diff --git a/installer/bin/dump_elk.sh b/installer/bin/dump_elk.sh new file mode 100755 index 00000000..bbfb2d70 --- /dev/null +++ b/installer/bin/dump_elk.sh @@ -0,0 +1,21 @@ +#/bin/bash +myDATE=$(date +%Y%m%d%H%M) +myINDICES=$(curl -s -XGET 'http://127.0.0.1:64298/_cat/indices/' | grep logstash | awk '{ print $3 }' | sort | grep -v 1970) +myES="http://127.0.0.1:64298/" +myCOL1="" +myCOL0="" +mkdir $myDATE +for i in $myINDICES; + do + echo $myCOL1"### Now dumping: "$i $myCOL0 + elasticdump --input=$myES$i --output=$myDATE"/"$i --limit 7500 + echo $myCOL1"### Now compressing: $myDATE/$i" $myCOL0 + gzip -f $myDATE"/"$i + done; +echo $myCOL1"### Now building tar archive: es_dump_"$myDATE".tgz" $myCOL0 +cd $myDATE +tar cvfz es_dump_$myDATE.tgz * +mv es_dump_$myDATE.tgz .. +cd .. +rm -rf $myDATE +echo $myCOL1"### Done."$myCOL0 diff --git a/installer/bin/restore_elk.sh b/installer/bin/restore_elk.sh new file mode 100755 index 00000000..1a1291bd --- /dev/null +++ b/installer/bin/restore_elk.sh @@ -0,0 +1,45 @@ +#/bin/bash +myDUMP=$1 +myES="http://127.0.0.1:64298/" +myCOL1="" +myCOL0="" + +# Check if parameter is given and file exists +if [ "$myDUMP" = "" ]; + then + echo $myCOL1"### Please proive a backup file name."$myCOL0 + echo $myCOL1"### restore-elk.sh "$myCOL0 + echo + exit +fi +if ! [ -a $myDUMP ]; + then + echo $myCOL1"### File not found."$myCOL0 + exit +fi + +# Unpack tar archive +echo $myCOL1"### Now unpacking tar archive: "$myDUMP $myCOL0 +mkdir tmp +tar xvfz $myDUMP -C tmp +cd tmp +# Build indices list +myINDICES=$(ls | cut -c 1-19) +echo $myCOL1"### The following indices will be restored: "$myCOL0 +echo $myINDICES +echo + +for i in $myINDICES; + do + # Delete index if it already exists + curl -s -XDELETE $myES$i > /dev/null + echo $myCOL1"### Now uncompressing: "$i".gz" $myCOL0 + gunzip $i.gz + # Restore index to ES + echo $myCOL1"### Now restoring: "$i $myCOL0 + elasticdump --input=$i --output=$myES$i --limit 7500 + rm $i + done; +cd .. +rm -rf tmp +echo $myCOL1"### Done."$myCOL0 diff --git a/installer/data/elkbase.tgz b/installer/data/elkbase.tgz index a7dbd21e..81c535b4 100644 Binary files a/installer/data/elkbase.tgz and b/installer/data/elkbase.tgz differ diff --git a/installer/install.sh b/installer/install.sh index 26f79952..c45fb6b7 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -3,7 +3,7 @@ # T-Pot post install script # # Ubuntu server 16.04.0, x64 # # # -# v16.10.0 by mo, DTAG, 2016-12-03 # +# v17.06 by mo, DTAG, 2017-03-18 # ######################################################## # Some global vars @@ -274,6 +274,7 @@ pip install alerta fuECHO "### Installing wetty." ln -s /usr/bin/nodejs /usr/bin/node npm install https://github.com/t3chn0m4g3/wetty -g +npm install elasticdump -g fuECHO "### Installing ctop." wget https://github.com/bcicen/ctop/releases/download/v0.4.1/ctop-0.4.1-linux-amd64 -O ctop mv ctop /usr/bin/ @@ -482,10 +483,10 @@ EOF # Let's create ews.ip before reboot and prevent race condition for first start source /etc/environment myLOCALIP=$(hostname -I | awk '{ print $1 }') -myEXTIP=$(curl -s myexternalip.com/raw) -sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)#" /etc/issue -sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP#" /etc/issue -sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297#" /etc/issue +myEXTIP=$(/usr/bin/myip.sh) +sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)^[[0m#" /etc/issue +sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP^[[0m#" /etc/issue +sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297^[[0m#" /etc/issue tee /data/ews/conf/ews.ip << EOF [MAIN] ip = $myEXTIP