Merge 36b2e47d0d into 6faf600d40

Fix logstash logging issue, introduced with Sentrypeer 4.0.4
Similar to #1807
2025-10-30 03:52:54 +00:00 · 2025-07-03 10:39:24 -04:00 · 2025-07-03 10:48:18 +02:00 · 2025-07-02 13:28:04 -04:00 · 2025-07-02 13:20:49 -04:00 · 2025-07-02 13:09:12 -04:00
4 changed files with 44 additions and 8 deletions
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@ -698,12 +698,15 @@ filter {
      remove_field => ["event_timestamp"]
    }
    mutate {
-      rename => {
-        "source_ip" => "src_ip"
-        "destination_ip" => "dest_ip"
-      }
+      split => ["source_ip", ":"]
+      rename => { "destination_ip" => "dest_ip" }
      add_field => { "dest_port" => "5060" }
    }
+    mutate {
+      add_field => { "src_ip" => "%{[source_ip][0]}" }
+      add_field => { "src_port" => "%{[source_ip][1]}" }
+      remove_field => ["source_ip"]
+    }
  }

 # Tanner
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@ -698,12 +698,15 @@ filter {
      remove_field => ["event_timestamp"]
    }
    mutate {
-      rename => {
-        "source_ip" => "src_ip"
-        "destination_ip" => "dest_ip"
-      }
+      split => ["source_ip", ":"]
+      rename => { "destination_ip" => "dest_ip" }
      add_field => { "dest_port" => "5060" }
    }
+    mutate {
+      add_field => { "src_ip" => "%{[source_ip][0]}" }
+      add_field => { "src_port" => "%{[source_ip][1]}" }
+      remove_field => ["source_ip"]
+    }
  }

 # Tanner
--- a/installer/install/tpot.yml
+++ b/installer/install/tpot.yml
@ -478,6 +478,21 @@
      tags:
        - "Ubuntu"

+    - name: Comment out Port(s) in sshd_config, can cause port conflicts on deploy (AlmaLinux, Debian, Fedora, openSUSE Tumbleweed, Raspbian, Rocky, Ubuntu)
+      ansible.builtin.replace:
+        path: /etc/ssh/sshd_config
+        regexp: "^(Port [0-9]+)"
+        replace: '# \1'
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      tags:
+        - "AlmaLinux"
+        - "Debian"
+        - "Fedora"
+        - "openSUSE Tumbleweed"
+        - "Raspbian"
+        - "Rocky"
+        - "Ubuntu"
+
    - name: Change SSH Port to 64295 (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
      lineinfile:
        path: /etc/ssh/sshd_config
--- a/installer/remove/tpot.yml
+++ b/installer/remove/tpot.yml
@ -215,6 +215,21 @@
        - "Rocky"
        - "Ubuntu"

+    - name: Revert Comment out Port(s) in sshd_config, can cause port conflicts on deploy (AlmaLinux, Debian, Fedora, openSUSE Tumbleweed, Raspbian, Rocky, Ubuntu)
+      ansible.builtin.replace:
+        path: /etc/ssh/sshd_config
+        regexp: "^# (Port [0-9]+)"
+        replace: '\1'
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      tags:
+        - "AlmaLinux"
+        - "Debian"
+        - "Fedora"
+        - "openSUSE Tumbleweed"
+        - "Raspbian"
+        - "Rocky"
+        - "Ubuntu"
+
    - name: Remove vm.max_map_count setting (All)
      lineinfile:
        path: /etc/sysctl.conf
Author	SHA1	Message	Date
dz	d2fe64be19	Merge `36b2e47d0d` into `6faf600d40`	2025-07-03 10:39:24 -04:00
t3chn0m4g3	6faf600d40	Fix logstash logging issue, introduced with Sentrypeer 4.0.4 Similar to #1807	2025-07-03 10:48:18 +02:00
Daniel Ortiz	36b2e47d0d	Comment out Port(s) in sshd_config, can cause port conflicts on deploy	2025-07-02 13:28:04 -04:00
Daniel Ortiz	322b025371	Comment out Port(s) in sshd_config, can cause port conflicts on deploy	2025-07-02 13:20:49 -04:00
Daniel Ortiz	afecbdb6a1	Comment out Port(s) in sshd_config, can cause port conflicts on deploy	2025-07-02 13:09:12 -04:00
Daniel Ortiz	0175f6c8c6	Comment out Port(s) in sshd_config, can cause port conflicts on deploy	2025-07-02 12:05:41 -04:00