Merge branch 'development' into bugfix/#19144_missing_nginx_confd_files

CHANGELOG.md

@@ -1,6 +1,35 @@
 cookbook-rb-manager CHANGELOG
 ===============
 
+## 4.4.5
+
+  - Daniel Castro
+    - [77547bd] create sudoers file before redborder-monitor install
+
+## 4.4.4
+
+  - ptorresred
+    - [80dda4a] Redmine #19198: Change vault priority default filter
+
+## 4.4.3
+
+  - Juan Soto
+    - [da722bb] Create and pass split_intrusion variables to logstash config (#216)
+
+## 4.4.2
+
+  - jnavarrorb
+    - [72d2b00] Fix sensors info with all sensors (proxy childs too)
+    - [87628c7] Fix parent_id to real_parent_id
+    - [060f5d9] Fix open kafka port for all IPS
+    - [a9a3efe] check if redborder_parent_id is nil or sensor at redborder_parent_id is not a proxy
+
+## 4.4.1
+
+  - JuanSheba
+    - [8e22478] Add creation of the logrotate file with the template
+    - [77bbbfb] Create Template
+
 ## 4.4.0
 
   - Miguel Negrón

resources/attributes/default.rb

@@ -225,4 +225,4 @@
 
 # Priority Filter
 default['redborder']['intrusion_incidents_priority_filter'] = 'high'
-default['redborder']['vault_incidents_priority_filter'] = 'high'
+default['redborder']['vault_incidents_priority_filter'] = 'error'

resources/libraries/get_sensors_all_info.rb

@@ -5,10 +5,13 @@ def get_sensors_all_info
       sensor_types = %w(ips-sensor ipsv2-sensor ipscp-sensor ipsg-sensor vault-sensor flow-sensor arubacentral-sensor mse-sensor meraki-sensor cisco-cloudproxy proxy-sensor scanner-sensor mse-sensor meraki-sensor ale-sensor cep-sensor device-sensor)
 
       sensor_types.each do |s_type|
-        sensors = search(:node, "role:#{s_type} AND -redborder_parent_id:*?").sort  # get sensor where parent_id is nil
+        sensors = search(:node, "role:#{s_type}").sort  # get all s_type's sensor
 
         sensors_info[s_type] = []
-        sensors.each { |s| sensors_info[s_type] << s }
+
+        sensors.each do |sensor|
+          sensors_info[s_type] << sensor
+        end
       end
 
       sensors_info

resources/libraries/get_sensors_info.rb

@@ -7,8 +7,8 @@ def get_sensors_info
                         ips-sensor ipsv2-sensor ipscp-sensor ipsg-sensor)
       locations = node['redborder']['locations']
       sensor_types.each do |s_type|
-        # get sensor where parent_id is nil
-        sensors = search(:node, "role:#{s_type} AND -redborder_parent_id:*?").sort
+        # get all s_type's sensor
+        sensors = search(:node, "role:#{s_type}").sort
         sensors_info[s_type] = {}
         sensors.each do |s|
           info = {}
@@ -27,6 +27,7 @@ def get_sensors_info
 
             info['locations'][loc] = s['redborder'][loc]
           end
+
           sensors_info[s_type][s.name] = info
         end
       end

resources/libraries/open_kafka_port.rb

@@ -2,7 +2,7 @@ module RbManager
   module Helpers
     def get_ip_of_manager_ips
       # IPS in manager mode has the role ips-sensor
-      sensors = search(:node, 'role:ips-sensor AND -redborder_parent_id:*?').sort
+      sensors = search(:node, 'role:ips-sensor').sort
       sensors.map { |s| { ipaddress: s['ipaddress'] } }
     end
 

resources/metadata.rb

@@ -5,7 +5,7 @@
 maintainer_email '[email protected]'
 license          'AGPL-3.0'
 description      'Installs/Configures redborder manager'
-version          '4.4.0'
+version          '4.4.5'
 
 depends 'rb-common'
 depends 'chef-server'

resources/recipes/configure.rb

@@ -34,6 +34,15 @@
   end
 end
 
+# Sudoers
+template '/etc/sudoers.d/redborder-manager' do
+  source 'redborder-manager.erb'
+  owner 'root'
+  group 'root'
+  mode '0440'
+  retries 2
+end
+
 consul_config 'Configure Consul Server' do
   cdomain node['redborder']['cdomain']
   dns_local_ip node['consul']['dns_local_ip']
@@ -406,6 +415,14 @@
   end
 end
 
+if manager_services['logstash']
+  begin
+    split_intrusion = data_bag_item('rBglobal', 'splitintrusion')['logstash']
+  rescue
+    split_intrusion = false
+  end
+end
+
 logstash_config 'Configure logstash' do
   if manager_services['logstash'] && node.run_state['pipelines'] && !node.run_state['pipelines'].empty?
     cdomain node['redborder']['cdomain']
@@ -419,6 +436,7 @@
     vault_incidents_priority_filter node['redborder']['vault_incidents_priority_filter']
     logstash_pipelines node.run_state['pipelines']
     split_traffic_logstash split_traffic
+    split_intrusion_logstash split_intrusion
     action [:add, :register]
   else
     action [:remove, :deregister]
@@ -663,15 +681,6 @@
   end
 end
 
-# Sudoers
-template '/etc/sudoers.d/redborder-manager' do
-  source 'redborder-manager.erb'
-  owner 'root'
-  group 'root'
-  mode '0440'
-  retries 2
-end
-
 # Pending Changes..
 # pending_changes==0 -> has changes to apply at next chef-client run
 #  pending_changes==1 -> chef-client has to run once

resources/recipes/prepare_system.rb

@@ -50,6 +50,14 @@
             options: node['chef-client']['options'])
 end
 
+template '/etc/logrotate.d/logstash' do
+  source 'logstash_log-rotate.erb'
+  owner 'root'
+  group 'root'
+  mode 0644
+  retries 2
+end
+
 service 'chef-client' do
   if node['redborder']['services']['chef-client'] && node.run_state['cluster_installed']
     action [:enable, :start]

resources/templates/default/logstash_log-rotate.erb

@@ -0,0 +1,16 @@
+###############################################################################
+# Generated by Chef for <%= node[:hostname] %>
+###############################################################################
+
+/var/log/logstash/*.log {
+    size=20M
+    missingok
+    rotate 5
+    compress
+    delaycompress
+    notifempty
+    copytruncate
+    postrotate
+        rm -f /var/log/logstash/*.gz > /dev/null
+    endscript
+}