forked from rocknsm/rock
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rock.spec
178 lines (149 loc) · 6.78 KB
/
rock.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
%global _rockdir /usr/share/rock
%global _sysconfdir /etc/rocknsm
%global _sbindir /usr/sbin
Name: rock
Version: 2.5.0
Release: 2
Summary: Network Security Monitoring collections platform
License: BSD
URL: http://rocknsm.io/
Source0: https://github.com/rocknsm/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
BuildArch: noarch
Requires: ansible >= 2.7.0
Requires: python-jinja2 >= 2.9.0
Requires: python-markupsafe >= 0.23
Requires: python-pyOpenSSL
Requires: python-netaddr
Requires: libselinux-python
Requires: git
Requires: yq
Requires: crudini
%description
ROCK is a collections platform, in the spirit of Network Security Monitoring.
%prep
%setup -q
%build
%install
rm -rf %{buildroot}
DESTDIR=%{buildroot}
#make directories
mkdir -p %{buildroot}/%{_rockdir}/roles
mkdir -p %{buildroot}/%{_rockdir}/playbooks
mkdir -p %{buildroot}/%{_sbindir}
mkdir -p %{buildroot}/%{_sysconfdir}
# Install ansible files
install -p -m 755 bin/rock %{buildroot}/%{_sbindir}/
install -p -m 755 bin/rock_setup %{buildroot}/%{_sbindir}/
install -p -m 755 bin/deploy_rock.sh %{buildroot}/%{_sbindir}/
install -m 644 etc/hosts.ini %{buildroot}/%{_sysconfdir}/
cp -a roles/. %{buildroot}/%{_rockdir}/roles
cp -a playbooks/. %{buildroot}/%{_rockdir}/playbooks
# make dir and install tests
mkdir -p %{buildroot}/%{_rockdir}/tests
cp -a tests/. %{buildroot}/%{_rockdir}/tests
%files
%doc README.md LICENSE CONTRIBUTING.md
%config %{_rockdir}/playbooks/group_vars/all.yml
%config %{_rockdir}/playbooks/ansible.cfg
%config %{_sysconfdir}/hosts.ini
%ghost %{_sysconfdir}/config.yml
%defattr(0644, root, root, 0755)
%{_rockdir}/playbooks/roles
%{_rockdir}/roles/*
%{_rockdir}/playbooks/*.yml
%{_rockdir}/playbooks/templates/*
%{_rockdir}/tests/*
%attr(0755, root, root) %{_sbindir}/rock
%attr(0755, root, root) %{_sbindir}/rock_setup
%attr(0755, root, root) %{_sbindir}/deploy_rock.sh
%changelog
* Sat Feb 15 2020 Derek Ditch <[email protected]> 2.5.0-2
- Enhances to multinode setup to be more reliable (espeically w/ elasticsearch)
- Fixes startup logic for Zeek
- Improvements to molecule testing framework for multinode testing
- Globally rename bro to zeek to align with upstream
- Migrate to maxmind GeoIP v2 for everything (zeek, suricata, logstash)
- Modularization of Logstash pipeline and ECS 1.4 compatibility
* Thu Aug 22 2019 Derek Ditch <[email protected]> 2.5.0-1
- Updated roles to work with ECS pipeline
- Added XFS Quotas (#473)
- Added Suricata Community ID (#469)
- Cleanups around testing and CI
- Now requires Ansible 2.8
- Cleaned up tasks to be more resilient
- Adding filebeat role to remove duplicate logic.
* Sat Apr 13 2019 Derek Ditch <[email protected]> 2.4.2-1
- Change elastic node name to the inventory hostname Fixes #447
* Thu Apr 11 2019 Derek Ditch <[email protected]> 2.4.1-1
- Fix Kibana index pattern for Elastic7 calc fields
-
* Thu Apr 11 2019 Derek Ditch <[email protected]> 2.4.0-1
- Upgrade Elastic Stack to 7.x
- Add molecule test harness with full yaml and ansible linting
- Text-based User Interface to configure, deploy, and manage node(s)
- Added ansible conveniences like tags to better target deployments
- Upgrade to Java 11 for Elastic, Logstash, Zookeeper, and Kafka
- Add logging of Ansible plays
- Remove remaining snort leftovers
- Refactor Elasticsearch for rolling restarts
- Adjust roles to allow remote deployment
* Fri Feb 22 2019 Derek Ditch <[email protected]> 2.3.0-3
- Remove suricata-update from packages. It's in suricata now.
* Fri Feb 22 2019 Derek Ditch <[email protected]> 2.3.0-2
- Bump release to fix version conflict
* Fri Feb 22 2019 Derek Ditch <[email protected]> 2.3.0-1
- New: Add ability to do multi-host deployment of sensor + data tiers (#339, [email protected])
- New: Integrate Docket into Kibana by default ([email protected])
- New: Improvements and additional Kibana dashboards (spartan782)
- Fixes: issue with Bro failing when monitor interface is down (#343, [email protected])
- Fixes: issue with services starting that shouldn’t (#346, [email protected])
- Fixes: race condition on loading dashboards into Kibana (#356, [email protected])
- Fixes: configuration for Docket allowing serving from non-root URI (#361, [email protected])
- Change: zeek log retention value to one week rather than forever (#345, [email protected])
- Change: Greatly improve documentation (#338, [email protected])
- Change: Reorganize README (#308, [email protected])
- Change: Move ECS to rock-dashboards repo (#305, [email protected])
- Change: Move RockNSM install paths to filesystem heirarchy standard locations (#344, [email protected])
* Fri Jan 25 2019 Bradford Dabbs <[email protected]> 2.3.0-1
- Update file paths to match new structure
- Bump minimum Ansible version to 2.7
* Tue Oct 30 2018 Derek Ditch <[email protected]> 2.2.0-2
- Fixed issue with missing GPG keys ([email protected])
- Update logrotate configuration ([email protected])
* Fri Oct 26 2018 Derek Ditch <[email protected]> 2.2.0-1
- Added support for Elastic Stack 6.4 ([email protected]>
- Added initial support for Elastic Common Schema in Tech Preview ([email protected])
- Updated vars for lighttpd tests ([email protected])
- Removed cruft perl packages no longer needed for pulledpork.
- Merges in Lighttpd config and several bug fixes. (#329)
- Enable/Install suricata update by default ([email protected])
- Adjust 'when' for the cron job and rename local source.
- Remove pulledpork. ([email protected])
- Add configuration for suricata-update. ([email protected])
- Add closing tag ([email protected])
- Add ISO download links ([email protected])
- Replace logo with latest version ([email protected])
- Reorganize README ([email protected])
- Move ECS to rock-dashboards repo ([email protected])
* Tue Aug 21 2018 Derek Ditch <[email protected]> 2.1.0-2
- Move ECS to rock-dashboards repo
* Tue Aug 21 2018 Derek Ditch <[email protected]> 2.1.0-1
- Introducing Docket, a REST API and web UI to query multiple stenographer instances
- Added Suricata-Update to manage Suricata signatures
- Added GPG signing of packages and repo metadata
- Added functional tests using [testinfra](https://testinfra.readthedocs.io/en/latest/)
- Initial support of [Elastic Common Schema](https://github.com/elastic/ecs)
- Includes full Elastic (with permission) stack including features formerly known as X-Pack
- Elastic stack is updated to 6.x
- Elastic dashboards, mappings, and Logstash config moved to module-like construct
- Suricata is updated to 4.x
- Bro is updated to 2.5.4
- Deprecated Snort
- Deprecated Pulled Pork
* Thu Jun 08 2017 spartan782 <[email protected]> 2.0.5-1
- Tito files added.
- rock.spec added.
- sign_rpm.sh added.