Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 12:32:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

add objects, fix for #298

Browse source
This commit is contained in:
t3chn0m4g3 2019-03-01 20:29:47 +00:00
parent 89b249d228
commit 85e5f8d7aa
4 changed files with 3620 additions and 3606 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
bin/dump_es.sh
View file

@ -2,10 +2,10 @@
# Dump all ES data # Dump all ES data
# Make sure ES is available # Make sure ES is available
myES="http://127.0.0.1:64298/" myES="http://127.0.0.1:64298/"
myESSTATUS=$(curl -s -XGET ''$myES'_cluster/health' | jq '.' | grep -c green) myESSTATUS=$(curl -s -XGET ''$myES'_cluster/health' | jq '.' | grep -c "green\|yellow")
if ! [ "$myESSTATUS" = "1" ] if ! [ "$myESSTATUS" = "1" ]
then then
echo "### Elasticsearch is not available, try starting via 'systemctl start elk'." echo "### Elasticsearch is not available, try starting via 'systemctl start tpot'."
exit exit
else else
echo "### Elasticsearch is available, now continuing." echo "### Elasticsearch is available, now continuing."
@ -20,12 +20,12 @@ trap fuCLEANUP EXIT
# Set vars # Set vars
myDATE=$(date +%Y%m%d%H%M) myDATE=$(date +%Y%m%d%H%M)
myINDICES=$(curl -s -XGET ''$myES'_cat/indices/' | awk '{ print $3 }' | sort | grep -v 1970) myINDICES=$(curl -s -XGET ''$myES'_cat/indices/logstash-*' | awk '{ print $3 }' | sort | grep -v 1970)
myES="http://127.0.0.1:64298/" myINDICES+=" .kibana"
myCOL1="" myCOL1=""
myCOL0="" myCOL0=""
# Dumping all ES data # Dumping Kibana and Logstash data
echo $myCOL1"### The following indices will be dumped: "$myCOL0 echo $myCOL1"### The following indices will be dumped: "$myCOL0
echo $myINDICES echo $myINDICES
echo echo

22
bin/restore_es.sh
View file

@ -2,10 +2,10 @@
# Restore folder based ES backup # Restore folder based ES backup
# Make sure ES is available # Make sure ES is available
myES="http://127.0.0.1:64298/" myES="http://127.0.0.1:64298/"
myESSTATUS=$(curl -s -XGET ''$myES'_cluster/health' | jq '.' | grep -c green) myESSTATUS=$(curl -s -XGET ''$myES'_cluster/health' | jq '.' | grep -c "green\|yellow")
if ! [ "$myESSTATUS" = "1" ] if ! [ "$myESSTATUS" = "1" ]
then then
echo "### Elasticsearch is not available, try starting via 'systemctl start elk'." echo "### Elasticsearch is not available, try starting via 'systemctl start tpot'."
exit exit
else else
echo "### Elasticsearch is available, now continuing." echo "### Elasticsearch is available, now continuing."
@ -41,17 +41,31 @@ echo $myCOL1"### Now unpacking tar archive: "$myDUMP $myCOL0
tar xvf $myDUMP tar xvf $myDUMP
# Build indices list # Build indices list
myINDICES=$(ls tmp/logstash*.gz | cut -c 5- | rev | cut -c 4- | rev) myINDICES="$(ls tmp/logstash*.gz | cut -c 5- | rev | cut -c 4- | rev)"
myINDICES+=" .kibana" myINDICES+=" .kibana"
echo $myCOL1"### The following indices will be restored: "$myCOL0 echo $myCOL1"### The following indices will be restored: "$myCOL0
echo $myINDICES echo $myINDICES
echo echo
# Force single seat template for everything
echo -n $myCOL1"### Forcing single seat template: "$myCOL0
curl -s XPUT ''$myES'_template/.*' -H 'Content-Type: application/json' -d'
{ "index_patterns": ".*",
"order": 1,
"settings":
{
"number_of_shards": 1,
"number_of_replicas": 0
}
}'
echo
# Restore indices # Restore indices
curl -s -X DELETE ''$myES'.kibana*' > /dev/null
for i in $myINDICES; for i in $myINDICES;
do do
# Delete index if it already exists # Delete index if it already exists
curl -s -XDELETE $myES$i > /dev/null curl -s -X DELETE $myES$i > /dev/null
echo $myCOL1"### Now uncompressing: tmp/$i.gz" $myCOL0 echo $myCOL1"### Now uncompressing: tmp/$i.gz" $myCOL0
gunzip -f tmp/$i.gz gunzip -f tmp/$i.gz
# Restore index to ES # Restore index to ES

BIN
etc/objects/kibana-objects.tgz
View file

Binary file not shown.

7194
etc/objects/kibana_export.json
View file

File diff suppressed because one or more lines are too long