lKC%*1T^_-4IzQNPj)#SNhVjMg$NR68C|)_tI-%<SxoI66MKxoU zS6@h2DCB?di}+cirziKHa9;aYukYjfM_*?A5|UTAabP)5>(L2ctaYcUZPeN4v-<VM zOI;^#R|xaVan8-{XPD1)>)<c>sw&PSUe7wTrqA!}{%al|Z*|Thvdw#aA@`OWp9=iv z8wo$&usr<fty|8gTTDJ_9C?-dMeF^+?6O<G>vp%=TnawqyRYz}>&3sy>Ab?Fzt5+p zE6rWEf%78ge_50L|CFbjU$XpV%ge^S<+k<W)%h{9+v;9yZZdhx7NY{Lk({74QbuY{ zPHJ9ea(rTPVoGW*h>@2PUzA#$npl*a5uXX&;+UDA2ia?!oEQ&UX@=BuTn(?OSWFF? zSPTuCm?a@K73#Jt(D-lTRHQ1(J;>0-zzI}Oa0y#`K;5C>2z7@-VqS_u5Y!zCo=EOc z0M#XWh;37_dW~7woD@?)6GhIB3LxKrYav5JBLg!-V-rhL(C!FOx6r^4$~73Q?j|(G zwKACDvEH(8eZLZJ=uWl!p`#VzcXnq>;*<#ge%tOR&Yw#=djp>wHow%>;ae%UUFfcJ zg;&?4XV*Qh@-MN{bTQq*{w+f`^sGhThaMHf*7eONYhRYHe=AizSN!MZxfTKZ%c3eL zHmo;ax9qav@2zT_b8VvD2OibFKP~pPksQ;l0?#*jJSS$E_kRCqmf)?X(=_iw#b;jr z<RyUy4}WT_3$fpLwO1l(#)e4q+I{anD+D@4HNT&{D^v7i(%ktoEt?i@FVXA1a+JGT z|HBEcTeg*4vnI<d)hH^S=saurMc>wzohwWFMI4UbxwpnKC1;D|Y^LN~m6U#$O{%ZX z#g_0S8^!dtKZO*ujhzOKSjLpOL2Z40&_EI+^32h)iB5lo6TOt@aV*h%dPA5+`JJPx zfjda89E*d2-2xi})+T1X^dc~oT57=7#G;p)0-^JZ(hXP}A+n9kdLY?GsB9yP9!M6c zJcb=?ApgG7@nLnI{idEab0;r98FRVbv|TEVC;f%^6%Q~^Z&S^Uy{x3UB4-ir%Gb7R z(KD@%pE*3sq<%Hu2|t;Kzn<JV%e!yC%D<fF*@t*fu+8)9P1IPH_4nzwq*oF)ehY%< zZnB#5dg+{rV%vP19`LYwtjzg(=Ev!|o?AXJE&W@-{I*MR={n&y&%?&W``WEby2V}9 ze8eU;|4Xku>zkbZ>oc>^v<kM~jp=Xu?Dx(0XZpICQ~$G1`+cp`Q)?K{tTC(Fzo@wC zd;h_$vlfbM>NlRx`(EizT6N1_S8+C5n^QZ>P5Mv0I&W`i_qgM6gQx0=>09T{n(4d2 z=7$%<?3BCnExj+QU*7>Pk6>3~C6!hdBo-IPLnfb%uuMN8PPAr?HE3duG-zUWgqAl< z=uKijq~gZU-%!>-8eH7)h&Vy4QE&{_wX`rcG&43fGKXJy#Ul=rhRh=yL57i>!S{xO z&Ym_hGq5nWFaVzqYhY*q=NeGkK0*!2>&N51A7sB${@Ypc%a^a2Pu>|Z-d@}$|0I%k z*Yncmpx3Wt5=A|B%d(&9S-0WNw7IViCroN<(kPx2#`fPk<pYnFx#!lW=Xq-0ee~L0 zY>@i-s($mfy2sDI&Rd=E^YX{JlS;at$V^)k-SBej7sK|&fq#zIEzIu=F26GUV5spV zI|=>LD{I?4PfuMR!j^M`O}IDu|3fv&$O9_78Vf5YxCCUVOo`vIS@5H#W8z}R)5>O7 z4}LTX5b&%2(l+@`%jLd3-uq)1{n%~qh;&WiTJoy+H+SF*VRngMd>^$hhKSbMJp8^z z(kVSDuKdBG&^Oy|W{O|6TJQ4K>*%~ERq8cQORujwt@`|aHrH)_-^qR}7M!it`xMET zwVihddt+U<g|x*puJD<*?-XAw{>meExBHDr-yAI&22t_ejOI%P^CdXW3T9kAnH_ZY zh+F@it)Fj%7t6hzV#%`q@;!@tTY}$Y$}Flo(*H!dVC|<xKYxE0OG(R|?-{u0k*GvE zn^*nSoUOi_jUObwj@|ci2EWmDS#KM?D8`_PoS*K$>b=3{ki1Ip$-l$q^F)H|zdSng zDRJ_}zv<c6gVycOSnc4vAlx*#;zRI{L?`x?W7qR%`&jTMuSr^O*1f2hi}$PI-jY?m zuZoyGZy%4BO-erg_wK|u#_zu7ZpkyqxOd{3+J@4&>MiUFGZvN^?eNWk&Y)qP8b`D& zPd1c4NSf62)osq_UEh5U-`lZxttHyhU^cXj10J~uj#vD;YlBsgrOu=cISeP?pHq0x z_G#L@mrF|OtHl0n|GMqBsI>j+We1941vVDG+vERu?HcA>y+Xb9M;@<Tyq8CC`Ii4) zo2mr_<d=s#ZaT2;i%#S<cY%)2ih-I2rxM!MyRDXeYZbj=$~~9IjvR{)zLCB5*MHkJ z_X{H2r=FeKT3ue}C?D5+d|Qv@v<>#t8XfZ!COmra^S4sr&DzbjZu_^ite+sm-!GK4 z{{1_-s&!0WUE<nh|JH<bs_6LJZ`-uouV=-?>Ay9PRmbS=Je{^}`-*6xz}Bstbx9Qk z|5j!tY?I}y<oSE*l}ba=;pz6D%2zupaUFlXji;qary<+1i{rrSrP=pq3Z3q{8rQ%x z@qrqLna9yz7J{b#RhxA`Rqem^x9{K5)2=%5M>>MnmGj-4Rd%#bM|Sb9t8a|f9ay#I z`^75X*H_pdd3;yu+puJQ*15h-n-ab(R=S}4dP-DP=3V~%4&iIEBLi+Op7}8EUoT^& zy0YlKNpq_?eWRXxdl*DXJmboJ*8kwr?q~OF@)Vm6W?1@enGunebjE8!+~Hs9EE_9D zOJ<(gw^revT7t~$u)t-DUp-lDzx;pVosUtzIY!FP@7An%_s&a*(<Zj?(7wuFhuSk_ zx&Ovwo?*K%t2Sh&)=5h#$@Sh^&YzQGqaq&ZKbC#6^4bNi3-k70Z{+-V^0*rBni*nY z3&7>FHng2sT#}er5}%S<6rY!xl3J9Ln3s~87oS>&rGWknZxFJU7&NgK7&I|QKniFU zh8fd((UO`$1acYe1KZ-j#UmOFvQi->wMfAaVWpv_fjX!RXXXJNk&#$}F0bGkhE`e| z8CVz^8d@5GS5AX=rGdBxMix;tw3$%3{rGrY=T8-Ht4qesraGB#?r<)79JoSNyK)DI z?SqNCT3U~_E;;q=q+alnlPYq5L(>Xlb&e)vux!71C`iqsW63pZhh>M(+Mk^<d2@(J z#I(?>0sq?8E=jJBY5&&uOnp+i_#`G~ojcdkO5Wa0|9>#CH`$+mcCNUA+WXa)<OLS| zJX$Z7*~skvRxYErXrb>WwPU+-;&ZR9zqnDjZ{^z0ahauR5_XQ-iuLchW7*l}Iv>&G z(*C1m*LK>b+3M#>-djg!KH5{^Xk7Mizkck~B{KqeMDITMHK*Pp<HDw8Rm(3L?yc*J zP<P(E%Xs4D<ugQMW<9&iUwZS8<BaKct5k3IPtw~^%@hAId8PT!*`=928fvPyu6`0K za1DKYzc|kPt76WCKGUd^mz7^%KCrK1jgv-1+ETaN0;cN%KfOc##I||0pRYgVx<)W+ zt3qI}euw*X%LC_k9dKfFnCYR&oxS|h-)UDb?sJ>#`G9-b0wq6-3kPis_7wE%l%Bb8 zv?tKob_z#|T4L?a!>Roua}+PE`YT?<+`o5r&$GDTc{}I6Z`%EE&!Zy8XvHa)UCpOl zyw7PF`&@a|EZI}JE4bQPyPEbnv0wXS(Nuh^J^HE5<#~3?t>=AV-u&}pt#Ap`|J@6p z{$i+<S(fJ55t9(UOpo)(uD`R+FPC>Xy!%WPSE#qOMOomE<nER!V$Z@pL)xWI1`e1# zeDn@Hq8$IXnqk6>c`AQao{{SMt-fQwLEZ{$w9Eu9x6haB<c00?+q|uXVajUvlf0M8 zj<?O1Wxu>_%WjT}^_iErJ?|MGU9<L32U9KEc2lN<2`Bd-c`@bQmCGxIRipmpEm~L0 zdZ+et&WE~Xz3*;bKNlhXVx{J~VvqLcvrpw|E=-A+6#l-BP2hjvvDv<%s{WH_3NQwj zeiS};e3_%;rTraC>s|k>*|Bu1F;CNx-|XMAo~pLQvz<EFW+`|(;%vFK&LJQExLJ=s zthP&(4p2FC;LAtJ4}zN8mP#<qzMkw;(Br<C**RustlI+K{Qr@C`|i#!IvlNizbE?K zQy#aRNt?J9`-C`2hzd#Uz4d2TN#6g1+ZLqUSQ#I>ZhlNw*|ZzQ>FvLL>to(!o+=jj z-L>-XyuD@?o}TSr_(VRuY~NwO+`lTSuky;|C%ZF(TGr&e{5+!|w8-eE$!cxSt!EXI zo>*0-C$FA%CwJZSH-F}rg>~qqosZsja><74th*kn>rdXTrnPAD2I<dz`(zy!?=<VT zYm$<R>v$FLBl1zRn<n>TmzalBw`ES4C6YgVUE}$T_cLeh+xq-r{f}S5?qWV?aycBH zcUR;GG`R%Wr?GXdc5Vst;#bgZ<NJE)_NA&W@3Tu^_<f91Q)P@)UQl=GTb*L~b@e@> z;XX^;4nAm><MHv8_h*xQ^mD}*tEPpUDxE8@t<A4epTNB2l}fw)&Am5Yeu@w9lzI2& zI%EPEwhgTi{h%;I)YI!PAPVaggC^DlgC=GVNMS8f5fQJqR!7qNu{pb`iLl1jX;)Gw zqop?k52V5y|FK?jklSOJg+(z=Mlw`zHwJgXL49!}Lvtf@6VOF3CdgbW+C->uUa&7f zpzr0U9EU9|b6R&Ap1Py^L~tdGjdbY2=Me_7Dq9Y}Z@t%}^YEbU{ibLBYu(#(-b8yI z^t!sc|4sXv`leZJZ)}-o1~FbToww%Jhv1WGHdod#G2T+SY`ucXZT%9N$3KcA%C>*w zo4~vE!}&A6ejf9AdbrJit5>|v^!3sEyZPoE=xu-8VbPlY%kKE<2f}k$C1#wT{B`4` zEq|0RpTBxU-Sfdbo7o(TyJNK!AN;Xg6@06<?z|Ld@Sa#!mh%g}`n$`Tco+V-bX=r7 zdV(2y<7_*&UqNxnN0%}DTlz9cI%w-8%OYmZq`eyw#PXKiRXxO<cK0*OMTbXz-ECj; zpEfU0Z;4|$_;tcw1KT6-S7h$7n7w4lw2Mi%G7m6LTX*_MpvfzqRsR+HBKy5!o+Qp% ze(9xFMQ@<3mFT-gk$o#;?j8L(LFs9SYvJ9AGjpou+uF{kiTk!sEMr03I&S4ZQT(fv z%5+aI6p(##*+qFm$NXbj&#r%+wK+mg-=LF2I%Lt-8Om=s%4Md;CSE+<IVXOR*Th-x z6<2wRaje*zs9|`rWNquWn@2ZxUwkTH<Qw0uU}fVeZ`>Nmd;2tJsdHxW@9e_b5BHDw z)E--`cVcSg>EcCwe!eQd<DRhWE0SKOuIm{!v+8;br^5F7DLef?^2)?@I7tg`e?IZ{ zyqqst_j}l8Ft0tM@qVfM=U}o5=f%^neU4is@Nl*3d>io;n|F)_bIzb;7I5J#@hiIY zk6qRA`10eY?w^l8EOf*n_KMM}9a-0}ii*0;P+t0MLbSw8pT}#R7B?B1b)0?q`v}W4 zk8Z}}y^QChjoGHTrIpC~zdg8Z=N8_?Gs$(=^~!su$!IBOWVeQw6&MTud+5JRxm@Cx zRL_gOsVC3de>o|B=k@VD2UzrU-Sjil4omm{dt-O`)Rg^YT&lb)tC?h0Ua*emKG0}o zoAPk~a$Uc@zDI6o9#fLIaCA)(Q<MEFt3_5y(+%%(Bp)sn*_oiB8=dh$Y-L)La^Tn3 z!8Z(NSHIjo*ZXyc*!iEa7G0hO{ck_Mmi$sKWhmjB9+IP<pZfE*?Hk26abLc4pGrs# zxmcL;<>#`+jmBoig&&qw#QUvnR=j88+4~}L&D>9AQD&cnzpQ`2c|1`o=lg@X>vp$! zY2@p@+fsRUg7M+aWxu|D$eGJH;n%zg-{usZcfWO5{)wqV@TZWA_Y<3!F+EbXxYuf= z8&^CbDAwu7Ia}|CKP6jauPzEW<M`WA<nZ2WC!-c8r!h6`Wwo+)pYw)6&F5=J;QkfL z^%CqGxZifGEljzb==C~g{=LoX)0sER-_4E9%*b3FXZ5BgbI)<>R=;_oJGY4XAD&tj zas6b@%bcB`HIw7E=zP$%eH)efU}dz!A&;4jx%1@Nv}}a7bo0+%r1D`|@3pE2-rG{9 zB~NWR<aJg?Po>>B;pt&;qZ()7Y>Zks-^N`y>wTTgq_O;V)&HxDSH9cJyx_c0mMmI& zqfU`&j8Zs*P69CojgLYKXDFA7HW4bEH=pJcNbh?kGJUy`7FU>AeTL8R&G}Z!A`|~h z)-OG^=H2G9xm7Q_rB`Pg-u}fM?6dypQmIOtE}#Ev?yKJOyV+#K?Q-wb?VdG@^Te91 zm!)_cb^aC;v#5LR{OEFt*P$e?Vy?TMo5L?{;A)*)XmfAz=>tZe87&o@rA;peZ{GOs z=;X{MJF%@AZVT_d>g0Uuyo1%PtL<x~`#$M>Mn!?0e^*}8I3-}oc}m#q{G7FG9ZD*- zne0ve|5C`Tz5Fim>#ohu4KA1~w-qJ2YI;Ow<d-kgYuv}~o4@|t5m(`fA_Z*y^7DVR zXKv(sf4EZ;G<5T)DyQqtHD>O4YP*E)UJ0>Wt+v?sRcYfb-Lw4uPna*h7o9GhJ>e+R zgvn`4iW}YUb<gr@*csZtb&>voYsTrf>W(bm!s7DU{r9too!@yrRBLZMP@s9(AxYQT zBlC{3jmPV1&dQa!w^kU;INwmj+_5a$ZCz1i4F|Jg>bmU@WtMK#T4Z=Hjph4+k{5;d z{@X^LnWiSx-8wZ~YISxgw~MWyhD~+i_DB8c{!ic7_#`xBhFi!nM)!ukIDY@YnQ~<l z&(fN2GX!7j-h1n)C&J29|KOj(Yt!d~Yn0A~+ul2AkSoC4diLZ09<i+lH`#UMB-Bsv zpZfiq?pj7mc9vhI4Ym6{1Kz$rd89_>bwl0lZ5Qqe|2uhk&h<^xSCUmY9}~Z@XT>Wf z=TFjXGh?+UDD1pG=LuS70T<3Di8sTx3blv&-d${J=(c+ad(ocw#H1HXe{-8}wAr@# zm*(7hrmss*u9&>Ns!$`dzxZL$gj-klSv}oemKD~Zct7^pORITL?Y=F_Jg&vHLBjox zLP2fNV!OzigS$?i5OqjARdlUj&86)hWS+EXemM6&Bl*Hsg)Y&=S#@nQwwydv_WR5( z1F<uU6OWY$Kh1u>So9V1KjH3_CzlUideQRR^P+%nW!mdif4}q^$`y#Ly>l;J*r!o6 zanJUf6Uz%F8xwYah*-LH4)^zdrBL+)-i*1{GkLGb&Q4C(zwnOtRN9^?{>#?B{qrt) zO}Krk>iJD={TDd??<f<=yZ2Q6&FYG+!8^CvzfkyjX~n)ow^QvsEuVjWT#zwaNv=_C zwgAh-!UJsbcNSdU8MgfK4Bh(Xx%Ydt=NR=FP5HoRqog(8`H<e>8J6r8)qmm`oa8?n zsZ}<&e0%!gV4%<eZaEfZo{*(J`kqI<E^f<9;LZM%-QB8^vb~dUwW@ox&G|ady~kg2 z9lQ0tj!&H9vd8obg_Az;TiTgq$<*HXq_l2#<`?5F%RE9a^7E;^c(aXLcX_Mn*}st| z=3hK(7o};k)3)W@#?&j36DNk1DjqDK_p|C@!raSiStP#HypEgPAMB;1`NKoo&bMt% zbp2_znUM)MB2uUJx?KETU#DJQyRP9YyU#YeIfWrJS-k&7{G9OxTsXt-1}M(YO9d^} zfF9KiUN(t*;11slc<IcnV$j5_V9><G0ckojq7=oTi7(_0sBWIHr5RkpY{6h#3?&W3 z!J`_&0uTWO@W``~0%XkDzz}o<w}H8lC3xAQ5i-|+0;35{A59SVGM#(s1MjrsF2BUg z|9I@(Ti>8-YW*;OMf%G9%rd?``9|(n9W#~)vm7+#nbqR_Cr0*v=jIpU5@#pI|L%PJ zYQJA>jkMb3(#p5bS{{c#U8{NIi<QRnrPVEFnVbK{mF-=uJM;1cKV^+tiR6zV)@pOh zqNh7;`oHdj-<!LZQ~jFR>YsZ$oH)w3DI_XQ*7ncOmo{AU8g~?YVC;UP98z;)-H!=! z4AY9Pgq%-Q-t+4BT&AfPx9u#n%H*);-}2Duc*j@!87r3Wl6g>A_&y@MF`z0YyTpyJ znR&+Hz7=_&%8c^Vn-3L#z9aEs%j8$3F4-&z3WeeAb3gA}FhSY2OXcA$#oLD=g^jU+ zA!avS5Humg$HK+J;k95@M9bwk8`OhWdD*~6Tz%(dWQ5K0M4fB@DOMyJ?k#(B_VYz* z25%;(-@m4N$z=U^i>2pQi|t&kUt@ZD%?17~KH7g8-e>nrj5jO$etWaD<f|{61pg)$ zy6o53Y$dyYv-6Aj`|lWX6mFQ?d(Fh%Xu`2nmG29@YFLW<E%U{Dini|cK2i0fy7{n% z-yF_Y>Gqq_S)>n(-1_m{Q)S`>*{olQmhZElE0(gc-w@iOs8HZk*m%okmf5~#(Y#qX zv*agM|NQyhX_uehyfZw#Q|{b!ofG%QDIj^>m)Ij4h3=fPUZFQvB#O0k`<v^@k9L`E zW8s+i;?~?b-_o{9tl?S~qGn=zN&4WGdMT?u?o~#4xBvL7&cA7Nd|Fh&n)^QB+$9Jd zPfShLO-xSKD@e^{U|=k8dc{`+&rPgR22HGC22Ct>klZBjPTThN6~%iZE0Wf*e7<`G zWvd}5b2WZO>V>)n8$yrY<PtV=Oi#^A&P-HrPAo~xNz6-BNJ$0H9)quSOU}$!(D3tg zQwY=ruL?Fd)AiJZEnVUkmIs~KnVMOw5Kx+wlbKwMuGi4iz!;QgxrKGYQqxmQ6*5Xn z3W}}t^&zX9OF&yHz-RrHr4}U?6{Y4VXe4VI7$a%(0!b8>W+sA;_RB0uEWxk?=J3>F zSdqaj%;xH>>*(wZ>M$FClBT(lF=(F?=w?*V+?2VIk*TGrWt73l3>88}+GeHW{*R_R zP3>@RcK9YM{<*nWMK193jIP6zcKmmkz*^9raFSu=)+woyN}}S2oO9A#X7RGvS>`YG zu3DA6y~}0p&E$zKX%95`cR4-I>-#REJ~{K<M83uGd>db<Eh_RC5^hVavb*ii{$)95 z!YwPOna4NPZx)*>bNr{t)+w!5XT~k?SWx#|JaxyS(j9W2pE}j9fBU)1BPF&;Wb%yz zPyTNXDEd_PZF8(sK;?xgcG)}(`)*|O`DwkeyL6^$kwmJoaQVDhu~Nb}4&SytF}><t z!Q17}YHk;v*PW7dKlj>Ki+%P>Te&26thm8h>Qr##)%(+YCrnldDb3*7Av|T9_nQwF zCOlV%6lsl*4H_Rn*8d8!h#8193Z;TpfFwI4C&JS$W|@b3XmY{fZkJW&OI`O*Z-~11 zv0~Bem$AJD^`IhBfu+Kr%%Fq~axTr+3Pxr|E`wA99i%0-1T&6-DO@#^fu@u?k=YHo zg$FBx7kETBF@E#)*kKuJI;Wv3c;?lp{~HUf&scI!iMw{|{XWL%*voP^{?_`RUEuh@ zWb*#gkJ{##Pnr-WbLX`t>(e9ij+@@^;yHU%(fQ@7j;E#vB%P9@nBtarNLaPz-<i9| ze(s!u?K`RxIbN1?*B7j=x_fiFPKsRX{yinr79Oq=dcz}?*UV${qR4IjZ;z{S)1Pfz z_~XfYH`OU~I&WuM?0XZ#7j`@~@M%Ct$9|`)+O|)B?wY5!`P7%<Nle`Pe9~Sk{M&hY z>&*IR+k}6e^7g&?F4&FD`k3F^$x)4UIa=OXtgbzu6qguIXwONVGk0miRI8x+uNPNy z<b8e@{j<ZiZbyC|^Ajg<8SD-%gUeEjKzGFDK_}ad;|stgU3@`NW^Q6pC9YMfpmUc^ z5G6Oi7QEzU?l5R#ZZT+L=7N^o`VIe-d-#<2J<^3VCbqBHY{13Fq1EPb&X$Fl*`V<h zQn4Kx3_AgbOPDV#wI~yGMh^6-Q+aSoW#JYUgGnerHiP@6mXzlgWgA)<SU^f*L+D|t z<_a*C5F-?H72NWR6cS5IGV+Tut5Q=GN{dq!^7C>k4P6bKL3){mZD3j;Z7&65Xu+>Q z#C@42;L_OK(9pmXR2CZ;fJ$Qv14Ba#_)hcT<XIdS(Jl|GstLN4GMi5~=0@C_Nw)tO zpGkVziZFZsN>Eq0+1#1=E9BTLiMUX$lzVL7dcCaI3fQFDPUv9id|;5cd0i~y^6Gmv zoA#YbO=M_WcdNhpLg!jv*~nRr8~3<3+?khj_~+urO$LqY371Q`u;PM|hb7S<eqro_ zXoE<DaDz}W&dl7z^i=)y%rpZ<19{L9f7*P^Oj0Z&{ZB7TwXNyx%RYR*A?u2Vgif`j zo`I^EGN?|s($~+)PtVtbWf$;%rLtnM7|0~V49#Y-iGSZM%X_j_&$GY1qOsx4(~Vn^ zlRR?<gFz~jL7F0ugjzzBMRl0dgXMqBS^_63=#=?7+a8f^QNFO|T8$~&xwDyjC-C0R z@o<vmTjj)L$S}v&!&2EYLP}I9GHc%ZtC5>zgLGyVo;|L4Us@}%y71z?&j+6JT6wL~ zU4ElY>#m*vIG<ag=kwCM%(B#?;=~;2tS$Ty^341^#09rVSz8~TwORHWG_mY7XkuOn z&Dsu9M^Y3w3oA17?S3L8brhw?173~3mu9)!g81BR0lpoag;`i1p1VU~fdHK+Mh*nT zqC#+n#(M$o5ceOUhSKpw^SF(SCbyHWi_ZQZ5!Iutd@Z4G;`IqLnya2gNLut9{q{7a zb<3i{-*5Nsymi)>Vao~K;-$wk3#ZCk+H7)RpYww6m#^0m#rv9x{YFZOO-I}1^LlFH z#S{WvE*AKQzj`e5_)O)yh#P!|HoHzfp!0l|xOO#zd6lDa#Y5vqp9Q4q+jaJR`}*DK z(bN6yNuBWw-uI8*eNyUT<Y*;Vn3s8)yVQ;2;;Bp8Q!kwVz0)B(r6=6?kFa26%iFk+ zZzl6O7(WZBvWa`$`Y2nKmOUdOZOP5|m-L!Get6IM%H^bJ)+6RT<I8L2hcX=h#*sB; zXZ)Q9#vfY}enzVcZuukjX?IvwgK96dp)|-#oNeX5GCkbq2Mb+2^orf6jQ!$tcJ%uQ z!JA^ee*D<L{7fgk`pJ~?<TH6bKWq7T@0{3ay0gGP`IpMCoaP?)xz@>_XZ<WQnmTb~ z`JOei_HBG(sCcY#YFHHC#zR*&E{k0AG5PckAKAzWUhgM}X~;*d6ZqX2V8N4f=A-T5 zugQ-$KUO@cV)^o~Xqwv>X~7G=#fxj*e%iiW5ubGBqy3KuCE?l<a~roD(YQ5b`qF~e zYh?Ga3x2qI`|i`84_A#gG(QV})W3h<!d3fiWw&0jcy)b4jFo?uegA>9oa9w6Z!Qu0 z(s*&I2w&~lsU|ls^%oR3R?n&1J0tOiYx|4|M_;!Y95dbj;s4>#j%M%otdrOZKkb+? zdHb8QO^F{Zp7~Fop%v8&E)NZ$<zZ=YY7zKk&iJBYBKG3&tHVn{)<*_StoIC>n2$kA zLB_wi27eZx3S1$*Cxy?H8Rbf3(7|Jk9jK+CumNb`fQ3Vt%P+ND!7H_>IJMGH!~nEA zkA+>B8zP|KoLN!{UkD>C8j_K!5E|?n6cQ8~9HIbg^ynGrKpHNpV7a2w;u3|RU`Is% z7Ryc>0|O)EdnHg?D1*nTgeCzRgi^)L_zvIZ*nDA4IB(h8v+9?9)&?{uK3b*V%c+~f zdFNc`{4=&I-+ViN@Xp7}8?RNHYY1w)-?BWm$4YWb{Ib2Za~CH&Z7ch<(pr1sk4O0z z-iRqo;Iw=6qU5B+mWfxAQf}8TX8YJ7ku^cdX3sz25A7n=-=4_#U3n6COfcPzBk**a zNQnI&<9~HIbN-9XmDn5DXS!^8+KHm{+lpx$ugtDsJ`iB_;>?FTd*=E4ThBVpR6aav z`~P!4ZMW-e`xbKd#B(7l-*rA++hb;J*{)!Fs$R)tU7dAC8l%f|MnAXU*~SUqr|b(h zpHS@l+30Za``fGjmH1^I&+bW>eDBC{p8F4t)}5Jb9au3nz5AVQ*gu{Nnf%iHpH<be zjdQ=}x&JD5ep<)3G;O11jZsT-Xy*~$gOfuHB!$;pt~Fo&I@T)3H0HMBb)j1;J-P4S zXz1dcoYc29?YwHo*_Is}?Uz{c-(;HiTF7T=&F5^^m2qOtXLh7NdLcabOmx#_pUrQh z|KEFByhhntmtntYXbGq14bKRv`blQb0w?i(R;!iq72k96jkDT?{f_YtD_vZ^%zPf+ zJ}*E%JY<F4-;!kgjRC2g&mx@koTYrWd{A|d{KX<S`HGsGS3u*Yd;2Q3|4A2pcrv_2 zjz9U@%cNb`;zRXb#T?V%U{ST)!Kc0Qlh1S+c6;8SuW#S$H$k_yf|k!9+Frqx`=eHA zdz}wycz9#>fw`YHF{hozSmnqM>XL$Y!9veDKpLjwfo_k9xl+S>{ySr><IGf^;-f+H zPyaYSldWF*mb2*mc}$_<(?mW7*{HWq(ReFw#b~~$>`!pOftK0Fvi)}TDEcqz3r(8% zIaBn;o{q;yR&oD*zv88Ls1}<-ZfJ$3<hyu-7;hE9(Elp4^5V3#-*NlSum8?yF-2sm zGdt(+gq81PRtxnkm=(8tMpk5Qw>`)26Bk|AONgdS5aKV^&^!7_#qUqVn-5=H|0!*L zt>1U)rfVYW!Rh%c%8L5Cd(77F=Vd)t*!yf*zI@KI!la`&E;JYMd`uVY<e4MvQ)F^~ z&(*^Fs|xQv+?ms3BNUr@Yj3#FHs|dBPw)Ar2?m~@x$celwiksHd+vGuyK7pwNK}1_ z%=yH}YP<6nr>iQ)KD#T+t(PHf-L(Eqb9(EQ8G$7mcg}3+{9j)o8B^(%pf|~3osYSe z&dK9RC-`E&n?;{`psLEa<*pR_oN@;H3wN%*vAyzZxBZ#cYx(snb?@(F`u=tLtgWWE z4ySKu_gbkjPr2`ZjC%IN4gR0m-!bT2iEKX|<T&-!7x(M$QXE5TdLx;p-c6c&Xy>~q zjgpq7v$sz;&clBHYo}R>(KU^O8#Zu1nB#L;=GvdfnOoi68ub@7t-hS>QgEdAzpnAF zwf)sw3p&=>NuGDmxbf%2gx#?-mA(c&i#RIZVd(s>L-zWyJ{#vO+2s=VYHh_nCjC4$ zVZ~o?RRLR$o}QWysVNXmXV4B9L=%~BBBF9AFlb`UF=%2Afm9BtXQF`yD&0{l12F>; zPzlZ@%<G<-59!f*<|XSHDj3Lt#F>S~;o_n2Mk{#BikvvFfr){!feEC)2|6*w5{YX- zHH(^<l#qu}z_;r%@iQ1SF>x_9F)=c14hcGV((cpEI~#+gA~m0HJnX9R^!mlOM~`|h zTvbvXzTQji&yBBf%kv~}m+<(TMjLT6KED0Bs@(L|s;CFoUMvis@?pZ_lCUW*2F!9X ze%h^SB~4X4Wef6s&pGNY5M>jI-|lp_x<4Y(<c=1{Prbv8%amMXeAt_wMW4IiRl{;w zvRM7Ysu}fq>-}E0%c+!S#cq2M?YisE;f1XEVSW7qYD+y2>s@zjS9;*zb}C`(tA)u2 z7^e$V?q#qM%GDO#xW;?qJBgis)9&0U`)|GPd_41kKh`hyxk>-O<!~tI`@hFl-?Pe1 zFWl;V9Vd}xcwBCmjkLzK?2u!tqOUK~k(NBOi0Rwx$i3#-ZCi7jcHMY&GHlOEvxvWT zlAqu5sI8oA@x%XMtP<OW>8~EHJr??)QCp+g>erWQ#XyFAK^EuErd6)^(iryWLNlj( zV01v%`P&{+v3B22e@p$I^Kt4ACTpXxCd;bmz51Qf`xkC`@xQ*e=RWht1iuJDpVy1+ z1+<%IF&5vPlH0<dp0?&gfdi-0q_zH&c@sGURc=hW$~`4<Q~Rd3|7V&0Zw)#1*2Q^^ zw2fG{hZmQOLx=pNL);9k|395z@>;TL<(Zk&=IBQ}sC~F^H~XD<mZBI#lf!S~bsyNK zOi+4u@y!msyOHZ|E;QdCVtS|8$iIh0&Un*Fw~sesPJ{-W%-FkPml-Fdl?>X+h*7j6 zisrJ<p$~s8G5h^teoRu~TbnQL76RHRM>b(qfI8aPhMWw+qj^k>3~2|CDSy8CKrb); z#rbs`HmLe)|FDjj?Vw^Fb$Yd!=l{*6mBtJ8a|^^xCjLvW>wh!*X<XCFP<j13R|46E z{;d(S(=k1k{O69qYu?4HF4Ua4ctJl<?}$j$y%&-X?T(#UqWN5}Wfhx2MOjF(#*9dd z2MoMPmz`=A=dZK1>bd%>oL53yj4$5o;UBH71}f(tB=b~9Nd23+%SmYC#4j}&k50T; zuk-3;-MZacw!ETuOr~y=C|Qxke|*aq;UiC?-*R1AGTle(t$vPBr|n1ef>l|}L5lMo zR-^}f`Wz*H|Gx6KI~9J<X84C%1wVfO>C61%H8&#GYbs6O@nG*ny$xk=!UfO2*L3;( zvb8E9`AMvCr}$07RkyBvmM|?k->$8ntlSdY(qkXKpySWXi5hB|Gq3bdciGo>)nnrl z4b6|DTOK~0clSsCvV67coHkZ6f_%$z%)hU7Y1h#>exsym^M!n`@ZF}G>I=GGC@ybL zF^fHOLu}3QP3jJlLM=3U1M}{RqzC5|#;CRUmPT!>O9)%(yY}~Nx#^#IZ(f=nQhv); zX!`@X_Z)0%ezvy1Ty$rBorF;H-!O4Uy{no{wKKmMek)vgUWZYADeKNvn>_rq-p`*L z6gbr;sJJi8N8I56r^b`+ERW#ZZ_b8>emwT$<su!QWf#@r>()p4+>&4RNk*q`9h2Cl zunYR(!R{|6fs1O`Q8&r?x%nyixCSkeO6&l5iOr&D(8MBZ(8SCNDX|6o8g;vxQXg<L zy|XiAa(ilvmgo!`8<9$IcPH4vG#tW0?nSAIC8<RUzKMCs8L7o3sYQm+i`m$P*@F{v z((;Q^45bV}XSK6%2@5*=`}({1D>yqU_+;j0mZYW_s>6@5fyv<+m@qR$ZpRy08X6(p z4>t(hNN8~3f<t$A(c_8I-vbXyhp^1JymJ4+XI-(@?Z0<-oa240Z_hUE!y?Uqnd@#_ zFAU#M5?FZlt<ywb$A2qN+{kJxciA18Ha#G2%N3mhm-DyGr#fZY7#u0w9P~lacj1j) zmNhc-7OTwt)GRh*l~|4QY|-fL>r5v8yON|P;Wo?u^}(MXCxpLVQ^nhTyT~9b?dk)! z#RYdVZvJQS=q$gt_2uvMT*sGtEcY7SOk(=DafNN3`J6}kk1j7#>pr$4)VbrKvfa{4 zDwbL9s~N5=+`LltAFus#*<F_d4{|TLwZ`IoXn+c9s@r4}f8E}-$F3+!Ug|r=npntQ z?EbV%QfM!W?>WCYOFh=?R{IVqHXHj48oR+`+p>HtVk{!u5l_31`G}e?aad`vQgNTV zSyb46!cACDP@7hs1=Je0TVS)ms?7pAXqjA;0~)H#PsvYC1Tpj>2@AA)7Ciq6>L0=n zV$e%2%0Wx*;DH0X8S`d;lYV*Ka(l%(*&+$g%k58`n_k<WT=jLu*7u<`ib1JAukt?3 z`C`{Ixp<-;(-A-R!u$jM7Kt1y<QlmS=qu<uc2B(H;kxJJv3tA9vW-tL=o-5DynR0R ze8-gk#s|V)sI;l=xM5*&Un~2r(3#`*?&3a+4zW$+ymtGay^WjW{fI|l{5IAHWhR^6 zv<O=B?!+5C1HUPzTU6w|D>83=VzM|hHE8mO0@cVl3h77Q{p=1;{4%Mm*1n}Tbo+~^ zYp#C$DjBvc>h}bh^^;#emAR5WJ(h)UA9wRI@#dWdLJN)>i?Z(I{e7IZ?C}k+-ajVd zi;pR4>@#pRlsjIrFCx)mjrAkORB#bv4jnkiOD)OCPtJ}{EK1C)jJHh&FAYi0&q=Y3 zPdhrXBr)&suHwUMOUe!}%&SByaE>7g97%&F7EyyHroWH^ht1Pb=LrMK!SLX*)8$CT zj7KQ!%sh4;4yV$T#Ddh~5<}S0nLIpxsU<%7$=M3tX(f7w<_4yqrXx3xUI>b7vNID? z4sXs@&_IcO1<({X=$1`Q*sL@&j}FW{N028KG{6f{6x{Q3QZyCZ&^-wmB{eiMG&D3d zurM+NHAF4I`=}vYgT^7_6GBDS5tX>&ecrhuhZlZ%JbgmmB?DJEn|J9qQyxfl)t@pr z)%;lD;Nve=m#4%_)kNp+H}G#!|2ALVbI-AvToXR=f30_JF;5Qcu3B2~rz+xX-|V-C z-EvwAVsCwBoS^*2&tPTUL-pk6Z&Pd*>^Nzh{7-Dc{|!6-USDzGz!YchZC4|g%?rDr zB41Fs{<dWZZ))jHQO7Ba>*L;h>;3qDZOT7|S=VD;|63-{k+QhEEOf1$wMK$oyXuQo z>*bH7xG8KesJFT2aeG?ucFXc7Qjd;{wUkYd*555D+WI52_3O;#D?gbmU%71=^Pl`S z+mM<vmf6`q9by?wj_b`Vo%^(dd6n-E=1Wdx2c(&p8CG;Jb~SJY4^}}A3xpjd#ez{v zAsT;Yex*<Tux-bMr3d6b2mkE}zTbR(8gfAcK9z!zkzsZHI~lQ+b8G?`790@dU|l}* zSw3S&NMhc{of2!k*8XdBP@bayyR=4M!#hc(v5EU@;zyah9f=mN8-FD&w2n%;JSFwW z!)LioKlD`#HYutdEDDtG(K*~Q;c!&{uJd1(r!IXx<Kl1DO>U*4%31lX$p#G{uFjL! zlsS~MAs{k#LbUY?UW4=dYwOQ_oZGzjq+6cCvY&~8yA<`S_bnAoUU+3{`^R}ZKX-n% zZQZfs_P(t<HGkeRXJzo5!rbEWe802d`O<FHi(i(de4X@dHS25JmrJ?Ll5U-0i#O}u z7H7Ca>v!C@!uu|2^Nu{@ow!A>bZSFjmbbyO4M__pf1G{e+>zu``$+eV;DW{!TF^kR zio`oj6R#Venv8s-P!+tGVft&(#PrjkiKzin%<wWS>#o#fU|?VfxG?c2@{E*0<9?)~ z2G3QN&=Y;Y%VJW&2lzqV2wvinlbW8Gqg#?%lv`|QX<!a6f`knqld*<Ipye%~;Ys*h zY#NTaSYrc2kXB}4En@DpRM1s$bv6VQL54<#MurxKrbed5;4{9>AzV`scNq8($8>9p z@W~6iaviH5<y?3j8lT1_rSc`ZGt>R?jzhH{KQSGhzu;T+)owP)HveFOTy_=pg$sUM zb(c)^sXaAW{Z$Fi`}}E~|B~Mn#G0*5FJE_ZZcV6*)uQA;`LB<YuB>!tw>zV-7}TUd z?S-*nPQD^?`u61KQg?e_ax4pNUh*I-z%f<O$rCxPF{d*aq%avIR^E8(<bGdfUGPlt zZTT{_5BCdBxyam6`lPpWNmsesz1+n2OkaO*y?^GP-~WFrpDkxHh@N@9)tqf>HOJrA z>fK&bem?xQyibkeMa`s)+~OPgYHJjkcFf$a<`}J-u<n9~)H^nCR#Js#rIggtlH%ly z)OgSd_u2Wm&^(nGk9@mGBs}XdFE(gmo^Q~^)DFoyjB3b*6=)Er5GljBxEjhBNP*HU zm$0x4)Fy?H)ST4p{9FY`cSFR|1;jb^kdYqfLH5c9iXiRG!crL8K?jt8dI;b<NGvT4 z%nd9-HLU??aRDfo8CZfA7Z?~s84Q4v2vwJ>xfh#0=++e3DAKy#M&OBMzG<x2y1TCu zd#8GS$xm4<m5{b%rGrw-%_~cvR!rv0U|hS?H^%DR<sB=W9PXcAysIfPYm)RDnOV0u zv{luAW-7aXeDGSQYW7!QrVDi@HHYTeFhs8YdW+|)k&X76fLqrN-)o+7Y6Z_sBR&p~ zu;{Gcw;o1BFnY!pIogP_G4{o-UA1HKmb3F-FMpAx8)S0Z>U~UU;H}%A4S&8XoMCh% zMAU`n=j_n8Ywt^NELhyu<@qj{wO`Wb>b;1{*_X0poK_#by8L_w|FkC$6K9kqo|ss3 z&5q&G#DMmPbGe?aoqkF7m{slRJ-3)muJ%PUe$8UvF19Vts~*zA2jw6{1~EKbDZT4! z@OAMAomINxIb55y=NdyZ6bq~>WyPpUk%p+j;~tER3{z4f*IK4L*L*GfFY0i&aQF!p zl@BH52NE8q|9;uIta<;mrkcDfhi%`_YslNJxn)MxM(dE*mg4SpQhnTi<P9SYSvH*$ z|EzO7$t?7d(v8m0Ei*h;rTn@kV|K%(A}UJRDt!9aDg*y@^Rs-swfhz@Kel_Y^2(*^ zOPg0bDzaHS?|(z&li99YzFBWLYbiOy=;<rP#0gIf75hv!e%CkkY8ANkyvtm1Uu5!w zPput>!B;{=S_>+_=&_Znm+H&!==%BZ=&l=PPnzF6Pu;#hIqI|9`o<~dR~&n;DPNO2 z|20F}C3#WQuH~kY3!fIS&gN4NpE-pqcb8?dM%$#%5-m4=Up&tmmJ$xm;5yI@UQ(W% z2+h>UJ!Y)y8I%$EyxyP*bnzZjGBlqvqUZB?q<kI{4m+2Yi-$AB(KFo9PuJNI*2CxK zVTa~bLoEXhaCYWV3<-C3BxZ$yg^`7Uxsi!6=r9q;g?xslkOiDHcL1S0yrHgW#}ei# z&z9fgw3z56=+M5rCNf2&daIzo-GBS99@riBs8#igX%YXA;0ulqT^J8-kvVMWB<9{~ ztW>s%E1&<VYJh)h+rIrX^aRr7_6f4Ku}(M=d7-94U_(R9_J_x{OHbF#U$^z*TxIj* z<#(JG=}uyi4meo7!%q5S7)!T)(CoD<!(JZzzjkFryTP``@6%oXNQPT$=Ra}(GSl^+ z?8hI|7k9{-%f$3QC{vvk@MA&9f0qem%9o6e9bV10|IhFJpV!t-N@9xEyllF7@+{|+ zgxF2LjQ(4*toL=u`g#2Ed*#2`r=Rk7TkyW)`ty%}#(V?AyE#FrKf4?EDLs^lVBR%R zx)XY5A1Du#Pzz>RM631Q>yG;5Ulr0UDe;)YblEPnqy_F++gvTTy>-8HS33_!NR~pt zq<tG4ZFj1rG;`^{a5yksL%qqs>*VDBS<ja-)OR|~x+eHE_?-TkPq$c){CgB|#Hy|K z%&j^BPU}ggTEUzCz1C*EnG^f$!u!ivY4b!iTB}|(F|3hW&Y2nJbU7nXVqeIt{VtBX zJohQ=%8Yrpqx|f-9Qn1)(<Ey7wu)G`eAIZUyLeu;Tvbt2^XAI@_gns4;945t?{@!p zZe`@B7Nwwd{AYgGSU=A?<(_!B>c{0tEb==PS{|B(h#hyhXWdnN=l(HHpZjla{l60I zwD9DoBw3|qo9Rb?N+zkVNmaUj+2+{OzD>brJkRYh_*czmJmL4-OCl5H+1G>fFl?G7 zBR?-aJ3lWyz91jz3O?k<?FK~7H8E&nHZW*nl7Qq~CgvAt;fpf;;o*&RJ-Y|g9)*DX z;u55J78G%4u60xZw=KbEQ<{QqHZ}xpN;Wb!Ff}waFflbUvW%jhMTD~An*SEtUZyd5 zK3=rt;e?+K{gpo-?XCRBwD+CLBw3|zw_1xb|6RA|ymEKqR;D=@dZQkO9u8>Rsi}78 z@y!JvGnq9M8eElh!<JizObt_tl-IZ~uV9<I$ZVhTf{l4wH>%rP26Mhzo%Nz*)1lOu zzWp_aD_YLZ6Z`X3&tE}{V}AMPqjE=P1*OS(#61>Z>sOlbFttxQRyoaj$5Nxf6K$&& zuAEn2Hs#Q=ob8SuuAX4Ccy@*7(PwL)+<=}V&FTk*TOw`em6mL~!4zjTq3VE>S<#y; z-#hP*Fx(fG2#;5*IB|`uvV8yd_1nvKF6C|!j}>^8|8VtG!T4O8#WB9k(VsR;b~SW! zw?nE^H3Jnay-#MeD)SgxasX#HKDVnj>mIe=jBD&>n&HUN<Fn`1?RV<ZP0zDj--vbl zw=Vd+sbFu^v|Xq2a^Jai=RMcbo3>ff`1O|gD>j+Go3Ud0Hoa}>>Q|O|{*{@WS~kx~ z|Bh15EdNhYqLv#AuWJXs$d#FK;HK7>g-z90PdYAAW-PG??dIR9m%d1W#r)PB?#tqe z5BjH9n&h{5Few;IKQnQeKe6CTLtKmVA<auULLyHRd)Ej|nAZ}p`@^(+*ZEzaPv!Xk z60{N(bvt}kzByXgQRr<zx}&hI;_4|~tNdyXZv4Ic+E#V_>8tY|$UeF#qa*L~=+C~1 z3+Md4rWst^Hb3}=Ghghr<fcN|hLTg?9x-L#i~?sj%mpy1$;pIA%=uN|nU86*K@(HI zK@*cGB=ZTxbk95*HRb4~!mxX1I~&fZAvgF9=)C&H)!A7Ab$kmxyb10l4x-gB_?(KP zyC=0KBx>c)4CUulS5@+Zk44?^UVZH9wu{e-3)kJ9bB!nQ@9hPh%sW^`-h`if7i<4W zar3$FSGp=6EN-sToqi$l$j6y?R3|2{t~Xe`rQp%=g~oF}@7Ie7-Wb2R)~LSA<Z)#s zxVwjFtXe(fY`bz^^3b%h63?<b4@{3GC(lC5XjpoKNb9?yi(Spq7m9J*c`}{BQPywY z!(_(u)~lQZQx?pfV#y>}8B;C$D`n?9F{jP@yAE+4dGlnWFOwm|ORYrro**x8KZ$~G z*IcgUeQn;A8?jgAW|+sT_eU1FHFjiKxm{d2+xKMRt&6eYSrXv1Z31l$7MCOzrDdk( zq@cG6QxPpf&<b|s?%!W{`euG;(8PS#po!@yBz>bEVF@0a?MG@Ch6cmhfE>c?jzyVO z`FV+k&^2D{!d$`0`6VUADTz6$unWt$gk^$Z4paz9P0j!vxSXDuS_~N*F*GtT0Jk57 zH4(}nZA*CDHWjf*RY6z59o#!Kur#nlUf5-hG9fhRTui98+xzw)^Pg}1f0#DrN6+`T zIk)oBqV3FyVG@Vkw_QJFYpU1j{C#2O?0a2Oe}xt1Z1F5N(hU2%^G(lPrC&vN)Dx$_ z`xe#mCQou_r_P<0=&L2av*V9;E)@vsbPN5mqg3Wu{gaS&-akT%!kHw0h!;k_meXJ_ zIXc&4U(S{<OE!E?F|V9-;Eh{c{lnZ~pQQC?<++o0Th0Cbr;=etV##^6CWqwDn~Jg| zd1s!w!dH66{C9Wf!N`wE_3@kIQw@GB-|kx$C07<_a^S_Zu$f((Kh!TdyZ4TfVa>$z z58?%XWUum!xj1vm#YK;kqdCjAh9y1pE|HyfMePa)OXP(ae0<OD{W<(be!@pcZ3k+2 zV$7<ew?q*cwuZ+@e)&y<`XjX&i<4F?Jhz%XS{=D2gblO`M*dRuXU?B8(|VSCQ>*2b zGS(?^4>cy|CdG0dTCn2EhEj`<CRuZz%<pPb3w)+?@tAJjR0Xd|jBj>yrB@q1O4sX| z%B-g6JlD(c8{bx*-P<3T*DLK}Sj<-)^gDaE^^wb!fqrKvd`V}QJYnNj#miWGG~#*g zvsMG~St>^a9<Y3W@TvaFDz5)dvgU86JWYudQYg2$Y-DHASURovS4RKF)92)mzWFt$ z?tI<GkL<eJ{_H=sWdDWftX_LwNoX)l*c(#8saSaVVy)~=u?;H|Z7*;!DE&EJeVQ}H zmD}2(@q2BJ(bpNLBKm5z-c5)sPWfq85~sTGYZ|Lwy`|_%t=|FNeXW_0O}-Y;(gMD| zhlo8d$R$QMyu@JIWYEO4&Y+3O6jEXc*lhaZ!Nu_C-)j}?xCFby*{C(*4AjyC*AgJ~ zK~w{C1^8MZ&>A5;8(Pc^Odv&wE?fr@J6Isa2;LnmgV*UeYE03MFa9!%IzL_Wy4_qb z>HVc<v!GhnaBi>O>JV$Iym(Qj0|Cp<tLoRD^4M`aAX!FBk)vjo*$wW07uAkN7#e7( zevXY@ykpzaEtB5n=*)k8*ST|%jkm`{*?>1{_pc@B?NtQVm?Y#-(RkDFz|h~So7OUC z{$X7FYoB1~RpitG9Ux7a7P;&N=e_P-zoI%iKFCkJ?6%^Qmk(3&@0@sx+j@?ZSMoiZ zd&f{_(}Lv^GL;XHn=u(!g{_}elJo6%^8@3{9Ptb19EzUrc5U0~iEPP>*q$4&v0Kq7 zbm8=_3zN9F&6~E0g})12VQN9MKx!&l3oscpvY!gAJ`<7VF-zcyo`v0@iG|sqiRm>o z(T6nrTu}Vhp26o-=Z(jO&%BTe9?+m^DN?d`bv0BnPynS-E*?q8V1-~v)mBoRnp%{Z zn^~NlTAW>44BLncx<kMftyu>eJ1t6u_0tR`48+)AyRA7H#W)MHGaZVv^-@y}lqC2; z3ndJ}8)ZRc6i5Ix%wlK`8axH<lN}(Z5vl`EC>(h6;HdX%_KK;WUEclX=J{XJm$-Xl z(ktZ~s~4skRlV*L_n&ryt9s(1<ecL@K6;h=SF--ejG5Y-^mAvy+rxpi7bZW;d2QhR za8K?2pxNj0s#8B%Y&@{Y=zY?rj0cIq2hFDbe=}v5*}6G0%Z>P-)@(VJU-GwF;>DWq zw`>aDMg|elf6uOXw(w8Ep1w)Nx2G?!QCw$x@T*6Aj{4sDswIt~8@`u*vt5#sea-** zIfu3Uca1LZ=@JT_akBHbfUIxb**f_!Ud4jeZwk%w-*(Bf^uH?aFg^1BmEXc{U;AWf zm%}bsRLf3n@4YVPm6mcg=IET}hle;iX1(!S{LxNE=Vp%VLT^YN*w|&z*bW^dMY^60 zcP%LNDa!6un9TmOY->J#R6V)U`-;d+16R-z2~`$50~^@RFlHt=ixJLZhO=1UEDkt} z6D>`HyOq`7o*dv^CF#E1H+=EGwYxWFUFDy5`$_WAzJ&o{lc(*lIH01GwkKF5aq9jH z$F-(e+Sh7q7I09^I<kI4P`SjzX*a@RAKx{LlU*JVvf!xJlT|%ay8P#w{x4g?COmP` zqFM$Q`_RixHd0rk_k{T<>A5*~sW|9<7TRH5Ahl%LPO0_nj#60?ylno*?ecbN`to{q z3bq?XKl5fe@g(M1N%53eu^GZs|NXwb(dDUC!5Z`IXPb?SG)`^~U+|4dtb>hv+cIwj zjVt$TyVsht2ABNHJF~}GyfE(P(KAvj6W@I=<M~|lrD*N>A|^9-_w(;113DAVyi}RW zf9SOAr~I-B$Ip}=oOX0BxFnH<mLwQw%^}yAm*9m5>u!T4*6pBa7D(a2#EKrY2ChiO z1^#2@pjU%23kzW!D+j64%nS{UObjiI%)#>}pnE{UTw`P7C~8?lXp!tJiBsNFco}rp zGi!Ez;BP#!&PTFUmSg^EO_$cs`i*Oi<R-Z7U)-i9CHJpRM#3s)PJ+0WRY|k4L2Y7) z;OV!kA3VFXsP1cazQlGeZr#5x?cQ@8+br<%&LKDPAF+Rz-1<MyGiuH=<7X<<zT5AL z)|RO<J#;Po-|Do0?p%!o?f2Ic4j-Sqr`K%a=lUPF1%;2yDK9&?ZaY&}W7SI6=0~j0 zc7`3CV&3mjn5^_hJe7TFm-qetV^LgBH$0Ay%NAVC^RxA}%gY}u#h+gOi<!~$wRnB@ zmb$Z7VwkjjEFW%~I#t)H{rc6-6P&l_2!FhH_uG*lo%R<?zfL+l@oHDcg$Zx&<lgH% zlv+5go0s|Toc+;aYbM=(^{=vK?d$d5#ZKQotE&A}{`ai;j{?tF1@m}3<J)_3OBq|x zGeP0jqGV>42P|gV3X)7ON|wuSI~kVtp;Yxw`a!<LgpSR27gzjQd`ou2#f{1#_g%_z z-#XqnxJhYSu*`i^**go%wG5x=etr7%_K64opEg|QPG0cecp?8T9Z}I&(>GsQv~}O7 zo@sJY{jxbr63utE6&qilK5d?IZPOB;#zzY;?n;lJ%Dz}#@ST`I^&VF*pG_>6R=>ac zmnZOCKo*DL&xyBq`cq<<4_kFB*yr`8+ge@wR~y}NGVb@8#5>)_<(FNIOgWQSCW#5$ zn5XXk+gkDQkJqx%(4uUELE~D?q726=^inNJdpvxMRavgQyYP+qh@{)aDcJ^jpmI!^ zCEXykK?IwEg`P{?sg$UjFmomNh$K5MG2i)Y(JR&!#_F@`r#};RZ9Zc5?ehUO9^S3) zDX~Ac6rFTi$}FKC+F4Os_G+3*gSf(-=gmKQ|FG}474NH;zNzK!O_x9A0gcaUww&bU zE(-op#?J2OK8@%1gC@1fp*{bU<P%bB;-9N+{%$m3M!*&G!q9J%6f3?@t^D;vSFJrQ z%%FUkd4+M1K*T!x#J*2i8{bRRc||6l>Rl9eb-DhYF!}SA2Os_BS|O@a>syt4EN8ll z&87UqUgBIoCR_?%BpJ9=ce>*(cK?+Dw<h#XaeHX@Vai_t28*xOFB~3j$qSQGIFldI z`&Q4j|JuvR_Rlx!+_$=>)N`k0w^IIvA5V^1zGUgJIlSw2XjN{*OqH)WjK6<O-!LWm z_1{bRAImd%O;eQD><C@Re9_lQ^3IRa$gssfS9n(bSkJdpa6!%XthXi?wy7mqNVW6) zc=1>7@`QT!iCVJP>S9`(XKt|Iuzwl%)0F+m$)vpS`sD#rzwbIR`&r*2#-rEL_E#o; zwvl<bvneKa!Qq!TJoZX15)_fl+tenVVdr5k)v-NxTHKuD@70qy9!->tx%5%-?k;hs zrs;)^!G<g6f2&Q}U-WSCWZ5%aYEhgP7tUShZ4ld1vDB*Fr?+eARk!J%bOd(p2~j%0 z7?9~a@5`q5xj)|A`uKR``}-67L$tV652{HX2@+sUz1k%3>X6}CJ#c}q0xj@CN1T-A z#)EfAq^88@LAK+^qnwiD3NQDW_Zu`Z?>1;+S_~=onOR&8pw+1cbw~w&fDgQ#C@dM8 zmsyosl8-WGq7ba-s0Uj(%PlMi8v85FMQbZMLiYTZRKg5n7M6r61W&}LroeX8!46xp zFf=d%ofB<tYz|t_23}liXk-B54!HXWwHhD)u3cQT>(GajBJE$Z8T}sSIk4}_RgbOz z9<94M>Ud!M>Lo_Y65F@s@wZ(vV4D8pdS>`S3Cq~5l*(g_k!x%Wy)0@jv0U=jc%cw) z&A#Z2Z}IKV>->+0U5#2kt@GFC)frcm+alG^bE@xIlULL%V^DPe!J?O!9+s3!?$w%C zEgHfiecjn|ZK%f4M^d}L9C)(M!qfOnS?hdD*Go(0eG=*k{895nxBlyz_}60dH|k#8 zb!MVdxsU3}2^RUcKb-m9CpSIP?rMVHGgghao|VGhyF6~||17#}dFr414U?j;TO7_C zG9G?&Pf%ApR(?mo#W>03nfKU@HBJRg{kc5kbVyr(>&l;=Ow5c7jM)2Sh>;SGva_ez z|EqjEdiL$^340#3n7fsJ#~9kgGVQ)>#ag9vjJC@b|4+K$F}FLeXhVg|<2y3zIsYnq z{MxH^WM?SLR)NL6>i4*tk}tfw$75dU7_GEv!z{;`Wd#qeTqr-Se3{`vPMH3~OkUob ztM)542Ha#@y5j#-^9!r~J=*+rrmkyC*Hb6X>m^M3-#c&2e7Q&cihJ)aUN@QY^CC-R zb}lhIGDo9?+2p^mq}tM#yd~T1rXMSNp+0SK+TDliJ~>98ni1AqT=1k#>XM=3F8zJF z!ck@UelPqQ`Rt>al@<u?ON$WnI?a4!i<Xw|H1P+PA$vS7m#NR4rOUSL<QvONt8dSr z#jVa{s=3i&>hqs3=7e@gx?S6D^0n@q<*b_)9|OPp>wxpV3^eZ-7w71L^1p6zUSf7? zer67|qnN+4>gOwXo@csZ(8P4Xpowt@B+rXP*k1V>r2LR0Q^n;)OIgh$2P0ok<U)X( zmBBy|e%KKYTV7^brY?9Q&JeWv#S%1E4w;Apam}DyY+49r6;08aJwkPDQz}lzPVntm zbEJ=Peae0-JB1UP3_rsszcrh-#_1sc8~I9q_YiOKTRQx6B(?N^8cpDF{@%B-*6U1- z&$WMf6T9qZca|wjn6$k;8!K_;cS)qy`l45#ZH(^;?wH#u7@L1WZogGrL|kgHT-N%- z7V~*6&2Jy!S<E(tQ{v#d9sB;?JKDI^#dP0c_iz7aGMPuEE3!;k`1b95(+!8_Ue~yl zz;^d>&HlB_lb4!&Z#h!2=Jo6=>37-eOk)ZkC)!+cRo~fhz`xY`)VW*v3$JC!m`(Nz zJyqYSa8<!c;$8axIG)pAuXD~9QJHXVUwrB7n0xH2XLjl}PFQUBBVz)q`eR5|Q817* z-~=@*gjtvj7{I%eWd&Kd3^<x#L64LXU_*!oe{<)v?J!;4wsifQwXbFz`or94p7Y+# zW2*Z;n~0G4v0oMmg!uh>Ja1?6(cI_Wuga~{#1l(b=1vOS*jF>_+*|GB$8sNLPAd<Z z%5n63pP6bI=R=3Hzr-&m2JF$Z)|6vm@_C^9^JR!-i~b(H{Bv=W-!9mBcXEBrp|%t? zbIy124>**zb!li#v}IAa8DAlEIZrGlCSZ2V?A-I$-<&X(-BYx9uh{DA)%F1@mJ1f0 zJokmy^SXX;h5z}AJu(9MY5v+iYw`;(ez>`E+C{#+XB~$78Q-65R;j&F=)FW~(YxZZ z-J(AK7JUy$jMlw#yx#be{g0*MFJ3hqtg`Vv{DA3~`dO}&8{mupJ14LtH77F>dRQRz zkihsdq^WCuZg_5BwJ~U7wE&$J2+0kC3{&@sE%>hI_OaTsspwbtS(KHrpm7s(*yeC9 z9_|p3MUdkGVe876dBl)JVFMxxW#9~BU~Xt&2wIJ8U<z6?W^9DSH6YtyLY<vM`(CSm zP+a^uQ!TV^?$J=Oi7|iQEA9_&sM5VOu_xK^!yA<khnHR|su9TjV!r+9vzp3RJzJZ) z*LiGP!*D0H^o^Ep{K59G3aQ$SE8Oimm8TkrO{jkn&hGJCa@~H{^o{1yY+C>B{ajPq z{5x*flm6-H`@H*lQ`o~TLNiUwY=u4E`#-vzCb#6g)b=<t<11U(_DV4REpG{6aQ)g7 z`$Bn7-9OWZZv(1V8uUtD=IqNzkKJ!GT_Sk5X4279aYYA@PrGtkcfl6<Oy)PQ9tC{l zvH7s(bFl6QnXhkiEG>&0#7+clP(J&>?#^8s_XWF6yB^KR=-&5qf6=>3zm~ogdi!UF z#7ecYI~v{s3Nn}L#maTx<~Mxz+#SriJ2vC^l@q06_MK7P-^Jap_<X$7S!w5MJ7Y!S zJuA6OKjN4l96Tx0bGg^|@>H|U=JCnNvyDYQ=&EH0*L3z69m;!StH@w^a$&}!fM&f7 zR@$G<7Oc^KlAm}ekkitxJ9y{r^jmj=ca}w(&2@gN@W9q6p;akx`*GvlcSZG=R4ik! zZgewaX}eo#dVH#m^@hdbrcaCIx5Pxgzx7HWwYus;{rt^aw9Kswx@Sl4)ZYGPQ=riF zV9ls2AA|(%_%rPmnxvm}#Xi%yhWFZ^h*HLmxe;RC_jXPA@6OoCmh~-u(}b+eOv{)$ z_HTBt)4F-}S4M@YFQizpH?SqTtMj2h(t=_0*Zx`4c&@(wRlQ35g|HBEl>lD##>B|5 z?@3IOpUM{=j{hGn^JF}k?5Sk$qMpAy_g-__xfN%4|9qXr_Ox7N;_JDN)ibqPp8o%% zcrf<E6Z!D%r7IW4GpYT*e*C-NJ^vryW!w%_`8((+nSPMmcp*DoXTypI2OP{zzqQ1~ zJYMfq@o)J_-hfxUEoI*V-!}&ztNPCu=Bd|Tb&cnlddOp6u7skbvlH2`E!}@&X7<}7 zlFwHA2wEJ?H++=mdBVP|L5*2W^MTp7ZwkSW#S2Wt=O$;!WxqM>+qOg4KtI-v*WLN5 z^r}d{oiV*^9&1b5<B$I_3~>~GbX<{d-UB(_hX<;iTPGatia3_aRT2K_m@+@(O$G0J z{J$r)mTJWm_vTisPCWI_bsd{G!<ow)BLi+(by#aUyTwh{4mlT`-|O{!+OPeEd`{gp ze>E0d@HlnrNTbj0Ma7fVPQ2#1rq;3TfXeyZd!t{M*1qKEYctlVEa%Kz+WBX5!G!j* z{>w_cozCqo=2lSCx-i?eKu#s+Y<t;C@oC%7^G^ERC$Vyd=f!#d5?qQDcS^oJ^wsdA zrANmEmC_KgwdcP4$P`Jj{JnU`t^$YS>N5L}ga!XfPQCD1hEMEkc3Xt6#FZz!eM{#? zPrOs65@3H!>-Wv=bGBZ4cH!m=$!^g?kG0!h-H7bCGGV{i=9@3qL?(uuklA(W;Hif@ z6@2=wCU-7faAyDIZ>390r{#u$OI_G*zue5^qWt32<oHzG;;PK_ynNVrHRxh{OK4jJ zbgtxnc<IZ+XVApLWzfX*2~zrUG90RNX7O{kM?W#eps~r28(b^0un99^-+u#}xZ&aT zg}Ow+rz8d58)4>=gNvu?27_G)FP@DI3@pJVIHy*dN85K^MovaCfy}(Ld<U3k^fF38 zD;5ka4a^M93=NG93@u<?5zwWCAnxFBB%wyu%OCxplh@vAyRrO%)9>>W?=4gNF>`5h z!P?pDP8mDY=1$97$mjCzq43-(PC>KwmbRAYtl*QKyiH<zkIstozheq_-g@)zMP2_B zec4SbO51O2U-;De{7f&m3(b<X2Nnv+OwINBa^v_?Ut_&iONY`rk(vgf83D%~(|0Ur zNDNt)<0t=ME+6~Lle>(c|2q(>p~KX$T=MI@JE6hM)2rD%{?Ghv-lcLR@=Sn0a^I?z zQX5*N+J46G-WZU#<RaIZtA%y)%cX0+2IncopVoeMr6zXWwL`~zp0YCDd>j7fpmOD( zUnf+Wr+(g=707s@{Mt*Qg+Ha5e>X|*+%Wx18Jn@Q=Ys#-TYqhZl!lEB26dRlA?`u! z)BMNoJ2{`RJ-yXKd7)I*GOgVv87Ld3u_^%FZ6_<pB4Qxah?$zOwBk-)<crh0dS-Kt z-RVEJ|9Lg0PG&i=|JK>c9nKRzEZO(|(|g4kd#+rGW&8Hd>5W0of>kR|eO%x5%bvS9 z%kGt)L!JD(ki^Q@dK~80l|T2)-zU5A;gZtZ3m%1tY}_TIxkTcd(5^)yB99GCPdNPF z{(!YC{Gd$aryu*Dyj4w#Y57oBC%<{$&+UqWXP6no3YH5@l9M)Rlv_JT>M)DVTc*To za%`XDt=d0ne{^ksYP;s*@$i<t+3W7y__<9wses$o?4;8tqw7_P&o14zJ%3{5$=P>q zN4Q+iw^(0aae47tsnT6C2hD2w<#J^Xm%6PpWnK0y##ZrN*oTu%O1f1cs|ya-Dy23R zOaqrEYS8XXdQN^)Voq^pdR{zeO%$vlryE~nid2})f)^%CN(N0#at2L|OCW`bU_zwl z12w(fp+C9Gy9$4L-N-?n*)s?*R54HjO?hz(OS^-u0-bND09pnFS>EBOpsNsM3R^qE zCCr6T1ruaO76cU!pxpq5#;6AlS{fJ|ni!Zz(ZEI=v#jo}eA9l{#_oS<c~SAleC};m ztK}wHc|^*5NHWwtP^IxtYI)4&ZD*!GcfAtv>tcDX^P&UosU}?VRd-+87%x0J*LO+2 z<5Y|KlX5MuFV6Fv)IO!1$EwvUZT{TI$-dJQ+1k9oy?OM!f-&og=-t~s)AX4Aiv5(L zi<jEHynC0LFU*fbjtj`TBtwR$nL;P?ZXYw;#p(EP`j6j#XFaMFI{CIH<??A()$XvH z3!cZt`f)eUi7wMzz^SH~mBeIFcxh{Y%q#1M6`ZXrN+(&Li23XBp0`A41;?Yjqn_uE z^XyrknECO$^+T=GKea!nO)v*1FxV2;l+5%@P=7fdlF}g6Rk|@!;z~v&E@y)#CVPV> z#-otLCBPaQw&zpa5>wN|OZcy@b}d5ok3k|*Wfd9>-x(^*<C2-42^#8B@XSj#gq|?Y zEi3>!pBUyE(7s@#b+B+9kkkjMv7ndp7=sT<HUcF#*y)z0p!G_i4JdSQ0*=&oclpiT zT|2mcbJr_g`mk?b@n_>$sXZpI?j4)G=fc!)AI@Ch-jx^~=vFsRcmBJ+WFGN1>;+%X zx9B-E&v{|*m}|ZE@)D6qvx>RQ&hG?-bBgY*>sY=pd#m%g^gGJ`nPnC~vID0+jMRpj z9NUogaBsftvE=8%qc_%>Ii3+r&P>wW<9!S{wqU7m?Ve9L_Cj74buABbaZWG((qY!q zp}zZBM{hvu^5mcMjP9jP=KpwRBWM5JoYlXw>lZK?Sf)iEO6lD(FW}CKtDcMA9=~(Z zvtFEW$BDLnzn%{56|+`$9lgk~_eaR1Sx=*DHmi$+Q=c@ncuUMptjf=WB)a6pc%<$r zpAtOTF}s59QZ;B|(u5>CVYZz4=V$Kk;j(=6p`y$A*)+50Q^*Z-&{z%f>GPq%uz?#c zVKzswjj&|LEGz&KfFvnr=;CTaQv*{YGf<L(%+7%hBr}I{Q4Y2z(P%==l1&v2g{La6 zJ}zAE-Vjhyn|I@SN7<K|8Q&um6MmMoFzT;i(rvrEz`4qA(~=8jyBPQN-u5`bE^g-Y z<z0vJal6;%U$;vB@XXk7@A}R%3)#eZOa3*PEq&@0_Qdt!&%ay5ewEysGuzZs|JMeE z0JfZ}3k{o={apXXU9vyGg8j~-cFTw#yRNSM>5*<Q?cJ1$xctt=fd>rQ(iXa=?FxCl z`0&J^9(Vp<d|{wlt6NfFdc8yC`@AEOdAp0-#XlLjY3y+RwOw}AsV$%8tMKW1e=m%Q z%l!XpD${9;u5|$x`L}=TCP^PXE*J8!{6YE&{yFW+*X$h>>J=J}H2BzAtEly{tjn2o zVihl>Swh4DGvuV*B5|hG<jo$QDO2<~BIg|6B;d!zftDP=bK)~TnMXNJSSWS0EKozi zOqp-pGmYJ=eoR^CvBaQW`j1Ml_m&e2r+?e_v8v!i@Z>Wb8jokFo>yM-^Pb}6npV!W zezQug4smC7R+PE8OQh!XI`&!D&pQ2O>+*o>tUBf|n7!A&OkBW}_x00<qnqAFZ@=?v zN=*4Y;idIKYo~ttG1>ZFcTDuDsG#VC^&;QB-!J|>-(hO5VaOk+%g5d1mDk?n_b8Zk zv$Ue{Vv(~+X<m5bA*L9$1kLlxl45-w&P%U6InD7~S<v}~vu07!!j-Xc99Jf++i~NZ z$e|0NpW411ne1GimUv+23&-ozD-xLVyo%N>y;!?TU|w5}bl1*E;~%e&OxX8vCphD& zLo;59E@<B&sG|ZY_aO}n@WBB{v*Y~Ih)j6gpo#ggK@-zzNG4=N*_Z^%awxqM7gs}V z15HrNf{RBfL^rsyxFj{VSiv=~B(<oZD6=>fw7jMaw8vk;JvYe%-0ffvW#Q%#LnsE% zgD8L&)ua}|7OFDy$b{&EHZlgMCM!T{14u&!<a7nd)VhVCfq^0DE(-8~tg$hO3tLq) zC>%+s7+4j5OFI5V@x-UMV!kYT=Kl0^MrZ=7EYp(Bvm-ytb*(p9`-k_?O%KU;nf)gf z{wS_umwdY+W=-nx__s_o)it`(*LLk}I3&>|*77TD1IMut<;EvxcY4}?^UpK)(6Hb? zy6<^L!C%YizL$>Am>96?h|6Z>T1)qrK}pwyCdX|zoaV&(yKK4K;;)DPysSE!v$D|t z)#-{o3G0vF`*QR2zB=Qjc~hD{nEX;){i?5Mf&G$u2GQ@^e6yxTJG-n95S4k#7=Cod z$7gIB6IUr5-5#tK=)8$raB9TE1N>z-5A@bFel9AQm;X<y?`FK|u}%3VHTyjLA4OSS zzcIIB-uyN@<~Yf2mqk~P6I~1--;cgOQo)R&a=`+n?4GNi5-;u0Io*V^+zU2HY{<MQ zkz2mxMUmOD+@HSlekrYZ*cf*H?C$xmR!@|)Sih=9)c5nY#l1_v^nG(#x%`FV)U|dD zNn#xzn0Eb1RDNbW+n_4jEU9`ei*idu>Z9A*UC&j6&69%T_uOJk(p<Dmz3`cpQr*FP z*{KBzUhF3KU;P(tc)II))s5)V8rCXJ_d16ahQj4%9jvzmx>xB5K6V$pH#hA<_tlWJ zU(KPfY7S|3O25qCeC`oz%SnB^iq@pOlko>Dl1m~Ecu4Tfw0ynfjMUc3s9w=IH$-^9 zRk4R3S88U}wVAD|W-GCIrE|@R6RT7D`4;b=BR$vP_N@z&daG<c{x)tXdvbQIq(7^A zpYX!GL*QZnwn;HX7d%M{t$;y!DBd_8bdntC3SH2608%?JA6^!)xEnOFI2$xEYeUKc zX3pj>XeF*e08;DE#TDNA<Kc19h2(2+wnywsbkT(zBZ`!pjlsK&K{w}uTmtG@7+4yD zjxx6}H825fs5e69(!fSS`E=&T7L$Tq`r8c_^zE%-IlnJy&&<C~(=SzVrBAcq{3hTx zRjGJp?=4Z?=d6Dui<P$b&0yGLW4mTy&hKlLs@`iqoJqOWVW+u+pYyWGUE{Aw7ayLL zeECko-zQ?-Be`ol(V|f|tacocNRfMNylHD^xgXE|n^Urdr{@bT{x@?a%Nfx(2^nT@ zIjXmR-9PzlnqhO#u|kt}Kk--VyC?R_ggLHLGLJL=BzyCsF0X!O;PQQG%et(z_8yno z_)z4-J}cRs=c6}f{oAt9O<~b*IqQP=lV{ZS6i@qf^nGi=T1~Y-ax8W-3vTeA4r)%S zdDk60b;8Q<MXwTBZ~XK<qW&vy?c1N%1HWf4h2+yFMiql5Mg`1)1VrEG@{}&0Bw;N{ zy))~Jx@yg?&yu;5jxn>@co#I^BhS)!)u8c`L1X)Z#+C(*jcxTgDTxJE`uZuEMXAXp z`9+m_&_oM9;lbI@7MgNYjSN6(N7cvxd^C)zk%2LY?Wk&GV5Dkf;2H*E7#LXU_=9wS z&V5idG5{q)9cNn?S9?$&C^IcH8FX4!YFU1ABIp>RoXp}91Gfb(3!K^<pr;psdnu4y z19m`iQI0;;L3nZz+9^h`vdH9Zb(GDLDIM>n1WVcVH~+KwB^Rjny8WBxy$2t!98=+Z zdGLIw^cI7g=cN9z1uhd^qWgZ6_kINpRnLpd%*st(q}&hMD0sZM>a69wLu-2q6+cB~ zufK2O7rK5^OR7lc&hpb*hWpMh&OM*+F~!I&|9N50f@Lj|=Io!CT{*SeN^9=NXNEJ} z&bzU!NXa|kO6iQS``ab{J39xgt8%ISP#JjL*>?Hm#>*d0`tQ7TY<k;;ro&I1a{q03 zl;X#y_T0flZ7WCTb&lj@3-wYt<5zhr?#`d-U*g-?+2DP5)^yDn{e6v&JA3}Ws!d>< zclNsNWxd6sdsaMCdzydv&JJe9SM$X_>V#|smqoAzzxkQPC8_b{nZ>Eusg<bR(PY%M z8)xAq5mT-~6H}%^6XSbGNhF}C6~?pf7SC!2*Ztaybgf<?_i+qzk;)`z57-tNE@Ad? z&)`(=RQOU1ZedA(&)^VO1-JatycBRsP;kvl$uBBSO@Xif6_$snf$D`eMj-tNcW3CL z4bZ_ypiM9)7RI1mnkGgDrXa4V1!$Qcot=ZDr|R=E;J`8dB8fdWKJMDw`KZ!svDotL z5S813|6hIKR5{G8H2-v#dQ&6sr332?pOiG^ol?EoQ#$wK?F+LOc`Me5El-|s$@0p^ z_KJ9kY5W1wrsn)v$L`z|_Fd99!Tj0YXv2w%Lkxm2@;XM(6;W1rw2Q2He0bi31gq<( zI^SJh+p{Gg%|L*SQ=5&Eg|W$8l#zv*iID+0ULk!~1GVFs(RZ#s-}L+hPfyR`yOllC z$yZMXP4V+>@+y|w)X=h0^?*-QuBT=~h47;~kJl+oh77k&6pT3j&+=s2)^Sf{eQeIm z!d@x+?&}X0nYGEVH(8Yh|2?$m?fdEt4gL}Q-oci8!Rgf)+Jq){j|Nf|+67Oz%nb%j z%ryp0OexTWE3sy4*5Ax+qE^W{>u>!!vJkmG1<kl3Uq_E}9u9mr1!(_;p`n33sL{<V ztN|A%u*(8muYy*i!aBI(yvAk*=7wglCNu49CRD%f+aX&0|4L15`r77{>Jv`Ey7#}e za3~~RV~ot2<082Jec9isb>|Wdc2_mWGwo$eJM~VqH-DkQoV^QM=S{Kt9M-{Lc>cz_ ztZ7U)-!k|7F3o-ZYDcITtJthB58^g<97t)65%ujjzJ1q&(wA#lZRZ~E^mwpa;{@|V zgUKmzK?foWluW}rx;{?jYQDb5u$a;0?R&Sv2iZ(3OpCIo&rW-ATBb7oh7?PNoIBIA zxe1TVrZe6@XFBQrzVzd{<&oC?bFWPhowCQtMBt$1&yDJKb=SH|k8WB&?ed~~v!Be^ zSNrf~<JxWcf3EZ0dSJ4FSE~H^V~!c`BYw?k*>1M}(ET-+z6h`t6q-WnS0cK@$n9XA zs{xMFMY})rn<Ykj{m#BQ^Q7@4w8RAN4o4N#>)hRL;{UZRaHZNl?;Wc?7V_RnJig$S ziCk4VKa1%L_5Pd*`zMO2xY>F6ozoV(${i&8M?QTKldGZsxzE3tmsidW&boOk+3H8b z^~*CKE`7M~N@(E>Q>%TGU#(l~v}r>AgFlMCrpd;gp4VpkojU&9kCWm1t>f=!Ce1A0 zHdQIEYr*O-J1S<JvXGp4vS?n#S?@LLB^MM6>Haz7xT|sEEwL!W?LW5^HVAplEGmwQ z3_h3~Wc+sd$xD_@1-~9_bV}1)H9PRFL5Pw_{LR&}2cJy&@Z+oY_gAMX+^+4I_;(qv zwv-5?UBd^b1ykAMa?hUeUgFxjTIj{*dr?mp)V$zVl8t&93C_!M(7arnnp|3x3La)J z%Fi!JPBb(`%C-*?*|yN2i5XPqghH|{YA+Z)pLzwrJHf(AUWo;Xc?zI$Pe?N(Gd~aB z2i5@%h3di1>|qub4hFjiJQfdX)HpjDLY7Wg8kiVZ7?_xvnLyS6B5@6n^C@+0CX`SA zmakeWGlA9mw9jng?kEx0CC?{_UA!NDNl{>l_}}|$uE{Tda=YgHoBKPMZ%v8#8(UP< zV;|3$ULrc}F_TUE?RBRa`wo3hJJ#y@h3S~p)}&4Af6dvy<k^)5gBhQBw@vO}dF6)L zrwxC)PU$QZHJ)mC>wxs9cS$qblI{23ovhWoqHL$I{PuHxPObe)&-J7}P37Fgy4A(6 ze4)bLm7n~$Y6I4OW#x7CcPsp>VHf<H<%aI{R9P?SU+1ki7|t@yJJHQ{nPK9mDIBRj z8%@|4syZKiIL;h-{_3?C%Z)Zao8i!Q^sKs2_nGQ*+XZcs64;gPv>o!MG;ro_+nisX zZ^{wyo2mV%T_+-+BC4_IAHM#ZmbP87y7V!5)`ESU-@>=wBU}w4O^1P(7ceq1ELdnE zmZrBnOkQyg+b`L-JC%-FsNL}Mf3vv0@}8UG!uIlhc8*z_mK<HrZ#09uCQWnO>{`_z zPv_M>dfIta1?$E59y8_qc6uf;*Y!r|i5J#)pFjMf$1P(LlM~_fyQd={eyYs=x2u)5 zrfzQCHIIMC+NV|0T>)0IdwKU%hXio%bXp&}K%#MN>dg21p3K>Qq;<99rjYzQs%PI; zJnG}=<@CIpTpg7;jY)CE-k`{rwWg;}1f8mH{C6|^@^`_vs`r09|GDH>(e##J-lZ3e zBm&DKMRNFGzlm??DRpi>+&bgG&pch;C*{qP{kBeH@755W-6PrSsP5_T?%p$H7t1>f zm9Fh#{shja;?R7WoR*vj>Y9QwDN+XYfM-zFi3Uxqy#`IprH~BDBH?xB8glUm8mS6H zZU_1q8W`w->P#*kb?1!CyhH`J%)CU<^^7@axfQWw7kbJiGY^lmo3kURhZ^MX9|EdL z4UG&e3@i+c4a^O|r%r-b=|Z^%w6d4b+NbNW*=Ggp<yj-Ivih2D<a;wiyH8a1*JN+; zCdER5pzDDt1!9LnGkyC+bLa2pkv{Zbar!l$HRqMqtuGJJ^7iQp4yro*PVe64Le+yW zV{P9p)L;Bv%jTrAY}RVoh08yFezV}J%X!iBMf$SI(_hT|`FHY?kOrTiD?zLEJnv69 zyCZ&|{k?^!d=;*!zG%@5-oCLz{{OFA6XtWR)OEDq_)$XhomixfiKo;Gw(Bc8E-@EX z89jQH;hU#3Ew%bo<gZVU?!Gh7`F+N1&5`8S`SoVnCdEQi>hGUXoA<FOHXt>!KXY?? zoKgN^iLR|v`!`gX--~j!K5q8#efmYq%hRKalO#QK+hy2(m&{P`EdIcHNqXag#oMI| zE_Y<^jJjs=CFzc8cg6l6FY0#0oSf<(zg%~xLiYLWyI*;~G;RN~DNRp6<J<J8>S<#A zjFP%JdG(eNY$?r*&CQ2>C*3tV*1p92rP#Sux*6-a8dI$b4$fZdn;UXUOV_(qdUM0G z0$1MbIMWaH);s1rVJYYoQk{H@Yo<~{R&s)08QToMz0GT7Bf3;uFC9;n)9pKUf7`K# z^<6BAqM9Wi?B-0E%cJ+P%Pwja52xJmt2T?@PCqPX^2_2U2jAlZvD(cS!?I3pTM-hh zS7DTH+f-k2;rGLBtO+{{ZufEj6pqL*Ob`eX*m=;A^L>$gx?#otX{^vYgFvUD%Y(Yu z$}AEFVhtjX|LOkKxWK)2*S1AR_Oq>G?V0>rAF~sWI;Di%(7>u6sQ?3aa+w$zRFCb- ze%*fhUX$fC+Yc_wvs;Rp@6FZr-=$E$r()Cj=^Lcye7;_(_tj(DrQhNm&n{QlzYP|? z@JK(a@-&08#xptdaMR9~LuLLZW^2<ApL1mEIQsqF4XGX1xa$M{PhKVN-Sg&cP{O7q zY_I%Yf612o`}(WY168eAcaA%neLqpc+G07?@*21G67^pkH)7;|up|TtYG^S3e;=I2 zu++;$EUo4*=aO~v(xvhpxwF}XXZN=ivTo7u?MyS)EDM<>_(T2ICi{sG&hbirHjrAo zUny4l@_toT--nZ=>SxZkahZJTii2lPL;H0WtHVY?rhH*Pmfo#B(#<O<AADMFllZob z@~8(_PM=_3_ti?T&wTp@MsH`$@*d0S{Y_Cn0-ts+ka(U^AIqipd$Bv8?K0)6V~of9 zPsHudZ3x@frLxQT)%=G>g7ZFJ@^APi?Xccro?t*_v5?T&XE}3qI*M!z8rdc)y^36W zOHxniQ18y3_6KQuik0IPQ<57zzAmtlu$^+k!%@~@SKPmUVU`O|oR6C)nc^mJOMK#X z)`m6RGbhzPUvz_=+f4nrM`c3S;p@UNKZ+dgd!0T%lYxtYTX5>FFjwXduKDQ~u2ybb z(d&@Qd#K9c*XQ^Y_erONckYfn=l}PDXfWfA`>$_4D|>%IdAIe-%FS1qG|zS}p2qKG z`rOayK<Qcb^Uri%SL=ZbaM*eV&@c<utr;li9y%k+^J@l8td|U$n0G<Sa{<L`7rgvc z`A-^||5+6$)cX>-Z0BWVFlcN*D%`2PRRg+Mf>~G^)Q&67h1~auvQ<OD2)eu1(9poZ z%)r9f($p*pw7b{D3`t-xIFnGVvG-@ik7rjKcv9xJNl!~jw^y=~D`l*G|2rnV=j54~ z?3ELr?R0vo;63}+?CPB}V{guG@V?&SpsjxS#V&*0cAQenJ*U3cc2GGq{rK{CvsK@( z;9{8G8ntTf9nF)EOxa%-_<CJCxH)XcLPv|)7k?Yp_dke#xY3@!Ps}snI$N*A&sAyy ztF<m)xR~B6?Y7U|;HqBH#iPl$o+nqj)OjbXbhhc4*lYR(b!#m@@Mxk&=gtGsKV@$| zS6};o7Sr^D#{wqJX42Waa;Hfo*Zvl-|M&lGp8xvhyazLs-z>{67t^|ZX05f%lJ+}p z#c`5J8Lr_^CNw$icDnW<@xj5xwrPuFzev36IN2-isyWlBl*#a&rrL>Yre|A|T<gt6 zqm(l`uh`x5Q{V8xfoG4e_-Wroo8>OBMcw^2`Fwck%&))Nq|z%k@1OS1<j&sbL19lf zKP|1k?l_V4PHg7msl3iR|1?jtoLZgJ5almibnJSqW|hmXpe0&Y9o;w;{wXck7H!bG zr<3RE^@1PmL4R+(UlXXuzS-~J1<qRq?`Ql9dzO29Yq<BFr#h;lC+6u@`2DywXI`7m zsqoKIPftwhmTH<-b$CyJQ05K3D7S8_*J{6%Pj1`LxX+1U$&YLQ4D^m)a{KnQuk`Py zGdnM|N1tI6NZ8$Mx;-xap8K1b9v_!16#cihC#lae)ZbEU=f>o@|F<JrwRlErwk-^? zWIDXSzOQS~uPZ-fmR+>s`-{=cMXD5dSs9o?7qk>E<vaJ}<$imMtDR9tm=b^c92F7Q z?e-7O77+iF+HzdLbHcsb$JHixsO1-2V~Vp}@V$Taw5>~pV;V(r`5K!9rMvu&`7gbj zB<FIUGxAGxIk)-CZiQn%xcu}YWL_IzINz3V^49ML{dqnKEfuzkDc62G%1iJ+KUrG1 zcW=x+lXg4D4Se5rUbE*Eo+hGyZ<cJ-&aiW)RvY3AeB&N#epJ>dirlvPP*0kgOu3F) znQ6Di^2`N4t-mVYZ51dvIe|HB;`8;p+^+~t7gTz@$a6~0^X*f-cj+#<W!&wv%;kTS z%`w@O8(R&ZEVHRv5zc-4ZKBlakLQZZlb5vT`vh8CdlG+q{<cP~C#@cp5pmW(ZZkEd zAGExExWwDmOzx-V<c^H!6)uvBAC|vp<kfjG*=&pXrc)cF)v9Kx%FmkBFwa}d{`cZp z|B8(Y56wGP^sp;K{o@n<Ek}HoCQkk_U4UK7Ky~HL6NNk8XPnWk`}&}cziCDOwp}^R z&gEyjCW$Yc7hNG{>-xyJ=<dU`Q!_80JgWAWH-p7(-L{*vd-h50+j#7g<l`8oQ#v>D zz1VM_G`;0e`sv7W$^3av0y9dVP3=zD^Y*CF^{#VQXT*d}V?O$>oXzzA`6ut}g%jW1 zzNOpx;q1D(n<O}04^LWHB>u;J+X8N#k4Nq~XK-Z2TYo4^{(Xi`XW6kwd|P+!Q|Sj+ z3RJl87ipmqzb3raV39LuVv#avVrF6zWSCvY=DFA|Y3J2<6Fdqv--jdD7@!_It?v6Z zw6wG&{zg!$-1ln?>VjBWf+oD7t5whk^M;jY35`pf-ZdxaPlddcT)wn<@!lUNv!@6d z_<t~S|9W8}*H`fqOA`-@Ir#qWN}TYtOyQs)TkUF{yk%bn9s7RiuGLD6T#~NlbK%9F zpy&bxmWYd0CzoXIX%<ge%i6u?Ld3b=p0BSzIC*l<ovxm4l=pDmWKo%dJqo`1689!` zyvS({7nFKg_gGCZWRdH%(B@MHoiFa(So~J2!M?sSHQY{AA&o<S>g4^a-1S$uP5&VD z=-(kO?Z9Vc&$hd5f5f}&%!<Q4k)fT>UIfR;yqfzVNsN2>$#|X*_YRevTmL=l(=W$m zi;P81KCMc=JTJ-oYHR8|zGuNICDL)SLc!6;b)GkST8pmh%Gen`9bAH=C3o=HpP<OJ zgR3WTe7Dy>x#{1NsQD@PZY%n?%`_=93%`3oRR8GOdQo}vq++`(&*RUDGv7A-rG0x{ z0%yEje1G0<ZrfK;!g4$b`CAWcRaVkt=RUo%<h1*4*@M@YW}nf&<n-6`?()v_!MkoT zL}~1Ay8mOBuxvnE)89UWeoeOxa<-<oERw_|yw*P37MOEyebQ^j3vw#|s``bbgfe#g zPMawr;u^E=`MON;M(rr`lW|&Kjy+l!6Eb^Q2*ddg9}ga%VIXB~CU$#q-mAZBHyyh5 zp2=Of>%hm&hHL$09{SH&&(AaWdj;=}FQ#D)x3=es_s^AUOnLb4sOzq^**m$a{QSLJ z-g$qly(<VVePB!WanIg?rk#;S8FCQii@8A)i?Klyvoxet%FNmP89AImgABe%?NHnk z;IQj;c;sAgPJn})0m|60*>7W0Q|PjL@MJicYd~e|2xYCyo4n3fxxX)+t^CVM|5|`+ zr>WJk?A!ltGi0oIz$_?h9>6i**DGU+>E_^zQ<9e}gss09Sn)>7_OpjafF0L;x6p3& z+`|ICyc2_*Z?r#%^)uV5cq-n~fh9h=?#$w2+AAI8Zkn}R^Y}bT&csbY<=~RQJ};^F z0rr`(lJ%~Kk2CfMo>YEOv~J6uFwT0R(=r>^Yfj)g8G45Q@)oJL?xs;*Z|4-VC|+2# zmq&Oj!zs0#BiTGtqNYx{6)@}L|E1b#hD%ObEVwT#zk^fn^YRzzL93_AKX9|VvE=Zn zsH27rFFa<=pOX1c^6rh|n#NPp?)AOhY{Z({V)E?S-*ADg@n!q<Hwf?^1!t|rO^i|o zO^jlgy=KHX;NM#!N9G&cQ`{@(Wcg=xva;uck1ZGtq{hpjez`nL<7tD&69$b93+fis zv{g}O;v1BDNS^a{Uf{UEzRi}bId71K=-2ju#{w7`8S1CsHaKyA$(&lns)mAdB0`xR zB2yDw7}soiY2ZIQ;85C)x?Y2=1%@vlWgh=ra9csN?E>$IeQOv?Th7(Z_uaoe!FtZ; zQ?ifZGHxuMJN>Cc!X-1se;2mw5WiKjxc<uh4KtY5<Y#B=sHzk#Ons*s_4Jw1^H29z zd;a=7AyfG_%gyI85r0yzOy76rj~>?<RV`DN9|;phOKlzhE6Yos$a&oq%(Co>kCJb1 z&#rUP#cxtV0&*|T3H_aU*z9o69-G!>*<5P84<^q@SXXyUWqMa){KUSrNu2FwXS-+X z+I<VW5^yC_V{h}PGaA*wZMiqpIts48nt0Z3=cxk|@}iE#m84#e`M3BHxZr{9&`eKB zPJ|p%kXTxh5np5qUO<3U;IzRD9M&F#Ce{vvCguW2fx}VDIsM-U_g7WurA`u3spISi zS_cgo+SGIpb@X#raPjwZS8#R>3h{LFbao7JRd5Uq@$e7w42e{5_Se(#331VbEyZKz z5p#EOc7$|sLCO?@Ocmh6oF;~bMrPpChfSlzc})yJ2Rp(J2&ab|2z6d>E*AT6qNJpJ z_IqPqYqq-3KU)*}%i4sTYQxg(I-1@VCG*YezH6ex6c~6|@^55F%gK+~n|(ICeBl;r zact3YJ;Cr@O`?nD^yhAv>BaTwb!S1cU*(bQ(R&xgZv5oPq`h{f)#5jmTyNs79{+vc zV6)a_w$$nlwd$}%O>Oe8O*@<G<JW2W*>1~wv+m#r_1Wtle|htMUH$hq+oG!1OMgfD zEq^_=N6E7Cp)N=NnLQJCIDQv7sJ!y<+F7nHn>St8IeSd=QGmd@nA1&t;u2=H)1P(B z+Td%#`9)`ERGQWX@!9j_%I12d89Ls#|9zD0z4W#^DL1q4DaqE4EhUtnr<aOcEe)S! zzIR`iv|7L?Gc~peM++EJa?8>lPQ0DReju?yZ<C&WPr>qw);60bKFQm5#Jb>9&ZOy_ zXWeTh4t(A{kN;ZtI`(Z*{O7oN+?PMK+p)Ly_-xY!iPNndOU2J<Pb=4&q$qcDYMDZM z#(Cbo_pixwX3ctZrnqp4eyvc$_Fx0IIPZ{|{OKo`p7^A2u<6ZQ!TX1peoI+je5)|) zeQL@i0bZ>~_X<8rq&M{>-rKR~qW+xU{1>#}N|)_?Vj245$3od1s~Q-5nx1c}=iIT! zV1YjG*PwZQ-zRP6VvuDBna=iLBm2$c{4uGuHo1}EPu?!=ed!Q9U(|a+;WsJ8$F~aD z6eC31Tgxj~HB~~&XVBCsq9}fJ(qX>uxfin*)|}_FPd%#HktG?3S#+Zgc%t0z2rk8# z7#S{lhCf(-CL>}OBfqxf+1?F_u4@F}CI@8xkgwk-*8g|zYwlG>?q!$KRo?EcF*cg6 zb)2;=jaR%@L{$39>%a1|zQs+?+%BcMglqFe`*^c8-EYEI*gbFTk_fkKEs=6M{xVuP zzW*o3%Sk1@U)?XQw!ZeeBF)dN_UFq<FIn#W^-TVg`&*=Na=N~|*Y=(N<+O?m+zj?d zebTR7`mmSh=Fd&Z<~`=Atp!;z(VRs)*CyL+y!+#i(SGx`C%gM*sMqb17kgMB_=)+x zYLbz<nuJly{QnGA!n<bqe(~QSQlPZ)l=g&kng<KM=+CYHG(qlK)cx&lf1b7dI{iSQ ztZLV?(_d@uB`w|9{q9~<T9==dfxLag>9y*+c;c>K*cf)Iyl~Uj(uDyl9h}7vY1}*? z)E#{y`HGX>0^=$-z3*HKZXtD9{)QhL>zqm~Qj68!9jn>VcYUeV^%)E2^azArzU}?S zVZx`gdEu9m_-eu@Z(N>xc5d@-t>;g-Sr<mE{d>`MPt?SB!J_$>T{%nhc1?(tV>xer zUv5R(#-3*iS?~XN_?66XTCbU}mv#Ji?Zq@hr88{|b!p8!PG9z#Ogb#}%KubdkuP^a z&oYnQ%NB}!`yJsjQ)JyL?#Y=8G*!Kpp4PtGmBubsAsSvN{pPEC%jbE9=2chgRn|V) z^Y`zWyyh1?E4Dl4u;1Nl(>7iI61WuCg-%Homn0^Z#HXYd#pk7_q!#5Q=B1<}b~Nb5 zqwJ;mi73%444PO=44Rl@ASF5r!;D3i=%slSQfcnz1HXEmM>H5@sX|I>k%Aw>QrKiO zGmjEhdC1x%XV8`|*xngKLqiioLn8|lBhWrh3qwOgV<Yg+ttbOp+D)kR-e<HZgumdo zPE6$MoFhvDU$km%KI3KbX+!*HzT+~s!EzlO88`B6*B+X8rYW6Wy*;DQYJTZ7B{$X$ zZ`U4=o~Lzh&L68|Q<r}gPnUSE@5#XvbN<;GleZPW12*2tHu|vW-!_{kZ=$9jx0fs6 zFj#Qs=;qw~3r$6Wt1mTXL^g?Uub7nZ>&!j-me;)&#uK=Tlz*9?Q7bgOSfnxOX0&o{ z+SXilr`OAj&rQ00;9E{|#o1GSwp*VD&HlL0`dLWAhBP_O)$IR5It86BeplI*P$4zr z`$@sSVh2s7LQ3B|Uw*pI@7(k1!^iv*1HD(za`j#)@3_|^ShO&OyKVDRy?y7FNFUT} zS+w;uhjN*-l8U@I%ay!2$Nto7r%Ao(dV1}=@7H9`?V^^~s@J@JT=UZJPpQ+1w-Hl$ z*qj#4`TnF}^ZlayD07F-8?8&Of8@UBEP2H%LZ_$8a^C)y_K#xLW;`!1Z#k7C=@`Vh zP<BJs{-*Z@fr>_VSj&1&e@}VB9I(D;V*2W%pWa2>xVP{7bHnpFC#?$)UhUYLy63<P zadCE`tudEYD@@+<tf{%c?C9CWy=%MQEI#Pm{>=H2$-b%Grf=CTZ>^B6nr}8wXai5G z&;-$hn`#a&kHZp{3S7yu`RjOxFUoz}`{{|L{x|;}-z0nGZLH_!m073LT7<90EVy$& zubk~-Vd;tR{Pq0h(38nPr8maVBWm%CJRcRZ_Sf-A;p<MB&e0S4{bX0H!ksB7V?D6a z+hFEgR-+SfeAY7<t-6*xXa8RH<N2)n0nWkGwQNt>xX;jgC|dn-(&xlm6I8`g56lmV z<zu#vE@zt4vW<5}yvbeb<U@xw8V}9U)YE));xOYU<5ya%&Tw*kPfb5|_WtE<+ROKz zxyV-#zeD-r>4|<^Urtm#y_sxw@XGx^O4Gk5#J<whkJz*~VsGy>e}U5d9@Vyi?F(&6 zln(u2uWz_>WX-><g9Qc~UiM`^(#dR`!ny12Ki>n*JyRkMxGAikBhU21G}Key?aF}< z3#Kvg8y_wFJWsiH%J#ojmpPl+6#pjJt}{At>0R%#56`zW)o`6DI9b{7<DbuW(-z4t z!{1ytuh-B1uxM8HVOFoVjtL?L7gq^7<y}^0V&OiPdiQQn`K`w6O)GveTI`(mN-HOQ zdgqjRdme^deUer2-fOS+EL(@VV+Tqv<^9euc=M)v?oUtCSyDPTH&3;^DmUr-vYn~= zPi=FpJbXCrJkb!+*jH;B^Xh?Eov?J)b-U~H{^*u&Iw*2gnfZ2fKDS+kKJPu_Ua{>S z&zom8@>d^p_6=nbx9|$Q8o8*m<nsJ|a^BaE<!<j#$xoQLq^UJJ%yG{Jm(^Lq`!4E4 zY!@<)*kqo3NBHX$S$l`Tul`@H-kv!6`jDKg*wm`ybxwto^Snj38{A*@HoVnijcnFk z%giSaD=YS$W8J@y=X*o7V!FBkWZ{n!wDitM&B;m4%S?_>OioNm%>^;?QsRqJi&GPe zk~88n^NLF{OG-g&fs4VdbI{s&14HD!x9i|VIvc-16C1Zd6Z2<Ck<Q3~UY<8DLn_eS zgJ9dz*oD~~OEOaPiVa;1oWSjMVQUYl!xS8$4pT_XOHl}dI!wV6$zckh$tXPq#PS3O z13Qo@%);iRm;za7q+n!VXbKu_Ff=tV2Org9XarixU}9ikW^7<+U<l$G3>l9Qs%Z}W zSZOca`NzhFCDwL=*@lT$l{RTn?{h5~J*Bp6KVR>w9K3x3!((ABjb(-(Co(+Nc(YE? z@tpjvzqLZqjLrNzH^k3;_(`a_!I#bM{+jjA7j|SDuK&<|LBe>)ZPzT5FH8+88eB}G zQ{&3CcxPIPM1MPdI(Uz;FJp)K6jf=bJxVwF7Eg<_x@mOV?!^az)VC!M^_SPIS2x+M zSvz~%dCn70FLV9rNKGx_x>GC@bJk&_%$02|Jw5^FGx}CUt~;de*R;s=uE-bp|C`FM zw(GCTt5s2de(bc`v#0;k*^_U$^4_(IOtp-tnl!V>c1}xNhvJT_Uv&Q5EC}+i*s<3} zyL;-4ubVGsoL3O3^NERn-u?8eX``h1bwQ5pY5OjFoofzfusYoML;Un4v)GG^Z<I<u z>{fqO<>C0(Rg!J3`b@ur1@3pZ&TkABdb+X4Bi7Ja{Bh5*s^n?jng)I?eo2yXHs_{K zSX$5cdhUZC-JN$;XV^~KR`>qq$H2f^U9}ULk%<r1WbM#06J)6h*lX0XPybHQ)$6ii z?oZs)6zsoDJG#D)v1%!QRmxXhiT0c8I<Ed|IcRktQ$zO?Z${v%$4kqPEt$Z#(7fAF z+5I3V$LqZB6|=85{b^B{=_$EQ$Zg|q*HE#Qi&NLkVdsC9eMer8t>{f#htLz<+wrXW zPd+eTRx^IyaOkYlLU9vrL_dLqnx;@R{ltlrdrM=BE?7up&HY@c62gs^)xncorMq)O zyjKZCxS4!Px-MoG%Mo`q=S2J7EqZRB41d(Ta@smsEcDJo9-#%d66^RQB8pRrj=ym2 zyR-6>n*FiLo{hmA#*G`og!erQjJYwJ%inuWSTNH||8KkruY8?CU(`q|DqfbhI#d2> z$Apg=$A3os`=$G3|H-ee(&sD$w9LCI7jJpYnbX=f`G4m$^@_&+^v7-`A$>P_Gaq?< z@hxHgzp4D~)b#03HXdEQKTG+=l_`&0G?I>ZKl*Uvk!H43L7htC<Z6FrBUN5k742zT z+_Lt2aetrHe{hY|(e%&xCYOE{C-=M;+puDZo7RulLT`$;y#JwH*AsN0yCvkOzTM-{ z6?f7$-h3E;V{=cWN#v5%{yDqlC2p6lzHxfe*(nx@eC%xU-fjXPMfdf###no4H&*g* z$(-*QFx~e%Us&vcsac224ohd8{Hk@web&BB=Z>nr_{F^Q)=#m#i7j7cG*0|cJ9AxT zLfG>7d@GhcXDd3n`}p-2ukv3cEo3Xk;lTgV&FA{6YL0_kUvt&(G4-E1yjA<u%hx9q zgDsYxvA$7mZm`JzX8y%b4r?8&#E)L{GVR>%c(tajKGe6_YiY5<0ju>BKF(6<yV+NG zs(MG;txf$i?PP^{g#_PSS^eRqXc^O!2lrPg$VDf%rZ}veFr9a8@TDl(_AG|!sYzS* z<!3Gbs^j$5Xzez|dHeQ&`w6g>53sH6@rlL7rA4VJ@tM%8Ku|geaSW^xdZq@J3=B+O z22D(E22G4-A+?DB_rj=OviBEk^>kT(R%JoX8v~?EO$<_zDi*Rf+as1Xz&G1FLL92# z=>q9Fz&Z_hHr&(68925wNIu`Q#wGRb*&X%~zk4@^uXNF675(&{`@cZR{H;kr@o9DP zPwz;(R&t*?7R)ubH<sz<%E)_6QQxL&@%37Gb$K4!bBx)7JwEhS9cSL7`nU_O3jC2} z0@oI(e9*mT_9;ixlGIK2r!VYX`EUkn;6h*XMa`AxdS$hqv>?YCb2|9uQPm}lu1wiN z-lZk}CzKx-d@3!vSJV07{KTTfd2s@hBExnz9~XFT@iIcqtoG^?lQv5xgBr8o4+c+@ zlC5Sw+P2tww#hHKTLO~`<0c9(zq=%F(ix*`Ulr4i>%W?ooR#W2X)5Cua6(juHhGH6 zGmDGCOPz}|bIMYSK>Pi4<I|D1{j$JQA?rbdCf2<MP0ULnsgT28`ig$YZhdd$@{X02 z0p-duXAeW@3P~<uo?wu5;FZjd?uLrs<6>Btg(VQe!C+T__WJ26K(CE4Gc+(VHLx%? z0&nv(M&?q_B0^1rBOlxAFIO0Tw>bIZ@J#1D$G`6}f9_Yf%e#MRv20A<jCIW6>nzNj z^~G)FPn^pTI9Rbxl382emriB#w--Azc7}dpaanHp^AAh6+{Z<}>OT{!cWr;VNO;@p zM7s+)7oYw9757$l%e)1q(F-S?{@^+3Un>`@-LsqAkNkJvnQH!L;!7h_rHk@be(J4r zH;7I#x|PW5?wjDWZj$?p=BR*(mtEaEV;A1JJJU<vEPc1fljd#auRW~R^QZTVv%g?D z^*+n6{mOxDKc^H{r>E@LHqpzeI#tggi|6ZvcT=BzI@|Q-=0dMG-!^$ab!~l?TQQkM zZ%$LL*~%k^De`U2+*)5uxhhVEo_E~f{?cIn%zcR~*jjdKRK;7|lwN7Ep}D^J;9+YI zttNiO**ngxFg@HN-Mrau-;$}Bj8>ft6)ZPTewit`I;<|byUkK`;t~NJPNRl|&65vk zZIj@hTi5IPNx-ZA=T$d-$w`Z6E>~N#yT|4k-yV1NJH>$?3sUqser|D>HOO&!rD@(e zDI;x9v&Fw^OTEhhALM_>C2U){?3cRZ$Jr7^pT4$~c%4i?60*)C<$lk_ybZDs+50)< zX3i;m>2qW0cXuKAl8b@!+CCpzr0l?5eA|23^J2E1g9~0Bj9laP>zV$K^M!NVa(5mP z?X{?6cJ+9FB=$PTyLL;ZwoSbJ5zgNWS9<9EeRWM9(llsXW6-z~W5Ncbv49w56kl-m z;1kDfR?*g{UFYtVIW*%}TLd`O%R<*(VpZS<ngCK@0i920&BmF~TEZB~$jr!Spl6^1 zJL#W^QA`0kAybrEkYAix0@@4-&&{ACQ}oetCAbw*e5~<-`Xycd2U86m&2p>{(20*v zN?h5Nl_|kf;(0B$<&|TQM1I8DfG~xuV|z6+BPQONC}_IUN_LOb(u8?8<m+80X5OsZ zT~Tz9jbH0re``VFngwUMcUWqMwHW!e?Y2Flb@RG>(Yt?v3zZx<7BVGEHEl>*9TzSn zfB*E|(gg=%D<||wKL~hs&+y-j>Vo*C6K<^i!L%*^a>88)Z>6KQYpts0OG&v;tTf)$ zbjK)@d0L*l_lLrNkJF15Y}_By{p8n7rQ<C-rF)g9+rL$Pa6WbS*F={0cjY!kIVwdh zoFA+6BKl<RN*<nyRSCz!`Wd5mGWKLjRvwYBo6frb=u4HrxGPt^gWuj%jxu9TU3`#v zt)szbH|f?1>r=O0-S|W-x}sEedR1=ZO0E9tdxzUQ1!j5{SDdij8)#ahb@gLirnJ^> z>%FQwW<}W+B~D0df5&sp_ljT%ch)~{=0A%=!#n?Zon99$&U)fgud-pV#U<S=`=*_} z99iGv982;J3)Zo((M*_VZ*eMIfOoHf{_&;H92eYL$J#z?!IIP*A5NamT{|xCJTSS- z;8*X{S=pkDe(9@jC573waHL&2VphA{PT)_+gDVYB8TPLF?8mmaD(h!b(PK{k*R%N; zl|RnkU32G7j^K3FO`o<Ti(F#UO7Cg@dhQkbjagZ8Z=P`N*7AAHnP7SDRMHK-JaFL; zo9s?ZE=kPEERF}wIHl&5fcCp)A`W0dntKvMQ~~=9npk%mG%-WZ$L0v<5}fXI<nbBg z#0Hx2&PHm3c!n7A8SsF5q3k@YzL`0Rd4|f6E2X)3q#PlRPzcs5&~wz&H!wCfwJ<d@ zurxD=otn+eBL`Ci>eeD$3TcTrJA!+th6a{KMuvt)Mh2kaOJf5ht^r*gL#QfQe(cCn z%_TbTpGq9v5U@Bu(0V>s)X7607F>s97D&`j+}gg=!TzpnhCD~}Rb9D`1wZ=3`g3P8 zO`0HfHJ&4<^ZLUzdlU|Be9#=&mFdecEh=CCfJ@zCz9$pUM!dW8`?#E|`(5>&9E|gq zDaw9z)YbR-tFiV$*IK15VX1v>A^nq`HSbxvRV+48-gWjvt#J5(*h|gX9zI7_&u@r| zw%U7gxsrW@x^Xn$_AZ`Sc5{x?IhU&3m0V1Zo;jn}cUSA}_S!Vw_{2b^Q0d2Rk00A! zFio0ud%ehs=!IuGr5_ro{aG+uzHzy`Jj?6FmXp}#&%C_<@+<#<Ig<aTwaeM0ep@V| z(%dHSJj8B=Rhf!^qvFxW{7gS4PjOe+{qG9j<&2$ok5siZJq`}3ynB1jrBCd$^|tM? zd)u1(URChZbSbCA?_SeibZ-=3|CQRfX_4jm?>7G>ejoc7)gAeWX-)N{3w|R0k*?o( z;xytnys&pYe}4V!{NF8?%cG{|ubI*^@7<mQUj1H^f4C?<GIUK0@DsT4*tEt+a?3r| z{fpV=pV)f#iTrhOHr}eKC84|-Qhx-blTzm9KA5`T@D%oNUXf>eS%2@C|LlJEqhrtO zrhN-O+F%l(5%EDNpitak*RzV`JzqAhovpp;-$TouxLw=|Q|?ta@A&^XtarQMOY5Fb z8xO|LUBd07eRGq<*RAuRm&Sk=;3MjZpc@@lC+1hAz3u#5ZBa1gBomX_1<ctf<OTa! zb)b)jBCWNA4R~@_7quTqSmx=|5%Em6<GV<T$Fds{Tzvk*ruR){ue@b5Jke;Eb@i^b zl+n8hwt|=RzVsbV)>BT~kiIW}+W}$AgjI`7R411P-CI6)Enj<QP+^vsjihYzk6D_j z`@Y!Ey7}RARJ&qfgYW4F7PIYl|9W8Hd%o>*s(_@##pz5NwTqlG)-2fT7j;WwfA);V z3x8+rixc%YD=512fM(2=7aia2%+_sB`YV@oub@Ie#v}UHo+TE$(%**K#f9I$!tCJF zxa5+5@^VfmPLV$hD-Sgk`|BNWxG7le@v4gHz~$E(jA{`j2M-i0<xZaZ*RpoE*5hwY zk9DTU`^it7^6Q_@;u~dBJA5};_|N_&>yc2Y_UQB9l^15cDCqaBy7qK07vF8&&%OI! zKVDLM`uNns7q=GI96j`-WD<*X+nOax!4BKj{PQV0|9gtj0n_<q_IXby<SkgHwrGdW zzKhzef0t*R*u|*5F{ea!NAc9>@3tRT{lMVEu&Hhvcel*v0|E0?cRt{_XO{NgeCfsA zAt^d1)wg<2s!RQUS@+>izdiL!92F-xmM^oEe>Ly%{0nLMtZ!D8)$Pv~Tkv}8@jsJ7 z^tA=mRn04W0<$)JJ`)iu@-fRp^#39DZ5w;}`(gszHrwuJoZ-JIGQ{1^q`D$EY_eYQ zt2B*@v$7)l7xe4v?a=G{B+_-}<<^?tIdgfIKAZ-w0AQElK#uzXH~)+B^Gi@S*3W?# z`plJ}JyZrwOtFx5KQ{{l0|Nu2sCU%iDahqMsOcY$RPH;u!j9JB5*BdJ0UcflZu{qz z=@uu#cHDCd!!IUB+>?W(7&H<I-9T??0lGmFw2lFM5|@#MfuRxj>}b&OZZxx)(CVjK ze9va~o?HCbzpL)|$L?m;>{lN0AGJ2@oGQq&_e1i<N9k$jW$vDr_RxOU+u1j3y=Ft| z>X*lLg-)-Q@hM<mXv<}AR<zgu$K5ME0irVR1Ku6c`~K%;(5H#D4|1=X8uZ0E7k_em zc{S_trcSFcON)Fqn~uzAE#ITdLw4kJo|*mA=G4=_onM7)CRI$kcBdq7vP<H{-s5hY zO8MGeNOoP#&AD13Hg(a<6I>RrKdA`&7l%w1Zncu$BWJR;o3&?WdH2TK@(L4Ia|Y*4 zI9F|6va`T_qEcY8SmnBn>m1cMPDpBBbX(<dEk)~kv&nxQt%Es|&R*=T&o9?}Q_Oh( z>Qm7C`pFZ{Lz>2*`5E-$2T#K|p*l^<m3R87&H(*dma`@+{{Q)l-irh;PP|t9yvD!m zLht@JyB6&;IjUi_wdPOG93Abwob!VBXUDA)^w{>4WAWxwwu!!%-8eVf9bWJ_IaK=7 zuJ>y#A3E=}So}=COU?TIf`G7}$GHAloIS!_5IAM}43_(c<ELB|Jt^Wi=SXa6iYV{@ zP=hyZ{r`F2>+DQ+`?l)O{XLm~^@Kc9W<8ktVcC1le#VWWTX|%c{>#+KRH=~Lyj-R* z>D{Rl)7OZ{b{+cR-j=6zB+PK?h4ju=?VmZzV%_HQtZI5PGw^P~_S<2$iBGZ~#$5aM z&-R|<8TNI_LHmP)zi7Wa{&(B=ruf!NjuN*UH?znbm0!}3FRF0z9#03C?6tJeM}Is{ zYN};E0B2WaXlEThYE%L`u_P5XWMqQWQp<p6TGlBBO{^0PnwTpfnO1;xwsiQsK1HKP zmh5|%mzTyM=Ug6E1_R`kI%JI+A^P+1Q6uo_KB*~?hMKzxxS@vcj7EC6fl&Kw|Fa3j z8TWQSiS@EEP%_9gesgHKs@_RO+fQ9LA`d;(Ty7h&x@^|jb=A@>yhjY=KT9vM5PKbV zY<jNj>P?lOP6=Lm5`T@=CWt>s{@6UxrFHw}uM8K93@uupF}dK-rd_2ovx<$TToiB- z(7WICnZ4y%iFIz_BV8WpcM4ZeD##{l>YjTO=XYZA55>gUCa+nK#l4A^+VlG4`Lk<G z9O5@trM)XZ;jtnuJbZpgL?4g#cK_uDH^bhYs*ZiU_N0H@Q`6^$r*BP;yVKX-aBJJd z84eRF4_6%Dw(-c;EC~x{f!-Te%$Mk~)^>btvJ;qCusXEK(dhbZmSU~EiHtRhK3Ddv zlV&cBtw_6RW#}@?*kM1%^(fCJhn}rmkbZZG`ksaUmRkiQ#J{V=xb>%eKbYB3Hlxfo zGS;cAy>ohImB)t%i-e@pW|f?}=Pmb~FL~XwEAJ;wvYKamhvA8<YUj3DE|S`H2c~Sf zl$iV4_~z03-Yg7fYGtM#?*Fd1X_Mgg-SwZY_7vziCal_+Ea5U$sw}DQTf>ImFH)8n zU+iRmxOe+A=Oq$5mX$L;<e$Q$D7z^{Q?)baDPK^ad&xevHQO9Z?^Ugd@3lX<=dz=q zQ1nxQfY*jcPZfzNao(@-DYZ|2qZofgAuv0C<Lb6<|3lYY<L4^;Stxh(K>wnRbzEvQ zzdp&-pCPOJ_2$Y=vQMQE<rzl#g<8NNpF8;G`s1ccg|R6<_w~~4pYNKnPKMtfErWsk z-@6lU)~?LiCw^q2^x=hz7<wP4WblWbFJD*i^Y1LLnLAHb#PIOMKY1pi8OCkq8S9e# zVC|e~5^2)Pytb7ubF;67{J3Ou(Ai;~Y{1u`KNGBX&zPB+ef;3^6&Xv^@67$FzRsX^ z=eKlUE4%(kOQm3!*C%3`PrVJOs!dYlYB*7xc5wk~Li~%RTb8e1@jcgcPEAzTwM7;) zKUZ{r@x7$LeUIf`&usU`BHjZcM(+(G_0~No{1o;iYkK~qfZS=l8CA13nTb@feNx%U zDHw2_W8;p_sutx$C(Wme&n{AMynb;`%FS153%f<G`$%pIa4fX7_bpIv<MF!Fc<GGM zlonnN&gnA#2i|2Xlo(ukU}+-Iswm3H@gmgdUZLkr4e<cqXZw6Fmae&Q>bK(#=cTJI zA7*v&*D;&@=+`6H9m>HuZ29S-^=?~z?DI6DD%CD6S&=mTlH8-WUfp}7|GIne-cL`f z+Z641!TQM;>n|+HFW(;uVF+B%rFHUL#hI(G+F2wvpIh(QvHtU<ncFr$OXR=Q%J4iu z>WTE!xsnTa&e=G7BZJ)g3;h00IVZXHymS6#Rk-woui8@6zn!srT9agrE-lawc{?lo z;O$=m=Owpydr9{*Zd0Ec{9;>YZuFjvE6Ojr0~dw;{IINH!8N(fd-(Z-OEp)$5-xvo zucuLQExUlb;M#Uu_KT%^&VNp;1DEGo(DEG5AxDX*ZLw4EVx9S`K@;;wgC?e%&|=-u zw&?hmZ23m#+K-nsLhjE(PIaILSz{Mciwx^QN6=;$x3G|NenDkXW_m`6f=05Yf{}rN zDeOWj%1=RZgf`*~Ou<J&n;96JfKEX&HivR8O%0<A29;w8HT+KdZ)TWnYj*eNMbE5k z0Z;iiH?%h$`(f0m={(hEmZY+xsO!DQCu9Ocqt{J-Vg6q``{k8a`?T(^2-Lowb~rI6 zf$7B8b4AtGJ3jfPa?CorBunxj<L=^R*S{UUdv?!~?yWNucQ7tme8u+)tL?<KKelib zrmQdcD3e|H?Qr>AmE!6rJUtI@nmwG^%{r6&t*asDsY496zZWf-wrXnog}&q45{r4u z(t7SlZ%JM>zkaf?!N-N_w{QN}3GJA;;DJB;292;D3F+xBeVun7i03`mdf#u!W!Tbm z!$HJTugdYs@_&z0&K!&^^wv>a9$ouD_M%?n?87%QzVDqTy{2HJm<adngq>=PtdN2- z(7@k-8#G|a&%(mY#Mp+}ZAEl*H#66*GuyMF^5UH-YTE?&DQ?Pan}X#yC!}sG?BEOU zh5xzR^EUrH=)BS6v&I2gy_1}dzoszAELpPJ)4$(V?!9mR-aSjceNr<xDR4@*<9CUq ze5>o;4LN~7&FXG{^)a$?^pAEw|AJe0+Y!mRB}d(lS!eOD5xH&irFhOt*82>1N-BQ+ zFinVL5|*gh^V@fWLay`f1cRz{<Cvo}FaFTA3@ZNJvue6(Owmmaxz&C)j~fl=GcWsn z;Gbqk=&hEk0nFPTwJcs{wo1^7@u7tGHJ6Odwm*YQS~j~)beqPoy+LQ&!^Z-TZZCSS z(a$(7Nz9JnvCLAlMu|l}L1hO77w0{b-Ss$XpIPuxyVCx)OwEYkt#fwg&yP7O@#e1n z!x<<4?7Pp!3obWcYsC}O(lU#3!HvLp=zVsXdFe>4Kp8}F5n#~7>|@ZxWCAHJIBNV^ zEM>0D)I~2QT#!nM&|pIm10m3O9TyL`BiJ%<Lk?**IFhJ>ALL5C%)E4P`_90?(8$uz z#K6J`oWCKf!694&>exakV{U0VV=S(hJtZeQF=)Z-#pf%h_&lA`F!OY1ic4yLddefV z$1&!f-}Gm<w8-gxN|<Zlcc!KFk<NL!dH>8-8<(59+%TOcWo!1Litol%_k~%R-8cX2 zwpv#ib@j`&!rikbC}+>w-ci!dBNxAOp6;*J!P<9rm)TAB;o#_zTcj*=C2OtHu9=K_ zxv8i3sicLfcssakl)nD(Q0swv0`|6Vcl`PIQ91a|{?zIDH-9=5_SWv5dga`{1##-i z_x>)spvK3b`P#<qgKffo`+!S#)EooniI_XFEG`INA>IB~_gD419<IkL(>f(jJN~@u zVwQORQMucR+HYSbHJbgsZSt|G?lX_r-Yue#j0x(IA+jF3{H5n}ZXL>7<gjH!Re(T1 z$&nL#F|#Ua1BVSQk$`(-o#C6rs#YBOd+p}z*(QhPY%vn?UB2Z0n|;go{cyfL(fr&N zBfWr7DO0~P=R$?|lgs@?3-sC#AC%3#b9$@#6`in)LBUoomx@muk!DSeN}4q1onx=z z?dK-1A{DPPR$Wiokz#rF<lFUcy_r3hFPO>La3^)K*}Bw75C10b6R97=WuHdsaoOkG zxcK!c=a!rh2CfI9zU`&C+asn$-Oatku;9yVk9~*Dm+UfoP}ANzT}pJ(J-tQId)G_+ zoDgufAo7QLy8G$l3)rn{FY3hRNLr<Bt^GSOziHz>j>)%0+&?ZdKkhou=6Lz~logZj zf6HucO8DgIWb!tOA*5AC%xn@*%&%o@_umHRL`!H5UR<05nreZaLW6cmIcQuxzbLb$ zGQOxdF}?_CQkCxwJcqKrH)vvgZP3Jg8Ja`GwrQR<*;DZiIq*Rv>W#=3zJvzDhSWKD zSVK}P5{qHuDeOG#9{HukCHZ-V5(Z+BOw1n~?4#hEUsRA^1U|qJbP^#*hM7k%IM@f| z1Msmm`S~T_<zt95sX*iHU>_(11v@GPfsa%MX*M=Av@kRQ-#rOB#t?M(3z&;~;mbfd zl28w?-z?SP;Wgg_*SEZMyOsUQ*!`@}&)V93dv$F;+^%@ow)EyM&hU)4;dToya5y$U z*Kkyke_SMbfl=yrT!HeY)AKDKpFiq%Y*Mb;vFhEMZ>i7aYJ1se&id~|Vd0y@GB1-C ziHppAFP(n5HI#|zn&-(gQ4cqM&o`QX@``nb<BB<ZPp`h6Tg@rI$fsz+Ep3iJ=WRmH zrSq>iA3IHw`^e*>*K04<%BsJg^jctl^lR(&=Ns-Gyflp^x~gu;N*jx^B}sh?EaP64 zpO0mT>`&9NV_&qGRZTE+`m5IM{L{F-PdGdb*rnHX`aAzDrRVjt%!SW>@)gcjym;V@ z(x-)P-&`{1oJurhXUM;n$RYS@*N$&5Hzz#x-T7v|NZQHph}&n|Gk<io2{F6xPZKU% zQ(kML(%O9X`l>k-q~<H?)K_dz*>U5=vM&{zLr=F{GCESRZgGF&-E$nlYu|MI5q&a? z_t|`@@^e1@J48fnljgKpurZ_wJ&7!f3O>LzW08P%hD&u{<vC-ovQ^QIV$xf?Zd_of zj!W9Yd95v(ZyD=U&s`eb9g{bi$lO>Gnzvo%!o8WH*2-U$9{kiyQ+uNjP=4EsyMNzP zri22=xGU=dER{smPH(a<E(vvKuWYnjVIb`Cl%;FkG+|XI{++=`X8$?+MCP8&uhrMs zyyVlD%`lL;t8@E~#MJP#WB+5i!@ib7%16)$JVp->d5HaI!tN`NubO<@@s+JXb$Rh^ zx6BpukZw`HDverzV%;zjwz=;#*IduO{Y#Ea+?^)Q8aSi$_tOBKs(BwpeyzUTW%qxg zW`A<`jV&uf7<u<iZqxtim3utyYxvJop)x}I-1*Ip-p|^8yY!H|YW>cS$v-l5Ls>3< z>fNy9{2rS)`HJUD7bp~LU^%+|d(rZHO1yiGRo!}0CaFEP(@UOqYj%(A4++le%x7xb znjV~DVGj(r{(sU{p7*!f=FhzTdi(l}N0w?+c4che-+cL1Rl03b`a0F8MK2ybd9zOF zo42;j{FfUXK3jxr{<}Tn#I0lffi|0dPrM`ZeD>Uj+j)!nA1yhuvf}4!ku}GhSr4UJ zYDh30ZrU`Lbzkb+Y4NEgHorMd^{VFx|CQ#CJ)YZW6~=$Y`r&#eeWf*Sr`&87$oO1y z*%GH0BbvtfP)+mSv7p3V8;k!R=9%*}Cu@qm$SDW0sV$!)SFVZoNt~Q}(fZ7ysXR){ z($ih^cHX?y<+wSGJL-3>^3qRI8~)#$-8@C_qW%3z+b6DPwN5?0AZO#*B%#9-q#vuE zGue}0Uba!-@OM_J1J~A<BzcIJPs*H-D06RWLrF-#gv{a3%op}AaV~8OmZ;*=<CHO* zKk;u<my-8Iz5vy`r<r-gPc}1f_?h~4b-(?<G$l>PrT+9(^=aa3IStlqD-_S`7XK#0 zc}3TH#?r#eA;LEkK7aL2^Z)hnoq|yBmNnrUU6U8CDO-8yH@E_UEd)avfk(U22YFO) zCcL&_d}`3d_|Tw<u^m!d2x?g@k(tKDa?fd##!~JVCNr3j))X-jdBKi}p)mMTO%^WX z+k0Sww7AlT6dNNAgxT1&+C0wLGBL7ofEmn;?95IKEIW=>UhdCP<(sc(DJjFeWZkT% zmh7Bjr;<1BZ2Qp_elYx;)34%%-&39b%N=Cclvm96|G45)i6yIU7TT}4vh!SzEO-eQ zYK~>YY!e~cP$3(t*ShX_<WT>cEARI{<C8XvTdpDpH?s$Wfh&_D!<|VB7YHvq&%EK; z5yj~feu;$ZGQW9eb2;zSikz}Ni|*}aQcz#fs%|<v?AYQ@?w7XbNi#8suS#DgI`Q7G zDQ~K|f6Q+IrxE<O@*uY+lHlosd6GdBbDu#IQyC<E2ryfHe70P0<$~QBDH~-ue?3KS zRnYua97vl1-=HrYoIt3@u-p8s$(`!#lbbRoto17W@3u>ki=+3eWXQ?i9k)NP`()KQ z(WdIzYBs6t^J{cp#Br*)>`IzdcWv>Cx(6Yp3ao1aw$DkH$}zZeOI~v0b-8<guRl0F zrP+Ml8+m8HyVW|E_UbLwf3kANTB|EFmuypgIXjynVN$|>e??D;@97g(C$i1y|FrAn zmY0)^vbTN?e-SHvwnujLRF<ippG|eAJ@(AKTmJaBr}vgMq3kRBr*7V&yxS+&^~1N7 zo2D9U`RfzfqwW<hQqwf|Z1JSaVqR=KJpmW{<v90=FMOtW>TmN?fj!MjxsIf3d@B|a zv2`mu+%D3oXyUt`-<4;X=fYjP=N#Q=+^pFOsS!av28<dJHGd$FdHN}ZC`e3w_Bihu z|F2&=h2FA>_oHuG1NRsb(lw^!^LZq{HoW^PUE*qIt<BMHulkq!ZflF*-w<D1u4N=_ z*_iIsqWsA<-Skbz{vZ7t5_wFPtW)r5Id=Pp>BF*{_m?^CKJLQNR&Q3K5_KzwS0vJO z?<dc@+vHDf=5^PyovFV&X7|=B3J+(-2fK;h&Y1n-v%yt6!$-X>^B#BIx;4$tRCsCp zho1!j1@4Z5;gWs_`q!}?nJO%<FRePi^wY+^nG5rUH#!#n>(DykFQ5>5{j-Sc(+4hJ zUbRm(n#}hv*zK3j-2dH5JH2mmx-Pl5WXG(CyVA8m^ZO#5I~teFQ@fhK_Ac)+^V+w} zlcb-P$Ctgc={*t~7QN_ZTHa<;^QT7Jz?m6#9eq+_PDy5Neo<<Ca%EC#5u_6jntVm- zzUv{fbG1PebGbniQ#>R)voJ9*>_pDOpb<Xg&3T@#hC&7cpte1iFsBpDE?7~{EzIQ% zvK7*sS29olDP$Iwgez1)NQ38WKplDm&@iBpp@oSVWY*ObG=c{@4;nP<N=v&5W!l9o zyOmbYunm8qRy1pC<rU3G4_{1e*tp?wbf327td#o;W8ZGzWX-*;p?5B6QPRIH9k+yD zTfA1Bd%#hfF{rwu{IX2{@m)JRwq|iYFMc8Du>9hgQ%SwLPy4x-1zcJYa9HEj*VU@+ zU9+aitW4iw&vW(r&mdv_L(*3Z3O@875IV(nde+06r;Mx0ul;zl^J9jKlZWu71BaHZ zi%a;oZ5ivIEqB=?nXW`i%t-#aH2J{<p4!+=Y*n9IU%kG<ye_WAF8;sh+sr*bEzOEb z&zA@Jem*%tXQ%Dclgh#N@+vbFW7ubE?mcGp=6PP5Rrd6fWaGUV5{4ftddv3znb#Mq z)wbMs!X0%fOGu`5HE>31ls=ssY0%^zac0dgju5l9YOAd*z8}CtIkLixjQ?3U4A>YM z|1&W%V=Q9CGUnFG6WjMBKQP0Ib-~@;{_3hN%zMA5{MEf~@OX)U`0HDmn%gSv%f3kp zEAJ5C`Wdn0N@BrYmc%TfF7c~edynohsJZr%N42-j!T-&f#dQ|P%mw}5-pw%V^SQK{ zvE<#p(l~YxsrrKdVlgcTDqDB3{;l7aD!7>c0MnKqLFSe$S63QVN$g*s^+jmr_r<PF zk8R?<&YidQ#Jn246HDg#afo>5{w>JOmP+26@=SjFxeuS_>+P1_{wbiNc+#OqkHvat z88NNyleqg*K=56i>FNpV?F^<=T`;y?p349APv5+x^X@J>jIq0Aw;Ek?zht3z;a}q& zqb#|t?`*FAdEO{1d055iRkGzuaK44Dl>;9N4eH7#=jY~@<{__@OHM?ti=X1myqH_S zVhs^jxOxS^t~KHkmI-!s_V<OHwx9sJE(v}n1N4{}Zecm_$<Uc4l?u+tjsoXgXGd_w zYhY<$YGi3(YG7b&3EI_*%r&5~^@Q^81yReOjX|4t9gS={5*xJ6$~m>c`}n76dv2Re zzqTx;XGPqH$6PYs?@zb&UiU5bjpA0v)n|9smCfJx)6UFff%U;}hJvmolWoHrj{fYN zdFtuvtSeh@IZhBbc<q`~=b`;yEQF@|gs^@$d*a$$Es}ce4v+7}dv!dkt&fQAvkF@l zm0y+_w6bdFiPu@PVuLQ|a%G!}aSF6t$U0@k#$fLLq%PdwzWa6hj*eAF_XUS;ns}sk z=Z02EwhF!5iBi8>zj{qv_+0F2-y+NVQ+5={YuI=HafnN9wrSRqnwfq6USyW_pM0_F z@_)SqUi&qPS*=m$3I4eDs>+6J=758`Hez>OOw^@He?#&wsM19=F}Ye-mZ!4LsBvig z!9QKc;v?4^oAVfX6{C(u%DmupUW|+kK30oe*6eiMczkl*32rW@`zfzv-bLnc?COlq zI^{KWUR6K)(Oa%XO@(|`m(Jub-?C77_cxXKr^WyEEIW7T((N<7e+vIFYaYyrHI7f& zmTKLZFHu(U_0A#>c}e@e$*({D5`TBr?=g!|=(VR$?*6u8t$8FHcWn8d>HZm3Utj8R zId5AZ9+Q+&v;FVlu9gLBlJ;qHwwrv&V%$AjGtA~6gZX*ooR5C1ww1UE<xG5Ma`nxu ziO*g3O)xCF>dEwt>FF2w*EKh%g|7Vnrt9ZS_y49*OsiN<cSW}sYEIm{WJ?wA-dSJ6 zl^NI-#qGT;FS2@aFW+X~xHPtBm2q67M$PhC_16sRdLj2(%0Y+ez_n~<aeP_<WaB2v z<Ql&uBFAPMG%=?eG%@)@s#^hR`L){=eyUtH%l>}+W6y#}^s3htDFeGZ!3W%g`N1`8 zX0d`#W^QIlY6|Q$cWz-}n2cLMFgT;arp1g6jf{*9jSNi;z_%Hh7=Y)+jLl3<q70~H z4WSHqG@yE(wdsZXM|#fo&3?Q1fZ5D1POp~RH8k@tTOQeda)PUK9mA`(N-gHSw&pWC z)3!hD3TvA@C&N2~rDyVFCOd;m=2l9HoieR{wf$GuSDSvT({S%Jyu(+SB0uv|^sayP z3H#T+er{u-nWg`9B6sNjH~A4)bx+>&Nh|E<xz2Kn{h6G^<Gq?pD}Kp5jNaM2!qH=o zRAKM)q^G)@Uf-`de|vS*DZ`IGN}pMUzc>9XuH@Nw-CO3sMNyl{jwu(P?Nb(4V(5&M z&tAGFZ@G8R+r>rC)+hVww_Xx4ou%j3^U7$3M%%)PoQ_so9zOo`>%&Q|MUHn@K4w1N zA!;piMQY0R`6-b?xsVJQY=Gq;5ae;8UB3!dE4#xTRTbN~3tw+a;p<jRN2-FcN+ab^ z*pyaX#Q(phlC^Ur{O4`Z-qY73@?U4cE%)fd?;Ca3v%V_vi2iKn$9_Eb=;q1il}ux{ z*_W!vb51+E;NLz6o*1FfACsF-X}*lJ4-4<MF#GN*<)d+Sp5u<UVLmNO98T=muv9y< zfF<kjk1Ik(Klu)CykpejqLY8xjsI1eBftO0h^5PTdHECXEu9xzo4U|O{P~JdzxNA{ zzdhzsAM$nagZ>XSp-TOl+Zq=?%=OceZb*N#R$)F*QsUL=|DE6J9=sK+snu$~CiPt# zKWp!V`1|kXf7$;|_V<h@^%JyPDg^j)JcHkhMyI-Y#jfA=+p0+R>^Id8x#?#V=V&tW zroIlp`8j;rZjZB#;ObQrnnO$TGV@YPN_3MGq3z)Ol~uoxu0=04Xky7XXkreBWK2$m z35vUSR+aHDN6(R7NIBBa-w-jd5$fmZ=Nb~C;23PEW}pIT_{zcrL7S!_qu!~At<#{! zuc3i~k%1X#O3T;)RDXiFCQz;cHSHplH`ngF9r09U&zuYmg_i~yzjS}|xvr0H6}&gw z`z(V%jdY*q=Yux+#c`6$FWWybO@Eog!{Vp9?^eqlk2U{e=CbsMyUthXjgUN>zv^7_ z#??ODPh3CTUb<X>(fC92mGnK*7DwfG`6PQ6cHBAP`B?nv-P_kDo~eH==H$LQ%jeaW zpKMd+ICp;K+fa7;q0RMFW!{d$4=WFUol*C>Ml-wG$EDBnTit<Os}A~!>^Sz^iSdxP zvG#UNLv^+(KCa*M!Zq*O8pZu^jagoLuxp+vo6fEGWv-s5dU(R$Ogy{Tzx3)|n|~MB zb(`lc`!Qp++jW8Blm74e&%Y48?3N^7S$2G9-G5d^JH|pt-fUtFGiYKALdtEb#}@Q; zbja7Q<C(fiWRZcH6U%2mgDTK`v@%PvL1BXkHU$g)miSOJ_L`8=BWRz4tS}3!0W%}x ze*@(E&Qppq(@GqmDP1ow-@pRoOnDYV1APPC1=<TV+tf2kN<i0}B`4}3l<7m6y2**U z$wfJ!{9#}W+XuwR$f9nbYM>0`8!)zsLk-DKE-pYe2I3YW$ldE0ZoyJO@z>wp`DDY( zn)2Nnx)02|^j^$r4)c6gk<#uh|3huBZrqm}<EsDbSyj<hmHGLZzRE|}f0W5x{gF3t zPtRAYh0{M)MW2z6QIKuy@8nQ_qws6u>jm|RvxHLWBMgmZ<Q7i)&Ysl3c-HauwwM;D zq?(|-J^ME_35bQsDjk-{n?A{}!SG9AjlQ|YMKzP^ORrxBr>VIK=gnIY@=CnsOYzO6 zI<r?#y7Ij~=}F0QF9w~JoP8eJB@913&4TJrPZc|I!0+ptO$FVPWH(P_nJ+oF@WXwT zIXR6=i&h`VF!FVDIeYl<^ZDPiUVgtUu%UJHKLM6Ezq9^w9J9PPv%BdWtK`i6Gwj5; zqMw5cDA*tz(m*Y!w+`7SS%h@rEZ+h|Ga}ibi8<b&iOC&OT0z%KD@Fu!EJ7}?K(l&2 zu$!&9g~c&fJ%cV>H%2PN5Gr7T7^AZWpxf0g48cdff=Vo8t^svzBUEOcQ7xNL$yT8x z_VqyXww6;G^Zv4y2_9YBQS`@+$@%!EuDLAnDyQ|lA0{-pJq%jS)97B1b2sJU>#sVC z`I~HcwAW3)zD=Y}pmMjha6@?y$3xFcSxNfxalfWz-0xJMYB8Vfy4}gsYLUFf_cok( zsm9kVdhC64_a&BuQ=ZE-zGYf}JAFc9;?ucZiQ(pJN<{9IJg|CKq^~#U_l4d2zuGc9 zWHWxzq`fY9nUz>^&s|481*-#FmM?s{$$x^LQNqjc(>qxvWn?_HP)jJ?G{5}+M3MLF z6g>Z|brAKq$Yhu(8MkBl`?clUQ)X4|k3T5<es<Dt-kb*^nPMxMZ{@vgo?KXVEVH#q z98zY18u+M#Xm|&i`#*Tsuh4T<S?3$@D|uG;y+?PY_n;*j@Ti)%!|ekBtNxwfdH;P{ zh^y!BX$+i>Yc>nFwP~;$pUQq#vU3-M?z$yhm%o1e$ltZUINhuHxJz}#gY|hi`OKPq z#+I&!`=0C!&sp_HXxf|LW4cdNa&}Hh{(UDnBR$NndB=HE#lt5v{++vZD0tPG30*Hg z#JcrNy;~KbA*C;S?<|A4WB*&1-0Q&_)9XH`v&e~F@0zyd@;x8*B|g%{#bsZ_XC9KT z;(M&iv6f3l=fBPBP(J>Nb!M**hkNdOsHa<#(0$l3P*{2Hx$j2VQy5pwe6C|GZ)L4| zsm<Y>wN6{b$wYmTUGHv(=HG95$I9uuSK~&}xywlbsdBF;O>Z{5xq0g;_XzuVaPEX% z9S-iDr^4<Dgf}7zoL=!gKxE4U22IR+44RmhK(eI(dzjLa7gxGEeZL5w`0(S^QsiJ} zWo1CAAwq*;8I?;|9Nh0t1-Il;rq!YM*E0(XKvcl)0fcN(GcYqWG%z=`G%+%=0Ow5b zIf<60Mh0e4RJDsxzFcprcVkUXXeL|XQ{fDi&HgveD7ydnm|)S_$^3Hft2nn{&O0$* zqh5S>)na;Wn0Q^&*yr5w8ZPrX{#`~h9?DK%-+%nhNsDQpZ%h3Ne4BCXLf(=Zm5b|~ zPD~3()_d@;^xur-@t%59A6puy^vNxWpKvMNX4B1ojypq_bM_Un%5~p$X>D@4;CVnc z;lo97ovE+CEj>7C@zF!eITCmiSOlh3&J#0vwsPAqRaeUsa;ZNje_i!4=+4X;woBWj zcub9dc`s#Q6O}P+c)v;_`%v}uTjzcnD_s4$H_KSJk>&S>m@9J@KZ=okywa&OuKG&( zd&`hrC%Gh~g=Tu{cX<B|NV-`3yuZpBk}n(Q8Z^!_5QbkSD8j_TCdb0y%;0E1?0UBK zE-Z%}>pYro`&lx*dDBw$?A*yE1}2bNUDrU{Ky!im0@XHUXoU=_yden{+#dxkyU-7I zcXkAykBWJzA(k3BS&GA<c1c_?Z~2X?b@II2fnv<>C2CGQUY`{)StMcNrj|P$e)}xD ztUf<$>WpPH-@IC7i74MB(<m>OIKS{;rRU^5&ZT{^aZsByBS-q3iW`sk=Afmwmrk5` z-u!a@b9D|YKS_D3<q<LB=PT{IpDe$uraV`TKO*ywd)=lBz1@@dYx+B9mXxJ?pJ(rR z#`Jyb!!6ERy>&(A|GcBdyMLK`3EPd1i&mNjE$1#-HY7=}I3Dh~Co42CUDRuzDf^SF zr8CSc4Mc8h&doWRdB#0-k-_&fG4+QI&ydOX6Ki-~Rgvnth(T&S4{vCSiN}sfJ3np- z(EQ}DEPpF!jl9dlyUG=T(Z|KWc^-ECQ)Y2dI`|l-_zL9v*>=G5J8Ql{6Kl3X6LT;m zzY8)n37p?>$>DLNOY(!=$xYoDM>6>%bsj>44K)qaLHz_SVFgdnRpoi9B?{nt4H|KS zAHL*XlwVo^JK}&@n8!0X$Q{zLj{slOW@u_)W?%xkg4`IC>y44Q22{7OiAf2$6k`P6 zu)xn?(8R>W1iETr?F*ISFCyljXV23P*N|!7cW3*3iwQk>HqXKrRD3TzwCLa0th{dw z{u;OMWwhnEOy0IJ`LBpj_I~+GuMB4^)?GBV+2!%|Zsq;WJN^rORGj5~u&b>w(<?14 zr@zjoVE<Z8CAQB`4m@jE_sF|{`^>s2%=0h1Pp_Hjp&b0eVx2!%ezV?1&+wjxl5My2 zFIe<eGZ!dImwqy^`PIMf?ycn2uf_Zi^$B{{o#%e>e`~qkmrd1P4}64Fc?x=&H5WV# zR(T_Q^PS{=fz4h$_MM9p1MjVAXP@#Vx$uqNqx|R@jSo9xOe%BA-dj&ds(f~P$t-=f zqZb4o^4+^B&?okL`}Y;!k3VH%pV4o|G4=T)^J%<hrSpFC6>XHAy@&ayC+m&IyR2KZ zt~tJ3!&o+zi~q*`t9ymyP4zXzb1uy|xPmjKJkQ;H*SR&3aT#;#i>`GZWpmWDi?q9| z_EqJi;PR-&J`VD33ukU!ZWWl<W<9UAXt@w;MdVw%zzR`r=KkIb`mCGms=Z{qi&=&K z9DDU3K)A+va>?dXCC~fh896Q(T!}6;+rqx<pn*Y*$Mz=c8Ov%Dx)v?gY&x@RZ!?SZ zqGo2th1Xa=N*~(xVMR@wwc830t&Tfov�%XDzjr?0;?XIpy97ZC);o|KD#v5_P(w zbU{7#VdX!G=LH>W{hr<IwmNoKJuvV8o|Lb~&i;_1kHjWP<(9~2)!UvvVJvRo=r|!2 z@$Kd8Jmgdc9&==3WC)dySh;7@ihv6|8*fNuDyVC6tVt}5>B{@j^fXid>bEfOojZyJ zA}=dWuY2xO_<Pf(gte9{xL=7YhP8eS;EQ~H?m^_sT_;7~x6SQuY54Z!<-`eh#Ahc- zyM9QUdZ{M=&@1cr^5;)qTc`eU<%SdM{?^vb`lZD3`v1-PR};0BHj4B0f9f)cj=1rM z@np!(9cpK~I*dDgbX#ni?!TKB&bmuy_xB^)kNa6S?K3=~R9rmi;-Q8mmX-p>%1u5t z^V>Fs&XC=w+18^pd)}jL>u{^40^d8F$2(7RvHRw{i0wQ1{@m*0ySHllxnA?SpmyeI z(J79srBfe^F8sda?Ma>ZrN95L(O}ZscfES|<HG6*Vwc(D+=6S&*`0bWADK4i>ddWL z52i{rc&ziWWIuPteM!(%?Oi*5uf1d(T>DhkH}~qojmMqxpE;<T#w^y@&ffdH*LcEn z<@vt@=2YgmUELzOd0JlGY@TUWJA!oWuSGxn&2gyZpUR5GowwFxJ(SSexWYLx`m+2T z>)x_Yx-WW5?~5Df*arWuKJ6I)|IVTdi53s1?N}4rZGOG<s_}uDg6rlw9xN(t*~jGQ z6rZl*G3DZH^?mI2J9qdumIOYm+WvN~@}qqZu4=Fd+ZZy>yIYmhe~ew?Sp7ZsK6{OM zENthOhM1J^ebYJnrMUC`=-cuC`sBhFopqR7m!x#-o`gEMc!qVDl1eKJ5{rxDlc5*M zLwil2?kfWWBdBF&f+(qD4VqXZ4Vsu8Atf~<6I${z@Ixw@{rnAO!JSzaE*=plh&2k1 z!Mc_f#)f9b#zy9_mKrmUI7}LR4Y-0aq+o_L#|#Y&4UEhTEQ~C`C+M3XbE$40p>lcY zEv~6z0gtDCikn+z$YxYE`=dbF4u)A<gUrsVxNn#*k+Nsjw_jH)Z%jz?QPRI>VSDYt zikC7vw<`o+_GJW$79Ia=-2P-iEO*R<aCR+&uV;^#muvV+OnkQgYS7<8-2%Jk$BuM8 z{-DAArEJE+?)K14R>FU_+o_xPDLr1{uk}7*x9xVz!+ebHGh>DPZ#(}AU-<Ut+<k)X zYSF?oR>z8UZ7`P!pX>U+W189i-KW^A^V^fJUogtL7MsKKadV#KqijPxO9pk3dlm=Y zNT#(3y_j1hCY%y<e5JX}-zI~%EfTU{*2VlU5N3G2@vCu__qEU;ti9fu8@_JVFpCj6 z5?Jh;&Hd4Y{kFK}^*b8X*<a^>);s7gt|jpK%&8Zz|7Ne&n>AmzDUan!5aVQB+qOS- zf9}6`l3kYley75*?|T<4pZa(Cvrd&8XL?L>9x3bJ6p~Wh89Fhadt#*|&sv8L?t({E zm-udEc<gQxwiJkXc|(i+n9%Kr+n20E1>9Lh)065Xl9##JbMl24#qH-!s#1U7@Z$DO zZ?-7&DAfxbLgiQTIRmEKo{&9!zsJ=e?AYa$)oGs(#7&!X_{jUiHQC)(mGzrF&)Yug zoWH=pyLIQBDJqrywb?6OGx)VHe7q%dI&;S<&!pTF7m}0iCh$kB>R-5rb!pn7^U`IT zT2eOpSOy(1*!7{un`y%~;_g>+-*NW;)BJZoHoejJ<NK+)q0c7!umO74l9!EBtIebB zJ1-+6tXyVLP<AwBnQ+J<DdGJiQ=jYhYaW?Q*s(Cb?3b9>5)X5omlF<sviZR^|3>4} z-O;yHb(Sm-EmSf3c7prUo~$2}*KA@x6hHs=nG;>B_GRTi^b|N_c)elw?h`i_@uh^n zTJ-hMN<-003R!RdC^2fBZ`;uzxAKhOQkzd=o89OBxzwO|<n#si0>_1?nk6}OazDkE z&*>5ozG5ab>BCbt^E=C)O_*)bACoQZ*5>RKZ^y_U91@#a`@O4p;jEA-c}-^#^+T=v zTRW<ytfy?3O<2Bl&U4Mo@Tl37tDFs_nXf0Ea9FnLPs$Uo>l1?+S15Gk&53u}c{-ud z<W2tN+FKs+ueVItqq|audyUN1MHvbWEZ6>Q?APDzWytH*CiD7{nWoy;TQ`n;Dos3J zx2`PNtI8pDa{CXthMu;kZP)tw{sikJybw#2T4d*3ebzD|B<t&^PBq4iW{*Y2FHW*d z+$3lsX!q)Zv!p!p<Ow|g18u{<IOaV(y<p$#lgVdu&pi2Iwkl)p+r6>V3tV`&@tNLv z$P>GJLEx0rbz-jt^%qZaJ>gS$bI-|{LE&!t0q6IcW`401J;%0Ghu`j7<E|;Y5AWWe zT5+kZ^1r9GR5Q<qdlhd^eDd{?y4R%n<6zXSx9^^*$Gvd9FjppUMaF8E#}~S@9{;f3 zeaH8D%BR46&sMFDdTIEMZBOxj;Uup4$9GN#m&@?YBPl81?niuTMM-K=USbZo4UJSR zOTvp~7Au1$7Bhn;W;tlF%!phpv$8T6<RcZ!!LIOKBf{K{DJhWdv7-}gxSd;A7B1=v zwOb)1BmlO5#1OF_1yh}~Be>`W4atMnqks+{HL(CUsErH^OyOMmJBUzUd;51O<7b~3 zSadBP_(i{!-;=|CcIz+YZRhUI7Brr|MAN5s^8CGCdnUhSmU`TO{%LMN)V1lFQ=%F+ zcvjukoBDUhsr}{_x^i|C9oH6w9sl5O|H5cq$*B_)LS7z==dYMM%fW_kP2#FJk^Xt@ z3$p_5T%YB)o^|uG!YOkKHwPqe9T%Q!!QRHS;^m4=HHitUeKz<jueS1UxpDv8{D+zO zyRSQ4&vtooeC@kj$M~YCLJsrIm8nZ27fdn#&Y;hGXj0Lw3l>GUMOL^TiPfszzUA7H zcWcfHyKFzHeb<>m^;hD~%&Z7y!R^b9`@>2jzn;~+?zWvvJ9XP-r+m>(JF0)be;FHm z)g($C(%@{oW6*dLY1Dr0-WgRUThzY)I-(Zxo_X&BmD3?o$h~eh%w?F3GeP}oWtPT? z2913UBG^n=SiGc=?kS)N<JxcV@Z5&k4_Z|ZT~mI<KaFkDT*n!6Znji5-js_LVOKUw z?cZ>teD@m19QTCgzzsi*Y@h%6rY3y6L2T*%s6XxJD=Iq`XFc*^=V~+E^XXpTkxSFI z->LI^SMXQH@-+`rponhYUa<!U@4J;gS6Tb!i_@0Y$pr%GyXLZ)dP!W?t~wLww6H4q z;<Mcgk7^$>+b7KXY;SU1W%Y7SUWe6Lcl)~zfBV)W<-{6z#r5m_<w=Seq6*G7GoRP& zRk^WpqIhwKeVDYNg~XOZ{#j>F@XhPflYZDUqxrPF;YSyrV=Tp<WeNPpf9w@+$kuy# z#)mIzRwcgzm)_NR$!c<;lcwBg5|66Bu;+NcUmNIz5GDp~=<Hr{Mq+MKYEf}~ep)<e z{Y+|6aw@pkiPw!cGBB_}Dt)}+r4M_sK@+>bK@+Pvr1arrSbWQ=Zpp@Vx6n(W#&t-= zkZY)+vw<V1-_9;<<(rsNl$oNSQJk8pkX%|+l$uwfkeHHElv-S@kXWKnUS6)3oS2(h z1lmuR2p*7u%4))v(Xk41I$9W+n;08em>WWO%5n({IXWvi!!;@d>pAMdMhlpQ6`Y~o zRme{Rugn2?7hHTP=z=!YT7XM2(9O`G<Eku8K@*F{76#_VFs{Ln^AMrt?RtjO1?Jif zQC?O#6;o;#*GtKNGrhX^_Gw<1B0IHB6M}XnTWdt*FWsCwW!dMuDLkRyzCHh>q|^}i zFzMJf&4-OSpY}hkHOdNEU?ds&Prm!QZ9-eCO8#TP&E<9q(@Yh!H*?%9&`bH=GAZ~P z--ZcYU60#)*)H#$!1rk8Lg_ZXTeG-!b0-F{1$~@XU-srS{{=bT^D_->WsbNCM69`X z`Nj38uZ}XZmtPBf#$4a!vD7!Cbmz-G^ZX<WzZ!YZ$xV>t{(WX{>7D&*XZt5tSXLIt zsq&qQd0j5Vemcd`y=e04fWxmj%Ti1(S#B>A<m4@LJ+gA0ZPxm&wW<13A_U&V)U2<2 zv`ymXh1q^lp7&R#ai6g{R#CHjj_l)eeZl)!?<MeOKb5*||M;QeNzH>FU$f5%l4f)X zw5e9Te&lITNUSRRDKUi|Yo9p2tK#@KGrxJ+M5YZnW}#WnYrjr=cB=8(^p8`TU%uV2 zF<U58Zq4u5l}Bg1+!7s8wa<2ui&b*u6>img(*Ap&GR`}DN%QJ_aY?TH{X7#cbH?9% z++}*EGRjxdeA4zK2iLCuQmHa)6C?M=^)b^vHyHhnv7Pa8fxXwgee0*_-3*;2o|iB; zIcG=m$#sn}5~dF(?A~YNZ?3en?)CY3<%-K}EgFA&+%mM)e%$%>!q&ZY4+4$|b#7Lk zC1BWkdtLr}3uB2gK}apo#F%5y#F&9)Jt7ZM-SAUo4gaRCKPnIWO6ZV2a?_V-p17nz z<6~&)f7_t(MuP}8H47WJENR?0<nm4vQn`lSmbV3YT7kvPz{J3ajU`l8fx$q_Km#_{ z%fu)q107l}$j`}4u0$)#(27a$`4ba_)+?DFT5S12@7~L;FDq(1_Sx6EPKtYZYop{J zF`M~YqSNMOJwLoNw&Ml=+Vjf%_f)Oo&iF4qxK($J%B2YQdyCFzwj>z85a1PFseGaJ zX<zlSdA3EuMaExO)gDWh=lJrEv0ml8woVA=y+_))la5*Xi@ma`t8%;In&r0Qb!k)B z^3@A!GK7u4%{BOtuWqTLtTo~91WnUVlkb}>J@);_`yT!zubOq2zlQwi-8L(%U98E< zcy*K#$M>dPuk;?c&)Txpbup{;%{zLo4%V;k)W5KPeesRj4bvqCN3GU`&)ZzKRH6E( zoEK{n<1&rXgz1xb^Xz=hop~pT&XG_$8#r@;rj$*5myvO_!SPOg_Zj?)nU8(@xaPjm zhntO3Pv-3X)*$lXqR!6NuQwKNJh4>qsf_UScYJ&AYp#565*&T`NtSR6+cqPnBSGtw zF5TIr=p=Q^;e+PMH(We1k1p&w<8j%X>x>XrSLFs<=K4(UFD44Ln@wKzd8d4}`@2~= zU6hw)#|PbmoPjo*azsBYRleR_^5m)B$$vA{osO+OHgCg)Xp5z@1MbyH%-HH`{jGA# zi|<m^Y|Xzfbl=*2e6Pf6j(nSjYzKQu$z7>k&-Pu7xomd*y+e>nf<-!u;hX-?O~>x- z4E=0vI5FzZRu0j%WvX1f)q3rZc$Ts4Q4`2DpZn%+MNdt`(GNGvJuZN|0`jnGIkl)H zGcP|kvp8NCQXMD5mfwKJXKdhAG3zvgCRWhSk}615jN0S@O=Bak19uC8O-^$ObAeaZ zfbB38HxLC?%iO|z1_lO33MR(JmX;Qv>1pU_4zsWbLN#dS8@wMCa=N3jp@EU1fu*6j zA$SlSnTv8c4YlniRIyz-!^x#%Kj~Y&$UN>jv$A9z3{w8Cy3Z%a7Ck?p_0`$l)z0bn zHvFn<m^QDaVv@(T$CmHTJ&BB%{!~wW#;eII%4d6hcwf?>``SQ$>&@d0bCT32c6{*a zynCnPnaIzp%=-VQ-rhU^jm|F-(a5P>$J}c&C3Y@n{&}iw<@w|JTjE&%y*n7Rsnn?b z&0Ebh>(5?dP2aA~x?MEm<-HF_eU`4?`ik*Uk6ucBO8(!)s*}4<EaLO*HTfX_Cc;(E zWK~PR-shXVgm-M<UuO}!VWsr5;*(JeZ>Bk{TIsvYglTO{-6rLOzqO8~e=*s%VQQAK zf1%6PwFfGVJ09$RyLf@fmN}doxE?3$`|%^K<81WDa@Gf1i}McFy6N?Kt1mli%JuiD zZ|y3r#hS;XGFV<by*7DC(xIczzW5*eIbW)`$y2iHRHU=j3tppxUwnj_^YfP3Pb@xt zsyJUrq5Iu|riy#sdWSp@%f1!+rt(EyIwsukPUyQ8a``!H9=V<g5AP}smwd1_Vy35= zp^Y(Pu9(-^9a_yTZL@zST$0b7$b30r*;U(FcgrW(nl72oANMuLC3EM2U3bpc-mkfN zWKElr(Vpt;iSMg^h-Ykg6danMyWZ|l^NpLF+8++2+-~olcxK{jmcM0Nrp|gM!X|yy zM0Vee|0OcPtur4)26-jE?U<MC+38lN5Owpp*VC+bmr@0xQ;DFhr08Wg#v)zBBH#BD zeZDR|Z16&#<JILtr6rRxDoSpmoC=Ip0hWQCI@^$2O0iNAcGe;4yLO#9@mMPBmEBLF z*J1It0p}jP@=#MdUl~?6QD&z7g@qGkbol*eOpOfQdqL?&N9-K)KfhBBR`hhwO5l8T z^_OD&g_6|g0Y~@i?d0ZOyLE&3GNGO;NfoccvfglAayV?mYGCI(W&3<D=F7F}-rN4U zockqdES0;&>EhipCr(@!3u^W^ow8XdwD##Er`J#BOy)e`6V1N*c&^}r0P!ixE4Fe? z;@?ztFhR%SjMTE||DSjsuacL!vtz+z^?S*W>lNo)J)QUKfpAvo>uE7b6Q}g02XE{A zA;ft)KPZ~Hs4ZYB$CcjpHc|PhDmRwo&pNkc?(E!4o66YQj)id?ea(5x?2vS{<Gw_# z#|6)JEc>x7>d0Qj@BdfDFU%>kOuP2VC-fnM@oeE4$tUwKFe-4G2R-NUw>!J%Yy33z z<qAwwALzYccVv|p&AYbYiR1%*rpXNIMMt|YhRDZy9d?*r7rLzGpfQUGqpYVwCb#6| zxp@&v-yL||c$AYrTVAR!3tax?#KMm}WlG9!L7KXc7CW+sWzM+7%DE@=cvRxq{>B7R z--f#r9@QQR_|#*a=XLzpvj%OO#yx@!Vgl;dKb*C%JX5T7xGs3&wY(o+KOesk=-cPL zH2RsOxb?M0&O1tX-u3M~(jWXVeYf$B4pF!BZ!=B*m-4!OK3DkgXm*<u+fGMtX%1WD zoCrRs12VQ#P?VaRS(=N~uaZX;=3WL(tZoKP%zBW*oFlhK#BJj;u6M}o1s+xg14pD@ z70x3;WDKN0g*r2jF!GTg0TBB^9Uaj9)1dP}3=NDy3!6=#=YfE^)Ubk334KK9{>u1& zj(6{Vo!|BN+nR?q6|?r-_)uT9z*y@}uR`=X-Tdd1Z<-ZkWt{H|T-+L+&ayy2B|lc9 z>EQJ68y=d%+aB(l=zG7FCs<;ZoXR5q{tt^<xle!5tiQA*;+>lB$yF<=XWjf|anB`O z^y!bD6E{5`@rtR-%AII#Ro%X8RjA_`W+iXkiM`#=I@hNifB9egrOldKmo^`Mm@%jG zM-@ZZy)U6tbAInixtr8|pS#@Xb<!ENS+jSqN^17m!d7K)LUaFHHs9$xWsVqXUya`r zEF?Z>X1Hcrd7`2ryPm4&T!~NbK5G~DY~5wa?pgllz22k=ti8JW<<;+<_nYpXb>nC8 za-B~X!ry85sm1qC$l%o9@#7BLOTAfkfy*x{9pPGT;gPfX=l|N(ZQ+l1U2Cl<-{t(u zqyF2Ceag9V`!Aa1M8tf2w?r~T>MQf5vS$x__S$T|?BV_B#E<$(E6UvFIHlSxkvquF z9Ob6FWBTXqS2u+!zTb7nhhh3}k*Vs&`(HS_yIta#DVAV8tM1aXw-&G7Fv{6@gn4ov z_c3Rf*THw7_+ft9%OZCJJAtR%%qM3#G2|SbQkQt7>wbNc6nEs2NTc%2dlE9kEdOp{ ztJb-eVs>+{$J-Y9x}{3}T05M+G;O~UJfXr*SL$zLzRPuM#*%4H4;UWlWxqQ5u4v8f z{r_IATJht~w@sB@+tMLj573M!q5z(IAblB+(oMCmuB(@&1_`R)a9xv(IpTy~q9YZ+ zJm7hCMuyGdz5+>pR!`Qv+99*vNcqHOsTWg5MetHRyHuYL{sw%z3ghs%D6mP_0X zXO9Z~We8<WY<Ik~Rb`&dksBv|7tGVInAWUdcCUs%Q@CSkso4yUWykKXIrli?+IG8p zyFR}*ak#Ol@oR;>{?(;_ZZ5hK$HFJR_MhX2r<;m?xilF&z0i&L9@dj&zsqUE9G;ju zy;QZBV1I^96?F@FXX^IuknLM^WW(Qt3kFO2POv1cJo47`Ue)xsd=_z&^d}cAT{$Oz zd9AQ)-7yZ2jdAI(136S*K2yyO(wsQwl4UVR_`R8ITcYO*usuA)uwsXd7ZaDrg@cZ# ze)pIv);3vuS{X7?(sc5a+$^i3n=b6`Y@7UI_DO!L<yAWteyDK!^~YTQX;;hV`~O&O zF3eb<ukwg<D%;hmryi<IdtLKwGVAWQ#V>U)mReqau5$Z^U%YewybB_h`$G#nW`-MX zne)zT2J<un`2@Ci(#roD6O^UglUkRaku+(@-@HcZ@%#_f9&4{M-b~-NvS{)v-L$Qn zc094Q+4SD0=hbWW{i{u9g|_XHShjUV+?M8?>`aHt^Y45-oSD7zVJ_#FkE;U8xT<Qa z#21E6bDC+$c{f3@m(`%|S)bd*xgxiYi$7tV)^kK<tMqvh_Dv2y7SD5R+rx4pd)f)D z29v-0-?J^g8*#MN)~^5GJk1B&c5r4$%1Aha3t(MnbGo>Mz~zs~+r+*h%HwkeO{}L3 znwU31%3~IW8Pj@@%VPBQHFYn4glrSDFfcYUGX$OLVh&oGW?*1!WNK(=U~FhW%gY~) z3<#CpM<bu-m#(t&p0jnwnt9w$e%?H_I<|kSr9jj5^??tpA2N7koxk;v%~^2fDiKwo zwMs7-a-EN?-0@Vt(>r}{qR0EcmmVZ^Jl!dgpmDfdd+i4ERp$3nBDLJYpLp;5VP139 z?0Lh%ZJ)2C&z|<;-1TEz!56YUr+r?`&06m9UG-_f8Uqmp)yMUvQBOU7_*FBrv;1mG zY|r~(ePqe;3tvm@mc~kPe44F#>Dw9>HM>x&B#oujn+(?fFh6v0*ENg3U*3Bfn9o#G z^k`*V`Bd!roe81$`CnL^ooTM<ANy4)KkKNFSb})yr_{7%%MB)49JG*aV`<qXrCJd; zcm0`wglod>L2r}gb5m;%iAt25dRUjD*;8~wOt_ZY)9a&#v_eVtQQNy4R(WvR>NQO{ zE0uavyJObOJrZ^E-_@qo*zKLNqw(C?83q*x^V2Wvi+_;u_THn7Cv_q#Cat=!osj(L zY241or+(E3wAn2(k>KIX&=8b)@^EL2o%=2$dx<mAEnh!pmmDc7dHA?{f!E&NH2qg= zO>Ze&?r2K<Af&Wy&xNZ?-mDMlP*t&6p1ZL~)7~z8S$*jGJhfy0o}Y1u33O@Xs<`KM zE_A=_)tlSH-hU|j&t187{odazGbg%D&u9=aligguTXTllQiWel2}#CF-dx+ozC7>f zd68w$uT3(!(fIX`Z0xESxo?Yot#^Ef?s09LZqPUdvw#kQ43BslcpA7vhezxUY>|dX z457m#pmE-U?9BYK)S`^k%oM%69DVSJNoH!XK4@KnE|^!T>u!WGor<V5CT1A5i^_IB z+WK*gnTAO(cTG~qYqV?%9%5PH=#{QDsj(>_@8R_un=P$BGl_Br1ishZt5V(3X8m)^ zo=Ke3c78jsS~-EOvPaM_@KR-i@$b1F``$P@H_F$!JIFk(;yAUcyL7F{kwY)iY?|1Y zKT~gtmUzaWcQe4Q%Sl4>*p{$AVFC+S#rN_k*MFJ(c8*lwzPqlD`zNYwk?(mKf4*9A z=KQJiEv?*Sa(<qzo-^UB#>(R>LwB!9GD$KO_7<@UZQj||J89XmFYKxzXT-vVyqYRb zh};x!Qqzr9kgr_#?@ED~*wp45rk4MMVoPPjjtYmKcRy2_8sv5F!-nNgxTbOcUVG?~ zYRjg(PxjVD=FI-^;l}e*pI%P4sO#K!=C`GIqJ7bAtBE&K86{=c1}q8Zs`1`4r?6Pd zHBhqkOy6Jk<t0;PS6p20C%!RL?a-=<@aUty%b(6;6`yiyQ~Ux?iC&YJYB?Tqt1>3B zK5QzEntg{onj^P%?)6^9n}0+URvmJ^Z~vTOQ{a<BKUjBGO7)n0o)`VZJUZL!zD{_T zLzLOByQMB1=1v7X|L(*oE?C@kV8Wb?TLI5p1>7sP`CUpqdD#5^L#N~o;pVQo)m?M; zv%X3VHU4fXa8yG}u}Zq@h{{iU(G#;o6~2ZhO?#U=IbhF|RTXP*p5{tzUzT?8NaNyi zs|Y#ncg@{%<t_y+IU}3DVMgv0!>vCGx$f-zQ)`s)?DhICMsS^=0Id_!Q}ZD$^3uG_ zvecsD#2l2phkR2I)j*Cx6KjS+6LSEh8bBRm0Zq0d?*a@BHWV`u0kyojgn8Xl^C6S1 zo_Wc7u#172g+<}wp)ku~n+;72j15dcyMiHG`Yn;T22`?!P|3bbG<3n@V-Mte<|+nU zKe$gjdh3#T3vU)h>}8Pl*`Ih)MAo%w^)cCoYqqZi=2)%IRr#@}kZ~T{*P3{_gM6W< znrB5Ctdl%#;4$^Bl6mhJuUSQDc59~|cp%2`KtNvGknj4GkjqZS3ru9?T+8nIpOP?t z(<)je$?@mv@i`wpt<)1(Iq8{ggzZYP3>*DYMTvTi@}&<G#kVhe`9p5z?c%&IT#FQQ z-rZW&Iw@`ax2o)>Tf3AvO!?0{eKh@*^{!4^^^BF^lic;io62O@Uf5KTF15r`CXhQl ztog4+EbqCyA9ia`lfPGO6!cei_g1!rn-t@gUYnXx|6%65JFXmd&o6QEnohaf;1@jo z`c_UCg%mMyW+tCt-i&)!R~7kA&TZnmJ!kLvEuUjzL#i@4r(L@(c(Av0#g_AyC(haI zQK@;Bbn4;W+U0x0Q@Nk~Q+>NFQ{aw<l-piL*$dORKAd5Fz&z!e?UZ-i55H=x;||+j z*sZMT*w=Q{JE;0b;cEFV(Ph@nQP(3F1CRMQ-mJgjm|nC<<9<T(%6TWM{{$BoMSh)J zC0@pN?)%f2o7|x$i&jN%%?f!gd@B6S^xQ9TZ2GR<5m%JOCOr|$(@2gqxF5hcC%IE< z{%!FoO$FwMRp!ldzZP}MZ$)Njk^ID*+jaA#*B+NIzN_OenfkYWvV(x$r4Mgy=ILqJ zWvUq;t%kJAK_e%4MoMn&)?2lKXGe!xU`b3a^W_6K`m3&?jFezifZA|JIfM(m`I3o| z!LZ`l@vZlFOmR3_cw~j?8#mcQt)Dd_+BR_i>Dy%4?-IH?r6neF<%L-mHou<An?7}U z+)z0sW6AC#^KBoRoHcOk4$+>v^!<1HnJs@!pPe^6b|-89^6SbR4`;+3j^Zd=xomy8 z{`Q2uE^b-xr~faWda&=s<llb{x4#J&6m*?!@KLJ6@}R%Xa)ztN|E$h!P%2o;^B|T* zlj-;A1rsmUTsvGBaCL6PK1Yk!J4<auZ_YmH)f{=?R`6fr-DVQATlq!rzSCV(HhJew z#$FGB6~Dh)w0*qIb!>0TVr9pB*UIx-ue8bpJXjalwX4^z?9t9s>Yw80zt4;0WxJs* zzT{F(_U?EQDUW_BpXZz1W%_(vwH4lZ+<$(Tvrl5hEr;GoYJ$Ou#j&sVK0o5CX`c9c zjiqk7p4hdo49%?z&(xP4seQ8DJMBHQYeMEWo}g)yTH=;1-nzt2`{tP&((bE1x!m&q z$^7Dj$Z7k}&G#-G40*i$1(&&Rw?ZVdf#gD+6MF^a@2@-Qb@a1(T3XwhjEVnmJ`0xN z?~ch#<x)E#XL2|;u=@JSIcy8f?q2PjvghU#U7k439FFNVi*0Kr|F>T#vi$tk*w?pj z%N!}Y-?4MAE9+G0b${HleAatBKDUnlQr+ukIdl9Qv#L_o?6$l5{B)V#(d8ZoV<zyQ zK4JgsnbE^u>HH<n`fmKx^yoTQ{7(m5NE30k18Qmg99~*8#~Cy+M;SCRIYCQnl(pob z(mDWX^u#LwX=^yr*$#SnsU?O)9_IjFOm1LoU}<b%U}9uoVhL)eBXbR?ZzG|_Et@z0 ztG}GP@x540_)?zSvMzn^{VBhF-gSNWtXcE*|2wS*FJJD8PEndQD__S-Ei;gHrrMpW zGFgSkX4T5gy<3xWtS3F)%kD?v21)gmoIJ~>?)UED`4u|D`o;^Th2Di0m20L?%G}&p z_ewE?ZHCCS_DhLodvevo=7qmIa3Jij(fK7e`wl5z?_KfvhU%K>PYNu)Y_r-j*Lu2| z^WuejJR^&IlnvS$Bfk0VlgS86TYuIu_QYmitx&hs^0(w3IoRGlTf1{o!yNOwJkwI< z-ckCV(tSVip6HYy(FL_ZC%soFo;<ek?dii)6E5<9SY7br{%PO3H`jixzPYzP<kQlZ zmA`IYD^t-ZhLmBTd)g4q#0ABkGc)eAMyEcWt)U-2f3NW#b`JteTaX48z~vJoBSVJ6 z$`!kx_{UamX5A{jIYIdKu}QHHE?&<1_j}*$-2KN{b0Zaw$b8s-t0jUd`Im>-d;g`} z-@RshvY#it);&A<9EbbsAp43r>wVY#xaxm?)(kBHN6VlicW=(-dq0_R-6p+L8BQur zIU6=x*`0lP%j1aX>6bs*`6mT<cHK3c9)I$s`6}zk)ag@<PHvuWXO$Fj)N^eTU*S@t zRr<#|%bXpAh0|>pg{TUg{%G~-=C9kHVY`?8TkdFj_(4bF$&Taq%><NYM84YK^*c<g zIB$*bccq2?Yh|l+UDcl&9E|&POZc>^Q{Ys0=AInIGbK)MgZ~?M_w$D{is_$U_U>eX zlE~h_`*OIM!TD1M+K9?bNzH?_q6$irax#<Si&K+J@{3?oR`JN&KeocNC~KBM6Kk45 z6SE&AiwbZtIyEpbFuE$AcdG%JkJflM@I}h8p~0{PAY8(no++t$;0Bf<X!eykl!aMX z5iX_>0Cp2-XGlqY5oDQ%v!enyyBeAp7#f-xnwuIMgD)jR=2F`_LhY?>N>lzU@mT-D zJ)7&ddfAgt_FdLhUOI+aJ-r)N9yZKgQC`-fwrx$L6EDZ>(1_htKlY^7ep-;*y~6!v zQkk6KI}VYHn_R@cyt?p9PCxGU>0-xqdl)u&X*+CM^U&J+knY?k3unKPvXcA2vH8Li z6;t;4bGDoe%Dv5gs()+rhvv`z$90#USbKV^!V*J`@QA1<z0$K*&*SC!#AR%$WXUyM z?{jeZP8Zj|EvL;C8Y6XQ<>z{MB%boQAAE6r&>olhtM#*+i{6(u++s79jy-WJ`Izt7 zHED)tFW$3j7chIcb4k_vgn&(_Pb~|3V7`8}iLj;W3(K@8Gpbez&6pFJ)@HZ%<Azgq zZ2Z+91ij4{xa3x!UeQzd<?7anW@kQ#9@D-TD86yJPk`;lsgX6TwYrK|8TK=#FN&*P z7W3)5(#HwBlW(tb2~0avTgLo4YlW7D<n%J$?5@P0d%nFZ`&*!WSJUPPmt3@yOm~=m zsI<&Ny{*T^p8Z&5GpR3g8{@&PZF4*Mxh<xIym)nIo~`PhV70ebS6i++>fjTydefGh zH-B6&x-GLOcW-L^`wmmBH2rtqHm80t?yZ^OnCZsvER*?b_SOrDS!Yjq-}IT_wpuiD zp?ip?Ub9BL%%MfAi^Lh&`dr_1KQgwhza{DNB&q1|eWhcc!miwnpIY=bH~zZ^bM)V% zS_{4vE4K(pGd_ouRiJTD)aDVErFMwI>~Z0Pc{i3j-Mn2mF?-77*M}Eh6j_XxZNPnA z_g{CpHV96%SnC`6{VCt{5XmNw_K==cDKl?G{p(;n8nJZdM&%IY?OC!4;ZGTp9K|nl z-Yz|z7c!yrpVa(Du0waPf9JdqT_pNMjx)>F__N}yXQFj$1F!N5ysdRQ(EskhERL&= z*JAh-GxHh}`9u%wIDgbrDCo>St20;hELiWE{*}+)(U392)_1`vhtx~OHD9}La!s|r zVXvGkbx})2@@DI1@%I&ZD<du{Up_AUwn();c4KkDg?hH>oGqFSiL$@q{ui%V@VIk_ zOrhwpdxrHwcOK@>UjO{X{L%`a)o#|a&h2NFi1ih<5t}6$z%pyoto+pOpm>`I77f({ zX^Dn)J0Fzplv>evtw?<HQD#F^!HSAS4_+Gd)HmFZxNoydecGc2libHME~luk@u<@% zk2$8AsQROoC-v76BmJc_SfBjhP8Sn9*0jS&^5@T;m3QRNzFxnY@2>Q1*C$oanI27z z{ge42I5Tl-X(e}D=raqMDJvt5=bb1lsjLs|+;$>shrx*~i^F;I9-522Vomai7IJ^P ze9PvDu;ZSe>xD8n4GTZy{_u1EeXaG~(Fh00C9=zZdOMrn$%yhl|N2l$$-OP2H@}30 zNa@R5pI#U;q3@=`++gkc)%}lN8SDu#fB(^aYi*4V%bSe3TRdF^z7%=Oq&)xgEPKM; z%-YPq3}H*Rui3VC`zbrd_j5qSDFbXGs-!$Q5w;Z<G`fP)hT>O56ws~)O{|UvP0X5* z0-A|uA6nWn2t+E9L&A}Y<Pb;Ca7RB~XGhqv*GSih!KS2yg+s!f9btQLk?s*QG%_$V zGB+?YvM@G|66ZBG0B^)KHMKOgjG~2=go@@3thZ0R?m3dzrTD(jcTORfd{DvL+@?9x zk6!ojbM-v!;Ivi9BuDa4$r8i(R;KB1oQ=7HFU{%c+rFdnw)WMmPkm`e-f1(kPr9=C z0@M9~Z=vhc_)b4?PteykvNR2{(rErsEp|*|N76NS)rsdmNDBF`P5ye>zBFF*!$JcY ztpzidiSB*(SJLdmqlwP_zfN5fQ1|qCfA`?W)`HomUag37{*&95U;NVCb>#=M<7YZb z<#y+={hys}C;ldJRbkCB*+t(yUy5$ExwbIztKfImeA&N(`z{!;AJW{w>8Ez*@uC$I zv*Zs=bnS?FI%7xSQc=m1HKl@Q3QGKSXUk4>`5UIO;NR}HtP{UtxFhZy^DaBFTIpsn z|I#l}Or7@r^OTz2Eh-7tvJF<xl+Ecg(n(=ZOHMTNTkN*ozIL<jn%oJCrY<^n{#Mg- zb`!~IFLx-e(yUu%v9C|lOEIlde)Hk2oay(jU14|otaa;|l6k`E#%=ry_+OrwTE9PZ zB5T!oThRmg_c*68HeWZ9KI5?T!;abMS7%JLUfxnMRc%QW#}Dn2EetF+_jic&y|}-! zHz$3PvFw5Em)=Y|v5#}VjwWk9Q}(>~d-iMXi9Qg}?^saSzR7nx%gUC;M(fwT%NFn6 zwDDig!wEedE2ev#JK=l!Gu!$2EH0;wa&qPReG8sV;$!>6s&q;1p<!UH(H(wB(X4Es zXh5)NMrta;c6Y>^G?u-eCVTbi)|*VpEn)}PEhq?F{@usj^aS^H4cpGbo2!f+Ux`TP zC^8(#agwZ?pBb&-bbryMTSsc9d-ra5vF60PrI{=<xh5@Jt*$5K+ql2wN`c&3_kVxA z<{CfvwDX87ha%Ul%*^5<-hC$jrgX18EN6OsQS<w!7RQ&i%CA0e^2T1{AJ50|Houdh z-({}cSX#?gm4EfV!2L!)#ng@49*S2^b!9sjf98%`XL5#1@8mBj1q*EFYOo%*EZC7$ zt?>8B?Ux)2cg(ZpJnsKn=f~tS$9q8!9)@3<%e<$2-oJU8ao-OHCdl8r#l1<lbi1?1 z<mcZikF~@$L?%r6Q!%68W^&+LhY9TWQ<7Cq`xUY-ygo&$!|0<@iPE~I%Weo|`Xnr7 zdZ+#7O7bM`xPAI%*^9TS?dfN}!S%@}#ci);($i_LO_BvQ&P@Hd_Wk=i4G|tMy?4Ay zUGwr!!`7`QTz{@PIREC(S4kaxM?QKt3$1<D-EwW-q1Vk4^RsqKt0Wi~oO$!z=yS}? z%G&qymi#-Zd|2h3=%kId6aCfN_NEo92)|mgF8Scv+7@OTfr>Wi%Ew1Oe`1-cuui$@ z$Yv{sr2Ws#R33)!IxaV%^lH5Q)I{xr)@Pq?&PcrArnXWsC{y>f-tpJv=ayM*Wj6LN zyZAgNgfaGX#g~&j`_BvYiR&t7OnJWg-^xweY!_J0g3Dgmcw=E{epzBlW-+{NY!si4 zd`QVvMCqGi(8QWx(8TNkDSbs;!cA178#`y4emb{9+d6u=+J{mN^zzsPsXTV_HIy_E zhYUdq1eWH9f$W7JcqV5c1CnAE7KKYeOJD^f1$Sfc$^at+Lqj7&3sXyQ>(~UDYd}4l z2$jAI*Qst|l(-Y#Vej_(=lVyll?xxux|o=z7{6-0df?MMX|XH1wE-J~%lB4TB|J)D znqAX2`<hhW+W+#R^;f6L37vi>(!z4^zS(B6`CX4s-kxD{?uN0rhTEUzCqG=;a@Ci! z$n)o?_Qxx4)h?{f-eje^GB?O&&5wO~zwaz7o;V?K8MBDOr|0d9JJzmU(DQ#8w`!2; zb1}xNr+1h(@+`Lg@bKZEsMvE2g}FaGSKC?d+Ht*s@%Pf#(VLIPC1@EgSa1G9!D{{r zBORVIoU)ha^~LV-nepzZR7Uli;AJmGOc&oj+c2NU<G0M0kNdrL{JPpx=yhCv?LWs^ zo10@lwS>K28t!~fb8XM+(EUe#M>F14R$Lgt(0BMkmhfBQ$3of-cha9t-E>w?DNpN% z<CRaRMA&<~LWPcHe%;ZQp&uN#;nFI_gEO8PJWdZiK09xX<ciQ`u51^St!}?gjnxtq z{9x^WD))=Yk-{hc8KS<$tW!>CE&ljKV591~tCMyMALMypd25Sh_}0~?tBMq@n@yh^ z-mg;3+hN2}D{C}S)GMjz{NwV4d#(yfmocVuJaFVb{8}{c#}dh#i&n3Hq#hKe&D5nM zqVjXU6VraR6UX`=<XO}P>pp!uWAoJHjQXFZU+#AtO)#Bwpe9o$ajMvb*Y~*B+p!3^ zrbYx<toQg7xlQbo4etb|V+DGQYi&fYLrPyz!x&>A61_M^G>qRq&o7JGpYX;r`q<L) z-9=)Bvya%KWfpM5c;fvAduPtN!b9I*Z|>-S7`SPVZRt;q*b{qZ&aRGK_4L$3uJ124 zU7mk8-LP&K<ErCXj@A>daKvm%$eQrs#5v}qpWSbN=V{$x^R?0B?-c8b@bTb((USPe zrf6CD6Q^|@i=87X>(-rG8qB-WwqUP<Wa5$>i$Bgr4-dNk|MBLdppwzFIfuSQXHKhD z;Bj`G75yzzvg2N8hj}1(MGTkRVyC~y=XUTP_*B895;A#xXM4v<uLjvy7xL^9^~`pg z@~Kbzn`UC2SXBH`EXJKJ#FL>aLTCfm`_{i3cNmvuO_mXQmJpXOTYpks`E*O-e7Po< zpYdyxLRDr3&3GI5d|};mt7rQ1g13SjbXw=FHWj$76rXi8ZhG)1BPLFR#StHP8Lt){ z+gOuXefX=H>zTy7IG-s;<JP_4i|gM1{p^Fc3;Cpt--Ss0<KOqbt|i;~alwq+v89`M zBiUO;l`XG*yuVV7|C-0~&C8U&8k<K=b)R3oOF}gN|22`6X3tAp>58}cO_LKelpb%K z+I+Tk*<F49=jlOtyY*XZzIqiuKWcYiuc8pE{h#g3o=njvRG&QxvG`iq-Xj~l$*;AV z&EmMuj~^R~dR3p62Yq3d@mLlR-=ScT_o>Nwwe9ql=fS@f5Bl>f&1%~bsrAj>R<c9) zMeD<PZ(2FBHs+X|lzro&ZC&v;?MPo`X7j!J9&q6dJM15Re`jKGacNO%N_=KYJh*|J zj=VA;7G6X%&oXFYo@UU*R0k=d1-K{6SY5MBf0eGh|M2=*Ur=sL1+5ZDMJk>{gJFkK za0&CcWTt0=*48R`<|V^QZEj%!(7Y(jQJ~!~hAIY1kWyP3uEP=HRs~NN$k>KEc)@@n zz60Iq<P1WilQ*Ah=m*)G6?t|{Hu?M`OU^K)VgA|>$F1)7r>(fMzCm{<*ZI=Fol9#~ zemz#=(cUvvoZEQ6q^~2}1ctplz5@T)w?3E2QwlXqoxb<7_$9fd&$nOY1oYUq@Ju_u z{WSA~Q@IO8e55<?zGc`DRI`3!&PEI2i!X&Z4lrzx(H6W_USKwR-MPy4J52@8I7<pb zGuJQ9n7{w-w#v<)<`!s%ep&s0YU1aU4*9Yd_f6h?xkGFB-2FvSVTIQAS3Y0l`ls=J z@w=Nd*E3)4PuTux(!z~<J3HkK&K_Q-mt?$7jH%ou>UkrV&2ksL${qGBdtw%}Ka^e{ z*mw4g&aWT;az9wrtm=M}KGm?7=z^^cY4^ps!(KaQhJM;{J7NFIy1ijrr<*OmhEcFF zGBTW68rt*tgkxT&`tnl2_cm>2`IqJ%tFVyGoVI9Erk+L4>{^y9ol7?wns=R4JhM9I zY`4s;Yx_Me8KoWUI`CQF>ivPoS0=Vy40z0ZySO~x%QE=wJ+<RoYu9T#T`Wy{?4`|g zJiz-w=A&sjd@gAMF8ym+U;n6FvrPJhxyjt%lZmSq1+Dig5NkVRbz-A%f!U4o@4j%E zT#fem%RXn(uA7WSF`s=8-sRgU!+Ruo-`X!CzdPS7a^&+lb0XZ~LLT#~vpjvBGiT;} zurXL~aX)|0;(eM5>Z?os3oBLJn;sM@*Ss}Ef%)CK1O8$6%+DOIU&W%n`*Qh?q}$>( zb2OBMi*wGaeeKeO91aINy)v^ZHLoBQl!K5~T<(VFW7e+*O{^acnwW1w^D)DQ?NMSL z@%ta1{@Q(A@>wlf02^2!<zrXm%h)`lT>S!EA^XjsM_V%UaCyS52Q{k<%ngkUjX@a{ ze9RR1f<<Ek3nOzQ(<ll|Ce(~NdAaHozucPTZ7;-9vo;=*b~P%Tdh?$^^qKX~msT?N zcOE|VDYWo=`M&ZgpNp30xZIdGX|{;f!sjXzxVXalj^0q4^6;j|LtVRDTt#;m&lJ7Y zxTyV0b)H&zXT;iTuX#2(Ru$*v-ma=}e96%vRM)PTCYYQP^4n%^(SbdB{|{}y%Ukx? z>iYLB8T%G}ecYIL&@Df<_kr)RkkC#kV?(Zu;X4<1%{ctV+T`d|$IQCYLpBOW6L$r= zFHo2;dEo@_&we$nt|7B7vZ^_5*y<~5yzdC}3Duf|1-GrgaO#Grd#uracw~*;iPMvO zf-TLJ-&|(=`GC{K*Ei+BL*A%%r9Eq<7ynb+D*Ac(pBBlNZx(iJamj3H{@i)7gl**+ z?rVqcska8Gof6-1vZ_5yM~YD{XP@v|fi+uIzFJINc+LCP$K99ixo`crr}0~4_Ib(R zm%XB=y-u&pcX=x9c>ZDA@>3VG=I`<8WiyUi)cSOS>4KyfF~1Lw7yV+E+M-jqIYQ@N zHTP{P{@3>u<=M*Fm^Yk!Kl9Ilo&MZy8vicseD(O&(!=hVLJw|#_$Jx?wz}Xt)3vwl z5*j)zDn8{;Ji4TgS<kw{f9hB1B}Rv+-pc*m=e^Ib5<58c$y%Q-JMoEEHYPo7dfLFU zgt@MF|E>B({L}q;F7y7re(`Bhoy>{y|IxGfx36P$d-`#O*c<mH(8KN;zZo=sHfY=c zTA3rr(zwE)acLueW?ovp10s(sX#{QIHFP&{1=TfNJa$N_T0vLA+0#wI(ZJBy*xbm> zKsU%YwJ2FHEVCrPC^J#lJ+ZhXHM2?~#L&RhRKd;6NFmq)w%wDH$I7uRB~c+IHAlfW zH6^nowWugDFEwAmwIshNDKjNCQNhqeL07>5bnu4)nu(Z;i*UF7WMxwMR(w*e-ZJt0 zlZ_jn?F}u-VMWWq;I?1IG9EFn`92+12Tt=X6|0@U(<5G@pEt?u+gZu%HLI_Fn^?Q9 z@U#79zKYh_Q<tbKx;uH*cvyXPt=Y`e7g(`os_?yIe`|M0P4HPgiTU_jC&qL9H#YuS zH0fbN?z*aM&Q-@W-(`5F8#Jg?8H!m(*L{@HyPLzg_LJekCcmA#f9~6_)oOphVX;-@ zpGa>T4VBwlL`&E4cI?tCKCm~U{i)NZ*KzOU43uV`Hotg8F{km(zFf6uGEbZo=DBZJ z(;Qi#V|s19naP&3)<29^ynkHL`McLu=hmDZbq+F#&+QgX(((Ru_ScMUn*Tq4s$MCt zw_tL(_Pti-pPA;T=T&5}ZaHdL(fOuodF#WS)i(F`$yK(Tn_s{edB{|6f|lXUC$3eF zOZ0?ioA9Mod#+BIe!=Z<<=mox<YhCW+4g$m-mq*gcwzd1_2Q~Mk8ht~dR6nc>DHm> zAk%d-tk&)_ovgfE-s7&R+l);D8BdlP9^#77lWY_?8BqG?Rg~B{!Rznd2XyEr{<n83 zW}V`Ewa><n(MocuyqjP7h1jQ!N{a3Orqs6Fn7sB{hO@_}+pmjNo=>a~S+cFcZth|m zpQ1zIM;2T;W1)WTD%-q89yedkKi5=XHhGry{b`DiBe(P1nrQyvZ)DWwnI|%HoYfdj zlM_NanXO81?DD!9^8ekvh8wyUEw0Ata?hx>%ennWt>ZYj?Pm;~!zzZ}6bNqbC4)9z zrNQnHK)EImsRH?ks6ZYXG_l?_XktDJsX#cYb!J}{YcQILmh22_kSY!eZ{IUC&<ABt zW*!aL6@ifcJF?RiQ0@l=RX&Dh21bTPhUUhW;QIzlK-;!p+yQnSp$hCL|J}vfwWlv= z{d<$%y6m~0^se%UkH4;8^5&OU?8GDC?%5LM*=3*pPJUv`e@JW|ciQ2wDf7geThE2P z|0MR8A?d3UXUL0GaX-hM5B%MxuaZ8oBQGf~b7TB%EvC9ZIj255-gtZA#UJ}bkGC6` zMPvo|yd@v(_IuNo`rqtxTsjl?+_uofzf~4*|2>jq*q*;IAgQ#(X2Gu$s*|?lRVf|+ zA-C}Hrn?gjS8L0%{9o$DV*avqiLv(IN7q74Y9yC<WgOqM;_~)W3nzEHJ~(|(&rjK# zN-ZiS$60K%R%%W@^Lj`0!+-Irt4tzJ98?aOD?LN-u*IA@+qRsg{0?n3OkZM{{54Lm zE1b`7b;9_cpsMMsKf8`5*xsy>xVmZO<<bh~BBfJShvnbvJk?wIYo5-wK)1i^nXkP{ z$avK%W|rOhQtrU!yGK;+G-x$C=1#FY@!({mBg4G7{q;vVW-OA>adO!FGv7kp+ppn^ zZKL~xj+$38=eCx{1nS9X*Gm;?JZIQ?vE<nGC-c{`Pu>=6YWm0g$>DFYV*3<}?@i+R zu^>5X&$LNdc0cx{hR(kCmA6xk<&Ub=GS$q}hjLHVJc^8;zUK9Ny%T$`OGnyhpZO$t zVsf^6vgG+cFV%jWDx6(E`JYL8i{H%Ge>PWe8W-$JTUPc~y7;x!Qr;s<!U|Kuxcqc- z{5JkQKZkSIBICF1kmfRIK@y^yf0u=mebLvd+Mr;eNmJihG^p|}i^QxdkPnB)sspty zL0OOl8^u+S5S*g<TWzk4oLoWT$Eih=3su%;OpfR?S}(o1fccNAc1i05+ls6&JG+-o zx85o-akt#^pAOLze}>LnFDG~*Ms|7H<Be0;d5kQVy^`Kgc|&$ify?8ryGMRbmG81} zwr6Zz>b~68ZPT8oN*Uj)=iJb-<5E1KYrJOv(Z-pEB?n6jkM7&}LD}`o-0VM+$#WO) zVL2wjt-3q7lYetVz&+P@F7>OYRHV$f{7vI-`;CIslHYtgg<mh{Ph4p<?aaO1Z<Bo_ zcCU2!z91w|p`)-=;#JialcER8>g6%pCcJ7>by)r0nE&+rrhSVPet+AlEA{M9>&6oP z-zQR;mIN`n-}O{Fxc|oM>@{`w-Xt4~Zdc~$KgQqd7<ISr=+6G9uJ#qTcU_Wp*!Zu| z*Zx7{qFr%Y-iSV!e3wJM?qTRmZpC|(=W+dhw%Bv8nZdv3<(n3iPT#8A*dd;(@cq^V zhWRIh&KR9Ct@&!pe?$BFSGAmzY$nshUKK=28C6ztZ|kV%5Av|xpL1i8i{3@Q?L`rn zJB6qIb6Nf4dbf1moIN@VqOWE#tdBQ;c=eY6_l!Ah&(-?ReRz}C70%u8*l*K;1<8pM zc7<k`mt<|5bbJ27Hl=N;>U?ju&38(8l749GEl2Jnm%9_C_xzHdsD0gqJ#Lrgnwv*o zz7O_@dfo6*BSP`)2DZ@O>h{4C3Rbeng{$vGsVvg-<5Ln-QYs;%1BlupH6Bq{=*FXr z8Z3ub7R)C>6@@_)(^^PnfqCsrV>4<sApo9tVBrvEcPz@R%Fj!L?cZe=<_b>EFDWTb zNz6$#lroS2)d*a|g6{b)Am@QPJUXBu1wBJpZ6U1Tp05CwR0slZ--TBfNC)dH=qf-) z5ezI1EDaz>Rf7+~Fb7S<fv%P^wTv<t9IhlZ$gsaKiR0t1NR#i<CnXktZ}5zGsnjgI z?5Kh>qjk&2XRV&|)n9#Uk@j1#<#xf0<3@}dS?$>U-hKJyuODfk^nA5sSoWg^_CKG+ zN*gQ#tDpWf-B#kavbRb2$u|3y%+0?R?duZFs=vp5c$=gM>#0|VSFlX6cB?Vs{mhW2 zbfPyi*Q`fSV*BMyG6`EOelhi&yL{J;{T`Ry>)4tTHNQ7#2QQhFlo_bXnkePc*rT)3 zd7AS5HCBzY_%x5otb7?Ow{6}$11`&RA3GX;d&izJdefTZtZKp(rp`EVi*<pPecr|w zb2=Dn=U@4GJ2*FC?tY!;5vzB^yZt$LM4H)#^R=g8Os3oB2kuPFj0}w6ixf#1J++$E z$}W(uvF-i0y{wLT3J0g$;=hO1lmQ>2GxK(A<<+0lBh#4^Kh{~Z8J6lUROs_hZQt^J z*_=H$Ug}@C9rf;fNl)<>3#VJG)jya@cl=$t@%p-N*Y63R4i>2Ea=SSF*LFQ^!POHs zs5kt4F+b|1`TW&S?&oZ76`yN+Q^mh>qUp7Gme&o<t7kFkZWZ`)W5RKkVu!aystZ=m ze=~1&hS1FLWBo!_oJ;n){ACk0KREk|(c-rjFK(oK)~OTu!}MzY+5hYr;<uG1Sm;*u zUJUt|`8eMARF!Qt*W*+5@s>{?mF_xPCSiO|=Yzh_+V2~mpYvaFWVTlb+tK>ks~r4~ zWd7BO?^qM}?TXkYXHFj9Z_Bf{%xp<LRn_t6k;}fA@2_OOf(r%MDyY<g>`e3mAu~S@ zQ6wNW9UI`K0qYinCe{rGP0TYOrGbFxiM^@rG3$3sXNY^kc4^OC<ZuVATZ}_08$!Yj zl?@cZnVv_=IioZ$J)=BPAtW^?H90?5!8u<~N5Q8gMGv+tikn9<HNe{wJ?CfU=OG%3 zphlvBiJ_5^fq{{+p%G}ekufsYfY$aCY6d=3<$u?EyTiCN{p?!#S}VWYxtH}tJ|~x) zW>m~Ff7KGe?yVNh>71iDFYClr=C28v{bxQXJ&}L@Jxj@OyN>9m2mctdod36{9@{E) zaJf&eQh{QZ;iu^(ot#2yGV@N|6k0UZ=GM#f{TvHY9$$0X?)rZEmv3LMZ}k#oim06t z;hnJO>~-E*!p6ZD6Mt4+y<V|-mhpFnwsW$+Q!Li6cvBHr&=n)l9H{tR(AK0a?y1Mw z>5WaMK9X-zzhxg~UHHyj_}XSg^(g{eH&v{6?Q;=!Gq9g-bL0B;tasKHkF~E%=i4d$ zoZYkDT<d3f#rcr8(Qb1WH}Fk#K6ouUUS!w&WxXoy4w3tdEH;_tnE#)7F_tfqYjx)L z1DjY}t3nvo?F;_4_4&geHj51}t^B7LlyY=g`iD|>wkaZwp~uvpF!qZd%qqOT&-?e3 zh}t?q<Bd+=lX4`ko#)K3tIzo+*Ppa@Y4UB(<?>2Sj&k`kyX>z2w0Eeg+_02!(xth! z9HL7F7<D%rm93b{ySZxCZ+3wS!Tg8)$9M6oN|k6mm6_o<^S)yHi>Yi`T${7p%Tm8t zo$pT)m#pT}I4gCjSx)h|&i;M>6En7_OYg4m?LC+N^vS`#?aFD7=1wRznX%GLyKB~z zopaxu>Du^1wKFDan|_acZl%idpp3&UrjOEkllfGAuS#xuR%yOmX>N!iq(I9u$Uqtt zmE-xoE&bEONot&~2SP3N%I%%J78#&k^kK=ylCH(hzyiL^gNc#BfRl|?n~#}Eij~2D zosBhJi<yCeMZ|T(q2pX(HSeM;c&7f82tK$>=7s=T1_TcsaBgl6j%2i(>bdh{<F21& z3d&p66H2aR%`}P2VF<oC|I@OKD(o&<TE~|5RS3OszZoGdtQA)|dp?&|`Z85}w#=~N z!(C|}zcm}fOW01$d8P5fB3(`U<JGP9sgr-0#rE~~Iw-VDzIv~Iz;=rzziM?xKuPEv zp2*rLTgNG?K^za<bwmv%ukL3LJ+@nD>+~=2&8@o%58lja6fEQ7+OWTA`uA71zka>Z zU8ym}I_&PHK)rPb_Hu~!ln0qiyEc2xW!b(&e$(pN>nt<5lM);h%=*{=HhZVb;U&9c z|Lm9_ua-(LC|-8sN8STtmiUZS>g{iD9-J`e?cT>(rt6dMua>yE>)A`MR{>r8iIe3X z=}JB_m|{99mTw#TddY@<_X&aCdcJpCA6?=K;u4?rM`}X=(^JO9$>xeaE=Ohu&J^S; zp2OB3qPJWl&c(7lOxJvGtIL#!Jl;BU4o_+|Nj%NJW44!b&_5Ha+8r-7@06`PVemtw zu;G}TnMa9|V@!L~3yH#R$4-~$brI1kcJvCrT%L2-{q1I{xk>AKn_f+scQ;bt@Y=hN zd><QLJ^tp!rw#um$%%1E{ki%1hx)dY`((G|q)e#)^5jVLb@O#je0P^f<=1qC92LuZ zSe2po!)ib85}QuzisgRE%`A!>>AjztJTFB5-FTM2x#fzTLhE-gTkSc2wYWHaUp4*^ zgsi8Mh7KJhCdU^gW>&?g<>i*>79}I^>K8_o^X&#rtjz{Z%-N7~o<DYSuR*%m2{u`& z;~_1X?8vDMG*x7cRLr{u8w!GZH7r~_9BzKTA-X}%@X38{9sx&Zg&;@IC<T}lxD2;2 zG%&I>1TC5ZZR<BSFaQm!8Gt~P0Y!!rDxh~2HdOhv<<*}M&OLCfR)%4EzYdS`Zh=`2 zE2Xx#cl?+gmi7Btbzk?SzU8X1k%G6)^tK0z%dg~+XAxJ4SY_@dasR31mGHmU59&;0 zocKuT3iE-8KjrRk`t3@bcdaq$^|dHV@7r)9-@rJcFlNiw?7S<C0Xu~2a=aFMUR02L zx95PSMC$T;|K8u_nxObxDt(fZz>Ii*gFSXKu3H4IXE=x)aQOAST)gTTcYkWM&COXs zx3}({=XT!q^+Z;t1JgE@`S=P<v!3*8PCft3`}>qlUFDc!{%u_`d#38GxX((5Ex$g| z(z|?2{z%TMqcT~HtX}$;jvicLq86LB^b(WePl@epU;Sq0uUPF9_~Lwk#L@B-mYh1C zlZ<Ar*exzzxgqN4v&BauQ{7FQ<5s>f<(|3w$ytSCv%T0Xw`TlN+Vw89N89h!=Z%m5 zY@0djs?)DRUyk$ba#@A7KQC{2xwNpc`jDUdw58w5S{G~dzih~B3|^WWzr*9_p`T{U z^gRFXn0Ba#ee>*&h(E8TW$x(~JeoeqU}5LuJ)tYquX(?nu(tbGvTCI63e&r%rW@~h zdiMC-i*Me?@p(;PQ%hdE^QNgT`>wK7oi*Y8wO`n$TyJEW7Q2|;^J>+F@SoDpgWXD3 zZK!lQol(f~GGVV}=D9EH4~ID%UmLWD^GSZ2dzbuc4fWV&h4m~abHZkIyM2We(2dOo zjSb*L3%S`8dfyUiPn!*?4F6tx^zV@uv!u&YmVcF9aAtpd!mL~aJJ2|_0*kqUsev(c z2dTD!CejX4S)?7LpnjMhC==?X7VD=JBp2(WWh!vd%|5~F{%2*s4~ORjrp}(Dw5W@x z^>eXiw(md2M=N=f8TYfKFP%Fh{x75OuQ#)jUbg+)mUJo4XUgvbrLHxpJU=#>pI^g& zzBm7;<oEtJa-Rz3eK@t_{r3N5=4H{}@;W}RPcl-P%xjg^Cz8ga8(b2eDtC3$UFAmW zrD@9Q>74x!%U3y{O%3FD8yNBLndQ&Z?k!71KbGxY@@|Rsk@)wUjHd}oY(JU0PvYU? zC3k*F{JgwJc(!Gg$*#+ezkeBZX>HeT<IZfh*mt%|kGo)PuiB({a$gy>xo%#YK0EKh z3P~9&#cm!shqcVl@21s#-KoIK{9@YACf6&L4;C=QUZ3%-c3yh%;aOVWS9dS85_xa3 zCy1|e#w-?x7TG%2%*o;BUZ49BP~$I?$KpKu=QV3(iI=bXF8aFlezbm)b!yjd<?XY7 z&1BS!iipyE{PRjKpW51kc_w>|e(<pVN?m;0+Pqom<+VFS#(!f!DeNt?QNE?|{ipQn z$ds#h;*07O{+#XHIw9RRsmk7Ot?XgTe^p;J#O^zO^Jrkb&L3F0Mqu@oH_U0zvNr58 zoaE$?wa@Bu(ZekB&^>Epr*6+o{Ny~b<k^DDTq<r0Io4mh<tjPtO0aBnOXY_H-`(GL z_a9|jH`ga=?teFyAD2&V6Hs+1{U^5Sq*p?l{;u~1<xfH$?P!@9(XdLmJJ8DC<6HN( z&EPgW>_~v*{M`JM{P?2c#CTBZfm|_%tI-~cD9rB|G_l?=XktD9Da-|YR{cD6J30S> z{CB?_(adcqjdsvcEsd>6#kso^?4U{xVIlXT)Wnk1A_d>XyyT43;*!)N*os+pVfNs} zoV5I+6r`TLv%jyui@$=iBYYtjC_jL=JSaisf`T0tKx+x$o<VKggU)*~v;@@y;Ju~B z76yif7Vtj(AaN(5I%eXFkV%)g!ZxnqRk?fgyi0n?Ol|YUwaNtyg?obUANi#v)bCv{ z5Vm)ILDBZa`jg)L;>&FxZ(vD$_g`@O@h@$5T)*sMeolU7Qgu@#`}v&BtqYo}%GMW7 zxc=rZ@2@#IzwU2n`XW;IbKj9=`u_DZ>$m<%cP`q?!*H$hb+*psxBW9@L{`^5eVq5_ z#)>DCRBkzEC+!IR`|9AHoNe8o`FdwPnVpk4^GAh;f$P<^4|#1|6aE-Y3sm2ee)yE$ zw(M7K$B!#4*eIWR&x2#v62Fz7n%&G>UcWfg=;561SEMyNX0MO5Mpukd^_JB$ZoYdE z*nF7N%`ew(=C7&Zw`z>T9c_98-*Rt@S+A2UbwB)s{hpVxM`o{go%v{Sl**P}E5mHh z=db$j8L{ufivM4BtbJ+zd)JOH+*UtdI6KL8-e@^3{PE`Qhn)#KdNjh;h{(?2dS3YY zJl|d0mD3h_?6vv6ek-q%&jG>4H(}P_E-!i%y?qmlQqa_f$(b+ud{RG7WY#SxVS3e_ zE~=Rs#I*bR{eY}cxBUwiYb4eeTsXXFm5$;n_j4L^*j&r@H%X{(xw>x4>40b1UwqmM z4PGw0FV^<p#(#&qzb`m-)Gs!+(u<LE6l_dBCsCNK{bpI$cEcE}EcXY8D<iKdNUi^r zHDguLo^Y>A-g9>g{Mq2+`1Gx;ZJfs3IcN574!pJ8{b@@uq>cft2}6tp?_OWWWczE` zN1K+uweKuuyt!#)bOk(cCd&`HTAPKLi4n_Q3Zw<QutQ_GK3;We*}g7tcg`kXM-hg} zK66e#JrHt!fodPq&%YZM@qSg9VI!=&CT!7$YjuK?Uh3_dr#Gu;<6cRZoJ7+_v$lu{ zWk&Tpyl%Hd>V-b@mvxD<0@7Mbx~q=<V_o*}z_k<q=B?}3-eo)U$Bkmn2)DdtbG}?x zzdZGpd2^A><>Cj6+-EXd#9sBRWYCm3{${p<47*BZc*Q2mKUOUZw$7>P-LE$}NqxKJ zEpdr;du=!~{<qAwxq6M8`EmF>k?$8@`=8j`uDpGlr*ma%%&ymyxECIKk+H%@Y@^gn zt{1^NlXfrUlqls%T~U2ndArmhjn>1`|1W4Ky<bwzIdMjMj|k)047RLf#Zu;mj;_4M zW38W7F42AdWvPmQd-JKYUwSJeHnPorE~RyIF5~qnwQrfdPJOujVkM*9*RYu<<@!8r zcR%Ia`M}?ElC4;i!<jRY$DUce71GPJ$(g$G?<(2q`nG*?d`51+e+&1Q*86mOyCwf) zFmWh2czEZ+yUPk5v21qS^Ri*$tCTra50#i#&dJN?OZCrbZ;$(&x8P^#(%B9#f;Xwp z_1bx$T(S3m`=@(*dftoQ-|oqM@l&1ww-ldW*;~OsUtfl8s@;D)muqs*(hCQ+$?miA zo3iM7UJm!6u9{y8pN~9wdX{&^>4}pz*0jFaDw3JT*Yy1Cxf8m}0_znIng+MBdBx6O zyIVTG1YAS7K^ylOsW~~Rd6~)aiOGp6sktCVUP^pXYH?~}QF2CnW?pegW=UyDW`16A zd}?wscmOClG2Y0)&=hIBXC=JqU^;Hl#B|u8iOCC6bucm*aItY{wRxPgWnpGAXk3L{ zQ3M(C8}NdLci4s597{4%^NI~!44gm$T*B5KP?sq<LS3ein3tjezxT)!$z|aBKo3z5 zz)WE#%@kK>XYkmOv!epYf1qxLp{aqnfw`dpXcbG8IIoF;ff?wqcQAKod8W)jfQ=m- z4@`_~tlEt%3`)#N3@notIKJ?1YKeLD!%%Q$TZ$j2s{UL@eXez;{v}g41*T;8W<Rqp znEHX$#eG?kML^k9rl`Jk8uNbY`ptZ=<B{*9s`=t#Vf203gQezMuK%j8a+;IH6&6*K z$-Sz9QzfVFpc|<}vs;w7n`Wvo^3B=(gzxYE-_sQ)&(uOrLCon41}RJi>F30fEEcUv za$UZ1s>%T=^*Kh?2M%1_wetB77U$sBcR`Bx=6+Rewwo8>t$#gTm`{<(fc0T1<GqZx zTJpX=oE*Gwyw|3PYdkMK=bBoiD1KVWk*`O1hQ+Lq+}Wod)x2VgP?`wNC9un6u;0Fk zylQeDJO?oEGiYMoWzfX52$BQ1L1&ROF!HylJ>x}gu!9CW3Ezil1e*)t66PZ2_DwTG zBSTXI3sCz9v_TuRz#YaV;`U8aY$G%?vFyAG-#)#3jhU`aM^@V@hRo)^T;EdgOK9`y z{q6C`>f0`FGKjhMckRdOJ5PTkOyis+@byCQz2DV!#T{#cI;y>vo$_23w_<rul;EDK zrq}y=UT$79O_hDR*Gw&T{Vj6k`@8tJGSx^=+i`TKmCl}PLOWka);_wx))pV<nYGn2 zuEXTbo(dk087(<0&U$ZIP|H*4`(cOfX~k1lbE0b>F3@aQ`1A4<&(kVN6BYK{<-U6J z%+FWqT-wDGkIj`{bK>-i2MfOFPw4jjy}?ZSn`Bk%gWOMv!W}X5A57*7oZc06ZvE=3 z-&b+2O4xhnX8ir4l?lRe42&nee%UX1#m=nA)Yo*1`OxfsNFCld$Dna0;c6OD&Ch<s z9-b~EcOZ-HUgVZpy7%u$w&@v|f%=K^Ecynz2HFcW7pS+XLi>fFJN*!e6SSXSAGE?l zx5x;5s~_^rFjj++ng_70-!mJ7+hsDQw@rNWz-xyK_v*$q>i*Xb?vQb=*vvEQ&nq39 zyhLeVZ_TgsS!LA@?s(bEkmR~;CCB8QD~-J+W*z#`-r;xqZlQ_P!H`>S_75&=t<DWm z`f8PQRv~|vX6N<06W?8qS!A~`+VSiCrzy_5FRxmzzO?B6_U;P@8YE?059s#1_@TR` zB+T<D>sEi!dwDJumhCI*c7Lvvn7I2({@jBfdQ5v_8Gj$n-TB@nx6;k9j_cpbri1_A zug+6A5^yqpuJ3H|9-gO+Cl@$o6$k%X8n7i#mH)So#FxK8H~TU-z7XWU*Ky;wtmpSt z_okj#s5q1$bX(P-C+kn0lZ8Wy(D!+b4=3w^Gd^rDA$%qja*dP`%3eagrSMG8!eY?G z0=nkz1tim>PI`i}dNNYQ7aDA+2tG!Hg-ci>BqLP;K56L=y3G%DPLmsHP7`vClo7bT z!_ogSFflMQvNQy3F9gqNB6AJs;)o_j1>|xLd<P&SFM~l7BL`CxBO}ATxz}HXOL#7f zetkXOqwUqcyZ@iOPnY?Unz1>&a6w%8?zgi&UlugjhDjuI<lp*q=7N1aQ;1TCz>Q6f zR}Pfgde<K>KWtaAT8eqALbiUE_Qs<fbw_r~Z8&(tRXu-|dBpd2wd*%@zpWJCE?;Ek zw@lnVb;hLIT6wXH{&hUyzE}UWSM=fQ(^gj>2`v)Vz0tQmUdVO<2P?<6n5C%}EUq)< z7AGW>9Cch;lq8*WR6ajm%4r`{VCsr>$`V<BDwtRL);ApfwL0q0LWd=%B*p%1I`KZP znD<@z-dW!&XYAR?p1w$w_wIs-V=mQPc1arXyByhrBhCxfS(F_8@qcUPg#MP2SJS1} zGchtRZaiSnxEE=3=+co5mnL5E5iH!Cc-nU1zq>24t~@qq>;+|eWtPTPgT|%?5o~G} zrY}jQORP3AGN8>kU@1C`ygzR`WjFDU(6NQ=J$>a1jM+qDCdf&A=U8UTCHb?xK`<}# z$ux0;|0WZYi!9!qkzrgcJ4IuO;kT+IA=ke>HH=_hbmm;r?J2IsTlc%3RM~p9iD|8J zWoGY=ZNBHu`<yaXej(GbYHqh<p4dr+r=9c8THh-8UN=)sK_o<VbzX7nv)PJsxpJEL zR{S``^GiT3XWILA-Xr{p-D}@9Yft^rH>st_^0mUN=C{pfr{{6(dF`jRtyufX<!?U! z)CwOZ3YK{N50`4^FZIwnADAh=fJrEE>eY)5n*@B`9a$sbylm+_uB%g%X7QfyXgX@d z^F({T>oeZ@8gn-8)QSpUYtFx3w*L0s`QW0%1=_MsECsC@O-W3NPf10Lz9fT2U%=OW z6cpvBr50!AgRVeI&P<C>G&3?YHZd?mzKui&Ucj(P7&Nho7&I~effO(t!EdbJ{odpe zkDS#&<qYzcW!GRsCj$pidzzWY(h=q!g_Kl80RnQ5f?H-$ZX%L<AZuV@?g6!f4J-{z zK{ursTNs+cw=5f2fVn7JmZ@YVp#hRp)3W<s{rLTHk?DhapIZ+O2VJk-CUAl&ZnLx2 z5&x`Br(|L^W>pAEWk!at->TsBq?`ZQ{pe-Plk~p|K1sT6RA_ONg{N?}ZD1Wg`~76r zn3wyf<R8>*I<Vzd;D&=XyVsg~#hm)+ZN{gvdjH{;^1mwrzHEGcO#hN@WN#Ih-?Ypi zrd4J$-u(F`(#&Hne{zy}{q;uOr$=@^urv9W{>3is;^i+6=i`!0_zT$V6eOa~eJ_$$ z&6!*xGI??FM!r?;0?Lu`3apauZ!`KP37v}lb4`2GBpZeE598M>>|0P)U-tBkR9m94 z-Sg@#_6zv?7VXT+-`TE~@0ioEEZ}ceGWXZXV$zcRo8HczeR9HAMxOhUw)}P$$|v>v zc`h>jlMcP+ccIs2z5kNW|JG|=W}REfvG6qLP}36=Hl=@&5SwiE$Nk2|ifM-OyR>=Y zV`r{S?u=4VD7$h0?`pqgN~`9^JyY+h&Cp!@ylclT!QJAzGv^AcxP3qR=*IlM`s4j2 zxlx;56n$OuPDNm?zR0cry0hF0-S;`&-_3aYOZ{bye#6M<%O{zZZ3#M+H~qKsQ4Y2I zt}na)&evGQd)4)`u$AnM0~P&_={9mxQr1;-AANC?vBOeodRvO)RqJ-1ykGps_Iily zxAeU-&v9G-G}+{7lW$ICt1!%%XU=Bb(CM0JseD}8WwGc}nIDr3c0(Ii?+qH?V7bnN z5u?F{XkVqCeZAULj=`?(YRLhaEyeD9QYrcdjmtnKtpZEqJcGvB28}bIWATms2Kq>Y z@vw`O%gf94(6caTEs}n6L9sy$TmzFqfSeyg07D`}F+(atK7#^73PUP`0z(c%B7*{h z6GJ{j9z!BS9z#Au8Cb-G!5l1}$WX+P%#g~E1685GV8CF(V8CF=V2+mA!2|x{wF`c3 zxqI~J>$To0TNg5|zPq%;YZHH{w|01s^;5&U|Be`ad>)-L&CE#R%~GTC>yKTw9T3!N z*lC-US2O$a+CPV{Eq<1wS#$BBg<O;NfA!S$zr{q4=oPj+-TMF668F6+M!UbMwk%S2 z`l_(ukg$N@Spm^qP7|~)xjdYv_S(=x=&#nTlWgZp<W_oLZP)l&X)?)9&*jCpe*b<` zd)3XBcapUxWGloU2@>*~uA{YP?(};epBAUxK6I&h>aw)u^Hlj?avM)f<%&9dGeqd_ z`on&F@@jFscQ*IFx!PE8?~=a?>*pN5uRfk>y%+yq;#PI^_!ro6%xQfC%lQj+DV|S0 z-Cy)(qt5{?+2>m}rY<_N=i`hos|whYx9qrO?eoh)$sk&A*#}m>V@%8*tJ`L`-o1VI z)uOV7;@YosSdO^%KHn+RJ@3`^(u+kK@0GedcdC69o?Uxq<{sN-jaLnmdyo309xQ0w zVe!Y=aML$t6ZcJPek-w^mb)wNE)$=&^Rm>UTY?*x>`^}XWMBLLol~~`h*j{q690T} zMs?~ZQMpT2D|KJq$W~c1J;KF(ZKT9U#ngg(=S&h-IDGtUv*fUba?d|?V`qm2;x?~e zS#Ky>ws@zPcbu5VmrZ+4^h`QBcmA3pvppsaCfO^yCmq-!{`O5-@K+Vap3O=xylX;_ z&Hc4lWOr(7UY@^D9hc4Aso+Y-0$S;mlqO}CBxc8FC+3#M7w5(o7w5!h=V!+kL)O7% zCl+VM>&6$C7M12AA6vwaIG&v)-Jppj*`SHp8&c7ro&yP*x^29K)RYYgf*mc!F3j(q znpBmlpsV1WpPZPQlL@PQxP&c3N{g~HD^nGmGIKI>i&JwH%2E|VQnT~&bMmt?vlSeR z5{pYfm5_or$Z4etx(XqoPM#r--iEpc+Mo)ITUf<AF}GA9819kE{5%EU)S~Rvs!WiT zU`by?Gw}WAEX=~XPy-Yo+I$s)gMAdd^Rtmm0O<<`*#|u>33LILsey%&sVS(AGXY)l z0pl7BOHUK(!mlqiFkZDg`|?a3A@i1-z17njF6TY}KRaNm-Gr%OPS+)C)LMEc{bH20 z;(wH4vAt){i;kb&Dy#Jte>H#N&?li<*<31b{Xb{L(PLphw!H0fS-d*O=a1}#JMT00 zo`16H+=tNbi%hOGXPei^9QwDF`Azt_JzKUOeapZfY_8?|#h<77ciZ{X|9brPw*Oq- ztr$M1>OOONr_S8ziOU6cgifgE(^a=9x&Qp{EkB{hzM@J@CmuZb!@suc`pJ-hGuHg4 z#2Q*I1cn{%3#;!`GS+|A%C&dt3Td-@m+$E0S|1nQ8>y`G?CFy4H@M%vn&9BFV(RY6 zS1&Y}Y;&vNlV_Oh_VC@ypKtu3dx}tp;ZyC8ceNd}xoZ;=WBSADZ4i%p_z8^ah96X& z2!n>@q4UB>jb-qPYeq%}E&GQbjr!I-oDt(4cRpJ#i}RAwN}=O%;kCtKDGe=Elb>+z z6gWFyOZ_23`96;mrYjofKiQ#kvYv0lC2#ZCS39qA$C>Q?QmlFSt(xeZI*#D3h~5j{ z8ut%wzOV54=i|p#_s`6ka>LL6aJKmN??o@xrWtQl4PO1=htJBne?Rf=TDSA&s$<zd zC+}XjddGAdW~p7y$ENLcEwb3WeBm_PiPd!n6oY-*-+tl_nHo6xs?t*4u8))X>_Yf9 z+&JlX=aZpP*sGMEueQz=OLHpvTz`3^q4S?5ec~T;l~+$m`?2;nKS!RLZoN1==cb<D z0SD$!>pj2iFT>m@ky-nhT)rMWG+!xh5&y!+;BpIXq7pR1oD9j~$%&vrXRNCW1L3V= zre1?4rcQ$<CVog^B_Qv<epM1fK|qKP<Gk6)C_{(L2K1bz1dS!*nWZ$aFfcYS1C7!R z@GK=hcj6c_W_GXEFFn~L+WNcn$waX$tCMDawF}~AJLkwyKm8$>ij6EI%RAdky`0l| z9+W=$^}D=F>nn4Dw^_HCve;VA!Y^K5Gy=B#>yXK_&(YWCjEr6y&22pM(P7)ppIJKZ zH(h3X2_7;=G}uZDmrHs`?wLFHm81LpDMviYXI`!(oZ%3Y4$RCM3<jx8h79kSqpQ|z zuiz@$-f{o`RyPq&u3rnD)p8t@YTqldqIj>`sRW+6=Vs17AH#3(aG!|bD<%VxFOzLN zmm612aC6_BTq``=Z+pIkc|-8Oy9y6XXPI3*&bag0ox7j^%j#H(h2NZHc@3PTm7!HJ zbnZPdF%eYzmSrZVLQX|Nnl|x+CuGnyw=6~mP0Uh|gp6A2g8FsUNR=+q3_B0L8Fn6w z8Fn5)=ltCKlzikFcIZ$PGmnI$Bl6UGDyXUiyBpjCG(lQnCC+PPfxK3JKpjV@7Tf1A z_e<WxS7q%ozOF8P``k`6v&}uI^-n^+?+Med&#Pkty2K2*XR%#4TA*~+Q#T~}%(lD? zH}2q9r+rio>?!hl^-*-)mylUPT!*VR87Dlt)fxI(DdO|JJLlgww=L?K;y*v*(~Jpj zE$YY1_CG#js?#0Eo|4*hz+=OTi9ZwPmnj6Sn0P#G>+6an=CBW4Qo^qc7t1Y}`Pbsx zH+7?keD<%|JAR93uiw7v%(dkB;+|WqGgnxwI4xdb7P#i+ye}12z32IFIz5`fvs!;X zALG6E^JjW~)V;r^#8-O8R`;V%H81|0AaOit&c5d3YSngKs>cu9o%_r*LqK6}|BZW> z4!6wVjeDVg653Zn8*y47$fayI?IZh}N9#4;H!ZEdV6bEh;cQh6s@UXNN(_n&EEbq8 zFljSF8i<CZ_~b-zU&ztX5mEl72B#K*QxbSo+H8Tz0;4tq44vTNYdrdpDpA;AHAmPV zrVq1U{9p3xTJ<rPhI9T$j(%f^IJ0cq9udzBma-Sm-o?IQ;!n8N8zAAY=EwN>*@mU> z_U|bPaoqp+kI;_e{!w2#6IkmLwzGPD{`T?E{v$g}+P3M|W}mtA+3l|Wu?Ja)51TOS z)K0q_b%<{{*UW>g-K%-@KgU>|&oK|>Y`+)mkQ4F#&$iX6c`V<g@7O$u5<NEW=Eq16 z1I1M4oHs8Oi{H#<UiiR#?E+DW{$IP8&MntjDIlzK<tc~SYNhE3KPJSLTv;?Lc<-l` z84nia9lD;gaWVhA{jW2ghkaW2>9Mwj6=&nt?AGi1bl=)bZQqpq=xdTr)0Hd+$AFKP z&GV<eG@CXf4_xAyK}#Ii9?#S=@H8!A&<V9B1<m6k6+*Azg%HyWgC?da22D)RLWo00 zb569_Th^(_6L1FgNCi=7upyrTXdyBS2M=pVYDHo(e02{GyGMR$aY=q2tbf48!w+hL zJLeY_<QIV}cSF#%lAyIcJle25o~~iw8CV5G(m`3hui)zJ3@VJE+dM4{O^rY&=s~x6 zLbwC(KpgevDk1j?Go*jNKkUHXtl;<2plK1?#ZQyk5<h)Y%s9nx<oGLRhLE;9f93Bp z>~Ktqxl<r!bWeWfl`}`#PjJX5im?aU*2b_0KQ^`Kxqo*4O+8+(ZIXIX1yO8o_kCEn z;nW3A&BdsD2cu8LJ-v6San;!sx+#I%ZWhg+{>&e9!6Nbu5mp_jD;nF7lLD+_?Rw_W zY5w}<RpFbbu4Jox-eBAA79sU!<Nf^KVY>>lk6WC1v9ZUW|NF=EGQQ>ua)JF!2Daan zHPn2LCA3dgo4v_YZr8Q%HWy{i{Zh4ACe<h!{aJ`V=Ur;o$@UdL*&ig$>WT3JCv*6E z<lMxn{5)t9PmDJ~O3Ui-w9NR;po#I5K@(#Iq(T*D%b9=u;BEmQP3NbD)zvyDqz>{S z`GwiQ5;a*v7bb8CvpIsTGn9m!HO4F~01<$uQ%408aDp^7Ff~H7=S&QcxRe-;BPm^4 z-DU2-IGFd}!LDlW71eIu$s3Zs=}O<`C{(<}@FIEdEcM?XEc0St*)BcVxN32<!VK3~ zvD<%N2;@GV^WgE`_?D#41u4c0POIn_?CMykwV?Dz<GLiaBaOE$^E5Ze{nCp8H^DGE zG3ZGF(MG%c=D1aA-kFED%4UWAp7XgaH~eWMa_B-*ih)(P;>W#pf@?3lkC>)^?e*Nc z3BB6q(?SpHJl0rQz~#>O!8}svzwXQ_8h%>-roP5eOoj}vN*VmDk629+ns_q8ZLXql z(ejQtT~B<xZcn?iraL>^Qz+PY?e!=7RQ_z`D!a0Dj{rEOzz#eDbtMXNN{i!Rvv&nW znYoEYm8i3LcJM?4I_!vfl0g$w6(rFJGPLgX{(R%s<IHbUuE!r<>Y|J`0B2x}lxp09 z;LF&BIY0#%$ZFV9NM>On*yLRR#1YWDFf1*>D@;I3fI;(hh9IsPY`r3d#uI88-3gd> zLFk9+C60=!Z9xTp^WUA{DR?@z{NbCIbu7Kt&g2(6hbOEt=5l$%952(LGV$q(iD5!b z-ydjyxxFq?uT!8mJ7?EsroC6qj(V6YKl%`59%L*o^yp%O?>>D;!N=dkRe8E69*~|{ zJu{4V{kuzh+`}JNdRCiss;jiz+xX^Xgx^2E`%(KG*RJ6>D#7>uQt-Q+3v-1Sg?sNb zBz>Q{(xt<z&@Ul$-fd;c$}n~w`(*Bz4UhKKiT;^l9N}nDa^zuu_kFcB@>{#Dw>w8> zZ%|p5JE8kX(W_YF8QV|ai>rP=<)gISsgsHakIrCPwdh-P`RuQC(?U&T(lZZybb9Q* z=8uL<S}3$-)ML=t2`w2}I1Jbr8UHgea-p7?j!5c{i*@gx=F{N0cX#uWQ<XdVcE2#_ zG!SItOlb39Z2RHF$jAa&iDwRJDH#~(8R#s~TA<OU25s+vMvq|$6WmgA4)W0lCs4?o zJ(gC^@{sc#E|RD3U#VxfA7-4i^?M-Wgx81dFLt=RREd56Tx74p_E|Oz|8nQwo^a>- zm!xam1+mYcvUse_s5$x3>2pr~(W)BRz>Zy)xa`zp@975mT^3Hse4_XG^7Gl8GnYM> zI{Tc|_4<7_=Ylp1iXP+_Kg+y(j;iRcMP;3T*gi^JnC#70)3kl*mv8a^-a0Is+frh= z^Nw7r*ey-zHf4sByF2Uh8am|kMYb@jtT4)Fp5?A%urKV`awnz&=~oUncCj)SurHbR z|F4HJ*TXwY8z;>6y<7YI`KGfmC$gsgSo*E^NNfeizG}8>p64aa0+jVQp3P(Rb(gp* z_HyI3Z30(!Pv5_&Z%YU`Q^SgXP}mh`ro$@$y@J$S1_nmZjlm9xoNQyz#B5>E#H0Yp z$!rR2tYQUB=-JmADf<TbBV}KZCBdHVez0PnTUY=lq!8rq9|Fz124)841}28)Mg|5Z zplLBfBreJ>6p{@mly$co@2oqa>eaXP_7)B4RpAp}TvWQ8vg`8X7gyG_B|2m!glB}b z`0mLHVPgG%fA%b`b+PRIUWYa6-~ZPBRr&Gw+7AN3DigZXPOj)!y*_F&!^?fU+}=eO zSL=v3HO3|BEM!XEy!WU!L*0=-%*NroZy)_S7wdY>;;iYmO$RT`Y4lq4WD{eIY=8XB zBOBM=?ofO^fupJ6v%zBLXA_#%g=%=djlRB8z=H2zzfbgRw^xo|H*l03zR+R3t>${k z{W~oeo%u>F7pgjFys9|Or=w>%x2HQ#Oh#X=N#N1r)G1sn2jafRM*k3abYWMO_wRe= z3=C4y8jml{DYi3epRw>{p#JrHYm7JhL$WStXpTTNbqr~i{Xx&{+p3<MKi0He+vL>F zeIa|n%_nF{0=)0n?vhNWp6Q<-rFWmzr*?cP@;Rw<-N^6rUCB!Ky?xfvllcQYRfMxe z*oxkBUS7EHu|vzr=MqLGHXeEW^S!Tpm%BW<EhS`na#6t5(DT0(CNnLXeOP(2pIB(w zf`ZE2vx@TP^>z11KJGC55h>Nkd1CsqlH&<SqR)i)Z7TgM&BS>-GQVhY=66HKYaJH* z+c)hMtNgj@$-WNNyNT+`GFuJVS<JRbP1w7jq%fc}caO+p{<d`=SKA$5z<Fk|$HfP? zQ=U)SdVYP8b3ymd!!0(#tLi4r4iBFEtKiT?KEt20(_>#wvxtk|T<q5&ntpFynLv`l zzR=96&J32m-`;JA^7C{FiHLV<2In^^Sg)cgF)b5**#Xj;H-0umb}KVzVlFahVv2%f zHxaw8SoSxemyE7%f4nW8@wM)qC)ZFy8Z?i9JX0OuW2j-E1{&z+;*s|*O3cbHPgL-% zN=j4+%CE}FOs-1J%LEAp>pAMdIuy)2{J~L<Zk|D~90@rY(A3ZXREe4x8-waoV`MJM zOf{9PB$!e6*afWcKI^dcT;lU-r?xD-#iO+0*VgJXhVmZn^R+A5&Zq@GQLt_0xfb#G z`4=sTxwkH^Q+xM1_|BIJ*Mz-zCfFSQa_dqb?<A``8#n&9xOaG$ZhXT|roCQsrTMoU zK6Egh`R*O*IkuZO++&biVdB1f*6V-VB74nRZt*JY{}p|DrI^B6%Y=9OrQ4oQpYzl1 zZ=G+xum1ZE-mG7DKicLgEL|Y9#kXMRx$8yNos*Y0w8*G?7I|*{Z#{M1!80cq-@M@K z;+pn+^Ro7**M72U^G<gtu-UbyG-}RO-?>a&m%L}EdAqTTr>>o!)4^~@sq?|Zlq>0b z3@a0DcAs)Q8<WLw!p5R6Vm;9r6?wCip4dt+iLIy4e9aH|tQ`L%_W7C*Cy+BLYz%#C z@ek%Zk<qecFBfZ7Pte%pd%)O#)vS$Ic05u4zjE5lb8ZiEYkU@2EMY77@WoN^jlFxX zeNp>Q>%U9#wSyTR{I}eh#m@IyR_5EHq6w#)Yz3RTFYTVMwO;XAa@*WW$@kxP^O#OJ z-1XL<|LYl{n@j9=FZiP{HQrxMUr@Q(uaupC|LlufWM2xf{5zG<zsP6D+Vc-5@Sk1B zbv(9ud%&eDiNCIj-o8G+Juu|;(#Nk)wk}XrF#p|mj>n|sp-tnaazE##9r11H3vHim ziAmgMcl+OVjiZa$*KIv@s#i<s{q(no43?bKs`~xeS6O<dvB?6xuPeFjuf#q)-!lJ^ z<e~VkYYK9Yi?@R_Dy+3zl95<mk{S<d<AT-!#wRDn>!O^%%r5}Xv@CiCO)OdlP0T`& zOe>JUIDNa@@>g57%(~{S|9!%5v=BFFT!&O$qMYvuu^PH=4Vsa;h2@=*hw|a0i3%>6 zWtpIbFNPN2g^euS!ulG?nhK!xB?`zUDd;M=<rgVH&m5^rO;IQ<PF2Xy%c(><C={YW z0oJGv0-yTf2s+{ee8{tbg@K8I5n`a-+|bCt5Z1gNavma7*lgObuJil$jp(}-)zb6I z(;83P?WtM!d71hwlf@Z^g%-w1Pd*o>Rc>6Fx_D{#)&2xsd#5w2vW*TXpVo1_`{e$g z#5s?OHz`dObe4!evQ0ibhl@2r>4ce&Rn5|i=iAnIEO%iNE-5VLa*Aa7AuW>abU#0S zS9a5)xzW$P_R299-S#edVO?KeE6=h;ZT5pLQES|7Lw8)?pcbUTXy}l3<EF~qZ(29r zD0;@s{#Ny}KGd{sT6XW`$?B&k?S8e!;lTVuKN`-*eu=tsuB2_5T@H8fslAiVNwO6^ z<B74zJkD}$PtLjMZ{IWK+))+v=ver2<&PP29(=xPsF5g`lRmB2a^~qnt}4*$I*Di% zAQv`kb5>1BnDh3@|6g`oCECf%-?v5XM@#zPR)Lhmjj5??I45-;v-~3PbR}O}aBRiB zUn&!KKX(bde@x7T>wT6>;45wRF6OGkukE>Xg2WbRJMUDTU|+D(ST)yGO2b<H{Hnv6 zPSW?SeGV9#L_2ou&(=;|ukn7<*TbvQ&Q*uK+kWD7`oWWPq$GA6Iqb>&F@Z1OtlQDg z<(1#Ji9WEneOzB-0grvTTFFgSp<9Nxq~z{sI!;uw$y~mh>C?6tb>_}5Y_DcNDQbGW zkn`Y62Fc5IR|>Ls6)sy9vF^+6mpR+sx1X84`@iM0u*Az;%a6qPBviAOt5xm4!5*ZO z^t~YYrsbY|nM0L#$~4!XJF1hy64zmtXL!XyD#^sm-js3On&buG!Uom~M?dHtsTF<? zUc#_mF=%4FV9>;}15(1USZxdFMh;rg#0K(sBK|YoRSlFuEd*|18AvWiDP7=4!5Qiq z=zx?l3#$ggPKC#(9yEMoU}#`$XlZC+Yz)4U!wAGRhjLNI69>eBgmV4<#H~|<cZL7? z^(md(O6tB~L(0@G7x$d4I{!^`nx0CCgNns>sn$CYKBt$cJ59eZzq#x16E@~(hNXdW z1uP|x4qmZZeSNJpy98_B-{v*1(r!vfXLNlHmzuHb>)SHhnw$5gWLbNQAH3SXH`T&w z>IK_SGr#+l;f7jrHzHF#BNS%Tt&Xpo|MHseo92?0$8&DH)AVZ9ViWlp^6c`hRQB#< zbD`@O-W;x0aCBMx_VfbrhlQ!<WYY}4moZA7sAZ1WHq}#hnULCxV?1RK9;cmt6}wFB z-P1Gid()RQs`D*66>@ZA)l}I+IWNsF<~v!g2bW03<(r*7ylBJre=!!1g7*Ayaeg)d zx)`j9DafFS$q#V>FC!!5Gz{2+ECa?iMNl8S*h*hNKe@O-50-}W)6$AF@{7O+=t9Q< zkf!dN7^Og6c?FgxMnQunMqYy^Mou<PZ8k<0#(fbCj0TOr4H~b&>|kOtXgn^}cqAw_ zCo?fGIaMJ)PoX3uRRLE@OjSs#R7lLLR47O+DydWe9n77ZTC9+moSa%v0x=*BYyfC? zltN-bK~83JVp2}3LUBoAUP@w7ib6?hQEoAKYgBT6UP>ltsJ~btKMhn>>L`HvtcZ2u z1x1O;C7^jo9k6;7cOk0kRE2>2oXq4(Jp(1UuNcL|Kp|(PuMZl%fQ6f0QZ7>Gs@psF z?PblKY?5y*EmwY+-ja3t{e6SRb)c|QW@%hz(73ok1e=<LjV((W8wWg>H9-m|)G<yr zw89Ep4|H7-+4}FxtVzoyuPmu6lIXvgQ4^$cH$C67>d2}%+eZ-_d<$l@B)*V-oGHO~ z?zelu0>A$sROI(=I`>um&l~;VRmIiJwk3Jb#OA$Ts&{06n0kPA(yo2pGB%+xj<PEI zniSk)ue#J#iDlfc^$jej2$waM`^z+Q4$oOGR{!I>`<9gc^2*)V(8n3JbB<KPzu1G< ztL_L^T(}l{aQoG@Ml+eMy3T~CS{gQ13o8Zga?4q`d)_aW98a~9{!7KL&loIv_9{}T z{m1mLe1Bh^nY2XgNRY%U#d8}!K5J=wx@%>d#wX{fSfROV<ZiBb%9XXeenGqD`A?m` zSKb_b^sMTFnR1s`iP=wZJzxUu9l~zLgS0l0OJu~-4Nwylso%&~3$GwpoD7;+><pTi z)u0uGS8$I8a+q_oG8i=OLv3~<E*^G;T+4^i?hH;%RRASasN=x%iaDw2i8;F9+yd$z zf@%nEVFPHp(^3J&C<R@GG#m|2BLf4FR%T&Ms1E2n0J6^!8xcXxP;jr*05q&?ZfI^~ zY6>1GGB7kUFgG+e1#ySI2MJYByIQst-JZvj{b=S(1IFcLuZ(s~b(A`JE732a=={HL zO_lqL6WO?ys^8cgf7#Vfrs$fV(Wjy={_o9_7qS`}7+mEx9DhD*zfick%;F4vuJ*lI z*?e)SpJmFgUTN(uP~5WF=y~^|t8JD{8+TlCKlkLM=Mn4W_kM@ehVT3EBJWV;CM)jH zM*%a$jD%zKE5Z&QnzH#*)D!ht^Hr`Ndvjs7YSZI0hmN=&?U`Q1maQc?e<fF*hjsq# zD}s_v-}~A3e+`bGWA{Z|=UL_&KO>){@>knmJl$=wN3wg}oWSSX>$V1OG*)_=d%nO% z>er*$>D!vW^e$bW<m3AwVoi#P5c7|1y;G7^mJ}lT!05#b#^4oVpgF5Zt?Gi@``YK$ znSobwdgo6NN?VPVHNeGD<$T#`$F^14EA_TtZf9mm$jY9j7ui`XxW@V7SK<G?mf8nC z?e#C{S*ia@{0Mi*yerbvW*FP7Sevwnp=@<zW*(bt-I1Lxy))JeT}iynCF$n=`SthY zgAS|?OD}EzvUQf({*@hN9W0?N+H>0LrOa*WbeBrqxY8MSYVR7`oEy38uYNA$KWp7# zp)@yV@~k7a`<tXw?U(V#uKM$Iljy0fYme=*z0mUF6<g5;UrVEk{dR(LxR=bGrTF>7 zY;J>!+XwHoJOA60JnPiaLoz3i_x`sQir{#*&Gt=|j^FR*Y3F!sGTTFnmlPkG{6A1& zjc5qtjX$g#I~UfMG|%$9e#fu6%Ok(r^&7Z2f~_Ni-6j#Ak(r(m52{X!K(%N*d`dhK zsiB$*FNe_2tQ25c6Qh>J?J&EayYkaIH`Q|FfCn{Nb5M&UQ3GL6slX*n^i3Dq2AUup z%)(0Wn=U*u(=!yn*Ij^|tN@=1cLcXk%?u5pCsl%nwG5HC2K03eq1=A#%+um$zpw0m zs;g_X?Ece6`;%u?J+~EV9lkonBz+N=%!c^PWeyvUY~R#>VaAe`j*(WE?@YO7bGyW1 ziPsrl)u!)WOM`_h-hKAWEu2`FylwTe_`^$De)uN^?)!1{&25WGkJ+AbOyoJD;TZb+ zbX2EkUEvGU{k}z<w)?Cs0;0<erF%CYS8<)Sd`&KcNEFNVUBa&exn?*zD*2@*wl_Kk zEUS#^yeH`uepT;TtW2;@-HfwRY+_3?iZ7V32*)feyc|^%dOI%Vp?SMO7|T<^Et(BN zA1f_87BLCdsHbi3*k1AJ6xRxi)m$lu_NT>8Z8^A5Rjxf&Du7!-=#1m;Jnle?9p0yz zz(-PoCgV|admCok5|P_C+8xeh{;}Vk@yZM}DGsLh$tl{0!CM4nm02VV#2Q4fD!?*V zBqPN({m%6{^KClP*f_!!Z!5b0&`MvmU&5%&K_L8K*XOF6f~kF`zvlgM-8%24kD>RD zi7%XW`ZiabyZt!0vhdnd#VL%pLfdDlq<rg2J9BT2`PmgF8#8AspO{ynq+Q_rIMm%R zQSyDn(N=vwgKrBA#gtDxf0Qa_e0sl>^a9%-r{cN|yAwD%b$Qrgg0>&|$u;AmX#9Mk zeKlsu7JFTm)IU+v<~lMxllNuMqXPorJ5H1dO$`0yk$Gc}7E?68%M}H~+h2ASsKri5 zn77AUoKt_xX*uVNlkDmTFU5R+rMNRgXpYUC{qz1b#LP}U`^J5hs(ShY^Un-TwISD6 z{&=Y;ytw>@JY=bWBD8gqT$z+w1i895JtsdYF$cVA0I3KFM-%}|4Vsu2f|ip)nj)}m z+pVi~J<xN%HEal)OPJpoZUwj*Vki%860<N1iy>r??|_76X5729DKeZ;-u!W5&t8#$ zG~xdrE?2%${<K}{cwg&Bq2gtds|0S(S(I85Rc;qp8}{vv^0q5)<0Cej`(E|r%ln$u ze(h4vCG}&E{+rF8k-9+G@0eD~?5h)m&Wo^pv3`6-W8VwDAFKU5rsVcbH57<>yGVEM zRjb@hGP@HFxOp>v^;}oy)^(wzcOehcxp#k__wUF~`&{qBus=;zMEkCQfh_wpd*5%_ zJNma*^DMP^eb4>&)mY0v9m_vo*DCq=B5INK{D57{dR$Ep1*A^Blic+F?*4M$IY}pz zi^VQz@_VlI_^^4^_MD^34J;jE*ByBjs}}s>oQyI@;)*GfyI7JO-pE@Nlnb#HE;o>f zRaIXK$(xN!4H_2_UhIa*o!dC7d8^K>QSfOCGm1OEI<Hl?Al$$n)U}aku`n<*Fj-)< zz@SYJ(MK}UgIpD@3r>9CY2M_b9R1`H{p1o*QyIJt4tebjRvWNn@38k=$_qmLrcOWk zqw|*Q!7GayRKLgzuin16H6rtn!P*<5UAm7?o^6c!QLG%byoUAjUnOh4i)=@3oB0&8 z^gZ36^yKJgy`?vmAMfz<QdpkHq%vPAA-%d=wutknVa&_Q`3>&2YZr2}i`csVXU>%3 z;dXhRth&5@)5#rWEpL^-)v~X4t-E}G^Zu7z+s>|7l&&3gb$jXuOP}Ng6DubN@rT@P z-aY?f|MKAC!>9inys2T?al=J^a(p4D()K*NS2E0gbEOm#e>a-HiTlIly88Na@z4tk zUM0+4_U&;`wB{kU1d+MA(|uM>7M+`TgfZUZTEyNkLm@xG6N(Qu3r<YEy=7U4#ko)~ Y=@*wKIvCkTCVbfa*z(*fktX&k0Bhq^;s5{u diff --git a/roles/nifi/files/dsoclab-nifi-1.p12 b/roles/nifi/files/dsoclab-nifi-1.p12 new file mode 100644 index 0000000000000000000000000000000000000000..0076ad1207c243f877de929e2424ed953f60469c GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#4ZIbWgSC<rJV&Y(EXkt%zP#db>QP)$rSZBd} zzN;mSmBBNYo|TqpvE9D?<G;ttE*bo|74&xIs~-kB6V5CD7nEb@?|WXz!p3o6&*wMS zFE5DsFL`;vyF8{H0U6&_sy5{B^%jijzoHb<H%E_4Le<JYlJ!JL<bT$TNymQiYjEoS z3O=$uaIZ*rRVM#cuA3!Hj-RFSDwpo<+v3o0)x>}Hg`iWc7q36`NpRs<@6yE2!r&{& zw!JUzgXpj55SAxxrj2)YtuCIu;hFc<Ro1$j`xSXpTz4(nUViRkknC9|M#b&wfuS8g z;=g~}8OpL)?EAgNS6myK+0NAZCU)F9nHIF8gGGPtV$L+T;O0d=31<&Y{<6M6)ZuNX zM0VDn86qsTd`*icC%c82ZG6ac=$0MJRyiR(xrHa|MB|lb^gn1jQQ*>XrBMIS>m7>? z&(2hw$`e(x@Ma6wy0r&)GKQ8N=UkrD6~Jv(wxb~PY=q)@RvCpk%Sx;ldM^qz`8UO+ zqN~6$`1bFWUpA)Ic30kWvA_3m(~Xo#!q3eLxti>4i@1yOgD%A1XGy*!a^-{kC9@+& z3eIN@nlpFKXQ=z{vee^JTlJn<Q3fhCdgbEt<qesVvNQhNp4fS?M(n19z*dp{#!c<k zn@aWMl*-C3GhDW3xv0LN#WCXFbe?@X^LH$Y5IKF}ctO^IuRMBx&3$iZ1f6)Hxv*J# z+ok7*Oba)CKV)7pWr|M56!qAU4z)QCmoiyo`tR)9S8eXH<Ke+mQId0A|H_vBzPF)9 ze#Mq^;f$M&;-9_>t_kI@&TPr~8=BU1+M->}N;CI+W}ei9ZH>3Sa7<|X8}nFcL#u+# zy)}JIA*PaZ-!1zSallo;Y1@Ju<y+=2c(9Pu%Exo!K8G{UmKSdSroH&+C7!F7+RjPY zR;<+ibinVi>!f3@Yx>#r=Xag+4A`=;Xxhi<=G?@Rz%ymlsX6=CE9^S5ku|~7SToT> z<l^u9Y_Fni?#l@Zx;h^J*t2NE%re#T&+iY+-g5fwZ);gThtJ#9j%V3!n-jvgMR|`u z&$X@QYp?85GXB)IbMcW#o*Ch`Uze=qe7D3VySTSpQ$oaSgV>Kbe?L}Ab+rXg@ezw| zJs<M@{0BZ}hb`*$hGjQA-wHkHSaNIjw29f9R!ur)_5N|K>dGZwr}Qh`yO$Sz{``T$ zvXWM-bYD}uxAoS77lIoaIWqe1ZOeYSb=sW`XAOequ_W6RT=7l4u3Mx%Z~aa_ucum# zFEyn1m#e>i?kBS0j?3E~8yz2;bZPDt+Yf~I*B;a@|20+Z?TO-5J9t9VIq&s*{8HN* zontsR@p`P-kJWPdWk(nnWIL+fITbiZC!SZJd-ruot=s!%cPdO1Q;jlQ_{S{l%IgR7 zV_9yV>3s3id8cU8frl4LcI$idO_Ub0<_PF9yu3G!Z}!Ud_q%w1-q2Z{vGsvx#UwxT z9icH>?p=zV`0$nX<|F+A>$G3%3aIn4A8g&q(rNbex@FSt&c)?tTOBkH{`I(Q{#U2S z@-KgK#8>4Xm8$d3-cIVg{7lC->94=mZkHCr6=r!BUZ#5A9$xUCvwF|u2l*F$OW4$v z(#lnju_Ur=zwx&`czXNnPfyZkE&A{+AntZSsnz<|+tQmJ6_!UC{Ev63{jl_#{G@y5 z^rlV|)IO8Juv3xG_G09wo%|O+gzcOWvC`wSt0-@~#v`S3-;ON{X%Y6yW{R%=7<lmZ z&S_y+XS4s-UAD|xVXB^X`h_F+9-g{b%2fT$&tv|b8<$T{Zu4EWxUsy%#I(v`&WEJx zN3AK=&$0!LT;64G-+e4P+BE#g>Me$9R*fPBUp8{OUK3*q|6qOT|FczWR$@{+f4pe6 z)XDU7n4vzcBeY`8m6_~E%I@(kyYPdNv01#|MB;w;fhp6LUA@wK|Cq3#-}G0`x?87* ze&=mC@9cJtLEzZ?i|St|e=N!}dTrE@Z}(LF&bQ}s{sq5OzGc_6De&iS+opM2ojce# zdbQNFU*=O1Cx`By{!?|e<HNoie36ck+qM7ScFGdI!MDO+G&$xt1KW$RqN%s)w<zS_ ze|7%VvXUjLleXC2pL%2||6EIdk-UXpl0HbOi3WA@XkPn&$$Gxc;RZK-xhUUGtt6jl z*A%9Y7O@{x(!boT%hvdLL{~QKT<kyZ@7LLuE?wWfd)m~f_I%z0tJLJ*DXyBKC2@T1 zvAItVoe^0ub8A}Pj}MKX9?m)z*Oq_t@&3Mkwl1R|R%wnc#!-8Md!7H4JZIUrKbG;x zQ_*v|2PexnTb*BNf8M>!I^ygnR);IMCWuLd+Rd<d-YnPqU~5B&z+s~ap8FMpJq2G( z&n(%Jx=Y!qy?Xfu?j6;VEc@AC8n&uB@mF`vJhlAy3KxER;S28fzwCIluBg-7cv|@G zc~1^0iR?eqx8z#*&!hth|F)IS>pa;tDJ#6%VZPG>Z}A|ZV{!7Igx>!V(b(8oo2436 z5~J30V)@f>gDU}YB~=#>yX}3j^P$Gn9m192`TNebGG|I>Fg65zdVi`)_i^Z#7MIz* zayy?|<gL!`IyX&H?Fqx<xkq;j?oi`%c<wnrWsSDO*0K=&a`vwc?_a3~CciqDw05^$ zszDR0BT|LDpo!IprHNI~povw>povwDjT=@yb1^b4XkvM1(8Th}0J+v?2G!b}^O-_> zTv)h3wKhu=%ZbTrmi_HdE?}Bo{PLTpU+u~3r{vFd=LWm+KF*Lm_2l&r<KT@lE&gB5 zhA!IOIP*()`kUwkPS<-sUf*+bDd?Wcm(v(5Q|JC$K6T>$JJV0GCi-l;o%`dX$kxt1 z?q7;D+s&@7)_9${ENGkBr!z;awS4b29gNx+F#oHx?Cq*M3jYJRkNoqy8&z+)+wZ?X z>6=(3@9vn~q%5xDd%JaZHeT7<Q|snxf5=```rE~C$FCmX_#xv~y`$vNitgo)db|Z= zH-C+M`E-Mt+UM?!XPZJdIlbp$i+B<x)@;_|7U&UsU~Ry4$tt0B7JPzJj;gNgZ!?~q zC|%-I-(dA>iu{%@nO{Of_j=A<QWB!VtEaK*t;Xl2XZM_z->+`SXtZ9=`Fj7J{GC15 zgFl}45ejz<P`I*|yZm8{Tg-8j>zA&r4Ey=wt4mZ+ukBKo37U)v$rBGe(v2z?vQ_Fo z_~^OfHY4p@_g-9$J}&4tled4xbD1CdjE5%wNSJ<bYIe^4=_~lwnp7vAD>CmCoKn4S zgY3pV=DY`=>2NM~Fbh#CUY@jL>e2U`omkg={;93MljFvl3N`(A1*MVulQwK{Gbla! zsh?>pi~4od5Z~oH`7VfRA7{Pg8IZhb`iC8SGr287&u8^aKdchFCXUHxqDSmzuU|sJ zi2|E~SM^^?Y418T@703TOZVQ-DK}4Bx2DFzYSWGj^Bz1goD{NPqmXybkG0S0Quk_Y z`M$ZRj`b7ktQD(lw=aA6QtF9o<eO{WUfC^&-*YC0Rv+%wXEi!tH21Gz+n(4TVm~YQ zthLg~xw`NU+l%U-4!y^@UBsBqEj*UI$oPK8$Bh4Hr}XwmS>(Uju*|_SNKi|Hd)9m3 zIo}0h%r@M+6PvXDr;MoeuifRm9Y2CIEhm4w^`>#^zG#icx{rAgdvezZJ`b6jx%b`i zrloGWCvMMXJaheaQ-X%a%||Z2ox8#nO^$5e<Ewr=e{%Du9{Zi{`$GhnT}!qa&v@Ud zKa1ts`(1w?9j#(<{XTK|)B}c_1U~K+;&9(4!Mp8GC&%(14E^tz<}OGN6Lfv$th4{& zjE|3Q<pd;(JQABEd%1LXW`CzZTI=6OS@yM$mz|P7XR`nIx;%|;t!0<=H0M^gIUj4E z5fjG!YvK<^n}1i<`t}wt@SFa_YOmRL>864P?r%4*npB_aEhv8aR><js`m22kGSbTC zP7_)dDj81h%jCGSf7$+UYmPd{&1)~m9+dq0{;lW<d((w2g{`SGC62kyTb%f9^)bDd zXVffqJufs?%{>;Bc<0e8wy0Crzg)YvEzM-bc7w|c5A!k~om#@K+OPVO#qM~9nAtS@ z9nq`hcdOXH%VqLp&D#4!Y4*+9%eCK{r_@c3Q02(t3()H5Xypz{wTl-^d#LOAK>Exw zwTU%hYc_6K_)yHNQvd2|JqzvS67StMRDGW_OLW7j9Fv_stSOg@SD#F-NPe-@^=+H~ zY#BROMoo{KrjwVijeX~`qgQX;53U~9Bl0foy;-8B9zU*^M_%$ujDND@n6~#f*-D0` z`?Xq(!YBP+Ga;lxb?OB3ukpKov<Fz;Re#{IO-}ml(&NnvCh`V5(k8J#@O$=k|L^=e z%6iM<?=`bk9A4aI`)x)o|LxNcCAoR|FP_-XU|HxH|2CnuyN%azmqYE92fu98&pnkt z$zZ5zpbRe^IYkY{SVY!)?NL4%<!^B}s_dyW`_iX#PI1&37#b)VaI&##^D#3?u`;lT mM0`zA5i#{unO7`1SC6sfsP~=+CM+EG5A!4vE<`bbN=X1(3{!Ui literal 0 HcmV?d00001 diff --git a/roles/nifi/files/dsoclab-nifi-2.p12 b/roles/nifi/files/dsoclab-nifi-2.p12 new file mode 100644 index 0000000000000000000000000000000000000000..fdbd25a1e50851b8ea865781bc903dcc78a1cc8f GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7#CldqpBfAU)#6B7qRLlb+#*4<IrYbFNQ1q()2 zW$?s*US7GN>z8qJRdnn71gqz6;f*{YlMXy8c({r8OPyxkB+<{YQ;L@}DjKi+>1+1& z#m|-b+^6<36n_11d<xg`6UX~wtJXcLf9UW`w0+xL7e7U*eOu=In5kH#x7{&unV!kp zdv6t1{o=8xI_Ms8`rJDut)25L1h?I&w@_X$a;tmGYQ7cHiq>z`dP*O>t}xPmtzyCy z{BHImlgwquj$68IlL>3H^L-Nk;HqEA;c^BUkHS*@nI$_8KG;6z$aHHRlXl@PcjH9( z&ddwAx~16ctm6Tp>=$!#%AGvgqnobYeP4O;QLx#bDjV6<eOW7SE_BOx;pOe$b!~cY zS=#cRa1&4G&5a71jhH_jwV!n;YJ<68>-nVX%N0I{-@eMn9;1HQ;cnTtsctPZgk$F# zY*^^EOmTbE!6#yh&7rlwUMF_+rM*4&Dvl}Ux`Wn}K*QsGPJO;59Uc6}AB#21cb0FO z5g*m4(i}NCZqAV@MT!0bGiEM0!B97K+RQ&zev{5UEd96oM0fZ)c{>Bq^vcF7$4ehL zR@^F>rRSOcNoz)&F8>#ct6co95)Y>LatPXP{B51H&xG4NvG|C_xA(R2HrI4-ttfVW zA)EB}^c9cZx%+Ru>T<c=Gf81l+VwDowFd+YMd$ro{O-jY-**m-WeWPMofj_XdT=a8 z?1i`^=a%h8Kd-w_s1Lc_b4!D}`E$GAqu-~SuL-}su_<uIqt_R7L-h9gOZ0tqN~kEE zUADcYhi7F}iOb5udNvj348e*&LbDUj1iJ*r?YO%qUFVgB{d1*F`m1*)-D|nsx^gC4 zoderf2ai?rz6sA~P|IDWvEg9eU!HXj+CH6Rc~`#KRGPUoz3r40d+w2{8&|h}NV{R< zURmh8ef{ZtnedxmUta%Qv!Km=k6%ROY9|vB*&yK^%Vs4VGT5<GUM{=!i&uv9%d6Hu zjN^lN-mJYZchS5o^Q_-BgO~far%v8lENRB>=AE(ozT%NNt-l{UIot5Zj7w})^psRz z!=7tf4>9_^oab^lINfH+x3d2SkBU9+k%*S&mgat;S2K6joZ78RgMTaT=6lVV6n)U; zuv|gDrM=_*t#fPFKFO>7ARi_FarU}Rp3_}lOn5uBzLWQMV0zgf`@+JBuMWid8BW}@ z`+}@q;Vz%3kIDz_1Ua0a8&p3jE-&ui>iBbo=9HytQiN9WtT@$uapFVgSsa(_o(0?t z>s}H!i(zrvr^x}mCl+-qeG{Z%@TEP;<>%L+JF>q57AifMey_zYwB?1(fu%vYhd$j~ zU#<5hKIDDuMg7?;Tp!#|t~e4?Kj|cg1>a<zt*Vaio;^CZ=_0RSUx_v+v-huA?1y7- z%hkDeZLBtOm8d>!a)agFL8%UfzIVM#_5@GcvgrS|7?zbq_R=4@7C0xIOOI{3zv-pB zqwsf2=BCY-`ve5?&Twq5WqGW+M%X!iNdr$x&F++K2anv8m{GaT`c07Q!X+8&@>3?o z6#diOm}2$UraLa~vd!x9Z>k>`FvjS)FTD^d^Er!CNh9dY#H>WsZ5pzn+M?W1+Ya!a zzxC$oU0uz)rD9@7IKt$NU0R!NDX?v3KIx^W5hXQSt*XNArsmSa$xD~F94=J6eYMr< zhJSzQhu#aumFrH{EO^J-a9m}k?uROd36myeeJ>W@z4N0d$GqbiPyU_LW4bW;(w)32 zW3OLsDtc?QGOiYRRj^;%s(wo~lXtD-U2RoaA(kpxaleO5N@qJI*S!evXHeL@_QS>; z{<qh2ZW+HZe)%bbvu)<KtTv{l+7stYNI8CN!L{cMtW%E_Gso=O{cUCF#zwX+&xKAe zS-VQ|Ygc}4*sQC{Z|Cmf-xL({<+4{;)Ss8XFaHUWd*%P&pS(<ScYOZ*ABLBwxtY$X z;>v!YXE0;KO131wZ?jL_%XFQ$;mowj5f}FzSbDEK=J}7;Y+s*<>~!?{VEtj1<*G>@ zQnlw6ybcvERm?At|J&bL_A#APro;Mj_&;%{6Q|eos3<(^XSt#9mm`&F_qJoAk0i1$ z@toKg_~%V)<8*O`*><gt69cL{<#l(iytuWoeMis<waRZn<!AT2s;%Afz%OW>xt#n( zSG7Ms+i%X4JaVk<ue8*my}g(1{@lENMBe@BBVX-_f2Y2_(xL49etMSMp{Z9mDh?gu z3F-0;-oS8jcCX9N7wdk%c<}VaPS>xt@&y-~I83D0>2qz~Fw-HS?p&F8*(^W(D4kQ* z4hk|$g?hI7i}v-{R&rOH>ANuc+8=Mz+P^9KS=Y85$MVfjCvHo68_l|>B~W<lp%ZLw z^S-%H{N5B|z2#{RPu=xY!7Z7I<!bY$JF*&WxL^42e9+4On>Oag`Mo$gb)BE_C%(0b zhegfXLv|c%yFZ<Ga?-4r7pK_N&uTI|*NSLQ|6G5z?DN%yKf(iUt#-0=V|2?&y)1J_ zj^$_YPO}HQrx<MW7uFB3a$DDUp;*Hv#cI}zxpI!DMgQJ*of#Q=I-^6f<oy&8@rJ$A zN}S$q+x~3x|EF0AZT~jya+jGR=68PQlbZd@wEcC9E}S~`*UD+z<ZfSPv9750?|<fP zTz@9epo!HHsX|`R#A?LS#Hwe|#HwY`#Hz-|4Xd8H7?~C{vAi>AVtIv9Ycqpt?cnEk z{`TAdRRh)9EKMvYq*(Gl@V-0wh&k;1((2>O`QqJUrth3TGon^5d(Vl#bD!KW`*0-W zXXopAg{}4X_$#A!{84XnD`nnd6Ee+Cpl^Pi*AZLY@PqbYt3(d8m<hbf@4O~HV})I! z?vz}1lU2Ls9WL#Nx;KL-Ui{56!-MH@c6;p>`2F=-Wn*<-Y=*ayj(bYdFWWWQb4CBI zj@3K5UBPI}4FlP~9E*9J)^A=XYj*y`)17MUE8Gp9rzd@zwf@ZZfNP2(aW8A%eA4rC zVK~_)aKFBTX<HnVFz2+zfm@jMr<`_Kw6FBSBQ=9t@4dD<NZe4~&%`6ZGy8zZUr)Z! zL<5VL8(6<AV|bIg(8JYigZ;rRyH}e1o#!Kz5GKR;EpFq!!p{aXvc1)-!rBVwuTTv! zGj2{*dd^|fspNkn=;HMm>f6OcW~`Hpxy9<B^egevp8%FzpF<mRpUXN#-!3}qpD^Q@ z!)j-*oJDJ=Z#Z%+SNP7_?3>j#vpyFIuU=sxYxJi!?>bxBkuw2Nid_?~uGf-~m-4Ue zyO+19d~RNQ&OwIXO8@p<^3wnO=LWauX}gz7?i0+Ia^9IIzH9h+C-Or?@FY<&<^1CL zHMS8`S*>T=t7){lUsl^y_48vzEko!Br5Q6?zumHC<@;OW)pQ_tUZsCETfX7N%wU-< zuVP(4hCX}#+S}sm&U-D-3px6Yc5_bH;%K#6^+4ag?`yWQNtiBA<mi9Fa@R*(-0HW` zj@eq#>oYeUaB~TpdM)lu=e>KAd1KD1mA;Rb6mgpLp#JI(ixoe4?l;HH?OiFm^!URg z2`=epW?lPq>G5oNo`k?D*^1J~%1>t9Pl{7xG|k*r*L?T;a_!KAXP$N*yMAfLj<dpg zPgG21tnWPY_ozz9@|)}Zw@%-(J=ThEZ{VjhTi)s4@`&j+{yK|~^~c77FcHUlk{l98 zGoE@c7rP<ydiTw)ZAaC2m;C+IwRn4u<UPhOxzjcWNrt4~d)2VMUjI<zk=_q`b4+$O z|K#Yk5We~{<+J(y3a?BX=93>}_Vdopwf*zDJ3+okVd0(EDY4la%U=a49y@$g+QRJ4 z8{zZsJmY?OywutCLXi1|bnuTIeRZ9R;szz_UArf}vsSPE_H|a>gEPB>dmr-2K3#G$ zM*3<6TUIjT#Wbfa0h|}IIyOseF-&iL@N}=B)up=H<sM7Dr?=hSdg0o=^?g&;*yv1| zaOvaU|9di1PgkiuI>VGCJw@nSQ2HVLBPJqYOndAjPgnglJai!4VttaPi2s5=5zM^j z1o#Zs`de<u_@7)eRlAJ${aSIg6C0OvbI9_q*`YK4<!sTJ-fofJ%@NwITmAc<tookG z&VQ2UeN&T04$G#9+=iyyi)}JO)<#@jnU9TJa^r(8eh#gY;QYKbTx{D^Erw}lKYq?n zdK8<MBqQM!v}@X-%{@Oazb`I-61`}ViE-S_eEHWZ^;b-`eUQGSwv{<%W^ccaV~P92 z_N<AyyA~eV@#(hMn(9ObRj)NJLVb6xa;rBchc>>-xo0%R*SEXYyyVj2|6i{eZ&$d% z{`*s{vRH1%Ul*ojte!#ZUCp+3&RH?pw5D%=Ol=BZ=7S$!zO3HDxOuZj{8QnH>Ke~E zk1S7{`CKncBy!=zHJ_gTGydJDWK;OO@CjGr^PCu8rAKR}<)T-+2AA^)Uj3o`dYQ?G z_pc094V2-fBd4gL7>kHw9sj9s#;T`p1RV&O*I};`X0)Nzz|cU^fRl|?n~#}Eij{#y nB$)3<qSM72SA)OJnwIjcb9Y6b1QQEKOoy0v_C53Opi&Y5zxP{D literal 0 HcmV?d00001 diff --git a/roles/nifi/files/dsoclab-nifi-3.p12 b/roles/nifi/files/dsoclab-nifi-3.p12 new file mode 100644 index 0000000000000000000000000000000000000000..4d4b23daaa41114bb1ab95eea974f0c2618dbbeb GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7!1x_UZtSw-|=CMFJsh9>rePtUS0g<U8(SfyO@ z)M(#ayG+M=?>kG&E~+qFtozPB<IX-s58c&A4i|*n{rjb>Cb^Vfl(RU!?4*pP>*tP} zMQP2och82MIVZH$qjj%PQT9cbpSMr>d#PWa<EGdhct52i;G<l7T8=}KPG*Ls)C=F^ zH<$UnKFa%ci>dR69dB2?>8M&_bNK5X^@0hip=_(Kx!*0>_%T_U{dMZm6TvU9#)oQL zy#CNpPUFUd#pk0er>O|CZvXxwZ}D#<%O#6GpU8FgoH4a~sn~M!(5_Qk@19PNU7Rsl zf49Yi>E}LlzJI84M7MZtNm!6^Mejz--pzME-qhUkDy!)H@=J4m{$_TI&XeSIwBf2u zJUMql|EZ-WZJ}WT%XwUR|Njcw5p*DH?}~*H(zl|%T@Q3?`P*FY<J@{$Jj3jClcR^G z>y@Kcy*b+VR_LEzDROA7ztQsp57!#~RQbttX)=Gyb`I{T=l3!G|Enro#%ap7=&r-X zSHI^?(a-<QE?Zo9!*`O<n-J%{jh96G%J)t=t|mKS!mYx>FRu?Q&ba8@v~ioQzLSTu zPs?<k)HSV2k`eq*|4%iSe3%$e{gP4NF1wy{kB-=~8?$!)U%XiH^)^AJc?}^=cjqkV zGpXf1AFkqJabB|SOw+8@_j``z%x$l(C<%C3`XKP6+`Zt2m0#Ry)=u6e8YLxbIitq^ zXC(WR{^Pa&Z=WT-4)kC+{b+yA$=tV6HpiaHJ~(klVAD3%uknw?1G$^`*4w|=Q!#c} zI>lV2=1I_#zM{qVKgY+NPGntnfk*Dq&npuSY<<0V>BE<YfAz~>duz9Ex9>NOvo8Yn zSFAZA)cftC|B>#?Yo#3=u7*~di+)J8d|j9GhW$G0Ug=I&hOR&J`o!mo@3#NY|FH0A zF{@+pU;Q~^?19`V^OgJF1hhNrT$uQH*Xj<@i$~iZXViY(^G?)0Hf}<p>cYC^UljQK zXZD?KGpe^eAr!%*6(l5{a3oQ`blHBTJB`az+NOWfFJYOs_qvOq#yPK|Il6+Wmy9o+ z4m#!~GNX2D@)6;#iFPYoc&03MbXu+2Uzu<%{q^zBH?Dcy-*7JEvS-i95arO6>X>Si z6L)SE$k-&XZ+WddQ^ZF~@1&_wSj?kC=CfTZGxO(aPvK{@a`63fT*Rn*&F<H#8nZqr zSf1mznU}lB?Dp<>%Na7Y=9S7Dm3nm>w;DWtdCq5R=c4OU%RNtjEl_%Oc<Y&Tqq9~m zr>C>K2hP+g4>Ho0a28n2*kDq*c8ifr!a3e8wkfO6TlAe)F%pwKFwbL>XCB9sj@oVQ z3s*gB@-jEtm;TOp=T<h!84vw0e?1y{^vV{iE8*SB?GIaDZk|6Y@z-Uq_ZK($uY5jZ zr+hc>ljVzcS<PSTvtL&+-q!Ya!;IT$)1Q4yvo{Dmy1egU+Ej_>pQdDW`}i&soc7Ue z|Ln&Z_rv2?E&cjHZg22s+XupvYaewOcWC~WklWC|A;oOUg2z4?XFJ5$=4QQ?F=V-4 z*s|rg+Wn@O>rxued7qu|y>@c*Qy=ZhC$if*yY~LFT0iyuuN$k_H6~c6ud?4388!3x zv_g$@vzjDJH@<H8d$hdE?uKr!`EqMd&6~bUk7P_~+N^P)=>LO*J)ZX$q_~7AUp>6n zZ%L!s!=#g^Lsw3ly;^({XZJHH&!tLt@7;Ij<uU)jsvr=zWP!no=|7gbFZsIRseRF! z9kze`OnAQsU!Nz%yYKsvF1dKl{*bjMZ1G~M5^qoLnr^nelKa1iUhS95Q}6v;^>ZCV z`fd)93tye`9+=(9?kj(Na;eRX&SIt&?cM@CzqB0$IWsq$sdvpWkiEFew>ZnUIK$Ae zGGboIo~zv{_a6(0><%-^ExmX<`OmTJvs$mV=xhz%_Pp<I+)36a2RWh`Q<pu9{kX*S z=+C8G-tRK^Ea_gDRF_^7<32rh(^}`PfiF0ApS~wDC0!-9@Y_rljw*x8ITvEp9d9@v zNl|L$n6>7r`+>^3wmIszQd9qI`=**-t1tKa!DsOu39+JlqDP&pW;k8?vPpI;=R5`( zHNPsi1@Eo?Z0<Dp!@gQkw6ZzA=T~}2<;=owTxl^Lk3<W$Oj>_&evj^MmS@L5c6^YT zKILWPsy=x>g+1X4l4pJ_5AN1JE^*#r1IMemrUu-5A58rtWn-K9PC@YUiD%pzcW#}0 znb^3hsJv|5s!ZXH4L(tY_r>;AZhswJvEiI&--=mR*1kGY^Dj<)dcbYt<KLCTJ}=Mw zzQNy*-(Gb|eU+U2sSh{ULpMsl?chC`v+x#kOYin6>azuR2x!Jw2TN)fEfBj@vSqS= z;M0%)zNejvywktyssY~u$E_=Fn&rmIXh<$w+TDAqM(&0{-J=Vv%Nq{I`_8#}Jof{4 zP~WagceEvLH~skiMzUA&`d@*by@sosyyH*Y|K<0fdP+pK=qJVY#-HK(!O3&)F<kGJ zDr0ca`LuaYX|CYGpU2<pngoBk{8&B2DUfgLnN99SGi^m)AMiHWIGOvzzkoUNlY9CS zIIi;RPk*rc@{F4Kb06zmPR(k`ReBL6X7|qZH+#T_-`5^U9azmZrCU7qpL6y8H`b1y zJF3DC)EhLhIwDob3z}GsSejV%44PQA44PQg*tlWUGZ!P%f+m)C22CulP-<;vP^~RL z{oa;#fzmagTAQVb<wQV#Ov9-l!F8f8TTcq*J<5KQeW<_m=whqKQ70ySogb>_cIAIM z%TJDTvEo~n&0i5Nso0k){G<HiZP$nEx-}2|F+OFNZyDdwcFI}CeNk1StW;3E;)6T( zo7U`jnsKt*+uY{WlvSoj`6Qfn=v>*9`fI|8f`9k@F2yMC3P{$?i`=As>GjKRZww12 zw=D^}>u<mJ=vIc7=x2ZYZG+2mC!3{fAMLmy5ct4ivfx7T-He`WrS|`vWTduFN%{N3 zMkc9g(zdlvBc82$RI<Hujnl(pce7=@ckym|Y1zKY{=%Ks|C<XnS|{=Ud-BUAy~wUK zE>U~e9`?Hb+}z6fJ@eW2+}?5Hce=P+tK(beh2jk5)vF#xdrI9pFf;3!`O^5WbDwBD zIC1z~4*#R8<|$So_RDtWd9@w3Ia79f(XPe38zWEh^960;w_(cUn!e#tlWnIwf1~C0 zw@W@mtZ&`F_Vcc-W()Wh6`GhB`n|~6ocHbFpX*L1ro6PXe!7nR(antls{*-CKdhhJ zx08R7!M3(D&o@u4cU<ffnV{lZJ4rv{<utp>H16WEJ$rkcws;4#q*oV<xk>PghWB33 zll}Na<?y;&T}KaF2&%kvx0hXfvG&@INAJ0NI=-_6^z3#xFZEzU+o`0|)4Ug#a7=zK zxaenwUGSVehvyu;w`11j2BZ8ndBrbI-<XnQ{dvXn-@EuKLh2+Mcc1On65RK;{dVq= zzeaLC4p#+BVsD<y>yYDZpV(!mGe^s7Nuh(^KC%5=9M2UromZ4SOFjE{zU-5N-T!76 z-M(M<UT<yQj2io*HTz2S|F=whay0$$-t@NLr6&J>7jRt;tXCAQ^R6_mKOh*qsI#%Y zFYR5o{l>em-^%V4id_F;+q~qN|4$`<x)H4~F|BgCYU2BboF_IsKU5SJTq^HAwngt) z!<wZ_ZA4z)a8=v?qQRlvxMur-IlZcVGYcQDV0dp_AoXHKea5_2p_o@izgo54ElF{* zciwk6Hm=xCtLT|Q>8jQ+_np@n{Vp`RZ4>S0+SXRwJkRMA*Lwwbs{<Fz_iFq;(aa@S zzsP9eDY^Ln&--^~3pk!rI39C>RrrI|bj!ZwKZ+M+O??@*dEr%^lk5DQl>6uZ-TwW% zr>Eu1wak%n0hTv+$}XO<zUjK-;^y;D&iNN=nVy<E?SqW>@*COWnGgJgvg;;_i)8ft zJNEVK)D71JrYzcaihGTWde^+D8+z*9r56vb6SaTb#h~_CH0|>PxdV~@_ZSX-ynZ9q z{F2e>ePO3=Z0d>P`1ss5^WU8CJzqs~W2SRV_p^4|cY4E#15MZ1icF$cXl0%|>|eUR z<h-0oh3eN!y=p5DE4=-%jk#c9L&u)Y)0#JKk$y1c`|R~cyjAk{wHwcTA(_ZyulDN1 z*^`~q@1-s>QtrE_vAzBDq>J*W!g;5ApWH5fe^<`@h^x_(d77`5?7cCeX0E5r+)JBg zYlzt7N^Hw8v|VU-{>tb7S&CM5oMPTtUHc?&uGEd6)+BI0bK;B4pf(5H+agzI&0gdB zzvb)3ddo$RTlej|B;nw^sQ=gfu61YKmj1uHLvZ=zPaiI|uK3c++Wjle{O?ucoHbp? zWu>>tO8ssNN$FFnQVnc3x&LLd-^#%A4^5uET-DH)qtMiSMrY{^CaY5gW~;-`9N?Mz zBcOT>+j`z<hN=e2@Y0b})KH8?<X>a<xymgZrJ;Xw)~??q|Gq`(<`n}&14RQ)Hdbvu tW+o|C1{RT@yk}k>G<K<GZjLT2)(i->`@D2B3y0*+l5@t<9}a;^NdS_9f~Eif literal 0 HcmV?d00001 diff --git a/roles/nifi/files/haproxy.groklib b/roles/nifi/files/haproxy.groklib deleted file mode 100644 index 37517af..0000000 --- a/roles/nifi/files/haproxy.groklib +++ /dev/null @@ -1,39 +0,0 @@ -## These patterns were tested w/ haproxy-1.4.15 - -## Documentation of the haproxy log formats can be found at the following links: -## http://code.google.com/p/haproxy-docs/wiki/HTTPLogFormat -## http://code.google.com/p/haproxy-docs/wiki/TCPLogFormat - -HAPROXYTIME (?!<[0-9])%{HOUR:haproxy_hour}:%{MINUTE:haproxy_minute}(?::%{SECOND:haproxy_second})(?![0-9]) -HAPROXYDATE %{MONTHDAY:haproxy_monthday}/%{MONTH:haproxy_month}/%{YEAR:haproxy_year}:%{HAPROXYTIME:haproxy_time}.%{INT:haproxy_milliseconds} - -# Override these default patterns to parse out what is captured in your haproxy.cfg -HAPROXYCAPTUREDREQUESTHEADERS %{DATA:captured_request_headers} -HAPROXYCAPTUREDRESPONSEHEADERS %{DATA:captured_response_headers} - -# Example: -# These haproxy config lines will add data to the logs that are captured -# by the patterns below. Place them in your custom patterns directory to -# override the defaults. -# -# capture request header Host len 40 -# capture request header X-Forwarded-For len 50 -# capture request header Accept-Language len 50 -# capture request header Referer len 200 -# capture request header User-Agent len 200 -# -# capture response header Content-Type len 30 -# capture response header Content-Encoding len 10 -# capture response header Cache-Control len 200 -# capture response header Last-Modified len 200 -# -# HAPROXYCAPTUREDREQUESTHEADERS %{DATA:request_header_host}\|%{DATA:request_header_x_forwarded_for}\|%{DATA:request_header_accept_language}\|%{DATA:request_header_referer}\|%{DATA:request_header_user_agent} -# HAPROXYCAPTUREDRESPONSEHEADERS %{DATA:response_header_content_type}\|%{DATA:response_header_content_encoding}\|%{DATA:response_header_cache_control}\|%{DATA:response_header_last_modified} - -# parse a haproxy 'httplog' line -HAPROXYHTTPBASE %{IP:client.ip}:%{INT:client.port} \[%{HAPROXYDATE:timestamp}\] %{NOTSPACE:frontend_name} %{NOTSPACE:backend_name}/%{NOTSPACE:server.domain} %{INT:time_request}/%{INT:time_queue}/%{INT:time_backend_connect}/%{INT:time_backend_response}/%{NOTSPACE:time_duration} %{INT:http_status_code} %{NOTSPACE:bytes_read} %{DATA:captured_request_cookie} %{DATA:captured_response_cookie} %{NOTSPACE:termination_state} %{INT:actconn}/%{INT:feconn}/%{INT:beconn}/%{INT:srvconn}/%{NOTSPACE:retries} %{INT:srv_queue}/%{INT:backend_queue} (\{%{HAPROXYCAPTUREDREQUESTHEADERS}\})?( )?(\{%{HAPROXYCAPTUREDRESPONSEHEADERS}\})?( )?"(<BADREQ>|(%{WORD:http_verb} (%{URIPROTO:http_proto}://)?(?:%{USER:http_user}(?::[^@]*)?@)?(?:%{URIHOST:http_host})?(?:%{URIPATHPARAM:http_request})?( HTTP/%{NUMBER:http_version})?))?" - -HAPROXYHTTP (?:%{SYSLOGTIMESTAMP:syslog_timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) %{IPORHOST:syslog_server} %{SYSLOGPROG}: %{HAPROXYHTTPBASE} - -# parse a haproxy 'tcplog' line -HAPROXYTCP (?:%{SYSLOGTIMESTAMP:syslog_timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) %{IPORHOST:syslog_server} %{SYSLOGPROG}: %{IP:client.ip}:%{INT:client.port} \[%{HAPROXYDATE:timestamp}\] %{NOTSPACE:frontend_name} %{NOTSPACE:backend_name}/%{NOTSPACE:server_name} %{INT:time_queue}/%{INT:time_backend_connect}/%{NOTSPACE:time_duration} %{NOTSPACE:bytes_read} %{NOTSPACE:termination_state} %{INT:actconn}/%{INT:feconn}/%{INT:beconn}/%{INT:srvconn}/%{NOTSPACE:retries} %{INT:srv_queue}/%{INT:backend_queue} \ No newline at end of file diff --git a/roles/nifi/files/nifisecret b/roles/nifi/files/nifisecret new file mode 100644 index 0000000..cbbcd4a --- /dev/null +++ b/roles/nifi/files/nifisecret @@ -0,0 +1,3 @@ +{ + "value" : "ccfda830-defc-4fec-85fc-9b2b7c98e8ba" +} \ No newline at end of file diff --git a/roles/nifi/tasks/main.yml b/roles/nifi/tasks/main.yml index d4ab3ad..ec0249c 100644 --- a/roles/nifi/tasks/main.yml +++ b/roles/nifi/tasks/main.yml @@ -1,17 +1,151 @@ --- -- include: start.yml +- name: Copy cacert to ca-trust dir + remote_user: root + copy: + src: "files/{{ca_cn}}.crt" + dest: /etc/pki/ca-trust/source/anchors/ca.crt + tags: + - start + +- name: Install cacert to root truststore + remote_user: root + command: "update-ca-trust" + tags: + - start + +- name: Copy certificates in NiFi conf dir + copy: + src: "{{ item }}" + dest: "conf/{{ item }}" + with_items: + - "{{ inventory_hostname }}.p12" + - cacerts.jks + tags: + - start + +- name: Configure flow.xml + template: + src: "flow.xml.j2" + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" + tags: + - start + +- name: Gzip flow.xml + archive: + path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml.gz" + format: gz + tags: + - start + +- name: Get openid authkey + set_fact: + nifisecret: "{{lookup('file', 'files/nifisecret',convert_data=False) | from_json }}" + tags: + - start + +- name: Configure NiFi boostrap properties + template: + src: bootstrap.conf.j2 + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/bootstrap.conf" + tags: + - start + +- name: Configure NiFi properties for secure servers + template: + src: nifi.properties.j2 + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/nifi.properties" + tags: + - start + +- name: Copy authorizations.xml + copy: + src: "authorizations.xml" + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/authorizations.xml" + tags: + - start + +- name: Configure users + template: + src: users.xml.j2 + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/users.xml" + tags: + - start + +- name: Configure NiFi authorizers for secure servers + template: + src: authorizers.xml.j2 + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/authorizers.xml" + tags: + - start + +- name: Create conf/enrich dir + file: path={{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich state=directory + tags: + - start + +- name: Copy empty GeoLite2-City database + copy: + src: GeoLite2-City.mmdb + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/GeoLite2-City.mmdb" + tags: + - start + +- name: Download list of Tor exist nodes + get_url: + url: https://check.torproject.org/torbulkexitlist + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/tornodes.csv" + tags: + - start + +- name: Add header to tornodes.csv + lineinfile: + path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/tornodes.csv" + line: 'ip_addr' + insertbefore: BOF tags: - start -- include: stop.yml + +- name: Download umbrella-top-1m.csv + get_url: + url: http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/umbrella-top-1m.csv" tags: - - stop - - stop-nifi -- include: update-config.yml + - start + +- name: Download alexa-top-1m.csv + get_url: + url: http://s3.amazonaws.com/alexa-static/top-1m.csv.zip + dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/alexa-top-1m.csv" + tags: + - start + +- name: Start NiFi + command: "{{ ansible_facts.env['NIFI_HOME'] }}/bin/nifi.sh start" tags: - - update-config - - update-nifi-config -- include: restart.yml + - start + +#- name: check reachable hosts +# gather_facts: no +# tasks: +# - command: ping -c1 {{ inventory_hostname }} +# delegate_to: localhost +# register: ping_result +# ignore_errors: yes +# - group_by: key=reachable +# when: ping_result|success + +- name: Stop NiFi + command: "{{ ansible_facts.env['NIFI_HOME'] }}/bin/nifi.sh stop" tags: - - restart - - restart-nifi + - stop + +#- name: Copy flow from NiFi +# fetch: +# src: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml.gz" +# dest: "{{ role_path }}/files/flow-{{ inventory_hostname }}.xml.gz" +# flat: yes +# tags: +# - stop + diff --git a/roles/nifi/tasks/restart.yml b/roles/nifi/tasks/restart.yml deleted file mode 100644 index d5434f2..0000000 --- a/roles/nifi/tasks/restart.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Restart NiFi - remote_user: root - command: "supervisorctl restart nifi" - diff --git a/roles/nifi/tasks/start.yml b/roles/nifi/tasks/start.yml deleted file mode 100644 index 99420a5..0000000 --- a/roles/nifi/tasks/start.yml +++ /dev/null @@ -1,204 +0,0 @@ ---- - -- name: Copy cacert to ca-trust dir - remote_user: root - copy: - src: "{{playbook_dir}}/secrets/CA/ca.crt" - dest: /etc/pki/ca-trust/source/anchors/ca.crt - -- name: Install cacert to root truststore - remote_user: root - command: "update-ca-trust" - -- name: Copy certificates in NiFi conf dir - remote_user: nifi - copy: - src: "{{ item }}" - dest: "conf/" - with_items: - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12" - - "{{playbook_dir}}/secrets/CA/cacerts.jks" - - common-cacerts.jks - -- name: Check if flow.xml already exists - remote_user: nifi - stat: - path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" - register: flowfile - -- name: Configure flow.xml - remote_user: nifi - template: - src: "flow.xml.j2" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" - when: not flowfile.stat.exists - -- name: Gzip flow.xml - remote_user: nifi - archive: - path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml.gz" - format: gz - when: not flowfile.stat.exists - -- name: Get openid authkey - remote_user: nifi - set_fact: - nifisecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/nifisecret',convert_data=False)}}" - -- name: Configure NiFi boostrap properties - remote_user: nifi - template: - src: bootstrap.conf.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/bootstrap.conf" - -- name: Configure NiFi properties for secure servers - remote_user: nifi - template: - src: nifi.properties.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/nifi.properties" - -- name: Copy authorizations.xml - remote_user: nifi - copy: - src: "authorizations.xml" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/authorizations.xml" - -- name: Configure users - remote_user: nifi - template: - src: users.xml.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/users.xml" - -- name: Configure NiFi authorizers for secure servers - remote_user: nifi - template: - src: authorizers.xml.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/authorizers.xml" - -- name: Create conf/enrich dir - remote_user: nifi - file: path={{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich state=directory - -- name: Create conf/enrich/freq dir - remote_user: nifi - file: path={{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/freq state=directory - -- name: Download freq processor - remote_user: nifi - get_url: - url: 'https://scm.uninett.no/geant-wp8-t3.1/nifi-processors/-/raw/master/scripts/freq/{{ item }}' - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/freq/" - with_items: - - alexa.json - - freq.py - - freqProcessor.py - -- name: Copy empty GeoLite2-City database - remote_user: nifi - copy: - src: GeoLite2-City.mmdb - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/GeoLite2-City.mmdb" - -- name: Copy CountriesWithRegionalCodes.csv - remote_user: nifi - copy: - src: CountriesWithRegionalCodes.csv - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/CountriesWithRegionalCodes.csv" - -- name: Copy grok libraries - copy: - src: haproxy.groklib - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/haproxy.groklib" - -- name: Create empty list of Tor nodes - remote_user: nifi - copy: - content: "ip_addr,value" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/tornodes.csv" - force: no - -- name: Download umbrella-top-1m.csv.zip - remote_user: nifi - local_action: - module: get_url - url: http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip - dest: "/tmp/umbrella-top-1m.csv.zip" - run_once: True - -- name: Unzip umbrella-top-1m.csv.zip - remote_user: nifi - local_action: - module: unarchive - src: "/tmp/umbrella-top-1m.csv.zip" - dest: "/tmp" - run_once: True - -- name: Copy umbrella-top-1m.csv - remote_user: nifi - copy: - src: "/tmp/top-1m.csv" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/umbrella-top-1m.csv" - -- name: Add header to umbrella-top-1m.csv - remote_user: nifi - lineinfile: - path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/umbrella-top-1m.csv" - line: 'index,domain' - insertbefore: BOF - -- name: Download alexa-top-1m.csv.zip - remote_user: nifi - local_action: - module: get_url - url: http://s3.amazonaws.com/alexa-static/top-1m.csv.zip - dest: "/tmp/alexa-top-1m.csv.zip" - run_once: True - -- name: Unzip alexa-top-1m.csv.zip - remote_user: nifi - local_action: - module: unarchive - src: "/tmp/alexa-top-1m.csv.zip" - dest: "/tmp" - run_once: True - -- name: Copy alexa-top-1m.csv - remote_user: nifi - copy: - src: "/tmp/top-1m.csv" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/alexa-top-1m.csv" - -- name: Add header to alexa-top-1m.csv - remote_user: nifi - lineinfile: - path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/alexa-top-1m.csv" - line: 'index,domain' - insertbefore: BOF - -- name: Start NiFi - remote_user: root - command: "supervisorctl start nifi" - -#- name: check reachable hosts -# gather_facts: no -# tasks: -# - command: ping -c1 {{ inventory_hostname }} -# delegate_to: localhost -# register: ping_result -# ignore_errors: yes -# - group_by: key=reachable -# when: ping_result|success - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' - -#- name: Copy flow from NiFi -# fetch: -# src: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml.gz" -# dest: "{{ role_path }}/files/flow-{{ inventory_hostname }}.xml.gz" -# flat: yes - diff --git a/roles/nifi/tasks/stop.yml b/roles/nifi/tasks/stop.yml deleted file mode 100644 index d6abd9a..0000000 --- a/roles/nifi/tasks/stop.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Stop NiFi - remote_user: root - command: "supervisorctl stop nifi" - diff --git a/roles/nifi/tasks/update-config.yml b/roles/nifi/tasks/update-config.yml deleted file mode 100644 index ddadbd3..0000000 --- a/roles/nifi/tasks/update-config.yml +++ /dev/null @@ -1,77 +0,0 @@ ---- - -- name: Check if flow.xml already exists - remote_user: nifi - stat: - path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" - register: flowfile - -- name: Configure flow.xml - remote_user: nifi - template: - src: "flow.xml.j2" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" - when: not flowfile.stat.exists - -- name: Gzip flow.xml - remote_user: nifi - archive: - path: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/flow.xml.gz" - format: gz - when: not flowfile.stat.exists - -- name: Configure NiFi boostrap properties - remote_user: nifi - template: - src: bootstrap.conf.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/bootstrap.conf" - -- name: Configure NiFi properties for secure servers - remote_user: nifi - template: - src: nifi.properties.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/nifi.properties" - -- name: Copy authorizations.xml - remote_user: nifi - copy: - src: "authorizations.xml" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/authorizations.xml" - -- name: Configure users - remote_user: nifi - template: - src: users.xml.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/users.xml" - -- name: Configure NiFi authorizers for secure servers - remote_user: nifi - template: - src: authorizers.xml.j2 - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/authorizers.xml" - -- name: Copy empty GeoLite2-City database - remote_user: nifi - copy: - src: GeoLite2-City.mmdb - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/GeoLite2-City.mmdb" - -- name: Copy CountriesWithRegionalCodes.csv - remote_user: nifi - copy: - src: CountriesWithRegionalCodes.csv - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/CountriesWithRegionalCodes.csv" - -- name: Copy grok libraries - copy: - src: haproxy.groklib - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/haproxy.groklib" - -- name: Create empty list of Tor nodes - remote_user: nifi - copy: - content: "ip_addr,value" - dest: "{{ ansible_facts.env['NIFI_HOME'] }}/conf/enrich/tornodes.csv" - force: no - diff --git a/roles/nifi/templates/flow.xml.j2 b/roles/nifi/templates/flow.xml.j2 index ec45218..2051718 100644 --- a/roles/nifi/templates/flow.xml.j2 +++ b/roles/nifi/templates/flow.xml.j2 @@ -8,22 +8,16 @@ <name>NiFi Flow</name> <position x="0.0" y="0.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processGroup> <id>41088add-955b-3611-a0de-2c18b79b678c</id> <name>Data processing</name> <position x="1216.0" y="256.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processGroup> <id>fcbcacd1-542d-3a15-a5aa-9c1302328954</id> <name>Enrichment</name> <position x="384.0" y="720.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>01b66126-695a-3059-b179-f1bf85e8ca91</id> <name>Check fqdn enrichment</name> @@ -34,7 +28,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -65,7 +59,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -96,7 +90,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -136,8 +130,6 @@ <name>fqdn enrichment</name> <position x="-202.47354083453774" y="596.1945491887745" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>2703fe3e-7e6a-310e-a010-b30898befa9b</id> <name>Check fqdn2 enrichment</name> @@ -148,7 +140,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -188,8 +180,6 @@ <name>Enrich fqdn2</name> <position x="368.0" y="416.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>0cdf1224-a6d5-3ac4-a4f5-27a7588f1d98</id> <name>Input</name> @@ -200,7 +190,7 @@ <outputPort> <id>58b0935e-1c5b-3ad1-a2cc-7de4826170a6</id> <name>Output</name> - <position x="1096.0" y="528.0" /> + <position x="432.0" y="536.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> @@ -209,8 +199,6 @@ <name>Umbrella</name> <position x="379.1725199638772" y="224.3012562119061" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>0306116f-b13d-30fc-94b1-34f3c8ba95da</id> <name>Umbrella fqdn1</name> @@ -221,7 +209,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -345,167 +333,6 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> </processGroup> - <processGroup> - <id>f2263bf3-7929-182a-8971-2ac159d0cca9</id> - <name>Misp lookup</name> - <position x="1024.0" y="224.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>cadc3f2e-8e08-195c-898e-1b5fbcdf56e0</id> - <name>Misp fqdn2</name> - <position x="480.99999953064577" y="197.99999761468263" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.LookupRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>lookup-service</name> - <value>fa06ec39-7782-3ae3-8dfe-71d28c5240c3</value> - </property> - <property> - <name>result-record-path</name> - <value>${enrich_fqdn2}_misp</value> - </property> - <property> - <name>routing-strategy</name> - <value>route-to-success</value> - </property> - <property> - <name>result-contents</name> - <value>insert-entire-record</value> - </property> - <property> - <name>record-update-strategy</name> - <value>use-property</value> - </property> - <property> - <name>key</name> - <value>${enrich_fqdn2}</value> - </property> - </processor> - <inputPort> - <id>dca538c3-e563-1b63-8de2-edf46a599279</id> - <name>Input</name> - <position x="536.0" y="16.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>a4ef3d87-6241-14a5-b543-1824b197991c</id> - <name>Output</name> - <position x="536.0" y="456.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <funnel> - <id>263b3963-3c73-1efc-8286-4e57645eefc2</id> - <position x="152.0" y="248.0" /> - </funnel> - <connection> - <id>e47137a6-8c07-12bf-9d69-0e0c10b05088</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>cadc3f2e-8e08-195c-898e-1b5fbcdf56e0</sourceId> - <sourceGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>a4ef3d87-6241-14a5-b543-1824b197991c</destinationId> - <destinationGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>b4723c4d-5ed2-1f9e-bd7c-04076aa149cf</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>cadc3f2e-8e08-195c-898e-1b5fbcdf56e0</sourceId> - <sourceGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>263b3963-3c73-1efc-8286-4e57645eefc2</destinationId> - <destinationGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</destinationGroupId> - <destinationType>FUNNEL</destinationType> - <relationship>failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>60 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>edab3c6f-d21b-12a1-8b73-10c8012a3bd2</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>dca538c3-e563-1b63-8de2-edf46a599279</sourceId> - <sourceGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>cadc3f2e-8e08-195c-898e-1b5fbcdf56e0</destinationId> - <destinationGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <connection> - <id>934921df-0175-1000-ffff-ffffeabcba7a</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>a4ef3d87-6241-14a5-b543-1824b197991c</sourceId> - <sourceGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>58b0935e-1c5b-3ad1-a2cc-7de4826170a6</destinationId> - <destinationGroupId>f9d9877a-de02-3374-9241-d3ca1939678b</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> <connection> <id>fae5d513-1604-3fed-9adb-8ad19b5ab3c0</id> <name /> @@ -515,9 +342,9 @@ <sourceId>c8994201-98f4-31d2-a604-11c3b454df00</sourceId> <sourceGroupId>363fd695-1466-3404-ada3-036133ff8d15</sourceGroupId> <sourceType>OUTPUT_PORT</sourceType> - <destinationId>dca538c3-e563-1b63-8de2-edf46a599279</destinationId> - <destinationGroupId>f2263bf3-7929-182a-8971-2ac159d0cca9</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> + <destinationId>58b0935e-1c5b-3ad1-a2cc-7de4826170a6</destinationId> + <destinationGroupId>f9d9877a-de02-3374-9241-d3ca1939678b</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> @@ -552,8 +379,6 @@ <name>Enrich fqdn1</name> <position x="376.0" y="200.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>f2cc04f8-56bc-3adb-8d72-6ad7f6e6e48c</id> <name>Input</name> @@ -564,7 +389,7 @@ <outputPort> <id>12745a98-f547-38d2-9c50-a471e8cf6fc7</id> <name>Output</name> - <position x="1112.0" y="528.0" /> + <position x="432.0" y="536.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> @@ -573,8 +398,6 @@ <name>Umbrella</name> <position x="379.1725199638772" y="224.3012562119061" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>ce84ada1-58b8-3c28-bc5a-64fc4f39e008</id> <name>Umbrella fqdn1</name> @@ -585,7 +408,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -629,7 +452,6 @@ <name>key</name> <value>${enrich_fqdn1}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>c31f9f4a-becc-35c3-b9c0-b836d061e364</id> @@ -645,6 +467,10 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>8811d4ff-bf71-38a6-8cf0-e5732840e1de</id> + <position x="-1204.5503424650574" y="470.375701251353" /> + </funnel> <connection> <id>99b11d95-dfb3-34cf-8657-0c141d1e9f63</id> <name /> @@ -685,117 +511,19 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> - </processGroup> - <processGroup> - <id>1de23f54-e22a-19df-8dd2-9235ae248d29</id> - <name>Misp lookup</name> - <position x="1056.0" y="216.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>16d53f41-fc96-1292-b434-9a157e27eaf3</id> - <name>Misp fqdn1</name> - <position x="480.99999953064577" y="197.99999761468263" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.LookupRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>lookup-service</name> - <value>fa06ec39-7782-3ae3-8dfe-71d28c5240c3</value> - </property> - <property> - <name>result-record-path</name> - <value>${enrich_fqdn1}_misp</value> - </property> - <property> - <name>routing-strategy</name> - <value>route-to-success</value> - </property> - <property> - <name>result-contents</name> - <value>insert-entire-record</value> - </property> - <property> - <name>record-update-strategy</name> - <value>use-property</value> - </property> - <property> - <name>key</name> - <value>${enrich_fqdn1}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>844331e5-cd55-1c55-889b-d447dfba57a2</id> - <name>Input</name> - <position x="536.0" y="16.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>e13e32a5-f5d5-1f5e-a38e-c1e19453fd31</id> - <name>Output</name> - <position x="536.0" y="456.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> <connection> - <id>6153303e-0c09-1d36-9b87-6c2d0a5ed15a</id> + <id>badc00ed-f022-3045-bcfd-8a4839fef4bf</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>16d53f41-fc96-1292-b434-9a157e27eaf3</sourceId> - <sourceGroupId>1de23f54-e22a-19df-8dd2-9235ae248d29</sourceGroupId> + <sourceId>ce84ada1-58b8-3c28-bc5a-64fc4f39e008</sourceId> + <sourceGroupId>c763d1fd-ae0f-3297-bab7-abf22759310d</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>e13e32a5-f5d5-1f5e-a38e-c1e19453fd31</destinationId> - <destinationGroupId>1de23f54-e22a-19df-8dd2-9235ae248d29</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>3a4133c4-bc18-1bb7-84a0-06b25aba73f4</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>844331e5-cd55-1c55-889b-d447dfba57a2</sourceId> - <sourceGroupId>1de23f54-e22a-19df-8dd2-9235ae248d29</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>16d53f41-fc96-1292-b434-9a157e27eaf3</destinationId> - <destinationGroupId>1de23f54-e22a-19df-8dd2-9235ae248d29</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> + <destinationId>8811d4ff-bf71-38a6-8cf0-e5732840e1de</destinationId> + <destinationGroupId>c763d1fd-ae0f-3297-bab7-abf22759310d</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -833,26 +561,6 @@ <sourceId>9b6cb318-b9e8-36f1-bd8a-17b2aa38343a</sourceId> <sourceGroupId>c763d1fd-ae0f-3297-bab7-abf22759310d</sourceGroupId> <sourceType>OUTPUT_PORT</sourceType> - <destinationId>844331e5-cd55-1c55-889b-d447dfba57a2</destinationId> - <destinationGroupId>1de23f54-e22a-19df-8dd2-9235ae248d29</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>4f303cda-ab21-1acd-ffff-ffffcdd40e4b</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e13e32a5-f5d5-1f5e-a38e-c1e19453fd31</sourceId> - <sourceGroupId>1de23f54-e22a-19df-8dd2-9235ae248d29</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> <destinationId>12745a98-f547-38d2-9c50-a471e8cf6fc7</destinationId> <destinationGroupId>11b67527-3401-3961-97ba-425f721de3e0</destinationGroupId> <destinationType>OUTPUT_PORT</destinationType> @@ -971,8 +679,6 @@ <name>Custom enrichment</name> <position x="-536.0" y="944.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>2ba9db29-0172-1000-ffff-ffffc1aa6db2</id> <name>Input</name> @@ -1013,8 +719,6 @@ <name>IP enrichment</name> <position x="-216.0" y="16.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>be9226d7-777f-3820-bf10-49e97e9b73cc</id> <name>Check IP2 enrichment</name> @@ -1025,7 +729,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1065,8 +769,6 @@ <name>Enrich IP1</name> <position x="-48.0" y="312.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>ff302e29-64bb-3e10-b76e-91a13d2470d8</id> <name>Input</name> @@ -1086,8 +788,6 @@ <name>Misp lookup</name> <position x="1160.0" y="136.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>68dc57d7-2016-3e27-ac1f-092c63909a63</id> <name>Misp ip1</name> @@ -1098,7 +798,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>16</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1142,7 +842,6 @@ <name>key</name> <value>${enrich_ip1}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>57c1773b-65c7-3cdb-b161-a44fa977291a</id> @@ -1158,6 +857,10 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>3f92a75f-ec3e-3f4c-9467-e5c0e981f032</id> + <position x="-1312.0" y="792.0" /> + </funnel> <connection> <id>7f5a13cb-a049-385d-9ebc-3ef4aa8ff541</id> <name /> @@ -1198,14 +901,32 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>d6c427a3-f4fb-39a5-b399-ebd9b0482039</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>68dc57d7-2016-3e27-ac1f-092c63909a63</sourceId> + <sourceGroupId>9b3b9cc7-49bf-3b66-b213-09f2f5df634e</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>3f92a75f-ec3e-3f4c-9467-e5c0e981f032</destinationId> + <destinationGroupId>9b3b9cc7-49bf-3b66-b213-09f2f5df634e</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> </processGroup> <processGroup> <id>88a2dcc1-ccce-3396-9f4d-bc1e31c70063</id> <name>GeoIP</name> <position x="480.0" y="144.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>fb1a97b2-5e15-3bca-9284-f23a9cc90eed</id> <name>Add GeoIP fields</name> @@ -1216,7 +937,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1264,19 +985,18 @@ <name>pretty_print</name> <value>false</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> <id>11668896-2c3e-3712-905a-eb406bf33c2a</id> <name>GeoIP IP</name> - <position x="-568.0" y="160.0" /> + <position x="-1192.0" y="424.0" /> <styles /> <comment /> <class>org.apache.nifi.processors.GeoEnrichIPRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-enrich-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>12</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1337,62 +1057,6 @@ </property> <autoTerminatedRelationship>original</autoTerminatedRelationship> </processor> - <processor> - <id>349b3525-a821-1197-0000-00006e02758e</id> - <name>Contry code to region</name> - <position x="-1216.0" y="368.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.LookupRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>lookup-service</name> - <value>349b34c7-a821-1197-ffff-ffff85d82877</value> - </property> - <property> - <name>result-record-path</name> - <value>${enrich_ip1:substring(1):contains('/'):ifElse('${enrich_ip1:substringBeforeLast(\"/\")}',${enrich_ip1:append('_')}):append("/geo/region")}</value> - </property> - <property> - <name>routing-strategy</name> - <value>route-to-success</value> - </property> - <property> - <name>result-contents</name> - <value>insert-entire-record</value> - </property> - <property> - <name>record-update-strategy</name> - <value>use-property</value> - </property> - <property> - <name>key</name> - <value>${enrich_ip1:substring(1):contains('/'):ifElse('${enrich_ip1:substringBeforeLast(\"/\")}',${enrich_ip1:append('_')}):append("/geo/country_iso_code")}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> <inputPort> <id>e6d573f8-a297-3611-a1ff-f1918a2cbabc</id> <name>Data Input</name> @@ -1403,10 +1067,14 @@ <outputPort> <id>17c34a1f-8048-366b-8ef4-107ce16a100e</id> <name>Data output</name> - <position x="-1168.0" y="656.0" /> + <position x="-1160.0" y="752.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>b68c4522-cddb-30bf-8545-73a2644cd35e</id> + <position x="-1560.0" y="336.0" /> + </funnel> <connection> <id>790863c1-3cfc-383f-ab9f-5d7ead5c0fe1</id> <name /> @@ -1456,9 +1124,9 @@ <sourceId>11668896-2c3e-3712-905a-eb406bf33c2a</sourceId> <sourceGroupId>88a2dcc1-ccce-3396-9f4d-bc1e31c70063</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>349b3525-a821-1197-0000-00006e02758e</destinationId> + <destinationId>17c34a1f-8048-366b-8ef4-107ce16a100e</destinationId> <destinationGroupId>88a2dcc1-ccce-3396-9f4d-bc1e31c70063</destinationGroupId> - <destinationType>PROCESSOR</destinationType> + <destinationType>OUTPUT_PORT</destinationType> <relationship>found</relationship> <relationship>not found</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> @@ -1469,18 +1137,18 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>349b3542-a821-1197-0000-000059777de4</id> + <id>c831c34b-2a1a-3d24-963b-079b00961407</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>349b3525-a821-1197-0000-00006e02758e</sourceId> + <sourceId>fb1a97b2-5e15-3bca-9284-f23a9cc90eed</sourceId> <sourceGroupId>88a2dcc1-ccce-3396-9f4d-bc1e31c70063</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>17c34a1f-8048-366b-8ef4-107ce16a100e</destinationId> + <destinationId>b68c4522-cddb-30bf-8545-73a2644cd35e</destinationId> <destinationGroupId>88a2dcc1-ccce-3396-9f4d-bc1e31c70063</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -1494,8 +1162,6 @@ <name>Tor nodes lookup</name> <position x="480.0" y="384.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>fd52d735-a256-3c52-9b90-fbe71f010fbe</id> <name>Tor src IP</name> @@ -1506,7 +1172,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>12</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1528,7 +1194,7 @@ </property> <property> <name>lookup-service</name> - <value>bbd4d3a2-0175-1000-0000-00000b0fb8bd</value> + <value>bf81debc-0171-1000-0000-00002936ae5a</value> </property> <property> <name>result-record-path</name> @@ -1550,7 +1216,6 @@ <name>key</name> <value>${enrich_ip1}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>eb136a03-4809-3d2f-a85e-e739ffa665cd</id> @@ -1566,6 +1231,10 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>44794379-111e-3f28-bf84-bf5850f42587</id> + <position x="-1412.2104124778762" y="829.0775745939713" /> + </funnel> <connection> <id>c681313a-f2c8-3439-8c00-70f9783fea67</id> <name /> @@ -1606,6 +1275,26 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>ad32e629-d5a2-38b7-a50e-9acf0ad9d768</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>fd52d735-a256-3c52-9b90-fbe71f010fbe</sourceId> + <sourceGroupId>3cb64c25-8af7-361d-b6e7-e002defe7411</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>44794379-111e-3f28-bf84-bf5850f42587</destinationId> + <destinationGroupId>3cb64c25-8af7-361d-b6e7-e002defe7411</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> </processGroup> <connection> <id>3831c5df-c2a8-3a1b-9d67-8f37abf05365</id> @@ -1693,8 +1382,6 @@ <name>Enrich IP2</name> <position x="-56.0" y="584.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>742a8211-a5e6-347d-9e79-25facc6b181e</id> <name>Input</name> @@ -1714,75 +1401,17 @@ <name>GeoIP and IPreg</name> <position x="480.0" y="144.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>9ed935e9-7bd4-150a-913d-e6a4dedb2939</id> - <name>Contry code to region</name> - <position x="-1224.0" y="368.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.LookupRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>lookup-service</name> - <value>349b34c7-a821-1197-ffff-ffff85d82877</value> - </property> - <property> - <name>result-record-path</name> - <value>${enrich_ip2:substring(1):contains('/'):ifElse('${enrich_ip2:substringBeforeLast(\"/\")}',${enrich_ip2:append('_')}):append("/geo/region")}</value> - </property> - <property> - <name>routing-strategy</name> - <value>route-to-success</value> - </property> - <property> - <name>result-contents</name> - <value>insert-entire-record</value> - </property> - <property> - <name>record-update-strategy</name> - <value>use-property</value> - </property> - <property> - <name>key</name> - <value>${enrich_ip2:substring(1):contains('/'):ifElse('${enrich_ip2:substringBeforeLast(\"/\")}',${enrich_ip2:append('_')}):append("/geo/country_iso_code")}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> <processor> <id>e16581ea-ff17-3cec-bd39-b1fe52797bd2</id> <name>GeoIP IP</name> - <position x="-592.0" y="168.0" /> + <position x="-1232.0" y="432.0" /> <styles /> <comment /> <class>org.apache.nifi.processors.GeoEnrichIPRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-enrich-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>16</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1853,7 +1482,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -1901,7 +1530,6 @@ <name>pretty_print</name> <value>false</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>aa73b938-03ee-3d90-ba6f-0998b568ac36</id> @@ -1917,19 +1545,23 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>8e8abe4a-9ed6-3ec8-9e9d-719242be1a2b</id> + <position x="-1560.0" y="336.0" /> + </funnel> <connection> - <id>9ed935f0-7bd4-150a-ffff-ffffaed76b62</id> + <id>a4870f06-f96b-328a-83d8-4eeb6db5cc93</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>9ed935e9-7bd4-150a-913d-e6a4dedb2939</sourceId> + <sourceId>d467bca6-15df-38bb-8f9b-65ae1f9dceaa</sourceId> <sourceGroupId>a8873c56-d149-34d1-8344-a35b339e6187</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>0dbb2fcb-c11b-396e-8918-24d7121f7653</destinationId> + <destinationId>8e8abe4a-9ed6-3ec8-9e9d-719242be1a2b</destinationId> <destinationGroupId>a8873c56-d149-34d1-8344-a35b339e6187</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -1966,9 +1598,9 @@ <sourceId>e16581ea-ff17-3cec-bd39-b1fe52797bd2</sourceId> <sourceGroupId>a8873c56-d149-34d1-8344-a35b339e6187</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>9ed935e9-7bd4-150a-913d-e6a4dedb2939</destinationId> + <destinationId>0dbb2fcb-c11b-396e-8918-24d7121f7653</destinationId> <destinationGroupId>a8873c56-d149-34d1-8344-a35b339e6187</destinationGroupId> - <destinationType>PROCESSOR</destinationType> + <destinationType>OUTPUT_PORT</destinationType> <relationship>found</relationship> <relationship>not found</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> @@ -2004,8 +1636,6 @@ <name>Tor nodes lookup</name> <position x="480.0" y="384.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>adae2d07-ad4f-38f2-9a8c-b7638863cac7</id> <name>Tor src IP</name> @@ -2016,7 +1646,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>16</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -2038,7 +1668,7 @@ </property> <property> <name>lookup-service</name> - <value>bbd4d3a2-0175-1000-0000-00000b0fb8bd</value> + <value>bf81debc-0171-1000-0000-00002936ae5a</value> </property> <property> <name>result-record-path</name> @@ -2060,7 +1690,6 @@ <name>key</name> <value>${enrich_ip2}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>1c42374a-61ad-3d92-9f86-1f1ae9bae6d0</id> @@ -2076,6 +1705,10 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>4bad43e2-bfed-3e45-a9d1-fdabb2ab85ea</id> + <position x="-1403.592919640183" y="819.7224736847786" /> + </funnel> <connection> <id>0b2f9272-06fe-3a8c-a322-9972ac5c0466</id> <name /> @@ -2116,14 +1749,34 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>fe67c36a-4ae0-3e30-8aad-a988a481df4b</id> + <name /> + <bendPoints> + <bendPoint x="-1088.0" y="832.0" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>adae2d07-ad4f-38f2-9a8c-b7638863cac7</sourceId> + <sourceGroupId>33258978-2057-3612-be77-0a763431ee29</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>4bad43e2-bfed-3e45-a9d1-fdabb2ab85ea</destinationId> + <destinationGroupId>33258978-2057-3612-be77-0a763431ee29</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> </processGroup> <processGroup> <id>de2bc05d-fbd2-35bc-9192-b82041176492</id> <name>Misp lookup</name> <position x="1160.0" y="136.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>2cd2029e-53ae-3575-bf35-785203683c7f</id> <name>Misp ip</name> @@ -2134,7 +1787,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>12</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -2178,7 +1831,6 @@ <name>key</name> <value>${enrich_ip2}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>d6490898-79c0-3eb5-a102-718ff8ab68e6</id> @@ -2194,6 +1846,10 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>d259fdb6-aa03-35b1-b439-b5baccc57a1e</id> + <position x="-1264.0" y="784.0" /> + </funnel> <connection> <id>d2bfc9ce-5c85-3dc2-a0c5-83bbf0c77277</id> <name /> @@ -2215,7 +1871,7 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>2a95cb88-0177-1000-ffff-ffffc8a50166</id> + <id>2475c41e-5711-3de0-bbec-2e977cd1f40a</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> @@ -2234,6 +1890,26 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>a7505eac-df84-3e17-8c40-687c159877a7</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>2cd2029e-53ae-3575-bf35-785203683c7f</sourceId> + <sourceGroupId>de2bc05d-fbd2-35bc-9192-b82041176492</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>d259fdb6-aa03-35b1-b439-b5baccc57a1e</destinationId> + <destinationGroupId>de2bc05d-fbd2-35bc-9192-b82041176492</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> </processGroup> <connection> <id>2ba90add-0172-1000-ffff-ffffb69e0af7</id> @@ -2422,8 +2098,6 @@ <name>Domain enrichment</name> <position x="-213.29739929099082" y="283.59665734060223" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>1957f5c3-b6cb-3c80-b527-1858c61ed111</id> <name>Check domain2 enrichment</name> @@ -2434,7 +2108,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -2474,8 +2148,6 @@ <name>Enrich domain1</name> <position x="448.0" y="248.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>bf74c1ba-45ad-3c0d-84c6-ec7ea7bdcdea</id> <name>Input</name> @@ -2486,7 +2158,7 @@ <outputPort> <id>f270695c-edf6-3a9f-bc3a-10804f26f56f</id> <name>Output</name> - <position x="528.0" y="864.0" /> + <position x="1232.0" y="600.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> @@ -2495,8 +2167,6 @@ <name>Entropy</name> <position x="1152.0" y="288.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>bf907759-0171-1000-0000-0000022727cd</id> <name>Calculate entropy on domain1</name> @@ -2507,15 +2177,15 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-scripting-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> <penalizationPeriod>30 sec</penalizationPeriod> <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>ERROR</bulletinLevel> + <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> @@ -2525,18 +2195,18 @@ </property> <property> <name>Script File</name> - <value>/opt/nifi/nifi-current/conf/enrich/freq/freqProcessor.py</value> + <value>/opt/nifi/nifi-current/conf/freq/freqProcessor.py</value> </property> <property> <name>Script Body</name> </property> <property> <name>Module Directory</name> - <value>/opt/nifi/nifi-current/conf/enrich/freq</value> + <value>/opt/nifi/nifi-current/conf/freq</value> </property> <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + <name>Frequency File</name> + <value>/opt/nifi/nifi-current/conf/freq/alexa.json</value> </property> <property> <name>record-writer</name> @@ -2547,18 +2217,17 @@ <value>${enrich_domain1}</value> </property> <property> - <name>Result Field 1</name> - <value>${enrich_domain1}_freq1</value> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> <name>Result Field 2</name> <value>${enrich_domain1}_freq2</value> </property> <property> - <name>Frequency File</name> - <value>/opt/nifi/nifi-current/conf/enrich/freq/alexa.json</value> + <name>Result Field 1</name> + <value>${enrich_domain1}_freq1</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>84dfe3a1-a6f4-3b80-9161-93a59b88ad8b</id> @@ -2574,6 +2243,10 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>7297c375-d15a-36a2-a115-6b2680fbef2b</id> + <position x="128.0" y="360.0" /> + </funnel> <connection> <id>2bea3770-0172-1000-ffff-ffff9cd568b2</id> <name /> @@ -2594,18 +2267,38 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>bf938168-0171-1000-0000-00003e6fd9c5</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>bf907759-0171-1000-0000-0000022727cd</sourceId> + <sourceGroupId>89e761fa-669e-30c2-9590-ab8f806ffaff</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>7297c375-d15a-36a2-a115-6b2680fbef2b</destinationId> + <destinationGroupId>89e761fa-669e-30c2-9590-ab8f806ffaff</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> <connection> <id>27f7d6f4-0172-1000-ffff-ffffc65ffd5e</id> <name /> <bendPoints /> - <labelIndex>0</labelIndex> + <labelIndex>1</labelIndex> <zIndex>0</zIndex> <sourceId>84dfe3a1-a6f4-3b80-9161-93a59b88ad8b</sourceId> <sourceGroupId>89e761fa-669e-30c2-9590-ab8f806ffaff</sourceGroupId> <sourceType>INPUT_PORT</sourceType> - <destinationId>bf907759-0171-1000-0000-0000022727cd</destinationId> + <destinationId>2ef455b6-6c77-39ae-87bf-d21b988f4c52</destinationId> <destinationGroupId>89e761fa-669e-30c2-9590-ab8f806ffaff</destinationGroupId> - <destinationType>PROCESSOR</destinationType> + <destinationType>OUTPUT_PORT</destinationType> <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> @@ -2616,25 +2309,23 @@ </connection> </processGroup> <processGroup> - <id>9ed9363a-7bd4-150a-0000-00000cc58ac4</id> - <name>Misp lookup</name> - <position x="456.0" y="552.0" /> + <id>df54305f-551e-38ff-8e1c-a1c272c238c0</id> + <name>Alexa</name> + <position x="448.0" y="288.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> - <id>9ed93644-7bd4-150a-0000-00003c8c3388</id> - <name>Misp domain1</name> - <position x="480.99999953064577" y="197.99999761468263" /> + <id>ccab62e9-53cd-3d5e-aca3-6fa2e1b95597</id> + <name>Alexa domain1</name> + <position x="-726.6263417228297" y="457.36850568010186" /> <styles /> <comment /> <class>org.apache.nifi.processors.standard.LookupRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> + <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> <penalizationPeriod>30 sec</penalizationPeriod> <yieldPeriod>1 sec</yieldPeriod> @@ -2643,7 +2334,7 @@ <scheduledState>RUNNING</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> + <runDurationNanos>25000000</runDurationNanos> <property> <name>record-reader</name> <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> @@ -2654,11 +2345,11 @@ </property> <property> <name>lookup-service</name> - <value>fa06ec39-7782-3ae3-8dfe-71d28c5240c3</value> + <value>282db77b-3118-3b3c-bbd1-e4260b1c6395</value> </property> <property> <name>result-record-path</name> - <value>${enrich_domain1}_misp</value> + <value>${enrich_domain1}_alexa</value> </property> <property> <name>routing-strategy</name> @@ -2676,33 +2367,36 @@ <name>key</name> <value>${enrich_domain1}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> - <id>9ed93645-7bd4-150a-ffff-fffff6fa372f</id> - <name>Input</name> - <position x="536.0" y="16.0" /> + <id>c7b3b6c4-6418-3dbe-a037-387e3c85cb19</id> + <name>Input data</name> + <position x="-673.6437977775172" y="241.37341901017993" /> <comments /> <scheduledState>RUNNING</scheduledState> </inputPort> <outputPort> - <id>9ed9364e-7bd4-150a-ffff-ffffa5012b2a</id> - <name>Output</name> - <position x="536.0" y="456.0" /> + <id>ff4ada2c-5f6f-33bc-ae0c-8cdb24dd2357</id> + <name>Output data</name> + <position x="-704.0" y="736.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>85764070-cd41-38a1-a352-929737e563c6</id> + <position x="-1152.0" y="512.0" /> + </funnel> <connection> - <id>9ed9364f-7bd4-150a-0000-000019b6beab</id> + <id>002d4937-dcb5-3cf1-8075-8d5533667510</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>9ed93644-7bd4-150a-0000-00003c8c3388</sourceId> - <sourceGroupId>9ed9363a-7bd4-150a-0000-00000cc58ac4</sourceGroupId> + <sourceId>ccab62e9-53cd-3d5e-aca3-6fa2e1b95597</sourceId> + <sourceGroupId>df54305f-551e-38ff-8e1c-a1c272c238c0</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>9ed9364e-7bd4-150a-ffff-ffffa5012b2a</destinationId> - <destinationGroupId>9ed9363a-7bd4-150a-0000-00000cc58ac4</destinationGroupId> + <destinationId>ff4ada2c-5f6f-33bc-ae0c-8cdb24dd2357</destinationId> + <destinationGroupId>df54305f-551e-38ff-8e1c-a1c272c238c0</destinationGroupId> <destinationType>OUTPUT_PORT</destinationType> <relationship>success</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> @@ -2713,116 +2407,18 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>9ed93647-7bd4-150a-0000-00000e5782ec</id> + <id>1af92349-7a45-30ec-b6fc-6d881dcd8b26</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>9ed93645-7bd4-150a-ffff-fffff6fa372f</sourceId> - <sourceGroupId>9ed9363a-7bd4-150a-0000-00000cc58ac4</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>9ed93644-7bd4-150a-0000-00003c8c3388</destinationId> - <destinationGroupId>9ed9363a-7bd4-150a-0000-00000cc58ac4</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>df54305f-551e-38ff-8e1c-a1c272c238c0</id> - <name>Alexa</name> - <position x="448.0" y="288.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>ccab62e9-53cd-3d5e-aca3-6fa2e1b95597</id> - <name>Alexa domain1</name> - <position x="-726.6263417228297" y="457.36850568010186" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.LookupRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>8</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>25000000</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>lookup-service</name> - <value>282db77b-3118-3b3c-bbd1-e4260b1c6395</value> - </property> - <property> - <name>result-record-path</name> - <value>${enrich_domain1}_alexa</value> - </property> - <property> - <name>routing-strategy</name> - <value>route-to-success</value> - </property> - <property> - <name>result-contents</name> - <value>insert-entire-record</value> - </property> - <property> - <name>record-update-strategy</name> - <value>use-property</value> - </property> - <property> - <name>key</name> - <value>${enrich_domain1}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>c7b3b6c4-6418-3dbe-a037-387e3c85cb19</id> - <name>Input data</name> - <position x="-673.6437977775172" y="241.37341901017993" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>ff4ada2c-5f6f-33bc-ae0c-8cdb24dd2357</id> - <name>Output data</name> - <position x="-704.0" y="736.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>002d4937-dcb5-3cf1-8075-8d5533667510</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>ccab62e9-53cd-3d5e-aca3-6fa2e1b95597</sourceId> - <sourceGroupId>df54305f-551e-38ff-8e1c-a1c272c238c0</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>ff4ada2c-5f6f-33bc-ae0c-8cdb24dd2357</destinationId> - <destinationGroupId>df54305f-551e-38ff-8e1c-a1c272c238c0</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> + <sourceId>ccab62e9-53cd-3d5e-aca3-6fa2e1b95597</sourceId> + <sourceGroupId>df54305f-551e-38ff-8e1c-a1c272c238c0</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>85764070-cd41-38a1-a352-929737e563c6</destinationId> + <destinationGroupId>df54305f-551e-38ff-8e1c-a1c272c238c0</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -2851,26 +2447,6 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> </processGroup> - <connection> - <id>9ed93675-7bd4-150a-0000-000017d6cf1e</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>9ed9364e-7bd4-150a-ffff-ffffa5012b2a</sourceId> - <sourceGroupId>9ed9363a-7bd4-150a-0000-00000cc58ac4</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>f270695c-edf6-3a9f-bc3a-10804f26f56f</destinationId> - <destinationGroupId>309911c5-0f97-37e4-8511-3c5639f5db10</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> <connection> <id>ff7df1ed-63be-3637-aa15-094355c9711f</id> <name /> @@ -2900,9 +2476,9 @@ <sourceId>2ef455b6-6c77-39ae-87bf-d21b988f4c52</sourceId> <sourceGroupId>89e761fa-669e-30c2-9590-ab8f806ffaff</sourceGroupId> <sourceType>OUTPUT_PORT</sourceType> - <destinationId>9ed93645-7bd4-150a-ffff-fffff6fa372f</destinationId> - <destinationGroupId>9ed9363a-7bd4-150a-0000-00000cc58ac4</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> + <destinationId>f270695c-edf6-3a9f-bc3a-10804f26f56f</destinationId> + <destinationGroupId>309911c5-0f97-37e4-8511-3c5639f5db10</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> @@ -2937,8 +2513,6 @@ <name>Enrich domain2</name> <position x="440.0" y="496.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <inputPort> <id>0097ae66-e4c5-316c-b301-c8fd4481cbf4</id> <name>Input</name> @@ -2949,135 +2523,15 @@ <outputPort> <id>1464f185-b2d5-3347-8aaa-89cfc91566f5</id> <name>Output</name> - <position x="528.0" y="816.0" /> + <position x="1232.0" y="600.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> - <processGroup> - <id>3514302f-5e74-1185-b5c5-edc034d911a6</id> - <name>Misp lookup</name> - <position x="448.0" y="520.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>2a1b3c82-c06f-1184-b6ec-245bb0032b5a</id> - <name>Misp domain1</name> - <position x="480.99999953064577" y="197.99999761468263" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.LookupRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>lookup-service</name> - <value>fa06ec39-7782-3ae3-8dfe-71d28c5240c3</value> - </property> - <property> - <name>result-record-path</name> - <value>${enrich_domain2}_misp</value> - </property> - <property> - <name>routing-strategy</name> - <value>route-to-success</value> - </property> - <property> - <name>result-contents</name> - <value>insert-entire-record</value> - </property> - <property> - <name>record-update-strategy</name> - <value>use-property</value> - </property> - <property> - <name>key</name> - <value>${enrich_domain2}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>7f5c3719-3707-1577-ad0d-945c5da3a77b</id> - <name>Input</name> - <position x="536.0" y="16.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>af083d3d-f063-1506-a7fe-2c6f0864de22</id> - <name>Output</name> - <position x="536.0" y="456.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>9cf430ed-a82c-1272-853f-4eeb68c144e2</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>2a1b3c82-c06f-1184-b6ec-245bb0032b5a</sourceId> - <sourceGroupId>3514302f-5e74-1185-b5c5-edc034d911a6</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>af083d3d-f063-1506-a7fe-2c6f0864de22</destinationId> - <destinationGroupId>3514302f-5e74-1185-b5c5-edc034d911a6</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>96023b7a-7902-1e45-91b0-0396e8bf647b</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>7f5c3719-3707-1577-ad0d-945c5da3a77b</sourceId> - <sourceGroupId>3514302f-5e74-1185-b5c5-edc034d911a6</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>2a1b3c82-c06f-1184-b6ec-245bb0032b5a</destinationId> - <destinationGroupId>3514302f-5e74-1185-b5c5-edc034d911a6</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> <processGroup> <id>db261d6a-ab4a-3a2e-854a-cd42492788c5</id> <name>Entropy</name> <position x="1152.0" y="288.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>eff73930-f310-1a2e-b248-812b172b7415</id> <name>Calculate entropy on domain2</name> @@ -3088,13 +2542,13 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-scripting-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> <penalizationPeriod>30 sec</penalizationPeriod> <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>ERROR</bulletinLevel> + <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> <scheduledState>RUNNING</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> @@ -3106,18 +2560,18 @@ </property> <property> <name>Script File</name> - <value>/opt/nifi/nifi-current/conf/enrich/freq/freqProcessor.py</value> + <value>/opt/nifi/nifi-current/conf/freq/freqProcessor.py</value> </property> <property> <name>Script Body</name> </property> <property> <name>Module Directory</name> - <value>/opt/nifi/nifi-current/conf/enrich/freq</value> + <value>/opt/nifi/nifi-current/conf/freq</value> </property> <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + <name>Frequency File</name> + <value>/opt/nifi/nifi-current/conf/freq/alexa.json</value> </property> <property> <name>record-writer</name> @@ -3128,18 +2582,17 @@ <value>${enrich_domain2}</value> </property> <property> - <name>Result Field 1</name> - <value>${enrich_domain2}_freq1</value> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> <name>Result Field 2</name> <value>${enrich_domain2}_freq2</value> </property> <property> - <name>Frequency File</name> - <value>/opt/nifi/nifi-current/conf/enrich/freq/alexa.json</value> + <name>Result Field 1</name> + <value>${enrich_domain2}_freq1</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>ecc214d7-667d-3d81-affa-93e712a87abe</id> @@ -3155,18 +2608,22 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>1667ea62-481a-3dfb-8745-8033f80ab5a7</id> + <position x="144.0" y="352.0" /> + </funnel> <connection> <id>bf99e121-0171-1000-0000-0000487c681e</id> <name /> <bendPoints /> - <labelIndex>0</labelIndex> + <labelIndex>1</labelIndex> <zIndex>0</zIndex> <sourceId>ecc214d7-667d-3d81-affa-93e712a87abe</sourceId> <sourceGroupId>db261d6a-ab4a-3a2e-854a-cd42492788c5</sourceGroupId> <sourceType>INPUT_PORT</sourceType> - <destinationId>eff73930-f310-1a2e-b248-812b172b7415</destinationId> + <destinationId>10c439ea-f35c-3171-836c-d83af1403698</destinationId> <destinationGroupId>db261d6a-ab4a-3a2e-854a-cd42492788c5</destinationGroupId> - <destinationType>PROCESSOR</destinationType> + <destinationType>OUTPUT_PORT</destinationType> <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> @@ -3195,14 +2652,32 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> + <connection> + <id>bf9a2f76-0171-1000-ffff-fffffcafce73</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>eff73930-f310-1a2e-b248-812b172b7415</sourceId> + <sourceGroupId>db261d6a-ab4a-3a2e-854a-cd42492788c5</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>1667ea62-481a-3dfb-8745-8033f80ab5a7</destinationId> + <destinationGroupId>db261d6a-ab4a-3a2e-854a-cd42492788c5</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> </processGroup> <processGroup> <id>bd4c02d9-77f7-3984-8aa0-ad78099693a7</id> <name>Alexa</name> <position x="448.0" y="288.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> <id>4598e8b8-b54a-3855-b6b7-5ac2721745a2</id> <name>Alexa domain1</name> @@ -3213,7 +2688,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>8</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -3257,7 +2732,6 @@ <name>key</name> <value>${enrich_domain2}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <inputPort> <id>a7e674e2-60b2-3417-ad31-d69248774c3f</id> @@ -3273,19 +2747,23 @@ <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> + <funnel> + <id>bf17534a-3723-3f7d-9ca1-dc1b61022e90</id> + <position x="-1152.0" y="512.0" /> + </funnel> <connection> - <id>6580ec44-ce8d-3aaf-b7ba-ee4c4d67321b</id> + <id>3264d31c-6569-3dde-b174-ddff9f7d3835</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>a7e674e2-60b2-3417-ad31-d69248774c3f</sourceId> + <sourceId>4598e8b8-b54a-3855-b6b7-5ac2721745a2</sourceId> <sourceGroupId>bd4c02d9-77f7-3984-8aa0-ad78099693a7</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>4598e8b8-b54a-3855-b6b7-5ac2721745a2</destinationId> + <sourceType>PROCESSOR</sourceType> + <destinationId>bf17534a-3723-3f7d-9ca1-dc1b61022e90</destinationId> <destinationGroupId>bd4c02d9-77f7-3984-8aa0-ad78099693a7</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -3294,12 +2772,32 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>bd6b2b7a-04db-3e73-8f38-4520b7b07965</id> + <id>6580ec44-ce8d-3aaf-b7ba-ee4c4d67321b</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>4598e8b8-b54a-3855-b6b7-5ac2721745a2</sourceId> + <sourceId>a7e674e2-60b2-3417-ad31-d69248774c3f</sourceId> + <sourceGroupId>bd4c02d9-77f7-3984-8aa0-ad78099693a7</sourceGroupId> + <sourceType>INPUT_PORT</sourceType> + <destinationId>4598e8b8-b54a-3855-b6b7-5ac2721745a2</destinationId> + <destinationGroupId>bd4c02d9-77f7-3984-8aa0-ad78099693a7</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>bd6b2b7a-04db-3e73-8f38-4520b7b07965</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>4598e8b8-b54a-3855-b6b7-5ac2721745a2</sourceId> <sourceGroupId>bd4c02d9-77f7-3984-8aa0-ad78099693a7</sourceGroupId> <sourceType>PROCESSOR</sourceType> <destinationId>23f74eb2-f2ec-3612-b370-d18952393be5</destinationId> @@ -3354,26 +2852,6 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> - <connection> - <id>96023b92-7902-1e45-0000-000012465abe</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>af083d3d-f063-1506-a7fe-2c6f0864de22</sourceId> - <sourceGroupId>3514302f-5e74-1185-b5c5-edc034d911a6</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>1464f185-b2d5-3347-8aaa-89cfc91566f5</destinationId> - <destinationGroupId>464af303-e93a-32ed-a7ef-d3d553054447</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> <connection> <id>7fcacebd-9235-37f8-9160-496d27d96a2d</id> <name /> @@ -3383,9 +2861,9 @@ <sourceId>10c439ea-f35c-3171-836c-d83af1403698</sourceId> <sourceGroupId>db261d6a-ab4a-3a2e-854a-cd42492788c5</sourceGroupId> <sourceType>OUTPUT_PORT</sourceType> - <destinationId>7f5c3719-3707-1577-ad0d-945c5da3a77b</destinationId> - <destinationGroupId>3514302f-5e74-1185-b5c5-edc034d911a6</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> + <destinationId>1464f185-b2d5-3347-8aaa-89cfc91566f5</destinationId> + <destinationGroupId>464af303-e93a-32ed-a7ef-d3d553054447</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> @@ -3724,16 +3202,16 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-lookup-services-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> <name>csv-file</name> - <value>/opt/nifi/nifi-current/conf/enrich/alexa-top-1m.csv</value> + <value>/opt/nifi/nifi-current/conf/alexa-top-1m.csv</value> </property> <property> <name>CSV Format</name> - <value>default</value> + <value>Default</value> </property> <property> <name>Character Set</name> @@ -3744,36 +3222,13 @@ <value>domain</value> </property> <property> - <name>ignore-duplicates</name> - <value>true</value> - </property> - <property> - <name>Value Separator</name> - <value>,</value> - </property> - <property> - <name>Quote Character</name> - <value>"</value> - </property> - <property> - <name>Quote Mode</name> - <value>MINIMAL</value> - </property> - <property> - <name>Comment Marker</name> - </property> - <property> - <name>Escape Character</name> - <value>\</value> + <name>lookup-value-column</name> + <value>index</value> </property> <property> - <name>Trim Fields</name> + <name>ignore-duplicates</name> <value>true</value> </property> - <property> - <name>lookup-value-column</name> - <value>index</value> - </property> </controllerService> <controllerService> <id>67289e27-a14d-3fa6-bcf9-91f7d2ae8d59</id> @@ -3783,16 +3238,16 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-lookup-services-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> <name>csv-file</name> - <value>/opt/nifi/nifi-current/conf/enrich/umbrella-top-1m.csv</value> + <value>/opt/nifi/nifi-current/conf/umbrella-top-1m.csv</value> </property> <property> <name>CSV Format</name> - <value>default</value> + <value>Excel</value> </property> <property> <name>Character Set</name> @@ -3803,36 +3258,13 @@ <value>domain</value> </property> <property> - <name>ignore-duplicates</name> - <value>true</value> - </property> - <property> - <name>Value Separator</name> - <value>,</value> - </property> - <property> - <name>Quote Character</name> - <value>"</value> - </property> - <property> - <name>Quote Mode</name> - <value>MINIMAL</value> - </property> - <property> - <name>Comment Marker</name> - </property> - <property> - <name>Escape Character</name> - <value>\</value> + <name>lookup-value-column</name> + <value>index</value> </property> <property> - <name>Trim Fields</name> + <name>ignore-duplicates</name> <value>true</value> </property> - <property> - <name>lookup-value-column</name> - <value>index</value> - </property> </controllerService> </processGroup> <processGroup> @@ -3840,8 +3272,6 @@ <name>Data input</name> <position x="830.4597621124223" y="407.3463126314215" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <outputPort> <id>21a9e277-2d80-359a-9c57-cb76d8962e6d</id> <name>To data output</name> @@ -3852,7 +3282,7 @@ <outputPort> <id>20b01ab3-3a8d-3573-b95d-a4a45494050f</id> <name>To enrichment</name> - <position x="480.0" y="392.0" /> + <position x="480.0" y="504.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> @@ -3861,8 +3291,6 @@ <name>Custom data inputs</name> <position x="-504.0" y="952.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <outputPort> <id>27d5dab2-0172-1000-ffff-ffffab5c50be</id> <name>To data output</name> @@ -3879,23 +3307,21 @@ </outputPort> </processGroup> <processGroup> - <id>0c790562-0175-1000-ffff-ffffeaaeafc3</id> - <name>FileBeat</name> - <position x="-496.0" y="344.0" /> + <id>84607b52-9748-3d38-b519-b0a05cddd097</id> + <name>Nifi logs</name> + <position x="-496.0" y="136.0" /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> - <id>8962ad5a-0175-1000-ffff-ffffde6db5a6</id> - <name>RouteOnAttribute</name> - <position x="-1080.0" y="280.0" /> + <id>c1318ad1-0c35-3896-b32a-1ccd6c09864a</id> + <name>Add source fields and fix timestamp</name> + <position x="-2192.0" y="560.0" /> <styles /> <comment /> - <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> + <class>org.apache.nifi.processors.standard.UpdateRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -3908,217 +3334,584 @@ <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Routing Strategy</name> - <value>Route to Property name</value> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + </property> + <property> + <name>record-writer</name> + <value>94600c6c-704e-3ff8-a2a4-f2f25c71dc3b</value> + </property> + <property> + <name>replacement-value-strategy</name> + <value>literal-value</value> </property> <property> - <name>keycloak</name> - <value>${log_type:equals("keycloak")}</value> + <name>/labels/source</name> + <value>${tailfile.original.path}</value> </property> <property> - <name>kibana</name> - <value>${log_type:equals("kibana")}</value> + <name>/labels/source_host</name> + <value>${hostname()}</value> </property> <property> - <name>elasticsearch</name> - <value>${log_type:equals("elasticsearch")}</value> + <name>/timestamp</name> + <value>${field.value:toDate('yyyy-MM-dd HH:mm:ss,SSS'):format("yyyy-MM-dd'T'HH:mm:ss.SSSXXX")}</value> </property> + </processor> + <processor> + <id>68663f14-f470-32ee-9cb3-224344d5ad6a</id> + <name>UpdateAttribute</name> + <position x="-2184.0" y="824.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> <property> - <name>suricata</name> - <value>${log_type:equals("suricata")}</value> + <name>Delete Attributes Expression</name> </property> <property> - <name>haproxy</name> - <value>${log_type:equals("haproxy")}</value> + <name>Store State</name> + <value>Do not store state</value> </property> <property> - <name>mysql</name> - <value>${log_type:equals("mysql")}</value> + <name>Stateful Variables Initial Value</name> </property> <property> - <name>zeek</name> - <value>${log_type:equals("zeek")}</value> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> </property> <property> - <name>nifi</name> - <value>${log_type:equals("nifi")}</value> + <name>data_index</name> + <value>nifi-logs</value> </property> <property> - <name>zookeeper</name> - <value>${log_type:equals("zookeeper")}</value> + <name>Authorization</name> + <value>Bearer 874rPdPJ6qOSL6HvWcH8xxChqTJxiFtHp94puxh4MygY</value> </property> </processor> - <outputPort> - <id>bcb879d5-0175-1000-0000-000070879ad0</id> - <name>To data output</name> - <position x="-2480.0" y="336.0" /> - <comments /> + <processor> + <id>716d22cb-8b81-342f-abe4-7cdfe2a980ff</id> + <name>ConvertRecord</name> + <position x="-2200.0" y="264.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ConvertRecord</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> <scheduledState>RUNNING</scheduledState> - </outputPort> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>record-reader</name> + <value>e3e44ca0-6653-328b-9d3f-b8225312914b</value> + </property> + <property> + <name>record-writer</name> + <value>94600c6c-704e-3ff8-a2a4-f2f25c71dc3b</value> + </property> + <property> + <name>include-zero-record-flowfiles</name> + <value>true</value> + </property> + </processor> + <processor> + <id>609a3835-5317-1c94-ad8f-1d9940869db4</id> + <name>TailFile</name> + <position x="-2200.0" y="8.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.TailFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>tail-mode</name> + <value>Single file</value> + </property> + <property> + <name>File to Tail</name> + <value>/opt/nifi/nifi-current/logs/nifi-user.log</value> + </property> + <property> + <name>Rolling Filename Pattern</name> + </property> + <property> + <name>tail-base-directory</name> + </property> + <property> + <name>Initial Start Position</name> + <value>Beginning of File</value> + </property> + <property> + <name>File Location</name> + <value>Local</value> + </property> + <property> + <name>tailfile-recursive-lookup</name> + <value>false</value> + </property> + <property> + <name>tailfile-lookup-frequency</name> + <value>10 minutes</value> + </property> + <property> + <name>tailfile-maximum-age</name> + <value>24 hours</value> + </property> + </processor> + <processor> + <id>9ecf3ce4-ae3c-1b06-96f9-5e9c59e51690</id> + <name>TailFile</name> + <position x="-1784.0" y="8.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.TailFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>tail-mode</name> + <value>Single file</value> + </property> + <property> + <name>File to Tail</name> + <value>/opt/nifi/nifi-current/logs/nifi-bootstrap.log</value> + </property> + <property> + <name>Rolling Filename Pattern</name> + </property> + <property> + <name>tail-base-directory</name> + </property> + <property> + <name>Initial Start Position</name> + <value>Beginning of File</value> + </property> + <property> + <name>File Location</name> + <value>Local</value> + </property> + <property> + <name>tailfile-recursive-lookup</name> + <value>false</value> + </property> + <property> + <name>tailfile-lookup-frequency</name> + <value>10 minutes</value> + </property> + <property> + <name>tailfile-maximum-age</name> + <value>24 hours</value> + </property> + </processor> + <processor> + <id>1e796098-c064-371a-8147-d60b5d41a316</id> + <name>TailFile</name> + <position x="-2648.0" y="16.0" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.TailFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>tail-mode</name> + <value>Single file</value> + </property> + <property> + <name>File to Tail</name> + <value>/opt/nifi/nifi-current/logs/nifi-app.log</value> + </property> + <property> + <name>Rolling Filename Pattern</name> + </property> + <property> + <name>tail-base-directory</name> + </property> + <property> + <name>Initial Start Position</name> + <value>Beginning of File</value> + </property> + <property> + <name>File Location</name> + <value>Local</value> + </property> + <property> + <name>tailfile-recursive-lookup</name> + <value>false</value> + </property> + <property> + <name>tailfile-lookup-frequency</name> + <value>10 minutes</value> + </property> + <property> + <name>tailfile-maximum-age</name> + <value>24 hours</value> + </property> + </processor> <outputPort> - <id>349b32fe-a821-1197-0000-00003a0b6fe5</id> - <name>To enrichment</name> - <position x="744.0" y="920.0" /> + <id>1ef39440-1985-3bbb-8e03-859a1c5ee4b1</id> + <name>To storage</name> + <position x="-2120.0" y="1064.0" /> <comments /> <scheduledState>RUNNING</scheduledState> </outputPort> - <processGroup> - <id>89636688-0175-1000-ffff-ffffb1b28a38</id> - <name>Unknown data</name> - <position x="-448.0" y="64.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>8963d0f9-0175-1000-0000-000054fbe086</id> - <name>UpdateAttribute</name> - <position x="392.0" y="248.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <funnel> + <id>beabd3be-6f95-3369-9aa5-4631e6207ec5</id> + <position x="-1572.2279720213353" y="320.16022816068823" /> + </funnel> + <connection> + <id>0261c39c-d823-3ab3-b680-2d0c2fa152e5</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c1318ad1-0c35-3896-b32a-1ccd6c09864a</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>68663f14-f470-32ee-9cb3-224344d5ad6a</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>214adcbf-0175-1000-ffff-ffffaedeecef</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>9ecf3ce4-ae3c-1b06-96f9-5e9c59e51690</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>716d22cb-8b81-342f-abe4-7cdfe2a980ff</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>0a34d026-0761-3a6d-b261-377d20a40b5d</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c1318ad1-0c35-3896-b32a-1ccd6c09864a</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>beabd3be-6f95-3369-9aa5-4631e6207ec5</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>266ad4f3-c827-337a-b3b5-28bccc8917fc</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>716d22cb-8b81-342f-abe4-7cdfe2a980ff</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>beabd3be-6f95-3369-9aa5-4631e6207ec5</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>0dc021fb-a375-3e48-a5fd-1b9d5c3ad9bd</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>1e796098-c064-371a-8147-d60b5d41a316</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>716d22cb-8b81-342f-abe4-7cdfe2a980ff</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>5bc3c82f-bfb5-3e6c-a7bf-141748391beb</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>716d22cb-8b81-342f-abe4-7cdfe2a980ff</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c1318ad1-0c35-3896-b32a-1ccd6c09864a</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>32df885e-4eb1-38fd-bf6b-219725264cf4</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>68663f14-f470-32ee-9cb3-224344d5ad6a</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>1ef39440-1985-3bbb-8e03-859a1c5ee4b1</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>609a3840-5317-1c94-0000-00002897f5ab</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>609a3835-5317-1c94-ad8f-1d9940869db4</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>716d22cb-8b81-342f-abe4-7cdfe2a980ff</destinationId> + <destinationGroupId>84607b52-9748-3d38-b519-b0a05cddd097</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <controllerService> + <id>e3e44ca0-6653-328b-9d3f-b8225312914b</id> + <name>Nifi logs GrokReader</name> + <comment /> + <class>org.apache.nifi.grok.GrokReader</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-record-serialization-services-nar</artifact> + <version>1.11.4</version> + </bundle> + <enabled>true</enabled> + <property> + <name>schema-access-strategy</name> + <value>string-fields-from-grok-expression</value> + </property> + <property> + <name>schema-registry</name> + </property> + <property> + <name>schema-name</name> + <value>${schema.name}</value> + </property> + <property> + <name>schema-version</name> + </property> + <property> + <name>schema-branch</name> + </property> + <property> + <name>schema-text</name> + <value>${avro.schema}</value> + </property> + <property> + <name>Grok Pattern File</name> + </property> + <property> + <name>Grok Expression</name> + <value>%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \[%{DATA:thread}\] %{DATA:class} %{GREEDYDATA:message}</value> + </property> + <property> + <name>no-match-behavior</name> + <value>append-to-previous-message</value> + </property> + </controllerService> + </processGroup> + <processGroup> + <id>0c790562-0175-1000-ffff-ffffeaaeafc3</id> + <name>FileBeat</name> + <position x="-496.0" y="344.0" /> + <comment /> + <processGroup> + <id>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</id> + <name>Suricata</name> + <position x="-504.0" y="352.0" /> + <comment /> + <processor> + <id>19336e9e-3581-3d83-bb51-b9af2f5a6005</id> + <name>Filter out DNS events</name> + <position x="-371.62446124181497" y="672.8156960893323" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> + <maxConcurrentTasks>3</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> <penalizationPeriod>30 sec</penalizationPeriod> <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Delete Attributes Expression</name> + <name>Routing Strategy</name> + <value>Route to Property name</value> </property> <property> - <name>Store State</name> - <value>Do not store state</value> + <name>dns</name> + <value>${event_type:contains("dns")}</value> </property> <property> - <name>Stateful Variables Initial Value</name> + <name>flow</name> + <value>${event_type:contains("flow")}</value> </property> <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> + <name>alert</name> + <value>${event_type:contains("alert")}</value> </property> <property> - <name>data_index</name> - <value>logs-filebeat-unknown</value> + <name>ssh</name> + <value>${event_type:contains("ssh")}</value> </property> - </processor> - <inputPort> - <id>89639d3d-0175-1000-ffff-ffffb446c257</id> - <name>Input</name> - <position x="444.0000243687773" y="80.00000220501622" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>8963b202-0175-1000-0000-000022d64ba2</id> - <name>Output</name> - <position x="456.0" y="504.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>8963e649-0175-1000-ffff-fffff03ab629</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>89639d3d-0175-1000-ffff-ffffb446c257</sourceId> - <sourceGroupId>89636688-0175-1000-ffff-ffffb1b28a38</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>8963d0f9-0175-1000-0000-000054fbe086</destinationId> - <destinationGroupId>89636688-0175-1000-ffff-ffffb1b28a38</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8963f112-0175-1000-0000-00000dfa15b5</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8963d0f9-0175-1000-0000-000054fbe086</sourceId> - <sourceGroupId>89636688-0175-1000-ffff-ffffb1b28a38</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8963b202-0175-1000-0000-000022d64ba2</destinationId> - <destinationGroupId>89636688-0175-1000-ffff-ffffb1b28a38</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>bc6be78f-0175-1000-ffff-ffffbcd0f569</id> - <name>NiFi logs</name> - <position x="-1904.0" y="264.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>bc903708-0175-1000-0000-0000642abebf</id> - <name>Extract message</name> - <position x="352.0" y="280.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + <name>tls</name> + <value>${event_type:contains("tls")}</value> </property> <property> - <name>record-writer</name> - <value>bc8e5957-0175-1000-0000-00003346421d</value> + <name>http</name> + <value>${event_type:contains("http")}</value> + </property> + <property> + <name>stats</name> + <value>${event_type:contains("stats")}</value> + </property> + <property> + <name>files</name> + <value>${event_type:contains("file")}</value> </property> <property> - <name>include-zero-record-flowfiles</name> - <value>true</value> + <name>smtp</name> + <value>${event_type:contains("smtp")}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> + <autoTerminatedRelationship>smtp</autoTerminatedRelationship> + <autoTerminatedRelationship>stats</autoTerminatedRelationship> + <autoTerminatedRelationship>unmatched</autoTerminatedRelationship> </processor> <processor> - <id>bc91c66f-0175-1000-0000-00005c7f88ce</id> - <name>Convert to json</name> - <position x="1064.0" y="272.0" /> + <id>d59eabae-f47a-3d88-a1c9-e15c156202d6</id> + <name>Extract rrname</name> + <position x="-369.29872149802804" y="897.6180433395261" /> <styles /> <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> + <class>org.apache.nifi.processors.standard.UpdateRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4126,35 +3919,46 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> <name>record-reader</name> - <value>bc97858d-0175-1000-0000-0000130a84f8</value> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> <name>record-writer</name> <value>17b30955-5464-3709-8a32-69a459850cfa</value> </property> <property> - <name>include-zero-record-flowfiles</name> - <value>true</value> + <name>replacement-value-strategy</name> + <value>record-path-value</value> + </property> + <property> + <name>/rrname_length</name> + <value>/dns/rrname</value> + </property> + <property> + <name>/rrname_domain</name> + <value>/dns/rrname</value> + </property> + <property> + <name>/rrname_domain_length</name> + <value>/dns/rrname</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> - <id>bcabbf11-0175-1000-0000-000037f4e3d3</id> - <name>UpdateAttribute</name> - <position x="1072.0" y="472.0" /> + <id>24e1d8ed-10f4-3b46-958c-f2fb676e3192</id> + <name>Remove unnecessary filebeat fields</name> + <position x="-987.5658863682004" y="234.96963460665665" /> <styles /> <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <class>org.apache.nifi.processors.standard.JoltTransformJSON</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4162,40 +3966,59 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Delete Attributes Expression</name> + <name>jolt-transform</name> + <value>jolt-transform-chain</value> </property> <property> - <name>Store State</name> - <value>Do not store state</value> + <name>jolt-custom-class</name> </property> <property> - <name>Stateful Variables Initial Value</name> + <name>jolt-custom-modules</name> </property> <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> + <name>jolt-spec</name> + <value>[{ + "operation": "shift", + "spec": { + "*": { + "json": { + "*": { + "@": "[#4].&" + } + }, + "host": { + "name": "[#3].beat_host" + }, + "source": "[#2].source" + } + } +}]</value> </property> <property> - <name>data_index</name> - <value>logs-nifi</value> + <name>Transform Cache Size</name> + <value>1</value> + </property> + <property> + <name>pretty_print</name> + <value>false</value> </property> </processor> <processor> - <id>bc9ffeb0-0175-1000-0000-00000a88d684</id> - <name>UpdateRecord</name> - <position x="352.0" y="472.0" /> + <id>47757d9f-c23d-33ca-9c88-3c8722bd00a5</id> + <name>Add rrname_domain++</name> + <position x="-368.27336608185624" y="1138.9635842383886" /> <styles /> <comment /> <class>org.apache.nifi.processors.standard.UpdateRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4203,7 +4026,7 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> @@ -4220,152 +4043,45 @@ <value>literal-value</value> </property> <property> - <name>/labels/source_file</name> - <value>${source_file}</value> + <name>/rrname_length</name> + <value>${field.value:length():toNumber()}</value> </property> <property> - <name>/labels/source_host</name> - <value>${source_host}</value> + <name>/ip_src_addr</name> + <value>0.0.0.0</value> </property> <property> - <name>/timestamp</name> - <value>${field.value:toDate('yyyy-MM-dd HH:mm:ss,SSS'):format("yyyy-MM-dd'T'HH:mm:ss.SSSXXX")}</value> + <name>/src_ip</name> + <value>0.0.0.0</value> + </property> + <property> + <name>/ip_dst_addr</name> + <value>0.0.0.0</value> + </property> + <property> + <name>/rrname_domain</name> + <value>${field.value:substringBeforeLast('.'):substringAfterLast('.'):append(${field.value:substringAfterLast('.'):prepend('.')})}</value> + </property> + <property> + <name>/dest_ip</name> + <value>0.0.0.0</value> + </property> + <property> + <name>/rrname_domain_length</name> + <value>${field.value:substringBeforeLast('.'):substringAfterLast('.'):append(${field.value:substringAfterLast('.'):prepend('.')}):length():toNumber()}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> - <inputPort> - <id>bc6c2159-0175-1000-ffff-ffffb4de4d47</id> - <name>Input</name> - <position x="397.9999517774115" y="110.99999315685733" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>bca9636a-0175-1000-0000-000013fa95aa</id> - <name>Output</name> - <position x="1120.0" y="808.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>bc90c7ac-0175-1000-ffff-fffffa80b534</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bc903708-0175-1000-0000-0000642abebf</sourceId> - <sourceGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bc91c66f-0175-1000-0000-00005c7f88ce</destinationId> - <destinationGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bc924694-0175-1000-0000-00005b0604b6</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bc91c66f-0175-1000-0000-00005c7f88ce</sourceId> - <sourceGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bc9ffeb0-0175-1000-0000-00000a88d684</destinationId> - <destinationGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bc6e1b20-0175-1000-ffff-ffff9e7dcb75</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bc6c2159-0175-1000-ffff-ffffb4de4d47</sourceId> - <sourceGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>bc903708-0175-1000-0000-0000642abebf</destinationId> - <destinationGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bcad2e36-0175-1000-0000-00002b6e8fe7</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bcabbf11-0175-1000-0000-000037f4e3d3</sourceId> - <sourceGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bca9636a-0175-1000-0000-000013fa95aa</destinationId> - <destinationGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bca97855-0175-1000-ffff-ffffbd18cb66</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bc9ffeb0-0175-1000-0000-00000a88d684</sourceId> - <sourceGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bcabbf11-0175-1000-0000-000037f4e3d3</destinationId> - <destinationGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>895eab20-0175-1000-0000-00007e13267d</id> - <name>Common ListenBeats</name> - <position x="-1096.0" y="0.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> <processor> - <id>71be315f-7e16-1cce-89f1-d5bd502f889f</id> + <id>e89b0470-bff2-323c-92e5-5fb2d3949070</id> <name>Prepend [</name> - <position x="-1086.1517800521056" y="160.65881341602864" /> + <position x="-996.7179797450688" y="47.535499055489254" /> <styles /> <comment /> <class>org.apache.nifi.processors.standard.ReplaceText</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4373,7 +4089,7 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> @@ -4391,7 +4107,7 @@ </property> <property> <name>Maximum Buffer Size</name> - <value>2 MB</value> + <value>1 MB</value> </property> <property> <name>Replacement Strategy</name> @@ -4405,19 +4121,18 @@ <name>Line-by-Line Evaluation Mode</name> <value>All</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> - <id>d3e43667-10ef-1528-b935-47c2f077f2c9</id> - <name>ListenBeats</name> - <position x="-616.0" y="-56.0" /> + <id>fd6b6513-51f8-3a96-a764-13bd39ec7f84</id> + <name>Partition records based on event_type</name> + <position x="-382.59400260581754" y="446.9900134408068" /> <styles /> <comment /> - <class>org.apache.nifi.processors.beats.ListenBeats</class> + <class>org.apache.nifi.processors.standard.PartitionRecord</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-beats-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4425,65 +4140,35 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Local Network Interface</name> - </property> - <property> - <name>Port</name> - <value>6001</value> - </property> - <property> - <name>Receive Buffer Size</name> - <value>65507 B</value> - </property> - <property> - <name>Max Size of Message Queue</name> - <value>10000</value> - </property> - <property> - <name>Max Size of Socket Buffer</name> - <value>2 MB</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>Max Batch Size</name> - <value>10000</value> - </property> - <property> - <name>Message Delimiter</name> - <value>,\n</value> - </property> - <property> - <name>Max Number of TCP Connections</name> - <value>100</value> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> - <name>SSL_CONTEXT_SERVICE</name> - <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> + <name>record-writer</name> + <value>17b30955-5464-3709-8a32-69a459850cfa</value> </property> <property> - <name>Client Auth</name> - <value>NONE</value> + <name>event_type</name> + <value>/event_type</value> </property> + <autoTerminatedRelationship>original</autoTerminatedRelationship> </processor> <processor> - <id>6b9a3cb4-e697-1540-a5fb-ea71cfce8f41</id> - <name>Append ]</name> - <position x="-424.0" y="160.0" /> + <id>a88dab36-f543-32fc-8f45-aa11b99c0ff4</id> + <name>Add standardized fields</name> + <position x="-982.3277701858627" y="433.7665258942376" /> <styles /> <comment /> - <class>org.apache.nifi.processors.standard.ReplaceText</class> + <class>org.apache.nifi.processors.standard.UpdateRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4491,51 +4176,50 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Regular Expression</name> - <value>(?s)(^.*$)</value> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> - <name>Replacement Value</name> - <value>]</value> + <name>record-writer</name> + <value>17b30955-5464-3709-8a32-69a459850cfa</value> </property> <property> - <name>Character Set</name> - <value>UTF-8</value> + <name>replacement-value-strategy</name> + <value>record-path-value</value> </property> <property> - <name>Maximum Buffer Size</name> - <value>2 MB</value> + <name>/ip_dst_port</name> + <value>/dest_port</value> </property> <property> - <name>Replacement Strategy</name> - <value>Append</value> + <name>/ip_src_addr</name> + <value>/src_ip</value> </property> <property> - <name>Evaluation Mode</name> - <value>Entire text</value> + <name>/ip_dst_addr</name> + <value>/dest_ip</value> </property> <property> - <name>Line-by-Line Evaluation Mode</name> - <value>All</value> + <name>/ip_src_port</name> + <value>/src_port</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> - <id>d64f3acd-54a6-1b39-b1af-cc0a26156d5b</id> - <name>ListenBeats</name> - <position x="-1076.9243538376497" y="-51.550721133258094" /> + <id>1a038948-9e9a-3523-b899-990077bfd575</id> + <name>Convert timestamp</name> + <position x="-385.7461824498648" y="233.13395543765722" /> <styles /> <comment /> - <class>org.apache.nifi.processors.beats.ListenBeats</class> + <class>org.apache.nifi.processors.standard.UpdateRecord</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-beats-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4543,64 +4227,46 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Local Network Interface</name> - </property> - <property> - <name>Port</name> - <value>6000</value> - </property> - <property> - <name>Receive Buffer Size</name> - <value>1024kb</value> - </property> - <property> - <name>Max Size of Message Queue</name> - <value>10000</value> - </property> - <property> - <name>Max Size of Socket Buffer</name> - <value>4 MB</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> + <name>record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> - <name>Max Batch Size</name> - <value>500</value> + <name>record-writer</name> + <value>17b30955-5464-3709-8a32-69a459850cfa</value> </property> <property> - <name>Message Delimiter</name> - <value>,\n</value> + <name>replacement-value-strategy</name> + <value>literal-value</value> </property> <property> - <name>Max Number of TCP Connections</name> - <value>200</value> + <name>/TLP</name> + <value>AMBER</value> </property> <property> - <name>SSL_CONTEXT_SERVICE</name> + <name>/mime.type</name> + <value>application/json</value> </property> <property> - <name>Client Auth</name> - <value>NONE</value> + <name>/timestamp</name> + <value>${field.value:replaceFirst('\+(\d\d)(\d\d)','+$1:$2')}</value> </property> </processor> <processor> - <id>bb719fee-0175-1000-ffff-ffffb73dd31a</id> - <name>Rename @ fields</name> - <position x="-1080.0" y="360.0" /> + <id>7eeb23aa-b112-3cc8-bb56-2ca20b456907</id> + <name>Add enrichment attributes</name> + <position x="-381.71987132795925" y="1362.5536493927905" /> <styles /> <comment /> - <class>org.apache.nifi.processors.standard.JoltTransformJSON</class> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4608,54 +4274,170 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>jolt-transform</name> - <value>jolt-transform-chain</value> + <name>Delete Attributes Expression</name> </property> <property> - <name>jolt-custom-class</name> + <name>Store State</name> + <value>Do not store state</value> </property> <property> - <name>jolt-custom-modules</name> + <name>Stateful Variables Initial Value</name> </property> <property> - <name>jolt-spec</name> - <value>[{ - "operation": "shift", - "spec": { - "*": { - "\\@timestamp":"[&1].timestamp", - "\\@metadata":"[&1].metadata", - "*": "[&1].&" - } - } -}]</value> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> </property> <property> - <name>Transform Cache Size</name> - <value>1</value> + <name>enrich_domain1</name> + <value>/rrname_domain</value> </property> <property> - <name>pretty_print</name> - <value>false</value> + <name>enrich_fqdn1</name> + <value>/dns/rrname</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> - <id>896047e7-0175-1000-ffff-ffffc69204e4</id> - <name>PartitionRecord</name> - <position x="-424.0" y="368.0" /> + <id>46cdd7aa-91f0-307c-90aa-65747e558f25</id> + <name>Add attributes</name> + <position x="-990.1194195007834" y="665.1839855126569" /> <styles /> <comment /> - <class>org.apache.nifi.processors.standard.PartitionRecord</class> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Delete Attributes Expression</name> + </property> + <property> + <name>Store State</name> + <value>Do not store state</value> + </property> + <property> + <name>Stateful Variables Initial Value</name> + </property> + <property> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> + </property> + <property> + <name>data_id</name> + <value>suricata-${event_type}</value> + </property> + <property> + <name>data_index</name> + <value>logs-${beats.sender:substringBeforeLast('/'):substringBeforeLast('.'):substringAfterLast('.')}-suricata-${event_type}</value> + </property> + <property> + <name>data_type</name> + <value>suricata</value> + </property> + <property> + <name>enrich_ip2</name> + <value>/ip_dst_addr</value> + </property> + <property> + <name>enrich_ip1</name> + <value>/ip_src_addr</value> + </property> + <property> + <name>TLP</name> + <value>AMBER</value> + </property> + </processor> + <processor> + <id>2b0f0d27-a69e-30c9-b3a6-1499ff955a30</id> + <name>ListenBeats</name> + <position x="-987.897149146032" y="-167.11494242687536" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.beats.ListenBeats</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-beats-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>2</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>NONE</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Local Network Interface</name> + </property> + <property> + <name>Port</name> + <value>6101</value> + </property> + <property> + <name>Receive Buffer Size</name> + <value>65507 B</value> + </property> + <property> + <name>Max Size of Message Queue</name> + <value>100000</value> + </property> + <property> + <name>Max Size of Socket Buffer</name> + <value>10 MB</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Max Batch Size</name> + <value>5000</value> + </property> + <property> + <name>Message Delimiter</name> + <value>,\n</value> + </property> + <property> + <name>Max Number of TCP Connections</name> + <value>90</value> + </property> + <property> + <name>SSL_CONTEXT_SERVICE</name> + </property> + <property> + <name>Client Auth</name> + <value>REQUIRED</value> + </property> + </processor> + <processor> + <id>be18c77e-5e4e-3552-ac9b-892ab69a9d49</id> + <name>Append ]</name> + <position x="-396.7049152015222" y="50.4274414148523" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4663,52 +4445,70 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> </property> <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> + <name>Replacement Value</name> + <value>]</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> </property> <property> - <name>log_type</name> - <value>/fields/log_type</value> + <name>Maximum Buffer Size</name> + <value>1 MB</value> </property> <property> - <name>source_host</name> - <value>/host/name</value> + <name>Replacement Strategy</name> + <value>Append</value> </property> <property> - <name>source_file</name> - <value>/log/file/path</value> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> </processor> <outputPort> - <id>89620b1a-0175-1000-0000-000078566f34</id> - <name>Output</name> - <position x="-360.0" y="704.0" /> + <id>055308a4-d020-39a9-9da4-b165796ef717</id> + <name>To enrichment</name> + <position x="-900.0911671813442" y="1418.3104443450675" /> <comments /> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> </outputPort> + <funnel> + <id>d8f19295-5666-31a8-b701-52214c4db51d</id> + <position x="-1500.995244929405" y="257.20806784146276" /> + </funnel> + <funnel> + <id>9e3adb6e-2266-390c-995d-76bc3aa5c3d8</id> + <position x="283.72871497338747" y="273.4623850295515" /> + </funnel> + <funnel> + <id>c4afa3d5-0170-1000-ffff-ffffe437a306</id> + <position x="396.10723355029654" y="1188.222598705122" /> + </funnel> <connection> - <id>bb8aafca-0175-1000-0000-000038f8e9fc</id> + <id>d39ff93b-85e9-3c56-9f44-1916d1abcd9d</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>896047e7-0175-1000-ffff-ffffc69204e4</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> + <sourceId>a88dab36-f543-32fc-8f45-aa11b99c0ff4</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>89620b1a-0175-1000-0000-000078566f34</destinationId> - <destinationGroupId>895eab20-0175-1000-0000-00007e13267d</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> + <destinationId>fd6b6513-51f8-3a96-a764-13bd39ec7f84</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>PROCESSOR</destinationType> <relationship>success</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> @@ -4718,18 +4518,18 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>895f18a7-0175-1000-ffff-ffffbc2237fd</id> + <id>c4ae2f82-0170-1000-ffff-ffff91d33f16</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>71be315f-7e16-1cce-89f1-d5bd502f889f</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> + <sourceId>19336e9e-3581-3d83-bb51-b9af2f5a6005</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>6b9a3cb4-e697-1540-a5fb-ea71cfce8f41</destinationId> - <destinationGroupId>895eab20-0175-1000-0000-00007e13267d</destinationGroupId> + <destinationId>d59eabae-f47a-3d88-a1c9-e15c156202d6</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> + <relationship>dns</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -4738,16 +4538,16 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>895ee440-0175-1000-ffff-ffffd3ff3143</id> + <id>a4471b0c-c924-31e0-9aa1-7cf56b1be0ed</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>d64f3acd-54a6-1b39-b1af-cc0a26156d5b</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> + <sourceId>be18c77e-5e4e-3552-ac9b-892ab69a9d49</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>71be315f-7e16-1cce-89f1-d5bd502f889f</destinationId> - <destinationGroupId>895eab20-0175-1000-0000-00007e13267d</destinationGroupId> + <destinationId>24e1d8ed-10f4-3b46-958c-f2fb676e3192</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> <destinationType>PROCESSOR</destinationType> <relationship>success</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> @@ -4758,16 +4558,16 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>ac7a988a-0175-1000-ffff-ffff86c66751</id> + <id>f9a8aee6-502f-3eb9-8806-8964276d4ca0</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>d3e43667-10ef-1528-b935-47c2f077f2c9</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> + <sourceId>24e1d8ed-10f4-3b46-958c-f2fb676e3192</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>71be315f-7e16-1cce-89f1-d5bd502f889f</destinationId> - <destinationGroupId>895eab20-0175-1000-0000-00007e13267d</destinationGroupId> + <destinationId>1a038948-9e9a-3523-b899-990077bfd575</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> <destinationType>PROCESSOR</destinationType> <relationship>success</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> @@ -4778,36 +4578,63 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>bb8a6c6c-0175-1000-0000-00000abdc8f9</id> + <id>e8ad07a6-cd62-3473-9b16-833cf43026a6</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>bb719fee-0175-1000-ffff-ffffb73dd31a</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> + <sourceId>2b0f0d27-a69e-30c9-b3a6-1499ff955a30</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>896047e7-0175-1000-ffff-ffffc69204e4</destinationId> - <destinationGroupId>895eab20-0175-1000-0000-00007e13267d</destinationGroupId> + <destinationId>e89b0470-bff2-323c-92e5-5fb2d3949070</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> <destinationType>PROCESSOR</destinationType> <relationship>success</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>1 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>33baee02-9354-3b7f-a910-6220a5f6108f</id> + <name /> + <bendPoints> + <bendPoint x="-775.4788208007812" y="947.9116821289062" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>19336e9e-3581-3d83-bb51-b9af2f5a6005</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>055308a4-d020-39a9-9da4-b165796ef717</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>alert</relationship> + <relationship>files</relationship> + <relationship>http</relationship> + <relationship>ssh</relationship> + <relationship>tls</relationship> + <relationship>flow</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>8961779d-0175-1000-0000-00003ef237de</id> + <id>c010a48c-a3af-3cfc-9693-9885925e763e</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>6b9a3cb4-e697-1540-a5fb-ea71cfce8f41</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> + <sourceId>fd6b6513-51f8-3a96-a764-13bd39ec7f84</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> <sourceType>PROCESSOR</sourceType> - <destinationId>bb719fee-0175-1000-ffff-ffffb73dd31a</destinationId> - <destinationGroupId>895eab20-0175-1000-0000-00007e13267d</destinationGroupId> + <destinationId>46cdd7aa-91f0-307c-90aa-65747e558f25</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> <destinationType>PROCESSOR</destinationType> <relationship>success</relationship> <maxWorkQueueSize>10000</maxWorkQueueSize> @@ -4817,130 +4644,368 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> - </processGroup> - <processGroup> - <id>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</id> - <name>Suricata</name> - <position x="-448.0" y="264.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>8d1bef35-0175-1000-0000-0000746fa33d</id> - <name>RouteOnAttribute</name> - <position x="-984.0" y="640.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Routing Strategy</name> - <value>Route to Property name</value> - </property> - <property> - <name>dns</name> - <value>${event_type:equals("dns")}</value> - </property> - <property> - <name>tls</name> - <value>${event_type:equals("tls")}</value> - </property> - </processor> - <processor> - <id>24e1d8ed-10f4-3b46-958c-f2fb676e3192</id> - <name>Normalize fields</name> - <position x="-987.5658863682004" y="234.96963460665665" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.JoltTransformJSON</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>jolt-transform</name> - <value>jolt-transform-chain</value> - </property> - <property> - <name>jolt-custom-class</name> - </property> - <property> - <name>jolt-custom-modules</name> + <connection> + <id>3a82b9ea-a974-3750-ad78-275da67285e6</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>be18c77e-5e4e-3552-ac9b-892ab69a9d49</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>9e3adb6e-2266-390c-995d-76bc3aa5c3d8</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c4afb718-0170-1000-0000-000061284251</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>d59eabae-f47a-3d88-a1c9-e15c156202d6</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c4afa3d5-0170-1000-ffff-ffffe437a306</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>67789d5d-ebdc-390c-adc8-f2111f467ad4</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>fd6b6513-51f8-3a96-a764-13bd39ec7f84</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>9e3adb6e-2266-390c-995d-76bc3aa5c3d8</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c4afc7bc-0170-1000-ffff-ffffae3762dd</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>47757d9f-c23d-33ca-9c88-3c8722bd00a5</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c4afa3d5-0170-1000-ffff-ffffe437a306</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>f4bd2bed-88a1-396f-974b-19dcb5f40101</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e89b0470-bff2-323c-92e5-5fb2d3949070</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>d8f19295-5666-31a8-b701-52214c4db51d</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>9b860d17-8918-3956-a8b2-54ec49231c37</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>47757d9f-c23d-33ca-9c88-3c8722bd00a5</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>7eeb23aa-b112-3cc8-bb56-2ca20b456907</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>98594ca0-2fce-349c-8432-94f4d021d1fe</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e89b0470-bff2-323c-92e5-5fb2d3949070</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>be18c77e-5e4e-3552-ac9b-892ab69a9d49</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>d7ef534a-9fb6-3973-b2fa-2738705db47a</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>24e1d8ed-10f4-3b46-958c-f2fb676e3192</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>d8f19295-5666-31a8-b701-52214c4db51d</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c31d92b9-0e34-387d-86df-9536bf2ed9c9</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>1a038948-9e9a-3523-b899-990077bfd575</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>a88dab36-f543-32fc-8f45-aa11b99c0ff4</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>7417695b-cbde-3637-bb24-2e265bb2817c</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>46cdd7aa-91f0-307c-90aa-65747e558f25</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>19336e9e-3581-3d83-bb51-b9af2f5a6005</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>3e181820-b214-399d-a0df-474d15e2f146</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>1a038948-9e9a-3523-b899-990077bfd575</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>9e3adb6e-2266-390c-995d-76bc3aa5c3d8</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>e9962c43-9689-39b9-a1ba-cd2eac598802</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>a88dab36-f543-32fc-8f45-aa11b99c0ff4</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>d8f19295-5666-31a8-b701-52214c4db51d</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>1f219054-ea65-3700-a503-2d24acf2c754</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>7eeb23aa-b112-3cc8-bb56-2ca20b456907</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>055308a4-d020-39a9-9da4-b165796ef717</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>8c6c7a60-0856-3a39-8ed6-6e7d0b98c0ae</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>d59eabae-f47a-3d88-a1c9-e15c156202d6</sourceId> + <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>47757d9f-c23d-33ca-9c88-3c8722bd00a5</destinationId> + <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <processGroup> + <id>83691174-683f-3c7c-8526-8fc00397aee1</id> + <name>Zeek</name> + <position x="-504.0" y="152.0" /> + <comment /> + <processor> + <id>39492e6c-faf0-3bfa-bd16-51a1f8be4c71</id> + <name>ListenBeats</name> + <position x="-1114.9155421491096" y="263.01449694104195" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.beats.ListenBeats</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-beats-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Local Network Interface</name> </property> <property> - <name>jolt-spec</name> - <value>[{ - "operation": "shift", - "spec": { - "*": { - "json": { - "*": "[&2].&" - }, - "host": { - "name": "[&2].labels.source_host" - }, - "source": "[&1].labels.source" - } - } -}, { - "operation": "shift", - "spec": { - "*": { - "dest_ip":"[&1].destination.ip", - "dest_port":"[&1].destination.port", - "src_ip":"[&1].source.ip", - "src_port":"[&1].source.port", - "*": "[&1].&" - } - } -}]</value> + <name>Port</name> + <value>6100</value> </property> <property> - <name>Transform Cache Size</name> - <value>1</value> + <name>Receive Buffer Size</name> + <value>65507 B</value> </property> <property> - <name>pretty_print</name> - <value>false</value> + <name>Max Size of Message Queue</name> + <value>10000</value> + </property> + <property> + <name>Max Size of Socket Buffer</name> + <value>2 MB</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Max Batch Size</name> + <value>10000</value> + </property> + <property> + <name>Message Delimiter</name> + <value>,\n</value> + </property> + <property> + <name>Max Number of TCP Connections</name> + <value>100</value> + </property> + <property> + <name>SSL_CONTEXT_SERVICE</name> + </property> + <property> + <name>Client Auth</name> + <value>REQUIRED</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> - <id>fd6b6513-51f8-3a96-a764-13bd39ec7f84</id> - <name>Partition records based on event_type</name> - <position x="-382.59400260581754" y="446.9900134408068" /> + <id>ac17155e-32f1-3be8-843e-00877c210519</id> + <name>Prepend [</name> + <position x="-1124.1429683635654" y="475.2240314903287" /> <styles /> <comment /> - <class>org.apache.nifi.processors.standard.PartitionRecord</class> + <class>org.apache.nifi.processors.standard.ReplaceText</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4948,36 +5013,107 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> </property> <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> + <name>Replacement Value</name> + <value>[</value> </property> <property> - <name>event_type</name> - <value>/event_type</value> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Prepend</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> </processor> <processor> - <id>1a038948-9e9a-3523-b899-990077bfd575</id> - <name>Convert timestamp</name> - <position x="-385.7461824498648" y="233.13395543765722" /> + <id>fec43039-de5d-1e3b-850a-5e25d7b93c76</id> + <name>UpdateAttribute</name> + <position x="-1121.584644408096" y="913.629598069974" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Delete Attributes Expression</name> + </property> + <property> + <name>Store State</name> + <value>Do not store state</value> + </property> + <property> + <name>Stateful Variables Initial Value</name> + </property> + <property> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> + </property> + <property> + <name>data_index</name> + <value>logs-uninett-darknet</value> + </property> + <property> + <name>mime.type</name> + <value>application/json</value> + </property> + <property> + <name>enrich_ip2</name> + <value>/ip_dst_addr</value> + </property> + <property> + <name>enrich_ip1</name> + <value>/ip_src_addr</value> + </property> + <property> + <name>TLP</name> + <value>GREEN</value> + </property> + </processor> + <processor> + <id>9027e415-c8cd-355e-af16-0c635f43832f</id> + <name>Convert timestamp and add fields</name> + <position x="-472.77987807459795" y="696.7530680701591" /> <styles /> <comment /> <class>org.apache.nifi.processors.standard.UpdateRecord</class> <bundle> <group>org.apache.nifi</group> <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -4985,7 +5121,7 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> @@ -5003,29 +5139,40 @@ </property> <property> <name>/TLP</name> - <value>AMBER</value> + <value>GREEN</value> + </property> + <property> + <name>/data_type</name> + <value>zeek</value> + </property> + <property> + <name>/data_index</name> + <value>logs-zeek-conn</value> </property> <property> <name>/mime.type</name> <value>application/json</value> </property> + <property> + <name>/data_id</name> + <value>zeek_conn</value> + </property> <property> <name>/timestamp</name> - <value>${field.value:replaceFirst('\+(\d\d)(\d\d)','+$1:$2')}</value> + <value>${field.value:multiply(1000):format('yyyy-MM-dd HH:mm:ss.SSSZ'):replace(' ','T'):replaceFirst('\+(\d\d)(\d\d)','+$1:$2')}</value> </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> </processor> <processor> - <id>46cdd7aa-91f0-307c-90aa-65747e558f25</id> - <name>Add attributes</name> - <position x="-984.0" y="456.0" /> + <id>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</id> + <name>Remove filebeat fields</name> + <position x="-1121.1565561587029" y="706.9002449806696" /> <styles /> <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <class>org.apache.nifi.processors.jolt.record.JoltTransformRecord</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-jolt-record-nar</artifact> + <version>1.11.4</version> </bundle> <maxConcurrentTasks>1</maxConcurrentTasks> <schedulingPeriod>0 sec</schedulingPeriod> @@ -5033,5925 +5180,588 @@ <yieldPeriod>1 sec</yieldPeriod> <bulletinLevel>WARN</bulletinLevel> <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> <executionNode>ALL</executionNode> <runDurationNanos>0</runDurationNanos> <property> - <name>Delete Attributes Expression</name> + <name>jolt-record-record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> </property> <property> - <name>Store State</name> - <value>Do not store state</value> + <name>jolt-record-record-writer</name> + <value>17b30955-5464-3709-8a32-69a459850cfa</value> </property> <property> - <name>Stateful Variables Initial Value</name> + <name>jolt-record-transform</name> + <value>jolt-transform-chain</value> </property> <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> + <name>jolt-record-custom-class</name> </property> <property> - <name>data_id</name> - <value>suricata-${event_type}</value> + <name>jolt-record-custom-modules</name> </property> <property> - <name>data_index</name> - <value>logs-${beats.sender:substringBeforeLast('/'):substringBeforeLast('.'):substringAfterLast('.')}-suricata-${event_type}</value> + <name>jolt-record-spec</name> + <value>[ + { + "operation": "shift", + "spec": { + "json": { + "ts": "timestamp", + "*": { + "@": "&" + } + }, + "host": { + "name": "host" + }, + "source": "source" + } + },{ + "operation" : "modify-overwrite-beta", + "spec" : + { + "timestamp": "=toString" + } + } +]</value> </property> <property> - <name>data_type</name> - <value>suricata</value> + <name>jolt-record-transform-cache-size</name> + <value>1</value> </property> + <autoTerminatedRelationship>original</autoTerminatedRelationship> + </processor> + <processor> + <id>06501f48-82c7-3c36-b99c-7368a322608b</id> + <name>Append ]</name> + <position x="-465.8393574027825" y="478.1159738496917" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> <property> - <name>enrich_ip2</name> - <value>/destination/ip</value> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> </property> <property> - <name>enrich_ip1</name> - <value>/source/ip</value> + <name>Replacement Value</name> + <value>]</value> </property> <property> - <name>TLP</name> - <value>AMBER</value> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Append</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> </property> </processor> - <inputPort> - <id>8d13c952-0175-1000-0000-00007e8f4cae</id> - <name>Input</name> - <position x="-928.0" y="16.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> <outputPort> - <id>055308a4-d020-39a9-9da4-b165796ef717</id> + <id>a28a9e95-1003-3ea6-9af6-a334c1aec07c</id> <name>To enrichment</name> - <position x="-928.0" y="1208.0" /> + <position x="-1065.7090714972117" y="1164.8389289189608" /> <comments /> - <scheduledState>RUNNING</scheduledState> + <scheduledState>STOPPED</scheduledState> </outputPort> - <processGroup> - <id>8d1afcd0-0175-1000-ffff-ffffb3690a74</id> - <name>TLS events</name> - <position x="-384.0" y="872.0" /> + <funnel> + <id>06521038-335b-3139-839d-ab43a013ce03</id> + <position x="-1557.869726298236" y="758.8984861527665" /> + </funnel> + <funnel> + <id>c8c0a13d-0170-1000-ffff-ffff874141fa</id> + <position x="248.5321508445502" y="703.4412774751572" /> + </funnel> + <connection> + <id>216d4dcf-f425-33d0-a5c1-5cdf1402162e</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>06501f48-82c7-3c36-b99c-7368a322608b</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>3c739604-b69c-3e86-ba4c-a4739078837c</id> + <name /> + <bendPoints /> + <labelIndex>0</labelIndex> + <zIndex>0</zIndex> + <sourceId>9027e415-c8cd-355e-af16-0c635f43832f</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c8c0a13d-0170-1000-ffff-ffff874141fa</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>295b97b9-1291-3a83-8191-78a300d0feaa</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>39492e6c-faf0-3bfa-bd16-51a1f8be4c71</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>ac17155e-32f1-3be8-843e-00877c210519</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c8be8213-0170-1000-0000-0000695bc36c</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>fec43039-de5d-1e3b-850a-5e25d7b93c76</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>a28a9e95-1003-3ea6-9af6-a334c1aec07c</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>a056b363-8398-3877-8750-1bc9dcb9b1cd</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>ac17155e-32f1-3be8-843e-00877c210519</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>06501f48-82c7-3c36-b99c-7368a322608b</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>ee8556df-9826-3d45-82de-5c1c876db435</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>06521038-335b-3139-839d-ab43a013ce03</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>2d0f222e-d08e-31fd-b5e1-1ce178368e4c</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>9027e415-c8cd-355e-af16-0c635f43832f</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>ed8609a1-bd09-391e-831b-1ab5b53a5049</id> + <name /> + <bendPoints /> + <labelIndex>0</labelIndex> + <zIndex>0</zIndex> + <sourceId>06501f48-82c7-3c36-b99c-7368a322608b</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c8c0a13d-0170-1000-ffff-ffff874141fa</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c8be6e60-0170-1000-ffff-ffffe34d52ef</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>9027e415-c8cd-355e-af16-0c635f43832f</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>fec43039-de5d-1e3b-850a-5e25d7b93c76</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>2a6e865b-4b36-3807-8bd7-eb2f39f95d4f</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>ac17155e-32f1-3be8-843e-00877c210519</sourceId> + <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>06521038-335b-3139-839d-ab43a013ce03</destinationId> + <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + </processGroup> + <processGroup> + <id>b3d57504-7c06-37a3-b59b-8723f60fa728</id> + <name>Test data</name> + <position x="-496.0" y="552.0" /> + <comment /> + <outputPort> + <id>d30dc946-251a-307c-8e88-f2262b0bb194</id> + <name>To enrichment</name> + <position x="731.0454088698874" y="433.2315817172085" /> + <comments /> + <scheduledState>RUNNING</scheduledState> + </outputPort> + <processGroup> + <id>0c83ef26-0175-1000-ffff-ffffcac37910</id> + <name>Suricata</name> + <position x="462.0553417896858" y="119.99261716112323" /> + <comment /> + <processor> + <id>bb7dc9ff-2d25-3134-9617-cca3cabe9179</id> + <name>Alerts</name> + <position x="496.0" y="392.0" /> + <styles /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>9279850b-0175-1000-0000-00001e74d182</id> - <name>Copy SNI</name> - <position x="504.0" y="320.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>record-path-value</value> - </property> - <property> - <name>/tls/sni_length</name> - <value>/tls/sni</value> - </property> - <property> - <name>/tls/sni_domain_length</name> - <value>/tls/sni</value> - </property> - <property> - <name>/tls/sni_domain</name> - <value>/tls/sni</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>349b3279-a821-1197-aaa6-7e5472dccbef</id> - <name>Add sni_domain ++</name> - <position x="504.0" y="544.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/tls/sni_length</name> - <value>${field.value:length():toNumber()}</value> - </property> - <property> - <name>/tls/sni_domain_length</name> - <value>${field.value:substringBeforeLast('.'):substringAfterLast('.'):append(${field.value:substringAfterLast('.'):prepend('.')}):length():toNumber()}</value> - </property> - <property> - <name>/tls/sni_domain</name> - <value>${field.value:substringBeforeLast('.'):substringAfterLast('.'):append(${field.value:substringAfterLast('.'):prepend('.')})}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>349b3291-a821-1197-0000-000032560c6a</id> - <name>Specify enrichment fields</name> - <position x="504.0" y="752.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>enrich_domain1</name> - <value>/tls/sni_domain</value> - </property> - <property> - <name>enrich_fqdn1</name> - <value>/tls/sni</value> - </property> - </processor> - <inputPort> - <id>92795a59-0175-1000-ffff-ffff89bc5f21</id> - <name>Input</name> - <position x="552.9999060626994" y="144.00001181679164" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>349b32d8-a821-1197-0000-000025a75a3b</id> - <name>Output</name> - <position x="552.0" y="976.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>9279996e-0175-1000-0000-000037fbed8b</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>92795a59-0175-1000-ffff-ffff89bc5f21</sourceId> - <sourceGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>9279850b-0175-1000-0000-00001e74d182</destinationId> - <destinationGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b3297-a821-1197-0000-0000717807b6</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>349b3279-a821-1197-aaa6-7e5472dccbef</sourceId> - <sourceGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>349b3291-a821-1197-0000-000032560c6a</destinationId> - <destinationGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b327f-a821-1197-ffff-ffff8946a863</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>9279850b-0175-1000-0000-00001e74d182</sourceId> - <sourceGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>349b3279-a821-1197-aaa6-7e5472dccbef</destinationId> - <destinationGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b32da-a821-1197-0000-000047979e25</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>349b3291-a821-1197-0000-000032560c6a</sourceId> - <sourceGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>349b32d8-a821-1197-0000-000025a75a3b</destinationId> - <destinationGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>8d1ad21f-0175-1000-0000-00003c540411</id> - <name>DNS events</name> - <position x="-1000.0" y="872.0" /> + <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>10 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>File Size</name> + <value>0B</value> + </property> + <property> + <name>Batch Size</name> + <value>1</value> + </property> + <property> + <name>Data Format</name> + <value>Text</value> + </property> + <property> + <name>Unique FlowFiles</name> + <value>false</value> + </property> + <property> + <name>generate-ff-custom-text</name> + <value>[{"stream": 0,"flow": {"bytes_toserver": 74,"bytes_toclient": 0,"start": "${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","pkts_toserver": 1,"pkts_toclient": 0},"vlan": 665,"ip_dst_port": 54323,"in_iface": "ens1f3","payload": "","timestamp": "${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","proto": "TCP","event_type": "alert","alert": {"category": "Not Suspicious Traffic","severity": 3,"action": "allowed","gid": 1,"signature_id": 29999991,"rev": 1,"signature": "SOC TEST1"},"payload_printable": "","ip_src_addr": "10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","ip_src_port": 43844,"ip_dst_addr": "10.0.0.${random():mod(254):plus(1)}","host":"nifi.soctools.geant.org","host_domain":"geant.org"}, +{"timestamp":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","alert":{"action":"allowed","category":"Potentially Bad Traffic","gid":1,"metadata":{"affected_product":["Any"],"attack_target":["Client_Endpoint"],"created_at":["2019_07_26"],"deployment":["Perimeter"],"former_category":["DNS"],"signature_severity":["Minor"],"updated_at":["2019_09_28"]},"rev":3,"severity":2,"signature":"ET DNS Query for .cc TLD","signature_id":2027758},"app_proto":"dns","destination":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":53},"dns":{"query":[{"id":37261,"rrname":"static.arduino.cc","rrtype":"A","tx_id":2,"type":"query"}]},"event_type":"alert","flow":{"bytes_toclient":1039,"bytes_toserver":343,"pkts_toclient":2,"pkts_toserver":3,"start":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}"},"flow_id":1889254052511234,"in_iface":"if1","payload":"kY0BAAABAAAAAAABBnN0YXRpYwdhcmR1aW5vAmNjAAABAAEAACkPoAAAgAAAAA==","payload_printable":".............static.arduino.cc.......)........","proto":"UDP","source":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":64164},"stream":0,"tx_id":2}, +{"timestamp":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","TLP":"AMBER","alert":{"action":"allowed","category":"Attempted Information Leak","gid":1,"metadata":{"created_at":["2014_10_15"],"former_category":["CURRENT_EVENTS"],"updated_at":["2014_10_15"]},"rev":6,"severity":2,"signature":"ET EXPLOIT SSL excessive fatal alerts (possible POODLE attack against server)","signature_id":2019418},"app_proto":"tls","destination":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":37220},"event_type":"alert","flow":{"bytes_toclient":247,"bytes_toserver":298,"pkts_toclient":4,"pkts_toserver":4,"start":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}"},"flow_id":43047386649621,"payload":"FQMAAAICKA==","payload_printable":"......(","proto":"TCP","source":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":443},"stream":1,"tls":{"ja3":{},"version":"SSLv3"},"tx_id":0}] +</value> + </property> + <property> + <name>character-set</name> + <value>UTF-8</value> + </property> + <property> + <name>mime.type</name> + <value>application/json</value> + </property> + <property> + <name>enrich_domain1</name> + <value>/host_domain</value> + </property> + <property> + <name>enrich_ip1</name> + <value>/source/ip</value> + </property> + <property> + <name>enrich_fqdn1</name> + <value>/host</value> + </property> + <property> + <name>data_id</name> + <value>suricata_alert</value> + </property> + <property> + <name>data_index</name> + <value>logs-suricata-alert</value> + </property> + <property> + <name>data_type</name> + <value>suricata</value> + </property> + <property> + <name>enrich_ip2</name> + <value>/destination/ip</value> + </property> + </processor> + <processor> + <id>f8143c19-b547-1c84-90b7-2e3c37a659e7</id> + <name>TLS</name> + <position x="496.0" y="536.0" /> + <styles /> <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>8d37fe91-0175-1000-ffff-ffffb5c4de34</id> - <name>Add rrname_domain++</name> - <position x="1056.0" y="568.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/dns/rrname_domain</name> - <value>${field.value:substringBeforeLast('.'):substringAfterLast('.'):append(${field.value:substringAfterLast('.'):prepend('.')})}</value> - </property> - <property> - <name>/dns/rrname_length</name> - <value>${field.value:length():toNumber()}</value> - </property> - <property> - <name>/dns/rrname_domain_length</name> - <value>${field.value:substringBeforeLast('.'):substringAfterLast('.'):append(${field.value:substringAfterLast('.'):prepend('.')}):length():toNumber()}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>8d312ef9-0175-1000-ffff-fffff23bbb0c</id> - <name>Route on DNS type</name> - <position x="1056.0" y="128.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Routing Strategy</name> - <value>Route to Property name</value> - </property> - <property> - <name>answer</name> - <value>${type:contains("answer")}</value> - </property> - </processor> - <processor> - <id>8d2262f6-0175-1000-0000-000029eaa6ef</id> - <name>Partition on dns message type</name> - <position x="432.0" y="136.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.PartitionRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>type</name> - <value>/dns/type</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> - </processor> - <processor> - <id>8d36474f-0175-1000-0000-00003a8dd2d0</id> - <name>UpdateAttribute</name> - <position x="1056.0" y="768.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>enrich_domain1</name> - <value>/dns/rrname_domain</value> - </property> - <property> - <name>enrich_fqdn1</name> - <value>/dns/rrname</value> - </property> - </processor> - <processor> - <id>8d34409e-0175-1000-ffff-ffff99eb371d</id> - <name>Extract rrname_domain++</name> - <position x="1056.0" y="368.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/dns/rrname_domain</name> - <value>/dns/rrname</value> - </property> - <property> - <name>/dns/rrname_length</name> - <value>/dns/rrname</value> - </property> - <property> - <name>/dns/rrname_domain_length</name> - <value>/dns/rrname</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>8d212c22-0175-1000-ffff-fffffbc39157</id> - <name>Input</name> - <position x="488.0" y="0.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>8d211b58-0175-1000-0000-000003eb5f3b</id> - <name>Output</name> - <position x="448.0" y="808.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>8d3979b7-0175-1000-ffff-ffffe2efe898</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d37fe91-0175-1000-ffff-ffffb5c4de34</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d36474f-0175-1000-0000-00003a8dd2d0</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d3afc9a-0175-1000-ffff-ffffe1ef144c</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d36474f-0175-1000-0000-00003a8dd2d0</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d211b58-0175-1000-0000-000003eb5f3b</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d30f240-0175-1000-ffff-ffffa4cc8a58</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d212c22-0175-1000-ffff-fffffbc39157</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>8d2262f6-0175-1000-0000-000029eaa6ef</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d3b1d93-0175-1000-ffff-ffffe953d6b9</id> - <name /> - <bendPoints> - <bendPoint x="568.0" y="400.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d312ef9-0175-1000-ffff-fffff23bbb0c</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d211b58-0175-1000-0000-000003eb5f3b</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>unmatched</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d3821ce-0175-1000-0000-000046a72d11</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d34409e-0175-1000-ffff-ffff99eb371d</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d37fe91-0175-1000-ffff-ffffb5c4de34</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d3281c3-0175-1000-ffff-ffffed50fa50</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d2262f6-0175-1000-0000-000029eaa6ef</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d312ef9-0175-1000-ffff-fffff23bbb0c</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d3485f4-0175-1000-0000-0000175959ff</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d312ef9-0175-1000-ffff-fffff23bbb0c</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d34409e-0175-1000-ffff-ffff99eb371d</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>answer</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <connection> - <id>349b32bb-a821-1197-ffff-ffff81dc7ff2</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d1bef35-0175-1000-0000-0000746fa33d</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>92795a59-0175-1000-ffff-ffff89bc5f21</destinationId> - <destinationGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>tls</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d19c8d7-0175-1000-ffff-ffffe3aa385d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>1a038948-9e9a-3523-b899-990077bfd575</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>46cdd7aa-91f0-307c-90aa-65747e558f25</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d13df9c-0175-1000-0000-0000562b802e</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d13c952-0175-1000-0000-00007e8f4cae</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>24e1d8ed-10f4-3b46-958c-f2fb676e3192</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>f9a8aee6-502f-3eb9-8806-8964276d4ca0</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>24e1d8ed-10f4-3b46-958c-f2fb676e3192</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>1a038948-9e9a-3523-b899-990077bfd575</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d2364b0-0175-1000-ffff-ffffa2a4601f</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d1bef35-0175-1000-0000-0000746fa33d</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d212c22-0175-1000-ffff-fffffbc39157</destinationId> - <destinationGroupId>8d1ad21f-0175-1000-0000-00003c540411</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>dns</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d1a6818-0175-1000-ffff-ffffeebd7e98</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>46cdd7aa-91f0-307c-90aa-65747e558f25</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>fd6b6513-51f8-3a96-a764-13bd39ec7f84</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b32e1-a821-1197-0000-00000d7cca30</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>349b32d8-a821-1197-0000-000025a75a3b</sourceId> - <sourceGroupId>8d1afcd0-0175-1000-ffff-ffffb3690a74</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>055308a4-d020-39a9-9da4-b165796ef717</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d1c1701-0175-1000-ffff-fffff7364622</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>fd6b6513-51f8-3a96-a764-13bd39ec7f84</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d1bef35-0175-1000-0000-0000746fa33d</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>9266feff-0175-1000-ffff-ffff8c7d68c1</id> - <name /> - <bendPoints> - <bendPoint x="-1208.0" y="952.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d1bef35-0175-1000-0000-0000746fa33d</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>055308a4-d020-39a9-9da4-b165796ef717</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>unmatched</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>9266e0c5-0175-1000-0000-00006aafc0f8</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8d211b58-0175-1000-0000-000003eb5f3b</sourceId> - <sourceGroupId>8d1ad21f-0175-1000-0000-00003c540411</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>055308a4-d020-39a9-9da4-b165796ef717</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</id> - <name>Mysql</name> - <position x="-440.0" y="1272.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>14453e90-7646-1485-ffff-ffff81f3c683</id> - <name>Add header</name> - <position x="344.0" y="-8.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ReplaceText</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Regular Expression</name> - <value>(?s)(^.*$)</value> - </property> - <property> - <name>Replacement Value</name> - <value>timestamp,serverhost,username,host,connectionid,queryid,operation,database,object,retcode -</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>Maximum Buffer Size</name> - <value>1 MB</value> - </property> - <property> - <name>Replacement Strategy</name> - <value>Prepend</value> - </property> - <property> - <name>Evaluation Mode</name> - <value>Entire text</value> - </property> - <property> - <name>Line-by-Line Evaluation Mode</name> - <value>All</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>e0bd3907-2d13-1407-b2dd-48591e65e59d</id> - <name>UpdateRecord</name> - <position x="-336.0" y="416.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/event_type</name> - <value>log</value> - </property> - <property> - <name>/labels/source_host</name> - <value>${source_host}</value> - </property> - <property> - <name>/timestamp</name> - <value>${field.value:toDate('yyMMdd HH:mm:ss'):format("yyyy-MM-dd'T'HH:mm:ss.SSSXXX")}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>50813f6b-a5f6-1a98-8ae4-115134714332</id> - <name>UpdateRecord</name> - <position x="352.0" y="472.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/event_type</name> - <value>audit</value> - </property> - <property> - <name>/labels/source_host</name> - <value>${source_host}</value> - </property> - <property> - <name>/timestamp</name> - <value>${field.value:toDate('yyyyMMdd HH:mm:ss'):format("yyyy-MM-dd'T'HH:mm:ss.SSSXXX")}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>e4353681-23e9-15af-0000-000032ea35e3</id> - <name>RouteOnAttribute</name> - <position x="-352.0" y="0.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Routing Strategy</name> - <value>Route to Property name</value> - </property> - <property> - <name>audit</name> - <value>${source_file:contains("audit")}</value> - </property> - </processor> - <processor> - <id>f92d3f77-958a-1344-bd3b-7c93457e5c12</id> - <name>Extract message</name> - <position x="-360.0" y="-216.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>bc8e5957-0175-1000-0000-00003346421d</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>true</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>92693a34-99da-1004-adfb-bdf4aa7e1c30</id> - <name>Convert to json</name> - <position x="352.0" y="240.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>14453a95-7646-1485-0000-00002c675762</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>false</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>48723b8e-fae0-14e6-afdc-85c239646dc0</id> - <name>UpdateAttribute</name> - <position x="-320.0" y="648.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-mysql</value> - </property> - <property> - <name>enrich_ip1</name> - <value>/client.ip</value> - </property> - </processor> - <processor> - <id>14453a41-7646-1485-b398-28f819de4a45</id> - <name>Convert to json</name> - <position x="-336.0" y="200.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>70ea12d7-0176-1000-ffff-ffffee2ee306</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>false</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>7f683020-779c-1bc9-85da-5bad079d5d9d</id> - <name>Input</name> - <position x="-312.0" y="-336.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>bcbb33ba-112e-1f53-8982-d5ae9f0e701f</id> - <name>Output</name> - <position x="-256.0" y="960.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>14453eaa-7646-1485-0000-000070b97065</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>14453e90-7646-1485-ffff-ffff81f3c683</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>92693a34-99da-1004-adfb-bdf4aa7e1c30</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>e43535a1-23e9-15af-9f98-2061dd6f97d6</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>92693a34-99da-1004-adfb-bdf4aa7e1c30</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>50813f6b-a5f6-1a98-8ae4-115134714332</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>70e77065-0176-1000-0000-00001479fdf4</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e0bd3907-2d13-1407-b2dd-48591e65e59d</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>48723b8e-fae0-14e6-afdc-85c239646dc0</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>cf95350a-de6c-1a4b-8183-8f9cfa11449a</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>7f683020-779c-1bc9-85da-5bad079d5d9d</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>f92d3f77-958a-1344-bd3b-7c93457e5c12</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>14453fcf-7646-1485-ffff-ffff952df142</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e4353681-23e9-15af-0000-000032ea35e3</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>14453e90-7646-1485-ffff-ffff81f3c683</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>audit</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>3e21311d-dc5c-143f-b39e-d8fb8c9fd36d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>50813f6b-a5f6-1a98-8ae4-115134714332</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>48723b8e-fae0-14e6-afdc-85c239646dc0</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>14453a4b-7646-1485-ffff-fffffc8f5285</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e4353681-23e9-15af-0000-000032ea35e3</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>14453a41-7646-1485-b398-28f819de4a45</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>unmatched</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>7fe931b3-82b3-1699-b49a-d380dd14a5b8</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>48723b8e-fae0-14e6-afdc-85c239646dc0</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bcbb33ba-112e-1f53-8982-d5ae9f0e701f</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>a35e3744-5906-1ee9-abc4-205356ca01d1</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>f92d3f77-958a-1344-bd3b-7c93457e5c12</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>e4353681-23e9-15af-0000-000032ea35e3</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>70e8f3cb-0176-1000-0000-00006d2cdbf5</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>14453a41-7646-1485-b398-28f819de4a45</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>e0bd3907-2d13-1407-b2dd-48591e65e59d</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>5d04357e-423c-1ab5-a7a4-44565abfed7f</id> - <name>Haproxy</name> - <position x="-448.0" y="664.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>c9763c4c-7186-1460-871a-b5fd00ca3241</id> - <name>UpdateRecord</name> - <position x="352.0" y="472.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/labels/source_host</name> - <value>${source_host}</value> - </property> - <property> - <name>/timestamp</name> - <value>${field.value:toDate('dd/MMM/yyyy:HH:mm:ss.SSS'):format("yyyy-MM-dd'T'HH:mm:ss.SSSXXX")}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>e4c8356d-54ad-15b5-94fe-799d9465aa51</id> - <name>Extract message</name> - <position x="352.0" y="280.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>bc8e5957-0175-1000-0000-00003346421d</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>true</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>f6e63fd3-6150-1d72-a58a-46b43bc5d5c2</id> - <name>Convert to json</name> - <position x="1064.0" y="272.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>56ebe0aa-0176-1000-ffff-ffffbd212f01</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>false</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>7fbd38e8-60a2-1503-8a6c-ffc6b156b3b0</id> - <name>UpdateAttribute</name> - <position x="1072.0" y="472.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-haproxy</value> - </property> - <property> - <name>enrich_ip1</name> - <value>/client.ip</value> - </property> - </processor> - <inputPort> - <id>65a33e05-e157-1bfc-8741-adf11b3df720</id> - <name>Input</name> - <position x="397.9999517774115" y="110.99999315685733" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>328b35e2-eb52-1f47-b84d-52941eff8a07</id> - <name>Output</name> - <position x="1120.0" y="808.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>960f3ac9-95dc-103d-a70a-ca3b070851a4</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>7fbd38e8-60a2-1503-8a6c-ffc6b156b3b0</sourceId> - <sourceGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>328b35e2-eb52-1f47-b84d-52941eff8a07</destinationId> - <destinationGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>0ecb3e12-768e-1896-a850-2a2bec52eb95</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>c9763c4c-7186-1460-871a-b5fd00ca3241</sourceId> - <sourceGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>7fbd38e8-60a2-1503-8a6c-ffc6b156b3b0</destinationId> - <destinationGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>b5d43cea-5555-10b0-b75f-b88a95e9c6aa</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>65a33e05-e157-1bfc-8741-adf11b3df720</sourceId> - <sourceGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>e4c8356d-54ad-15b5-94fe-799d9465aa51</destinationId> - <destinationGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>484a3eab-4af3-11cd-abe2-d5ee6fc1a291</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e4c8356d-54ad-15b5-94fe-799d9465aa51</sourceId> - <sourceGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>f6e63fd3-6150-1d72-a58a-46b43bc5d5c2</destinationId> - <destinationGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>39ef3a2d-874e-11a6-87be-0b3582fa43de</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>f6e63fd3-6150-1d72-a58a-46b43bc5d5c2</sourceId> - <sourceGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c9763c4c-7186-1460-871a-b5fd00ca3241</destinationId> - <destinationGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>7263390f-914c-1f6e-9451-75f908ed8816</id> - <name>Elasticsearch</name> - <position x="-1904.0" y="488.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>295133bd-42e6-1b08-80c5-bea2e19921fc</id> - <name>UpdateAttribute</name> - <position x="360.0" y="600.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-elasticsearch</value> - </property> - </processor> - <inputPort> - <id>39ce3238-1ebd-1c2c-b724-01d18f147b6f</id> - <name>Input</name> - <position x="408.0" y="320.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>bbc63756-9681-13b9-8c07-20c82f62ceca</id> - <name>Output</name> - <position x="408.0" y="920.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>15e0341e-6dd3-172a-b2b5-8f1d5740fea1</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>39ce3238-1ebd-1c2c-b724-01d18f147b6f</sourceId> - <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>295133bd-42e6-1b08-80c5-bea2e19921fc</destinationId> - <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>af99379e-bf26-19c5-bd70-bd6d405fb0b7</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>295133bd-42e6-1b08-80c5-bea2e19921fc</sourceId> - <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bbc63756-9681-13b9-8c07-20c82f62ceca</destinationId> - <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</id> - <name>Keycloak</name> - <position x="-440.0" y="1064.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>8e17350e-583e-1130-8ec7-bd2dc5d4f361</id> - <name>UpdateAttribute</name> - <position x="344.0" y="736.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-keycloak</value> - </property> - </processor> - <processor> - <id>fbbe3f9c-5336-11c9-0000-00003ab5dde5</id> - <name>Fix timestamp</name> - <position x="352.0" y="480.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.jolt.record.JoltTransformRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-jolt-record-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>jolt-record-record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>jolt-record-record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>jolt-record-transform</name> - <value>jolt-transform-chain</value> - </property> - <property> - <name>jolt-record-custom-class</name> - </property> - <property> - <name>jolt-record-custom-modules</name> - </property> - <property> - <name>jolt-record-spec</name> - <value>[ - { - "operation": "shift", - "spec": { - "timestamp": { - "1": "timestamp" - }, - "*": "&" - } - } -]</value> - </property> - <property> - <name>jolt-record-transform-cache-size</name> - <value>1</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> - </processor> - <inputPort> - <id>10cb3b64-e867-1d81-bd59-eb9cf6883f24</id> - <name>Input</name> - <position x="408.0" y="320.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>84dc3511-1322-175b-8083-9729037f8edb</id> - <name>Output</name> - <position x="392.0" y="984.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>fbbe3fbf-5336-11c9-ffff-ffffb7c3576e</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>fbbe3f9c-5336-11c9-0000-00003ab5dde5</sourceId> - <sourceGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8e17350e-583e-1130-8ec7-bd2dc5d4f361</destinationId> - <destinationGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>50c83129-28e1-1d45-bafe-912df3cdf284</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>10cb3b64-e867-1d81-bd59-eb9cf6883f24</sourceId> - <sourceGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>fbbe3f9c-5336-11c9-0000-00003ab5dde5</destinationId> - <destinationGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>fbbe3ede-5336-11c9-8870-deb7fffd14ae</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8e17350e-583e-1130-8ec7-bd2dc5d4f361</sourceId> - <sourceGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>84dc3511-1322-175b-8083-9729037f8edb</destinationId> - <destinationGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>83691174-683f-3c7c-8526-8fc00397aee1</id> - <name>Zeek</name> - <position x="-448.0" y="464.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>fec43039-de5d-1e3b-850a-5e25d7b93c76</id> - <name>UpdateAttribute</name> - <position x="-1121.584644408096" y="913.629598069974" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-uninett-darknet</value> - </property> - <property> - <name>mime.type</name> - <value>application/json</value> - </property> - <property> - <name>enrich_ip2</name> - <value>/destination/ip</value> - </property> - <property> - <name>enrich_ip1</name> - <value>/source/ip</value> - </property> - <property> - <name>TLP</name> - <value>AMBER</value> - </property> - </processor> - <processor> - <id>9027e415-c8cd-355e-af16-0c635f43832f</id> - <name>Convert timestamp and add fields</name> - <position x="-472.77987807459795" y="696.7530680701591" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/data_type</name> - <value>zeek</value> - </property> - <property> - <name>/data_index</name> - <value>logs-zeek-conn</value> - </property> - <property> - <name>/data_id</name> - <value>zeek_conn</value> - </property> - <property> - <name>/timestamp</name> - <value>${field.value:multiply(1000):format('yyyy-MM-dd HH:mm:ss.SSSZ'):replace(' ','T'):replaceFirst('\+(\d\d)(\d\d)','+$1:$2')}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</id> - <name>Normalize fields</name> - <position x="-1121.1565561587029" y="706.9002449806696" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.jolt.record.JoltTransformRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-jolt-record-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>jolt-record-record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>jolt-record-record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>jolt-record-transform</name> - <value>jolt-transform-chain</value> - </property> - <property> - <name>jolt-record-custom-class</name> - </property> - <property> - <name>jolt-record-custom-modules</name> - </property> - <property> - <name>jolt-record-spec</name> - <value>[{ - "operation": "modify-overwrite-beta", - "spec": { - "*": "=recursivelySquashNulls" - } - },{ - "operation": "shift", - "spec": { - "*": { - "json": { - "*": "[&2].&" - }, - "host": { - "name": "[&2].labels.source_host" - }, - "source": "[&1].labels.source" - } - } -}, { - "operation": "shift", - "spec": { - "*": { - "ts": "[&1].timestamp", - "id.resp_h":"[&1].destination.ip", - "id.resp_p":"[&1].destination.port", - "id.orig_h":"[&1].source.ip", - "id.orig_p":"[&1].source.port", - "*": "[&1].&" - } - } -}, { - "operation": "modify-overwrite-beta", - "spec": { - "*": { - "timestamp": "=toString" - } - } -}]</value> - </property> - <property> - <name>jolt-record-transform-cache-size</name> - <value>1</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> - </processor> - <inputPort> - <id>349b3362-a821-1197-ffff-ffff91d0e6c0</id> - <name>Input</name> - <position x="-1072.0" y="520.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>a28a9e95-1003-3ea6-9af6-a334c1aec07c</id> - <name>To enrichment</name> - <position x="-1065.7090714972117" y="1164.8389289189608" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>c8be8213-0170-1000-0000-0000695bc36c</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>fec43039-de5d-1e3b-850a-5e25d7b93c76</sourceId> - <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>a28a9e95-1003-3ea6-9af6-a334c1aec07c</destinationId> - <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>2d0f222e-d08e-31fd-b5e1-1ce178368e4c</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</sourceId> - <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>9027e415-c8cd-355e-af16-0c635f43832f</destinationId> - <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>c8be6e60-0170-1000-ffff-ffffe34d52ef</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>9027e415-c8cd-355e-af16-0c635f43832f</sourceId> - <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>fec43039-de5d-1e3b-850a-5e25d7b93c76</destinationId> - <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b3364-a821-1197-0000-000063d0c208</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>349b3362-a821-1197-ffff-ffff91d0e6c0</sourceId> - <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>3bf497f2-3aed-3465-b91c-72ef6e53f0ea</destinationId> - <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>31b13b40-8e26-1798-9777-2272881c6031</id> - <name>Zookeeper</name> - <position x="-440.0" y="1488.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>b09b367b-060f-1e74-9a96-ca5ba5f88858</id> - <name>UpdateRecord</name> - <position x="352.0" y="472.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UpdateRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>replacement-value-strategy</name> - <value>literal-value</value> - </property> - <property> - <name>/labels/source_host</name> - <value>${source_host}</value> - </property> - <property> - <name>/timestamp</name> - <value>${field.value:toDate('yyyy-MM-dd HH:mm:ss,SSS'):format("yyyy-MM-dd'T'HH:mm:ss.SSSXXX")}</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>dd3b361c-4e9c-158c-ba31-61006a0b21b7</id> - <name>UpdateAttribute</name> - <position x="1072.0" y="472.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-zookeeper</value> - </property> - </processor> - <processor> - <id>4b1c38b7-8f98-1a81-96c9-17e3eccc45b2</id> - <name>Extract message</name> - <position x="352.0" y="280.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>record-writer</name> - <value>bc8e5957-0175-1000-0000-00003346421d</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>true</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>38f03e95-db26-1287-be1a-4218f647596a</id> - <name>Convert to json</name> - <position x="1064.0" y="272.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ConvertRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>record-reader</name> - <value>7504a565-0176-1000-ffff-ffff9c0f0741</value> - </property> - <property> - <name>record-writer</name> - <value>17b30955-5464-3709-8a32-69a459850cfa</value> - </property> - <property> - <name>include-zero-record-flowfiles</name> - <value>false</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>a77d3c33-9575-1926-b230-9cf1fca55e7e</id> - <name>Input</name> - <position x="397.9999517774115" y="110.99999315685733" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>f1e73393-065a-1450-9ad0-fd7cdb57853f</id> - <name>Output</name> - <position x="1120.0" y="808.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>4b353d86-8a69-1ca1-bc1c-8db0049f5886</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>38f03e95-db26-1287-be1a-4218f647596a</sourceId> - <sourceGroupId>31b13b40-8e26-1798-9777-2272881c6031</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>b09b367b-060f-1e74-9a96-ca5ba5f88858</destinationId> - <destinationGroupId>31b13b40-8e26-1798-9777-2272881c6031</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>b05339e8-7bbc-1975-a9b2-4bc789dda2df</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>a77d3c33-9575-1926-b230-9cf1fca55e7e</sourceId> - <sourceGroupId>31b13b40-8e26-1798-9777-2272881c6031</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>4b1c38b7-8f98-1a81-96c9-17e3eccc45b2</destinationId> - <destinationGroupId>31b13b40-8e26-1798-9777-2272881c6031</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>5d6f3995-2075-11db-ba4b-1b76e1ed6473</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>b09b367b-060f-1e74-9a96-ca5ba5f88858</sourceId> - <sourceGroupId>31b13b40-8e26-1798-9777-2272881c6031</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>dd3b361c-4e9c-158c-ba31-61006a0b21b7</destinationId> - <destinationGroupId>31b13b40-8e26-1798-9777-2272881c6031</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>2a0131b7-9c0d-157d-a9ac-abd12398f2a8</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>4b1c38b7-8f98-1a81-96c9-17e3eccc45b2</sourceId> - <sourceGroupId>31b13b40-8e26-1798-9777-2272881c6031</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>38f03e95-db26-1287-be1a-4218f647596a</destinationId> - <destinationGroupId>31b13b40-8e26-1798-9777-2272881c6031</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>5a2e3db4-49d3-187d-9db9-3f0b48a2c6af</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>dd3b361c-4e9c-158c-ba31-61006a0b21b7</sourceId> - <sourceGroupId>31b13b40-8e26-1798-9777-2272881c6031</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>f1e73393-065a-1450-9ad0-fd7cdb57853f</destinationId> - <destinationGroupId>31b13b40-8e26-1798-9777-2272881c6031</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>f0f934a9-853a-1a19-a9cc-f878a5606bce</id> - <name>Kibana</name> - <position x="-440.0" y="864.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>992c3710-1c87-169c-ab17-d2597387a25e</id> - <name>UpdateAttribute</name> - <position x="360.0" y="512.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>data_index</name> - <value>logs-kibana</value> - </property> - </processor> - <inputPort> - <id>a22b30c4-53f8-19c0-bdbb-0632e99a17d9</id> - <name>Input</name> - <position x="408.0" y="320.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <outputPort> - <id>887c36a6-39d6-1b60-8a83-d4d10ea7e03b</id> - <name>Output</name> - <position x="408.0" y="760.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>cc403fb4-8d68-1c68-82c3-b9af4affddaa</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>a22b30c4-53f8-19c0-bdbb-0632e99a17d9</sourceId> - <sourceGroupId>f0f934a9-853a-1a19-a9cc-f878a5606bce</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>992c3710-1c87-169c-ab17-d2597387a25e</destinationId> - <destinationGroupId>f0f934a9-853a-1a19-a9cc-f878a5606bce</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>b9e33c29-910f-134a-8390-2970800d7fcf</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>992c3710-1c87-169c-ab17-d2597387a25e</sourceId> - <sourceGroupId>f0f934a9-853a-1a19-a9cc-f878a5606bce</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>887c36a6-39d6-1b60-8a83-d4d10ea7e03b</destinationId> - <destinationGroupId>f0f934a9-853a-1a19-a9cc-f878a5606bce</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <connection> - <id>fbbe3f1b-5336-11c9-ffff-ffffd29d2f5c</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>84dc3511-1322-175b-8083-9729037f8edb</sourceId> - <sourceGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>56e5f029-0176-1000-ffff-fffff7512a3b</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>328b35e2-eb52-1f47-b84d-52941eff8a07</sourceId> - <sourceGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>e43535d0-23e9-15af-ffff-ffffa44d6172</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bcbb33ba-112e-1f53-8982-d5ae9f0e701f</sourceId> - <sourceGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b339b-a821-1197-0000-00002e648df6</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>a28a9e95-1003-3ea6-9af6-a334c1aec07c</sourceId> - <sourceGroupId>83691174-683f-3c7c-8526-8fc00397aee1</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>75109cc1-0176-1000-ffff-ffff86db235d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>f1e73393-065a-1450-9ad0-fd7cdb57853f</sourceId> - <sourceGroupId>31b13b40-8e26-1798-9777-2272881c6031</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d0ea3d4-0175-1000-0000-0000471b8522</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>89639d3d-0175-1000-ffff-ffffb446c257</destinationId> - <destinationGroupId>89636688-0175-1000-ffff-ffffb1b28a38</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>unmatched</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>7558e6dd-0176-1000-ffff-ffffec9061a8</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>39ce3238-1ebd-1c2c-b724-01d18f147b6f</destinationId> - <destinationGroupId>7263390f-914c-1f6e-9451-75f908ed8816</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>elasticsearch</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>fbbe3ee1-5336-11c9-ffff-ffffa7c97811</id> - <name /> - <bendPoints> - <bendPoint x="-720.0" y="1016.0" /> - <bendPoint x="-584.0" y="1152.0" /> - </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>10cb3b64-e867-1d81-bd59-eb9cf6883f24</destinationId> - <destinationGroupId>f88732b0-d93f-1f6e-ba01-40b41ea20fe3</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>keycloak</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8d1fe825-0175-1000-ffff-fffff0505cdc</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8d13c952-0175-1000-0000-00007e8f4cae</destinationId> - <destinationGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>suricata</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>74ff448b-0176-1000-0000-00002e302e83</id> - <name /> - <bendPoints> - <bendPoint x="-688.0" y="1576.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>a77d3c33-9575-1926-b230-9cf1fca55e7e</destinationId> - <destinationGroupId>31b13b40-8e26-1798-9777-2272881c6031</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>zookeeper</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b3398-a821-1197-ffff-ffffc5ae6471</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>349b3362-a821-1197-ffff-ffff91d0e6c0</destinationId> - <destinationGroupId>83691174-683f-3c7c-8526-8fc00397aee1</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>zeek</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>61c51cd8-0176-1000-ffff-ffff9247ba7c</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>887c36a6-39d6-1b60-8a83-d4d10ea7e03b</sourceId> - <sourceGroupId>f0f934a9-853a-1a19-a9cc-f878a5606bce</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bc6e50cc-0175-1000-ffff-ffffbd982e0c</id> - <name /> - <bendPoints /> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>bc6c2159-0175-1000-ffff-ffffb4de4d47</destinationId> - <destinationGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>nifi</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>56e5add3-0176-1000-ffff-ffffd667d1f6</id> - <name /> - <bendPoints> - <bendPoint x="-584.0" y="624.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>65a33e05-e157-1bfc-8741-adf11b3df720</destinationId> - <destinationGroupId>5d04357e-423c-1ab5-a7a4-44565abfed7f</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>haproxy</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>6196cd03-0176-1000-ffff-ffffd39b8c82</id> - <name /> - <bendPoints> - <bendPoint x="-576.0" y="896.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>a22b30c4-53f8-19c0-bdbb-0632e99a17d9</destinationId> - <destinationGroupId>f0f934a9-853a-1a19-a9cc-f878a5606bce</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>kibana</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>89630460-0175-1000-0000-00006b5f18c8</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>89620b1a-0175-1000-0000-000078566f34</sourceId> - <sourceGroupId>895eab20-0175-1000-0000-00007e13267d</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>8962ad5a-0175-1000-ffff-ffffde6db5a6</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b3303-a821-1197-ffff-ffffa12b866d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8963b202-0175-1000-0000-000022d64ba2</sourceId> - <sourceGroupId>89636688-0175-1000-ffff-ffffb1b28a38</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bcadaf87-0175-1000-0000-000048464ec3</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bca9636a-0175-1000-0000-000013fa95aa</sourceId> - <sourceGroupId>bc6be78f-0175-1000-ffff-ffffbcd0f569</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>bcb879d5-0175-1000-0000-000070879ad0</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b3301-a821-1197-0000-0000070259c4</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>055308a4-d020-39a9-9da4-b165796ef717</sourceId> - <sourceGroupId>bd12dc14-015e-3428-bfdf-b1219d2d6fdb</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>349b32fe-a821-1197-0000-00003a0b6fe5</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>e43535c9-23e9-15af-ffff-ffffcd7d888a</id> - <name /> - <bendPoints> - <bendPoint x="-704.0" y="1256.0" /> - <bendPoint x="-584.0" y="1368.0" /> - </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8962ad5a-0175-1000-ffff-ffffde6db5a6</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>7f683020-779c-1bc9-85da-5bad079d5d9d</destinationId> - <destinationGroupId>48bc31b5-dbc5-116d-adbe-fe0f10314ac2</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship>mysql</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>7575486d-0176-1000-0000-00002542d6de</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bbc63756-9681-13b9-8c07-20c82f62ceca</sourceId> - <sourceGroupId>7263390f-914c-1f6e-9451-75f908ed8816</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>bcb879d5-0175-1000-0000-000070879ad0</destinationId> - <destinationGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>b3d57504-7c06-37a3-b59b-8723f60fa728</id> - <name>Test data</name> - <position x="-496.0" y="552.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <outputPort> - <id>d30dc946-251a-307c-8e88-f2262b0bb194</id> - <name>To enrichment</name> - <position x="731.0454088698874" y="433.2315817172085" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <processGroup> - <id>0c83ef26-0175-1000-ffff-ffffcac37910</id> - <name>Suricata</name> - <position x="462.0553417896858" y="119.99261716112323" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>bb7dc9ff-2d25-3134-9617-cca3cabe9179</id> - <name>Alerts</name> - <position x="496.0" y="392.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>10 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>File Size</name> - <value>0B</value> - </property> - <property> - <name>Batch Size</name> - <value>1</value> - </property> - <property> - <name>Data Format</name> - <value>Text</value> - </property> - <property> - <name>Unique FlowFiles</name> - <value>false</value> - </property> - <property> - <name>generate-ff-custom-text</name> - <value>[{"stream": 0,"flow": {"bytes_toserver": 74,"bytes_toclient": 0,"start": "${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","pkts_toserver": 1,"pkts_toclient": 0},"vlan": 665,"ip_dst_port": 54323,"in_iface": "ens1f3","payload": "","timestamp": "${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","proto": "TCP","event_type": "alert","alert": {"category": "Not Suspicious Traffic","severity": 3,"action": "allowed","gid": 1,"signature_id": 29999991,"rev": 1,"signature": "SOC TEST1"},"payload_printable": "","ip_src_addr": "10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","ip_src_port": 43844,"ip_dst_addr": "10.0.0.${random():mod(254):plus(1)}","host":"nifi.soctools.geant.org","host_domain":"geant.org"}, -{"timestamp":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","alert":{"action":"allowed","category":"Potentially Bad Traffic","gid":1,"metadata":{"affected_product":["Any"],"attack_target":["Client_Endpoint"],"created_at":["2019_07_26"],"deployment":["Perimeter"],"former_category":["DNS"],"signature_severity":["Minor"],"updated_at":["2019_09_28"]},"rev":3,"severity":2,"signature":"ET DNS Query for .cc TLD","signature_id":2027758},"app_proto":"dns","destination":{"ip":"10.10.10.${random():mod(254):plus(1)}","port":53},"dns":{"query":[{"id":37261,"rrname":"example.evil","rrtype":"A","tx_id":2,"type":"query"}]},"event_type":"alert","flow":{"bytes_toclient":1039,"bytes_toserver":343,"pkts_toclient":2,"pkts_toserver":3,"start":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}"},"flow_id":1889254052511234,"in_iface":"if1","payload":"kY0BAAABAAAAAAABBnN0YXRpYwdhcmR1aW5vAmNjAAABAAEAACkPoAAAgAAAAA==","payload_printable":".............example.evil.......)........","proto":"UDP","source":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":64164},"stream":0,"tx_id":2}, -{"timestamp":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","TLP":"AMBER","alert":{"action":"allowed","category":"Attempted Information Leak","gid":1,"metadata":{"created_at":["2014_10_15"],"former_category":["CURRENT_EVENTS"],"updated_at":["2014_10_15"]},"rev":6,"severity":2,"signature":"ET EXPLOIT SSL excessive fatal alerts (possible POODLE attack against server)","signature_id":2019418},"app_proto":"tls","destination":{"ip":"10.10.10.${random():mod(10):plus(1)}","port":37220},"event_type":"alert","flow":{"bytes_toclient":247,"bytes_toserver":298,"pkts_toclient":4,"pkts_toserver":4,"start":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}"},"flow_id":43047386649621,"payload":"FQMAAAICKA==","payload_printable":"......(","proto":"TCP","source":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":443},"stream":1,"tls":{"ja3":{},"version":"SSLv3"},"tx_id":0}]</value> - </property> - <property> - <name>character-set</name> - <value>UTF-8</value> - </property> - <property> - <name>mime-type</name> - </property> - <property> - <name>mime.type</name> - <value>application/json</value> - </property> - <property> - <name>enrich_domain1</name> - <value>/host_domain</value> - </property> - <property> - <name>enrich_ip1</name> - <value>/source/ip</value> - </property> - <property> - <name>enrich_fqdn1</name> - <value>/host</value> - </property> - <property> - <name>data_id</name> - <value>suricata_alert</value> - </property> - <property> - <name>data_index</name> - <value>logs-suricata-alert</value> - </property> - <property> - <name>data_type</name> - <value>suricata</value> - </property> - <property> - <name>enrich_ip2</name> - <value>/destination/ip</value> - </property> - </processor> - <processor> - <id>f8143c19-b547-1c84-90b7-2e3c37a659e7</id> - <name>TLS</name> - <position x="496.0" y="536.0" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>10 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>File Size</name> - <value>0B</value> - </property> - <property> - <name>Batch Size</name> - <value>1</value> - </property> - <property> - <name>Data Format</name> - <value>Text</value> - </property> - <property> - <name>Unique FlowFiles</name> - <value>false</value> - </property> - <property> - <name>generate-ff-custom-text</name> - <value>[{"timestamp":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","TLP":"AMBER","destination":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":443},"event_type":"tls","flow_id":852792667052212,"in_iface":"if1","proto":"TCP","source":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":53466},"tls":{"ja3":{"hash":"e5b607b5862a46cab44d7bacd582b3cd","string":"771,4867-4865-4866-52393-52392-49195-49199-49196-49200-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0"},"sni":"clients3.google.com","sni_domain":"google.com","version":"TLS 1.3"}}]</value> - </property> - <property> - <name>character-set</name> - <value>UTF-8</value> - </property> - <property> - <name>mime-type</name> - </property> - <property> - <name>mime.type</name> - <value>application/json</value> - </property> - <property> - <name>enrich_domain1</name> - <value>/tls/sni_domain</value> - </property> - <property> - <name>enrich_fqdn1</name> - <value>/tls/sni</value> - </property> - <property> - <name>enrich_ip1</name> - <value>/source/ip</value> - </property> - <property> - <name>data_id</name> - <value>suricata_tls</value> - </property> - <property> - <name>data_index</name> - <value>logs-suricata-tls</value> - </property> - <property> - <name>data_type</name> - <value>suricata</value> - </property> - <property> - <name>enrich_ip2</name> - <value>/destination/ip</value> - </property> - </processor> - <outputPort> - <id>0c864b15-0175-1000-0000-00001d403b1e</id> - <name>To enrichment</name> - <position x="1192.0" y="576.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </outputPort> - <connection> - <id>1cb3658c-0175-1000-ffff-ffff93193081</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>f8143c19-b547-1c84-90b7-2e3c37a659e7</sourceId> - <sourceGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>0c864b15-0175-1000-0000-00001d403b1e</destinationId> - <destinationGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>0c865d01-0175-1000-0000-0000559b408d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bb7dc9ff-2d25-3134-9617-cca3cabe9179</sourceId> - <sourceGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>0c864b15-0175-1000-0000-00001d403b1e</destinationId> - <destinationGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <connection> - <id>0c866fa6-0175-1000-ffff-ffffe866c936</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>0c864b15-0175-1000-0000-00001d403b1e</sourceId> - <sourceGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>d30dc946-251a-307c-8e88-f2262b0bb194</destinationId> - <destinationGroupId>b3d57504-7c06-37a3-b59b-8723f60fa728</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <connection> - <id>c5fe676f-baa5-3d90-956e-fe502db0ac68</id> - <name /> - <bendPoints /> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>d30dc946-251a-307c-8e88-f2262b0bb194</sourceId> - <sourceGroupId>b3d57504-7c06-37a3-b59b-8723f60fa728</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>20b01ab3-3a8d-3573-b95d-a4a45494050f</destinationId> - <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>349b33a3-a821-1197-0000-00001ce4370e</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>349b32fe-a821-1197-0000-00003a0b6fe5</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>20b01ab3-3a8d-3573-b95d-a4a45494050f</destinationId> - <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bcb8ef9d-0175-1000-0000-000017e52ef1</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>bcb879d5-0175-1000-0000-000070879ad0</sourceId> - <sourceGroupId>0c790562-0175-1000-ffff-ffffeaaeafc3</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>21a9e277-2d80-359a-9c57-cb76d8962e6d</destinationId> - <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>27d64272-0172-1000-0000-000079e1c9c6</id> - <name /> - <bendPoints> - <bendPoint x="88.0" y="864.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>27d5761b-0172-1000-0000-000059275dad</sourceId> - <sourceGroupId>27d51d04-0172-1000-0000-00004573c6ec</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>20b01ab3-3a8d-3573-b95d-a4a45494050f</destinationId> - <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>27d65fe7-0172-1000-ffff-ffffec2db03b</id> - <name /> - <bendPoints> - <bendPoint x="-744.0" y="856.0" /> - </bendPoints> - <labelIndex>0</labelIndex> - <zIndex>0</zIndex> - <sourceId>27d5dab2-0172-1000-ffff-ffffab5c50be</sourceId> - <sourceGroupId>27d51d04-0172-1000-0000-00004573c6ec</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>21a9e277-2d80-359a-9c57-cb76d8962e6d</destinationId> - <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> - <destinationType>OUTPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <controllerService> - <id>94600c6c-704e-3ff8-a2a4-f2f25c71dc3b</id> - <name>JsonRecordSetWriter</name> - <comment /> - <class>org.apache.nifi.json.JsonRecordSetWriter</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>Schema Write Strategy</name> - <value>no-schema</value> - </property> - <property> - <name>schema-cache</name> - </property> - <property> - <name>schema-protocol-version</name> - <value>1</value> - </property> - <property> - <name>schema-access-strategy</name> - <value>inherit-record-schema</value> - </property> - <property> - <name>schema-registry</name> - </property> - <property> - <name>schema-name</name> - <value>${schema.name}</value> - </property> - <property> - <name>schema-version</name> - </property> - <property> - <name>schema-branch</name> - </property> - <property> - <name>schema-text</name> - <value>${avro.schema}</value> - </property> - <property> - <name>Date Format</name> - </property> - <property> - <name>Time Format</name> - </property> - <property> - <name>Timestamp Format</name> - </property> - <property> - <name>Pretty Print JSON</name> - <value>false</value> - </property> - <property> - <name>suppress-nulls</name> - <value>suppress-missing</value> - </property> - <property> - <name>output-grouping</name> - <value>output-array</value> - </property> - <property> - <name>compression-format</name> - <value>none</value> - </property> - <property> - <name>compression-level</name> - <value>1</value> - </property> - </controllerService> - <controllerService> - <id>09b4fa02-0459-358d-939f-54fda8aea702</id> - <name>VolatileSchemaCache</name> - <comment /> - <class>org.apache.nifi.schema.inference.VolatileSchemaCache</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>false</enabled> - <property> - <name>max-cache-size</name> - <value>100</value> - </property> - </controllerService> - </processGroup> - <processGroup> - <id>e9c19adc-c8a4-327e-ad24-24e71fd3474e</id> - <name>Data output</name> - <position x="829.4446253936723" y="1015.2711478364996" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <inputPort> - <id>e333b82d-7408-3747-8dd2-46473704e51b</id> - <name>Data input</name> - <position x="-688.0" y="496.0" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <processGroup> - <id>7ebf304b-4978-3adc-ac31-470fb76e5029</id> - <name>Elastic odfe</name> - <position x="-759.1319580078125" y="739.6137390136719" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>8b48f28f-2379-3f0f-81fe-4e1b93e72666</id> - <name>PutElasticsearchHttpRecord</name> - <position x="-856.2311706542969" y="629.8186340332031" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.elasticsearch.PutElasticsearchHttpRecord</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-elasticsearch-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>elasticsearch-http-url</name> - <value>${elastic_url}</value> - </property> - <property> - <name>SSL Context Service</name> - <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>Username</name> - <value>${elastic_username}</value> - </property> - <property> - <name>Password</name> - <value>enc{e3c6c99d66e95dfa569c6dab15f7bd5cb2142d215044a4c556aba0a2bed19ac85c899bd8837e09bb49300f0823011b45}</value> - </property> - <property> - <name>elasticsearch-http-connect-timeout</name> - <value>5 secs</value> - </property> - <property> - <name>elasticsearch-http-response-timeout</name> - <value>15 secs</value> - </property> - <property> - <name>proxy-configuration-service</name> - </property> - <property> - <name>elasticsearch-http-proxy-host</name> - </property> - <property> - <name>elasticsearch-http-proxy-port</name> - </property> - <property> - <name>proxy-username</name> - </property> - <property> - <name>proxy-password</name> - </property> - <property> - <name>put-es-record-record-reader</name> - <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> - </property> - <property> - <name>put-es-record-record-writer</name> - </property> - <property> - <name>put-es-record-log-all-errors</name> - <value>false</value> - </property> - <property> - <name>put-es-record-id-path</name> - </property> - <property> - <name>put-es-record-index</name> - <value>${data_index}-${now():format("yyyy-MM-dd")}</value> - </property> - <property> - <name>put-es-record-type</name> - <value>_doc</value> - </property> - <property> - <name>put-es-record-index-op</name> - <value>index</value> - </property> - <property> - <name>suppress-nulls</name> - <value>always-suppress</value> - </property> - <property> - <name>Date Format</name> - </property> - <property> - <name>Time Format</name> - </property> - <property> - <name>Timestamp Format</name> - </property> - <autoTerminatedRelationship>success</autoTerminatedRelationship> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <inputPort> - <id>e7d34e01-babe-3022-ad9b-a7620e7c0f38</id> - <name>Data input</name> - <position x="-803.9990234375" y="484.5271301269531" /> - <comments /> - <scheduledState>RUNNING</scheduledState> - </inputPort> - <connection> - <id>3280c550-2117-37a6-8b5e-3bc1953fa17e</id> - <name /> - <bendPoints> - <bendPoint x="-393.2311706542969" y="669.8186340332031" /> - <bendPoint x="-393.2311706542969" y="719.8186340332031" /> - </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</sourceId> - <sourceGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</destinationId> - <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>retry</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>5de8f98f-ce46-3565-b0ce-7f8ecf518c53</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e7d34e01-babe-3022-ad9b-a7620e7c0f38</sourceId> - <sourceGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</destinationId> - <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>60 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>2bb2f914-0172-1000-0000-0000240c76e4</id> - <name>Custom output</name> - <position x="-160.0" y="736.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <inputPort> - <id>2bb31aa5-0172-1000-0000-00000869fb70</id> - <name>Input</name> - <position x="-648.0" y="496.0" /> - <comments /> - <scheduledState>STOPPED</scheduledState> - </inputPort> - </processGroup> - <connection> - <id>9349cb73-0175-1000-ffff-ffff90dc265d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e333b82d-7408-3747-8dd2-46473704e51b</sourceId> - <sourceGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>2bb31aa5-0172-1000-0000-00000869fb70</destinationId> - <destinationGroupId>2bb2f914-0172-1000-0000-0000240c76e4</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>1 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>34772170-2400-3eb6-b9c5-c03b912a38f3</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e333b82d-7408-3747-8dd2-46473704e51b</sourceId> - <sourceGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</sourceGroupId> - <sourceType>INPUT_PORT</sourceType> - <destinationId>e7d34e01-babe-3022-ad9b-a7620e7c0f38</destinationId> - <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <connection> - <id>875a975e-46e1-36fa-a035-4799201abd63</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>20b01ab3-3a8d-3573-b95d-a4a45494050f</sourceId> - <sourceGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>74abf119-faa6-3e9e-bb31-da2e79f89a38</destinationId> - <destinationGroupId>fcbcacd1-542d-3a15-a5aa-9c1302328954</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bbc37560-0171-1000-0000-000055178fff</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>c164884d-277f-31af-ac3c-18b211667bbf</sourceId> - <sourceGroupId>fcbcacd1-542d-3a15-a5aa-9c1302328954</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>e333b82d-7408-3747-8dd2-46473704e51b</destinationId> - <destinationGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>9cdaaee8-0e39-3dbd-a7cc-06a89056bb7c</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>21a9e277-2d80-359a-9c57-cb76d8962e6d</sourceId> - <sourceGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</sourceGroupId> - <sourceType>OUTPUT_PORT</sourceType> - <destinationId>e333b82d-7408-3747-8dd2-46473704e51b</destinationId> - <destinationGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</destinationGroupId> - <destinationType>INPUT_PORT</destinationType> - <relationship /> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <controllerService> - <id>b7794eb3-9227-36dd-8751-e87d1c2321ee</id> - <name>Misp DistributedMapCacheClientService</name> - <comment /> - <class>org.apache.nifi.distributed.cache.client.DistributedMapCacheClientService</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-distributed-cache-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>Server Hostname</name> - <value>localhost</value> - </property> - <property> - <name>Server Port</name> - <value>6000</value> - </property> - <property> - <name>SSL Context Service</name> - </property> - <property> - <name>Communications Timeout</name> - <value>30 secs</value> - </property> - </controllerService> - </processGroup> - <processGroup> - <id>72eb009e-0c2f-302d-bc6c-2d02c29c25a9</id> - <name>Enrichment data</name> - <position x="1720.0" y="248.0" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processGroup> - <id>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</id> - <name>Top domains</name> - <position x="970.3727876614566" y="673.4981494769316" /> - <comment>Downloads CSV files containing top domains from Alexa and Umbrella</comment> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>857cd537-4aeb-31fb-9740-0513e6cc46fe</id> - <name>Unzip CSV files</name> - <position x="-297.30227379373514" y="212.70767899178307" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UnpackContent</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Packaging Format</name> - <value>zip</value> - </property> - <property> - <name>File Filter</name> - <value>.*</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> - </processor> - <processor> - <id>937de5fc-7d4a-35af-a071-46f04d6ea4fa</id> - <name>Save to disk</name> - <position x="326.18698401876486" y="392.4228279175642" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.PutFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Directory</name> - <value>/opt/nifi/nifi-current/conf/</value> - </property> - <property> - <name>Conflict Resolution Strategy</name> - <value>replace</value> - </property> - <property> - <name>Create Missing Directories</name> - <value>true</value> - </property> - <property> - <name>Maximum File Count</name> - </property> - <property> - <name>Last Modified Time</name> - </property> - <property> - <name>Permissions</name> - </property> - <property> - <name>Owner</name> - </property> - <property> - <name>Group</name> - </property> - <autoTerminatedRelationship>success</autoTerminatedRelationship> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>3c4d65a9-aa39-380f-b16b-2aea028a019b</id> - <name>Download Alexa CSV file</name> - <position x="197.54468055196799" y="-60.57735518790443" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GetHTTP</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>1 day</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>URL</name> - <value>http://s3.amazonaws.com/alexa-static/top-1m.csv.zip</value> - </property> - <property> - <name>Filename</name> - <value>alexa-top-1m.csv.zip</value> - </property> - <property> - <name>SSL Context Service</name> - </property> - <property> - <name>Username</name> - </property> - <property> - <name>Password</name> - </property> - <property> - <name>Connection Timeout</name> - <value>30 sec</value> - </property> - <property> - <name>Data Timeout</name> - <value>10 min</value> - </property> - <property> - <name>User Agent</name> - </property> - <property> - <name>Accept Content-Type</name> - </property> - <property> - <name>Follow Redirects</name> - <value>false</value> - </property> - <property> - <name>redirect-cookie-policy</name> - <value>default</value> - </property> - <property> - <name>proxy-configuration-service</name> - </property> - <property> - <name>Proxy Host</name> - </property> - <property> - <name>Proxy Port</name> - </property> - <property> - <name>filename</name> - <value>alexa-top-1m.csv</value> - </property> - </processor> - <processor> - <id>9d3d9047-fb85-3ae6-a815-0e19cc860c60</id> - <name>Download Umbrella CSV file</name> - <position x="-297.30227379373514" y="-61.444390100013806" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GetHTTP</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>1 day</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>URL</name> - <value>http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip</value> - </property> - <property> - <name>Filename</name> - <value>umbrella-top-1m.csv.zip</value> - </property> - <property> - <name>SSL Context Service</name> - </property> - <property> - <name>Username</name> - </property> - <property> - <name>Password</name> - </property> - <property> - <name>Connection Timeout</name> - <value>30 sec</value> - </property> - <property> - <name>Data Timeout</name> - <value>10 min</value> - </property> - <property> - <name>User Agent</name> - </property> - <property> - <name>Accept Content-Type</name> - </property> - <property> - <name>Follow Redirects</name> - <value>false</value> - </property> - <property> - <name>redirect-cookie-policy</name> - <value>default</value> - </property> - <property> - <name>proxy-configuration-service</name> - </property> - <property> - <name>Proxy Host</name> - </property> - <property> - <name>Proxy Port</name> - </property> - <property> - <name>filename</name> - <value>umbrella-top-1m.csv</value> - </property> - </processor> - <processor> - <id>9009320d-fb62-357e-ad94-bef8e95ea142</id> - <name>Set filename</name> - <position x="-294.78310875467264" y="388.04684866613775" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>filename</name> - <value>${segment.original.filename}</value> - </property> - </processor> - <processor> - <id>86fdf574-d86b-3f35-9aa0-3ada1867aff8</id> - <name>Add headers</name> - <position x="325.04416175313986" y="201.70740433357992" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ReplaceText</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Regular Expression</name> - <value>(?s)(^.*$)</value> - </property> - <property> - <name>Replacement Value</name> - <value>index,domain -</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>Maximum Buffer Size</name> - <value>1 MB</value> - </property> - <property> - <name>Replacement Strategy</name> - <value>Prepend</value> - </property> - <property> - <name>Evaluation Mode</name> - <value>Entire text</value> - </property> - <property> - <name>Line-by-Line Evaluation Mode</name> - <value>All</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <connection> - <id>652026e5-0acd-3009-b45a-f68f3e37bef9</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>9d3d9047-fb85-3ae6-a815-0e19cc860c60</sourceId> - <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>857cd537-4aeb-31fb-9740-0513e6cc46fe</destinationId> - <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>bfe27587-bb06-388c-a59a-8aad9830cda1</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>3c4d65a9-aa39-380f-b16b-2aea028a019b</sourceId> - <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>857cd537-4aeb-31fb-9740-0513e6cc46fe</destinationId> - <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>7af7ff86-6b85-3fd1-bbc4-efa4e04593d9</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>857cd537-4aeb-31fb-9740-0513e6cc46fe</sourceId> - <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>86fdf574-d86b-3f35-9aa0-3ada1867aff8</destinationId> - <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>e2d60b76-d9bf-380f-9cfd-eeda1422ad73</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>86fdf574-d86b-3f35-9aa0-3ada1867aff8</sourceId> - <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>9009320d-fb62-357e-ad94-bef8e95ea142</destinationId> - <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>58b9bce4-6f7a-369c-a93f-dc23e252c670</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>9009320d-fb62-357e-ad94-bef8e95ea142</sourceId> - <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>937de5fc-7d4a-35af-a071-46f04d6ea4fa</destinationId> - <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>b997e46b-7905-33e8-8bbc-f4d51b0cc735</id> - <name>Tor Nodes</name> - <position x="968.7335178760902" y="456.9915202898361" /> - <comment>Downloads a CSV file of IP addresses used as Tor nodes</comment> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>ad366a87-89d6-38ff-affe-a1f3575faa8a</id> - <name>Save to disk</name> - <position x="-328.58331298828125" y="-153.10000610351562" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.PutFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Directory</name> - <value>/opt/nifi/nifi-current/conf/</value> - </property> - <property> - <name>Conflict Resolution Strategy</name> - <value>replace</value> - </property> - <property> - <name>Create Missing Directories</name> - <value>true</value> - </property> - <property> - <name>Maximum File Count</name> - </property> - <property> - <name>Last Modified Time</name> - </property> - <property> - <name>Permissions</name> - </property> - <property> - <name>Owner</name> - </property> - <property> - <name>Group</name> - </property> - <autoTerminatedRelationship>success</autoTerminatedRelationship> - </processor> - <processor> - <id>34f52e1e-164e-34e4-b5fc-e5d16f773b19</id> - <name>Get CSV file with Tor nodes</name> - <position x="-323.0833282470703" y="-647.6000061035156" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GetHTTP</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>1 day</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>URL</name> - <value>https://check.torproject.org/torbulkexitlist</value> - </property> - <property> - <name>Filename</name> - <value>tornodes.csv</value> - </property> - <property> - <name>SSL Context Service</name> - <value>8972e39a-0176-1000-ffff-ffffb8dd96f4</value> - </property> - <property> - <name>Username</name> - </property> - <property> - <name>Password</name> - </property> - <property> - <name>Connection Timeout</name> - <value>30 sec</value> - </property> - <property> - <name>Data Timeout</name> - <value>30 sec</value> - </property> - <property> - <name>User Agent</name> - </property> - <property> - <name>Accept Content-Type</name> - </property> - <property> - <name>Follow Redirects</name> - <value>false</value> - </property> - <property> - <name>redirect-cookie-policy</name> - <value>default</value> - </property> - <property> - <name>proxy-configuration-service</name> - </property> - <property> - <name>Proxy Host</name> - </property> - <property> - <name>Proxy Port</name> - </property> - </processor> - <processor> - <id>8c69ccb6-616f-3ce2-b0cd-57276cae3749</id> - <name>Add header</name> - <position x="-325.5833282470703" y="-410.1000061035156" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ReplaceText</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Regular Expression</name> - <value>(?s)(^.*$)</value> - </property> - <property> - <name>Replacement Value</name> - <value>ip_addr -</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>Maximum Buffer Size</name> - <value>1 MB</value> - </property> - <property> - <name>Replacement Strategy</name> - <value>Prepend</value> - </property> - <property> - <name>Evaluation Mode</name> - <value>Entire text</value> - </property> - <property> - <name>Line-by-Line Evaluation Mode</name> - <value>All</value> - </property> - </processor> - <connection> - <id>33cb6d60-d003-3954-b9d0-f51ac40ed983</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</sourceId> - <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>ad366a87-89d6-38ff-affe-a1f3575faa8a</destinationId> - <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>cd13f619-bb19-37c2-b8fe-c962edfbf213</id> - <name /> - <bendPoints> - <bendPoint x="137.4166717529297" y="-370.1000061035156" /> - <bendPoint x="137.4166717529297" y="-320.1000061035156" /> - </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</sourceId> - <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</destinationId> - <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>3941ee86-e740-3b8f-951a-c7da71e78fbe</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>34f52e1e-164e-34e4-b5fc-e5d16f773b19</sourceId> - <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</destinationId> - <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>19de0f5c-c244-3e7d-b711-ee165b493ea2</id> - <name /> - <bendPoints> - <bendPoint x="134.41668701171875" y="-113.10000610351562" /> - <bendPoint x="134.41668701171875" y="-63.100006103515625" /> - </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>ad366a87-89d6-38ff-affe-a1f3575faa8a</sourceId> - <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>ad366a87-89d6-38ff-affe-a1f3575faa8a</destinationId> - <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>8130df3d-dc8c-32c2-975d-9c94438cac05</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>34f52e1e-164e-34e4-b5fc-e5d16f773b19</sourceId> - <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</destinationId> - <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>194a653f-0c92-3704-8bd4-ffa079643515</id> - <name>Misp</name> - <position x="548.9658647769079" y="453.4916238226681" /> - <comment>Polls Misp database once every minute and places new IOCs in a NiFi memcache.</comment> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>283bea4b-2774-3f2d-aabe-cf96989e9997</id> - <name>Set timestamp as FlowFile content</name> - <position x="506.47715414708637" y="587.6551663734834" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.ReplaceText</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Regular Expression</name> - <value>(?s)(^.*$)</value> - </property> - <property> - <name>Replacement Value</name> - <value>${timestamp}</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>Maximum Buffer Size</name> - <value>1 MB</value> - </property> - <property> - <name>Replacement Strategy</name> - <value>Always Replace</value> - </property> - <property> - <name>Evaluation Mode</name> - <value>Entire text</value> - </property> - <property> - <name>Line-by-Line Evaluation Mode</name> - <value>All</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>e1e2caef-8178-3c91-b3ca-99f05f619064</id> - <name>Get timestamp of last successful poll</name> - <position x="-168.51082396716333" y="-293.9956980367642" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.FetchDistributedMapCache</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Cache Entry Identifier</name> - <value>${lookup_id}</value> - </property> - <property> - <name>Distributed Cache Service</name> - <value>ad4d31bf-b1fb-35e0-b634-b969b200f3a6</value> - </property> - <property> - <name>Put Cache Value In Attribute</name> - <value>last_run</value> - </property> - <property> - <name>Max Length To Put In Attribute</name> - <value>256</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - </processor> - <processor> - <id>192802be-4416-3abc-ba03-90934f2df860</id> - <name>Get events</name> - <position x="-151.66592451726592" y="335.6012170464188" /> - <styles /> - <comment>Normally the query will have a filter at the end "/last:${last}" so that only new events are pulled. This has been removed from this demo.</comment> - <class>org.apache.nifi.processors.standard.InvokeHTTP</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>HTTP Method</name> - <value>GET</value> - </property> - <property> - <name>Remote URL</name> - <value>${misp_url}/attributes/restSearch/returnFormat:json/type:ip-src||ip-dst/last:${last}</value> - </property> - <property> - <name>SSL Context Service</name> - <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> - </property> - <property> - <name>Connection Timeout</name> - <value>5 secs</value> - </property> - <property> - <name>Read Timeout</name> - <value>15 secs</value> - </property> - <property> - <name>idle-timeout</name> - <value>5 mins</value> - </property> - <property> - <name>max-idle-connections</name> - <value>5</value> - </property> - <property> - <name>Include Date Header</name> - <value>True</value> - </property> - <property> - <name>Follow Redirects</name> - <value>True</value> - </property> - <property> - <name>Attributes to Send</name> - </property> - <property> - <name>Useragent</name> - </property> - <property> - <name>Basic Authentication Username</name> - </property> - <property> - <name>Basic Authentication Password</name> - </property> - <property> - <name>proxy-configuration-service</name> - </property> - <property> - <name>Proxy Host</name> - </property> - <property> - <name>Proxy Port</name> - </property> - <property> - <name>Proxy Type</name> - <value>http</value> - </property> - <property> - <name>invokehttp-proxy-user</name> - </property> - <property> - <name>invokehttp-proxy-password</name> - </property> - <property> - <name>Put Response Body In Attribute</name> - </property> - <property> - <name>Max Length To Put In Attribute</name> - <value>256</value> - </property> - <property> - <name>Digest Authentication</name> - <value>false</value> - </property> - <property> - <name>Always Output Response</name> - <value>false</value> - </property> - <property> - <name>Add Response Headers to Request</name> - <value>false</value> - </property> - <property> - <name>Content-Type</name> - <value>${mime.type}</value> - </property> - <property> - <name>send-message-body</name> - <value>true</value> - </property> - <property> - <name>Use Chunked Encoding</name> - <value>false</value> - </property> - <property> - <name>Penalize on "No Retry"</name> - <value>false</value> - </property> - <property> - <name>use-etag</name> - <value>false</value> - </property> - <property> - <name>etag-max-cache-size</name> - <value>10MB</value> - </property> - <property> - <name>ignore-response-content</name> - <value>false</value> - </property> - <property> - <name>form-body-form-name</name> - </property> - <property> - <name>set-form-filename</name> - <value>true</value> - </property> - <property> - <name>Authorization</name> - <value>${misp_token}</value> - </property> - <autoTerminatedRelationship>Original</autoTerminatedRelationship> - <autoTerminatedRelationship>Failure</autoTerminatedRelationship> - <autoTerminatedRelationship>Retry</autoTerminatedRelationship> - <autoTerminatedRelationship>No Retry</autoTerminatedRelationship> - </processor> - <processor> - <id>671c4e42-604f-389d-9cee-27431ca36448</id> - <name>Store timestamp</name> - <position x="504.4604101497308" y="824.0677052542044" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.PutDistributedMapCache</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Cache Entry Identifier</name> - <value>${lookup_id}</value> - </property> - <property> - <name>Distributed Cache Service</name> - <value>ad4d31bf-b1fb-35e0-b634-b969b200f3a6</value> - </property> - <property> - <name>Cache update strategy</name> - <value>replace</value> - </property> - <property> - <name>Max cache entry size</name> - <value>1 MB</value> - </property> - <autoTerminatedRelationship>success</autoTerminatedRelationship> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>c7cc4e24-7d9a-3a17-8af1-ca655f46595f</id> - <name>Update cache</name> - <position x="-775.4735301448745" y="930.3624699197178" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.PutDistributedMapCache</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Cache Entry Identifier</name> - <value>${misp_ip}</value> - </property> - <property> - <name>Distributed Cache Service</name> - <value>ad4d31bf-b1fb-35e0-b634-b969b200f3a6</value> - </property> - <property> - <name>Cache update strategy</name> - <value>replace</value> - </property> - <property> - <name>Max cache entry size</name> - <value>1 MB</value> - </property> - <autoTerminatedRelationship>success</autoTerminatedRelationship> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - </processor> - <processor> - <id>81ec71a0-719a-3205-9360-6a535072f7c6</id> - <name>Set attributes to get all events for the last x days</name> - <position x="-378.1916613806792" y="-12.197472102501479" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>last</name> - <value>${misp_first_interval}</value> - </property> - <property> - <name>timestamp</name> - <value>${now():toNumber()}</value> - </property> - </processor> - <processor> - <id>6d78b76c-5463-3610-b8c8-4796fa09c59b</id> - <name>Periodic polling</name> - <position x="-171.36520083798905" y="-518.6967632987289" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>1 minute</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>File Size</name> - <value>0B</value> - </property> - <property> - <name>Batch Size</name> - <value>1</value> - </property> - <property> - <name>Data Format</name> - <value>Text</value> - </property> - <property> - <name>Unique FlowFiles</name> - <value>false</value> - </property> - <property> - <name>generate-ff-custom-text</name> - </property> - <property> - <name>character-set</name> - <value>UTF-8</value> - </property> - <property> - <name>mime-type</name> - </property> - <property> - <name>lookup_id</name> - <value>ip</value> - </property> - </processor> - <processor> - <id>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</id> - <name>Extract IP address</name> - <position x="-156.69110558236184" y="543.7042207790005" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.EvaluateJsonPath</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Destination</name> - <value>flowfile-attribute</value> - </property> - <property> - <name>Return Type</name> - <value>auto-detect</value> - </property> - <property> - <name>Path Not Found Behavior</name> - <value>ignore</value> - </property> - <property> - <name>Null Value Representation</name> - <value>empty string</value> - </property> - <property> - <name>misp_ip</name> - <value>$.value</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>unmatched</autoTerminatedRelationship> - </processor> - <processor> - <id>74d66e0e-0b65-36d2-96f1-4b836d2c4222</id> - <name>Set attributes to get new events since last poll</name> - <position x="81.93877074822706" y="-13.058372981407729" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-update-attribute-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Delete Attributes Expression</name> - </property> - <property> - <name>Store State</name> - <value>Do not store state</value> - </property> - <property> - <name>Stateful Variables Initial Value</name> - </property> - <property> - <name>canonical-value-lookup-cache-size</name> - <value>100</value> - </property> - <property> - <name>last</name> - <value>${now():toNumber():minus(${last_run}):divide(60000):plus(1):append("m")}</value> - </property> - <property> - <name>timestamp</name> - <value>${now():toNumber()}</value> - </property> - </processor> - <processor> - <id>ba1b7e7e-a03c-3ace-9182-7f43569537e2</id> - <name>Create one FlowFile for each IP address</name> - <position x="-789.5267777615984" y="546.1428879861119" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.SplitJson</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>JsonPath Expression</name> - <value>$.response.Attribute</value> - </property> - <property> - <name>Null Value Representation</name> - <value>empty string</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>original</autoTerminatedRelationship> - </processor> - <processor> - <id>d850fc04-df9a-36b7-b53f-8b397a1be69a</id> - <name>Extract Misp event ID and store it to FlowFile</name> - <position x="-783.5607955237681" y="719.2550630641567" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.EvaluateJsonPath</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Destination</name> - <value>flowfile-content</value> - </property> - <property> - <name>Return Type</name> - <value>auto-detect</value> - </property> - <property> - <name>Path Not Found Behavior</name> - <value>ignore</value> - </property> - <property> - <name>Null Value Representation</name> - <value>empty string</value> - </property> - <property> - <name>event_id</name> - <value>$.event_id</value> - </property> - <autoTerminatedRelationship>failure</autoTerminatedRelationship> - <autoTerminatedRelationship>unmatched</autoTerminatedRelationship> - </processor> - <connection> - <id>39f7b787-0995-3721-8d50-700838b7a256</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>6d78b76c-5463-3610-b8c8-4796fa09c59b</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>e1e2caef-8178-3c91-b3ca-99f05f619064</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>adc3f55b-8d9a-33d0-a7af-0d795fa234ba</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>d850fc04-df9a-36b7-b53f-8b397a1be69a</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c7cc4e24-7d9a-3a17-8af1-ca655f46595f</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>matched</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>4a797ab8-fb0e-3c9a-b397-b3394eca1ce4</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>ba1b7e7e-a03c-3ace-9182-7f43569537e2</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>split</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>4707ebf2-4b30-3e97-8abc-6ca8a9d168fd</id> - <name>Consecutive poll</name> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e1e2caef-8178-3c91-b3ca-99f05f619064</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>74d66e0e-0b65-36d2-96f1-4b836d2c4222</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>5e84f4ae-bf61-37d8-b115-0af74b89a6aa</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>d850fc04-df9a-36b7-b53f-8b397a1be69a</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>matched</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>58cc41df-404e-309b-9df6-2ea67e1fe2b7</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>283bea4b-2774-3f2d-aabe-cf96989e9997</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>671c4e42-604f-389d-9cee-27431ca36448</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>a9d8c7a2-6b55-3684-9954-92934d5a69e8</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>74d66e0e-0b65-36d2-96f1-4b836d2c4222</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>192802be-4416-3abc-ba03-90934f2df860</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>c022992b-534a-317a-943c-86142ee1cf81</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>81ec71a0-719a-3205-9360-6a535072f7c6</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>192802be-4416-3abc-ba03-90934f2df860</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>424c08f5-1ad1-3a0a-923c-c3fd988f7d2e</id> - <name>Update timestamp</name> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>192802be-4416-3abc-ba03-90934f2df860</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>283bea4b-2774-3f2d-aabe-cf96989e9997</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>Response</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>70fec2c7-4dd5-3dd1-92fa-59c3027bffb4</id> - <name /> - <bendPoints> - <bendPoint x="294.48917603283667" y="-253.99569803676422" /> - <bendPoint x="294.48917603283667" y="-203.99569803676422" /> - </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e1e2caef-8178-3c91-b3ca-99f05f619064</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>e1e2caef-8178-3c91-b3ca-99f05f619064</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>d19116d2-0da0-3f86-8fd3-3285a839648e</id> - <name>First poll</name> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>e1e2caef-8178-3c91-b3ca-99f05f619064</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>81ec71a0-719a-3205-9360-6a535072f7c6</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>not-found</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>d375a69b-2139-3d9a-b6e3-48e0f69ec589</id> - <name>Update cache with new events</name> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>192802be-4416-3abc-ba03-90934f2df860</sourceId> - <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>ba1b7e7e-a03c-3ace-9182-7f43569537e2</destinationId> - <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>Response</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - </processGroup> - <processGroup> - <id>c4a200ea-5317-332a-97a4-ff76f951ecde</id> - <name>GeoIP</name> - <position x="556.427978515625" y="673.0274658203125" /> - <comment /> - <flowfileConcurrency>UNBOUNDED</flowfileConcurrency> - <flowfileOutboundPolicy>STREAM_WHEN_AVAILABLE</flowfileOutboundPolicy> - <processor> - <id>6292665b-f188-3551-b366-95476b5ac36f</id> - <name>Save to disk</name> - <position x="-357.78594755036767" y="656.471512008819" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.PutFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Directory</name> - <value>/opt/nifi/nifi-current/conf/</value> - </property> - <property> - <name>Conflict Resolution Strategy</name> - <value>replace</value> - </property> - <property> - <name>Create Missing Directories</name> - <value>true</value> - </property> - <property> - <name>Maximum File Count</name> - </property> - <property> - <name>Last Modified Time</name> - </property> - <property> - <name>Permissions</name> - </property> - <property> - <name>Owner</name> - </property> - <property> - <name>Group</name> - </property> - <autoTerminatedRelationship>success</autoTerminatedRelationship> - </processor> - <processor> - <id>c8b26516-0170-1000-ffff-fffffa357a77</id> - <name>InvokeHTTP</name> - <position x="-354.33263208075834" y="-1.6134650355261897" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.InvokeHTTP</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>HTTP Method</name> - <value>GET</value> - </property> - <property> - <name>Remote URL</name> - <value>https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${maxmind_key}&suffix=tar.gz</value> - </property> - <property> - <name>SSL Context Service</name> - <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> - </property> - <property> - <name>Connection Timeout</name> - <value>5 secs</value> - </property> - <property> - <name>Read Timeout</name> - <value>15 secs</value> - </property> - <property> - <name>idle-timeout</name> - <value>5 mins</value> - </property> - <property> - <name>max-idle-connections</name> - <value>5</value> - </property> - <property> - <name>Include Date Header</name> - <value>True</value> - </property> - <property> - <name>Follow Redirects</name> - <value>True</value> - </property> - <property> - <name>Attributes to Send</name> - </property> - <property> - <name>Useragent</name> - </property> - <property> - <name>Basic Authentication Username</name> - </property> - <property> - <name>Basic Authentication Password</name> - </property> - <property> - <name>proxy-configuration-service</name> - </property> - <property> - <name>Proxy Host</name> - </property> - <property> - <name>Proxy Port</name> - </property> - <property> - <name>Proxy Type</name> - <value>http</value> - </property> - <property> - <name>invokehttp-proxy-user</name> - </property> - <property> - <name>invokehttp-proxy-password</name> - </property> - <property> - <name>Put Response Body In Attribute</name> - </property> - <property> - <name>Max Length To Put In Attribute</name> - <value>256</value> - </property> - <property> - <name>Digest Authentication</name> - <value>false</value> - </property> - <property> - <name>Always Output Response</name> - <value>false</value> - </property> - <property> - <name>Add Response Headers to Request</name> - <value>false</value> - </property> - <property> - <name>Content-Type</name> - <value>${mime.type}</value> - </property> - <property> - <name>send-message-body</name> - <value>true</value> - </property> - <property> - <name>Use Chunked Encoding</name> - <value>false</value> - </property> - <property> - <name>Penalize on "No Retry"</name> - <value>false</value> - </property> - <property> - <name>use-etag</name> - <value>false</value> - </property> - <property> - <name>etag-max-cache-size</name> - <value>10MB</value> - </property> - <property> - <name>ignore-response-content</name> - <value>false</value> - </property> - <property> - <name>form-body-form-name</name> - </property> - <property> - <name>set-form-filename</name> - <value>true</value> - </property> - <autoTerminatedRelationship>Original</autoTerminatedRelationship> - </processor> - <processor> - <id>b99eab15-7e38-33fa-87d1-41d772306d9c</id> - <name>Uncompress</name> - <position x="-359.13545011384423" y="239.87525101326742" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.CompressContent</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Mode</name> - <value>decompress</value> - </property> - <property> - <name>Compression Format</name> - <value>use mime.type attribute</value> - </property> - <property> - <name>Compression Level</name> - <value>1</value> - </property> - <property> - <name>Update Filename</name> - <value>false</value> - </property> - </processor> - <processor> - <id>c8b20333-0170-1000-0000-000010760524</id> - <name>RouteOnAttribute</name> - <position x="-353.2358571852152" y="-223.16639543708658" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Routing Strategy</name> - <value>Route to Property name</value> - </property> - <property> - <name>maxmind_key</name> - <value>${maxmind_key:length():gt(1)}</value> - </property> - <autoTerminatedRelationship>unmatched</autoTerminatedRelationship> - </processor> - <processor> - <id>aad91df7-8e80-3598-a3eb-9b000045b843</id> - <name>UnpackContent</name> - <position x="-358.13545011384423" y="448.82544805040084" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.UnpackContent</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>0 sec</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>Packaging Format</name> - <value>tar</value> - </property> - <property> - <name>File Filter</name> - <value>GeoLite2-City.mmdb</value> - </property> - <autoTerminatedRelationship>original</autoTerminatedRelationship> - </processor> - <processor> - <id>c8b1bafd-0170-1000-0000-0000753f5f5b</id> - <name>GenerateFlowFile</name> - <position x="-366.3974570271698" y="-455.687252544095" /> - <styles /> - <comment /> - <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-standard-nar</artifact> - <version>1.12.1</version> - </bundle> - <maxConcurrentTasks>1</maxConcurrentTasks> - <schedulingPeriod>1 week</schedulingPeriod> - <penalizationPeriod>30 sec</penalizationPeriod> - <yieldPeriod>1 sec</yieldPeriod> - <bulletinLevel>WARN</bulletinLevel> - <lossTolerant>false</lossTolerant> - <scheduledState>RUNNING</scheduledState> - <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> - <executionNode>ALL</executionNode> - <runDurationNanos>0</runDurationNanos> - <property> - <name>File Size</name> - <value>0B</value> - </property> - <property> - <name>Batch Size</name> - <value>1</value> - </property> - <property> - <name>Data Format</name> - <value>Text</value> - </property> - <property> - <name>Unique FlowFiles</name> - <value>false</value> - </property> - <property> - <name>generate-ff-custom-text</name> - </property> - <property> - <name>character-set</name> - <value>UTF-8</value> - </property> - <property> - <name>mime-type</name> - </property> - </processor> - <funnel> - <id>c2cac6f3-c926-3038-b685-68f71f76fda3</id> - <position x="457.8712158203125" y="380.06201171875" /> - </funnel> - <connection> - <id>c8b21bba-0170-1000-0000-0000281b44ba</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>c8b1bafd-0170-1000-0000-0000753f5f5b</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c8b20333-0170-1000-0000-000010760524</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>1d0b1e6f-7b01-34c5-82f8-c95918e700ae</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>b99eab15-7e38-33fa-87d1-41d772306d9c</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>FUNNEL</destinationType> - <relationship>failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>e8e86b3f-6936-3080-8eb6-036d532cb483</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>6292665b-f188-3551-b366-95476b5ac36f</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>FUNNEL</destinationType> - <relationship>failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>e2f43878-959f-379c-b898-6d7c3a72af44</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>b99eab15-7e38-33fa-87d1-41d772306d9c</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>aad91df7-8e80-3598-a3eb-9b000045b843</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> + <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>10 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>File Size</name> + <value>0B</value> + </property> + <property> + <name>Batch Size</name> + <value>1</value> + </property> + <property> + <name>Data Format</name> + <value>Text</value> + </property> + <property> + <name>Unique FlowFiles</name> + <value>false</value> + </property> + <property> + <name>generate-ff-custom-text</name> + <value>[{"timestamp":"${now():format('yyyy-MM-dd HH:mm:ss.SSS'):replaceFirst(' ','T')}","TLP":"AMBER","destination":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":443},"event_type":"tls","flow_id":852792667052212,"in_iface":"if1","proto":"TCP","source":{"ip":"10.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}.${random():mod(254):plus(1)}","port":53466},"tls":{"ja3":{"hash":"e5b607b5862a46cab44d7bacd582b3cd","string":"771,4867-4865-4866-52393-52392-49195-49199-49196-49200-49171-49172-156-157-47-53-10,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-21,29-23-24,0"},"sni":"clients3.google.com","sni_domain":"google.com","version":"TLS 1.3"}}]</value> + </property> + <property> + <name>character-set</name> + <value>UTF-8</value> + </property> + <property> + <name>mime.type</name> + <value>application/json</value> + </property> + <property> + <name>enrich_domain1</name> + <value>/tls/sni_domain</value> + </property> + <property> + <name>enrich_fqdn1</name> + <value>/tls/sni</value> + </property> + <property> + <name>enrich_ip1</name> + <value>/source/ip</value> + </property> + <property> + <name>data_id</name> + <value>suricata_tls</value> + </property> + <property> + <name>data_index</name> + <value>logs-suricata-tls</value> + </property> + <property> + <name>data_type</name> + <value>suricata</value> + </property> + <property> + <name>enrich_ip2</name> + <value>/destination/ip</value> + </property> + </processor> + <outputPort> + <id>0c864b15-0175-1000-0000-00001d403b1e</id> + <name>To enrichment</name> + <position x="1192.0" y="576.0" /> + <comments /> + <scheduledState>RUNNING</scheduledState> + </outputPort> + <connection> + <id>1cb3658c-0175-1000-ffff-ffff93193081</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>f8143c19-b547-1c84-90b7-2e3c37a659e7</sourceId> + <sourceGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>0c864b15-0175-1000-0000-00001d403b1e</destinationId> + <destinationGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>0c865d01-0175-1000-0000-0000559b408d</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>bb7dc9ff-2d25-3134-9617-cca3cabe9179</sourceId> + <sourceGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>0c864b15-0175-1000-0000-00001d403b1e</destinationId> + <destinationGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <connection> + <id>0c866fa6-0175-1000-ffff-ffffe866c936</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>0c864b15-0175-1000-0000-00001d403b1e</sourceId> + <sourceGroupId>0c83ef26-0175-1000-ffff-ffffcac37910</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>d30dc946-251a-307c-8e88-f2262b0bb194</destinationId> + <destinationGroupId>b3d57504-7c06-37a3-b59b-8723f60fa728</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> <connection> - <id>dc7524de-fb6c-3e02-8c60-f821d81aff29</id> + <id>c5fe676f-baa5-3d90-956e-fe502db0ac68</id> <name /> <bendPoints /> - <labelIndex>1</labelIndex> + <labelIndex>0</labelIndex> <zIndex>0</zIndex> - <sourceId>aad91df7-8e80-3598-a3eb-9b000045b843</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>6292665b-f188-3551-b366-95476b5ac36f</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>success</relationship> + <sourceId>d30dc946-251a-307c-8e88-f2262b0bb194</sourceId> + <sourceGroupId>b3d57504-7c06-37a3-b59b-8723f60fa728</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>20b01ab3-3a8d-3573-b95d-a4a45494050f</destinationId> + <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -10960,18 +5770,18 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>39a11e18-3397-3f1a-a020-49b895ff6f81</id> + <id>214d5013-0175-1000-ffff-ffff9b7dbebb</id> <name /> <bendPoints /> <labelIndex>1</labelIndex> <zIndex>0</zIndex> - <sourceId>aad91df7-8e80-3598-a3eb-9b000045b843</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>FUNNEL</destinationType> - <relationship>failure</relationship> + <sourceId>1ef39440-1985-3bbb-8e03-859a1c5ee4b1</sourceId> + <sourceGroupId>84607b52-9748-3d38-b519-b0a05cddd097</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>21a9e277-2d80-359a-9c57-cb76d8962e6d</destinationId> + <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -10980,82 +5790,20 @@ <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> <connection> - <id>c8b2e58b-0170-1000-ffff-ffff997c6e6c</id> + <id>27d64272-0172-1000-0000-000079e1c9c6</id> <name /> <bendPoints> - <bendPoint x="108.66736791924166" y="38.38653496447381" /> - <bendPoint x="136.0" y="88.0" /> + <bendPoint x="88.0" y="864.0" /> </bendPoints> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>c8b26516-0170-1000-ffff-fffffa357a77</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c8b26516-0170-1000-ffff-fffffa357a77</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>Retry</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>c8b29bee-0170-1000-ffff-fffff516df5d</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>c8b26516-0170-1000-ffff-fffffa357a77</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>b99eab15-7e38-33fa-87d1-41d772306d9c</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>Response</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>c8b2cb01-0170-1000-0000-000005baadda</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> - <zIndex>0</zIndex> - <sourceId>c8b26516-0170-1000-ffff-fffffa357a77</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>FUNNEL</destinationType> - <relationship>No Retry</relationship> - <relationship>Failure</relationship> - <maxWorkQueueSize>10000</maxWorkQueueSize> - <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> - <flowFileExpiration>0 sec</flowFileExpiration> - <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> - <partitioningAttribute /> - <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> - </connection> - <connection> - <id>c8b5c90e-0170-1000-ffff-ffff9864e7e4</id> - <name /> - <bendPoints /> - <labelIndex>1</labelIndex> + <labelIndex>0</labelIndex> <zIndex>0</zIndex> - <sourceId>c8b20333-0170-1000-0000-000010760524</sourceId> - <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> - <sourceType>PROCESSOR</sourceType> - <destinationId>c8b26516-0170-1000-ffff-fffffa357a77</destinationId> - <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> - <destinationType>PROCESSOR</destinationType> - <relationship>maxmind_key</relationship> + <sourceId>27d5761b-0172-1000-0000-000059275dad</sourceId> + <sourceGroupId>27d51d04-0172-1000-0000-00004573c6ec</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>20b01ab3-3a8d-3573-b95d-a4a45494050f</destinationId> + <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship /> <maxWorkQueueSize>10000</maxWorkQueueSize> <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> <flowFileExpiration>0 sec</flowFileExpiration> @@ -11063,436 +5811,2776 @@ <partitioningAttribute /> <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> </connection> - </processGroup> - </processGroup> - <controllerService> - <id>349b34c7-a821-1197-ffff-ffff85d82877</id> - <name>Contry code to region</name> - <comment /> - <class>org.apache.nifi.lookup.SimpleCsvFileLookupService</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-lookup-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>csv-file</name> - <value>/opt/nifi/nifi-current/conf/enrich/CountriesWithRegionalCodes.csv</value> - </property> - <property> - <name>CSV Format</name> - <value>default</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>lookup-key-column</name> - <value>alpha-2</value> - </property> - <property> - <name>ignore-duplicates</name> - <value>true</value> - </property> - <property> - <name>Value Separator</name> - <value>,</value> - </property> - <property> - <name>Quote Character</name> - <value>"</value> - </property> - <property> - <name>Quote Mode</name> - <value>MINIMAL</value> - </property> - <property> - <name>Comment Marker</name> - </property> - <property> - <name>Escape Character</name> - <value>\</value> - </property> - <property> - <name>Trim Fields</name> - <value>true</value> - </property> - <property> - <name>lookup-value-column</name> - <value>region</value> - </property> - </controllerService> - <controllerService> - <id>8972e39a-0176-1000-ffff-ffffb8dd96f4</id> - <name>Common CA</name> - <comment /> - <class>org.apache.nifi.ssl.StandardSSLContextService</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-ssl-context-service-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>Keystore Filename</name> - </property> - <property> - <name>Keystore Password</name> - </property> - <property> - <name>key-password</name> - </property> - <property> - <name>Keystore Type</name> - </property> - <property> - <name>Truststore Filename</name> - <value>/opt/nifi/nifi-current/conf/common-cacerts.jks</value> - </property> - <property> - <name>Truststore Password</name> - <value>enc{2650a175fb2f75e2dcd038b4b506ac6368b7e025f6cb80fa6a82b187b0755443}</value> - </property> - <property> - <name>Truststore Type</name> - <value>JKS</value> - </property> - <property> - <name>SSL Protocol</name> - <value>TLS</value> - </property> - </controllerService> - <controllerService> - <id>bbd4d3a2-0175-1000-0000-00000b0fb8bd</id> - <name>Tor node CSV</name> - <comment /> - <class>org.apache.nifi.lookup.SimpleCsvFileLookupService</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-lookup-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>csv-file</name> - <value>/opt/nifi/nifi-current/conf/enrich/tornodes.csv</value> - </property> - <property> - <name>CSV Format</name> - <value>default</value> - </property> - <property> - <name>Character Set</name> - <value>UTF-8</value> - </property> - <property> - <name>lookup-key-column</name> - <value>ip_addr</value> - </property> - <property> - <name>ignore-duplicates</name> - <value>true</value> - </property> - <property> - <name>Value Separator</name> - <value>,</value> - </property> - <property> - <name>Quote Character</name> - <value>"</value> - </property> - <property> - <name>Quote Mode</name> - <value>MINIMAL</value> - </property> - <property> - <name>Comment Marker</name> - </property> - <property> - <name>Escape Character</name> - <value>\</value> - </property> - <property> - <name>Trim Fields</name> - <value>true</value> - </property> - <property> - <name>lookup-value-column</name> - <value>ip_addr</value> - </property> - </controllerService> - <controllerService> - <id>14453a95-7646-1485-0000-00002c675762</id> - <name>Mysql audit log</name> - <comment /> - <class>org.apache.nifi.csv.CSVReader</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>schema-access-strategy</name> - <value>infer-schema</value> - </property> - <property> - <name>schema-registry</name> - </property> - <property> - <name>schema-name</name> - <value>${schema.name}</value> - </property> - <property> - <name>schema-version</name> - </property> - <property> - <name>schema-branch</name> - </property> - <property> - <name>schema-text</name> - <value>${avro.schema}</value> - </property> - <property> - <name>csv-reader-csv-parser</name> - <value>commons-csv</value> - </property> - <property> - <name>Date Format</name> - </property> - <property> - <name>Time Format</name> - </property> - <property> - <name>Timestamp Format</name> - </property> - <property> - <name>CSV Format</name> - <value>custom</value> - </property> - <property> - <name>Value Separator</name> - <value>,</value> - </property> - <property> - <name>Record Separator</name> - <value>\n</value> - </property> - <property> - <name>Skip Header Line</name> - <value>true</value> - </property> - <property> - <name>ignore-csv-header</name> - <value>false</value> - </property> - <property> - <name>Quote Character</name> - <value>"</value> - </property> - <property> - <name>Escape Character</name> - <value>\</value> - </property> - <property> - <name>Comment Marker</name> - </property> - <property> - <name>Null String</name> - </property> - <property> - <name>Trim Fields</name> - <value>true</value> - </property> - <property> - <name>csvutils-character-set</name> - <value>UTF-8</value> - </property> - </controllerService> - <controllerService> - <id>7504a565-0176-1000-ffff-ffff9c0f0741</id> - <name>Zookeeper logs</name> - <comment /> - <class>org.apache.nifi.grok.GrokReader</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>schema-access-strategy</name> - <value>string-fields-from-grok-expression</value> - </property> - <property> - <name>schema-registry</name> - </property> - <property> - <name>schema-name</name> - <value>${schema.name}</value> - </property> - <property> - <name>schema-version</name> - </property> - <property> - <name>schema-branch</name> - </property> - <property> - <name>schema-text</name> - <value>${avro.schema}</value> - </property> - <property> - <name>Grok Pattern File</name> - </property> - <property> - <name>Grok Expression</name> - <value>%{GREEDYDATA:timestamp} \[%{DATA:id}\] - %{DATA:level} \[%{DATA:process}\] - %{GREEDYDATA:message}</value> - </property> - <property> - <name>no-match-behavior</name> - <value>append-to-previous-message</value> - </property> - </controllerService> - <controllerService> - <id>8b1dd8bb-0170-1000-0000-000007446e6a</id> - <name>Misp DistributedMapCacheServer</name> - <comment /> - <class>org.apache.nifi.distributed.cache.server.map.DistributedMapCacheServer</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-distributed-cache-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>Port</name> - <value>4557</value> - </property> - <property> - <name>Maximum Cache Entries</name> - <value>10000</value> - </property> - <property> - <name>Eviction Strategy</name> - <value>Least Frequently Used</value> - </property> - <property> - <name>Persistence Directory</name> - <value>/opt/nifi/nifi-current/conf/</value> - </property> - <property> - <name>SSL Context Service</name> - </property> - </controllerService> - <controllerService> - <id>56ebe0aa-0176-1000-ffff-ffffbd212f01</id> - <name>Haproxy GrokReader</name> + <connection> + <id>27d65fe7-0172-1000-ffff-ffffec2db03b</id> + <name /> + <bendPoints> + <bendPoint x="-744.0" y="856.0" /> + </bendPoints> + <labelIndex>0</labelIndex> + <zIndex>0</zIndex> + <sourceId>27d5dab2-0172-1000-ffff-ffffab5c50be</sourceId> + <sourceGroupId>27d51d04-0172-1000-0000-00004573c6ec</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>21a9e277-2d80-359a-9c57-cb76d8962e6d</destinationId> + <destinationGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</destinationGroupId> + <destinationType>OUTPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <controllerService> + <id>94600c6c-704e-3ff8-a2a4-f2f25c71dc3b</id> + <name>JsonRecordSetWriter</name> + <comment /> + <class>org.apache.nifi.json.JsonRecordSetWriter</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-record-serialization-services-nar</artifact> + <version>1.11.4</version> + </bundle> + <enabled>true</enabled> + <property> + <name>Schema Write Strategy</name> + <value>no-schema</value> + </property> + <property> + <name>schema-cache</name> + </property> + <property> + <name>schema-access-strategy</name> + <value>inherit-record-schema</value> + </property> + <property> + <name>schema-registry</name> + </property> + <property> + <name>schema-name</name> + <value>${schema.name}</value> + </property> + <property> + <name>schema-version</name> + </property> + <property> + <name>schema-branch</name> + </property> + <property> + <name>schema-text</name> + <value>${avro.schema}</value> + </property> + <property> + <name>Date Format</name> + </property> + <property> + <name>Time Format</name> + </property> + <property> + <name>Timestamp Format</name> + </property> + <property> + <name>Pretty Print JSON</name> + <value>false</value> + </property> + <property> + <name>suppress-nulls</name> + <value>suppress-missing</value> + </property> + <property> + <name>output-grouping</name> + <value>output-array</value> + </property> + <property> + <name>compression-format</name> + <value>none</value> + </property> + <property> + <name>compression-level</name> + <value>1</value> + </property> + </controllerService> + <controllerService> + <id>09b4fa02-0459-358d-939f-54fda8aea702</id> + <name>VolatileSchemaCache</name> + <comment /> + <class>org.apache.nifi.schema.inference.VolatileSchemaCache</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-record-serialization-services-nar</artifact> + <version>1.11.4</version> + </bundle> + <enabled>false</enabled> + <property> + <name>max-cache-size</name> + <value>100</value> + </property> + </controllerService> + </processGroup> + <processGroup> + <id>e9c19adc-c8a4-327e-ad24-24e71fd3474e</id> + <name>Data output</name> + <position x="829.4446253936723" y="1015.2711478364996" /> + <comment /> + <inputPort> + <id>e333b82d-7408-3747-8dd2-46473704e51b</id> + <name>Data input</name> + <position x="-688.0" y="496.0" /> + <comments /> + <scheduledState>RUNNING</scheduledState> + </inputPort> + <processGroup> + <id>7ebf304b-4978-3adc-ac31-470fb76e5029</id> + <name>Elastic odfe</name> + <position x="-759.1319580078125" y="739.6137390136719" /> + <comment /> + <processor> + <id>8b48f28f-2379-3f0f-81fe-4e1b93e72666</id> + <name>PutElasticsearchHttpRecord</name> + <position x="-856.2311706542969" y="629.8186340332031" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.elasticsearch.PutElasticsearchHttpRecord</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-elasticsearch-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>elasticsearch-http-url</name> + <value>${elastic_url}</value> + </property> + <property> + <name>SSL Context Service</name> + <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Username</name> + <value>${elastic_username}</value> + </property> + <property> + <name>Password</name> + <value>enc{aa0e200e6ad20acb3eb1e1f1c7ab08154fc11ccf55c6176c4c8b12fab9f339cba76c4cf1f567bb8aeb4802017cc50639}</value> + </property> + <property> + <name>elasticsearch-http-connect-timeout</name> + <value>5 secs</value> + </property> + <property> + <name>elasticsearch-http-response-timeout</name> + <value>15 secs</value> + </property> + <property> + <name>proxy-configuration-service</name> + </property> + <property> + <name>elasticsearch-http-proxy-host</name> + </property> + <property> + <name>elasticsearch-http-proxy-port</name> + </property> + <property> + <name>proxy-username</name> + </property> + <property> + <name>proxy-password</name> + </property> + <property> + <name>put-es-record-record-reader</name> + <value>179dd31f-89ed-3179-adb2-85a9c61869ce</value> + </property> + <property> + <name>put-es-record-record-writer</name> + </property> + <property> + <name>put-es-record-log-all-errors</name> + <value>false</value> + </property> + <property> + <name>put-es-record-id-path</name> + </property> + <property> + <name>put-es-record-index</name> + <value>${data_index}-${now():format("yyyy-MM-dd")}</value> + </property> + <property> + <name>put-es-record-type</name> + <value>_doc</value> + </property> + <property> + <name>put-es-record-index-op</name> + <value>index</value> + </property> + <property> + <name>suppress-nulls</name> + <value>always-suppress</value> + </property> + <property> + <name>Date Format</name> + </property> + <property> + <name>Time Format</name> + </property> + <property> + <name>Timestamp Format</name> + </property> + <autoTerminatedRelationship>success</autoTerminatedRelationship> + </processor> + <inputPort> + <id>e7d34e01-babe-3022-ad9b-a7620e7c0f38</id> + <name>Data input</name> + <position x="-803.9990234375" y="484.5271301269531" /> + <comments /> + <scheduledState>RUNNING</scheduledState> + </inputPort> + <funnel> + <id>a8cf8491-c2a7-3986-b803-58aff43326de</id> + <position x="-709.0761208187066" y="911.6861746431973" /> + </funnel> + <connection> + <id>3280c550-2117-37a6-8b5e-3bc1953fa17e</id> + <name /> + <bendPoints> + <bendPoint x="-393.2311706542969" y="669.8186340332031" /> + <bendPoint x="-393.2311706542969" y="719.8186340332031" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</sourceId> + <sourceGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</destinationId> + <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>retry</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>02a9e341-0590-34a8-9f0c-9d6992869e59</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</sourceId> + <sourceGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>a8cf8491-c2a7-3986-b803-58aff43326de</destinationId> + <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>1 min</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>5de8f98f-ce46-3565-b0ce-7f8ecf518c53</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e7d34e01-babe-3022-ad9b-a7620e7c0f38</sourceId> + <sourceGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</sourceGroupId> + <sourceType>INPUT_PORT</sourceType> + <destinationId>8b48f28f-2379-3f0f-81fe-4e1b93e72666</destinationId> + <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>10 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <processGroup> + <id>2bb2f914-0172-1000-0000-0000240c76e4</id> + <name>Custom output</name> + <position x="-328.0" y="744.0" /> + <comment /> + <inputPort> + <id>2bb31aa5-0172-1000-0000-00000869fb70</id> + <name>Input</name> + <position x="-648.0" y="496.0" /> + <comments /> + <scheduledState>STOPPED</scheduledState> + </inputPort> + </processGroup> + <connection> + <id>34772170-2400-3eb6-b9c5-c03b912a38f3</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e333b82d-7408-3747-8dd2-46473704e51b</sourceId> + <sourceGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</sourceGroupId> + <sourceType>INPUT_PORT</sourceType> + <destinationId>e7d34e01-babe-3022-ad9b-a7620e7c0f38</destinationId> + <destinationGroupId>7ebf304b-4978-3adc-ac31-470fb76e5029</destinationGroupId> + <destinationType>INPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <connection> + <id>875a975e-46e1-36fa-a035-4799201abd63</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>20b01ab3-3a8d-3573-b95d-a4a45494050f</sourceId> + <sourceGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>74abf119-faa6-3e9e-bb31-da2e79f89a38</destinationId> + <destinationGroupId>fcbcacd1-542d-3a15-a5aa-9c1302328954</destinationGroupId> + <destinationType>INPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>bbc37560-0171-1000-0000-000055178fff</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c164884d-277f-31af-ac3c-18b211667bbf</sourceId> + <sourceGroupId>fcbcacd1-542d-3a15-a5aa-9c1302328954</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>e333b82d-7408-3747-8dd2-46473704e51b</destinationId> + <destinationGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</destinationGroupId> + <destinationType>INPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>9cdaaee8-0e39-3dbd-a7cc-06a89056bb7c</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>21a9e277-2d80-359a-9c57-cb76d8962e6d</sourceId> + <sourceGroupId>870d6d68-7a0a-3505-8c42-0d6064fe43f6</sourceGroupId> + <sourceType>OUTPUT_PORT</sourceType> + <destinationId>e333b82d-7408-3747-8dd2-46473704e51b</destinationId> + <destinationGroupId>e9c19adc-c8a4-327e-ad24-24e71fd3474e</destinationGroupId> + <destinationType>INPUT_PORT</destinationType> + <relationship /> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <controllerService> + <id>b7794eb3-9227-36dd-8751-e87d1c2321ee</id> + <name>Misp DistributedMapCacheClientService</name> + <comment /> + <class>org.apache.nifi.distributed.cache.client.DistributedMapCacheClientService</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-distributed-cache-services-nar</artifact> + <version>1.11.4</version> + </bundle> + <enabled>false</enabled> + <property> + <name>Server Hostname</name> + <value>localhost</value> + </property> + <property> + <name>Server Port</name> + <value>6000</value> + </property> + <property> + <name>SSL Context Service</name> + </property> + <property> + <name>Communications Timeout</name> + <value>30 secs</value> + </property> + </controllerService> + </processGroup> + <processGroup> + <id>72eb009e-0c2f-302d-bc6c-2d02c29c25a9</id> + <name>Enrichment data</name> + <position x="1720.0" y="248.0" /> <comment /> - <class>org.apache.nifi.grok.GrokReader</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>schema-access-strategy</name> - <value>string-fields-from-grok-expression</value> - </property> - <property> - <name>schema-registry</name> - </property> - <property> - <name>schema-name</name> - <value>${schema.name}</value> - </property> - <property> - <name>schema-version</name> - </property> - <property> - <name>schema-branch</name> - </property> - <property> - <name>schema-text</name> - <value>${avro.schema}</value> - </property> - <property> - <name>Grok Pattern File</name> - <value>/opt/nifi/nifi-current/conf/enrich/haproxy.groklib</value> - </property> - <property> - <name>Grok Expression</name> - <value>%{PROG:process.name}(?:\[%{POSINT:process.pid}\])?: %{HAPROXYHTTPBASE}</value> - </property> - <property> - <name>no-match-behavior</name> - <value>append-to-previous-message</value> - </property> - </controllerService> + <processGroup> + <id>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</id> + <name>Top domains</name> + <position x="970.3727876614566" y="673.4981494769316" /> + <comment>Downloads CSV files containing top domains from Alexa and Umbrella</comment> + <processor> + <id>857cd537-4aeb-31fb-9740-0513e6cc46fe</id> + <name>Unzip CSV files</name> + <position x="-297.30227379373514" y="212.70767899178307" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.UnpackContent</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Packaging Format</name> + <value>zip</value> + </property> + <property> + <name>File Filter</name> + <value>.*</value> + </property> + <autoTerminatedRelationship>original</autoTerminatedRelationship> + </processor> + <processor> + <id>937de5fc-7d4a-35af-a071-46f04d6ea4fa</id> + <name>Save to disk</name> + <position x="326.18698401876486" y="392.4228279175642" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.PutFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Directory</name> + <value>/opt/nifi/nifi-current/conf/</value> + </property> + <property> + <name>Conflict Resolution Strategy</name> + <value>replace</value> + </property> + <property> + <name>Create Missing Directories</name> + <value>true</value> + </property> + <property> + <name>Maximum File Count</name> + </property> + <property> + <name>Last Modified Time</name> + </property> + <property> + <name>Permissions</name> + </property> + <property> + <name>Owner</name> + </property> + <property> + <name>Group</name> + </property> + <autoTerminatedRelationship>success</autoTerminatedRelationship> + </processor> + <processor> + <id>3c4d65a9-aa39-380f-b16b-2aea028a019b</id> + <name>Download Alexa CSV file</name> + <position x="197.54468055196799" y="-60.57735518790443" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.GetHTTP</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>1 day</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>URL</name> + <value>http://s3.amazonaws.com/alexa-static/top-1m.csv.zip</value> + </property> + <property> + <name>Filename</name> + <value>alexa-top-1m.csv.zip</value> + </property> + <property> + <name>SSL Context Service</name> + </property> + <property> + <name>Username</name> + </property> + <property> + <name>Password</name> + </property> + <property> + <name>Connection Timeout</name> + <value>30 sec</value> + </property> + <property> + <name>Data Timeout</name> + <value>10 min</value> + </property> + <property> + <name>User Agent</name> + </property> + <property> + <name>Accept Content-Type</name> + </property> + <property> + <name>Follow Redirects</name> + <value>false</value> + </property> + <property> + <name>redirect-cookie-policy</name> + <value>default</value> + </property> + <property> + <name>proxy-configuration-service</name> + </property> + <property> + <name>Proxy Host</name> + </property> + <property> + <name>Proxy Port</name> + </property> + <property> + <name>filename</name> + <value>alexa-top-1m.csv</value> + </property> + </processor> + <processor> + <id>9d3d9047-fb85-3ae6-a815-0e19cc860c60</id> + <name>Download Umbrella CSV file</name> + <position x="-297.30227379373514" y="-61.444390100013806" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.GetHTTP</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>1 day</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>URL</name> + <value>http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip</value> + </property> + <property> + <name>Filename</name> + <value>umbrella-top-1m.csv.zip</value> + </property> + <property> + <name>SSL Context Service</name> + </property> + <property> + <name>Username</name> + </property> + <property> + <name>Password</name> + </property> + <property> + <name>Connection Timeout</name> + <value>30 sec</value> + </property> + <property> + <name>Data Timeout</name> + <value>10 min</value> + </property> + <property> + <name>User Agent</name> + </property> + <property> + <name>Accept Content-Type</name> + </property> + <property> + <name>Follow Redirects</name> + <value>false</value> + </property> + <property> + <name>redirect-cookie-policy</name> + <value>default</value> + </property> + <property> + <name>proxy-configuration-service</name> + </property> + <property> + <name>Proxy Host</name> + </property> + <property> + <name>Proxy Port</name> + </property> + <property> + <name>filename</name> + <value>umbrella-top-1m.csv</value> + </property> + </processor> + <processor> + <id>9009320d-fb62-357e-ad94-bef8e95ea142</id> + <name>Set filename</name> + <position x="-294.78310875467264" y="388.04684866613775" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Delete Attributes Expression</name> + </property> + <property> + <name>Store State</name> + <value>Do not store state</value> + </property> + <property> + <name>Stateful Variables Initial Value</name> + </property> + <property> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> + </property> + <property> + <name>filename</name> + <value>${segment.original.filename}</value> + </property> + </processor> + <processor> + <id>86fdf574-d86b-3f35-9aa0-3ada1867aff8</id> + <name>Add headers</name> + <position x="325.04416175313986" y="201.70740433357992" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> + </property> + <property> + <name>Replacement Value</name> + <value>index,domain +</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Prepend</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> + </property> + </processor> + <connection> + <id>652026e5-0acd-3009-b45a-f68f3e37bef9</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>9d3d9047-fb85-3ae6-a815-0e19cc860c60</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>857cd537-4aeb-31fb-9740-0513e6cc46fe</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>b400d4e7-7106-3ea3-8b1a-0b9d2a8795b2</id> + <name /> + <bendPoints> + <bendPoint x="787.0441617531399" y="276.7074043335799" /> + <bendPoint x="788.0441617531399" y="291.7074043335799" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>86fdf574-d86b-3f35-9aa0-3ada1867aff8</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>86fdf574-d86b-3f35-9aa0-3ada1867aff8</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>5d7b82fa-10f8-3a32-9ffa-ebce53eb6070</id> + <name /> + <bendPoints> + <bendPoint x="-414.74468712381326" y="221.65236588143148" /> + <bendPoint x="-451.48125938943826" y="275.1232673706893" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>857cd537-4aeb-31fb-9740-0513e6cc46fe</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>857cd537-4aeb-31fb-9740-0513e6cc46fe</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>bfe27587-bb06-388c-a59a-8aad9830cda1</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>3c4d65a9-aa39-380f-b16b-2aea028a019b</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>857cd537-4aeb-31fb-9740-0513e6cc46fe</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>7af7ff86-6b85-3fd1-bbc4-efa4e04593d9</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>857cd537-4aeb-31fb-9740-0513e6cc46fe</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>86fdf574-d86b-3f35-9aa0-3ada1867aff8</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>e2d60b76-d9bf-380f-9cfd-eeda1422ad73</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>86fdf574-d86b-3f35-9aa0-3ada1867aff8</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>9009320d-fb62-357e-ad94-bef8e95ea142</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>58b9bce4-6f7a-369c-a93f-dc23e252c670</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>9009320d-fb62-357e-ad94-bef8e95ea142</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>937de5fc-7d4a-35af-a071-46f04d6ea4fa</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>dea956ed-2b3b-39de-8cd8-a4d1f7a88aa2</id> + <name /> + <bendPoints> + <bendPoint x="790.1869840187649" y="473.4228279175642" /> + <bendPoint x="789.1869840187649" y="482.42282791756406" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>937de5fc-7d4a-35af-a071-46f04d6ea4fa</sourceId> + <sourceGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>937de5fc-7d4a-35af-a071-46f04d6ea4fa</destinationId> + <destinationGroupId>a97a2cb2-e5b2-3c82-a365-ebe5139e2be6</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <processGroup> + <id>b997e46b-7905-33e8-8bbc-f4d51b0cc735</id> + <name>Tor Nodes</name> + <position x="968.7335178760902" y="456.9915202898361" /> + <comment>Downloads a CSV file of IP addresses used as Tor nodes</comment> + <processor> + <id>ad366a87-89d6-38ff-affe-a1f3575faa8a</id> + <name>Save to disk</name> + <position x="-328.58331298828125" y="-153.10000610351562" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.PutFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Directory</name> + <value>/opt/nifi/nifi-current/conf/</value> + </property> + <property> + <name>Conflict Resolution Strategy</name> + <value>replace</value> + </property> + <property> + <name>Create Missing Directories</name> + <value>true</value> + </property> + <property> + <name>Maximum File Count</name> + </property> + <property> + <name>Last Modified Time</name> + </property> + <property> + <name>Permissions</name> + </property> + <property> + <name>Owner</name> + </property> + <property> + <name>Group</name> + </property> + <autoTerminatedRelationship>success</autoTerminatedRelationship> + </processor> + <processor> + <id>34f52e1e-164e-34e4-b5fc-e5d16f773b19</id> + <name>Get CSV file with Tor nodes</name> + <position x="-323.0833282470703" y="-647.6000061035156" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.GetHTTP</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>1 day</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>URL</name> + <value>http://check.torproject.org/torbulkexitlist</value> + </property> + <property> + <name>Filename</name> + <value>tornodes.csv</value> + </property> + <property> + <name>SSL Context Service</name> + </property> + <property> + <name>Username</name> + </property> + <property> + <name>Password</name> + </property> + <property> + <name>Connection Timeout</name> + <value>30 sec</value> + </property> + <property> + <name>Data Timeout</name> + <value>30 sec</value> + </property> + <property> + <name>User Agent</name> + </property> + <property> + <name>Accept Content-Type</name> + </property> + <property> + <name>Follow Redirects</name> + <value>false</value> + </property> + <property> + <name>redirect-cookie-policy</name> + <value>default</value> + </property> + <property> + <name>proxy-configuration-service</name> + </property> + <property> + <name>Proxy Host</name> + </property> + <property> + <name>Proxy Port</name> + </property> + </processor> + <processor> + <id>8c69ccb6-616f-3ce2-b0cd-57276cae3749</id> + <name>Add header</name> + <position x="-325.5833282470703" y="-410.1000061035156" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> + </property> + <property> + <name>Replacement Value</name> + <value>ip_addr +</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Prepend</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> + </property> + </processor> + <connection> + <id>33cb6d60-d003-3954-b9d0-f51ac40ed983</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</sourceId> + <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>ad366a87-89d6-38ff-affe-a1f3575faa8a</destinationId> + <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>cd13f619-bb19-37c2-b8fe-c962edfbf213</id> + <name /> + <bendPoints> + <bendPoint x="137.4166717529297" y="-370.1000061035156" /> + <bendPoint x="137.4166717529297" y="-320.1000061035156" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</sourceId> + <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</destinationId> + <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>3941ee86-e740-3b8f-951a-c7da71e78fbe</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>34f52e1e-164e-34e4-b5fc-e5d16f773b19</sourceId> + <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</destinationId> + <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>19de0f5c-c244-3e7d-b711-ee165b493ea2</id> + <name /> + <bendPoints> + <bendPoint x="134.41668701171875" y="-113.10000610351562" /> + <bendPoint x="134.41668701171875" y="-63.100006103515625" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>ad366a87-89d6-38ff-affe-a1f3575faa8a</sourceId> + <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>ad366a87-89d6-38ff-affe-a1f3575faa8a</destinationId> + <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>8130df3d-dc8c-32c2-975d-9c94438cac05</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>34f52e1e-164e-34e4-b5fc-e5d16f773b19</sourceId> + <sourceGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>8c69ccb6-616f-3ce2-b0cd-57276cae3749</destinationId> + <destinationGroupId>b997e46b-7905-33e8-8bbc-f4d51b0cc735</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <processGroup> + <id>194a653f-0c92-3704-8bd4-ffa079643515</id> + <name>Misp</name> + <position x="548.9658647769079" y="453.4916238226681" /> + <comment>Polls Misp database once every minute and places new IOCs in a NiFi memcache.</comment> + <processor> + <id>283bea4b-2774-3f2d-aabe-cf96989e9997</id> + <name>Set timestamp as FlowFile content</name> + <position x="506.47715414708637" y="587.6551663734834" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.ReplaceText</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Regular Expression</name> + <value>(?s)(^.*$)</value> + </property> + <property> + <name>Replacement Value</name> + <value>${timestamp}</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + <property> + <name>Maximum Buffer Size</name> + <value>1 MB</value> + </property> + <property> + <name>Replacement Strategy</name> + <value>Always Replace</value> + </property> + <property> + <name>Evaluation Mode</name> + <value>Entire text</value> + </property> + <property> + <name>Line-by-Line Evaluation Mode</name> + <value>All</value> + </property> + </processor> + <processor> + <id>e1e2caef-8178-3c91-b3ca-99f05f619064</id> + <name>Get timestamp of last successful poll</name> + <position x="-168.51082396716333" y="-293.9956980367642" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.FetchDistributedMapCache</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Cache Entry Identifier</name> + <value>${lookup_id}</value> + </property> + <property> + <name>Distributed Cache Service</name> + <value>ad4d31bf-b1fb-35e0-b634-b969b200f3a6</value> + </property> + <property> + <name>Put Cache Value In Attribute</name> + <value>last_run</value> + </property> + <property> + <name>Max Length To Put In Attribute</name> + <value>256</value> + </property> + <property> + <name>Character Set</name> + <value>UTF-8</value> + </property> + </processor> + <processor> + <id>192802be-4416-3abc-ba03-90934f2df860</id> + <name>Get events</name> + <position x="-151.66592451726592" y="335.6012170464188" /> + <styles /> + <comment>Normally the query will have a filter at the end "/last:${last}" so that only new events are pulled. This has been removed from this demo.</comment> + <class>org.apache.nifi.processors.standard.InvokeHTTP</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>HTTP Method</name> + <value>GET</value> + </property> + <property> + <name>Remote URL</name> + <value>${misp_url}/attributes/restSearch/returnFormat:json/type:ip-src||ip-dst</value> + </property> + <property> + <name>SSL Context Service</name> + <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> + </property> + <property> + <name>Connection Timeout</name> + <value>5 secs</value> + </property> + <property> + <name>Read Timeout</name> + <value>15 secs</value> + </property> + <property> + <name>Include Date Header</name> + <value>True</value> + </property> + <property> + <name>Follow Redirects</name> + <value>True</value> + </property> + <property> + <name>Attributes to Send</name> + </property> + <property> + <name>Basic Authentication Username</name> + </property> + <property> + <name>Basic Authentication Password</name> + </property> + <property> + <name>proxy-configuration-service</name> + </property> + <property> + <name>Proxy Host</name> + </property> + <property> + <name>Proxy Port</name> + </property> + <property> + <name>Proxy Type</name> + <value>http</value> + </property> + <property> + <name>invokehttp-proxy-user</name> + </property> + <property> + <name>invokehttp-proxy-password</name> + </property> + <property> + <name>Put Response Body In Attribute</name> + </property> + <property> + <name>Max Length To Put In Attribute</name> + <value>256</value> + </property> + <property> + <name>Digest Authentication</name> + <value>false</value> + </property> + <property> + <name>Always Output Response</name> + <value>false</value> + </property> + <property> + <name>Add Response Headers to Request</name> + <value>false</value> + </property> + <property> + <name>Content-Type</name> + <value>${mime.type}</value> + </property> + <property> + <name>send-message-body</name> + <value>true</value> + </property> + <property> + <name>Use Chunked Encoding</name> + <value>false</value> + </property> + <property> + <name>Penalize on "No Retry"</name> + <value>false</value> + </property> + <property> + <name>use-etag</name> + <value>false</value> + </property> + <property> + <name>etag-max-cache-size</name> + <value>10MB</value> + </property> + <property> + <name>ignore-response-content</name> + <value>false</value> + </property> + <property> + <name>Authorization</name> + <value>${misp_token}</value> + </property> + <autoTerminatedRelationship>Original</autoTerminatedRelationship> + <autoTerminatedRelationship>Retry</autoTerminatedRelationship> + </processor> + <processor> + <id>671c4e42-604f-389d-9cee-27431ca36448</id> + <name>Store timestamp</name> + <position x="504.4604101497308" y="824.0677052542044" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.PutDistributedMapCache</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Cache Entry Identifier</name> + <value>${lookup_id}</value> + </property> + <property> + <name>Distributed Cache Service</name> + <value>ad4d31bf-b1fb-35e0-b634-b969b200f3a6</value> + </property> + <property> + <name>Cache update strategy</name> + <value>replace</value> + </property> + <property> + <name>Max cache entry size</name> + <value>1 MB</value> + </property> + <autoTerminatedRelationship>success</autoTerminatedRelationship> + </processor> + <processor> + <id>c7cc4e24-7d9a-3a17-8af1-ca655f46595f</id> + <name>Update cache</name> + <position x="-775.4735301448745" y="930.3624699197178" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.PutDistributedMapCache</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Cache Entry Identifier</name> + <value>${misp_ip}</value> + </property> + <property> + <name>Distributed Cache Service</name> + <value>ad4d31bf-b1fb-35e0-b634-b969b200f3a6</value> + </property> + <property> + <name>Cache update strategy</name> + <value>replace</value> + </property> + <property> + <name>Max cache entry size</name> + <value>1 MB</value> + </property> + <autoTerminatedRelationship>success</autoTerminatedRelationship> + </processor> + <processor> + <id>81ec71a0-719a-3205-9360-6a535072f7c6</id> + <name>Set attributes to get all events for the last x days</name> + <position x="-378.1916613806792" y="-12.197472102501479" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Delete Attributes Expression</name> + </property> + <property> + <name>Store State</name> + <value>Do not store state</value> + </property> + <property> + <name>Stateful Variables Initial Value</name> + </property> + <property> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> + </property> + <property> + <name>last</name> + <value>${misp_ip_first_interval}</value> + </property> + <property> + <name>timestamp</name> + <value>${now():toNumber()}</value> + </property> + </processor> + <processor> + <id>6d78b76c-5463-3610-b8c8-4796fa09c59b</id> + <name>Periodic polling</name> + <position x="-171.36520083798905" y="-518.6967632987289" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>1 minute</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>File Size</name> + <value>0B</value> + </property> + <property> + <name>Batch Size</name> + <value>1</value> + </property> + <property> + <name>Data Format</name> + <value>Text</value> + </property> + <property> + <name>Unique FlowFiles</name> + <value>false</value> + </property> + <property> + <name>generate-ff-custom-text</name> + </property> + <property> + <name>character-set</name> + <value>UTF-8</value> + </property> + <property> + <name>lookup_id</name> + <value>ip</value> + </property> + </processor> + <processor> + <id>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</id> + <name>Extract IP address</name> + <position x="-156.69110558236184" y="543.7042207790005" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.EvaluateJsonPath</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Destination</name> + <value>flowfile-attribute</value> + </property> + <property> + <name>Return Type</name> + <value>auto-detect</value> + </property> + <property> + <name>Path Not Found Behavior</name> + <value>ignore</value> + </property> + <property> + <name>Null Value Representation</name> + <value>empty string</value> + </property> + <property> + <name>misp_ip</name> + <value>$.value</value> + </property> + </processor> + <processor> + <id>74d66e0e-0b65-36d2-96f1-4b836d2c4222</id> + <name>Set attributes to get new events since last poll</name> + <position x="81.93877074822706" y="-13.058372981407729" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.attributes.UpdateAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-update-attribute-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Delete Attributes Expression</name> + </property> + <property> + <name>Store State</name> + <value>Do not store state</value> + </property> + <property> + <name>Stateful Variables Initial Value</name> + </property> + <property> + <name>canonical-value-lookup-cache-size</name> + <value>100</value> + </property> + <property> + <name>last</name> + <value>${now():toNumber():minus(${last_run}):divide(60000):plus(1):append("m")}</value> + </property> + <property> + <name>timestamp</name> + <value>${now():toNumber()}</value> + </property> + </processor> + <processor> + <id>ba1b7e7e-a03c-3ace-9182-7f43569537e2</id> + <name>Create one FlowFile for each IP address</name> + <position x="-789.5267777615984" y="546.1428879861119" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.SplitJson</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>JsonPath Expression</name> + <value>$.response.Attribute</value> + </property> + <property> + <name>Null Value Representation</name> + <value>empty string</value> + </property> + <autoTerminatedRelationship>original</autoTerminatedRelationship> + </processor> + <processor> + <id>d850fc04-df9a-36b7-b53f-8b397a1be69a</id> + <name>Extract Misp event ID and store it to FlowFile</name> + <position x="-783.5607955237681" y="719.2550630641567" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.EvaluateJsonPath</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Destination</name> + <value>flowfile-content</value> + </property> + <property> + <name>Return Type</name> + <value>auto-detect</value> + </property> + <property> + <name>Path Not Found Behavior</name> + <value>ignore</value> + </property> + <property> + <name>Null Value Representation</name> + <value>empty string</value> + </property> + <property> + <name>event_id</name> + <value>$.event_id</value> + </property> + </processor> + <funnel> + <id>c490b6b5-0170-1000-0000-000035bc685d</id> + <position x="601.9534533822577" y="371.9240905653907" /> + </funnel> + <connection> + <id>39f7b787-0995-3721-8d50-700838b7a256</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>6d78b76c-5463-3610-b8c8-4796fa09c59b</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>e1e2caef-8178-3c91-b3ca-99f05f619064</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>adc3f55b-8d9a-33d0-a7af-0d795fa234ba</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>d850fc04-df9a-36b7-b53f-8b397a1be69a</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c7cc4e24-7d9a-3a17-8af1-ca655f46595f</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>matched</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>4a797ab8-fb0e-3c9a-b397-b3394eca1ce4</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>ba1b7e7e-a03c-3ace-9182-7f43569537e2</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>split</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>4707ebf2-4b30-3e97-8abc-6ca8a9d168fd</id> + <name>Consecutive poll</name> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e1e2caef-8178-3c91-b3ca-99f05f619064</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>74d66e0e-0b65-36d2-96f1-4b836d2c4222</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>58cc41df-404e-309b-9df6-2ea67e1fe2b7</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>283bea4b-2774-3f2d-aabe-cf96989e9997</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>671c4e42-604f-389d-9cee-27431ca36448</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>5e84f4ae-bf61-37d8-b115-0af74b89a6aa</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>d850fc04-df9a-36b7-b53f-8b397a1be69a</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>matched</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>a9d8c7a2-6b55-3684-9954-92934d5a69e8</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>74d66e0e-0b65-36d2-96f1-4b836d2c4222</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>192802be-4416-3abc-ba03-90934f2df860</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c2a99429-58ab-325b-b755-dffeb30b0fc1</id> + <name /> + <bendPoints /> + <labelIndex>0</labelIndex> + <zIndex>0</zIndex> + <sourceId>192802be-4416-3abc-ba03-90934f2df860</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c490b6b5-0170-1000-0000-000035bc685d</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>No Retry</relationship> + <relationship>Failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>a146ab21-f626-3fa5-a736-fdeec786eaf8</id> + <name /> + <bendPoints> + <bendPoint x="-312.47353014487453" y="970.3624699197178" /> + <bendPoint x="-312.47353014487453" y="1020.3624699197178" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c7cc4e24-7d9a-3a17-8af1-ca655f46595f</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c7cc4e24-7d9a-3a17-8af1-ca655f46595f</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c022992b-534a-317a-943c-86142ee1cf81</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>81ec71a0-719a-3205-9360-6a535072f7c6</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>192802be-4416-3abc-ba03-90934f2df860</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>424c08f5-1ad1-3a0a-923c-c3fd988f7d2e</id> + <name>Update timestamp</name> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>192802be-4416-3abc-ba03-90934f2df860</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>283bea4b-2774-3f2d-aabe-cf96989e9997</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>Response</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>5b9b78c7-890c-3fe0-a1b1-b2dc5bbd944b</id> + <name /> + <bendPoints> + <bendPoint x="306.30889441763816" y="583.7042207790005" /> + <bendPoint x="306.30889441763816" y="633.7042207790005" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>dbc236e3-8c68-3c6b-b1e9-d1fc8f57327d</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <relationship>unmatched</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c98425f5-d4f3-36f7-b045-834923ca235a</id> + <name /> + <bendPoints> + <bendPoint x="-911.4283280545671" y="539.9664353493931" /> + <bendPoint x="-945.2909989530046" y="613.0546921853306" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>ba1b7e7e-a03c-3ace-9182-7f43569537e2</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>ba1b7e7e-a03c-3ace-9182-7f43569537e2</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>d19c9d34-8896-39ff-9d2d-f29651b24c18</id> + <name /> + <bendPoints> + <bendPoint x="967.4604101497307" y="864.0677052542044" /> + <bendPoint x="967.4604101497307" y="914.0677052542044" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>671c4e42-604f-389d-9cee-27431ca36448</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>671c4e42-604f-389d-9cee-27431ca36448</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>70fec2c7-4dd5-3dd1-92fa-59c3027bffb4</id> + <name /> + <bendPoints> + <bendPoint x="294.48917603283667" y="-253.99569803676422" /> + <bendPoint x="294.48917603283667" y="-203.99569803676422" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e1e2caef-8178-3c91-b3ca-99f05f619064</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>e1e2caef-8178-3c91-b3ca-99f05f619064</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>d19116d2-0da0-3f86-8fd3-3285a839648e</id> + <name>First poll</name> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>e1e2caef-8178-3c91-b3ca-99f05f619064</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>81ec71a0-719a-3205-9360-6a535072f7c6</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>not-found</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>d375a69b-2139-3d9a-b6e3-48e0f69ec589</id> + <name>Update cache with new events</name> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>192802be-4416-3abc-ba03-90934f2df860</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>ba1b7e7e-a03c-3ace-9182-7f43569537e2</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>Response</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>8d3dfbef-370e-374b-a6c6-89e4cdf6216b</id> + <name /> + <bendPoints> + <bendPoint x="-320.5607955237681" y="759.2550630641567" /> + <bendPoint x="-320.5607955237681" y="809.2550630641567" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>d850fc04-df9a-36b7-b53f-8b397a1be69a</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>d850fc04-df9a-36b7-b53f-8b397a1be69a</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <relationship>unmatched</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>536817e5-12a1-3a94-82ae-7638937a07e8</id> + <name /> + <bendPoints> + <bendPoint x="969.4771541470864" y="627.6551663734834" /> + <bendPoint x="969.4771541470864" y="677.6551663734834" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>283bea4b-2774-3f2d-aabe-cf96989e9997</sourceId> + <sourceGroupId>194a653f-0c92-3704-8bd4-ffa079643515</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>283bea4b-2774-3f2d-aabe-cf96989e9997</destinationId> + <destinationGroupId>194a653f-0c92-3704-8bd4-ffa079643515</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + <processGroup> + <id>c4a200ea-5317-332a-97a4-ff76f951ecde</id> + <name>GeoIP</name> + <position x="556.427978515625" y="673.0274658203125" /> + <comment /> + <processor> + <id>6292665b-f188-3551-b366-95476b5ac36f</id> + <name>Save to disk</name> + <position x="-357.78594755036767" y="656.471512008819" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.PutFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Directory</name> + <value>/opt/nifi/nifi-current/conf/</value> + </property> + <property> + <name>Conflict Resolution Strategy</name> + <value>replace</value> + </property> + <property> + <name>Create Missing Directories</name> + <value>true</value> + </property> + <property> + <name>Maximum File Count</name> + </property> + <property> + <name>Last Modified Time</name> + </property> + <property> + <name>Permissions</name> + </property> + <property> + <name>Owner</name> + </property> + <property> + <name>Group</name> + </property> + <autoTerminatedRelationship>success</autoTerminatedRelationship> + </processor> + <processor> + <id>c8b26516-0170-1000-ffff-fffffa357a77</id> + <name>InvokeHTTP</name> + <position x="-354.33263208075834" y="-1.6134650355261897" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.InvokeHTTP</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>HTTP Method</name> + <value>GET</value> + </property> + <property> + <name>Remote URL</name> + <value>https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${maxmind_key}&suffix=tar.gz</value> + </property> + <property> + <name>SSL Context Service</name> + <value>83443c00-b286-366a-b8e0-2f51527ab8e5</value> + </property> + <property> + <name>Connection Timeout</name> + <value>5 secs</value> + </property> + <property> + <name>Read Timeout</name> + <value>15 secs</value> + </property> + <property> + <name>Include Date Header</name> + <value>True</value> + </property> + <property> + <name>Follow Redirects</name> + <value>True</value> + </property> + <property> + <name>Attributes to Send</name> + </property> + <property> + <name>Basic Authentication Username</name> + </property> + <property> + <name>Basic Authentication Password</name> + </property> + <property> + <name>proxy-configuration-service</name> + </property> + <property> + <name>Proxy Host</name> + </property> + <property> + <name>Proxy Port</name> + </property> + <property> + <name>Proxy Type</name> + <value>http</value> + </property> + <property> + <name>invokehttp-proxy-user</name> + </property> + <property> + <name>invokehttp-proxy-password</name> + </property> + <property> + <name>Put Response Body In Attribute</name> + </property> + <property> + <name>Max Length To Put In Attribute</name> + <value>256</value> + </property> + <property> + <name>Digest Authentication</name> + <value>false</value> + </property> + <property> + <name>Always Output Response</name> + <value>false</value> + </property> + <property> + <name>Add Response Headers to Request</name> + <value>false</value> + </property> + <property> + <name>Content-Type</name> + <value>${mime.type}</value> + </property> + <property> + <name>send-message-body</name> + <value>true</value> + </property> + <property> + <name>Use Chunked Encoding</name> + <value>false</value> + </property> + <property> + <name>Penalize on "No Retry"</name> + <value>false</value> + </property> + <property> + <name>use-etag</name> + <value>false</value> + </property> + <property> + <name>etag-max-cache-size</name> + <value>10MB</value> + </property> + <property> + <name>ignore-response-content</name> + <value>false</value> + </property> + <autoTerminatedRelationship>Original</autoTerminatedRelationship> + </processor> + <processor> + <id>b99eab15-7e38-33fa-87d1-41d772306d9c</id> + <name>Uncompress</name> + <position x="-359.13545011384423" y="239.87525101326742" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.CompressContent</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Mode</name> + <value>decompress</value> + </property> + <property> + <name>Compression Format</name> + <value>use mime.type attribute</value> + </property> + <property> + <name>Compression Level</name> + <value>1</value> + </property> + <property> + <name>Update Filename</name> + <value>false</value> + </property> + </processor> + <processor> + <id>c8b20333-0170-1000-0000-000010760524</id> + <name>RouteOnAttribute</name> + <position x="-353.2358571852152" y="-223.16639543708658" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.RouteOnAttribute</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Routing Strategy</name> + <value>Route to Property name</value> + </property> + <property> + <name>maxmind_key</name> + <value>${maxmind_key:length():gt(1)}</value> + </property> + <autoTerminatedRelationship>unmatched</autoTerminatedRelationship> + </processor> + <processor> + <id>aad91df7-8e80-3598-a3eb-9b000045b843</id> + <name>UnpackContent</name> + <position x="-358.13545011384423" y="448.82544805040084" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.UnpackContent</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>0 sec</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>RUNNING</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>Packaging Format</name> + <value>tar</value> + </property> + <property> + <name>File Filter</name> + <value>GeoLite2-City.mmdb</value> + </property> + <autoTerminatedRelationship>original</autoTerminatedRelationship> + </processor> + <processor> + <id>c8b1bafd-0170-1000-0000-0000753f5f5b</id> + <name>GenerateFlowFile</name> + <position x="-366.3974570271698" y="-455.687252544095" /> + <styles /> + <comment /> + <class>org.apache.nifi.processors.standard.GenerateFlowFile</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-standard-nar</artifact> + <version>1.11.4</version> + </bundle> + <maxConcurrentTasks>1</maxConcurrentTasks> + <schedulingPeriod>1 week</schedulingPeriod> + <penalizationPeriod>30 sec</penalizationPeriod> + <yieldPeriod>1 sec</yieldPeriod> + <bulletinLevel>WARN</bulletinLevel> + <lossTolerant>false</lossTolerant> + <scheduledState>STOPPED</scheduledState> + <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> + <executionNode>ALL</executionNode> + <runDurationNanos>0</runDurationNanos> + <property> + <name>File Size</name> + <value>0B</value> + </property> + <property> + <name>Batch Size</name> + <value>1</value> + </property> + <property> + <name>Data Format</name> + <value>Text</value> + </property> + <property> + <name>Unique FlowFiles</name> + <value>false</value> + </property> + <property> + <name>generate-ff-custom-text</name> + </property> + <property> + <name>character-set</name> + <value>UTF-8</value> + </property> + </processor> + <funnel> + <id>c2cac6f3-c926-3038-b685-68f71f76fda3</id> + <position x="457.8712158203125" y="380.06201171875" /> + </funnel> + <connection> + <id>c8b21bba-0170-1000-0000-0000281b44ba</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c8b1bafd-0170-1000-0000-0000753f5f5b</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c8b20333-0170-1000-0000-000010760524</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>1d0b1e6f-7b01-34c5-82f8-c95918e700ae</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>b99eab15-7e38-33fa-87d1-41d772306d9c</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>e8e86b3f-6936-3080-8eb6-036d532cb483</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>6292665b-f188-3551-b366-95476b5ac36f</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>e2f43878-959f-379c-b898-6d7c3a72af44</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>b99eab15-7e38-33fa-87d1-41d772306d9c</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>aad91df7-8e80-3598-a3eb-9b000045b843</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>dc7524de-fb6c-3e02-8c60-f821d81aff29</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>aad91df7-8e80-3598-a3eb-9b000045b843</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>6292665b-f188-3551-b366-95476b5ac36f</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>success</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>39a11e18-3397-3f1a-a020-49b895ff6f81</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>aad91df7-8e80-3598-a3eb-9b000045b843</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c8b2e58b-0170-1000-ffff-ffff997c6e6c</id> + <name /> + <bendPoints> + <bendPoint x="108.66736791924166" y="38.38653496447381" /> + <bendPoint x="108.66736791924166" y="88.38653496447381" /> + </bendPoints> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c8b26516-0170-1000-ffff-fffffa357a77</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c8b26516-0170-1000-ffff-fffffa357a77</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>Retry</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c8b29bee-0170-1000-ffff-fffff516df5d</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c8b26516-0170-1000-ffff-fffffa357a77</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>b99eab15-7e38-33fa-87d1-41d772306d9c</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>Response</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c8b2cb01-0170-1000-0000-000005baadda</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c8b26516-0170-1000-ffff-fffffa357a77</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c2cac6f3-c926-3038-b685-68f71f76fda3</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>FUNNEL</destinationType> + <relationship>No Retry</relationship> + <relationship>Failure</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + <connection> + <id>c8b5c90e-0170-1000-ffff-ffff9864e7e4</id> + <name /> + <bendPoints /> + <labelIndex>1</labelIndex> + <zIndex>0</zIndex> + <sourceId>c8b20333-0170-1000-0000-000010760524</sourceId> + <sourceGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</sourceGroupId> + <sourceType>PROCESSOR</sourceType> + <destinationId>c8b26516-0170-1000-ffff-fffffa357a77</destinationId> + <destinationGroupId>c4a200ea-5317-332a-97a4-ff76f951ecde</destinationGroupId> + <destinationType>PROCESSOR</destinationType> + <relationship>maxmind_key</relationship> + <maxWorkQueueSize>10000</maxWorkQueueSize> + <maxWorkQueueDataSize>1 GB</maxWorkQueueDataSize> + <flowFileExpiration>0 sec</flowFileExpiration> + <loadBalanceStrategy>DO_NOT_LOAD_BALANCE</loadBalanceStrategy> + <partitioningAttribute /> + <loadBalanceCompression>DO_NOT_COMPRESS</loadBalanceCompression> + </connection> + </processGroup> + </processGroup> <controllerService> - <id>bc97858d-0175-1000-0000-0000130a84f8</id> - <name>Nifi logs GrokReader</name> + <id>bf81debc-0171-1000-0000-00002936ae5a</id> + <name>Tor node CSV</name> <comment /> - <class>org.apache.nifi.grok.GrokReader</class> + <class>org.apache.nifi.lookup.CSVRecordLookupService</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-lookup-services-nar</artifact> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> - <name>schema-access-strategy</name> - <value>string-fields-from-grok-expression</value> - </property> - <property> - <name>schema-registry</name> - </property> - <property> - <name>schema-name</name> - <value>${schema.name}</value> - </property> - <property> - <name>schema-version</name> - </property> - <property> - <name>schema-branch</name> - </property> - <property> - <name>schema-text</name> - <value>${avro.schema}</value> - </property> - <property> - <name>Grok Pattern File</name> + <name>csv-file</name> + <value>/opt/nifi/nifi-current/conf/enrich/tornodes.csv</value> </property> <property> - <name>Grok Expression</name> - <value>%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \[%{DATA:thread}\] %{DATA:class} %{GREEDYDATA:message}</value> + <name>csv-format</name> + <value>Default</value> </property> <property> - <name>no-match-behavior</name> - <value>append-to-previous-message</value> + <name>Character Set</name> + <value>UTF-8</value> </property> - </controllerService> - <controllerService> - <id>bc8e5957-0175-1000-0000-00003346421d</id> - <name>Extract message field</name> - <comment /> - <class>org.apache.nifi.text.FreeFormTextRecordSetWriter</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> <property> - <name>Text</name> - <value>${message}</value> + <name>lookup-key-column</name> + <value>ip_addr</value> </property> <property> - <name>Character Set</name> - <value>UTF-8</value> + <name>ignore-duplicates</name> + <value>true</value> </property> </controllerService> <controllerService> @@ -11503,7 +8591,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-lookup-services-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> @@ -11523,7 +8611,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-distributed-cache-services-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> @@ -11542,46 +8630,6 @@ <value>30 secs</value> </property> </controllerService> - <controllerService> - <id>83443c00-b286-366a-b8e0-2f51527ab8e5</id> - <name>Soctools CA</name> - <comment /> - <class>org.apache.nifi.ssl.StandardRestrictedSSLContextService</class> - <bundle> - <group>org.apache.nifi</group> - <artifact>nifi-ssl-context-service-nar</artifact> - <version>1.12.1</version> - </bundle> - <enabled>true</enabled> - <property> - <name>Keystore Filename</name> - </property> - <property> - <name>Keystore Password</name> - </property> - <property> - <name>key-password</name> - </property> - <property> - <name>Keystore Type</name> - </property> - <property> - <name>Truststore Filename</name> - <value>/opt/nifi/nifi-current/conf/cacerts.jks</value> - </property> - <property> - <name>Truststore Password</name> - <value>{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}</value> - </property> - <property> - <name>Truststore Type</name> - <value>JKS</value> - </property> - <property> - <name>SSL Protocol</name> - <value>TLS</value> - </property> - </controllerService> <controllerService> <id>17b30955-5464-3709-8a32-69a459850cfa</id> <name>Inferred JsonRecordSetWriter</name> @@ -11590,7 +8638,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> @@ -11600,10 +8648,6 @@ <property> <name>schema-cache</name> </property> - <property> - <name>schema-protocol-version</name> - <value>1</value> - </property> <property> <name>schema-access-strategy</name> <value>inherit-record-schema</value> @@ -11656,47 +8700,74 @@ </property> </controllerService> <controllerService> - <id>70ea12d7-0176-1000-ffff-ffffee2ee306</id> - <name>Mysql log GrokReader</name> + <id>8b1dd8bb-0170-1000-0000-000007446e6a</id> + <name>Misp DistributedMapCacheServer</name> <comment /> - <class>org.apache.nifi.grok.GrokReader</class> + <class>org.apache.nifi.distributed.cache.server.map.DistributedMapCacheServer</class> <bundle> <group>org.apache.nifi</group> - <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> + <artifact>nifi-distributed-cache-services-nar</artifact> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> - <name>schema-access-strategy</name> - <value>string-fields-from-grok-expression</value> + <name>Port</name> + <value>4557</value> </property> <property> - <name>schema-registry</name> + <name>Maximum Cache Entries</name> + <value>10000</value> </property> <property> - <name>schema-name</name> - <value>${schema.name}</value> + <name>Eviction Strategy</name> + <value>Least Frequently Used</value> </property> <property> - <name>schema-version</name> + <name>Persistence Directory</name> + <value>/opt/nifi/nifi-current/conf/</value> </property> <property> - <name>schema-branch</name> + <name>SSL Context Service</name> </property> + </controllerService> + <controllerService> + <id>83443c00-b286-366a-b8e0-2f51527ab8e5</id> + <name>Common CA</name> + <comment /> + <class>org.apache.nifi.ssl.StandardRestrictedSSLContextService</class> + <bundle> + <group>org.apache.nifi</group> + <artifact>nifi-ssl-context-service-nar</artifact> + <version>1.11.4</version> + </bundle> + <enabled>true</enabled> <property> - <name>schema-text</name> - <value>${avro.schema}</value> + <name>Keystore Filename</name> + </property> + <property> + <name>Keystore Password</name> + </property> + <property> + <name>key-password</name> + </property> + <property> + <name>Keystore Type</name> + </property> + <property> + <name>Truststore Filename</name> + <value>/opt/nifi/nifi-current/conf/cacerts.jks</value> </property> <property> - <name>Grok Pattern File</name> + <name>Truststore Password</name> + <value>enc{a4ca3924cb58cb8c28fec2766ce1a66f9bec9ca13f5cb90008f3b0719d4777b2}</value> </property> <property> - <name>Grok Expression</name> - <value>%{GREEDYDATA:timestamp} %{DATA:process}: %{GREEDYDATA:message}</value> + <name>Truststore Type</name> + <value>JKS</value> </property> <property> - <name>no-match-behavior</name> - <value>append-to-previous-message</value> + <name>SSL Protocol</name> + <value>TLS</value> </property> </controllerService> <controllerService> @@ -11707,7 +8778,7 @@ <bundle> <group>org.apache.nifi</group> <artifact>nifi-record-serialization-services-nar</artifact> - <version>1.12.1</version> + <version>1.11.4</version> </bundle> <enabled>true</enabled> <property> @@ -11744,13 +8815,13 @@ <name>Timestamp Format</name> </property> </controllerService> - <variable name="misp_token" value="{{lookup('file','{{playbook_dir}}/secrets/tokens/misp')}}" /> + <variable name="misp_token" value="{{ misp_token }}" /> <variable name="maxmind_key" value="{{ maxmind_key }}" /> - <variable name="misp_first_interval" value="60d" /> + <variable name="misp_ip_first_interval" value="60d" /> <variable name="elastic_username" value="{{ elastic_username }}" /> <variable name="misp_url" value="{{ misp_url }}" /> - <variable name="elastic_url" value="https://{{ soctoolsproxy }}:9200" /> - <variable name="elastic_password" value="{{lookup('password', '{{playbook_dir}}/secrets/passwords/odfees_adminpass')}}" /> + <variable name="elastic_url" value="https://{{ dslproxy }}:9200" /> + <variable name="elastic_password" value="{{ odfees_adminpass }}" /> </rootGroup> <controllerServices /> <reportingTasks /> diff --git a/roles/nifi/templates/nifi.properties.j2 b/roles/nifi/templates/nifi.properties.j2 index c2dafaf..426e5ce 100644 --- a/roles/nifi/templates/nifi.properties.j2 +++ b/roles/nifi/templates/nifi.properties.j2 @@ -120,8 +120,8 @@ nifi.provenance.repository.buffer.size=100000 # Component Status Repository nifi.components.status.repository.implementation=org.apache.nifi.controller.status.history.VolatileComponentStatusRepository -nifi.components.status.repository.buffer.size=288 -nifi.components.status.snapshot.frequency=5 min +nifi.components.status.repository.buffer.size=1440 +nifi.components.status.snapshot.frequency=1 min # Site to Site properties nifi.remote.input.host={{ inventory_hostname }} @@ -143,7 +143,7 @@ nifi.web.jetty.working.directory=./work/jetty nifi.web.jetty.threads=200 nifi.web.max.header.size=16 KB nifi.web.proxy.context.path=/nifi -nifi.web.proxy.host={{ soctoolsproxy }}:9443 +nifi.web.proxy.host={{ dslproxy }}:9443 # security properties # nifi.sensitive.props.key= @@ -154,21 +154,21 @@ nifi.sensitive.props.additional.keys= nifi.security.keystore=./conf/{{ inventory_hostname }}.p12 nifi.security.keystoreType=pkcs12 -nifi.security.keystorePasswd={{lookup('password', '{{playbook_dir}}/secrets/passwords/keystore')}} +nifi.security.keystorePasswd={{ kspass}} #nifi.security.keyPasswd=IP7Jgn7amiAYi3LRSRk5LGg3t4zlfh0kEKcAaaoxHDo nifi.security.truststore=./conf/cacerts.jks nifi.security.truststoreType=jks -nifi.security.truststorePasswd={{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}} +nifi.security.truststorePasswd={{ tspass}} nifi.security.user.authorizer=managed-authorizer nifi.security.user.login.identity.provider= nifi.security.ocsp.responder.url= nifi.security.ocsp.responder.certificate= # OpenId Connect SSO Properties # -nifi.security.user.oidc.discovery.url=https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration -nifi.security.user.oidc.connect.timeout=10 secs -nifi.security.user.oidc.read.timeout=10 secs -nifi.security.user.oidc.client.id=soctools-nifi +nifi.security.user.oidc.discovery.url=https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration +nifi.security.user.oidc.connect.timeout=5 secs +nifi.security.user.oidc.read.timeout=5 secs +nifi.security.user.oidc.client.id=dsoclab-nifi nifi.security.user.oidc.client.secret={{nifisecret.value}} nifi.security.user.oidc.preferred.jwsalgorithm= nifi.security.user.oidc.additional.scopes={{openid_scope}} @@ -226,9 +226,9 @@ nifi.cluster.load.balance.max.thread.count=8 nifi.cluster.load.balance.comms.timeout=30 sec # zookeeper properties, used for cluster management # -nifi.zookeeper.connect.string=soctools-zookeeper:2181 -nifi.zookeeper.connect.timeout=60 secs -nifi.zookeeper.session.timeout=60 secs +nifi.zookeeper.connect.string=dsoclab-zookeeper:2181 +nifi.zookeeper.connect.timeout=3 secs +nifi.zookeeper.session.timeout=3 secs nifi.zookeeper.root.node=/nifi # Zookeeper properties for the authentication scheme used when creating acls on znodes used for cluster management diff --git a/roles/odfees/files/Arne Oslebo.p12 b/roles/odfees/files/Arne Oslebo.p12 new file mode 100644 index 0000000000000000000000000000000000000000..273c8018b7bed8f691d9e9c24f5fa9d6425a0e79 GIT binary patch literal 3325 zcmXqL;`zzM$ZXKWv!9JqtIebBJ1-+U<ANrh4J=JOYYdurRv0v~$0MZJ7BsO37&Ni_ zFflS1G_kuPWEc%(*tno3@G!C&@Ud`s@lK!gTfNSPiHU=up^05$Z{d_(t&GJt7$3D7 z$8I!c_ItQJ%%!Ef(cf$BntMCfy>FjpJMUrthy3#6H32Jc-q;#=_Lq04#;r@IWqa~v z_b(_qa_(it#~T4L)*+Pzm#fxq_sSM*O=p+Xu5f&P`qNwI{IV#^!*;n7T4xG<o*eeG z`)<5itWm)%{?^@B{n!70HTkWW`#rhxRnKGET-OBEO!s~3BKVy90o!X<6<K?>iiwAc zGCX#qIUQ_Nn{F}PCg;M*<*5uOHrWd;f49j$>~d1Crpr;2Ggp>~_59V;ycjuQQd6Jw zIrk!Fn@;h~CY!IxY%5!;bVBiU&#j4J6_%&B2#6?ISV~X+XMONJ_a?2={0l=f`!CIx z`n<rO-E-I3TG{ka-McB;^=nSpshYkQu-Ce^Y>r=G`E8&1Axv(UFa9=~KH2#5jZJIx zTPDgLUb8aykInjN4toy03-3#RVbJyd*`|_(e-3{*&H7<K+y3gtbJzC%&&XrFH=`;0 z?L5<;#wI3vMfJmWiR`@2!uyCjvml4zzxivM3eOGCB|;e{s$6rDU%P+RhH5wA1fk|O zfs0MkyxBBky#CtmQf0kwd%R32WMM#$zT3CzbM?MK(^Q^3YB3g+-=Nc|9wbzn5+pBN z^)WI=uVD2QzAb+WBwC}N8(;d=kZ^9>+Wa0zLxb(NOus4^m+^NUWDOBt&pem^pw7*e z*KQiVH(Ijs+ltxW;sSMS)B|T+Q|x9t;qgk`itl7oxPMdWscy{zw!=>>3)-G673aIK zQtg_Q-VCb)I&8;Ja2~XDaTWVsoN794f^^Egm#19s-LZL=bNy^?iKoiBlndM4tMBYw zub{f)a=Y+@bsnNVF<)0y-G5S+)YD?Evv%YAZ2q}gEp6&o=I(ZVCy{A+J>;C8@chRs zgj#kR-gvU?^x@|-3cuV96)rn37qdU>`oD!c)x%k0V!niW?8-~&h*YxuwQ`1z<*YNa zw!E=1I{9q!|EMF8d#s8+Z+j^8_p3w9pV<bVrySSsNQ>4}x7wAk=Tok66o=TV2NPFk z%sg2m#B+DuhP$76*qhs>*q!Gp*e#N|QPsazWnTXNsT`(<#06~I*2yY8vwADYCjad> zr{brrr&mZ9zy3C1>uw+Yt8C&~C3ARR6*zJ%J-owx1M{+(PE*|sbn4;{USjI@+}NHy zDeJGlhshFW`K27cu1yHyniks~9C5D3u-|jZ`vs@U>vtPSy8lkA_MW!)>63K=(=r)c zG|J`_TVI~`zb(#xPtY#*Lyscc{Lim7<7Ts+bdslGs*!v`)Pakes*Y-(_BIh)6{}a+ zUy^!wFU$5P4~q}`E?dpYQMBX9>!_5?Q6lEd=U%^a@%Gf1e}3|u{4ym$r|=sWqy-;K zaLo6(Hq%~n;eXS*+3$^&q%J6)ubr-SD0R(sgALkKC$l_o(VUfc?B5L56<1$fV3S!m zU&`@<{`<1kdj2k6F8o(hnt3~Nx?3H}Rf?opX6~85J>BKy_fL#=5tiAv4yXUk%)7or z<Bo*F(KR2MmacsAZmHAk+`Up&GM@Je0uJ+<Ot|vYWYx#M?lm&&BA+;De3VcA6Y_ES zB<<)0KDTa75ecntJhkW3uk{=y*Zu0dH{4IFJD&bG=0x6wCwFH#roH;I@6qoYk`}yQ zE`6%AYBYOyZq1$s-j1_Z;@C4~KRgp%QI^!FU~;RCGqxjd&yl?+MDlufSzg)DcB48) zVLsdY=V20Yso8p0<y1V^nC_h1a_%kXu|K@)lASM|U9msUsZ}XN=5q4|hrBh<x9eUo zo7gtV|5Rh@LUolFHS_%MPW0L7Wubm-@|3;(MPUc{j%57xpL)JIde+mpeJUrqA1^-i zV(~WZ=gx-%Jomros5<!S!M$e^`DHfK^;WmDZWGHre!6{=gulR{0{J6#vYUUg#544> zpV;PCntEy*kN;BB*gnB&+-!dyxh@X){JdJhZ^s0m_3cw$u<nhz6sq(o+Q(McSheBZ zf-=3Qc9o_vLUzLE&hAY59k=C9jGkK7<HkO7^YXS6J12&2sJR)WCSv=%c2k|^L!IN+ zjVGTP`nNxx%lhNmJlCIkTAwqg|7vZ2HuKKLc{AQ5ip~vM^yU1IS$>_`Ow*3DJ1M?h z*0<xbR!vFRy7QGGQI?<l&gW#rZZWMW`mW=%pC><CuOrF7GrII%75}NeWv8clw$A5u zx^nsUl*5~ERL|y9`*^iEDDu_rBk!BD&iHPa9@J=YShPp5ggrlh(wwS{-<kKf)yw$> z{pI?gXCGyLfPHdI`nos`@0a#JHU`waym+8y+H;S`MVI<I%DSdE?Q%6b9rNn?Ql1zI z!N*^!6ic7ZemsGfeFgIst%%ijJ!?Mco}Ir~d>NC%t{<Nzjec2d%{#lCty*e&?_;U0 zAEnDZ@?T!Mm0Eitia#fP<+aq?dQXLd70zWl<zGB>L+RSg_bM$frUdi8n0Eff@<%OS z8YXVfyfnwiIiYl75uZWg;k^8pXI*5a*}6Z^yqU7ppo!HHsUls_#A?LS#Hwe|#HwY` z#Hz-|4XakU7?~C{vAi>AVtIv9+cJY{+fPy9`>*qd6oYD8mL`@Hg$9p`N~*qoV_CFv z!T!C`OI}#)Xqq3>*nhUSSlLc6>{0thwl9gbB3I`n&f9QR#8fEod;PsPB7e5%?~=T@ z{Ni8ty&PNe^Ho|M=l2D&-n}s`>GsXDN1OY1-T1j^(VwZJ8%mjYFEgCfO+5H*kDt`O zqNHt4qB$paJa7uy5~;15wD--UiCK;xrSHu<)KOHRDmF>NdDZ3gOYH9)Z){RY(flf7 z_UivMlj(B1kE}U!{^!}Za&ud^$5?uw49o55nI9yj9r7%P_r&XrCB>6!crU4Ntk*r& z_~n*Po!*nbYm)8zSFQ||GT89S`t!4({!e>e_O{(wzQ3#CX6~+#d14ELuJ>50#w*2~ zQQhFx`07&h4d?4QvoG&Dbk&e`-}l+GcsKRD`z6Q{lW=<H{_cIVba+da?=5|Q*J*(Q z^WOehLAJl&_#I@~Qma_<!^=7O&CC#QjR*b$4!rWS>v?h`UQHKMU8U&h^5p8-2VvX& zTUPIxaGTqA`J!)M_TK#7c_Gnv)rmcwPLt<|Uf?@A^HccGyblFy5Bk1e$5%N0rkPBH zWJ<k$hId3(QKaH!CQ}0@hQB%sysloKU$LA${NDP%d-WN`mY-|Nz1lG4*VWT;M^dBn z_pP}lB&R=XRnFhLi~s(z3`!}NKRq*3L&qy*`q!^n(fbQKWz%(h{SH~rb1k^O#3j){ z#9YL}<LTnMS?Qq{s&^IGpFUL`)wtiMUS28q!|O8_E#r5;*83b=yHD8U<G<NAZtSlM z{&iVg>)*FWb3S!SPN@!B6E(T7eI<``sfFbW<^HnNdowST2&Pq>c)(p0amJEG=+(KI zoZ;tUIgZSHD0P0)oT@bYz?EOGz5liJ+|L^#pD$0kEc*A6lIq)Uj~1^o*RP*)cZ1DO z|GTxG9s%<df)1`^nw9Y={<is6rd0;4FT$?Zo_(?B+sg|azQ%vWbjxCe%eA@`&iEdm zxJN2LP5bTB<2Pg76<9-$^G%qclAf*kuygzAH~LczFU|eiyT^rrMey3!XMca|Hb#~| zN@VWqG2lB@JW*cTpzz{1Ri=`Qb6LH1trPC&uzYmeL7Q*Ft@)cyo^03ku<l@z_<Hn5 z<w^^gdfm-`EVh0~_xVujb7ki*IXCybe$&4hJkuL<Vs6+()iY)8XgfOP_FK76wKZ+Y zz8`NhU63?0&ia0w<ATESq=m;EZ#-Xe%Pf4}iSy<gDwASEt(W=-Zfh%X5nSWQ^x*%O zqR)z7-BSIZfB3XR;r1yr%?sxaUh&LjHeS-w(4V&N<=b16OQcej<mc53Ykg4s!yA>{ zEN8dKOLB{olBQ-lpYNvpJ0_h10lK%OQq+!x1TcPdGFJY>_G2|etneAl9}iPQ))}b& zw9>w_#l+bBZM1woYZ~|du4%6|9#kIQ(yJ+7?KR2eZUNJ>!_uKORi_tTu+bCVX3{0J zJmf^*)C+lRH>yvS-i^FF;kaXH;L!#NYo2FEmoco2E7`haUAb#%vFy`@m##l;Og^!@ znf2|8S(W;0{&qV=9@bB@keHx(f#WCVOVvZ4y(e!_y886MrFoI=pS#XvinaxX1m3wM z+-JVc!gF^1@3Rw(@Ag#OtX!s|*6}v$#;R4RKB`7pOtZabTUpAc>CP~bxMLq@)Oljb z7wd{0k1qKdzP@tV`^7)kEqA%}#b;-pOyJjHaO&{eW2kDN3@;ryMGeJRL~<S}UzA#8 zYkq%z-NWzqxrKDo7&QzG4HOMH*;uvtn3<$l8CXOXI(Jsjc9K0YG0yS`!>c|%<;nN% SvT*onuj~K4uqy#nN&)~L2}KS7 literal 0 HcmV?d00001 diff --git a/roles/odfees/files/Bozidar Proevski.p12 b/roles/odfees/files/Bozidar Proevski.p12 new file mode 100644 index 0000000000000000000000000000000000000000..24010a64063a960d554cd4e895e17b9e2e62362a GIT binary patch literal 3325 zcmXqL;`zzM$ZXKWv!9JqtIebBJ1-+U<ANrh4J=JOYYdurRv0v~$0MZJ7BsO37&Ni_ zFflS1G_kuPWEc%(*tno3@G!C&@Ud{@pAm@?KUTG!iHU=up^07M-_B68Da(!WpME~x zZCt6<q<!Sk^6!!@7xVufn0!ucb)Kus@z>Mc_Z_UC{lcqxBg3VQyN|7Czu4*hGdcg- z9%do$moM+!oByiiZR#dlK8>)xK5y>ZF*!5O@g7z9px(g!_F<Q^E7P^TpSR6B?z)!c zs1ftlMYo+3=7%M%;BTH8p#S~;`iVz%w@DevvuE947LM0w*J~->zvhQuzRh7NU#axD zCwCN2`|QHMXm?$jR#Ez{*Aar2((SyrW;LI9eB<naBPXJFMi>`xAANIOWQwBtA$@}n zc30FAC*R&_w2eLPZ_YmHH(PDR6SNL}w|nr-XnKWW_;>cDFIMMXdX*dItnvEEKW%Qt z_o64abM$o9#k>_S+sm<U>dvOk9&g^~zWO}#saAmf3F9lXSO4DV+pojg)LXOmpvB%- zj$f@R&D#2dZvEZOdCPOUZ{vL}nY}T(dt^&JKRx17Ta(T4>8#B9hr0P~KOI%}2<ENM z$Sr6(@WxZ`#H7mnvs`~~NX8s2G|3c83n|hv4cULg=W*~NQ4e>u7s-p_wD-Sx&b(-e z;%UZhoFUu(`B(0CeWk0reCpQQ>+D09%zEmxcS_msm+>qTJ&sQVm>cd@E&QA*^v+=R zH?t3?I#muH?#%x4t+eP_@(jz#3mhw0xl)2`bUZ|ic55&7DcZbFPbRZ~?QK?S-p;jY z3~#UP&AvCQ<8e!y*lFjQ1?%%1&5C&yj+rNv?cQ$4Dzn4Q`BEe6_Wc4W=N9MjIwVa@ zJ(=)lH@~F4+Z4;d$mXvCzmDHu%JS8iaq>h{gXE6ozc1zQc>7|tP_rOwkGJsU2ZtSB z%yL#QxgFg8DEvGVdt!&{s*=Qm|AJ<vYByc>x%p5@#il=w%~$r&7ulX8oMCfKYz4o) z4o;9g`Sj@j^0u0fm5Uxle_~j?!1O~{dx8kdmxB7qegD>Eu^rm|MC;58Q#Xr>*z+0> zm#qyKs$Xh<>#E4p$K@BlnH^#Ins{FS=;YN}DMwBl1$SAt$R7w@en;fRb`$wh!<~`Q zbHb|DJ^T1LrTB!-;#Y3ET`Lz{dR4z=SzKDKk>JM9y<C2)r|s?8Thcz^;qHAwCoFz^ z+EU;Cx9a?n)6xPz;+<z09g_a!?dv<|_Zp3P;fni|&RR>q3JJd~#x=V@#<@bixH0-^ z)&}Xkjr#<XW9+9SWt<lO{7a3~YR~?F-t%8RdJFVstTvM=nruAxYWREQAXC$8vWXq; z^HU!QWPC|-+%@UKrJw0qyx$L7?VfcxZEoy_+AnKrB7^;}DW7=Pv}DVbh~Jh1w$7Wg zjQ@+?{^v5k$L)}K`t6nX5BH@=*UCyd@?_rFP|#3hEpS0+b3=#vUr}@S$2#f4Y{_k& zCeJ$dIhMq?xjyz)y!KWsxz8Y@<K6GOZyN&E6}O*zKWlR2uH+AYe$V;2&tb1kL7w~L z%RjgemVQf{@HRqs{^mU{OJXuqs`FO=(5m>txHES7?Dv;Ex7TSJ_g0%I^K_(oE}pPL z#&Mr?z2^zrMoV3l1<d8qZ}sOsZ1ZJUByhg>r-NTl;k{jdzwRpfop5{eylLzAaDB{7 z>u}!J=;vdYbno3SrWkYghsTr>?%cLM`R0IL&$>JPR|@{@TIXPQ!BvZ);c?23yC<zO zn1tij3YO0nxyxw%-Y=g~BFpXe>_)-j5Xo-W$JeX9kH+lUQIaR=z3cVCQ}-QaTDW_2 zOmA5|uhGA2dF!`0N9C=v;}lx%R%qQ*EuX%iGD3nwur$}-O?RRb@9w>ND^j$juEy+B zo~Z1!raB;IF<<|T6JKIdHgM|vp83{HwE5X*`9}8dy0dsTFgDzb>B!XloUv|Yg0{eJ zelA~;fRA49<ZPR}7!CNp2AqEvKA|Q`&7?EcvC8-Sg+g!Db?V!TOV~WVKYs0RIj>K4 z-I6=T26B(>W^RdJwC#HdyQjvzN|Az&$(2%%i<SAcS@_-C?<e?A(qoeHmOJRSEb)rL zf}bS`N4`~a)=tiq7s%Y^u2<XT;>11ERsZ|bk8UrwNZ;=%SAIW#!=Y!tetc#>{4b^~ z^yu?N7Ns{A<mpezS<)c7#Q6RPBh#f$bIjD-H{3thcjWl?SC0c1#a!@Sqs`H)mX|tP z-a~)chWWl$HM6JIb<Z){cVUeU$Kx~0#d|Y0{!~tua9WjM#(wI=-tFRLofF=K{@=0d z&^ZnJQ@w4yipIC=CU}OQ&&Z69)#lGrNc*|_bmSM`701F0fBapwda(@C#3MVdFRfF% z;g`}_^6ulJ<Lqw)yYja0UJ)W~=*1;8pK;?^?ww|AqHc4JdY;Kyw5R$Z$LVyn&E6)r z8}m9P(igr=ZA(+M;7o1aZozBRY^%D?SFGMigr_3H%u2@RKzvQ?`hVr0wy2*~$P@Rk z{J>PO^#)5*?wJ+ga%<a{_H-!TE}pY8DE}6FnOsSS_{>LtoqHlb@aEgjpRVV#dG2!g z?|H0D^ZLI%DCw7YdGPFyzwytK92|B2lq{AoXkv9lsz?_!u^O>7vFaH#v1%DKv8u6g z!>Uy-My3T#Ebk1OSYDyjw#=Z~_OLUD%=deLZ9ugxOB2h9y|ZkO8Qpd{D*K}G=b{%p z2agwX-997VvsRYJG_b5@8~aa}P}QwP=klUupY%NMo8FLe-_)PY`a!_e_j7Xmo-~~Q zxVR%K|AzYC$&c>K#9I0mWnR4^8(36X<tkOJaj)y4Zl}Jxf(4gd%ys5Z;sR=2X^j@n zZ&y~Ve*aT^)(f5HN{>IH(|o7Q5m{H(`O!ej^<DB4cb^H&;a%Tm{;GYq^n<Us#&^~0 z%PY-3>F8}PH7J}d!}h6{sluC0=fF=B-l@B-ulAX5ONy(JscGIM`LXYA_TAeHVpMhs zXryp3{5X|+Fy(Og)u}RFj}8|V#s2%rQ(~!EkSEWZvviZ+egEy-6aTb#9(7Pudi==i z55w=1hHL>biHg@O68x_1_uUpHSrVBq=s%&CZC6KOsnUwn$sG4sw$9k{#@FC?$?uC- zBAnZ$mFBlFX{_C{MdtVF|4nu3=g!GGy)KV9s(+Pt-c8#Tt4s@aPLVOOi+EjebiYC8 zZkEM$r6qAoc}ssSb*SN3w6#|Khuiri{%!V?H5N88?7q;m)R*@-@5h}otJ{*}w@+BL zG*zJNJMXJ6j(#Ua9hU7#FY+_LY_{s`DW8A|Z%f?%zj{`9Y02FaVf_`8j;T4{+Q4FC znI`jKRms(No0YznMDI8KsweBYH;4VylpKr8r(SX$=3y<G>uPVZDAe>CTlkKp`F~dW zPI>LAm%6@8ezSbD!Su6sUaHIm678aH{VgHZFA7?ho$JYB5y;6~!C4z;bFuWDM(YfX zDWSFzO38;cUIos2+<ivt`1&15^WJKDM10ZnE0%wFTjJ)t{fE@+xf7X%PfHywd@`}d zQtfQx44vBM+&i;Ud}<PF&pw(ic6`Z!S^7I{A3pPYbyOrHbQg<$-JiQ2XF{F?&e#9m zbG&xSx|TWTXI{vZH+|t(e&XIgjp(a;VoNVAj1D|M_oAYz6=SyHm9Tw1I+;5rty=j_ za;+5qfrm%Svl)6{e>T72yHUpC&^<NFjdhE>>W{qfemGHe(&M@_N36^DeB(TI?&R9! zw5f*{Tl&50Z!~D@+AtyYCeNcwZ!R92UHNvxjPNYR$V11c9Ap<MEY6yx700PP=e2}- z<BFTYk!$W>Ocrd)*Wb^zO(^}?`(M|Eu6$2j7yNx$NY(x+E4n^KOq`HVs(Rsvk%!co zoh1`{9>)o^sr>lhc>CYZk`o-(v(7Hxw_kq6-@D~qY1fuJyqLT6Uij`-pSycXUtcoY z+I9NPb=GHJ_>{sK@9r#rzW%1SfRv@~Nv6f=*LvH}hcTAg&p-e6Nc5~)k?Fx2Y1K_C z+#9E?EWG9+WZWv08Z`Im^P{JW!q|NGi-fp6mH2n0I8%JlcGf>VT)m4Tx6W*rd(0+n zUg+R9)8$=Ru<Js0wP)6|?RdnFUY`Bn%1=Z8NVmq<tGucbuN^G4{8r1iYV$w0Et`%N z9nDogG<W`lX|Hl3PByz7NeZqJve@gv7<x?P-<zwKci%Xx(w^EIe{tr*^CrKeC+Z3@ zrJN5}EY`n!--OldUPF@C#x?Gm_rDn5Q(xJ(zP)$)-A^or8jp9R&)R=VStR`rYq(kc zhgWv)4RhXx@GEx;y=S_$nL+Jf-ej}?%i|?gFW-Lp*rKene3JaVs-@e*?M$Of&IqK1 zExIbJF1mY3srTo_l`9fAN6mhu<o<@?OuM(Cs(~`RbmSB@6k`#Q^!q4Qsr+Z!8T0S^ za!#*YsA%<jlYyauq5&rxt2Q4qlN2ihi^u|21Mj}M-czp`eKY;fw>tO-Z!sSWM<5IL MzLJB#K7&e00Bh$qdH?_b literal 0 HcmV?d00001 diff --git a/roles/odfees/files/SOCTOOLS-CA.crt b/roles/odfees/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/odfees/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/odfees/files/cacerts.jks b/roles/odfees/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/odfees/files/dsoclab-odfe-1.p12 b/roles/odfees/files/dsoclab-odfe-1.p12 new file mode 100644 index 0000000000000000000000000000000000000000..ed4bd60a1d96595774f510ecfd8c864a09e8d338 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7!neEr7FF8!J!6B7qRLlb*KLgF=lr}DlvSH7<H z)8`4|a(~+UXJ2EDNgVrSk@W4hOMBW5Ybm6DjO4yj`0^0D!G+cbAv640H&!^ePuF$n zyAxo1*s$tNP^|WBeXqK_{DdQJ`%cZ^eZf9Oe9hS>HQo~IPh6PtuSqO5pzw9(91Fc` z7Pj|hrS|22bT}KI&g-F`)a^LKZJG7fv_92(w@;pYj<uS~jX4kcy4a4Um<y`5)Hl{k zE2U5DQ<gu}_WZ?e-L@Z+k)6)@YyB=hT4^(7)`ADNG8)_ML;vb|l%(ETnQhabpTl7M z*j4QQoV_V-a~_JMW?#C|HnB!v_LI}DyuYXP@MUgNm>c9G?A7;i-ab{kcKy`nRsz#X ztDCB|^TKi&bd58=B>ZXl`$VQC=bz4WJ655+cRS90|Hu5MbGnh#jb-K*?|Tv)OxIu2 zIym$BwIyva)<+I(FFE=|{Au&${17jRT)r3UyKV$sw)DPH<#~VN^+}V@X#{Wjwf*xZ zk^A4TyevK!fBp}jpJ|s5XT&|---<_Kza}fJ>et-Mw@y@%XSKXgnW4~!v$eC?Ca*tH zf6IEV$ikzye&4^HUYoz6{Xy(p?><92&b5v6_s2|r^;Y%oH#TSf@QdG>9~kmA_dek` zf9Y_!)4BT|t0h<8IDKY8#ta5iC#}-17Wu1%QHgu>KQ^n~aM|JE6tQyYqJ6Eu9Bi2b z)|)-Zw`xC<J1=X3etKxh)_<mpKSmu}zxm<L`t$ENPi!z<(xP$FjNdQ9t2;(%9+LyV z=DO1h7O&WP&UODD!zW=0^8K18=QAYTY0rHUWnX)JiH?-cFRjD*3#MhS-RUydqW#SN z<wi{A8&7&X%L`NvD9b))lzIB_8t3KP_I$Zp>ZH)H>$aiRxB31rJ5~qJ(=1#koyqU< zuru$!4)f$yVtktYf6iPMnep&QRE3(vntKx(moTgkzjbBS(%Ayco5FY1-o7>QLz#T% zx{LC2C3na#%ZkXgu6J$9+I8&V(Ja3TcK)oWq&@FuY-g4<N!+>C_V*d@!<|aIC+u6b z)wt=`hd{5#C-+_sEGhc2uCm75B#dS10fBW!Oj&Wy1$bh1RUO~-B~s*~l%&yCA?YoT za&21=R*F7lf0FucLC{6nDH~@mJt&f~=Y*M<SzWbM&$K4f$ugX~H9U+s@6XrJU~%Jp zvN?O%E}NQw#%JylyM9G~Tea%X+VH0WlT_A6NiBHB=5bIvPvPB_tHrag`zL=)NJ}m} zx_`sE->&aI%iLgoJ+Wc&+qs<ISrVr#+RWZ*UM4>)d%~}YH{5Ro2;7mJH+OTIvzx~5 z*RFg1H?KNzGf#EZ?K!F8b6$MoX!DysY4Z79GZGCh{mc8IV(dC;mv-I5?Qgour!Ts; zO{&zdC}-cxUB6avd@KL_W?$HIpLMa>N^0g@M-H!#<Sv}^Z*shx-_@qsFRyhT-D2;< z{=a<kX49OQ8TWtKJYTCOu}b*BX(_FHiro$eZ2qX~Ox!Eoaa2USWSYc<X%Tu>Hy4~u z&=ZT@q1yIphrE*<i)OIvgt(>Edw4axOXn<mz_IH=p&!3}*u`D`OLj<xeOnQ}S4U^V z4>jf()rR$*EShKK&x!J`&ga>~ovW(2I#cnaHIMuM=N->(N{6Ui7P@#&>fMQCz2(=U zv~P?4>F0jCU7>TGSb;=W;@cXnq?Y*2dSYK+zuo)yh2NLdV+BWVF+csVI8iNn0{4x} z)nbx0K9c@gB0dh@O_6nWSNnF>hN#v|_}rV|RCca%b(8vnJTVtFv0%qzOZquJr8{rn zdOmMvYg$Bx(8Is?pB!3od+NNo#TV56{CiY7>uN;I`Tg?_oZiiOYi(KJTa`arTjt+B z&ZJ*6XUbd0Cr5vNvPk<=Ah1j}t9*90Vo-b&UtI8)m51-Nh6fsmGkfrdMg6~5xMx;g z>_!c@$jE-7BK086+_!4NK7~=6O|q5-J$S~Ouc+T>I(?qYtkzIhDba@=nr0I@Pneq@ zmXL2#VCej8yewYE!*A}Yya+kH$lnJuf2wkZ#J>LG+tkD09{F;A)SZnsiQz(vUL58V z`!2pVtwyr+h_;fr(^D<Z^|RH!*M-0EeR--;x4(PCvDI&We36oSKPhv|{|zb8lCI5K z?<f7T3I3)~n|}DJO6i7wJ&ztr9^ZUJj<J6FMdrEP|1L7N1_jMEn)hT&Q;ky@*V}XM zn^w=#7yjk<?O}$^-0A%vyzOdN-T3RegY)He=B4@p-`2M=-|3wHNqNGfeG?<zP2c(O z%$J`P7O!^v7FptTBaD0PO63(tA~zq={FC{Lt#IPRMc+*B^_-csRjA|QpBbktALo9G z@SD*q^Jqoek?kM18e8u@BX924w$AD9tN<zTr&r|GeZF_s=Z>who^a`kg-mMKZ#pS= zZ*RS%alNoga*y}a`G2k6bWgjs$7r7KKX!Xnv&21n=e@DGukW35c?L_3%$Kgedy9Jx zpFFnkceayl&7!AQGqfI@ew^`D`PHr$%{u>jzi!#TSf25wMlS2kfXCOJA70A~mi%nK zLhY%0>}mb)r3a)KUPPSSQL|G`Pe9N^X7_(DtNH7*UrzQH_}Ka8zSjPKd?kK8ZkriS zW{NsA8Z@ywB2~x>npllknppJ=npm|AnpoA?xM9^Z7bDYxCYE;wO)RfaYHemvt^IV7 ztGU5lM|DuG&C<kjB9#51n~U#3{>vH?S@tqZL`|0II#2y8ao;;ku-B6(G)AkP@n#Qm zP-u<ETGu?$n}?t9{(7L@>u%3^F+=T7NYoepIZS($UtRpVSVFpCUexxo;^3b~(rvyU z`F_V9{u0qLz5ev6A`yGZpEm9CTxK&Yzr?mbX`7InW>^2xeY;OKmu+Oe{5|U$9o~cS zf7Y2f-hVRPJ3%|zSYC6Ich+-;7r!P%cXbE+mlu`Xal%SY$nchFVWm7*yz1ZXn)8#s zi}qeuuzXy+eD+<gGfFEDbF!%#PFK6I^Te$Oo&isrx-0(|&FVJE%v68OBc@+{t<FN@ z$R(ZMmM2a*K6sVVHg~)Cc9VqKsxuiczUJ*Yd4?nArr452JGQ;4EVNUNR{4{!AhM!9 zdU;xI)N(D}a~C(P_{T11%lzXI`|(b`S$|JXEX>Z{y>$7}yCPp=E9@(~+x=Is7JbcC zb3$VBjaJEpO~2lSE^NIR`+HfadFIj^?Rl+{g-P!76)Jl^v)XN}J1k^(eoA71ozjD; z0?{vTYX$$~JREEG_2VLD=`9Bv&zgKI_O?51pmoo9hiA%3&9W;&^{ZWzM1*R2^>tS_ z&YiV!g<7JKcZ1fQE$!Uj(#>`#FH%VB&AAaYU3-D!>-~#+t3%8$@~dy}oMY9Y^kl|| zrM5RjXV3D#axHpAy2F$FYN=@Vd(-wkv6MUPaqeMe;Jex+o(s{hf49AxWU$tTi{sA6 zE%m|o`Ooh9)$!!uIscv0m_-*X|K<{{G*S8fmh_pgW1^~4g}A<j+ip0^(tow(4F7}l zgZmH9+bX>Gr{LTgS&x5i^Tqc3^yl-u_S<~-S;=bwZ(IxJBrcMeBQJbFIpEi_KcCoC zmd(iTm$*F9FQP!8bn`sl(@$<~*S4y!3bVNXAw5G=Txa$Yu8`AG>`~^L7sD&g%v`@$ zu$?EmGKxD`K6CZ77PDfP1N=WM{(QK*xY>L1<mcD>1FXbc)_GdboqTA=?uGGIM#(cw zr<8e}eph(0?ogq=q#V=yX=lY&J$-j~%M?qw+kHDc`z#OL%qW`G?)@=}eOJn_yXp<e zTkQ82Jhx@$E8ccQFh#Sv>yFR#lBZ&l!CC4o(Pj@~3|oWMYS$S>`af7x^nJ%whOEc+ zRkxnR|JuFFUfd~rHt!C>pT<kmwx1}w`F?77ZV%6mHO|-U6;`iVbK}``)`Vxv`PV<a zl3<-)-yA;ab=9Y~>qcsl_quP^9ekOW(POCOV|VKP&c+!{bNBGao$lCVqv@|JATWVb z#>7m?Oa7kJ*~ODC1*U6EG}-*N#f`;{gEQ?ZlXZ>F2VOzl6-?7hC$Bhu@YUo0e|}eQ zn%;S(KEYpS^RFd>9L`5se=qgvlUb1Hu;9YX*}We%Z|D?%l-g?fn0-Q|^wUF~Wzok= zd|ojYEpo2?$i!UnUu2CrtIzdQst*-*s7L7ueyB;SQaHY?vVWTFthu)o-%cyH^in%~ zk*jraa*NWYpXb+IpERfG^0|+qa+Nbyos(ISrfn(~ve{+PvqLBLI~XcTsvNslqL-=Z zP%WLJ(R|l&o4KgNY~9F{SG2B0YiNDr<uEp{y1nGF)$h{i?Sa~i{K8>JZr+OCxjsI; zF{sltI>XAV+Of-Py8j8uOZQDa9BW!5P`zQFU-`R@dF!{W{Arunm|1=>(ENPkNh6+{ zhN=e2@Y0b})KH8?q~`pKQ}f>IO-(bHto10O^+~!+!F&Tl14RQ)HdbvuW+o|C1{RTn m&03dMC`O3BTK~lJ=bx^%1@WHoEFAZom)ywXe)9xWN&*0g3sWxu literal 0 HcmV?d00001 diff --git a/roles/odfees/files/dsoclab-odfe-2.p12 b/roles/odfees/files/dsoclab-odfe-2.p12 new file mode 100644 index 0000000000000000000000000000000000000000..106170ff7a325bccade7cfecf2f60642e866a4a0 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7$NFWMiy)qmX`CMFJsh9>re&Pl(Xy6;x^3s|yq z%WvL8`P<bsnrzbbCT=)C?Tw6%bvm0skyq<+ZW+V+6Gfh<cC+VgoOavnc8u)y%bWt+ zeed7)%<ANM>U5)}*ZfRu?&;EkU8`H>uU^o}yddxO1JjCC{i|NaPyEX=he17?cY0uR zL#%f0UfC%RKM4fJ-Munf@1NjbP1mRY8GLU2m&^;VT)<h@{r37@hRJ7_{c7IAt1cxd zRT*PdJ#+0Jn{1Dl%S|rJZ2TEo@_W5V)>jjzT-AT+U2`0KAHGOV5X`BP=xpR;vv$0B zyW))O?o`cNhhK??t1<1?ni7*JSS56*;Ue$Uq8IA^=bi?z8}DxrE|?&1$bJ2%DATlE z+m~PF>Z-iQ?kp}A7^-<U-qkf{OGkG@faB~F{Z~%Z+`Xl>qDTI<bxq4mqvI~g9VL!k zH~S~wbhslu>qUZm!1|vG6?-3TXI)}-?UWtYqC3BSm+Uq>IKj%Wl5b^QpR&6dgYjJE z`E#x9v{v$%DNoZ`awn15_ha$Xo~y-&GuM9dao?TvReGZIxy=l!L1jI^u65f@?QJYt zA@pQxU81{!#@YPsEvXq@ukB+GOg0m{VRPGpZ*6~P<r+KR*G<`Kfi8(EiP=Kh<}c%V zw@)`*afs)%l%4l7MWqVX-D|7+SNNa#@ajj`#<#PMPd*@?n*MoBu3plkwySRgKHW*{ z+G*IsG$H!_D~3o8mfuUCoK>4N^={kK4{v^Ge%SGK`If^~n<I*S>`!Wms4lheOZ=a6 z_~e60&Nt^wllEnk=UUVB;qvx~8+J!E?oO)^`yl53;A`udxz84N*@ZWrIGt*kHFdq( z*}}EE8YZeG{P3-mdp+e&|Ap*Jn{WT{4cN7l^R)P-zrVC1`z~tiIKtUsZO`mC>xn)~ zgimzmTHYI_H*JLaJ$Jld^4QyFo~uy&>V3+y|DV|A%C8oBAz^3~yN<K5>C|P*-D=5o z>p$DAYqa?NoZ(!^rSKW$?UO%oUzu=p`wW+^W6QUn`_=y-JgTL4O5b6bUuk_mO}>~f z@0eAgv&5P|wJd0hl;iO&(@To?v>TU9c3bdjcJ$#)0pWYIpBXm_{F}9B_Tu`<My5qs zi=F1pn5l5q=xu)N{2yhSXa8t#IXii_>i&KFi$3d0)vUSb|6WU;pUG;)?SS}glP9z7 zO;T-1{!n}5%FfUVvk7|-u9v<de(6CFvklkBy7mnw0;&6owLB{uB92VVm&k2>6|2>B zT1v`H?7jWFwVMpM#de<-50&ZouuR{`W!L7igk@Ew>cvv&0ny=a4$MEe?$T`W`rGll znhpxAnDL}*Pore&f*@PvxovydQ$FhcsxnXGb=t2~w`|M(Mt#F6OAa@+aa(v_(s*RM z`OBNH-%fr%5b>YI_60lN4z5|E_3>xU=U(QY{^0=IglSIv%8%ECEHt;Om~ecC&Ofh5 ze<vKY?6AE0=<17)Ki8dYUwfkA+QPRdSf<MUs(iW1X;RRZ>YdMy)+zj5yUVr8<)(J( zY|lLo)|$$*G@_aWJ5=WWV`urY_Iby?^1yR@n>^I#+Ui|<|1<gQXO(OBwub0)pRp3w zJayB(U}I2M{nLJNlQ(|VQyuTzEMJ%+)}r7q@71tGxcoVjMV;w|_qX+8@)Pcyx}9H; zwnz3mPkq4@=Cp9z;!?%l6N1+kuX}%YO6a^rbveDy`sEg7{x6)6{=u0+A+n8Wj*aFL zk6P2Ie_r-Z`OV+NY~r~s^6RhDEi)DQ+I9u>W%eqY|C%RaZSURd`cOIi$HLH}Jq;2c zZryuwERC6YO1O^N^>_chjmosM9{riVrNZ-gx#XvYeGJE~e@{zHJ9+i|nh5XgWTWnB zPcQtMXfkDs#^YNlEmjZeKgpkz&U~!G`e3hjz?Iq$mX|9&NL+D~(Z4IAyGH-W?e53t zR4m^2Pk#Eia$4+@O$|M7el1cf=h?m}yy2nb>PtVh_T5&0pM88=#6Goy%RG+6&b(`W z<B|j?!}n$>w=EAuc^A&8zb(pHY^Py6>o>!}?-{8lw>@O5NQ|B8B=BlZTnL}?hLp*6 zpVV|eynggIC0HwC%CWmE^d>QVG~O)!PW08A+{Wkgul<^n^^M>8%b_^0o!5BgWymQ- z$N9$H-7FtChdbc#7J+GRa!owNTxJJ0Mwvx1%)7GoFW14p)0`%Yoj!eLSq<CC=Eqqf z+5wq=r+-$^V(D(}=dE;J_3@=iSDtacXQSC2g9eXV(|?;>nsfVL;#|)g2_J(p9y+P# zvE{^G+w(-zPF?G;)3WfmcA-Tghk{K-h4v;$ZvVy4C41<k>YeLV@28%Ww*TSqHT=#; zD?aAtI{|s2GZw#?JtO~+r(c^*=9yoyo9dq>$F&K(U#j(UwdGa^%hYq<W4f76n7K<D zoWF3_(Dp;d^(Dnq=O!7P>2}v&?wM3SZ)Jl0<mG&-4=eVX$*;_l`}cCcckmC3X0~%v zpDXHJF1F5Gpk(42o|~}L?wBQC;&w~PKI2yt?mz!jImNzbf<fEslx}n71@}T7>h?@K z!P78JW~m={$#HkNsx>cTqn^b)o;rKy1J6YZ_7vQ>r4Z%cS@!a{&iQ}$52^>NuBa?u zBiPho(8TJ9R3R^DVl`rEV%0NfV%0KeVpU_~hE>m8j7$rfSl$^lvAja5wV6S+HmmiP zjf{eMcR{r_OB2h9UAy12HHyz@<ydCz_Tg)K@*2O&xbp`Ba{|+Nv_#rIJlkgBrWWUr zI-!$KR%Wl)qk?4|Cz97U&#)<EI-fWHM||0IN57|MSg-8MXO3LS8aVBd4(}P}A6<(i zr^=jp`k8x^;u=3A&*rICm*p}Sd);<hcGpw<2VVg@*WUv-54;j`sLR|{Qed)aqr_rw zwsW&iu=>5<*QB;sec9|{dDo!qUC-|<KP6oAHbMRUxy7!PV)2vrChNWCUf#6Zf7N5{ z8I!Mya+{x0F@IOSaABMu)2@|wqk4?0D}^sezFNz=rJuoXC(B)1;jhp3+^}d>JO5~} zt#02z<pobG=I6;Q%3O5vp7!gM?QR8@wv4;W+KoIG9Tu>8(*8*Hkov8<B~K#$?n&3+ zF`Rq6;6c4>_SKj6xeNPvTGr=D-q<}`YS;C*9}CZHickHvC*-_=?RxX<PrU9cl{T$e zmgg|FR3&ukh69Z2LXJi3di?oiNY94EZ%rR(XoV=XY+bt4Gvck<?alYae)3#c<kVQR ztM^Ig+zENnEGbLZY*|x(Zgrr`=7mu?3%7-xkTC8zw0w!!>3nNWql(agseSG?2lFxu zUd}L>?eBj-+$g;7(NA`*S1UI4zPxR9c!^4r;q!~#<q1`7cJEH}Y^z;iQ_r#?*81FO z+dS<JadEnCHbP&&ZG8RA{sDWR^ek14V&<904?f7-c4OO1p%cP-+WP9Vne;Zg_v&!1 z;yLzkhlb`Wr3Xsf3%*C!9T2~))t1`!_VuYE5#ev2t7d*{Rbko}xid!NVvWbKJrDle zOTLu#d(HXd3%%Ydx$V$+U-0z&t-HV5c+^gBS?#PeX99oawQtfw7uA|~m>gN#dq%`w zf02+)?2a<V#n)zMn0;aWr<WJz7`^&BZ@~+zZkE&ERp$R*Khf?yr=mfKj95`-h1CN? z^RL+&=KSaXs7!nEJEOf}-kYPXx6VrFJ>#A9NBx$=>*Tzs{rjD>Z{01_i0``AwNdxL zLBsBsW-6h{&Pn$cYlmBj#$IqJUXd>=cDnzqU`O=dvVZlhqT8>uy2$>L=3991^xFfW z9wMtBOGce+3rv)fd@}#<$(OqP3KjzD$DZ8(`m_IggrxRq^Z2c+n<Zy_cq@O%n9auW znCuI)Pex0(Mjd-)sbR4x*-d!+D*Zcqqw<^=NzObG$8~Jw`XkZ5)MlE0s9oMW!>wNZ z>wW7fw@<boe6{h@#0ARxGxl~q*uao~Y9(uLm*Tru&t&%H?z(Yw=d|x)1sl%ned@K$ z@0&2EvsQW5rovhY^?;*WME@v6O~1M(q-fP%zyH}klg;m&E!;eBCeuaXo8f=7zb<`I zU2c>h-LGcCuJ$axdHwP~-L|(jOx`WN@C&Pm+1>0jC35e7*VSzMD%n<XFX+sU9MPX~ zeC$_bU4KnG<97A*k@l1=i@znGIQH~p%Ra^fEx{H?=KV7Jc}Q}S2g`x2nO1K3FXUzS z<%%uIHduDtYm@td%!pUpnb+(q`T3+{jmCs0`}0FHy3C}08OBWK`Py+pTjN2;TC29~ zBfmuDZ8!XW@P89i@&(03kA&wu)Iaj($FkPntvLsE*tRa&u)^-t`l_4jn}w%0ObXat zkWt*cx_?RA*Q%|bjjz8*e7x}Xp@^IQcLjZew0+)dh#9`vqvaHpTOTi%Tb19=8S+6v z>w~Mol{Q0F17&#W$SG<l#v)?IEs>|G9H1@lc5zz9gf8Fi*FEkAh6aiToNTPxe9TNz rtPCt7zw_Sx7GtztIJ0d9TgX&_wKv|daj<YyCC{DnYrp7hP$>xjbF^(F literal 0 HcmV?d00001 diff --git a/roles/odfees/tasks/main.yml b/roles/odfees/tasks/main.yml index 016e878..ae6ae65 100644 --- a/roles/odfees/tasks/main.yml +++ b/roles/odfees/tasks/main.yml @@ -1,17 +1,118 @@ --- -- include: start.yml +- name: Copy cacert to ca-trust dir + remote_user: root + copy: + src: "files/{{ca_cn}}.crt" + dest: /etc/pki/ca-trust/source/anchors/ca.crt tags: - - start -- include: stop.yml + - start + +- name: Install cacert to root truststore + remote_user: root + command: "update-ca-trust" + tags: + - start + +- name: Copy certificates in odfe conf dir + copy: + src: "{{ item }}" + dest: "config/{{ item }}" + mode: 0600 + with_items: + - "{{ inventory_hostname }}.p12" + - cacerts.jks + - "{{soctools_users[0].CN}}.p12" + tags: + - start + +- name: Configure sysconfig + template: + src: sysconfig_elasticsearch.j2 + dest: sysconfig_elasticsearch + tags: + - start + +- name: Copy sysconfig to /etc + command: "cp sysconfig_elasticsearch /etc/sysconfig/elasticsearch" + tags: + - start + +- name: Configure odfe properties + template: + src: "config/{{item}}.j2" + dest: "config/{{item}}" + with_items: + - elasticsearch.yml + - jvm.options + - log4j2.properties + tags: + - start + +- name: Change password for admin + command: "bash plugins/opendistro_security/tools/hash.sh -p {{odfees_adminpass}}" + register: adminhash + # when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname" + tags: + - start + +- set_fact: + adminhashpwd: "{{ adminhash.stdout }}" + #adminhashpwd: "{{ hostvars[groups['odfeescontainers'][0]]['adminhash.stdout'] }}" + tags: + - start + +- name: Change password for cortex + command: "bash plugins/opendistro_security/tools/hash.sh -p {{cortex_odfe_pass}}" + register: cortexhash + # when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname" tags: - - stop - - stop-odfees -- include: update-config.yml + - start + +- set_fact: + cortexhashpwd: "{{ cortexhash.stdout }}" + #adminhashpwd: "{{ hostvars[groups['odfeescontainers'][0]]['adminhash.stdout'] }}" tags: - - update-config - - update-odfees-config -- include: restart.yml + - start + +- name: Configure opendistro_security properties + template: + src: "securityconfig/{{item}}.j2" + dest: "plugins/opendistro_security/securityconfig/{{item}}" + with_items: + - internal_users.yml + - config.yml + - roles_mapping.yml tags: - - restart - - restart-odfees + - start + +#- name: Exit here to test ODFE +# meta: end_play +# tags: +# - start + +- name: Start OpenDistro for Elasticsearch + command: "/usr/share/elasticsearch/bin/elasticsearch -p {{ inventory_hostname }}.pid -d" + tags: + - start + +- name: Wait for ElasticSearch + wait_for: + host: "{{groups['odfeescontainers'][0]}}" + port: 9200 + state: started + delay: 5 + tags: + - start + +- name: Configure OpenDistro security + command: "bash ./plugins/opendistro_security/tools/securityadmin.sh -h {{groups['odfeescontainers'][0]}} -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ -ks '/usr/share/elasticsearch/config/{{soctools_users[0].CN}}.p12' -kspass {{soctools_users[0].password}} -ts /usr/share/elasticsearch/config/cacerts.jks -tspass {{tspass}} -cn dsoclab-cluster" + when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname" + tags: + - start + +- name: Stop OpenDistro for Elasticsearch + command: "pkill -SIGTERM -F {{inventory_hostname}}.pid" + tags: + - stop + diff --git a/roles/odfees/tasks/restart.yml b/roles/odfees/tasks/restart.yml deleted file mode 100644 index 130f200..0000000 --- a/roles/odfees/tasks/restart.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: Restart OpenDistro for Elasticsearch - remote_user: root - command: "supervisorctl restart odfe" - -- name: Wait for ElasticSearch - remote_user: root - wait_for: - host: "{{groups['odfeescontainers'][0]}}" - port: 9200 - state: started - delay: 5 - diff --git a/roles/odfees/tasks/start.yml b/roles/odfees/tasks/start.yml deleted file mode 100644 index 622a1cd..0000000 --- a/roles/odfees/tasks/start.yml +++ /dev/null @@ -1,102 +0,0 @@ ---- - -- name: Copy cacert to ca-trust dir - remote_user: root - copy: - src: "{{playbook_dir}}/secrets/CA/ca.crt" - dest: /etc/pki/ca-trust/source/anchors/ca.crt - -- name: Install cacert to root truststore - remote_user: root - command: "update-ca-trust" - -- name: Copy certificates in odfe conf dir - remote_user: elasticsearch - copy: - src: "{{ item }}" - dest: "config/" - mode: 0600 - with_items: - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12" - - "{{playbook_dir}}/secrets/CA/cacerts.jks" - - "{{playbook_dir}}/secrets/CA/private/{{soctools_users[0].CN}}.p12" - -- name: Configure sysconfig - remote_user: elasticsearch - template: - src: sysconfig_elasticsearch.j2 - dest: sysconfig_elasticsearch - -- name: Copy sysconfig to /etc - remote_user: elasticsearch - command: "cp sysconfig_elasticsearch /etc/sysconfig/elasticsearch" - -- name: Configure odfe properties - remote_user: elasticsearch - template: - src: "config/{{item}}.j2" - dest: "config/{{item}}" - with_items: - - elasticsearch.yml - - jvm.options - - log4j2.properties - -- name: Change password for admin - remote_user: elasticsearch - command: "bash plugins/opendistro_security/tools/hash.sh -p {{lookup('password', '{{playbook_dir}}/secrets/passwords/odfees_adminpass')}}" - register: adminhash - # when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname" - -- set_fact: - adminhashpwd: "{{ adminhash.stdout }}" - #adminhashpwd: "{{ hostvars[groups['odfeescontainers'][0]]['adminhash.stdout'] }}" - remote_user: elasticsearch - -- name: Change password for cortex - remote_user: elasticsearch - command: "bash plugins/opendistro_security/tools/hash.sh -p {{lookup('password', '{{playbook_dir}}/secrets/passwords/cortex_odfe')}}" - register: cortexhash - # when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname" - -- set_fact: - cortexhashpwd: "{{ cortexhash.stdout }}" - #adminhashpwd: "{{ hostvars[groups['odfeescontainers'][0]]['adminhash.stdout'] }}" - remote_user: elasticsearch - -- name: Configure opendistro_security properties - remote_user: elasticsearch - template: - src: "securityconfig/{{item}}.j2" - dest: "plugins/opendistro_security/securityconfig/{{item}}" - with_items: - - internal_users.yml - - config.yml - - roles_mapping.yml - -#- name: Exit here to test ODFE -# meta: end_play - -- name: Start OpenDistro for Elasticsearch - remote_user: root - command: "supervisorctl start odfe" - -- name: Wait for ElasticSearch - remote_user: root - wait_for: - host: "{{groups['odfeescontainers'][0]}}" - port: 9200 - state: started - delay: 5 - -- name: Configure OpenDistro security - remote_user: elasticsearch - command: "bash ./plugins/opendistro_security/tools/securityadmin.sh -h {{groups['odfeescontainers'][0]}} -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ -ks '/usr/share/elasticsearch/config/{{soctools_users[0].CN}}.p12' -kspass {{lookup('password', '{{playbook_dir}}/secrets/passwords/{{soctools_users[0].CN}}')}} {{lookup('password','{{playbook_dir}}/secrets/passwords/{{soctools_users[0].CN}}')}} -ts /usr/share/elasticsearch/config/cacerts.jks -tspass {{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}} -cn soctools-cluster" - when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname" - -- name: Set Autostart for supervisord's services - remote_user: root - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' - diff --git a/roles/odfees/tasks/stop.yml b/roles/odfees/tasks/stop.yml deleted file mode 100644 index 1302cc8..0000000 --- a/roles/odfees/tasks/stop.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Stop OpenDistro for Elasticsearch - remote_user: root - command: "supervisorctl stop odfe" - diff --git a/roles/odfees/tasks/update-config.yml b/roles/odfees/tasks/update-config.yml deleted file mode 100644 index a40d487..0000000 --- a/roles/odfees/tasks/update-config.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- - -- name: Configure sysconfig - remote_user: elasticsearch - template: - src: sysconfig_elasticsearch.j2 - dest: sysconfig_elasticsearch - -- name: Copy sysconfig to /etc - remote_user: elasticsearch - command: "cp sysconfig_elasticsearch /etc/sysconfig/elasticsearch" - -- name: Configure odfe properties - remote_user: elasticsearch - template: - src: "config/{{item}}.j2" - dest: "config/{{item}}" - with_items: - - elasticsearch.yml - - jvm.options - - log4j2.properties - -- name: Configure opendistro_security properties - remote_user: elasticsearch - template: - src: "securityconfig/{{item}}.j2" - dest: "plugins/opendistro_security/securityconfig/{{item}}" - with_items: - - internal_users.yml - - config.yml - - roles_mapping.yml - diff --git a/roles/odfees/templates/config/elasticsearch.yml.j2 b/roles/odfees/templates/config/elasticsearch.yml.j2 index 5e8e18f..ef61cd3 100644 --- a/roles/odfees/templates/config/elasticsearch.yml.j2 +++ b/roles/odfees/templates/config/elasticsearch.yml.j2 @@ -1,4 +1,4 @@ -cluster.name: "soctools-cluster" +cluster.name: "dsoclab-cluster" #network.host: 0.0.0.0 network.host: {{ inventory_hostname }} discovery.seed_hosts: @@ -30,11 +30,11 @@ cluster.initial_master_nodes: opendistro_security.ssl.transport.keystore_type: pkcs12 opendistro_security.ssl.transport.keystore_filepath: {{ inventory_hostname }}.p12 -opendistro_security.ssl.transport.keystore_password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/keystore')}}" +opendistro_security.ssl.transport.keystore_password: {{ kspass }} #opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem opendistro_security.ssl.transport.truststore_type: jks opendistro_security.ssl.transport.truststore_filepath: cacerts.jks -opendistro_security.ssl.transport.truststore_password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}" +opendistro_security.ssl.transport.truststore_password: {{ tspass }} opendistro_security.ssl.transport.enforce_hostname_verification: false opendistro_security.ssl.http.enabled: true @@ -42,10 +42,10 @@ opendistro_security.ssl.http.enabled: true # opendistro_security.ssl.http.pemkey_filepath: esnode-key.pem opendistro_security.ssl.http.keystore_type: pkcs12 opendistro_security.ssl.http.keystore_filepath: {{ inventory_hostname }}.p12 -opendistro_security.ssl.http.keystore_password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/keystore')}}" +opendistro_security.ssl.http.keystore_password: {{ kspass }} opendistro_security.ssl.http.truststore_type: jks opendistro_security.ssl.http.truststore_filepath: cacerts.jks -opendistro_security.ssl.http.truststore_password: "{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}" +opendistro_security.ssl.http.truststore_password: {{ tspass }} #opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem #opendistro_security.ssl.http.clientauth_mode: optional opendistro_security.allow_unsafe_democertificates: false diff --git a/roles/odfees/templates/config/log4j2.properties.j2 b/roles/odfees/templates/config/log4j2.properties.j2 index ee01d9a..9ad290a 100644 --- a/roles/odfees/templates/config/log4j2.properties.j2 +++ b/roles/odfees/templates/config/log4j2.properties.j2 @@ -5,27 +5,5 @@ appender.console.name = console appender.console.layout.type = PatternLayout appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker %m%n -appender.rolling.type = RollingFile -appender.rolling.name = rolling -appender.rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_server.json -appender.rolling.layout.type = ESJsonLayout -appender.rolling.layout.type_name = server -appender.rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.json.gz -appender.rolling.policies.type = Policies -appender.rolling.policies.time.type = TimeBasedTriggeringPolicy -appender.rolling.policies.time.interval = 1 -appender.rolling.policies.time.modulate = true -appender.rolling.policies.size.type = SizeBasedTriggeringPolicy -appender.rolling.policies.size.size = 20MB -appender.rolling.strategy.type = DefaultRolloverStrategy -appender.rolling.strategy.fileIndex = nomax -appender.rolling.strategy.action.type = Delete -appender.rolling.strategy.action.basepath = ${sys:es.logs.base_path} -appender.rolling.strategy.action.condition.type = IfFileName -appender.rolling.strategy.action.condition.glob = ${sys:es.logs.cluster_name}-* -appender.rolling.strategy.action.condition.nested_condition.type = IfAccumulatedFileSize -appender.rolling.strategy.action.condition.nested_condition.exceeds = 100MB - rootLogger.level = info -#rootLogger.appenderRef.console.ref = console -rootLogger.appenderRef.rolling.ref = rolling +rootLogger.appenderRef.console.ref = console diff --git a/roles/odfees/templates/securityconfig/config.yml.j2 b/roles/odfees/templates/securityconfig/config.yml.j2 index 4936867..26e77a4 100644 --- a/roles/odfees/templates/securityconfig/config.yml.j2 +++ b/roles/odfees/templates/securityconfig/config.yml.j2 @@ -116,7 +116,7 @@ config: config: subject_key: {{openid_subjkey}} roles_key: roles - openid_connect_url: https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration + openid_connect_url: https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration enable_ssl: true verify_hostnames: false pemtrustedcas_filepath: "/usr/share/elasticsearch/config/{{ca_cn}}.crt" diff --git a/roles/odfekibana/files/Arne Oslebo.p12 b/roles/odfekibana/files/Arne Oslebo.p12 new file mode 100644 index 0000000000000000000000000000000000000000..273c8018b7bed8f691d9e9c24f5fa9d6425a0e79 GIT binary patch literal 3325 zcmXqL;`zzM$ZXKWv!9JqtIebBJ1-+U<ANrh4J=JOYYdurRv0v~$0MZJ7BsO37&Ni_ zFflS1G_kuPWEc%(*tno3@G!C&@Ud`s@lK!gTfNSPiHU=up^05$Z{d_(t&GJt7$3D7 z$8I!c_ItQJ%%!Ef(cf$BntMCfy>FjpJMUrthy3#6H32Jc-q;#=_Lq04#;r@IWqa~v z_b(_qa_(it#~T4L)*+Pzm#fxq_sSM*O=p+Xu5f&P`qNwI{IV#^!*;n7T4xG<o*eeG z`)<5itWm)%{?^@B{n!70HTkWW`#rhxRnKGET-OBEO!s~3BKVy90o!X<6<K?>iiwAc zGCX#qIUQ_Nn{F}PCg;M*<*5uOHrWd;f49j$>~d1Crpr;2Ggp>~_59V;ycjuQQd6Jw zIrk!Fn@;h~CY!IxY%5!;bVBiU&#j4J6_%&B2#6?ISV~X+XMONJ_a?2={0l=f`!CIx z`n<rO-E-I3TG{ka-McB;^=nSpshYkQu-Ce^Y>r=G`E8&1Axv(UFa9=~KH2#5jZJIx zTPDgLUb8aykInjN4toy03-3#RVbJyd*`|_(e-3{*&H7<K+y3gtbJzC%&&XrFH=`;0 z?L5<;#wI3vMfJmWiR`@2!uyCjvml4zzxivM3eOGCB|;e{s$6rDU%P+RhH5wA1fk|O zfs0MkyxBBky#CtmQf0kwd%R32WMM#$zT3CzbM?MK(^Q^3YB3g+-=Nc|9wbzn5+pBN z^)WI=uVD2QzAb+WBwC}N8(;d=kZ^9>+Wa0zLxb(NOus4^m+^NUWDOBt&pem^pw7*e z*KQiVH(Ijs+ltxW;sSMS)B|T+Q|x9t;qgk`itl7oxPMdWscy{zw!=>>3)-G673aIK zQtg_Q-VCb)I&8;Ja2~XDaTWVsoN794f^^Egm#19s-LZL=bNy^?iKoiBlndM4tMBYw zub{f)a=Y+@bsnNVF<)0y-G5S+)YD?Evv%YAZ2q}gEp6&o=I(ZVCy{A+J>;C8@chRs zgj#kR-gvU?^x@|-3cuV96)rn37qdU>`oD!c)x%k0V!niW?8-~&h*YxuwQ`1z<*YNa zw!E=1I{9q!|EMF8d#s8+Z+j^8_p3w9pV<bVrySSsNQ>4}x7wAk=Tok66o=TV2NPFk z%sg2m#B+DuhP$76*qhs>*q!Gp*e#N|QPsazWnTXNsT`(<#06~I*2yY8vwADYCjad> zr{brrr&mZ9zy3C1>uw+Yt8C&~C3ARR6*zJ%J-owx1M{+(PE*|sbn4;{USjI@+}NHy zDeJGlhshFW`K27cu1yHyniks~9C5D3u-|jZ`vs@U>vtPSy8lkA_MW!)>63K=(=r)c zG|J`_TVI~`zb(#xPtY#*Lyscc{Lim7<7Ts+bdslGs*!v`)Pakes*Y-(_BIh)6{}a+ zUy^!wFU$5P4~q}`E?dpYQMBX9>!_5?Q6lEd=U%^a@%Gf1e}3|u{4ym$r|=sWqy-;K zaLo6(Hq%~n;eXS*+3$^&q%J6)ubr-SD0R(sgALkKC$l_o(VUfc?B5L56<1$fV3S!m zU&`@<{`<1kdj2k6F8o(hnt3~Nx?3H}Rf?opX6~85J>BKy_fL#=5tiAv4yXUk%)7or z<Bo*F(KR2MmacsAZmHAk+`Up&GM@Je0uJ+<Ot|vYWYx#M?lm&&BA+;De3VcA6Y_ES zB<<)0KDTa75ecntJhkW3uk{=y*Zu0dH{4IFJD&bG=0x6wCwFH#roH;I@6qoYk`}yQ zE`6%AYBYOyZq1$s-j1_Z;@C4~KRgp%QI^!FU~;RCGqxjd&yl?+MDlufSzg)DcB48) zVLsdY=V20Yso8p0<y1V^nC_h1a_%kXu|K@)lASM|U9msUsZ}XN=5q4|hrBh<x9eUo zo7gtV|5Rh@LUolFHS_%MPW0L7Wubm-@|3;(MPUc{j%57xpL)JIde+mpeJUrqA1^-i zV(~WZ=gx-%Jomros5<!S!M$e^`DHfK^;WmDZWGHre!6{=gulR{0{J6#vYUUg#544> zpV;PCntEy*kN;BB*gnB&+-!dyxh@X){JdJhZ^s0m_3cw$u<nhz6sq(o+Q(McSheBZ zf-=3Qc9o_vLUzLE&hAY59k=C9jGkK7<HkO7^YXS6J12&2sJR)WCSv=%c2k|^L!IN+ zjVGTP`nNxx%lhNmJlCIkTAwqg|7vZ2HuKKLc{AQ5ip~vM^yU1IS$>_`Ow*3DJ1M?h z*0<xbR!vFRy7QGGQI?<l&gW#rZZWMW`mW=%pC><CuOrF7GrII%75}NeWv8clw$A5u zx^nsUl*5~ERL|y9`*^iEDDu_rBk!BD&iHPa9@J=YShPp5ggrlh(wwS{-<kKf)yw$> z{pI?gXCGyLfPHdI`nos`@0a#JHU`waym+8y+H;S`MVI<I%DSdE?Q%6b9rNn?Ql1zI z!N*^!6ic7ZemsGfeFgIst%%ijJ!?Mco}Ir~d>NC%t{<Nzjec2d%{#lCty*e&?_;U0 zAEnDZ@?T!Mm0Eitia#fP<+aq?dQXLd70zWl<zGB>L+RSg_bM$frUdi8n0Eff@<%OS z8YXVfyfnwiIiYl75uZWg;k^8pXI*5a*}6Z^yqU7ppo!HHsUls_#A?LS#Hwe|#HwY` z#Hz-|4XakU7?~C{vAi>AVtIv9+cJY{+fPy9`>*qd6oYD8mL`@Hg$9p`N~*qoV_CFv z!T!C`OI}#)Xqq3>*nhUSSlLc6>{0thwl9gbB3I`n&f9QR#8fEod;PsPB7e5%?~=T@ z{Ni8ty&PNe^Ho|M=l2D&-n}s`>GsXDN1OY1-T1j^(VwZJ8%mjYFEgCfO+5H*kDt`O zqNHt4qB$paJa7uy5~;15wD--UiCK;xrSHu<)KOHRDmF>NdDZ3gOYH9)Z){RY(flf7 z_UivMlj(B1kE}U!{^!}Za&ud^$5?uw49o55nI9yj9r7%P_r&XrCB>6!crU4Ntk*r& z_~n*Po!*nbYm)8zSFQ||GT89S`t!4({!e>e_O{(wzQ3#CX6~+#d14ELuJ>50#w*2~ zQQhFx`07&h4d?4QvoG&Dbk&e`-}l+GcsKRD`z6Q{lW=<H{_cIVba+da?=5|Q*J*(Q z^WOehLAJl&_#I@~Qma_<!^=7O&CC#QjR*b$4!rWS>v?h`UQHKMU8U&h^5p8-2VvX& zTUPIxaGTqA`J!)M_TK#7c_Gnv)rmcwPLt<|Uf?@A^HccGyblFy5Bk1e$5%N0rkPBH zWJ<k$hId3(QKaH!CQ}0@hQB%sysloKU$LA${NDP%d-WN`mY-|Nz1lG4*VWT;M^dBn z_pP}lB&R=XRnFhLi~s(z3`!}NKRq*3L&qy*`q!^n(fbQKWz%(h{SH~rb1k^O#3j){ z#9YL}<LTnMS?Qq{s&^IGpFUL`)wtiMUS28q!|O8_E#r5;*83b=yHD8U<G<NAZtSlM z{&iVg>)*FWb3S!SPN@!B6E(T7eI<``sfFbW<^HnNdowST2&Pq>c)(p0amJEG=+(KI zoZ;tUIgZSHD0P0)oT@bYz?EOGz5liJ+|L^#pD$0kEc*A6lIq)Uj~1^o*RP*)cZ1DO z|GTxG9s%<df)1`^nw9Y={<is6rd0;4FT$?Zo_(?B+sg|azQ%vWbjxCe%eA@`&iEdm zxJN2LP5bTB<2Pg76<9-$^G%qclAf*kuygzAH~LczFU|eiyT^rrMey3!XMca|Hb#~| zN@VWqG2lB@JW*cTpzz{1Ri=`Qb6LH1trPC&uzYmeL7Q*Ft@)cyo^03ku<l@z_<Hn5 z<w^^gdfm-`EVh0~_xVujb7ki*IXCybe$&4hJkuL<Vs6+()iY)8XgfOP_FK76wKZ+Y zz8`NhU63?0&ia0w<ATESq=m;EZ#-Xe%Pf4}iSy<gDwASEt(W=-Zfh%X5nSWQ^x*%O zqR)z7-BSIZfB3XR;r1yr%?sxaUh&LjHeS-w(4V&N<=b16OQcej<mc53Ykg4s!yA>{ zEN8dKOLB{olBQ-lpYNvpJ0_h10lK%OQq+!x1TcPdGFJY>_G2|etneAl9}iPQ))}b& zw9>w_#l+bBZM1woYZ~|du4%6|9#kIQ(yJ+7?KR2eZUNJ>!_uKORi_tTu+bCVX3{0J zJmf^*)C+lRH>yvS-i^FF;kaXH;L!#NYo2FEmoco2E7`haUAb#%vFy`@m##l;Og^!@ znf2|8S(W;0{&qV=9@bB@keHx(f#WCVOVvZ4y(e!_y886MrFoI=pS#XvinaxX1m3wM z+-JVc!gF^1@3Rw(@Ag#OtX!s|*6}v$#;R4RKB`7pOtZabTUpAc>CP~bxMLq@)Oljb z7wd{0k1qKdzP@tV`^7)kEqA%}#b;-pOyJjHaO&{eW2kDN3@;ryMGeJRL~<S}UzA#8 zYkq%z-NWzqxrKDo7&QzG4HOMH*;uvtn3<$l8CXOXI(Jsjc9K0YG0yS`!>c|%<;nN% SvT*onuj~K4uqy#nN&)~L2}KS7 literal 0 HcmV?d00001 diff --git a/roles/odfekibana/files/Bozidar Proevski.p12 b/roles/odfekibana/files/Bozidar Proevski.p12 new file mode 100644 index 0000000000000000000000000000000000000000..24010a64063a960d554cd4e895e17b9e2e62362a GIT binary patch literal 3325 zcmXqL;`zzM$ZXKWv!9JqtIebBJ1-+U<ANrh4J=JOYYdurRv0v~$0MZJ7BsO37&Ni_ zFflS1G_kuPWEc%(*tno3@G!C&@Ud{@pAm@?KUTG!iHU=up^07M-_B68Da(!WpME~x zZCt6<q<!Sk^6!!@7xVufn0!ucb)Kus@z>Mc_Z_UC{lcqxBg3VQyN|7Czu4*hGdcg- z9%do$moM+!oByiiZR#dlK8>)xK5y>ZF*!5O@g7z9px(g!_F<Q^E7P^TpSR6B?z)!c zs1ftlMYo+3=7%M%;BTH8p#S~;`iVz%w@DevvuE947LM0w*J~->zvhQuzRh7NU#axD zCwCN2`|QHMXm?$jR#Ez{*Aar2((SyrW;LI9eB<naBPXJFMi>`xAANIOWQwBtA$@}n zc30FAC*R&_w2eLPZ_YmHH(PDR6SNL}w|nr-XnKWW_;>cDFIMMXdX*dItnvEEKW%Qt z_o64abM$o9#k>_S+sm<U>dvOk9&g^~zWO}#saAmf3F9lXSO4DV+pojg)LXOmpvB%- zj$f@R&D#2dZvEZOdCPOUZ{vL}nY}T(dt^&JKRx17Ta(T4>8#B9hr0P~KOI%}2<ENM z$Sr6(@WxZ`#H7mnvs`~~NX8s2G|3c83n|hv4cULg=W*~NQ4e>u7s-p_wD-Sx&b(-e z;%UZhoFUu(`B(0CeWk0reCpQQ>+D09%zEmxcS_msm+>qTJ&sQVm>cd@E&QA*^v+=R zH?t3?I#muH?#%x4t+eP_@(jz#3mhw0xl)2`bUZ|ic55&7DcZbFPbRZ~?QK?S-p;jY z3~#UP&AvCQ<8e!y*lFjQ1?%%1&5C&yj+rNv?cQ$4Dzn4Q`BEe6_Wc4W=N9MjIwVa@ zJ(=)lH@~F4+Z4;d$mXvCzmDHu%JS8iaq>h{gXE6ozc1zQc>7|tP_rOwkGJsU2ZtSB z%yL#QxgFg8DEvGVdt!&{s*=Qm|AJ<vYByc>x%p5@#il=w%~$r&7ulX8oMCfKYz4o) z4o;9g`Sj@j^0u0fm5Uxle_~j?!1O~{dx8kdmxB7qegD>Eu^rm|MC;58Q#Xr>*z+0> zm#qyKs$Xh<>#E4p$K@BlnH^#Ins{FS=;YN}DMwBl1$SAt$R7w@en;fRb`$wh!<~`Q zbHb|DJ^T1LrTB!-;#Y3ET`Lz{dR4z=SzKDKk>JM9y<C2)r|s?8Thcz^;qHAwCoFz^ z+EU;Cx9a?n)6xPz;+<z09g_a!?dv<|_Zp3P;fni|&RR>q3JJd~#x=V@#<@bixH0-^ z)&}Xkjr#<XW9+9SWt<lO{7a3~YR~?F-t%8RdJFVstTvM=nruAxYWREQAXC$8vWXq; z^HU!QWPC|-+%@UKrJw0qyx$L7?VfcxZEoy_+AnKrB7^;}DW7=Pv}DVbh~Jh1w$7Wg zjQ@+?{^v5k$L)}K`t6nX5BH@=*UCyd@?_rFP|#3hEpS0+b3=#vUr}@S$2#f4Y{_k& zCeJ$dIhMq?xjyz)y!KWsxz8Y@<K6GOZyN&E6}O*zKWlR2uH+AYe$V;2&tb1kL7w~L z%RjgemVQf{@HRqs{^mU{OJXuqs`FO=(5m>txHES7?Dv;Ex7TSJ_g0%I^K_(oE}pPL z#&Mr?z2^zrMoV3l1<d8qZ}sOsZ1ZJUByhg>r-NTl;k{jdzwRpfop5{eylLzAaDB{7 z>u}!J=;vdYbno3SrWkYghsTr>?%cLM`R0IL&$>JPR|@{@TIXPQ!BvZ);c?23yC<zO zn1tij3YO0nxyxw%-Y=g~BFpXe>_)-j5Xo-W$JeX9kH+lUQIaR=z3cVCQ}-QaTDW_2 zOmA5|uhGA2dF!`0N9C=v;}lx%R%qQ*EuX%iGD3nwur$}-O?RRb@9w>ND^j$juEy+B zo~Z1!raB;IF<<|T6JKIdHgM|vp83{HwE5X*`9}8dy0dsTFgDzb>B!XloUv|Yg0{eJ zelA~;fRA49<ZPR}7!CNp2AqEvKA|Q`&7?EcvC8-Sg+g!Db?V!TOV~WVKYs0RIj>K4 z-I6=T26B(>W^RdJwC#HdyQjvzN|Az&$(2%%i<SAcS@_-C?<e?A(qoeHmOJRSEb)rL zf}bS`N4`~a)=tiq7s%Y^u2<XT;>11ERsZ|bk8UrwNZ;=%SAIW#!=Y!tetc#>{4b^~ z^yu?N7Ns{A<mpezS<)c7#Q6RPBh#f$bIjD-H{3thcjWl?SC0c1#a!@Sqs`H)mX|tP z-a~)chWWl$HM6JIb<Z){cVUeU$Kx~0#d|Y0{!~tua9WjM#(wI=-tFRLofF=K{@=0d z&^ZnJQ@w4yipIC=CU}OQ&&Z69)#lGrNc*|_bmSM`701F0fBapwda(@C#3MVdFRfF% z;g`}_^6ulJ<Lqw)yYja0UJ)W~=*1;8pK;?^?ww|AqHc4JdY;Kyw5R$Z$LVyn&E6)r z8}m9P(igr=ZA(+M;7o1aZozBRY^%D?SFGMigr_3H%u2@RKzvQ?`hVr0wy2*~$P@Rk z{J>PO^#)5*?wJ+ga%<a{_H-!TE}pY8DE}6FnOsSS_{>LtoqHlb@aEgjpRVV#dG2!g z?|H0D^ZLI%DCw7YdGPFyzwytK92|B2lq{AoXkv9lsz?_!u^O>7vFaH#v1%DKv8u6g z!>Uy-My3T#Ebk1OSYDyjw#=Z~_OLUD%=deLZ9ugxOB2h9y|ZkO8Qpd{D*K}G=b{%p z2agwX-997VvsRYJG_b5@8~aa}P}QwP=klUupY%NMo8FLe-_)PY`a!_e_j7Xmo-~~Q zxVR%K|AzYC$&c>K#9I0mWnR4^8(36X<tkOJaj)y4Zl}Jxf(4gd%ys5Z;sR=2X^j@n zZ&y~Ve*aT^)(f5HN{>IH(|o7Q5m{H(`O!ej^<DB4cb^H&;a%Tm{;GYq^n<Us#&^~0 z%PY-3>F8}PH7J}d!}h6{sluC0=fF=B-l@B-ulAX5ONy(JscGIM`LXYA_TAeHVpMhs zXryp3{5X|+Fy(Og)u}RFj}8|V#s2%rQ(~!EkSEWZvviZ+egEy-6aTb#9(7Pudi==i z55w=1hHL>biHg@O68x_1_uUpHSrVBq=s%&CZC6KOsnUwn$sG4sw$9k{#@FC?$?uC- zBAnZ$mFBlFX{_C{MdtVF|4nu3=g!GGy)KV9s(+Pt-c8#Tt4s@aPLVOOi+EjebiYC8 zZkEM$r6qAoc}ssSb*SN3w6#|Khuiri{%!V?H5N88?7q;m)R*@-@5h}otJ{*}w@+BL zG*zJNJMXJ6j(#Ua9hU7#FY+_LY_{s`DW8A|Z%f?%zj{`9Y02FaVf_`8j;T4{+Q4FC znI`jKRms(No0YznMDI8KsweBYH;4VylpKr8r(SX$=3y<G>uPVZDAe>CTlkKp`F~dW zPI>LAm%6@8ezSbD!Su6sUaHIm678aH{VgHZFA7?ho$JYB5y;6~!C4z;bFuWDM(YfX zDWSFzO38;cUIos2+<ivt`1&15^WJKDM10ZnE0%wFTjJ)t{fE@+xf7X%PfHywd@`}d zQtfQx44vBM+&i;Ud}<PF&pw(ic6`Z!S^7I{A3pPYbyOrHbQg<$-JiQ2XF{F?&e#9m zbG&xSx|TWTXI{vZH+|t(e&XIgjp(a;VoNVAj1D|M_oAYz6=SyHm9Tw1I+;5rty=j_ za;+5qfrm%Svl)6{e>T72yHUpC&^<NFjdhE>>W{qfemGHe(&M@_N36^DeB(TI?&R9! zw5f*{Tl&50Z!~D@+AtyYCeNcwZ!R92UHNvxjPNYR$V11c9Ap<MEY6yx700PP=e2}- z<BFTYk!$W>Ocrd)*Wb^zO(^}?`(M|Eu6$2j7yNx$NY(x+E4n^KOq`HVs(Rsvk%!co zoh1`{9>)o^sr>lhc>CYZk`o-(v(7Hxw_kq6-@D~qY1fuJyqLT6Uij`-pSycXUtcoY z+I9NPb=GHJ_>{sK@9r#rzW%1SfRv@~Nv6f=*LvH}hcTAg&p-e6Nc5~)k?Fx2Y1K_C z+#9E?EWG9+WZWv08Z`Im^P{JW!q|NGi-fp6mH2n0I8%JlcGf>VT)m4Tx6W*rd(0+n zUg+R9)8$=Ru<Js0wP)6|?RdnFUY`Bn%1=Z8NVmq<tGucbuN^G4{8r1iYV$w0Et`%N z9nDogG<W`lX|Hl3PByz7NeZqJve@gv7<x?P-<zwKci%Xx(w^EIe{tr*^CrKeC+Z3@ zrJN5}EY`n!--OldUPF@C#x?Gm_rDn5Q(xJ(zP)$)-A^or8jp9R&)R=VStR`rYq(kc zhgWv)4RhXx@GEx;y=S_$nL+Jf-ej}?%i|?gFW-Lp*rKene3JaVs-@e*?M$Of&IqK1 zExIbJF1mY3srTo_l`9fAN6mhu<o<@?OuM(Cs(~`RbmSB@6k`#Q^!q4Qsr+Z!8T0S^ za!#*YsA%<jlYyauq5&rxt2Q4qlN2ihi^u|21Mj}M-czp`eKY;fw>tO-Z!sSWM<5IL MzLJB#K7&e00Bh$qdH?_b literal 0 HcmV?d00001 diff --git a/roles/odfekibana/files/SOCTOOLS-CA.crt b/roles/odfekibana/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/odfekibana/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/odfekibana/files/cacerts.jks b/roles/odfekibana/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/odfekibana/files/dsoclab-kibana.crt b/roles/odfekibana/files/dsoclab-kibana.crt new file mode 100644 index 0000000..f47839f --- /dev/null +++ b/roles/odfekibana/files/dsoclab-kibana.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 7d:fc:33:45:75:73:e8:f1:60:94:a7:4e:6b:2f:23:f1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:27 2020 GMT + Not After : Oct 15 10:47:27 2023 GMT + Subject: CN=dsoclab-kibana + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ce:4f:c9:0f:84:4d:4e:7b:dc:11:90:c9:49:a8: + f3:60:44:a8:25:1b:59:83:64:0b:d1:e0:bc:59:50: + 22:a5:f5:88:7a:c8:40:65:e4:22:3d:77:d2:8f:9e: + 30:17:80:5e:20:85:bc:70:67:61:cb:d8:e2:9f:9a: + 7c:7b:a6:e8:4e:79:7b:cd:86:6e:26:52:37:45:b6: + ab:b7:6f:40:8f:7a:55:8b:d1:91:cc:21:6f:55:37: + 50:3b:72:1f:2d:3b:bf:75:47:91:88:6a:1c:ea:39: + dd:8b:25:31:55:0e:bc:52:6f:bf:0b:96:ef:e3:12: + 5c:da:63:22:54:e5:b3:95:8b:02:9e:57:3e:7b:4f: + a0:f5:6f:07:a8:5b:45:7c:cb:34:83:77:34:a5:b1: + ff:05:12:88:8f:cc:c4:05:5d:e9:e7:7d:2b:12:fa: + bb:4d:25:f4:f7:04:e7:95:06:95:ea:a9:c4:75:4e: + f7:03:67:2d:9c:9a:f4:01:f6:2a:8d:6c:6d:d0:59: + a9:ce:1f:12:b1:76:39:c8:07:d4:20:73:1e:f3:9c: + b9:67:83:3b:a8:7c:6e:fb:86:ea:3f:6a:8e:98:4c: + 39:a9:d1:4d:be:9f:0a:43:49:1b:fd:09:67:b6:62: + 71:fd:87:9a:63:25:00:aa:c7:a1:4d:23:12:e3:56: + 0f:6f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 50:F3:7D:4F:B2:8C:A5:09:FD:64:CB:C1:97:F1:F8:49:C8:6B:30:4D + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-kibana, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + ae:be:82:6f:6d:e6:c4:cb:c3:2a:d9:d6:ee:11:52:a6:de:89: + 9e:31:a3:e2:86:07:e9:d1:fe:95:c9:a2:38:90:df:05:ff:e5: + 99:27:e8:d8:55:00:8a:85:b3:15:a5:e5:5b:ce:4e:4f:01:3b: + 74:a4:b2:09:fc:6e:95:92:94:2f:76:0d:c7:97:1b:78:c1:08: + 1e:3a:0e:fa:a6:ab:db:1e:22:26:86:39:f4:bb:89:a1:a1:d1: + 55:f6:c3:ff:9b:a5:eb:1b:6a:84:8a:1d:3c:5f:7c:03:0d:08: + 42:6f:d7:14:86:61:38:66:65:f7:c2:86:68:db:81:e9:41:0f: + 82:cf:bb:be:fd:d7:94:48:cc:f8:cf:4a:40:ce:33:c4:75:51: + 00:7e:c7:93:f6:3b:92:c1:5e:8a:ce:5f:2c:c2:f4:fe:ec:77: + 9e:ea:30:d9:53:ee:f9:b9:fd:50:f5:6b:92:1c:57:d2:e0:f3: + 05:d8:79:a9:63:16:13:09:cf:5f:39:dc:ec:43:e4:65:45:43: + 65:e4:7c:39:a3:a2:81:47:ab:8f:57:a9:89:9d:56:4b:77:b1: + 04:c8:9c:54:d2:5c:28:f5:d3:66:ae:9a:9c:a5:91:c7:eb:20: + 69:fb:58:99:c7:5e:be:ec:4a:7a:62:09:fe:3b:30:f2:4a:d7: + 1d:f9:0b:c3 +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQffwzRXVz6PFglKdOay8j8TANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjdaFw0yMzEwMTUx +MDQ3MjdaMBkxFzAVBgNVBAMMDmRzb2NsYWIta2liYW5hMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAzk/JD4RNTnvcEZDJSajzYESoJRtZg2QL0eC8WVAi +pfWIeshAZeQiPXfSj54wF4BeIIW8cGdhy9jin5p8e6boTnl7zYZuJlI3Rbart29A +j3pVi9GRzCFvVTdQO3IfLTu/dUeRiGoc6jndiyUxVQ68Um+/C5bv4xJc2mMiVOWz +lYsCnlc+e0+g9W8HqFtFfMs0g3c0pbH/BRKIj8zEBV3p530rEvq7TSX09wTnlQaV +6qnEdU73A2ctnJr0AfYqjWxt0Fmpzh8SsXY5yAfUIHMe85y5Z4M7qHxu+4bqP2qO +mEw5qdFNvp8KQ0kb/QlntmJx/YeaYyUAqsehTSMS41YPbwIDAQABo4HcMIHZMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFFDzfU+yjKUJ/WTLwZfx+EnIazBNMEYGA1UdIwQ/ +MD2AFHkGykDTn5pUrtMzTfI4PrYL8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09M +Uy1DQYIJAIp0kyaAW0K3MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAL +BgNVHQ8EBAMCBaAwOQYDVR0RBDIwMIIOZHNvY2xhYi1raWJhbmGCHmRzb2NsYWIu +Z240LTMtd3A4LXNvYy5zdW5ldC5zZTANBgkqhkiG9w0BAQsFAAOCAQEArr6Cb23m +xMvDKtnW7hFSpt6JnjGj4oYH6dH+lcmiOJDfBf/lmSfo2FUAioWzFaXlW85OTwE7 +dKSyCfxulZKUL3YNx5cbeMEIHjoO+qar2x4iJoY59LuJoaHRVfbD/5ul6xtqhIod +PF98Aw0IQm/XFIZhOGZl98KGaNuB6UEPgs+7vv3XlEjM+M9KQM4zxHVRAH7Hk/Y7 +ksFeis5fLML0/ux3nuow2VPu+bn9UPVrkhxX0uDzBdh5qWMWEwnPXznc7EPkZUVD +ZeR8OaOigUerj1epiZ1WS3exBMicVNJcKPXTZq6anKWRx+sgaftYmcdevuxKemIJ +/jsw8krXHfkLww== +-----END CERTIFICATE----- diff --git a/roles/odfekibana/files/dsoclab-kibana.key b/roles/odfekibana/files/dsoclab-kibana.key new file mode 100644 index 0000000..9eec2e4 --- /dev/null +++ b/roles/odfekibana/files/dsoclab-kibana.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDOT8kPhE1Oe9wR +kMlJqPNgRKglG1mDZAvR4LxZUCKl9Yh6yEBl5CI9d9KPnjAXgF4ghbxwZ2HL2OKf +mnx7puhOeXvNhm4mUjdFtqu3b0CPelWL0ZHMIW9VN1A7ch8tO791R5GIahzqOd2L +JTFVDrxSb78Llu/jElzaYyJU5bOViwKeVz57T6D1bweoW0V8yzSDdzSlsf8FEoiP +zMQFXennfSsS+rtNJfT3BOeVBpXqqcR1TvcDZy2cmvQB9iqNbG3QWanOHxKxdjnI +B9Qgcx7znLlngzuofG77huo/ao6YTDmp0U2+nwpDSRv9CWe2YnH9h5pjJQCqx6FN +IxLjVg9vAgMBAAECggEBAKJC7gdeLs8Da1oFXcqpLoEQfo5wrD5CeWlgL8Ku3BFa +wzSOOtfoTWW6z8hUyc4yD9XUWRiutqP0uIh+oFlANIVD1rMWf5t0HjSeLv/eaBBw +Tsfg06KQyVdkYZ3fa9XPoA1FdJitnIA7cpr1bY9QP502djNPSux0jMLWJTJQVqXN +fXykLoIvB8xIPWbJAJMgF75turJMFT3wGN+qjCzbsZqIHmqp4eaKoH4Mz+Y6SJcA +uSzCdGKVPxHUVZbtkXn5GZXFx5YQ0wwRHJRWQ6Fn49HtKc5vBc7PN8fG18+s3DA2 +BR7MLgIaHGBKsnJgcOOZQiRCQP/uBBEIxIF0qU3h5UECgYEA6aiUvvBNcShCRaaH +Wf5GpYTT1ANNv5+3sCTy4KKt3yCxyyn5ENEFL1i8w6/LffGIAsoLnoEcxWV/fhLy +ZH5FzIYxlR/w2rddUyOXENx/9CWw/IhL91U9525JCJ0B0TBkZ9842ORX7kcI8+0g +4oaC5bDYTZotAto4ftNIzmfznesCgYEA4gnREIl4nv9v28x5aUS+HhSpsH9kkVrr +FQ0amCJSHu4U9J39MXS3Fju3rlmZG59J9ymEQ4tr0Hq3S+tsTy4hP5d67/KtoxKr +3smyKduX6gfOmEy3TjCSc+OMebM7lX0crX2+0JCm355yDC8fxdAGxpmqYvwmVw9Q +NbIb2mHR/40CgYEAjshlnQhbSnq/hLBupZ+srBivGS+rox2Gsizh/kNq3J6uBuhv +Osd/0572Ot6CC0Q9SPcOgp2DZ1zOu8v4M1C2dnTKd8Y8+Gp0rQlilvsndZpSvP7M +7Sc53OKX3puTMLHRqWfO5TskQIdIAUc2gTaRZqragxFj0App25ZhN0BurmECgYEA +uM8L5vhu7ZitjUk17zKsOo3sW4kc4ZczY4fOOZq+B9niukm+LMRfuUbkHCHXg/UN +lY6VPGBuqwraeLEoYei2eHbSpgKFozHt4f6Is55+K3Nsn6sBqGUgKK5gOVSon8Wm +P9byvzW1qlmyp3GUCbjXAWO8IqhEdKPpka1pBnk6KDUCgYAhGqRGJ7NG4+Wz/0/5 +Z/IQeEsLO4lB7EuIADn9udmrYgYqv7sHDzhIUOviJPRgf2ag68LEXXZsC029famu +/wbhD6pw1yq0QKGDcgH/LzHL9+74TqRlT7drPyOFPqOGPKtc88wL/aXRC90n7dsT +jFEbunnLOfUUjgxXiJpNU0FtjQ== +-----END PRIVATE KEY----- diff --git a/roles/odfekibana/files/dsoclab-kibana.p12 b/roles/odfekibana/files/dsoclab-kibana.p12 new file mode 100644 index 0000000000000000000000000000000000000000..f9e8737d615ab77c25857cf3b3c8eb2d77f03104 GIT binary patch literal 3397 zcmXqL;&o(VWHxBxWoP5mYV&CO&dbQoxS)yW2TK#r7lS6A4+c%_%Mns+3!2zx7&Ng@ zVPa%3Xkzb0$S@knuyH|6;9+Dl;A7zkz3X<M_;O+c6B7qRLlb+#{#WVQ=WboLTA<Bx z_;#%94`HK*EBdpqgb7EV()ly9`tzHXpTRnB|8KLm3||$dGt=tWqsPD3B+WejGSNKM zd%sDrX=Z-#S>r=lXR0=QU)HxbD2VZPOH;}1?xTVQx!V-nvi`k2ch@yXT2XIWtylVG zYsvMl&MudVXP*`9uQNYlp?j1$wB-Ec;FB|c7|&WPlP)WxwP_xQ;th%N>-~jF5^4WT zi>K?R?w88@b&K!JcKrq0pYlC_d+Pk{@Vb2c{&Qs(@~849C||m_?%ipH{yi@qsz=`Y z865k=|7_caBO8k5C5J1ShTRKsbAP&ewM+OpV>>g~)5q>u+k3s0Uf}HAzBKhoovq{A z{}SaqS>k@V$I}lRulCwF&0(>8pp97iD=mMEn~%jmdGs~D>b-LKg>NH!n5l-QLzSm> zxYhC7LFzlT?v^f}=y*|9yGEMX&V1V0(|T{561wMHN^yRDmpjiXr>gk%zIQjWBChT7 zJ8)BL(w(@Q%iLz4d6KFTrZDUJlPb}|;Lhl6OO$^;IDGiUbzzZzJMYUbxL+K-|5=;m z8NaBb{cjq)7`OhAXk^=9ec?wwTR_eC&4zwijfpRAy?;Jc+x8o$#F7>1d*5+}n6@%@ zmo<q;vDStQZ;4*B??}FMu=gpp)9<e@*?4Qou4WOp#*f??S6z?0yD44V5W4?(?Nf!C zS@BKF@3hT5ZSQ@n?XS;qm7dF+y!STxPdc{s-{zc?+ooKfpwxXVY?V>=*Rm}a4oh5P zPC6m+nZ-@c{BHNdwnb@ak7m2Q_<u)ciPZ9tQk}minM$r%ea#Z8icvZ2)^RY;a{g0! zvnIui9kUPrwG|KFkXOU>Ym)oxTS_SpJKjnhNLh8R$MM&{$(mw37eZ&UDt-NS^<mDO zUalqFk-HtIC-PRaob+7CB3gfI@1LkE6(POHeq^X>hMP;R)qU}0zm>t^AO(}7SJLdA z#1gfZJ~j1Tq-Pq-Ftu~x-G@aDU-=#|9NV8VHLa!C|NVM*-^**Jq;aou2zV407Tn&; z&ab<nwCT)hyD9g$7Om1TH_}<(#PHHC-}%5j<5j7;i&j0CwCS28qLyxF>d))BRQuPJ z=_T%SPhX$)U{6Mo{xmKdVJWx0fzK5ceyLZ9ESPcn&Kse<_A2q+Tob$*?|1(@^X|XV zwY@SzSC72lm})F=z-Fy5AKO&9u%B;4l#fK;dna&V!HHA%TpE-OEZ@oZ_*+ft>0HRw z6SDogH;Yn`v&hk(I~x>C9T)N*S(Vw$WtjQ-mz^Y2!OK6s*K2yeJpA{gbUk;1xyNj~ zo^Y8GC5EQ?Gpw$iK9w=aM4*N5-rl}#H!3Sk&j?9=U9DyD$n5hK+XH79YCI-OuwTA@ zamk6(KbT|A`W#OGTzt6v07HPOYKhpXis?y>$BxfAB>nS-hG@Y@rtRS@*-7o1b1$Eo z%`@A1cY~L)e`dJQYVA|@zdDL?|L`lD8^ks62#Q_qEYOah`exy&{Tn*^QdxuLuE{>l z-WmIB@#aIDJF6}lUt`p2(fv1JQ>1TO@$clS1(q5XPv;u`-DJ_`y)0sN&yxA!kNVi$ z%pBI&tc$yK$H;f?%q^cLew*nKzk2;LHP>A)&bOx7G{67#PhjO$m1_}ou4kEb%jP^` zytHZV^x3-?cCXp>pYQYe<jIVdOiGiOE{HB_oSgMJS9;a8yUT+fKJBkMeDhn>p2u<y z=MCSd1-a*`X2*Fil&-W8KGGMEdT!IQsj5NAE(>K7dEFN+d;6t2WajB_x55tgCCu-C z^IM!{%5Awj0b*~?JD<(mH`5_z%fa$(2lguI&bS+=6VTqd{Lviyth+VmW?Ytbe1B$M zVzZi2;I=r4TU^q|jvCv{mYqDc$F*o@k>>TAe$W58bU)M#*5a32dVb@xqQfB$>Sy%3 zDrf9ixZnv(^n^=qG%VIjFS&a#<d*Wf?1dT{CLijqKHUC`d6n6c`%khSFs$NSzH;G& zjt}{pwThA@G?j$TwXB<-K2zw^+v(5DAK7ep?wRcRT;Gnj?VjFM|ISa9ix;ztD~a|! zT=S-K*V;9zn=)2--h8EdPPWy`-&t>i%f`p74<7ePu2_@e|2!)#bke!|FW0aZi9ZzL z@#R{t$m2RgFj7-nMDt8cb$@UhYp1kV3^#9NX`Q_9x8|=K*GVL6@a$NVXnEk<1wW2D z7bWf$m#kXvFE0@)&z@-6y2q%+?9#sY{b^F{^%oYb$e#XN*sJq3%cKpmiFX7Z&hn`K zb5C*0%OHVe*M9EK2%qq%CpYR)dG$snkq(!~`O*jf%{Y1T&@l$7wKr@h?=1g4*WGgV zzQ?z%Yh~4r@p?@B8X6^XvRO2eT{tT1)AHwakBt;x=O!@c{qCQ8zr<NR@7g6lEuosf zorxD#1srK)np^goy-N5^<}AI-tNdPkI+a{~>sxna-j=!lk`2V-Pk${@=sVc=B4OE8 zkK(rv=iD)gdpQ4N(A;WCR->P%TVK7}<*8P-d-blBQB02yg=H%DKb-vP`j%~9&oMc@ z(ePwfzjPurxu{>}$oxlXo4BG2wWAf*uTV%6-`ug9BWP0D!>NDtyefCDK6zNM;z#Ye zx2AT^22HGvNEPyeCRQVsCRROzCRQzjCRQ~zZdmoq#mKaviRGO^6U!@<TALYEYv=L` zY+d>!<vys^W@%zM(Nklr_Hcpi+OxHeRa{)Fgi{)yeYWpQEt)wuIrqWgO8aRss|t4I zr1CCnyxpSy$<yWVCIRykE_=6KcK;sz>}4an?E3`~q5Eqh<}b~N6Lx3(eZKp)=$5A} zwY$PU9SbgVddu&da{kFCk-Y5^Ez&OE4<ER(<HK5o*L^YlM{E!L3*30Xv3jHCHkH&T zH9LPVh`zl2@GG9Q#mmfFT|@g$pJFqQ?tQ2K+r47{@>7e})w$2-+^y~>#%OvrRYJ_? z&q>{PMP3^g8Mj=LYq9$^=gJh-7L@~SYm0CC%URejO|W|1yI(UVM|Gom=t=STTf9uK zD*lL8O*2Sg5Q@IOB<^O{frQih^}M%qce-tP<H0+jvG4EflbpB3_+twhYJ_!vT(9?? zoXvl{qG_>)^se{z{B6m0-K);nvX)M9-}*oFb>#eg=E=LSuGgE&w5iihie-AEX!T`} zvWaYu+ApLxvA<)R*3eYS%@bmG_~W(YE4TJ`oit>6eJ6-#x_Z(U+xe02Hr!8+unRNS zocky|M*NK7uK=Z3xp^IhAs3c(zv11-@owtBf7f?O=WOx5U8$&=X7}fP;^es^+4@Rz zW*+kRTf8dB-FlyamF0=>9ky1D`}}`0g}weGa8`Ho2CKq=Dc9FbvfFWLnbqMm`=?*- zKde9fT!TTy{aK>)jmf^o+gdkvUo7f;%K2$i%4NZq_oEy?ar<!{)X_}i;<uG8<<7aX ziE*F9B&G+G+H7vzDv6$RX?}226E7!=;F)P`UksUbr0!oT5eRloet$fD)rL(io3DTM zU(x>e-SnfgR$Qq6IHSVbyKhnSk$by2LwGn}<@D7VGfmStwb%b1L+nob2Xj={U7M(% zS-N{d)6DOT&kuCAT~gNTDox_JT6=TW%Fip~7ajQL7X9>x{h>hdkoiuhg<YPDHw%^T zWUSn3<Dr-E%2NL9?N?o2xq}sT`zxz$bToLrwJ}&Mdv`L4>Du~DVntJ|-6yU7t=3%M zF5y4(>a6Jxx7Dd|8JNwxtRWZFxc!>!jwYpTduo<lVtSx`hj&u-&6=lTa=U*TD@b}p z-?LY05S!Se^?Y8k#ie%T`}0z+tzqDvXBgw=rj%%T?W?Opzr=L8c`cRwAFLyy_A)<E znr&9vd)#YM>dwVmjl;HFQ<}f%yztU{Hiu@aY!f@A{PV%lbiQX1Is%`cZn6AQRFk=U z$)BAsUm5o=wpni)+Q_ukK6Co!6D^+BM-sdD?x|?bo0w(9E-+Cb(uYTvFLOU5UwU-C z-CP-&_jlA*Z`im)Mt+X|+ORdx!k@-m+GM`rcFHWz$$q^rukLS-KKf?KwAZc=gtv3Q zxb~`)Eon>X8J&Y&a?Q5Z*EZhEp1%Ag)A~9gHg}2d7uH3`n&dy~zhuyCSl5{7es-eF zqAJ1S=QRqd;?e6{Jq`Wddhg1yx#Lzi)pF+2s+AWDqjgflS8uJ<x3;;L(Y8wKV1-V& zYQBw7XGF$}zH^PMmuz^>udumr|4e>2sRiLI-A`gRX@p<viZ(6zEA~%Q^VgaM*{<sT zn~dITi{v*pZBRU`7TLiZ>~LI4{T;&t|35RH`v1+nIQhMNGC$icm#543M%zX!pZs&{ zwC5+YsK2SXdtN>``5{u=_>%Xvbt`@-?ta7cpd&#@IYx=)_bmZM56)!_Wfdn^&A$62 zkJ(VwKp9>-a*7&?v51`WJ*KDBa$wW1ra3m%KWxu05n69#U}&Idz{$p{&Bx3n#mc}U m(*G#1OKZ{c+x>ps?;lI6@E$Qpo5R8(rlp+|ogU&1DkTBWK2}fw literal 0 HcmV?d00001 diff --git a/roles/odfekibana/files/kibana_graphs.ndjson b/roles/odfekibana/files/kibana_graphs.ndjson index f6e604f..086e784 100644 --- a/roles/odfekibana/files/kibana_graphs.ndjson +++ b/roles/odfekibana/files/kibana_graphs.ndjson @@ -1,62 +1,11 @@ -{"attributes":{"buildNum":26506,"defaultIndex":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b"},"id":"7.4.2","references":[],"type":"config","updated_at":"2020-12-20T14:02:51.577Z","version":"WzM0LDRd"} -{"attributes":{"fields":"[{\"name\":\"TLP\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"TLP.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"TLP\",\"subType\":\"multi\"},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"destination.ip\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination.ip.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination.ip\",\"subType\":\"multi\"},{\"name\":\"destination.port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"destination/ip_geo_city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_geo_city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_geo_city\",\"subType\":\"multi\"},{\"name\":\"destination/ip_geo_country\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_geo_country.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_geo_country\",\"subType\":\"multi\"},{\"name\":\"destination/ip_geo_country_iso\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_geo_country_iso.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_geo_country_iso\",\"subType\":\"multi\"},{\"name\":\"destination/ip_geo_lat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_geo_lat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_geo_lat\",\"subType\":\"multi\"},{\"name\":\"destination/ip_geo_lon\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_geo_lon.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_geo_lon\",\"subType\":\"multi\"},{\"name\":\"destination/ip_ipreg_comment\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_ipreg_comment.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_ipreg_comment\",\"subType\":\"multi\"},{\"name\":\"destination/ip_ipreg_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_ipreg_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_ipreg_domain\",\"subType\":\"multi\"},{\"name\":\"destination/ip_ipreg_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"destination/ip_ipreg_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"destination/ip_ipreg_name\",\"subType\":\"multi\"},{\"name\":\"event_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"event_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"event_type\",\"subType\":\"multi\"},{\"name\":\"flow_id\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"in_iface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"in_iface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"in_iface\",\"subType\":\"multi\"},{\"name\":\"proto\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"proto.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"proto\",\"subType\":\"multi\"},{\"name\":\"source.ip\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source.ip.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source.ip\",\"subType\":\"multi\"},{\"name\":\"source.port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"source/ip_geo_city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_geo_city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_geo_city\",\"subType\":\"multi\"},{\"name\":\"source/ip_geo_country\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_geo_country.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_geo_country\",\"subType\":\"multi\"},{\"name\":\"source/ip_geo_country_iso\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_geo_country_iso.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_geo_country_iso\",\"subType\":\"multi\"},{\"name\":\"source/ip_geo_lat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_geo_lat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_geo_lat\",\"subType\":\"multi\"},{\"name\":\"source/ip_geo_lon\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_geo_lon.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_geo_lon\",\"subType\":\"multi\"},{\"name\":\"source/ip_ipreg_comment\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_ipreg_comment.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_ipreg_comment\",\"subType\":\"multi\"},{\"name\":\"source/ip_ipreg_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_ipreg_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_ipreg_domain\",\"subType\":\"multi\"},{\"name\":\"source/ip_ipreg_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source/ip_ipreg_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source/ip_ipreg_name\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tls.ja3.hash\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.ja3.hash.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.ja3.hash\",\"subType\":\"multi\"},{\"name\":\"tls.ja3.string\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.ja3.string.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.ja3.string\",\"subType\":\"multi\"},{\"name\":\"tls.sni\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.sni.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.sni\",\"subType\":\"multi\"},{\"name\":\"tls.sni_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.sni_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.sni_domain\",\"subType\":\"multi\"},{\"name\":\"tls.sni_domain_alexa\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.sni_domain_alexa.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.sni_domain_alexa\",\"subType\":\"multi\"},{\"name\":\"tls.sni_umbrella\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.sni_umbrella.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.sni_umbrella\",\"subType\":\"multi\"},{\"name\":\"tls.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tls.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tls.version\",\"subType\":\"multi\"}]","timeFieldName":"timestamp","title":"logs-suricata-tls-*"},"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T10:26:54.470Z","version":"Wzk4LDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata TLS - Histogram","uiStateJSON":"{\"vis\":{\"legendOpen\":false}}","version":1,"visState":"{\"title\":\"Suricata TLS - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT30M\",\"format\":\"HH:mm\",\"bounds\":{\"min\":\"2020-12-20T08:53:14.254Z\",\"max\":\"2020-12-21T08:53:14.254Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"timeRange\":{\"from\":\"now-24h\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"080a28d0-436a-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:31:45.324Z","version":"WzExMCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata TLS - Top source IPs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata TLS - Top source IPs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"source.ip.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source IP addr\"}}]}"},"id":"649dd8c0-436b-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T09:18:57.076Z","version":"WzgwLDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata TLS - Top destination IPs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata TLS - Top destination IPs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"destination.ip.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Dest. IP addr\"}}]}"},"id":"e95d6ae0-436a-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T09:19:11.119Z","version":"WzgxLDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata TLS - Top SNI","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata TLS - Top SNI\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"tls.sni.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"SNI\"}}]}"},"id":"fbeb5370-436a-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:30:58.208Z","version":"WzEwNyw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata TLS - Top destination ports","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata TLS - Top destination ports\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"destination.port\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Dest. port\"}}]}"},"id":"d5917220-436c-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:31:21.254Z","version":"WzEwOCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata TLS - TLS version","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Suricata TLS - TLS version\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"tls.version.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"f99b0560-436b-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:28:59.999Z","version":"WzEwMyw0XQ=="} -{"attributes":{"columns":["in_iface","source.ip","destination.ip","destination.port","tls.version","tls.sni","tls.sni_domain_alexa","tls.sni_umbrella"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Suricata TLS logs","version":1},"id":"2fb21020-4377-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"74bb7bb0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T10:27:54.529Z","version":"Wzk5LDRd"} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"},"optionsJSON":"{\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":9,\"i\":\"bf273f44-b0c6-4a76-85ae-271bace06b5c\"},\"panelIndex\":\"bf273f44-b0c6-4a76-85ae-271bace06b5c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":9,\"w\":10,\"h\":15,\"i\":\"f3f513d2-c57c-402d-a7eb-9335533b9cee\"},\"panelIndex\":\"f3f513d2-c57c-402d-a7eb-9335533b9cee\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":10,\"y\":9,\"w\":11,\"h\":15,\"i\":\"280a69a1-470e-455f-a2af-e0f67a5b6899\"},\"panelIndex\":\"280a69a1-470e-455f-a2af-e0f67a5b6899\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":21,\"y\":9,\"w\":17,\"h\":15,\"i\":\"e2966d9f-3a5f-40c6-8046-921ca11dca36\"},\"panelIndex\":\"e2966d9f-3a5f-40c6-8046-921ca11dca36\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":38,\"y\":9,\"w\":10,\"h\":8,\"i\":\"8b66f551-7eea-46fd-a693-83291441986a\"},\"panelIndex\":\"8b66f551-7eea-46fd-a693-83291441986a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":38,\"y\":17,\"w\":10,\"h\":7,\"i\":\"91965e77-41d0-4046-b51b-acf16494b52c\"},\"panelIndex\":\"91965e77-41d0-4046-b51b-acf16494b52c\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":24,\"w\":48,\"h\":22,\"i\":\"66a787fc-5c09-4a60-b878-5d453d6d5738\"},\"panelIndex\":\"66a787fc-5c09-4a60-b878-5d453d6d5738\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"}]","timeRestore":false,"title":"Suricata TLS","version":1},"id":"2d8baeb0-436c-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"080a28d0-436a-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"649dd8c0-436b-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"visualization"},{"id":"e95d6ae0-436a-11eb-b75a-bbebe0b50e97","name":"panel_2","type":"visualization"},{"id":"fbeb5370-436a-11eb-b75a-bbebe0b50e97","name":"panel_3","type":"visualization"},{"id":"d5917220-436c-11eb-b75a-bbebe0b50e97","name":"panel_4","type":"visualization"},{"id":"f99b0560-436b-11eb-b75a-bbebe0b50e97","name":"panel_5","type":"visualization"},{"id":"2fb21020-4377-11eb-b75a-bbebe0b50e97","name":"panel_6","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T10:30:30.675Z","version":"WzEwNSw0XQ=="} -{"attributes":{"fieldFormatMap":"{\"ip_dst_addr_misp_url\":{\"id\":\"url\"}}","fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"alert.action\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.action.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"alert.action\",\"subType\":\"multi\"},{\"name\":\"alert.category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"alert.category\",\"subType\":\"multi\"},{\"name\":\"alert.gid\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.rev\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.severity\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.signature\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.signature.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"alert.signature\",\"subType\":\"multi\"},{\"name\":\"alert.signature_id\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"event_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"event_type\",\"subType\":\"multi\"},{\"name\":\"flow.bytes_toclient\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.bytes_toserver\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.pkts_toclient\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.pkts_toserver\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.start\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host\",\"subType\":\"multi\"},{\"name\":\"host_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host_domain\",\"subType\":\"multi\"},{\"name\":\"host_domain_freq1\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host_domain_freq2\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"in_iface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"in_iface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"in_iface\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.accuracy\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_geo.geo.city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_geo.geo.city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_geo.geo.city\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.country.isoCode\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_geo.geo.country.isoCode.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_geo.geo.country.isoCode\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.country.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_geo.geo.country.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_geo.geo.country.name\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.latitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_geo.geo.longitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_misp\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_misp.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_misp\",\"subType\":\"multi\"},{\"name\":\"ip_dst_port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_addr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.accuracy\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_addr_geo.geo.city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo.geo.city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo.geo.city\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.country.isoCode\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo.geo.country.isoCode.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo.geo.country.isoCode\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.country.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo.geo.country.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo.geo.country.name\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.latitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_addr_geo.geo.longitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"payload\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"payload.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"payload\",\"subType\":\"multi\"},{\"name\":\"payload_printable\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"payload_printable.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"payload_printable\",\"subType\":\"multi\"},{\"name\":\"proto\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"proto.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"proto\",\"subType\":\"multi\"},{\"name\":\"stream\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"vlan\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"timestamp","title":"logs-suricata-alert-*"},"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-20T21:20:28.734Z","version":"WzM1LDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata Alerts Histogram","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Suricata Alerts Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"71a37750-0b7c-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-20T14:01:02.393Z","version":"WzIzLDRd"} -{"attributes":{"columns":["alert.signature_id","alert.signature","ip_src_addr","ip_dst_addr"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Suricata Alerts","version":1},"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"search":"7.4.0"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-20T14:01:02.393Z","version":"WzI0LDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Suricata alerts - top signatures","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata alerts - top signatures\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"alert.signature.keyword\",\"order\":\"desc\",\"size\":10,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Signature\"}}]}"},"id":"d7d96e70-0b7d-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-12-20T14:01:02.393Z","version":"WzI1LDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Suricata alerts - top ip_dst_addr ","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata alerts - top ip_dst_addr \",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"cardinality\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"alert.signature_id\",\"customLabel\":\"Unique\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"ip_dst_addr.keyword\",\"order\":\"desc\",\"size\":10,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Dst IP\"}}]}"},"id":"eb41e310-0b7e-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-12-20T14:01:02.393Z","version":"WzI2LDRd"} -{"attributes":{"columns":["ip_dst_addr_misp","ip_dst_addr","alert.signature","ip_dst_addr_misp_url"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"ip_dst_addr_misp>0\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Suricata Alerts Misp","version":1},"id":"42ad6a30-15b0-11ea-841d-a1505e4ae442","migrationVersion":{"search":"7.4.0"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-20T14:01:02.393Z","version":"WzI3LDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Dst IP in misp","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Dst IP in misp\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"ip_dst_addr.keyword\",\"order\":\"desc\",\"size\":5,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Signature\"}}]}"},"id":"9676d8e0-15b0-11ea-841d-a1505e4ae442","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"42ad6a30-15b0-11ea-841d-a1505e4ae442","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-12-20T14:01:02.393Z","version":"WzI4LDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata alerts - the Hive","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Suricata alerts - the Hive\",\"type\":\"thehive_button\",\"params\":{\"url\":\"https://hive.soctools.geant.org/\",\"apikey\":\"ebMZixrFT+4qeWDf0iW3D5qFr/GbwA4j\",\"owner\":\"odfe\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"ip_src_addr.keyword\",\"order\":\"desc\",\"size\":20,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"48992900-62d3-11ea-aaa3-bb2f31340783","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-20T14:01:02.393Z","version":"WzI5LDRd"} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"},"optionsJSON":"{\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":7,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":16,\"w\":48,\"h\":14,\"i\":\"2\"},\"panelIndex\":\"2\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":7,\"w\":15,\"h\":9,\"i\":\"3\"},\"panelIndex\":\"3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":15,\"y\":7,\"w\":9,\"h\":9,\"i\":\"5\"},\"panelIndex\":\"5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":24,\"y\":7,\"w\":11,\"h\":9,\"i\":\"7\"},\"panelIndex\":\"7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":39,\"y\":7,\"w\":9,\"h\":4,\"i\":\"8\"},\"panelIndex\":\"8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"}]","timeRestore":false,"title":"Suricata Alerts","version":1},"id":"368ddb80-0b7f-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"71a37750-0b7c-11ea-bc07-2bc38b4c4b9b","name":"panel_0","type":"visualization"},{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"panel_1","type":"search"},{"id":"d7d96e70-0b7d-11ea-bc07-2bc38b4c4b9b","name":"panel_2","type":"visualization"},{"id":"eb41e310-0b7e-11ea-bc07-2bc38b4c4b9b","name":"panel_3","type":"visualization"},{"id":"9676d8e0-15b0-11ea-841d-a1505e4ae442","name":"panel_4","type":"visualization"},{"id":"48992900-62d3-11ea-aaa3-bb2f31340783","name":"panel_5","type":"visualization"}],"type":"dashboard","updated_at":"2020-12-21T21:58:35.823Z","version":"WzIxMSw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"class\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"class.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"class\",\"subType\":\"multi\"},{\"name\":\"level\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"level.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"level\",\"subType\":\"multi\"},{\"name\":\"message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"message\",\"subType\":\"multi\"},{\"name\":\"source_file\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_file.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_file\",\"subType\":\"multi\"},{\"name\":\"source_host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_host\",\"subType\":\"multi\"},{\"name\":\"stackTrace\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"stackTrace.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"stackTrace\",\"subType\":\"multi\"},{\"name\":\"thread\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"thread.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"thread\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"timestamp","title":"logs-nifi-*"},"id":"635a5350-430a-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T10:42:10.466Z","version":"WzEyNiw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"NiFi Logs - Histogram","uiStateJSON":"{\"vis\":{\"colors\":{\"ERROR\":\"#BF1B00\",\"WARN\":\"#CCA300\",\"INFO\":\"#1F78C1\"}}}","version":1,"visState":"{\"title\":\"NiFi Logs - Histogram\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT30M\",\"format\":\"HH:mm\",\"bounds\":{\"min\":\"2020-12-20T10:47:07.185Z\",\"max\":\"2020-12-21T10:47:07.185Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]},\"grid\":{\"categoryLines\":false},\"labels\":{\"show\":false},\"legendPosition\":\"bottom\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"thresholdLine\":{\"color\":\"#34130C\",\"show\":false,\"style\":\"full\",\"value\":10,\"width\":1},\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"timeRange\":{\"from\":\"now-24h\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"level.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"085d3790-437a-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"635a5350-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:49:20.127Z","version":"WzEyOSw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"NiFi logs - Source host","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"NiFi logs - Source host\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"source_host.keyword\",\"orderBy\":\"_key\",\"order\":\"asc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"3ad86f30-438b-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"635a5350-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:53:41.198Z","version":"WzIwNCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"NiFi logs - Level","uiStateJSON":"{\"vis\":{\"colors\":{\"ERROR\":\"#E24D42\",\"INFO\":\"#1F78C1\",\"WARN\":\"#CCA300\"}}}","version":1,"visState":"{\"title\":\"NiFi logs - Level\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"level.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"03184750-438b-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"635a5350-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T12:49:49.637Z","version":"WzEzMyw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"NiFI logs - source files","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"NiFI logs - source files\",\"type\":\"table\",\"params\":{\"perPage\":4,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":true,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"source_file.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Source file\"}}]}"},"id":"e16c89f0-437a-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"635a5350-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:54:21.199Z","version":"WzEzMiw0XQ=="} -{"attributes":{"columns":["source_host","level","source_file","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"NiFi logs","version":1},"id":"53a1d270-4379-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"635a5350-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T10:43:13.810Z","version":"WzEyNyw0XQ=="} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"optionsJSON":"{\"useMargins\":true,\"hidePanelTitles\":false}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":11,\"i\":\"41579e7d-a833-4988-8e87-30e9934c9153\"},\"panelIndex\":\"41579e7d-a833-4988-8e87-30e9934c9153\",\"embeddableConfig\":{\"vis\":{\"colors\":{\"ERROR\":\"#E24D42\",\"WARN\":\"#CCA300\",\"INFO\":\"#1F78C1\"}}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":11,\"w\":12,\"h\":10,\"i\":\"26a9e301-ca86-4313-8321-e5b8b67fa097\"},\"panelIndex\":\"26a9e301-ca86-4313-8321-e5b8b67fa097\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":12,\"y\":11,\"w\":9,\"h\":10,\"i\":\"0d515b73-44ae-48f0-9fbe-c330d044544a\"},\"panelIndex\":\"0d515b73-44ae-48f0-9fbe-c330d044544a\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":21,\"y\":11,\"w\":13,\"h\":10,\"i\":\"9cf35fdc-5e6b-4a9b-a1fd-88c379d343da\"},\"panelIndex\":\"9cf35fdc-5e6b-4a9b-a1fd-88c379d343da\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":21,\"w\":48,\"h\":22,\"i\":\"e52833e0-30de-4451-80db-22c74ec92fcb\"},\"panelIndex\":\"e52833e0-30de-4451-80db-22c74ec92fcb\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"}]","timeRestore":false,"title":"NiFi logs","version":1},"id":"4b6ae5a0-437a-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"085d3790-437a-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"3ad86f30-438b-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"visualization"},{"id":"03184750-438b-11eb-b75a-bbebe0b50e97","name":"panel_2","type":"visualization"},{"id":"e16c89f0-437a-11eb-b75a-bbebe0b50e97","name":"panel_3","type":"visualization"},{"id":"53a1d270-4379-11eb-b75a-bbebe0b50e97","name":"panel_4","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T12:53:06.300Z","version":"WzEzNiw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"agent.ephemeral_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.ephemeral_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.ephemeral_id\",\"subType\":\"multi\"},{\"name\":\"agent.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.hostname\",\"subType\":\"multi\"},{\"name\":\"agent.id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.id\",\"subType\":\"multi\"},{\"name\":\"agent.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.name\",\"subType\":\"multi\"},{\"name\":\"agent.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.type\",\"subType\":\"multi\"},{\"name\":\"agent.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.version\",\"subType\":\"multi\"},{\"name\":\"ecs.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ecs.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ecs.version\",\"subType\":\"multi\"},{\"name\":\"error.message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"error.message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"error.message\",\"subType\":\"multi\"},{\"name\":\"error.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"error.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"error.name\",\"subType\":\"multi\"},{\"name\":\"error.stack\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"error.stack.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"error.stack\",\"subType\":\"multi\"},{\"name\":\"fields.log_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"fields.log_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"fields.log_type\",\"subType\":\"multi\"},{\"name\":\"host.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host.name\",\"subType\":\"multi\"},{\"name\":\"input.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"input.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"input.type\",\"subType\":\"multi\"},{\"name\":\"level\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"level.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"level\",\"subType\":\"multi\"},{\"name\":\"log.file.path\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"log.file.path.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"log.file.path\",\"subType\":\"multi\"},{\"name\":\"log.offset\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"message\",\"subType\":\"multi\"},{\"name\":\"metadata.beat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.beat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.beat\",\"subType\":\"multi\"},{\"name\":\"metadata.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.type\",\"subType\":\"multi\"},{\"name\":\"metadata.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.version\",\"subType\":\"multi\"},{\"name\":\"method\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"method.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"method\",\"subType\":\"multi\"},{\"name\":\"pid\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"prevMsg\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"prevMsg.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"prevMsg\",\"subType\":\"multi\"},{\"name\":\"prevState\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"prevState.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"prevState\",\"subType\":\"multi\"},{\"name\":\"req.headers.accept\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.accept-encoding\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.accept-encoding.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.accept-encoding\",\"subType\":\"multi\"},{\"name\":\"req.headers.accept-language\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.accept-language.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.accept-language\",\"subType\":\"multi\"},{\"name\":\"req.headers.accept.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.accept\",\"subType\":\"multi\"},{\"name\":\"req.headers.cache-control\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.cache-control.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.cache-control\",\"subType\":\"multi\"},{\"name\":\"req.headers.connection\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.connection.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.connection\",\"subType\":\"multi\"},{\"name\":\"req.headers.content-length\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.content-length.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.content-length\",\"subType\":\"multi\"},{\"name\":\"req.headers.content-type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.content-type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.content-type\",\"subType\":\"multi\"},{\"name\":\"req.headers.host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.host\",\"subType\":\"multi\"},{\"name\":\"req.headers.if-none-match\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.if-none-match.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.if-none-match\",\"subType\":\"multi\"},{\"name\":\"req.headers.kbn-version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.kbn-version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.kbn-version\",\"subType\":\"multi\"},{\"name\":\"req.headers.origin\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.origin.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.origin\",\"subType\":\"multi\"},{\"name\":\"req.headers.referer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.referer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.referer\",\"subType\":\"multi\"},{\"name\":\"req.headers.upgrade-insecure-requests\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.upgrade-insecure-requests.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.upgrade-insecure-requests\",\"subType\":\"multi\"},{\"name\":\"req.headers.user-agent\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.headers.user-agent.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.headers.user-agent\",\"subType\":\"multi\"},{\"name\":\"req.method\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.method.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.method\",\"subType\":\"multi\"},{\"name\":\"req.referer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.referer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.referer\",\"subType\":\"multi\"},{\"name\":\"req.remoteAddress\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.remoteAddress.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.remoteAddress\",\"subType\":\"multi\"},{\"name\":\"req.url\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.url.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.url\",\"subType\":\"multi\"},{\"name\":\"req.userAgent\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"req.userAgent.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"req.userAgent\",\"subType\":\"multi\"},{\"name\":\"res.contentLength\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"res.responseTime\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"res.statusCode\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"state\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"state.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"state\",\"subType\":\"multi\"},{\"name\":\"statusCode\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"tags\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"tags.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"tags\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"type\",\"subType\":\"multi\"}]","timeFieldName":"timestamp","title":"logs-kibana-*"},"id":"55426280-430a-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T16:15:49.869Z","version":"WzE0Nyw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Kibana logs - Histogram","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Kibana logs - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"84735610-43a8-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T16:21:02.064Z","version":"WzE0OCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Kibana logs - Top IPs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Kibana logs - Top IPs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"req.remoteAddress.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Remote address\"}}]}"},"id":"22b8f4d0-43cf-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T20:57:28.477Z","version":"WzE1Niw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Kibana logs - Response time","uiStateJSON":"{\"vis\":{\"legendOpen\":false}}","version":1,"visState":"{\"title\":\"Kibana logs - Response time\",\"type\":\"histogram\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":true,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{\"interval\":100},\"aggType\":\"histogram\"},\"y\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}]},\"grid\":{\"categoryLines\":false},\"labels\":{\"show\":false},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Count\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"thresholdLine\":{\"color\":\"#34130C\",\"show\":false,\"style\":\"full\",\"value\":50,\"width\":1},\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Count\"},\"type\":\"value\"}],\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"res.responseTime\",\"interval\":50,\"min_doc_count\":false,\"has_extended_bounds\":false,\"extended_bounds\":{\"max\":\"\",\"min\":\"\"},\"customLabel\":\"Response time [ms]\"}}]}"},"id":"90d03420-43ce-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T20:53:23.681Z","version":"WzE1NSw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Kibana logs - Status codes","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Kibana logs - Status codes\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"res.statusCode\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Status code\"}}]}"},"id":"8f67bff0-43cd-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T20:46:11.822Z","version":"WzE1NCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Kibana logs - Top URLs","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Kibana logs - Top URLs\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},{\"accessor\":3,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"req.url.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Requested URL\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"req.method.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Method\"}}]}"},"id":"d921f4a0-43a8-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T20:43:48.516Z","version":"WzE1Myw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Kibana logs - Top User-Agents","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Kibana logs - Top User-Agents\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"req.headers.user-agent.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"User-Agent\"}}]}"},"id":"baef0cb0-43cc-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T20:40:15.354Z","version":"WzE1MSw0XQ=="} -{"attributes":{"columns":["method","req.url","res.statusCode","req.remoteAddress","req.headers.user-agent"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Kibana logs","version":1},"id":"8f07c570-43a8-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"55426280-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T16:21:19.815Z","version":"WzE0OSw0XQ=="} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"optionsJSON":"{\"useMargins\":true,\"hidePanelTitles\":false}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":8,\"i\":\"04285b5f-cd0f-4514-857c-0392c04dd759\"},\"panelIndex\":\"04285b5f-cd0f-4514-857c-0392c04dd759\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":8,\"w\":11,\"h\":12,\"i\":\"d6cba6b1-29d2-41bf-862b-85094bc155db\"},\"panelIndex\":\"d6cba6b1-29d2-41bf-862b-85094bc155db\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":11,\"y\":8,\"w\":23,\"h\":12,\"i\":\"2f0b8c11-89a2-4faa-bf5f-201803edae1d\"},\"panelIndex\":\"2f0b8c11-89a2-4faa-bf5f-201803edae1d\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":34,\"y\":8,\"w\":14,\"h\":12,\"i\":\"99a7d5fc-d91f-4202-8c7e-48bfbf515084\"},\"panelIndex\":\"99a7d5fc-d91f-4202-8c7e-48bfbf515084\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":20,\"w\":28,\"h\":15,\"i\":\"7c98c844-9efd-4289-94b0-83101b21ee9b\"},\"panelIndex\":\"7c98c844-9efd-4289-94b0-83101b21ee9b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_4\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":28,\"y\":20,\"w\":20,\"h\":15,\"i\":\"08ce3890-961f-408f-9e2b-f9f028415e07\"},\"panelIndex\":\"08ce3890-961f-408f-9e2b-f9f028415e07\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":35,\"w\":48,\"h\":21,\"i\":\"0b4b31f9-53d5-4212-aedc-a261ee4be5e8\"},\"panelIndex\":\"0b4b31f9-53d5-4212-aedc-a261ee4be5e8\",\"embeddableConfig\":{},\"panelRefName\":\"panel_6\"}]","timeRestore":false,"title":"Kibana logs","version":1},"id":"6e0402e0-43cf-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"84735610-43a8-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"22b8f4d0-43cf-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"visualization"},{"id":"90d03420-43ce-11eb-b75a-bbebe0b50e97","name":"panel_2","type":"visualization"},{"id":"8f67bff0-43cd-11eb-b75a-bbebe0b50e97","name":"panel_3","type":"visualization"},{"id":"d921f4a0-43a8-11eb-b75a-bbebe0b50e97","name":"panel_4","type":"visualization"},{"id":"baef0cb0-43cc-11eb-b75a-bbebe0b50e97","name":"panel_5","type":"visualization"},{"id":"8f07c570-43a8-11eb-b75a-bbebe0b50e97","name":"panel_6","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T20:59:34.797Z","version":"WzE1Nyw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"agent.ephemeral_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.ephemeral_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.ephemeral_id\",\"subType\":\"multi\"},{\"name\":\"agent.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.hostname\",\"subType\":\"multi\"},{\"name\":\"agent.id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.id\",\"subType\":\"multi\"},{\"name\":\"agent.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.name\",\"subType\":\"multi\"},{\"name\":\"agent.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.type\",\"subType\":\"multi\"},{\"name\":\"agent.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.version\",\"subType\":\"multi\"},{\"name\":\"ecs.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ecs.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ecs.version\",\"subType\":\"multi\"},{\"name\":\"event.severity\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"fields.log_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"fields.log_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"fields.log_type\",\"subType\":\"multi\"},{\"name\":\"host.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host.name\",\"subType\":\"multi\"},{\"name\":\"input.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"input.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"input.type\",\"subType\":\"multi\"},{\"name\":\"log.file.path\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"log.file.path.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"log.file.path\",\"subType\":\"multi\"},{\"name\":\"log.offset\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"log.source.address\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"log.source.address.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"log.source.address\",\"subType\":\"multi\"},{\"name\":\"message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"message\",\"subType\":\"multi\"},{\"name\":\"metadata.beat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.beat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.beat\",\"subType\":\"multi\"},{\"name\":\"metadata.truncated\",\"type\":\"boolean\",\"esTypes\":[\"boolean\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"metadata.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.type\",\"subType\":\"multi\"},{\"name\":\"metadata.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.version\",\"subType\":\"multi\"},{\"name\":\"syslog.facility\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"syslog.facility_label\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"syslog.facility_label.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"syslog.facility_label\",\"subType\":\"multi\"},{\"name\":\"syslog.priority\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"syslog.severity_label\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"syslog.severity_label.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"syslog.severity_label\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"timestamp","title":"logs-filebeat-unknown-*"},"id":"b8cf4490-4309-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T21:44:27.290Z","version":"WzE5Myw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Other logs - Histogram","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Other logs - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":1,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT3H\",\"format\":\"YYYY-MM-DD HH:mm\",\"bounds\":{\"min\":\"2020-12-14T21:46:19.383Z\",\"max\":\"2020-12-21T21:46:19.383Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"fields.log_type.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"timeRange\":{\"from\":\"now-7d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"f4775b50-43d5-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"b8cf4490-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:46:26.845Z","version":"WzE5Nyw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Other logs - Host name","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Other logs - Host name\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"host.name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"3579d010-43d6-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"b8cf4490-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:48:06.416Z","version":"WzE5OSw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Other logs - Log type","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Other logs - Log type\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"fields.log_type.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"1fe05530-43d6-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"b8cf4490-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:47:30.178Z","version":"WzE5OCw0XQ=="} -{"attributes":{"columns":["fields.log_type","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Filebeat unknown logs","version":1},"id":"bfaaf800-43d5-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"b8cf4490-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T21:44:48.767Z","version":"WzE5NCw0XQ=="} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"optionsJSON":"{\"useMargins\":true,\"hidePanelTitles\":false}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":9,\"i\":\"bf3a414b-96f0-4090-b163-43664f901493\"},\"panelIndex\":\"bf3a414b-96f0-4090-b163-43664f901493\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":9,\"w\":15,\"h\":9,\"i\":\"d6977944-5a19-48b6-8829-2e50838363e7\"},\"panelIndex\":\"d6977944-5a19-48b6-8829-2e50838363e7\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":15,\"y\":9,\"w\":15,\"h\":9,\"i\":\"4cc8faa1-db1f-49e4-aaed-4e6010ff066b\"},\"panelIndex\":\"4cc8faa1-db1f-49e4-aaed-4e6010ff066b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":18,\"w\":48,\"h\":21,\"i\":\"09bccade-e7cc-455e-b5e7-af2403262ba6\"},\"panelIndex\":\"09bccade-e7cc-455e-b5e7-af2403262ba6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]","timeRestore":false,"title":"Other logs","version":1},"id":"7104bb90-43d6-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"f4775b50-43d5-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"3579d010-43d6-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"visualization"},{"id":"1fe05530-43d6-11eb-b75a-bbebe0b50e97","name":"panel_2","type":"visualization"},{"id":"bfaaf800-43d5-11eb-b75a-bbebe0b50e97","name":"panel_3","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T21:49:46.312Z","version":"WzIwMCw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"agent.ephemeral_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.ephemeral_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.ephemeral_id\",\"subType\":\"multi\"},{\"name\":\"agent.hostname\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.hostname.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.hostname\",\"subType\":\"multi\"},{\"name\":\"agent.id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.id\",\"subType\":\"multi\"},{\"name\":\"agent.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.name\",\"subType\":\"multi\"},{\"name\":\"agent.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.type\",\"subType\":\"multi\"},{\"name\":\"agent.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"agent.version\",\"subType\":\"multi\"},{\"name\":\"ecs.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ecs.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ecs.version\",\"subType\":\"multi\"},{\"name\":\"error.message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"error.message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"error.message\",\"subType\":\"multi\"},{\"name\":\"error.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"error.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"error.type\",\"subType\":\"multi\"},{\"name\":\"fields.log_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"fields.log_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"fields.log_type\",\"subType\":\"multi\"},{\"name\":\"host.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host.name\",\"subType\":\"multi\"},{\"name\":\"hostName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"hostName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"hostName\",\"subType\":\"multi\"},{\"name\":\"input.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"input.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"input.type\",\"subType\":\"multi\"},{\"name\":\"level\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"level.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"level\",\"subType\":\"multi\"},{\"name\":\"log.file.path\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"log.file.path.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"log.file.path\",\"subType\":\"multi\"},{\"name\":\"log.offset\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"loggerClassName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"loggerClassName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"loggerClassName\",\"subType\":\"multi\"},{\"name\":\"loggerName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"loggerName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"loggerName\",\"subType\":\"multi\"},{\"name\":\"message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"message\",\"subType\":\"multi\"},{\"name\":\"metadata.beat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.beat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.beat\",\"subType\":\"multi\"},{\"name\":\"metadata.type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.type\",\"subType\":\"multi\"},{\"name\":\"metadata.version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"metadata.version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"metadata.version\",\"subType\":\"multi\"},{\"name\":\"ndc\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ndc.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ndc\",\"subType\":\"multi\"},{\"name\":\"processId\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"processName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"processName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"processName\",\"subType\":\"multi\"},{\"name\":\"sequence\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sourceClassName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sourceClassName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"sourceClassName\",\"subType\":\"multi\"},{\"name\":\"sourceFileName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sourceFileName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"sourceFileName\",\"subType\":\"multi\"},{\"name\":\"sourceLineNumber\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"sourceMethodName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sourceMethodName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"sourceMethodName\",\"subType\":\"multi\"},{\"name\":\"sourceModuleName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sourceModuleName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"sourceModuleName\",\"subType\":\"multi\"},{\"name\":\"sourceModuleVersion\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"sourceModuleVersion.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"sourceModuleVersion\",\"subType\":\"multi\"},{\"name\":\"threadId\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"threadName\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"threadName.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"threadName\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"timestamp","title":"logs-keycloak-*"},"id":"b9a340f0-430a-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T21:01:56.865Z","version":"WzE2MCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Keycloak logs - Histogram","uiStateJSON":"{\"vis\":{\"colors\":{\"INFO\":\"#1F78C1\"},\"legendOpen\":true}}","version":1,"visState":"{\"title\":\"Keycloak logs - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":1,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT30M\",\"format\":\"HH:mm\",\"bounds\":{\"min\":\"2020-12-20T21:05:22.930Z\",\"max\":\"2020-12-21T21:05:22.930Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"level.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"timeRange\":{\"from\":\"now-24h\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"4b5e4560-43d0-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"b9a340f0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:05:46.166Z","version":"WzE2Miw0XQ=="} -{"attributes":{"columns":["level","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Keycloak logs","version":1},"id":"14c6e610-43d0-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"b9a340f0-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T21:04:14.577Z","version":"WzE2MSw0XQ=="} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"optionsJSON":"{\"useMargins\":true,\"hidePanelTitles\":false}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":9,\"i\":\"f4adefb8-580f-47fa-a7b8-27be3af78eb1\"},\"panelIndex\":\"f4adefb8-580f-47fa-a7b8-27be3af78eb1\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":9,\"w\":48,\"h\":20,\"i\":\"2f33edae-d9c7-4eaa-8e4d-494db3b1cf73\"},\"panelIndex\":\"2f33edae-d9c7-4eaa-8e4d-494db3b1cf73\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"}]","timeRestore":false,"title":"Keycloak logs","version":1},"id":"717b80f0-43d0-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"4b5e4560-43d0-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"14c6e610-43d0-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T21:06:50.111Z","version":"WzE2Myw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"actconn\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"actconn.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"actconn\",\"subType\":\"multi\"},{\"name\":\"backend_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"backend_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"backend_name\",\"subType\":\"multi\"},{\"name\":\"backend_queue\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"backend_queue.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"backend_queue\",\"subType\":\"multi\"},{\"name\":\"beconn\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"beconn.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"beconn\",\"subType\":\"multi\"},{\"name\":\"bytes_read\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"bytes_read.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"bytes_read\",\"subType\":\"multi\"},{\"name\":\"captured_request_cookie\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"captured_request_cookie.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"captured_request_cookie\",\"subType\":\"multi\"},{\"name\":\"captured_response_cookie\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"captured_response_cookie.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"captured_response_cookie\",\"subType\":\"multi\"},{\"name\":\"client.ip\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip\",\"subType\":\"multi\"},{\"name\":\"client.ip_geo_city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_geo_city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_geo_city\",\"subType\":\"multi\"},{\"name\":\"client.ip_geo_country\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_geo_country.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_geo_country\",\"subType\":\"multi\"},{\"name\":\"client.ip_geo_country_iso\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_geo_country_iso.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_geo_country_iso\",\"subType\":\"multi\"},{\"name\":\"client.ip_geo_lat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_geo_lat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_geo_lat\",\"subType\":\"multi\"},{\"name\":\"client.ip_geo_lon\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_geo_lon.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_geo_lon\",\"subType\":\"multi\"},{\"name\":\"client.ip_ipreg_comment\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_ipreg_comment.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_ipreg_comment\",\"subType\":\"multi\"},{\"name\":\"client.ip_ipreg_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_ipreg_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_ipreg_domain\",\"subType\":\"multi\"},{\"name\":\"client.ip_ipreg_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.ip_ipreg_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.ip_ipreg_name\",\"subType\":\"multi\"},{\"name\":\"client.port\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"client.port.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"client.port\",\"subType\":\"multi\"},{\"name\":\"feconn\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"feconn.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"feconn\",\"subType\":\"multi\"},{\"name\":\"frontend_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":2,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"frontend_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"frontend_name\",\"subType\":\"multi\"},{\"name\":\"http_host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_host\",\"subType\":\"multi\"},{\"name\":\"http_proto\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_proto.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_proto\",\"subType\":\"multi\"},{\"name\":\"http_request\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_request.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_request\",\"subType\":\"multi\"},{\"name\":\"http_status_code\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_status_code.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_status_code\",\"subType\":\"multi\"},{\"name\":\"http_user\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_user.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_user\",\"subType\":\"multi\"},{\"name\":\"http_verb\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_verb.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_verb\",\"subType\":\"multi\"},{\"name\":\"http_version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_version\",\"subType\":\"multi\"},{\"name\":\"process.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"process.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"process.name\",\"subType\":\"multi\"},{\"name\":\"process.pid\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"process.pid.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"process.pid\",\"subType\":\"multi\"},{\"name\":\"retries\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"retries.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"retries\",\"subType\":\"multi\"},{\"name\":\"server.domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"server.domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"server.domain\",\"subType\":\"multi\"},{\"name\":\"source_host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_host\",\"subType\":\"multi\"},{\"name\":\"srv_queue\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"srv_queue.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"srv_queue\",\"subType\":\"multi\"},{\"name\":\"srvconn\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"srvconn.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"srvconn\",\"subType\":\"multi\"},{\"name\":\"termination_state\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"termination_state.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"termination_state\",\"subType\":\"multi\"},{\"name\":\"time_backend_connect\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"time_backend_connect.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"time_backend_connect\",\"subType\":\"multi\"},{\"name\":\"time_backend_response\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"time_backend_response.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"time_backend_response\",\"subType\":\"multi\"},{\"name\":\"time_duration\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"time_duration.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"time_duration\",\"subType\":\"multi\"},{\"name\":\"time_queue\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"time_queue.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"time_queue\",\"subType\":\"multi\"},{\"name\":\"time_request\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"time_request.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"time_request\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]","timeFieldName":"timestamp","title":"logs-haproxy-*"},"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T21:27:29.655Z","version":"WzE3NSw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"haproxy logs - Histogram","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"haproxy logs - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT30M\",\"format\":\"HH:mm\",\"bounds\":{\"min\":\"2020-12-20T21:34:47.670Z\",\"max\":\"2020-12-21T21:34:47.670Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"timeRange\":{\"from\":\"now-24h\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"backend_name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"74693590-43d1-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:35:01.074Z","version":"WzE4MSw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"haproxy logs - Top clients","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"haproxy logs - Top clients\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"client.ip.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Client IP addr\"}}]}"},"id":"d2b6e700-43d1-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:16:42.736Z","version":"WzE2Niw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"haproxy logs - Top requests","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":3,\"direction\":\"desc\"}}}}","version":1,"visState":"{\"title\":\"haproxy logs - Top requests\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"percentageCol\":\"\",\"dimensions\":{\"metrics\":[{\"accessor\":3,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"},{\"accessor\":2,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"backend_name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Backend name\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"http_request.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":20,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Request\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"http_status_code.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":5,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Status\"}}]}"},"id":"33158c30-43d4-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:38:09.088Z","version":"WzE4NCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"haproxy logs - Status codes","uiStateJSON":"{}","version":1,"visState":"{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"http_status_code.keyword\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"size\":10},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}}],\"metric\":{\"accessor\":1,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"params\":{}}},\"isDonut\":false,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"bottom\",\"type\":\"pie\"},\"title\":\"haproxy logs - Status codes\",\"type\":\"pie\"}"},"id":"96a9c140-43d3-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:29:37.571Z","version":"WzE3OCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"haproxy logs - Backends","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"haproxy logs - Backends\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"bottom\",\"type\":\"pie\",\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"backend_name.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"2c952900-43d5-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:40:42.000Z","version":"WzE4OCw0XQ=="} -{"attributes":{"columns":["client.ip","backend_name","http_verb","http_request","http_status_code","bytes_read","time_duration"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"haproxy logs","version":1},"id":"6c1be520-43d3-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"ece0e360-4309-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T21:28:09.585Z","version":"WzE3Niw0XQ=="} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"},"optionsJSON":"{\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":9,\"i\":\"ccce8e7d-f8cf-4074-929a-a5518428f22d\"},\"panelIndex\":\"ccce8e7d-f8cf-4074-929a-a5518428f22d\",\"embeddableConfig\":{\"legendOpen\":false,\"vis\":{\"legendOpen\":true}},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":9,\"w\":11,\"h\":16,\"i\":\"ba3bb2ae-8c2d-4d7c-b31b-68236235fa54\"},\"panelIndex\":\"ba3bb2ae-8c2d-4d7c-b31b-68236235fa54\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":11,\"y\":9,\"w\":28,\"h\":16,\"i\":\"07c2a778-1266-463e-9b3a-ea6f9d93e82b\"},\"panelIndex\":\"07c2a778-1266-463e-9b3a-ea6f9d93e82b\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":39,\"y\":17,\"w\":9,\"h\":8,\"i\":\"d8e80787-da38-48a5-be9d-e73a94a1f0b3\"},\"panelIndex\":\"d8e80787-da38-48a5-be9d-e73a94a1f0b3\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":39,\"y\":9,\"w\":9,\"h\":8,\"i\":\"efc8e873-81b6-46d4-91c8-003c1869de67\"},\"panelIndex\":\"efc8e873-81b6-46d4-91c8-003c1869de67\",\"embeddableConfig\":{\"vis\":{\"legendOpen\":true},\"legendOpen\":false},\"panelRefName\":\"panel_4\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":25,\"w\":48,\"h\":22,\"i\":\"735a3ce2-b6f1-4d3b-af8f-05c4511e9b64\"},\"panelIndex\":\"735a3ce2-b6f1-4d3b-af8f-05c4511e9b64\",\"embeddableConfig\":{},\"panelRefName\":\"panel_5\"}]","timeRestore":false,"title":"haproxy logs","version":1},"id":"7dfc0c10-43d4-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"74693590-43d1-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"d2b6e700-43d1-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"visualization"},{"id":"33158c30-43d4-11eb-b75a-bbebe0b50e97","name":"panel_2","type":"visualization"},{"id":"96a9c140-43d3-11eb-b75a-bbebe0b50e97","name":"panel_3","type":"visualization"},{"id":"2c952900-43d5-11eb-b75a-bbebe0b50e97","name":"panel_4","type":"visualization"},{"id":"6c1be520-43d3-11eb-b75a-bbebe0b50e97","name":"panel_5","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T21:42:37.188Z","version":"WzE4OSw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"audit_category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_category\",\"subType\":\"multi\"},{\"name\":\"audit_cluster_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_cluster_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_cluster_name\",\"subType\":\"multi\"},{\"name\":\"audit_format_version\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"audit_node_host_address\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_node_host_address.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_node_host_address\",\"subType\":\"multi\"},{\"name\":\"audit_node_host_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_node_host_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_node_host_name\",\"subType\":\"multi\"},{\"name\":\"audit_node_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_node_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_node_id\",\"subType\":\"multi\"},{\"name\":\"audit_node_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_node_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_node_name\",\"subType\":\"multi\"},{\"name\":\"audit_request_exception_stacktrace\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_request_exception_stacktrace.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_request_exception_stacktrace\",\"subType\":\"multi\"},{\"name\":\"audit_request_layer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_request_layer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_request_layer\",\"subType\":\"multi\"},{\"name\":\"audit_request_origin\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":1,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"audit_request_origin.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"audit_request_origin\",\"subType\":\"multi\"}]","timeFieldName":"@timestamp","title":"security-auditlog-*"},"id":"cc44d890-430a-11eb-b75a-bbebe0b50e97","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-21T10:34:19.556Z","version":"WzExOCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Security Audit Log - Histogram","uiStateJSON":"{\"vis\":{\"legendOpen\":true}}","version":1,"visState":"{\"title\":\"Security Audit Log - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"bottom\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":{\"accessor\":0,\"format\":{\"id\":\"date\",\"params\":{\"pattern\":\"YYYY-MM-DD HH:mm\"}},\"params\":{\"date\":true,\"interval\":\"PT3H\",\"format\":\"YYYY-MM-DD HH:mm\",\"bounds\":{\"min\":\"2020-12-14T21:56:36.618Z\",\"max\":\"2020-12-21T21:56:36.618Z\"}},\"aggType\":\"date_histogram\"},\"y\":[{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"series\":[{\"accessor\":1,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"timeRange\":{\"from\":\"now-7d\",\"to\":\"now\"},\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"audit_category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"846b6f00-4375-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"cc44d890-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:56:51.161Z","version":"WzIwOCw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Security Audit Log - Node name","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Security Audit Log - Node name\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"audit_node_name.keyword\",\"orderBy\":\"1\",\"order\":\"asc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"b80e8d30-4378-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"cc44d890-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T21:55:05.416Z","version":"WzIwNyw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Security Audit Log - Category","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Security Audit Log - Category\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100},\"dimensions\":{\"metric\":{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"audit_category.keyword\",\"orderBy\":\"1\",\"order\":\"desc\",\"size\":10,\"otherBucket\":true,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"ca9c27a0-4378-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"cc44d890-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T10:39:23.930Z","version":"WzEyMSw0XQ=="} -{"attributes":{"columns":["audit_node_host_name","audit_category","audit_request_layer","audit_request_origin","audit_request_exception_stacktrace"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["@timestamp","desc"]],"title":"Security Audit Logs","version":1},"id":"388503f0-4378-11eb-b75a-bbebe0b50e97","migrationVersion":{"search":"7.4.0"},"references":[{"id":"cc44d890-430a-11eb-b75a-bbebe0b50e97","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-12-21T10:35:18.830Z","version":"WzExOSw0XQ=="} -{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"optionsJSON":"{\"useMargins\":true,\"hidePanelTitles\":false}","panelsJSON":"[{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":10,\"i\":\"963df476-bd2f-4c26-9652-3cdfa1eef34f\"},\"panelIndex\":\"963df476-bd2f-4c26-9652-3cdfa1eef34f\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":10,\"w\":15,\"h\":9,\"i\":\"c87d79c0-84a1-46af-80a4-afc61cdae0a5\"},\"panelIndex\":\"c87d79c0-84a1-46af-80a4-afc61cdae0a5\",\"embeddableConfig\":{},\"panelRefName\":\"panel_1\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":15,\"y\":10,\"w\":15,\"h\":9,\"i\":\"c32eb149-2f61-41b5-ae5a-a864fb3257cb\"},\"panelIndex\":\"c32eb149-2f61-41b5-ae5a-a864fb3257cb\",\"embeddableConfig\":{},\"panelRefName\":\"panel_2\"},{\"version\":\"7.4.2\",\"gridData\":{\"x\":0,\"y\":19,\"w\":48,\"h\":22,\"i\":\"cbd2ce7a-841d-4d11-b16e-79be174523e6\"},\"panelIndex\":\"cbd2ce7a-841d-4d11-b16e-79be174523e6\",\"embeddableConfig\":{},\"panelRefName\":\"panel_3\"}]","timeRestore":false,"title":"Security Audit Log","version":1},"id":"e52ea260-4377-11eb-b75a-bbebe0b50e97","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"846b6f00-4375-11eb-b75a-bbebe0b50e97","name":"panel_0","type":"visualization"},{"id":"b80e8d30-4378-11eb-b75a-bbebe0b50e97","name":"panel_1","type":"visualization"},{"id":"ca9c27a0-4378-11eb-b75a-bbebe0b50e97","name":"panel_2","type":"visualization"},{"id":"388503f0-4378-11eb-b75a-bbebe0b50e97","name":"panel_3","type":"search"}],"type":"dashboard","updated_at":"2020-12-21T10:40:45.697Z","version":"WzEyMiw0XQ=="} -{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"data_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"data_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"data_id\",\"subType\":\"multi\"},{\"name\":\"data_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"data_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"data_type\",\"subType\":\"multi\"},{\"name\":\"http_version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_version\",\"subType\":\"multi\"},{\"name\":\"ident\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ident.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ident\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_city\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_country\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_country.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_country\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_country_iso\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_country_iso.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_country_iso\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_lat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_lat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_lat\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_lon\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_lon.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_lon\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_ipreg_comment\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_ipreg_comment.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_ipreg_comment\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_ipreg_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_ipreg_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_ipreg_domain\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_ipreg_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_ipreg_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_ipreg_name\",\"subType\":\"multi\"},{\"name\":\"method\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"method.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"method\",\"subType\":\"multi\"},{\"name\":\"referer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"referer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"referer\",\"subType\":\"multi\"},{\"name\":\"request_page\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"request_page.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"request_page\",\"subType\":\"multi\"},{\"name\":\"response_size\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"response_size.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"response_size\",\"subType\":\"multi\"},{\"name\":\"server_response\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"server_response.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"server_response\",\"subType\":\"multi\"},{\"name\":\"source_file\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_file.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_file\",\"subType\":\"multi\"},{\"name\":\"source_host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_host\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"user_agent\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"user_agent.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"user_agent\",\"subType\":\"multi\"}]","timeFieldName":"timestamp","title":"logs-nginx-*"},"id":"4ca554f0-893f-11ea-977f-4711a028b7c3","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-12-20T14:01:02.393Z","version":"WzMxLDRd"} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Nginx Logs - Histogram","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Nginx Logs - Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"filter\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"labels\":{\"show\":false},\"thresholdLine\":{\"show\":false,\"value\":10,\"width\":1,\"style\":\"full\",\"color\":\"#34130C\"},\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"5bafcf20-43a7-11eb-b75a-bbebe0b50e97","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"4ca554f0-893f-11ea-977f-4711a028b7c3","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-12-21T16:12:44.178Z","version":"WzEzOSw0XQ=="} -{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Suricata alerts - top ip_src_addr ","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata alerts - top ip_src_addr \",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"cardinality\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"alert.signature_id\",\"customLabel\":\"Unique\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"ip_src_addr.keyword\",\"order\":\"desc\",\"size\":10,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Src IP\"}}]}"},"id":"d8322050-0b7e-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-12-20T14:01:02.393Z","version":"WzMyLDRd"} \ No newline at end of file +{"attributes":{"fieldFormatMap":"{\"ip_dst_addr_misp_url\":{\"id\":\"url\"}}","fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"alert.action\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.action.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"alert.action\",\"subType\":\"multi\"},{\"name\":\"alert.category\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.category.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"alert.category\",\"subType\":\"multi\"},{\"name\":\"alert.gid\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.rev\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.severity\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"alert.signature\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"alert.signature.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"alert.signature\",\"subType\":\"multi\"},{\"name\":\"alert.signature_id\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"event_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"event_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"event_type\",\"subType\":\"multi\"},{\"name\":\"flow.bytes_toclient\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.bytes_toserver\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.pkts_toclient\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.pkts_toserver\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"flow.start\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host\",\"subType\":\"multi\"},{\"name\":\"host_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"host_domain\",\"subType\":\"multi\"},{\"name\":\"host_domain_freq1\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host_domain_freq2\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"in_iface\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"in_iface.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"in_iface\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.accuracy\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_geo.geo.city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_geo.geo.city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_geo.geo.city\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.country.isoCode\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_geo.geo.country.isoCode.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_geo.geo.country.isoCode\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.country.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_geo.geo.country.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_geo.geo.country.name\",\"subType\":\"multi\"},{\"name\":\"ip_dst_addr_geo.geo.latitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_geo.geo.longitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_misp\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_dst_addr_misp.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_dst_addr_misp\",\"subType\":\"multi\"},{\"name\":\"ip_dst_port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_addr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.accuracy\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_addr_geo.geo.city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo.geo.city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo.geo.city\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.country.isoCode\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo.geo.country.isoCode.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo.geo.country.isoCode\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.country.name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo.geo.country.name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo.geo.country.name\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo.geo.latitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_addr_geo.geo.longitude\",\"type\":\"number\",\"esTypes\":[\"float\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_src_port\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"payload\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"payload.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"payload\",\"subType\":\"multi\"},{\"name\":\"payload_printable\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"payload_printable.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"payload_printable\",\"subType\":\"multi\"},{\"name\":\"proto\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"proto.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"proto\",\"subType\":\"multi\"},{\"name\":\"stream\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"vlan\",\"type\":\"number\",\"esTypes\":[\"long\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip_dst_addr_misp_url\",\"type\":\"string\",\"count\":0,\"scripted\":true,\"script\":\"if (!doc['ip_dst_addr_misp.keyword'].empty) { \\n return 'https://misp.soctools.geant.org/events/view/'+doc['ip_dst_addr_misp.keyword'].value;\\n}\\nreturn null;\",\"lang\":\"painless\",\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false}]","timeFieldName":"timestamp","title":"logs-suricata-alert-*"},"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-07-08T12:42:14.207Z","version":"WzMsMV0="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata Alerts Histogram","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Suricata Alerts Histogram\",\"type\":\"histogram\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":false},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"histogram\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"dimensions\":{\"x\":null,\"y\":[{\"accessor\":0,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"timestamp\",\"useNormalizedEsInterval\":true,\"interval\":\"auto\",\"drop_partials\":false,\"min_doc_count\":1,\"extended_bounds\":{}}}]}"},"id":"71a37750-0b7c-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-07-08T12:42:14.207Z","version":"WzQsMV0="} +{"attributes":{"columns":["alert.signature_id","alert.signature","ip_src_addr","ip_dst_addr"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Suricata Alerts","version":1},"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"search":"7.4.0"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-07-08T12:42:14.207Z","version":"WzUsMV0="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Suricata alerts - top signatures","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata alerts - top signatures\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"alert.signature.keyword\",\"order\":\"desc\",\"size\":10,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Signature\"}}]}"},"id":"d7d96e70-0b7d-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-07-08T12:42:14.207Z","version":"WzYsMV0="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Suricata alerts - top ip_dst_addr ","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata alerts - top ip_dst_addr \",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"cardinality\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"alert.signature_id\",\"customLabel\":\"Unique\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"ip_dst_addr.keyword\",\"order\":\"desc\",\"size\":10,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Dst IP\"}}]}"},"id":"eb41e310-0b7e-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-07-08T12:42:14.207Z","version":"WzcsMV0="} +{"attributes":{"columns":["ip_dst_addr_misp","ip_dst_addr","alert.signature","ip_dst_addr_misp_url"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"kuery\",\"query\":\"ip_dst_addr_misp>0\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[["timestamp","desc"]],"title":"Suricata Alerts Misp","version":1},"id":"42ad6a30-15b0-11ea-841d-a1505e4ae442","migrationVersion":{"search":"7.4.0"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2020-07-08T12:42:14.207Z","version":"WzgsMV0="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Dst IP in misp","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Dst IP in misp\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"ip_dst_addr.keyword\",\"order\":\"desc\",\"size\":5,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Signature\"}}]}"},"id":"9676d8e0-15b0-11ea-841d-a1505e4ae442","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"42ad6a30-15b0-11ea-841d-a1505e4ae442","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-07-08T12:42:14.207Z","version":"WzksMV0="} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"title":"Suricata alerts - the Hive","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"Suricata alerts - the Hive\",\"type\":\"thehive_button\",\"params\":{\"url\":\"https://hive.soctools.geant.org/\",\"apikey\":\"ebMZixrFT+4qeWDf0iW3D5qFr/GbwA4j\",\"owner\":\"odfe\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"ip_src_addr.keyword\",\"order\":\"desc\",\"size\":20,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\"}}]}"},"id":"48992900-62d3-11ea-aaa3-bb2f31340783","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"e81e23f0-0b75-11ea-bc07-2bc38b4c4b9b","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"visualization","updated_at":"2020-07-08T12:42:14.207Z","version":"WzEwLDFd"} +{"attributes":{"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"},"optionsJSON":"{\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":0,\"w\":48,\"h\":7,\"i\":\"1\"},\"panelIndex\":\"1\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_0\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":15,\"w\":48,\"h\":14,\"i\":\"2\"},\"panelIndex\":\"2\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_1\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":0,\"y\":7,\"w\":10,\"h\":8,\"i\":\"3\"},\"panelIndex\":\"3\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_2\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":10,\"y\":7,\"w\":9,\"h\":8,\"i\":\"5\"},\"panelIndex\":\"5\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_3\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":19,\"y\":7,\"w\":11,\"h\":8,\"i\":\"7\"},\"panelIndex\":\"7\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_4\"},{\"embeddableConfig\":{},\"gridData\":{\"x\":39,\"y\":7,\"w\":9,\"h\":3,\"i\":\"8\"},\"panelIndex\":\"8\",\"version\":\"7.3.0\",\"panelRefName\":\"panel_5\"}]","timeRestore":false,"title":"Suricata Alerts","version":1},"id":"368ddb80-0b7f-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"dashboard":"7.3.0"},"references":[{"id":"71a37750-0b7c-11ea-bc07-2bc38b4c4b9b","name":"panel_0","type":"visualization"},{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"panel_1","type":"search"},{"id":"d7d96e70-0b7d-11ea-bc07-2bc38b4c4b9b","name":"panel_2","type":"visualization"},{"id":"eb41e310-0b7e-11ea-bc07-2bc38b4c4b9b","name":"panel_3","type":"visualization"},{"id":"9676d8e0-15b0-11ea-841d-a1505e4ae442","name":"panel_4","type":"visualization"},{"id":"48992900-62d3-11ea-aaa3-bb2f31340783","name":"panel_5","type":"visualization"}],"type":"dashboard","updated_at":"2020-07-08T12:42:14.207Z","version":"WzExLDFd"} +{"attributes":{"fields":"[{\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"esTypes\":[\"_type\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"data_id\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"data_id.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"data_id\",\"subType\":\"multi\"},{\"name\":\"data_type\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"data_type.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"data_type\",\"subType\":\"multi\"},{\"name\":\"http_version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"http_version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"http_version\",\"subType\":\"multi\"},{\"name\":\"ident\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ident.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ident\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_city\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_city.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_city\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_country\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_country.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_country\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_country_iso\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_country_iso.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_country_iso\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_lat\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_lat.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_lat\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_geo_lon\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_geo_lon.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_geo_lon\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_ipreg_comment\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_ipreg_comment.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_ipreg_comment\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_ipreg_domain\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_ipreg_domain.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_ipreg_domain\",\"subType\":\"multi\"},{\"name\":\"ip_src_addr_ipreg_name\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"ip_src_addr_ipreg_name.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"ip_src_addr_ipreg_name\",\"subType\":\"multi\"},{\"name\":\"method\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"method.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"method\",\"subType\":\"multi\"},{\"name\":\"referer\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"referer.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"referer\",\"subType\":\"multi\"},{\"name\":\"request_page\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"request_page.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"request_page\",\"subType\":\"multi\"},{\"name\":\"response_size\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"response_size.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"response_size\",\"subType\":\"multi\"},{\"name\":\"server_response\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"server_response.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"server_response\",\"subType\":\"multi\"},{\"name\":\"source_file\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_file.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_file\",\"subType\":\"multi\"},{\"name\":\"source_host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"source_host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"source_host\",\"subType\":\"multi\"},{\"name\":\"timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"user_agent\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"user_agent.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"parent\":\"user_agent\",\"subType\":\"multi\"}]","timeFieldName":"timestamp","title":"logs-nginx-*"},"id":"4ca554f0-893f-11ea-977f-4711a028b7c3","migrationVersion":{"index-pattern":"6.5.0"},"references":[],"type":"index-pattern","updated_at":"2020-07-08T12:42:14.207Z","version":"WzEyLDFd"} +{"attributes":{"description":"","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"savedSearchRefName":"search_0","title":"Suricata alerts - top ip_src_addr ","uiStateJSON":"{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}","version":1,"visState":"{\"title\":\"Suricata alerts - top ip_src_addr \",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMetricsAtAllLevels\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"showTotal\":false,\"totalFunc\":\"sum\",\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"cardinality\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"alert.signature_id\",\"customLabel\":\"Unique\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"ip_src_addr.keyword\",\"order\":\"desc\",\"size\":10,\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Src IP\"}}]}"},"id":"d8322050-0b7e-11ea-bc07-2bc38b4c4b9b","migrationVersion":{"visualization":"7.4.2"},"references":[{"id":"35141420-0b7c-11ea-bc07-2bc38b4c4b9b","name":"search_0","type":"search"}],"type":"visualization","updated_at":"2020-07-08T12:42:14.207Z","version":"WzEzLDFd"} \ No newline at end of file diff --git a/roles/odfekibana/files/kibanasecret b/roles/odfekibana/files/kibanasecret new file mode 100644 index 0000000..ec28be7 --- /dev/null +++ b/roles/odfekibana/files/kibanasecret @@ -0,0 +1,3 @@ +{ + "value" : "19125de3-27fa-40e8-83bf-fdb8c8338b99" +} \ No newline at end of file diff --git a/roles/odfekibana/tasks/main.yml b/roles/odfekibana/tasks/main.yml index 1662efd..c085414 100644 --- a/roles/odfekibana/tasks/main.yml +++ b/roles/odfekibana/tasks/main.yml @@ -1,17 +1,184 @@ --- -- include: start.yml +#- name: Create config directory +# file: +# name: config +# state: directory +# mode: 0700 +# tags: +# - start + +- name: Copy cacert to ca-trust dir + remote_user: root + copy: + src: "files/{{ca_cn}}.crt" + dest: /etc/pki/ca-trust/source/anchors/ca.crt + tags: + - start + +- name: Install cacert to root truststore + remote_user: root + command: "update-ca-trust" + tags: + - start + +- name: Copy certificates in odfe kibana conf dir + copy: + src: "{{ item }}" + dest: "config/{{ item }}" + mode: 0600 + with_items: + - "{{ inventory_hostname }}.p12" + - "{{ inventory_hostname }}.crt" + - "{{ inventory_hostname }}.key" + - cacerts.jks + - "{{ca_cn}}.crt" + - "{{soctools_users[0].CN}}.p12" tags: - - start -- include: stop.yml + - start + +- name: Get openid authkey + set_fact: + kibanasecret: "{{lookup('file', 'files/kibanasecret',convert_data=False) | from_json }}" + tags: + - start + +#- name: Configure sysconfig +# template: +# src: sysconfig_elasticsearch.j2 +# dest: sysconfig_elasticsearch +# tags: +# - start +# +#- name: Copy sysconfig to /etc +# command: "cp sysconfig_elasticsearch /etc/sysconfig/elasticsearch" +# tags: +# - start + +# lineinfile: +# path: /etc/sysconfig/elasticsearch +# regexp: '^ES_PATH_CONF=' +# line: ES_PATH_CONF=/usr/share/elasticsearch/config +# tags: +# - start +- name: Configure odfe kibana properties + template: + src: "{{item}}.j2" + dest: "config/{{item}}" + with_items: + - kibana.yml tags: - - stop - - stop-odfekibana -- include: update-config.yml + - start + +- name: Configure odfe kibana start script + template: + src: "{{item}}.j2" + dest: "{{item}}" + mode: 0750 + with_items: + - startkibana.sh + tags: + - start + +#- name: Exit here to test ODFE +# meta: end_play +# tags: +# - start + + +- name: Generate configuration for thehive_button plugin + template: + src: files/env.js.j2 + dest: "/usr/share/kibana/plugins/thehive_button/public/env.js" + owner: kibana + group: kibana + tags: + - start + + +- name: Start OpenDistro Kibana for Elasticsearch + command: /usr/share/kibana/startkibana.sh + #shell: exec /usr/share/kibana/bin/kibana -c config/kibana.yml & + #shell: "nohup /usr/share/kibana/bin/kibana -c config/kibana.yml &" tags: - - update-config - - update-odfekibana-config -- include: restart.yml + - start + +- name: Wait for Kibana + wait_for: + host: "{{groups['odfekibanacontainers'][0]}}" + port: 5601 + state: started + delay: 5 + tags: + - start + +- name: Check Kibana health + shell: 'curl -k -b /tmp/cookie.txt -c /tmp/cookie.txt -X "GET" "https://{{dslproxy}}:5601/api/status" \ + | egrep status....overall....state...green' + register: result + until: result.rc == 0 + retries: 90 + delay: 2 + ignore_errors: yes + tags: + - start + +- name: Copy tenant.json to container + remote_user: kibana + copy: + src: "files/tenant.json" + dest: /tmp/tenant.json + tags: + - start + +- name: change tenant to global + shell: 'curl -X "POST" "https://{{dslproxy}}:5601/api/v1/multitenancy/tenant" \ + -b /tmp/cookie.txt -c /tmp/cookie.txt \ + -k --user admin:{{ odfees_adminpass }} \ + -H "kbn-xsrf: reporting" -H "Content-Type: application/json" \ + -d @/tmp/tenant.json' + tags: + - start + +- name: Copy kibana_graphs.ndjson to container + remote_user: kibana + copy: + src: "files/kibana_graphs.ndjson" + dest: /tmp/kibana_graphs.ndjson + tags: + - start + +- name: Import graphs to kibana + shell: 'curl -X "POST" "https://{{dslproxy}}:5601/api/saved_objects/_import?overwrite=true" \ + -b /tmp/cookie.txt -c /tmp/cookie.txt \ + -k --user admin:{{ odfees_adminpass }} \ + -H "kbn-xsrf: reporting" -H "Content-Type: multipart/form-data" \ + -F "file=@/tmp/kibana_graphs.ndjson"' + tags: + - start + +#- name: cleanup temporary files for kibana_graph import +# shell: '/bin/rm -rf /tmp/cookie.txt /tmp/kibana_graphs.ndjson /tmp/tenant.json' +# ignore_errors: true +# tags: +# - start + +#- name: check reachable hosts +# gather_facts: no +# tasks: +# - command: ping -c1 {{ inventory_hostname }} +# delegate_to: localhost +# register: ping_result +# ignore_errors: yes +# - group_by: key=reachable +# when: ping_result|success + +#- name: Stop OpenDistro Kibana for Elasticsearch +# command: "pkill -SIGTERM -F {{inventory_hostname}}.pid" +# tags: +# - stop + +- name: Stop OpenDistro Kibana for Elasticsearch + command: "pkill -SIGTERM -F {{inventory_hostname}}.pid" tags: - - restart - - restart-odfekibana + - stop diff --git a/roles/odfekibana/tasks/restart.yml b/roles/odfekibana/tasks/restart.yml deleted file mode 100644 index 7ef3390..0000000 --- a/roles/odfekibana/tasks/restart.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- - -- name: Restart Kibana - remote_user: root - shell: "supervisorctl restart kibana" - -- name: Wait for Kibana - remote_user: kibana - wait_for: - host: "{{groups['odfekibanacontainers'][0]}}" - port: 5601 - state: started - delay: 5 - -- name: Check Kibana health - remote_user: kibana - shell: 'curl -k -b /tmp/cookie.txt -c /tmp/cookie.txt -X "GET" "https://{{soctoolsproxy}}:5601/api/status" \ - | egrep status....overall....state...green' - register: result - until: result.rc == 0 - retries: 90 - delay: 2 - ignore_errors: yes - -- name: Import graphs to kibana - remote_user: kibana - shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/saved_objects/_import?overwrite=true" \ - -b /tmp/cookie.txt -c /tmp/cookie.txt \ - -k --user admin:{{lookup("password", "{{playbook_dir}}/secrets/passwords/odfees_adminpass")}} \ - -H "kbn-xsrf: reporting" -H "Content-Type: multipart/form-data" \ - -F "file=@/tmp/kibana_graphs.ndjson"' - diff --git a/roles/odfekibana/tasks/start.yml b/roles/odfekibana/tasks/start.yml deleted file mode 100644 index 186a6a6..0000000 --- a/roles/odfekibana/tasks/start.yml +++ /dev/null @@ -1,166 +0,0 @@ ---- - -#- name: Create config directory -# file: -# name: config -# state: directory -# mode: 0700 - -- name: Copy cacert to ca-trust dir - remote_user: root - copy: - src: "{{playbook_dir}}/secrets/CA/ca.crt" - dest: /etc/pki/ca-trust/source/anchors/ca.crt - -- name: Install cacert to root truststore - remote_user: root - command: "update-ca-trust" - -- name: Copy certificates in odfe kibana conf dir - remote_user: kibana - copy: - src: "{{ item }}" - dest: "config/" - mode: 0600 - with_items: - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.p12" - - "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt" - - "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key" - - "{{playbook_dir}}/secrets/CA/cacerts.jks" - - "{{playbook_dir}}/secrets/CA/ca.crt" - - "{{playbook_dir}}/secrets/CA/private/{{soctools_users[0].CN}}.p12" - -- name: Get openid authkey - remote_user: kibana - set_fact: - kibanasecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/kibanasecret',convert_data=False) | from_json }}" - -#- name: Configure sysconfig -# template: -# src: sysconfig_elasticsearch.j2 -# dest: sysconfig_elasticsearch -# -#- name: Copy sysconfig to /etc -# command: "cp sysconfig_elasticsearch /etc/sysconfig/elasticsearch" - -# lineinfile: -# path: /etc/sysconfig/elasticsearch -# regexp: '^ES_PATH_CONF=' -# line: ES_PATH_CONF=/usr/share/elasticsearch/config - -- name: Configure odfe kibana properties - remote_user: kibana - template: - src: "{{item}}.j2" - dest: "config/{{item}}" - with_items: - - kibana.yml - -- name: Configure odfe kibana start script - remote_user: kibana - template: - src: "{{item}}.j2" - dest: "{{item}}" - mode: 0750 - with_items: - - startkibana.sh - -#- name: Exit here to test ODFE -# meta: end_play - - -- name: Generate configuration for thehive_button plugin - remote_user: kibana - template: - src: files/env.js.j2 - dest: "/usr/share/kibana/plugins/thehive_button/public/env.js" - owner: kibana - group: kibana - - -- name: Start Kibana - remote_user: root - shell: "supervisorctl start kibana" - -- name: Wait for Kibana - remote_user: kibana - wait_for: - host: "{{groups['odfekibanacontainers'][0]}}" - port: 5601 - state: started - delay: 5 - -- name: Check Kibana health - remote_user: kibana - shell: 'curl -k -b /tmp/cookie.txt -c /tmp/cookie.txt -X "GET" "https://{{soctoolsproxy}}:5601/api/status" \ - | egrep status....overall....state...green' - register: result - until: result.rc == 0 - retries: 90 - delay: 2 - ignore_errors: yes - -#- name: Copy tenant.json to container -# remote_user: kibana -# copy: -# src: "files/tenant.json" -# dest: /tmp/tenant.json -# -#- name: change tenant to global -# shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/v1/multitenancy/tenant" \ -# -b /tmp/cookie.txt -c /tmp/cookie.txt \ -# -k --user admin:{{ odfees_adminpass }} \ -# -H "kbn-xsrf: reporting" -H "Content-Type: application/json" \ -# -d @/tmp/tenant.json' - -- name: Copy kibana_graphs.ndjson to container - remote_user: kibana - copy: - src: "files/kibana_graphs.ndjson" - dest: /tmp/kibana_graphs.ndjson - -- name: Import graphs to kibana - remote_user: kibana - shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/saved_objects/_import?overwrite=true" \ - -b /tmp/cookie.txt -c /tmp/cookie.txt \ - -k --user admin:{{lookup("password", "{{playbook_dir}}/secrets/passwords/odfees_adminpass")}} \ - -H "kbn-xsrf: reporting" -H "Content-Type: multipart/form-data" \ - -F "file=@/tmp/kibana_graphs.ndjson"' - -- name: Copy role modification json to container - remote_user: kibana - template: - src: "role.json.j2" - dest: /tmp/role.json - -- name: Grant admin permissions to users - remote_user: kibana - shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/v1/configuration/rolesmapping/all_access" \ - -b /tmp/cookie.txt -c /tmp/cookie.txt \ - -k --user admin:{{lookup("password", "{{playbook_dir}}/secrets/passwords/odfees_adminpass")}} \ - -H "kbn-xsrf: reporting" -H "Content-Type: application/json" \ - -d @/tmp/role.json' - -#- name: cleanup temporary files for kibana_graph import -# shell: '/bin/rm -rf /tmp/cookie.txt /tmp/kibana_graphs.ndjson /tmp/tenant.json' -# ignore_errors: true - -#- name: check reachable hosts -# gather_facts: no -# tasks: -# - command: ping -c1 {{ inventory_hostname }} -# delegate_to: localhost -# register: ping_result -# ignore_errors: yes -# - group_by: key=reachable -# when: ping_result|success - -#- name: Stop OpenDistro Kibana for Elasticsearch -# command: "pkill -SIGTERM -F {{inventory_hostname}}.pid" - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' - diff --git a/roles/odfekibana/tasks/stop.yml b/roles/odfekibana/tasks/stop.yml deleted file mode 100644 index 2ab354a..0000000 --- a/roles/odfekibana/tasks/stop.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -- name: Stop OpenDistro Kibana for Elasticsearch - remote_user: root - command: "supervisorctl stop kibana" diff --git a/roles/odfekibana/tasks/update-config.yml b/roles/odfekibana/tasks/update-config.yml deleted file mode 100644 index 779d95f..0000000 --- a/roles/odfekibana/tasks/update-config.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- - -- name: Configure odfe kibana properties - remote_user: kibana - template: - src: "{{item}}.j2" - dest: "config/{{item}}" - with_items: - - kibana.yml - -- name: Configure odfe kibana start script - remote_user: kibana - template: - src: "{{item}}.j2" - dest: "{{item}}" - mode: 0750 - with_items: - - startkibana.sh - -- name: Generate configuration for thehive_button plugin - remote_user: kibana - template: - src: files/env.js.j2 - dest: "/usr/share/kibana/plugins/thehive_button/public/env.js" - owner: kibana - group: kibana - - -- name: Copy kibana_graphs.ndjson to container - remote_user: kibana - copy: - src: "files/kibana_graphs.ndjson" - dest: /tmp/kibana_graphs.ndjson - diff --git a/roles/odfekibana/templates/kibana.yml.j2 b/roles/odfekibana/templates/kibana.yml.j2 index e676b37..0d67007 100644 --- a/roles/odfekibana/templates/kibana.yml.j2 +++ b/roles/odfekibana/templates/kibana.yml.j2 @@ -29,8 +29,8 @@ elasticsearch.username: kibanaserver elasticsearch.password: kibanaserver elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"] -opendistro_security.multitenancy.enabled: false -#opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"] +opendistro_security.multitenancy.enabled: true +opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"] opendistro_security.readonly_mode.roles: ["kibana_read_only"] #new in 7.6 @@ -39,20 +39,20 @@ opendistro_security.readonly_mode.roles: ["kibana_read_only"] #telemetry.enabled: false opendistro_security.auth.type: "openid" -opendistro_security.openid.connect_url: "https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration" -opendistro_security.openid.client_id: "soctools-kibana" +opendistro_security.openid.connect_url: "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration" +opendistro_security.openid.client_id: "dsoclab-kibana" opendistro_security.openid.client_secret: "{{kibanasecret.value}}" -opendistro_security.openid.root_ca: "/usr/share/kibana/config/ca.crt" -opendistro_security.openid.base_redirect_url: "https://{{soctoolsproxy}}:5601" +opendistro_security.openid.root_ca: "/usr/share/kibana/config/{{ca_cn}}.crt" +opendistro_security.openid.base_redirect_url: "https://{{dslproxy}}:5601" opendistro_security.cookie.secure: true -opendistro_security.cookie.password: {{lookup("password", "{{playbook_dir}}/secrets/passwords/kibana_cookiepassword length=32")}} +opendistro_security.cookie.password: "{{odfekibana_cookie}}" server.ssl.enabled: true server.ssl.key: /usr/share/kibana/config/{{inventory_hostname}}.key server.ssl.certificate: /usr/share/kibana/config/{{inventory_hostname}}.crt #server.ssl.keystore.path: /usr/share/kibana/config/{{inventory_hostname}}.p12 -#server.ssl.keystore.password: {{lookup('password', '{{playbook_dir}}/secrets/passwords/keystore')}} +#server.ssl.keystore.password: {{kspass}} #server.ssl.certificateAuthorities: #server.ssl.truststore.path: jks (p12?) #server.ssl.truststore.password: diff --git a/roles/odfekibana/templates/role.json.j2 b/roles/odfekibana/templates/role.json.j2 deleted file mode 100644 index 9d67a52..0000000 --- a/roles/odfekibana/templates/role.json.j2 +++ /dev/null @@ -1,15 +0,0 @@ -{ - "backend_roles":[ - "admin" - ], - "hosts":[ - - ], - "users":[ -{% for user in ODFE_ADMIN_USERS %} - "{{ user }}", -{% endfor %} - "admin" - ], - "description":"Maps admin to all_access" -} diff --git a/roles/soctools-server/tasks/main.yml b/roles/soctools-server/tasks/main.yml index 98902dc..55adbbd 100644 --- a/roles/soctools-server/tasks/main.yml +++ b/roles/soctools-server/tasks/main.yml @@ -16,7 +16,7 @@ - name: Install required packages yum: - name: ["docker-ce","docker-ce-cli","containerd.io","python-pip","unzip"] + name: ["docker-ce","docker-ce-cli","containerd.io","python-pip"] state: latest validate_certs: no when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux' diff --git a/roles/thehive/files/SOCTOOLS-CA.crt b/roles/thehive/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/thehive/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/thehive/files/cacerts.jks b/roles/thehive/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/thehive/files/dsoclab-thehive.crt b/roles/thehive/files/dsoclab-thehive.crt new file mode 100644 index 0000000..0d474c2 --- /dev/null +++ b/roles/thehive/files/dsoclab-thehive.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 61:09:5c:2c:8d:35:ee:29:1c:99:ce:ab:d4:2b:3c:a4 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-thehive + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ba:c5:4d:20:a4:60:b7:61:21:ed:16:a1:6f:72: + c4:de:a1:00:c0:ef:fc:5d:a1:89:34:07:15:d2:b4: + 3a:14:b8:95:75:8e:81:71:49:46:1d:c8:81:cb:f1: + ec:c7:5a:12:f6:89:60:e4:c8:98:1a:61:c8:2d:12: + 8f:73:ee:f8:9d:88:b5:7f:30:70:97:29:b4:ab:43: + 2d:dc:db:a7:10:47:c7:b5:26:9b:11:85:fb:d3:27: + 8f:3a:55:bc:ea:78:17:b8:89:10:a3:a4:10:60:39: + c3:7f:42:25:a9:fe:84:7f:38:5e:f4:3d:c3:98:3d: + 56:b9:ba:81:06:55:8d:65:12:f0:4e:23:88:1d:98: + 0c:2f:6e:4f:67:fd:4e:67:39:91:b9:01:52:12:aa: + 9e:bb:7a:c8:ea:8f:4a:2d:18:f8:69:9a:3a:a0:c8: + 6e:e3:de:c6:db:be:4c:59:e0:cf:bc:34:4f:2c:b0: + ef:3e:82:5a:df:68:be:b8:fb:cc:5f:6a:f2:3e:66: + d4:c6:c5:f6:0b:67:e9:64:85:15:87:60:6f:dc:b4: + 5b:13:6f:b0:9b:f8:f3:da:c1:91:9e:81:5f:16:ca: + 9e:14:01:c1:1c:ce:2a:d3:c8:3c:0f:be:b1:37:aa: + c9:08:68:2b:de:f9:44:6c:1e:90:a4:12:bc:f5:3c: + 46:bd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 5B:08:8E:F2:1B:8F:12:03:BA:31:02:9C:CE:CC:BC:9F:FC:19:D1:E1 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-thehive, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 7f:b2:fa:33:d6:e3:6c:57:8a:4a:9a:ef:8b:81:2b:df:f3:d6: + fb:8c:bc:02:cf:71:54:a0:f2:0d:ae:3b:30:cf:5c:69:d7:d0: + aa:cc:16:80:4d:9d:c8:1f:a7:98:9d:26:dc:ae:8e:24:2b:bc: + c1:11:a6:8d:4f:ca:13:1f:7f:8f:4c:ef:dd:46:df:d6:97:0a: + 88:51:4e:f7:46:aa:3d:e3:70:e9:19:e8:9f:7e:22:fa:b6:38: + 30:00:0a:94:38:09:bf:b8:64:6c:c1:b7:05:6d:4f:f3:27:0c: + df:04:ef:a1:4e:e8:2d:4c:06:d0:c0:4f:4f:da:d0:6d:b8:f2: + b3:79:18:63:bd:62:83:53:55:38:94:d9:64:ca:e7:4d:71:ce: + d1:05:6d:b1:6c:fb:1a:4c:b6:ef:70:2b:3d:9b:1d:66:d8:d9: + 9f:f0:e5:48:29:50:e8:1b:1a:fb:b4:d2:5e:38:ec:05:45:c2: + e7:de:9a:9d:aa:34:67:c5:66:18:e3:86:8b:0c:1a:c4:21:20: + 7e:b7:ad:e2:0b:d0:0d:d4:76:e6:53:ca:77:bc:ce:d0:9b:7b: + 7c:fd:42:94:da:63:d8:a7:52:d2:45:f2:d5:55:ef:37:f1:a5: + 0e:ba:29:c9:b4:ce:99:45:04:21:2b:86:27:bb:c1:f2:86:9a: + 7c:51:5c:3b +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIQYQlcLI017ikcmc6r1Cs8pDANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBoxGDAWBgNVBAMMD2Rzb2NsYWItdGhlaGl2ZTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALrFTSCkYLdhIe0WoW9yxN6hAMDv/F2hiTQHFdK0 +OhS4lXWOgXFJRh3Igcvx7MdaEvaJYOTImBphyC0Sj3Pu+J2ItX8wcJcptKtDLdzb +pxBHx7UmmxGF+9MnjzpVvOp4F7iJEKOkEGA5w39CJan+hH84XvQ9w5g9Vrm6gQZV +jWUS8E4jiB2YDC9uT2f9Tmc5kbkBUhKqnrt6yOqPSi0Y+GmaOqDIbuPextu+TFng +z7w0Tyyw7z6CWt9ovrj7zF9q8j5m1MbF9gtn6WSFFYdgb9y0WxNvsJv489rBkZ6B +XxbKnhQBwRzOKtPIPA++sTeqyQhoK975RGwekKQSvPU8Rr0CAwEAAaOB3TCB2jAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBRbCI7yG48SA7oxApzOzLyf/BnR4TBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDoGA1UdEQQzMDGCD2Rzb2NsYWItdGhlaGl2ZYIeZHNvY2xh +Yi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQB/svoz +1uNsV4pKmu+LgSvf89b7jLwCz3FUoPINrjswz1xp19CqzBaATZ3IH6eYnSbcro4k +K7zBEaaNT8oTH3+PTO/dRt/WlwqIUU73Rqo943DpGeiffiL6tjgwAAqUOAm/uGRs +wbcFbU/zJwzfBO+hTugtTAbQwE9P2tBtuPKzeRhjvWKDU1U4lNlkyudNcc7RBW2x +bPsaTLbvcCs9mx1m2Nmf8OVIKVDoGxr7tNJeOOwFRcLn3pqdqjRnxWYY44aLDBrE +ISB+t63iC9AN1HbmU8p3vM7Qm3t8/UKU2mPYp1LSRfLVVe838aUOuinJtM6ZRQQh +K4Ynu8Hyhpp8UVw7 +-----END CERTIFICATE----- diff --git a/roles/thehive/files/dsoclab-thehive.key b/roles/thehive/files/dsoclab-thehive.key new file mode 100644 index 0000000..6d4d8bb --- /dev/null +++ b/roles/thehive/files/dsoclab-thehive.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6xU0gpGC3YSHt +FqFvcsTeoQDA7/xdoYk0BxXStDoUuJV1joFxSUYdyIHL8ezHWhL2iWDkyJgaYcgt +Eo9z7vidiLV/MHCXKbSrQy3c26cQR8e1JpsRhfvTJ486VbzqeBe4iRCjpBBgOcN/ +QiWp/oR/OF70PcOYPVa5uoEGVY1lEvBOI4gdmAwvbk9n/U5nOZG5AVISqp67esjq +j0otGPhpmjqgyG7j3sbbvkxZ4M+8NE8ssO8+glrfaL64+8xfavI+ZtTGxfYLZ+lk +hRWHYG/ctFsTb7Cb+PPawZGegV8Wyp4UAcEczirTyDwPvrE3qskIaCve+URsHpCk +Erz1PEa9AgMBAAECggEARJH9cBeJfqoFp6LgYCd1yfq4aR1yvPl6gwR66aHLlSHz +lXZdZbcuK+8aYEMQ2FvkjGkBjt1qonz13j5rNngtBMFVST4CiC0CrMH8S5LFMj/4 +PTTQR822F971QciKlFbE9rYzyrCIZpuuf8FMTK4p/P84NVmbvv/+IDAuAKJWSB3b +TXVeYzqET/cENXrNZNsTMHVoPAudtsHXXa5w3yXJXhTlRQrjMtMHgV+H1O2iOvi5 +IAJUm2HVmGON9aqQKZlzYvx9txSBRczEwQK+fLPoXGEG/KhskiBPMU0y9a60SV5F +Oi94zzBCOSf/k+C4+EhkvfSq727ZFs60zGcoEW7rzQKBgQD08umyOtqJEB6dk5hg +RA1mc3qx332Li0Ep9ciPD0oOyt9H/pQBMYHlV4Vf26dmjxg7XMPqB38topjbnVcY +r1QigQ8tnHXktcO1tUpx6MhTkN4sBH9dvZE4TdBiarlcThgnuCfZUhjyfyr715tR +BIC8TA9bd/6oUaf/zd0S4aGcEwKBgQDDMnKe7PoDlHtjxaiDs8VLRRgNKocT/jaD +SZ5j5a1e+fvIK+lqpW7pXT/AlBVvxC6ke2Zb1csgndgF0p45ZO9WsB5fV3x8AREM +zIvrqpH4hdRBEF7o1syVDMXmTQLsPOLzj6B2UC5mpqoo2GkI9yyXpJhNR0kqzkDy +Pclu3xZL7wKBgQCZsFAxI/w6Q4LyG8lfnVNLFOnG8RM0mwsn6K8OE+nDnka6RWFX +3lhCLcfhfVBraR0rIelKzaleWMbQBMjBFEEV5SRA2gqele1V9YngLs6CoELGG4xO +pMKZMTmuhogHAnjlcwaNtJUykdfGbGFnVAvyGUcJfSCrO5DNT72GO0vLQQKBgQCF +WyPf2/r7Eygxg8qbH+h8ghnqdNGQIS9RBqzFhxapOpR/rzBrAdcCbAiwIvt6Pke3 +a+8Ecs2x3OTHJZufjovNZ8l4TaboeToSynQVb5UGezgFs4+D96wRcIaLzrVefEJ5 +L/jqm+D3lInQGfm4fFXkzDiZI0ijjAHm/btumc771QKBgBTu4KvY6rzgmHbymux1 ++tr+xl3/Nb29XQJHpZV+hgFGg1+aWaR9c0WXz9mKovBanEUHJb5khqFQDFZuWMNG +tNQ1JbwTXwxmAfVJbLYbSHnuePkh+qtpmTVa3H5NdRBI/062/Km6Rxcf5JljB8/J +k+SqVxdKSTfaWxGqyyAZgVis +-----END PRIVATE KEY----- diff --git a/roles/thehive/files/logback.xml b/roles/thehive/files/logback.xml new file mode 100644 index 0000000..d7f5263 --- /dev/null +++ b/roles/thehive/files/logback.xml @@ -0,0 +1,45 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration debug="true"> + + <conversionRule conversionWord="coloredLevel" + converterClass="play.api.libs.logback.ColoredLevel"/> + + <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>/var/log/thehive/application.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>/var/log/logs/application.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>%date [%level] from %logger in %thread [%X{request}|%X{tx}] %message%n%xException</pattern> + </encoder> + </appender> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%coloredLevel %logger{15} [%X{request}|%X{tx}] %message%n%xException{10} + </pattern> + </encoder> + </appender> + + <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="FILE"/> + </appender> + + <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT"/> + </appender> + + <logger name="org.thp" level="INFO"/> + + <root level="DEBUG"> + <appender-ref ref="ASYNCFILE"/> + <appender-ref ref="ASYNCSTDOUT"/> + </root> + +</configuration> + diff --git a/roles/thehive/files/thehivesecret b/roles/thehive/files/thehivesecret new file mode 100644 index 0000000..f00a8d5 --- /dev/null +++ b/roles/thehive/files/thehivesecret @@ -0,0 +1,3 @@ +{ + "value" : "b832e3a9-0080-4f07-bc3d-6bbc67bce741" +} \ No newline at end of file diff --git a/roles/thehive/tasks/createusers.yml b/roles/thehive/tasks/createusers.yml new file mode 100644 index 0000000..b0fbcdd --- /dev/null +++ b/roles/thehive/tasks/createusers.yml @@ -0,0 +1,28 @@ +--- +# - name: create organisation +# uri: +# url: "https://{{dslproxy}}:9000/api/organisation" +# method: POST +# headers: +# Authorization: "Bearer {{ THEHIVE_API_KEY }}" +# body_format: form-urlencoded +# body: +# name: "{{ organisation }}" +# description: "test" +# status_code: 201 +# tags: +# - create_org +- name: generate json files for creating users + remote_user: root + template: + src: users.json + dest: /tmp/{{ item.username }}.json + with_items: + - "{{ THEHIVE_USERS }}" +- name: create users + remote_user: root + shell: "curl -k -H 'Authorization: Bearer {{ THEHIVE_API_KEY }}' -H 'Content-Type: application/json' https://{{ dslproxy }}:9000/api/user -d @/tmp/{{ item.username}}.json" + args: + warn: false + with_items: + - "{{ THEHIVE_USERS }}" diff --git a/roles/thehive/tasks/main.yml b/roles/thehive/tasks/main.yml index a0f7edf..0e560e7 100644 --- a/roles/thehive/tasks/main.yml +++ b/roles/thehive/tasks/main.yml @@ -1,18 +1,87 @@ --- -- include: start.yml +- name: Copy cacert to ca-trust dir + remote_user: root + copy: + src: "files/{{ca_cn}}.crt" + dest: /etc/pki/ca-trust/source/anchors/ca.crt tags: - - start -- include: stop.yml + - start + +- name: Install cacert to root truststore + remote_user: root + command: "update-ca-trust" + tags: + - start + +- name: Copy certificates in thehive conf dir + copy: + src: "{{ item }}" + dest: "/etc/thehive/{{ item }}" + mode: 0600 + with_items: + - "{{ inventory_hostname }}.crt" + - "{{ inventory_hostname }}.key" + - cacerts.jks + - "{{ca_cn}}.crt" + tags: + - start + +- name: Get openid authkey + set_fact: + thehivesecret: "{{lookup('file', 'files/thehivesecret',convert_data=False) | from_json }}" tags: - - stop - - stop-thehive -- include: update-config.yml + - start + + +- name: Configure TheHive + template: + src: application.conf.j2 + dest: /etc/thehive/application.conf + tags: + - start + +- name: Configure TheHive logging + copy: + src: logback.xml + dest: /etc/thehive/logback.xml tags: - - update-config - - update-thehive-config -- include: restart.yml + - start + + +- name: Start TheHive + command: > + daemonize + -c /opt/thehive + -p /tmp/thehive.pid + -o /tmp/thehive-stdout.log + /opt/thehive/bin/thehive + -Dconfig.file=/etc/thehive/application.conf + -Dlogger.file=/etc/thehive/logback.xml + -J-Xms1g + -J-Xmx1g + -Dpidfile.path=/dev/null + tags: + - start + +- name: Wait for TheHive + wait_for: + host: "{{groups['thehive'][0]}}" + port: 9000 + state: started + delay: 5 + tags: + - start + +- name: Create TheHive users + include: createusers.yml + tags: + - createusers + - start + +- name: Stop TheHive + command: "pkill -SIGTERM -F /tmp/thehive.pid" tags: - - restart - - restart-thehive + - stop + - stopthehive diff --git a/roles/thehive/tasks/restart.yml b/roles/thehive/tasks/restart.yml deleted file mode 100644 index f3b3644..0000000 --- a/roles/thehive/tasks/restart.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -- name: Restart TheHive - remote_user: root - command: "supervisorctl restart thehive" - -- name: Wait for TheHive - remote_user: root - wait_for: - host: "{{groups['thehive'][0]}}" - port: 9000 - state: started - delay: 5 diff --git a/roles/thehive/tasks/start.yml b/roles/thehive/tasks/start.yml deleted file mode 100644 index 33a136b..0000000 --- a/roles/thehive/tasks/start.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- - -- name: Configure TheHive - remote_user: thehive - template: - src: application.conf.j2 - dest: /etc/thehive/application.conf - -- name: Start TheHive - remote_user: root - command: "supervisorctl start thehive" - -- name: Wait for TheHive - remote_user: root - wait_for: - host: "{{groups['thehive'][0]}}" - port: 9000 - state: started - delay: 5 - -- name: Set Autostart for supervisord's services - replace: - path: /etc/supervisord.conf - regexp: '^autostart=false$' - replace: 'autostart=true' - diff --git a/roles/thehive/tasks/stop.yml b/roles/thehive/tasks/stop.yml deleted file mode 100644 index 87d605a..0000000 --- a/roles/thehive/tasks/stop.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -- name: Stop TheHive - remote_user: root - command: "supervisorctl stop thehive" diff --git a/roles/thehive/tasks/update-config.yml b/roles/thehive/tasks/update-config.yml deleted file mode 100644 index 7b02823..0000000 --- a/roles/thehive/tasks/update-config.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- name: Configure TheHive - remote_user: thehive - template: - src: application.conf.j2 - dest: /etc/thehive/application.conf diff --git a/roles/thehive/templates/application.conf.j2 b/roles/thehive/templates/application.conf.j2 index d25e059..a92e4f7 100644 --- a/roles/thehive/templates/application.conf.j2 +++ b/roles/thehive/templates/application.conf.j2 @@ -5,7 +5,7 @@ ## Include Play secret key # More information on secret key at https://www.playframework.com/documentation/2.8.x/ApplicationSecret #include "/etc/thehive/secret.conf" -play.http.secret.key="{{lookup('password', '{{playbook_dir}}/secrets/passwords/thehive_secret_key')}}" +play.http.secret.key="{{thehive_secret_key}}" ## Database configuration db.janusgraph { @@ -13,7 +13,7 @@ db.janusgraph { ## Cassandra configuration # More information at https://docs.janusgraph.org/basics/configuration-reference/#storagecql backend: cql - hostname: ["{{groups['cassandra'][0]}}.{{soctools_netname}}"] + hostname: ["{{groups['cassandra'][0]}}.{{soctools_netname}}:9042"] # Cassandra authentication (if configured) // username: "thehive" // password: "password" @@ -47,17 +47,61 @@ storage { ## Authentication configuration # More information at https://github.com/TheHive-Project/TheHiveDocs/TheHive4/Administration/Authentication.md -//auth { -// providers: [ +auth { + providers: [ // {name: session} # required ! // {name: basic, realm: thehive} // {name: local} // {name: key} -// ] + {name: session} # required ! + {name: basic, realm: thehive} + {name: local} + {name: key} + { + name: oauth2 + clientId: "dsoclab-thehive" + clientSecret: {{thehivesecret.value}} + redirectUri: "https://{{dslproxy}}:9000/api/ssoLogin" + responseType: "code" + grantType: "authorization_code" + authorizationUrl: "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/auth" + authorizationHeader: "Bearer" + tokenUrl: "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/token" + userUrl: "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/userinfo" +// scope: ["openid", "email"] + scope: ["openid"] + userIdField: "email" +// userIdField: "name" + } + ] + sso { + autocreate: true + autoupdate: true + autologin: true + mapper: "simple" +// attributes { +// login: "login" +// name: "name" +// roles: "role" +// } + defaultRoles: ["read", "write", "admin"] + defaultOrganization: "uninett.no" +// defaultOrganization: "demo" + } + ws.ssl.trustManager { + stores = [ + { + type: "JKS" // JKS or PEM + path: "cacerts.jks" + password: "{{tspass}}" + } + ] + } # The format of logins must be valid email address format. If the provided login doesn't contain `@` the following # domain is automatically appended -// defaultUserDomain: "thehive.local" -//} + defaultUserDomain: "uninett.no" +# defaultUserDomain: "thehive.local" +} ## CORTEX configuration # More information at https://github.com/TheHive-Project/TheHiveDocs/TheHive4/Administration/Connectors.md diff --git a/roles/thehive/templates/users.json b/roles/thehive/templates/users.json new file mode 100644 index 0000000..b16eed7 --- /dev/null +++ b/roles/thehive/templates/users.json @@ -0,0 +1,6 @@ +{ + "login": "{{ item.username }}", + "name": "{{ item.name }} {{ item.surname }}", + "roles": {{ item.roles }}, + "organisation": "{{ item.organization }}" +} diff --git a/roles/thehive/vars/users.yml b/roles/thehive/vars/users.yml new file mode 100644 index 0000000..07433e6 --- /dev/null +++ b/roles/thehive/vars/users.yml @@ -0,0 +1,16 @@ +--- + +THEHIVE_API_KEY: "1gFdNhmUSxO3BRe1SBB5JYEvkW9UOo6s" +THEHIVE_USERS: + - kiril: + username: "kiril" + name: "Kiril" + surname: "Kiroski" + roles: '["read", "write", "admin"]' + organization: "uninett.no" + - temur: + username: "temur" + name: "Temur" + surname: "Maisuradze" + roles: '["read", "write", "admin"]' + organization: "uninett.no" diff --git a/soctools-inventory b/soctools-inventory new file mode 100644 index 0000000..cff0d64 --- /dev/null +++ b/soctools-inventory @@ -0,0 +1,35 @@ +[dsldev] +localhost ansible_connection=local + +[nificontainers] +dsoclab-nifi-1 ansible_connection=docker +dsoclab-nifi-2 ansible_connection=docker +dsoclab-nifi-3 ansible_connection=docker + +[odfeescontainers] +dsoclab-odfe-1 ansible_connection=docker +dsoclab-odfe-2 ansible_connection=docker + +[odfekibanacontainers] +dsoclab-kibana ansible_connection=docker + +[keycloakcontainers] +dsoclab-keycloak ansible_connection=docker + +[mysql] +dsoclab-mysql ansible_connection=docker + +[mispcontainers] +dsoclab-misp ansible_connection=docker + +[cassandra] +dsoclab-cassandra ansible_connection=docker + +[thehive] +dsoclab-thehive ansible_connection=docker + +[cortex] +dsoclab-cortex ansible_connection=docker + +[haproxy] +dsoclab-haproxy ansible_connection=docker diff --git a/soctools.yml b/soctools.yml index fb4a219..c25b56f 100644 --- a/soctools.yml +++ b/soctools.yml @@ -2,16 +2,9 @@ - name: Start soctools cluster import_playbook: startsoctools.yml - when: "'start' in ansible_run_tags or 'config' in ansible_run_tags" + when: "'start' in ansible_run_tags" - name: Stop soctools cluster import_playbook: stopsoctools.yml - when: "'stop' in ansible_run_tags or 'stop-thehive' in ansible_run_tags or 'stop-keycloak' in ansible_run_tags or 'stop-cortex' in ansible_run_tags or 'stop-haproxy' in ansible_run_tags or 'stop-cassandra' in ansible_run_tags or 'stop-filebeat' in ansible_run_tags or 'stop-misp' in ansible_run_tags or 'stop-mysql' in ansible_run_tags or 'stop-nifi' in ansible_run_tags or 'stop-odfees' in ansible_run_tags or 'stop-odfekibana' in ansible_run_tags" + when: "'stop' in ansible_run_tags" -- name: Update soctools cluster configs - import_playbook: update-config-soctools.yml - when: "'update-config' in ansible_run_tags or 'update-keycloak-config' in ansible_run_tags or 'update-thehive-config' in ansible_run_tags or 'update-cortex-config' in ansible_run_tags or 'update-haproxy-config' in ansible_run_tags or 'update-cassandra-config' in ansible_run_tags or 'update-filebeat-config' in ansible_run_tags or 'update-misp-config' in ansible_run_tags or 'update-mysql-config' in ansible_run_tags or 'update-nifi-config' in ansible_run_tags or 'update-odfees-config' in ansible_run_tags or 'update-odfekibana-config' in ansible_run_tags" - -- name: restart soctools cluster servics - import_playbook: restart-soctools.yml - when: "'restart' in ansible_run_tags or 'restart-thehive' in ansible_run_tags or 'restart-keycloak' in ansible_run_tags or 'restart-cortex' in ansible_run_tags or 'restart-haproxy' in ansible_run_tags or 'restart-cassandra' in ansible_run_tags or 'restart-filebeat' in ansible_run_tags or 'restart-misp' in ansible_run_tags or 'restart-mysql' in ansible_run_tags or 'restart-nifi' in ansible_run_tags or 'restart-odfees' in ansible_run_tags or 'restart-odfekibana' in ansible_run_tags" diff --git a/soctools_server.yml b/soctools_server.yml index 382d998..23716c5 100644 --- a/soctools_server.yml +++ b/soctools_server.yml @@ -1,5 +1,5 @@ --- -- hosts: soctoolsmain +- hosts: dsldev become: true roles: - soctools-server diff --git a/startsoctools.yml b/startsoctools.yml index c9c4c6b..f1154c3 100644 --- a/startsoctools.yml +++ b/startsoctools.yml @@ -1,7 +1,7 @@ --- - name: Start docker containers - hosts: soctoolsmain + hosts: dsldev roles: - docker @@ -25,11 +25,6 @@ roles: - keycloak -- name: Reconfigure and start MISP - hosts: mispcontainers - roles: - - misp - - name: Reconfigure and start NiFi hosts: nificontainers roles: @@ -45,10 +40,10 @@ roles: - odfekibana -- name: Install and run filebeat - hosts: filebeat +- name: Reconfigure and start MISP + hosts: mispcontainers roles: - - filebeat + - misp - name: Reconfigure and start TheHive hosts: thehive diff --git a/stopsoctools.yml b/stopsoctools.yml index 5bd1217..045c3f0 100644 --- a/stopsoctools.yml +++ b/stopsoctools.yml @@ -6,7 +6,7 @@ - nifi - name: Stop all containers - hosts: soctoolsmain + hosts: dsldev roles: - docker diff --git a/update-config-soctools.yml b/update-config-soctools.yml deleted file mode 100644 index 138f664..0000000 --- a/update-config-soctools.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- - -- name: Update Configs for haproxy - hosts: haproxy - roles: - - haproxy - -- name: Update Configs for mysql - hosts: mysql - roles: - - mysql - -- name: Update Configs for Cassandra - hosts: cassandra - roles: - - cassandra - -- name: Update Configs for Keycloak - hosts: keycloakcontainers - roles: - - keycloak - -- name: Update Configs for NiFi - hosts: nificontainers - roles: - - nifi - -- name: Update Configs for OpenDistro for Elasticsearch - hosts: odfeescontainers - roles: - - odfees - -- name: Update Configs for OpenDistro Kibana for Elasticsearch - hosts: odfekibanacontainers - roles: - - odfekibana - -- name: Update Configs for MISP - hosts: mispcontainers - roles: - - misp - -- name: Update Configs for TheHive - hosts: thehive - roles: - - thehive - -- name: Update Configs for Cortex - hosts: cortex - roles: - - cortex - diff --git a/utils/flow2template.py b/utils/flow2template.py index b201832..570a1ef 100755 --- a/utils/flow2template.py +++ b/utils/flow2template.py @@ -13,20 +13,17 @@ et = xml.etree.ElementTree.parse(f) for v in et.findall(".//variable"): a=v.attrib if a['name']=="misp_token": - a['value']="{{lookup('file','{{playbook_dir}}/secrets/tokens/misp')}}" + a['value']="{{ misp_token }}" elif a['name']=="misp_url": a['value']="{{ misp_url }}" elif a['name']=="maxmind_key": a['value']="{{ maxmind_key }}" elif a['name']=="elastic_url": - a['value']="https://{{ soctoolsproxy }}:9200" + a['value']="https://{{ dslproxy }}:9200" elif a['name']=="elastic_username": a['value']="{{ elastic_username }}" elif a['name']=="elastic_password": - a['value']="{{lookup('password', '{{playbook_dir}}/secrets/passwords/odfees_adminpass')}}" - -for v in et.findall(".//controllerService[name='Soctools CA']/property[name='Truststore Password']/value"): - v.text="{{lookup('password', '{{playbook_dir}}/secrets/passwords/truststore')}}" + a['value']="{{ odfees_adminpass }}" et.write(args.templatefile) -- GitLab