mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-11-03 05:52:52 +00:00
234fb16394
where possible kibana visualizations are converted to lens objects (more than 100 objects) all dashboards have been updated fixes #1392 for leaving SentryPeer log tag out add wordpot dashboard after discussion (#1486) and testing iptables-legacy is no longer required include all kibana objects for installation cleaning up some service scripts
27 lines
638 B
Bash
Executable file
27 lines
638 B
Bash
Executable file
#!/bin/bash
|
|
# Make sure ES is available
|
|
myES="http://127.0.0.1:64298/"
|
|
myESSTATUS=$(curl -s -XGET ''$myES'_cluster/health' | jq '.' | grep -c green)
|
|
if ! [ "$myESSTATUS" = "1" ]
|
|
then
|
|
echo "### Elasticsearch is not available."
|
|
exit 1
|
|
else
|
|
echo "### Elasticsearch is available, now continuing."
|
|
echo
|
|
fi
|
|
|
|
function fuMYTOPIPS {
|
|
curl -s -XGET $myES"_search" -H 'Content-Type: application/json' -d'
|
|
{
|
|
"aggs": {
|
|
"ips": {
|
|
"terms": { "field": "src_ip.keyword", "size": 100 }
|
|
}
|
|
},
|
|
"size" : 0
|
|
}'
|
|
}
|
|
|
|
echo "### Aggregating top 100 source IPs in ES"
|
|
fuMYTOPIPS | jq '.aggregations.ips.buckets[].key' | tr -d '"'
|