Skip to content

Commit

Permalink
Merge branch 'master' into bugfix/#18543_maxsize_is_not_pass
Browse files Browse the repository at this point in the history
  • Loading branch information
rgomezborder committed Nov 12, 2024
2 parents f422f31 + 8745096 commit 133bfe9
Show file tree
Hide file tree
Showing 7 changed files with 58 additions and 17 deletions.
28 changes: 28 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,34 @@
cookbook-rb-manager CHANGELOG
===============

## 4.4.6

- Miguel Álvarez
- [7930ce6] Make same check for logstatter and logstash to configure

## 4.4.5

- Daniel Castro
- [77547bd] create sudoers file before redborder-monitor install

## 4.4.4

- ptorresred
- [80dda4a] Redmine #19198: Change vault priority default filter

## 4.4.3

- Juan Soto
- [da722bb] Create and pass split_intrusion variables to logstash config (#216)

## 4.4.2

- jnavarrorb
- [72d2b00] Fix sensors info with all sensors (proxy childs too)
- [87628c7] Fix parent_id to real_parent_id
- [060f5d9] Fix open kafka port for all IPS
- [a9a3efe] check if redborder_parent_id is nil or sensor at redborder_parent_id is not a proxy

## 4.4.1

- JuanSheba
Expand Down
2 changes: 1 addition & 1 deletion resources/attributes/default.rb
Original file line number Diff line number Diff line change
Expand Up @@ -225,4 +225,4 @@

# Priority Filter
default['redborder']['intrusion_incidents_priority_filter'] = 'high'
default['redborder']['vault_incidents_priority_filter'] = 'high'
default['redborder']['vault_incidents_priority_filter'] = 'error'
7 changes: 5 additions & 2 deletions resources/libraries/get_sensors_all_info.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,13 @@ def get_sensors_all_info
sensor_types = %w(ips-sensor ipsv2-sensor ipscp-sensor ipsg-sensor vault-sensor flow-sensor arubacentral-sensor mse-sensor meraki-sensor cisco-cloudproxy proxy-sensor scanner-sensor mse-sensor meraki-sensor ale-sensor cep-sensor device-sensor)

sensor_types.each do |s_type|
sensors = search(:node, "role:#{s_type} AND -redborder_parent_id:*?").sort # get sensor where parent_id is nil
sensors = search(:node, "role:#{s_type}").sort # get all s_type's sensor

sensors_info[s_type] = []
sensors.each { |s| sensors_info[s_type] << s }

sensors.each do |sensor|
sensors_info[s_type] << sensor
end
end

sensors_info
Expand Down
5 changes: 3 additions & 2 deletions resources/libraries/get_sensors_info.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ def get_sensors_info
ips-sensor ipsv2-sensor ipscp-sensor ipsg-sensor)
locations = node['redborder']['locations']
sensor_types.each do |s_type|
# get sensor where parent_id is nil
sensors = search(:node, "role:#{s_type} AND -redborder_parent_id:*?").sort
# get all s_type's sensor
sensors = search(:node, "role:#{s_type}").sort
sensors_info[s_type] = {}
sensors.each do |s|
info = {}
Expand All @@ -27,6 +27,7 @@ def get_sensors_info

info['locations'][loc] = s['redborder'][loc]
end

sensors_info[s_type][s.name] = info
end
end
Expand Down
2 changes: 1 addition & 1 deletion resources/libraries/open_kafka_port.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ module RbManager
module Helpers
def get_ip_of_manager_ips
# IPS in manager mode has the role ips-sensor
sensors = search(:node, 'role:ips-sensor AND -redborder_parent_id:*?').sort
sensors = search(:node, 'role:ips-sensor').sort
sensors.map { |s| { ipaddress: s['ipaddress'] } }
end

Expand Down
2 changes: 1 addition & 1 deletion resources/metadata.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
maintainer_email '[email protected]'
license 'AGPL-3.0'
description 'Installs/Configures redborder manager'
version '4.4.1'
version '4.4.6'

depends 'rb-common'
depends 'chef-server'
Expand Down
29 changes: 19 additions & 10 deletions resources/recipes/configure.rb
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,15 @@
end
end

# Sudoers
template '/etc/sudoers.d/redborder-manager' do
source 'redborder-manager.erb'
owner 'root'
group 'root'
mode '0440'
retries 2
end

consul_config 'Configure Consul Server' do
cdomain node['redborder']['cdomain']
dns_local_ip node['consul']['dns_local_ip']
Expand Down Expand Up @@ -402,6 +411,14 @@
end
end

if manager_services['logstash']
begin
split_intrusion = data_bag_item('rBglobal', 'splitintrusion')['logstash']
rescue
split_intrusion = false
end
end

logstash_config 'Configure logstash' do
if manager_services['logstash'] && node.run_state['pipelines'] && !node.run_state['pipelines'].empty?
cdomain node['redborder']['cdomain']
Expand All @@ -415,6 +432,7 @@
vault_incidents_priority_filter node['redborder']['vault_incidents_priority_filter']
logstash_pipelines node.run_state['pipelines']
split_traffic_logstash split_traffic
split_intrusion_logstash split_intrusion
action [:add, :register]
else
action [:remove, :deregister]
Expand Down Expand Up @@ -483,7 +501,7 @@
end

rblogstatter_config 'Configure redborder-logstatter' do
if manager_services['rb-logstatter']
if manager_services['rb-logstatter'] && manager_services['logstash'] && node.run_state['pipelines'] && !node.run_state['pipelines'].empty?
action :add
else
action :remove
Expand Down Expand Up @@ -659,15 +677,6 @@
end
end

# Sudoers
template '/etc/sudoers.d/redborder-manager' do
source 'redborder-manager.erb'
owner 'root'
group 'root'
mode '0440'
retries 2
end

# Pending Changes..
# pending_changes==0 -> has changes to apply at next chef-client run
# pending_changes==1 -> chef-client has to run once
Expand Down

0 comments on commit 133bfe9

Please sign in to comment.