Skip to content

Commit

Permalink
Merge pull request #118 from wazuh/3.8.2_6.5.4-env-data-flow
Browse files Browse the repository at this point in the history
Adding env variables for alerts data flow
  • Loading branch information
manuasir authored Feb 8, 2019
2 parents 22eeee3 + 15f35ca commit 6494892
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 27 deletions.
9 changes: 8 additions & 1 deletion elasticsearch/config/load_settings.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ else
el_url="${ELASTICSEARCH_URL}"
fi

if [ "x${WAZUH_API_URL}" = "x" ]; then
wazuh_url="https://wazuh"
else
wazuh_url="${WAZUH_API_URL}"
fi


until curl -XGET $el_url; do
>&2 echo "Elastic is unavailable - sleeping"
sleep 5
Expand All @@ -35,7 +42,7 @@ if [ "x$CONFIG_CODE" = "x404" ]; then
{
"api_user": "'"$API_USER_Q"'",
"api_password": "'"$API_PASSWORD"'",
"url": "https://wazuh",
"url": "'"$wazuh_url"'",
"api_port": "55000",
"insecure": "true",
"component": "API",
Expand Down
21 changes: 17 additions & 4 deletions kibana/config/kibana_settings.sh
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,20 @@ WAZUH_MAJOR=3
# Do not ask user to help providing usage statistics to Elastic.
##############################################################################

while [[ "$(curl -XGET -I -s -o /dev/null -w ''%{http_code}'' kibana:5601/status)" != "200" ]]; do
##############################################################################
# Customize elasticsearch ip
##############################################################################
if [ "$ELASTICSEARCH_KIBANA_IP" != "" ]; then
sed -i "s/elasticsearch:9200/$ELASTICSEARCH_KIBANA_IP:9200/" /usr/share/kibana/config/kibana.yml
fi

if [ "$KIBANA_IP" != "" ]; then
kibana_ip="$KIBANA_IP"
else
kibana_ip="kibana"
fi

while [[ "$(curl -XGET -I -s -o /dev/null -w ''%{http_code}'' $kibana_ip:5601/status)" != "200" ]]; do
echo "Waiting for Kibana API. Sleeping 5 seconds"
sleep 5
done
Expand All @@ -35,16 +48,16 @@ EOF

sleep 5
# Add the wazuh alerts index as default.
curl -POST "http://kibana:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d@${default_index}
curl -POST "http://$kibana_ip:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d@${default_index}
rm -f ${default_index}

sleep 5
# Configuring Kibana TimePicker.
curl -POST "http://kibana:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d \
curl -POST "http://$kibana_ip:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d \
'{"changes":{"timepicker:timeDefaults":"{\n \"from\": \"now-24h\",\n \"to\": \"now\",\n \"mode\": \"quick\"}"}}'

sleep 5
# Do not ask user to help providing usage statistics to Elastic
curl -POST "http://kibana:5601/api/telemetry/v1/optIn" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d '{"enabled":false}'
curl -POST "http://$kibana_ip:5601/api/telemetry/v1/optIn" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d '{"enabled":false}'

echo "End settings"
6 changes: 6 additions & 0 deletions logstash/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,9 @@ FROM docker.elastic.co/logstash/logstash:6.5.4
RUN rm -f /usr/share/logstash/pipeline/logstash.conf

COPY config/01-wazuh.conf /usr/share/logstash/pipeline/01-wazuh.conf

USER root
COPY config/run.sh /run.sh
RUN chmod +x /run.sh

ENTRYPOINT ["/run.sh"]
29 changes: 7 additions & 22 deletions logstash/config/run.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,27 +5,12 @@
# variables expected by this script.
#

#

#
# Apply Templates
#

set -e
host="elasticsearch"
until curl -XGET $host:9200; do
>&2 echo "Elastic is unavailable - sleeping"
sleep 1
done

# Add logstash as command if needed
if [ "${1:0:1}" = '-' ]; then
set -- logstash "$@"
fi

# Run as user "logstash" if the command is "logstash"
if [ "$1" = 'logstash' ]; then
set -- gosu logstash "$@"
##############################################################################
# Customize logstash output ip
##############################################################################
if [ "$LOGSTASH_OUTPUT" != "" ]; then
sed -i "s/elasticsearch:9200/$LOGSTASH_OUTPUT:9200/" /usr/share/logstash/pipeline/01-wazuh.conf
sed -i "s/elasticsearch:9200/$LOGSTASH_OUTPUT:9200/" /usr/share/logstash/config/logstash.yml
fi

exec "$@"
/usr/local/bin/docker-entrypoint
8 changes: 8 additions & 0 deletions wazuh/config/entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,14 @@ eval $change_user

popd


##############################################################################
# Customize filebeat output ip
##############################################################################
if [ "$FILEBEAT_OUTPUT" != "" ]; then
sed -i "s/logstash:5000/$FILEBEAT_OUTPUT:5000/" /etc/filebeat/filebeat.yml
fi

##############################################################################
# Start Wazuh Server.
##############################################################################
Expand Down

0 comments on commit 6494892

Please sign in to comment.