Skip to content

Commit

Permalink
Sguil and Squert pivot should use cross cluster syntax
Browse files Browse the repository at this point in the history
  • Loading branch information
@dougburks
dougburks committed Jan 19, 2018
1 parent 6bd5cbc commit 68da274
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion usr/sbin/so-elastic-configure-apache
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ mysql --defaults-file=/etc/mysql/debian.cnf -Dsecurityonion_db -e 'delete from f
MYSQL="mysql --defaults-file=/etc/mysql/debian.cnf -Dsecurityonion_db -e"
ALIAS="Kibana"
HEXALIAS=$(xxd -pu -c 256 <<< "$ALIAS")
URL="/app/kibana#/dashboard/68563ed0-34bf-11e7-9b32-bb903919ead9?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:now-24h,mode:quick,to:now))&_a=(columns:!(_source),index:'logstash-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'\"\${var}\"')),sort:!('@timestamp',desc))"
URL="/app/kibana#/dashboard/68563ed0-34bf-11e7-9b32-bb903919ead9?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:now-24h,mode:quick,to:now))&_a=(columns:!(_source),index:'*:logstash-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'\"\${var}\"')),sort:!('@timestamp',desc))"
HEXURL=$(xxd -pu -c 356 <<< "$URL")
$MYSQL "REPLACE INTO filters (type,username,global,name,notes,alias,filter) VALUES ('url','','1','$HEXALIAS','','$ALIAS','$HEXURL');"
service apache2 restart
Expand Down
2 changes: 1 addition & 1 deletion usr/sbin/so-elastic-configure-disable-elsa
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@ echo "manual" > /etc/init/sphinxsearch.conf.override
sed -i 's|ELSA|Kibana|g' /usr/bin/sguil.tk
sed -i 's|elsa|kibana|g' /usr/bin/sguil.tk
sed -i 's|ELSA|Kibana|g' /usr/lib/sguil/extdata.tcl
sed -i "s|elsa-query/?query_string=\"\$ipAddr\"%20groupby:program|app/kibana#/dashboard/68563ed0-34bf-11e7-9b32-bb903919ead9?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:now-24h,mode:quick,to:now))\&_a=(columns:!(_source),index:'logstash-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'\"\$ipAddr\"')),sort:!('@timestamp',desc))|g" /usr/lib/sguil/extdata.tcl
sed -i "s|elsa-query/?query_string=\"\$ipAddr\"%20groupby:program|app/kibana#/dashboard/68563ed0-34bf-11e7-9b32-bb903919ead9?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:now-24h,mode:quick,to:now))\&_a=(columns:!(_source),index:'*:logstash-*',interval:auto,query:(query_string:(analyze_wildcard:!t,query:'\"\$ipAddr\"')),sort:!('@timestamp',desc))|g" /usr/lib/sguil/extdata.tcl
echo "Done!"

0 comments on commit 68da274

Please sign in to comment.