Update

2023-07-04 19:02:36 +02:00
parent 9e4376823e
commit e5078deb40
47 changed files with 4060 additions and 4 deletions
--- a/Centos7-ELK/scripts/elk.sh
+++ b/Centos7-ELK/scripts/elk.sh
@ -0,0 +1,202 @@
+#!/bin/bash
+
+echo '.'
+echo ' /$$$$$$ /$$   /$$  /$$$$$$  /$$$$$$$$ /$$$$$$  /$$       /$$        /$$$$$$  /$$$$$$$$ /$$$$$$  /$$$$$$  /$$   /$$'
+echo '|_  $$_/| $$$ | $$ /$$__  $$|__  $$__//$$__  $$| $$      | $$       /$$__  $$|__  $$__/|_  $$_/ /$$__  $$| $$$ | $$'
+echo '  | $$  | $$$$| $$| $$  \__/   | $$  | $$  \ $$| $$      | $$      | $$  \ $$   | $$     | $$  | $$  \ $$| $$$$| $$'
+echo '  | $$  | $$ $$ $$|  $$$$$$    | $$  | $$$$$$$$| $$      | $$      | $$$$$$$$   | $$     | $$  | $$  | $$| $$ $$ $$'
+echo '  | $$  | $$  $$$$ \____  $$   | $$  | $$__  $$| $$      | $$      | $$__  $$   | $$     | $$  | $$  | $$| $$  $$$$'
+echo '  | $$  | $$\  $$$ /$$  \ $$   | $$  | $$  | $$| $$      | $$      | $$  | $$   | $$     | $$  | $$  | $$| $$\  $$$'
+echo ' /$$$$$$| $$ \  $$|  $$$$$$/   | $$  | $$  | $$| $$$$$$$$| $$$$$$$$| $$  | $$   | $$    /$$$$$$|  $$$$$$/| $$ \  $$'
+echo '|______/|__/  \__/ \______/    |__/  |__/  |__/|________/|________/|__/  |__/   |__/   |______/ \______/ |__/  \__/'
+echo '.'
+
+echo '.'
+echo ' /$$$$$$$$ /$$        /$$$$$$   /$$$$$$  /$$$$$$$$ /$$$$$$  /$$$$$$   /$$$$$$  /$$$$$$$$  /$$$$$$  /$$$$$$$   /$$$$$$  /$$   /$$'
+echo '| $$_____/| $$       /$$__  $$ /$$__  $$|__  $$__/|_  $$_/ /$$__  $$ /$$__  $$| $$_____/ /$$__  $$| $$__  $$ /$$__  $$| $$  | $$          /$$'
+echo '| $$      | $$      | $$  \ $$| $$  \__/   | $$     | $$  | $$  \__/| $$  \__/| $$      | $$  \ $$| $$  \ $$| $$  \__/| $$  | $$         | $$'
+echo '| $$$$$   | $$      | $$$$$$$$|  $$$$$$    | $$     | $$  | $$      |  $$$$$$ | $$$$$   | $$$$$$$$| $$$$$$$/| $$      | $$$$$$$$       /$$$$$$$$'
+echo '| $$__/   | $$      | $$__  $$ \____  $$   | $$     | $$  | $$       \____  $$| $$__/   | $$__  $$| $$__  $$| $$      | $$__  $$      |__  $$__/'
+echo '| $$      | $$      | $$  | $$ /$$  \ $$   | $$     | $$  | $$    $$ /$$  \ $$| $$      | $$  | $$| $$  \ $$| $$    $$| $$  | $$         | $$'
+echo '| $$$$$$$$| $$$$$$$$| $$  | $$|  $$$$$$/   | $$    /$$$$$$|  $$$$$$/|  $$$$$$/| $$$$$$$$| $$  | $$| $$  | $$|  $$$$$$/| $$  | $$         |__/'
+echo '|________/|________/|__/  |__/ \______/    |__/   |______/ \______/  \______/ |________/|__/  |__/|__/  |__/ \______/ |__/  |__/'
+echo ' '
+echo '/$$   /$$ /$$$$$$ /$$$$$$$   /$$$$$$  /$$   /$$  /$$$$$$'
+echo '| $$  /$$/|_  $$_/| $$__  $$ /$$__  $$| $$$ | $$ /$$__  $$          /$$'
+echo '| $$ /$$/   | $$  | $$  \ $$| $$  \ $$| $$$$| $$| $$  \ $$         | $$'
+echo '| $$$$$/    | $$  | $$$$$$$ | $$$$$$$$| $$ $$ $$| $$$$$$$$       /$$$$$$$$'
+echo '| $$  $$    | $$  | $$__  $$| $$__  $$| $$  $$$$| $$__  $$      |__  $$__/'
+echo '| $$\  $$   | $$  | $$  \ $$| $$  | $$| $$\  $$$| $$  | $$         | $$'
+echo '| $$ \  $$ /$$$$$$| $$$$$$$/| $$  | $$| $$ \  $$| $$  | $$         |__/'
+echo '|__/  \__/|______/|_______/ |__/  |__/|__/  \__/|__/  |__/'
+echo ' '
+echo ' /$$        /$$$$$$   /$$$$$$   /$$$$$$  /$$$$$$$$ /$$$$$$   /$$$$$$  /$$   /$$'
+echo '| $$       /$$__  $$ /$$__  $$ /$$__  $$|__  $$__//$$__  $$ /$$__  $$| $$  | $$'
+echo '| $$      | $$  \ $$| $$  \__/| $$  \__/   | $$  | $$  \ $$| $$  \__/| $$  | $$'
+echo '| $$      | $$  | $$| $$ /$$$$|  $$$$$$    | $$  | $$$$$$$$|  $$$$$$ | $$$$$$$$'
+echo '| $$      | $$  | $$| $$|_  $$ \____  $$   | $$  | $$__  $$ \____  $$| $$__  $$'
+echo '| $$      | $$  | $$| $$  \ $$ /$$  \ $$   | $$  | $$  | $$ /$$  \ $$| $$  | $$'
+echo '| $$$$$$$$|  $$$$$$/|  $$$$$$/|  $$$$$$/   | $$  | $$  | $$|  $$$$$$/| $$  | $$'
+echo '|________/ \______/  \______/  \______/    |__/  |__/  |__/ \______/ |__/  |__/'
+echo '.'
+
+echo '.'     
+echo '**********************'
+echo '* INSTALLATION: Debut paramétrage'
+echo '**********************'
+echo '.'
+echo ' - Installation'
+
+java -version
+
+sudo mv /Vagrantfiles/GeoIP.conf /etc/GeoIP.conf
+
+geoipupdate
+
+sudo mv /Vagrantfiles/geoipupdate /etc/cron.weekly/geoipupdate
+
+echo '.'     
+echo '**********************'
+echo '* INSTALLATION: Fin paramétrage'
+echo '**********************'
+echo '.'
+
+echo '.'     
+echo '**********************'
+echo '* INSTALLATION: Debut elasticsearch'
+echo '**********************'
+echo '.'
+
+sudo mv /Vagrantfiles/elasticsearch.repo /etc/yum.repos.d/elasticsearch.repo
+
+rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
+
+yum clean all && yum makecache
+
+yum install elasticsearch -y
+
+rpm -qi elasticsearch
+
+systemctl daemon-reload && systemctl enable elasticsearch && systemctl start elasticsearch
+
+netstat -plntu
+
+curl http://localhost:9200
+
+curl -X PUT "http://127.0.0.1:9200/mytest_index"
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin elasticsearch'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut kibana'
+echo '**********************'
+echo '.'
+
+yum install kibana -y
+
+sudo mv /Vagrantfiles/kibana.yml /etc/kibana/kibana.yml
+
+systemctl daemon-reload && systemctl enable kibana && systemctl start kibana
+
+netstat -plntu
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin kibana'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut logstash'
+echo '**********************'
+echo '.'
+
+yum install logstash -y
+
+cd /etc/logstash/conf.d
+
+wget https://raw.githubusercontent.com/a3ilson/pfelk/master/conf.d/01-inputs.conf
+wget https://raw.githubusercontent.com/a3ilson/pfelk/master/conf.d/05-syslog.conf
+wget https://raw.githubusercontent.com/a3ilson/pfelk/master/conf.d/10-pf.conf
+wget https://raw.githubusercontent.com/a3ilson/pfelk/master/conf.d/11-firewall.conf
+wget https://raw.githubusercontent.com/a3ilson/pfelk/master/conf.d/50-outputs.conf
+
+mkdir -p /etc/logstash/conf.d/patterns && cd /etc/logstash/conf.d/patterns
+
+wget https://raw.githubusercontent.com/a3ilson/pfelk/master/conf.d/patterns/pf-09.2019.grok
+
+systemctl daemon-reload && systemctl enable logstash && systemctl start logstash
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin logstash'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut divers'
+echo '**********************'
+echo '.'
+
+yum install filebeat auditbeat metricbeat packetbeat heartbeat-elastic -y
+
+systemctl daemon-reload && systemctl enable filebeat && systemctl start filebeat
+systemctl daemon-reload && systemctl enable auditbeat && systemctl start auditbeat
+systemctl daemon-reload && systemctl enable metricbeat && systemctl start metricbeat
+systemctl daemon-reload && systemctl enable packetbeat && systemctl start packetbeat
+systemctl daemon-reload && systemctl enable heartbeat-elastic && systemctl start heartbeat-elastic
+
+systemctl status elasticsearch
+systemctl status kibana
+systemctl status logstash
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut divers'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut Firewall'
+echo '**********************'
+echo '.'
+
+firewall-cmd --permanent --zone=public --add-port=5044/tcp
+firewall-cmd --permanent --zone=public --add-port=5140/tcp
+firewall-cmd --permanent --zone=public --add-port=5140/udp
+firewall-cmd --permanent --zone=public --add-port=5601/tcp
+firewall-cmd --reload
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin Firewall'
+echo '**********************'
+echo '.'
+
+cat > /etc/motd << EOF
+
+ /$$$$$$$$ /$$$$$$ /$$$$$$$   /$$$$$$           /$$$$$$  /$$$$$$$$      /$$      /$$ /$$$$$$ /$$   /$$ /$$$$$$$$
+|__  $$__/|_  $$_/| $$__  $$ /$$__  $$         /$$__  $$| $$_____/     | $$$    /$$$|_  $$_/| $$$ | $$| $$_____/
+   | $$     | $$  | $$  \ $$| $$  \__/        | $$  \ $$| $$           | $$$$  /$$$$  | $$  | $$$$| $$| $$
+   | $$     | $$  | $$$$$$$/|  $$$$$$  /$$$$$$| $$  | $$| $$$$$ /$$$$$$| $$ $$/$$ $$  | $$  | $$ $$ $$| $$$$$
+   | $$     | $$  | $$____/  \____  $$|______/| $$  | $$| $$__/|______/| $$  $$$| $$  | $$  | $$  $$$$| $$__/
+   | $$     | $$  | $$       /$$  \ $$        | $$  | $$| $$           | $$\  $ | $$  | $$  | $$\  $$$| $$
+   | $$    /$$$$$$| $$      |  $$$$$$/        |  $$$$$$/| $$           | $$ \/  | $$ /$$$$$$| $$ \  $$| $$$$$$$$
+   |__/   |______/|__/       \______/          \______/ |__/           |__/     |__/|______/|__/  \__/|________/
+
+Bienvenue dans la version Centos 7 Elasticsearch.Kibana.Logstack
+
+ - Elasticsearch, Kibana and Logstack
+
+To test your environment is correctly working, just open following URL from your Host OS:
+http://localhost/info.php
+
+EOF
--- a/Centos7-ELK/scripts/install.sh
+++ b/Centos7-ELK/scripts/install.sh
@ -0,0 +1,185 @@
+#!/bin/bash
+
+echo '.'
+echo ' /$$$$$$$$ /$$$$$$ /$$$$$$$   /$$$$$$           /$$$$$$  /$$$$$$$$      /$$      /$$ /$$$$$$ /$$   /$$ /$$$$$$$$'
+echo '|__  $$__/|_  $$_/| $$__  $$ /$$__  $$         /$$__  $$| $$_____/     | $$$    /$$$|_  $$_/| $$$ | $$| $$_____/'
+echo '   | $$     | $$  | $$  \ $$| $$  \__/        | $$  \ $$| $$           | $$$$  /$$$$  | $$  | $$$$| $$| $$      '
+echo '   | $$     | $$  | $$$$$$$/|  $$$$$$  /$$$$$$| $$  | $$| $$$$$ /$$$$$$| $$ $$/$$ $$  | $$  | $$ $$ $$| $$$$$   '
+echo '   | $$     | $$  | $$____/  \____  $$|______/| $$  | $$| $$__/|______/| $$  $$$| $$  | $$  | $$  $$$$| $$__/   '
+echo '   | $$     | $$  | $$       /$$  \ $$        | $$  | $$| $$           | $$\  $ | $$  | $$  | $$\  $$$| $$      '
+echo '   | $$    /$$$$$$| $$      |  $$$$$$/        |  $$$$$$/| $$           | $$ \/  | $$ /$$$$$$| $$ \  $$| $$$$$$$$'
+echo '   |__/   |______/|__/       \______/          \______/ |__/           |__/     |__/|______/|__/  \__/|________/'
+echo '.'                                                                                                                
+           
+
+echo '.'   
+echo '**********************'
+echo '* INSTALLATION: VM OK'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut MAJ'
+echo '**********************'
+echo '.'
+
+yum install epel-release -y 
+
+yum upgrade -y
+
+yum upgrade -y
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin MAJ'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut ENV'
+echo '**********************'
+echo '.'
+
+echo ' - Desactivation SELINUX'
+
+setenforce 0
+sed -i --follow-symlinks "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
+
+echo ' - Parametrage'
+
+echo LANG=fr_FR.utf-8 >> /etc/environment
+echo LC_ALL=fr_FR.utf-8 >> /etc/environment
+
+echo ' - Timezone'
+
+sudo timedatectl set-timezone Europe/Paris
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin ENV'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut AdminTools'
+echo '**********************'
+echo '.'
+echo ' - Installation composants'
+
+yum install htop yum-utils nano mlocate -y
+
+echo ' - Installation Supervision'
+
+yum install python36-pip net-snmp yum-utils -y
+yum install nrpe nagios-plugins-* --skip-broken -y
+
+echo ' - Configuration Supervision'
+
+echo ' -- Modification du fichier : nrpe.cfg'
+
+sed -i --follow-symlinks "s/allowed_hosts=127.0.0.1,::1/allowed_hosts=127.0.0.1,::1,192.168.1.71,centreon,centreon.tips-of-mine.lan/g" /etc/nagios/nrpe.cfg
+
+echo ' -- Creation du fichier : centreon.cfg'
+
+sudo mv /Vagrantfiles/centreon.cfg /etc/nrpe.d/centreon.cfg
+
+echo ' -- Sauvegarde du fichier : snmpd.conf'
+
+mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
+
+echo ' -- Creation du fichier : snmpd.conf'
+
+sudo mv /Vagrantfiles/snmpd.conf /etc/snmp/snmpd.conf
+
+echo ' -- Creation du fichier : snmpd.conf'
+
+echo ' - daemon Service'
+
+systemctl daemon-reload
+
+echo ' - Demarrage des services'
+
+systemctl enable snmpd && systemctl start snmpd
+systemctl enable nrpe && systemctl start nrpe
+
+echo ' - Installation Inventaire'
+
+yum install fusioninventory-agent fusioninventory-agent-task-inventory -y
+
+echo ' - Configuration Inventaire'
+
+echo ' -- Creation du fichier : agent.cfg'
+
+sudo mv /Vagrantfiles/agent.cfg /etc/fusioninventory/agent.cfg
+
+echo ' - daemon Service'
+
+systemctl daemon-reload
+
+echo ' - Demarrage des services'
+
+systemctl restart fusioninventory-agent && systemctl enable fusioninventory-agent
+
+echo ' - Configuration SSH'
+
+sed -i --follow-symlinks "s/#HostKey/HostKey/g" /etc/ssh/sshd_config
+sed -i --follow-symlinks "s/PasswordAuthentication no/PasswordAuthentication yes/g" /etc/ssh/sshd_config
+sed -i --follow-symlinks "s/UseDNS no/#UseDNS yes/g" /etc/ssh/sshd_config
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin AdminTools'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Debut Gestion Disque'
+echo '**********************'
+echo '.'
+echo ' - Configuration disque'
+sudo fdisk -u /dev/sda<<EOF
+p
+d
+2
+n
+p
+2
+
+
+t
+2
+8e
+w
+EOF
+
+echo ' - Configuration disque LVM'
+
+echo '===================================================================================================='
+sudo partx -u /dev/sda
+echo '===================================================================================================='
+sudo pvresize /dev/sda2
+echo '===================================================================================================='
+sudo pvscan
+echo '===================================================================================================='
+sudo vgdisplay
+echo '===================================================================================================='
+sudo lvdisplay
+echo '===================================================================================================='
+sudo lvextend -l +100%FREE -r /dev/centos_centos7/root
+echo '===================================================================================================='
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Fin Gestion Disque'
+echo '**********************'
+echo '.'
+
+echo '.'
+echo '**********************'
+echo '* INSTALLATION: Reboot'
+echo '**********************'
+echo '.'