From 0bfc6a13778ad8b1eceb7fc03ca7230a5494ded8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Tue, 7 Nov 2023 13:48:29 +0100 Subject: [PATCH] Update ISM init script (#50) --- scripts/indexer-ism-init.sh | 298 +++++++++++++++++++++++------------- 1 file changed, 192 insertions(+), 106 deletions(-) diff --git a/scripts/indexer-ism-init.sh b/scripts/indexer-ism-init.sh index 5b77addc44e16..eabdb81ca041a 100644 --- a/scripts/indexer-ism-init.sh +++ b/scripts/indexer-ism-init.sh @@ -3,18 +3,20 @@ # Wazuh - Indexer set rollover policy and templates # Policy settings -MIN_SHARD_SIZE=${MIN_SHARD_SIZE:-25} -MIN_INDEX_AGE=${MIN_INDEX_AGE:-"7d"} -MIN_DOC_COUNT=${MIN_DOC_COUNT:-200000000} -ISM_INDEX_PATTERNS=${ISM_INDEX_PATTERNS:-'["wazuh-alerts-*", "wazuh-archives-*", "-wazuh-alerts-4.x-sample*"]'} -ISM_PRIORITY=${ISM_PRIORITY:-50} +MIN_SHARD_SIZE="25" +MIN_INDEX_AGE="7d" +MIN_DOC_COUNT="200000000" +ISM_INDEX_PATTERNS='["wazuh-alerts-*", "wazuh-archives-*", "-wazuh-alerts-4.x-sample*"]' +ISM_PRIORITY="50" +INDEXER_PASSWORD="admin" +INDEXER_HOSTNAME="localhost" POLICY_NAME="rollover_policy" -INDEXER_URL="https://localhost:9200" +INDEXER_URL="https://${INDEXER_HOSTNAME}:9200" # curl settings shortcuts -C_AUTH="-u admin:admin" +C_AUTH="-u admin:${INDEXER_PASSWORD}" ######################################################################### # Creates the rollover_policy ISM policy. @@ -30,35 +32,34 @@ C_AUTH="-u admin:admin" # The rollover policy as a JSON string ######################################################################### function generate_rollover_policy() { - cat <" + echo -e " Set the minimum index age. By default 7d." + echo -e "" + echo -e " -d, --min-doc-count " + echo -e " Set the minimum document count. By default 200000000." + echo -e "" + echo -e " -h, --help" + echo -e " Shows help." + echo -e "" + echo -e " -i, --indexer-hostname " + echo -e " Specifies the Wazuh indexer hostname or IP." + echo -e "" + echo -e " -p, --indexer-password " + echo -e " Specifies the Wazuh indexer admin user password." + echo -e "" + echo -e " -s, --min-shard-size " + echo -e " Set the minimum shard size in GB. By default 25." + echo -e "" + exit 1 +} + ######################################################################### # Main function. ######################################################################### function main() { - # The list should contain every alias which indices implement the - # rollover policy - aliases=("wazuh-alerts" "wazuh-archives") + # The list should contain every alias which indices implement the + # rollover policy + aliases=("wazuh-alerts" "wazuh-archives") + + while [ -n "${1}" ]; do + case "${1}" in + "-a" | "--min-index-age") + if [ -z "${2}" ]; then + echo "Error on arguments. Probably missing after -a|--min-index-age" + show_help + else + MIN_INDEX_AGE="${2}" + shift 2 + fi + ;; + "-d" | "--min-doc-count") + if [ -z "${2}" ]; then + echo "Error on arguments. Probably missing after -d|--min-doc-count" + show_help + else + MIN_DOC_COUNT="${2}" + shift 2 + fi + ;; + "-h" | "--help") + show_help + ;; + "-i" | "--indexer-hostname") + if [ -z "${2}" ]; then + echo "Error on arguments. Probably missing after -i|--indexer-hostname" + show_help + else + INDEXER_HOSTNAME="${2}" + shift 2 + fi + ;; + "-p" | "--indexer-password") + if [ -z "${2}" ]; then + echo "Error on arguments. Probably missing after -p|--indexer-password" + show_help + else + INDEXER_PASSWORD="${2}" + C_AUTH="-u admin:${INDEXER_PASSWORD}" + shift 2 + fi + ;; + "-s" | "--min-shard-size") + if [ -z "${2}" ]; then + echo "Error on arguments. Probably missing after -s|--min-shard-size" + show_help + else + MIN_SHARD_SIZE="${2}" + shift 2 + fi + ;; + *) + echo "Unknow option: ${1}" + show_help + ;; + esac + done - # Load the Wazuh Indexer templates - load_templates + # Load the Wazuh Indexer templates + load_templates - # Upload the rollover policy - upload_rollover_policy + # Upload the rollover policy + upload_rollover_policy - # Create the initial write indices - create_indices "${aliases[@]}" + # Create the initial write indices + create_indices "${aliases[@]}" } -main "$@" \ No newline at end of file +main "$@"