Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 04:52:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fixes #1320

Browse source
This commit is contained in:
t3chn0m4g3 2023-05-03 22:01:36 +00:00
parent 35188ef28e
commit efd5f4c54c
1 changed files with 28 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
docker/elk/logstash/dist/entrypoint.sh vendored
View file

@ -57,12 +57,13 @@ if [ "$MY_TPOT_TYPE" == "SENSOR" ];
chmod 600 $MY_SENSOR_PRIVATEKEYFILE
cp /usr/share/logstash/config/pipelines_sensor.yml /usr/share/logstash/config/pipelines.yml
autossh -f -M 0 -4 -l $MY_HIVE_USERNAME -i $MY_SENSOR_PRIVATEKEYFILE -p 64295 -N -L64305:127.0.0.1:64305 $MY_HIVE_IP -o "ServerAliveInterval 30" -o "ServerAliveCountMax 3" -o "StrictHostKeyChecking=no" -o "UserKnownHostsFile=/dev/null"
exit 0
fi
# Index Management is happening through ILM, but we need to put T-Pot ILM setting on ES.
myTPOTILM=$(curl -s -XGET "http://elasticsearch:9200/_ilm/policy/tpot" | grep "Lifecycle policy not found: tpot" -c)
if [ "$myTPOTILM" == "1" ];
if [ "$MY_TPOT_TYPE" != "SENSOR" ];
then
# Index Management is happening through ILM, but we need to put T-Pot ILM setting on ES.
myTPOTILM=$(curl -s -XGET "http://elasticsearch:9200/_ilm/policy/tpot" | grep "Lifecycle policy not found: tpot" -c)
if [ "$myTPOTILM" == "1" ];
then
echo "T-Pot ILM template not found on ES, putting it on ES now."
curl -XPUT "http://elasticsearch:9200/_ilm/policy/tpot" -H 'Content-Type: application/json' -d'
@ -90,6 +91,7 @@ if [ "$myTPOTILM" == "1" ];
}'
else
echo "T-Pot ILM already configured or ES not available."
fi
fi
echo