def __init__(self,
configuration_directory,
install_directory,
log_directory,
host='0.0.0.0',
port=9200,
password='******',
heap_size_gigs=4,
download_elasticsearch_archive=True,
stdout=False,
verbose=False):
"""
:param configuration_directory: Path to the configuration directory (E.G /etc/dynamite/elasticsearch/)
:param install_directory: Path to the install directory (E.G /opt/dynamite/elasticsearch/)
:param log_directory: Path to the log directory (E.G /var/log/dynamite/elasticsearch/)
:param host: The IP address to listen on (E.G "0.0.0.0")
:param port: The port that the ES API is bound to (E.G 9200)
:param password: The password used for authentication across all builtin users
:param heap_size_gigs: The initial/max java heap space to allocate
:param download_elasticsearch_archive: If True, download the ElasticSearch archive from a mirror
:param stdout: Print output to console
:param verbose: Include detailed debug messages
"""
self.host = host
self.port = port
self.password = password
self.configuration_directory = configuration_directory
self.install_directory = install_directory
self.log_directory = log_directory
self.heap_size_gigs = heap_size_gigs
self.stdout = stdout
self.verbose = verbose
utilities.create_dynamite_environment_file()
if download_elasticsearch_archive:
try:
self.download_from_mirror(const.ELASTICSEARCH_MIRRORS,
const.ELASTICSEARCH_ARCHIVE_NAME,
stdout=stdout,
verbose=verbose)
except (general_exceptions.ArchiveExtractionError,
general_exceptions.DownloadError):
self.logger.error("Failed to download ElasticSearch archive.")
raise elastic_exceptions.InstallElasticsearchError(
"Failed to download ElasticSearch archive.")
try:
self.extract_archive(
os.path.join(const.INSTALL_CACHE,
const.ELASTICSEARCH_ARCHIVE_NAME))
except general_exceptions.ArchiveExtractionError:
self.logger.error("Failed to extract ElasticSearch archive.")
raise elastic_exceptions.InstallElasticsearchError(
"Failed to extract ElasticSearch archive.")
install.BaseInstallManager.__init__(self,
'elasticsearch',
verbose=self.verbose,
stdout=stdout)
def __init__(self, configuration_directory, install_directory, capture_network_interfaces,
download_zeek_archive=True, stdout=True, verbose=False):
"""
Install Zeek
:param configuration_directory: Path to the configuration directory (E.G /etc/dynamite/zeek)
:param install_directory: Path to the install directory (E.G /opt/dynamite/zeek/)
:param capture_network_interfaces: A list of network interfaces to capture on (E.G ["mon0", "mon1"])
:param download_zeek_archive: If True, download the Zeek archive from a mirror
:param stdout: Print the output to console
:param verbose: Include detailed debug messages
"""
log_level = logging.INFO
if verbose:
log_level = logging.DEBUG
self.logger = get_logger('ZEEK', level=log_level, stdout=stdout)
self.configuration_directory = configuration_directory
self.install_directory = install_directory
self.capture_network_interfaces = capture_network_interfaces
self.stdout = stdout
self.verbose = verbose
install.BaseInstallManager.__init__(self, 'zeek', verbose=self.verbose, stdout=stdout)
utilities.create_dynamite_environment_file()
if download_zeek_archive:
try:
self.logger.info("Attempting to download Zeek archive.")
self.download_from_mirror(const.ZEEK_MIRRORS, const.ZEEK_ARCHIVE_NAME, stdout=stdout, verbose=verbose)
except general_exceptions.DownloadError as e:
self.logger.error("Failed to download Zeek archive.")
self.logger.debug("Failed to download Zeek archive, threw: {}.".format(e))
raise zeek_exceptions.InstallZeekError("Failed to download Zeek archive.")
try:
self.logger.info("Attempting to extract Zeek archive ({}).".format(const.ZEEK_ARCHIVE_NAME))
self.extract_archive(os.path.join(const.INSTALL_CACHE, const.ZEEK_ARCHIVE_NAME))
self.logger.info("Extraction completed.")
except general_exceptions.ArchiveExtractionError as e:
self.logger.error("Failed to extract Zeek archive.")
self.logger.debug("Failed to extract Zeek archive, threw: {}.".format(e))
raise zeek_exceptions.InstallZeekError("Failed to extract Zeek archive.")
try:
self.install_dependencies(stdout=stdout, verbose=verbose)
except (general_exceptions.InvalidOsPackageManagerDetectedError,
general_exceptions.OsPackageManagerRefreshError):
raise zeek_exceptions.InstallZeekError("One or more OS dependencies failed to install.")
if not self.validate_capture_network_interfaces(self.capture_network_interfaces):
self.logger.error(
"One or more defined network interfaces is invalid: {}".format(capture_network_interfaces))
raise zeek_exceptions.InstallZeekError(
"One or more defined network interfaces is invalid: {}".format(capture_network_interfaces))
def __init__(self, install_directory, configuration_directory, log_directory, host='0.0.0.0', port=5601,
elasticsearch_host=None, elasticsearch_port=None, elasticsearch_password='******',
download_kibana_archive=True, stdout=True, verbose=False):
"""
:param install_directory: Path to the install directory (E.G /opt/dynamite/kibana/)
:param configuration_directory: Path to the configuration directory (E.G /etc/dynamite/kibana/)
:param log_directory: Path to the log directory (E.G /var/log/dynamite/kibana/)
:param host: The IP address to listen on (E.G "0.0.0.0")
:param port: The port that the Kibana UI/API is bound to (E.G 5601)
:param elasticsearch_host: A hostname/IP of the target elasticsearch instance
:param elasticsearch_port: A port number for the target elasticsearch instance
:param elasticsearch_password: The password used for authentication across all builtin ES users
:param download_kibana_archive: If True, download the Kibana archive from a mirror
:param stdout: Print the output to console
:param verbose: Include detailed debug messages
"""
self.host = host
self.port = port
self.elasticsearch_host = elasticsearch_host
self.elasticsearch_port = elasticsearch_port
self.elasticsearch_password = elasticsearch_password
if not elasticsearch_host:
if elastic_profile.ProcessProfiler().is_installed():
self.elasticsearch_host = 'localhost'
else:
raise kibana_exceptions.InstallKibanaError(
"ElasticSearch must either be installed locally, or a remote host must be specified.")
self.install_directory = install_directory
self.configuration_directory = configuration_directory
self.log_directory = log_directory
self.stdout = stdout
self.verbose = verbose
utilities.create_dynamite_environment_file()
if download_kibana_archive:
try:
self.download_from_mirror(const.KIBANA_MIRRORS, const.KIBANA_ARCHIVE_NAME, stdout=stdout,
verbose=verbose)
except (general_exceptions.ArchiveExtractionError, general_exceptions.DownloadError):
self.logger.error("Failed to download Kibana archive.")
raise kibana_exceptions.InstallKibanaError("Failed to download Kibana archive.")
try:
self.extract_archive(os.path.join(const.INSTALL_CACHE, const.KIBANA_ARCHIVE_NAME))
except general_exceptions.ArchiveExtractionError:
self.logger.error("Failed to extract Kibana archive.")
raise kibana_exceptions.InstallKibanaError("Failed to extract Kibana archive.")
install.BaseInstallManager.__init__(self, 'kibana', verbose=self.verbose, stdout=self.stdout)
def __init__(self,
configuration_directory,
install_directory,
log_directory,
host='0.0.0.0',
elasticsearch_host='localhost',
elasticsearch_port=9200,
elasticsearch_password='******',
heap_size_gigs=4,
download_logstash_archive=True,
stdout=True,
verbose=False):
"""
:param configuration_directory: Path to the configuration directory (E.G /etc/dynamite/logstash/)
:param install_directory: Path to the install directory (E.G /opt/dynamite/logstash/)
:param log_directory: Path to the log directory (E.G /var/log/dynamite/logstash/)
:param host: The IP address to listen on (E.G "0.0.0.0")
:param elasticsearch_host: A hostname/IP of the target elasticsearch instance
:param elasticsearch_port: A port number for the target elasticsearch instance
:param elasticsearch_password: The password used for authentication across all builtin ES users
:param heap_size_gigs: The initial/max java heap space to allocate
:param download_logstash_archive: If True, download the LogStash archive from a mirror
:param stdout: Print output to console
:param verbose: Include output from system utilities
"""
self.host = host
if not elasticsearch_host:
if elastic_profile.ProcessProfiler().is_installed():
self.elasticsearch_host = 'localhost'
self.logger.info(
"Assuming LogStash will connect to local ElasticSearch instance, "
"as ElasticSearch is installed on this host.")
else:
self.logger.error(
"ElasticSearch must either be installed locally, or a remote host must be specified."
)
raise logstash_exceptions.InstallLogstashError(
"ElasticSearch must either be installed locally, or a remote host must be specified."
)
else:
self.elasticsearch_host = elasticsearch_host
self.elasticsearch_port = elasticsearch_port
self.configuration_directory = configuration_directory
self.install_directory = install_directory
self.elasticsearch_password = elasticsearch_password
self.heap_size_gigs = heap_size_gigs
self.log_directory = log_directory
self.stdout = stdout
self.verbose = verbose
utilities.create_dynamite_environment_file()
if download_logstash_archive:
try:
self.download_from_mirror(const.LOGSTASH_MIRRORS,
const.LOGSTASH_ARCHIVE_NAME,
stdout=stdout,
verbose=verbose)
except (general_exceptions.ArchiveExtractionError,
general_exceptions.DownloadError):
self.logger.error("Failed to download LogStash archive.")
raise logstash_exceptions.InstallLogstashError(
"Failed to download LogStash archive.")
try:
self.extract_archive(
os.path.join(const.INSTALL_CACHE, const.LOGSTASH_ARCHIVE_NAME))
except general_exceptions.ArchiveExtractionError:
self.logger.error("Failed to extract LogStash archive.")
raise logstash_exceptions.InstallLogstashError(
"Failed to extract LogStash archive.")
install.BaseInstallManager.__init__(self,
'logstash',
verbose=self.verbose,
stdout=stdout)
sys.stderr.write('[-] This script must be run as root.\n')
sys.exit(1)
parser = _get_parser()
args = parser.parse_args()
if len(sys.argv) < 2:
parser.print_help()
sys.exit(1)
if is_first_install():
config_update_successful = updater.update_default_configurations()
mirror_update_successful = updater.update_mirrors()
if config_update_successful and mirror_update_successful:
mark_first_install()
else:
sys.exit(1)
utilities.create_dynamite_root_directory()
utilities.create_dynamite_environment_file()
if args.command == 'point':
if args.component == 'agent':
agent.point_agent(args.ls_host, args.ls_port)
else:
sys.stderr.write('[-] Unrecognized component - {}\n'.format(
args.component))
sys.exit(1)
elif args.command == 'chpasswd':
if args.component == 'elasticsearch':
if elasticsearch.change_elasticsearch_password(
old_password=getpass.getpass(
'Enter the old ElasticSearch password: '******'Enter the new ElasticSearch password: '),
stdout=True):