From f170dcb05f626cee74dbc7d65b0154f75392a1df Mon Sep 17 00:00:00 2001 From: Quim Date: Mon, 25 Feb 2019 12:27:30 +0100 Subject: [PATCH] reorg resources files --- .gitignore | 1 + docker-compose.v6.yml | 6 +- elk6/vulnwhisperer.ini | 109 ------------------ .../docker-compose_ELK5_unsupported.yml | 0 .../logstash-vulnwhisperer-template.json | 0 .../filebeat}/filebeat.yml | 0 .../1000_vulnWhispererBaseVisuals.json | 0 ...hisperer_ReportingMitigationDashboard.json | 0 ...alysVisuals (required with Dashboard).json | 0 ...eportingMitigationDashboardQualysRisk.json | 0 .../9000_vulnWhisperer_SavedSearch.json | 0 .../logstash}/0001_input_beats.conf | 0 .../logstash}/1000_nessus_process_file.conf | 0 .../logstash}/2000_qualys_web_scans.conf | 0 .../logstash}/3000_openvas.conf | 0 .../logstash}/4000_jira.conf | 0 .../logstash}/9998_input_broker_rabbitmq.conf | 0 .../9998_output_broker_rabbitmq.conf | 0 {elk6 => resources/elk6}/filebeat.yml | 0 {elk6 => resources/elk6}/kibana.json | 0 {elk6 => resources/elk6}/logstash.yml | 0 .../pipeline/1000_nessus_process_file.conf | 0 .../elk6}/pipeline/2000_qualys_web_scans.conf | 0 .../elk6}/pipeline/3000_openvas.conf | 0 .../elk6}/pipeline/4000_jira.conf | 0 25 files changed, 4 insertions(+), 112 deletions(-) delete mode 100644 elk6/vulnwhisperer.ini rename docker-compose.yml => resources/elk5-old_compatibility/docker-compose_ELK5_unsupported.yml (100%) rename {elasticsearch => resources/elk5-old_compatibility/elasticsearch}/logstash-vulnwhisperer-template.json (100%) rename {filebeat => resources/elk5-old_compatibility/filebeat}/filebeat.yml (100%) rename {kibana => resources/elk5-old_compatibility/kibana}/vuln_whisp_kibana/1000_vulnWhispererBaseVisuals.json (100%) rename {kibana => resources/elk5-old_compatibility/kibana}/vuln_whisp_kibana/1001_vulnWhisperer_ReportingMitigationDashboard.json (100%) rename {kibana => resources/elk5-old_compatibility/kibana}/vuln_whisp_kibana/2000_vulnWhisperer_QualysVisuals (required with Dashboard).json (100%) rename {kibana => resources/elk5-old_compatibility/kibana}/vuln_whisp_kibana/2001_vulnWhisperer_ReportingMitigationDashboardQualysRisk.json (100%) rename {kibana => resources/elk5-old_compatibility/kibana}/vuln_whisp_kibana/9000_vulnWhisperer_SavedSearch.json (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/0001_input_beats.conf (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/1000_nessus_process_file.conf (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/2000_qualys_web_scans.conf (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/3000_openvas.conf (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/4000_jira.conf (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/9998_input_broker_rabbitmq.conf (100%) rename {logstash => resources/elk5-old_compatibility/logstash}/9998_output_broker_rabbitmq.conf (100%) rename {elk6 => resources/elk6}/filebeat.yml (100%) rename {elk6 => resources/elk6}/kibana.json (100%) rename {elk6 => resources/elk6}/logstash.yml (100%) rename {elk6 => resources/elk6}/pipeline/1000_nessus_process_file.conf (100%) rename {elk6 => resources/elk6}/pipeline/2000_qualys_web_scans.conf (100%) rename {elk6 => resources/elk6}/pipeline/3000_openvas.conf (100%) rename {elk6 => resources/elk6}/pipeline/4000_jira.conf (100%) diff --git a/.gitignore b/.gitignore index ea26da2..b4a878c 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ data/ logs/ elk6/vulnwhisperer.ini +resources/elk6/vulnwhisperer.ini configs/frameworks_example.ini # Byte-compiled / optimized / DLL files diff --git a/docker-compose.v6.yml b/docker-compose.v6.yml index 58daac9..e61e1e9 100644 --- a/docker-compose.v6.yml +++ b/docker-compose.v6.yml @@ -44,8 +44,8 @@ services: image: docker.elastic.co/logstash/logstash:6.6.0 container_name: logstash volumes: - - ./elk6/pipeline/:/usr/share/logstash/pipeline - #- ./elk6/logstash.yml:/usr/share/logstash/config/logstash.yml + - ./resources/elk6/pipeline/:/usr/share/logstash/pipeline + #- ./resources/elk6/logstash.yml:/usr/share/logstash/config/logstash.yml - ./data/:/opt/vulnwhisperer/data environment: - xpack.monitoring.enabled=false @@ -65,7 +65,7 @@ services: ] volumes: - ./data/:/opt/vulnwhisperer/data - - ./elk6/vulnwhisperer.ini:/opt/vulnwhisperer/vulnwhisperer.ini + - ./resources/elk6/vulnwhisperer.ini:/opt/vulnwhisperer/vulnwhisperer.ini network_mode: host volumes: esdata1: diff --git a/elk6/vulnwhisperer.ini b/elk6/vulnwhisperer.ini deleted file mode 100644 index 2b92761..0000000 --- a/elk6/vulnwhisperer.ini +++ /dev/null @@ -1,109 +0,0 @@ -[nessus] -enabled=true -hostname=localhost -port=8834 -username=nessus_username -password=nessus_password -write_path=/opt/vulnwhisperer/data/nessus/ -db_path=/opt/vulnwhisperer/database -trash=false -verbose=true - -[tenable] -enabled=true -hostname=cloud.tenable.com -port=443 -username=tenable.io_username -password=tenable.io_password -write_path=/opt/vulnwhisperer/data/tenable/ -db_path=/opt/VulnWhisperer/data/database -trash=false -verbose=true - -[qualys_web] -#Reference https://www.qualys.com/docs/qualys-was-api-user-guide.pdf to find your API -enabled = true -hostname = qualysapi.qg2.apps.qualys.com -username = exampleuser -password = examplepass -write_path=/opt/vulnwhisperer/data/qualys/ -db_path=/opt/vulnwhisperer/data/database -verbose=true - -# Set the maximum number of retries each connection should attempt. -#Note, this applies only to failed connections and timeouts, never to requests where the server returns a response. -max_retries = 10 -# Template ID will need to be retrieved for each document. Please follow the reference guide above for instructions on how to get your template ID. -template_id = 126024 - -[qualys_vuln] -#Reference https://www.qualys.com/docs/qualys-was-api-user-guide.pdf to find your API -enabled = true -hostname = qualysapi.qg2.apps.qualys.com -username = exampleuser -password = examplepass -write_path=/opt/vulnwhisperer/data/qualys/ -db_path=/opt/vulnwhisperer/data/database -verbose=true - -# Set the maximum number of retries each connection should attempt. -#Note, this applies only to failed connections and timeouts, never to requests where the server returns a response. -max_retries = 10 -# Template ID will need to be retrieved for each document. Please follow the reference guide above for instructions on how to get your template ID. -template_id = 126024 - -[detectify] -#Reference https://developer.detectify.com/ -enabled = false -hostname = api.detectify.com -#username variable used as apiKey -username = exampleuser -#password variable used as secretKey -password = examplepass -write_path =/opt/vulnwhisperer/data/detectify/ -db_path = /opt/vulnwhisperer/data/database -verbose = true - -[openvas] -enabled = false -hostname = localhost -port = 4000 -username = exampleuser -password = examplepass -write_path=/opt/vulnwhisperer/data/openvas/ -db_path=/opt/vulnwhisperer/data/database -verbose=true - -#[proxy] -; This section is optional. Leave it out if you're not using a proxy. -; You can use environmental variables as well: http://www.python-requests.org/en/latest/user/advanced/#proxies - -; proxy_protocol set to https, if not specified. -#proxy_url = proxy.mycorp.com - -; proxy_port will override any port specified in proxy_url -#proxy_port = 8080 - -; proxy authentication -#proxy_username = proxyuser -#proxy_password = proxypass - -[jira] -hostname = jira-host -username = username -password = password -write_path = /opt/vulnwhisperer/data/jira/ -db_path = /opt/vulnwhisperer/data/database -verbose = true -dns_resolv = False - -#Sample jira report scan, will automatically be created for existent scans -#[jira.qualys_vuln.test_scan] -#source = qualys_vuln -#scan_name = Test Scan -#jira_project = PROJECT -; if multiple components, separate by "," = None -#components = -; minimum criticality to report (low, medium, high or critical) = None -#min_critical_to_report = high - diff --git a/docker-compose.yml b/resources/elk5-old_compatibility/docker-compose_ELK5_unsupported.yml similarity index 100% rename from docker-compose.yml rename to resources/elk5-old_compatibility/docker-compose_ELK5_unsupported.yml diff --git a/elasticsearch/logstash-vulnwhisperer-template.json b/resources/elk5-old_compatibility/elasticsearch/logstash-vulnwhisperer-template.json similarity index 100% rename from elasticsearch/logstash-vulnwhisperer-template.json rename to resources/elk5-old_compatibility/elasticsearch/logstash-vulnwhisperer-template.json diff --git a/filebeat/filebeat.yml b/resources/elk5-old_compatibility/filebeat/filebeat.yml similarity index 100% rename from filebeat/filebeat.yml rename to resources/elk5-old_compatibility/filebeat/filebeat.yml diff --git a/kibana/vuln_whisp_kibana/1000_vulnWhispererBaseVisuals.json b/resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/1000_vulnWhispererBaseVisuals.json similarity index 100% rename from kibana/vuln_whisp_kibana/1000_vulnWhispererBaseVisuals.json rename to resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/1000_vulnWhispererBaseVisuals.json diff --git a/kibana/vuln_whisp_kibana/1001_vulnWhisperer_ReportingMitigationDashboard.json b/resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/1001_vulnWhisperer_ReportingMitigationDashboard.json similarity index 100% rename from kibana/vuln_whisp_kibana/1001_vulnWhisperer_ReportingMitigationDashboard.json rename to resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/1001_vulnWhisperer_ReportingMitigationDashboard.json diff --git a/kibana/vuln_whisp_kibana/2000_vulnWhisperer_QualysVisuals (required with Dashboard).json b/resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/2000_vulnWhisperer_QualysVisuals (required with Dashboard).json similarity index 100% rename from kibana/vuln_whisp_kibana/2000_vulnWhisperer_QualysVisuals (required with Dashboard).json rename to resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/2000_vulnWhisperer_QualysVisuals (required with Dashboard).json diff --git a/kibana/vuln_whisp_kibana/2001_vulnWhisperer_ReportingMitigationDashboardQualysRisk.json b/resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/2001_vulnWhisperer_ReportingMitigationDashboardQualysRisk.json similarity index 100% rename from kibana/vuln_whisp_kibana/2001_vulnWhisperer_ReportingMitigationDashboardQualysRisk.json rename to resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/2001_vulnWhisperer_ReportingMitigationDashboardQualysRisk.json diff --git a/kibana/vuln_whisp_kibana/9000_vulnWhisperer_SavedSearch.json b/resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/9000_vulnWhisperer_SavedSearch.json similarity index 100% rename from kibana/vuln_whisp_kibana/9000_vulnWhisperer_SavedSearch.json rename to resources/elk5-old_compatibility/kibana/vuln_whisp_kibana/9000_vulnWhisperer_SavedSearch.json diff --git a/logstash/0001_input_beats.conf b/resources/elk5-old_compatibility/logstash/0001_input_beats.conf similarity index 100% rename from logstash/0001_input_beats.conf rename to resources/elk5-old_compatibility/logstash/0001_input_beats.conf diff --git a/logstash/1000_nessus_process_file.conf b/resources/elk5-old_compatibility/logstash/1000_nessus_process_file.conf similarity index 100% rename from logstash/1000_nessus_process_file.conf rename to resources/elk5-old_compatibility/logstash/1000_nessus_process_file.conf diff --git a/logstash/2000_qualys_web_scans.conf b/resources/elk5-old_compatibility/logstash/2000_qualys_web_scans.conf similarity index 100% rename from logstash/2000_qualys_web_scans.conf rename to resources/elk5-old_compatibility/logstash/2000_qualys_web_scans.conf diff --git a/logstash/3000_openvas.conf b/resources/elk5-old_compatibility/logstash/3000_openvas.conf similarity index 100% rename from logstash/3000_openvas.conf rename to resources/elk5-old_compatibility/logstash/3000_openvas.conf diff --git a/logstash/4000_jira.conf b/resources/elk5-old_compatibility/logstash/4000_jira.conf similarity index 100% rename from logstash/4000_jira.conf rename to resources/elk5-old_compatibility/logstash/4000_jira.conf diff --git a/logstash/9998_input_broker_rabbitmq.conf b/resources/elk5-old_compatibility/logstash/9998_input_broker_rabbitmq.conf similarity index 100% rename from logstash/9998_input_broker_rabbitmq.conf rename to resources/elk5-old_compatibility/logstash/9998_input_broker_rabbitmq.conf diff --git a/logstash/9998_output_broker_rabbitmq.conf b/resources/elk5-old_compatibility/logstash/9998_output_broker_rabbitmq.conf similarity index 100% rename from logstash/9998_output_broker_rabbitmq.conf rename to resources/elk5-old_compatibility/logstash/9998_output_broker_rabbitmq.conf diff --git a/elk6/filebeat.yml b/resources/elk6/filebeat.yml similarity index 100% rename from elk6/filebeat.yml rename to resources/elk6/filebeat.yml diff --git a/elk6/kibana.json b/resources/elk6/kibana.json similarity index 100% rename from elk6/kibana.json rename to resources/elk6/kibana.json diff --git a/elk6/logstash.yml b/resources/elk6/logstash.yml similarity index 100% rename from elk6/logstash.yml rename to resources/elk6/logstash.yml diff --git a/elk6/pipeline/1000_nessus_process_file.conf b/resources/elk6/pipeline/1000_nessus_process_file.conf similarity index 100% rename from elk6/pipeline/1000_nessus_process_file.conf rename to resources/elk6/pipeline/1000_nessus_process_file.conf diff --git a/elk6/pipeline/2000_qualys_web_scans.conf b/resources/elk6/pipeline/2000_qualys_web_scans.conf similarity index 100% rename from elk6/pipeline/2000_qualys_web_scans.conf rename to resources/elk6/pipeline/2000_qualys_web_scans.conf diff --git a/elk6/pipeline/3000_openvas.conf b/resources/elk6/pipeline/3000_openvas.conf similarity index 100% rename from elk6/pipeline/3000_openvas.conf rename to resources/elk6/pipeline/3000_openvas.conf diff --git a/elk6/pipeline/4000_jira.conf b/resources/elk6/pipeline/4000_jira.conf similarity index 100% rename from elk6/pipeline/4000_jira.conf rename to resources/elk6/pipeline/4000_jira.conf