infosecn1nja
/
HELK
mirror of https://github.com/infosecn1nja/HELK.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup

updates_os_and_scripts
neu5ron 2020-01-23 17:27:32 -05:00
parent b143b0eb52
commit c16bc4c2bf
1 changed files with 11 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
docker/helk-kibana/scripts/kibana-entrypoint.sh
View File

@ -15,17 +15,17 @@ HELK_ERROR_TAG="HELK-KIBANA-DOCKER-$TAG_NAME-ERROR:"
# *********** Install Plugins ********************* # *********** Install Plugins *********************
# *********** Environment Variables *************** # *********** Environment Variables ***************
if [[ -z "$ELASTICSEARCH_HOSTS" ]]; then if [ -z "$ELASTICSEARCH_HOSTS" ]; then
export ELASTICSEARCH_HOSTS=http://helk-elasticsearch:9200 export ELASTICSEARCH_HOSTS=http://helk-elasticsearch:9200
fi fi
echo "$HELK_INFO_TAG Setting Elasticsearch URL to $ELASTICSEARCH_HOSTS" echo "$HELK_INFO_TAG Setting Elasticsearch URL to $ELASTICSEARCH_HOSTS"
if [[ -z "$SERVER_HOST" ]]; then if [ -z "$SERVER_HOST" ]; then
export SERVER_HOST=helk-kibana export SERVER_HOST=helk-kibana
fi fi
echo "$HELK_INFO_TAG Setting Kibana server to $SERVER_HOST" echo "$HELK_INFO_TAG Setting Kibana server to $SERVER_HOST"
if [[ -z "$SERVER_PORT" ]]; then if [ -z "$SERVER_PORT" ]; then
export SERVER_PORT=5601 export SERVER_PORT=5601
fi fi
echo "$HELK_INFO_TAG Setting Kibana server port to $SERVER_PORT" echo "$HELK_INFO_TAG Setting Kibana server port to $SERVER_PORT"
@ -33,34 +33,18 @@ echo "$HELK_INFO_TAG Setting Kibana server port to $SERVER_PORT"
KIBANA_HOST=http://$SERVER_HOST:$SERVER_PORT KIBANA_HOST=http://$SERVER_HOST:$SERVER_PORT
echo "$HELK_INFO_TAG Setting Kibana URL to $KIBANA_HOST" echo "$HELK_INFO_TAG Setting Kibana URL to $KIBANA_HOST"
if [[ -n "$ELASTICSEARCH_PASSWORD" ]]; then if [ -n "$ELASTICSEARCH_PASSWORD" ]; then
if [[ -z "$ELASTICSEARCH_USERNAME" ]]; then if [ -z "$ELASTICSEARCH_USERNAME" ]; then
export ELASTICSEARCH_USERNAME=elastic export ELASTICSEARCH_USERNAME=elastic
echo "$HELK_INFO_TAG Setting Elasticsearch username to access Elasticsearch to HELK's default"
else
echo "$HELK_INFO_TAG Setting Elasticsearch username to access Elasticsearch to your predfined username"
fi fi
if [ -z "$KIBANA_USER" ]; then
if [[ -z "$KIBANA_USER" ]]; then
export KIBANA_USER=kibana export KIBANA_USER=kibana
echo "$HELK_INFO_TAG Setting Kibana username to access Elasticsearch to HELK's default"
else
echo "$HELK_INFO_TAG Setting Kibana username to access Elasticsearch to your predfined username"
fi fi
if [ -z "$KIBANA_PASSWORD" ]; then
if [[ -z "$KIBANA_PASSWORD" ]]; then
export KIBANA_PASSWORD=kibanapassword export KIBANA_PASSWORD=kibanapassword
echo "$HELK_INFO_TAG Setting Kibana password to access Elasticsearch to HELK's default"
echo "$HELK_INFO_TAG Setting Kibana password to HELK's default"
else
echo "$HELK_INFO_TAG Setting Kibana password to access Elasticsearch to your predfined password"
fi fi
if [ -z "$KIBANA_UI_PASSWORD" ]; then
if [[ -z "$KIBANA_UI_PASSWORD" ]]; then
export KIBANA_UI_PASSWORD=hunting export KIBANA_UI_PASSWORD=hunting
echo "$HELK_INFO_TAG Setting Kibana UI password to HELK's default"
else
echo "$HELK_INFO_TAG Setting Kibana UI password to your predfined password"
fi fi
export ELASTICSEARCH_CREDS="${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}" export ELASTICSEARCH_CREDS="${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}"
@ -74,8 +58,8 @@ export KIBANA_ACCESS
export KIBANA_HOST export KIBANA_HOST
# *********** Check if Elasticsearch is up *************** # *********** Check if Elasticsearch is up ***************
until [[ "$(curl -s -o /dev/null -w "%{http_code}" -u "${ELASTICSEARCH_CREDS}" "${ELASTICSEARCH_HOSTS}")" == "200" ]]; do until [ "$(curl -s -o /dev/null -w "%{http_code}" -u "${ELASTICSEARCH_CREDS}" "${ELASTICSEARCH_HOSTS}")" = "200" ]; do
echo "$HELK_INFO_TAG Waiting for elasticsearch URI to be accessible.." echo "$HELK_INFO_TAG Waiting for very basic elasticsearch check.."
sleep 5 sleep 5
done done
sleep 5 sleep 5
@ -90,7 +74,7 @@ echo "$HELK_INFO_TAG Elasticsearch cluster is up.."
# *********** Set Elastic License Variables *************** # *********** Set Elastic License Variables ***************
if [[ -n "$ELASTICSEARCH_PASSWORD" ]]; then if [ -n "$ELASTICSEARCH_PASSWORD" ]; then
# *********** Change Kibana and Logstash password *************** # *********** Change Kibana and Logstash password ***************
echo "$HELK_INFO_TAG Submitting a request to change the password of a Kibana and Logstash users .." echo "$HELK_INFO_TAG Submitting a request to change the password of a Kibana and Logstash users .."
until curl -X POST -u "${ELASTICSEARCH_CREDS}" "${ELASTICSEARCH_HOSTS}"/_security/user/kibana/_password -H 'Content-Type:application/json' -d "{\"password\": \"${KIBANA_PASSWORD}\"}" until curl -X POST -u "${ELASTICSEARCH_CREDS}" "${ELASTICSEARCH_HOSTS}"/_security/user/kibana/_password -H 'Content-Type:application/json' -d "{\"password\": \"${KIBANA_PASSWORD}\"}"