78 lines
2.4 KiB
Python
78 lines
2.4 KiB
Python
import os
|
|
import sys
|
|
import json
|
|
import requests
|
|
import urllib3
|
|
|
|
REPO_ROOT = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
|
if REPO_ROOT not in sys.path:
|
|
sys.path.insert(0, REPO_ROOT)
|
|
|
|
from collectors.common.es_auth import resolve_api_key, build_api_key_header
|
|
|
|
# Suppress insecure request warnings
|
|
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
|
|
|
|
def load_json(path):
|
|
with open(path, 'r') as f:
|
|
return json.load(f)
|
|
|
|
def main():
|
|
es_url = os.getenv("ES_URL", "http://localhost:9200").rstrip('/')
|
|
env_api_id = os.getenv("ES_API_ID")
|
|
env_api_key = os.getenv("ES_API_KEY")
|
|
es_api_id, es_api_key = resolve_api_key(env_api_id, env_api_key)
|
|
es_user = os.getenv("ES_USER", "elastic")
|
|
es_pass = os.getenv("ES_PASS", "changeme")
|
|
verify_ssl = os.getenv("ES_VERIFY_SSL", "true").lower() == "true"
|
|
|
|
auth_args = {}
|
|
if es_api_id and es_api_key:
|
|
auth_args["headers"] = {"Authorization": build_api_key_header(es_api_id, es_api_key)}
|
|
print("Using Elasticsearch API key authentication for bootstrap.")
|
|
else:
|
|
auth_args["auth"] = (es_user, es_pass)
|
|
print("Using Elasticsearch basic authentication for bootstrap.")
|
|
|
|
print(f"Bootstrapping Elastic at {es_url}...")
|
|
|
|
def put(endpoint, data):
|
|
url = f"{es_url}{endpoint}"
|
|
print(f"PUT {url}")
|
|
try:
|
|
resp = requests.put(url, json=data, verify=verify_ssl, **auth_args)
|
|
print(f"Response: {resp.status_code} {resp.text}")
|
|
resp.raise_for_status()
|
|
except Exception as e:
|
|
print(f"Error: {e}")
|
|
# Don't exit, try next
|
|
|
|
# 1. ILM Policy
|
|
ilm_path = "ilm/network-events-ilm.json"
|
|
if os.path.exists(ilm_path):
|
|
data = load_json(ilm_path)
|
|
put("/_ilm/policy/network-events-ilm", data)
|
|
else:
|
|
print(f"Missing {ilm_path}")
|
|
|
|
# 2. Network Events Template
|
|
tpl_path = "ilm/network-events-template.json"
|
|
if os.path.exists(tpl_path):
|
|
data = load_json(tpl_path)
|
|
put("/_index_template/network-events", data)
|
|
else:
|
|
print(f"Missing {tpl_path}")
|
|
|
|
# 3. Network Hosts Template
|
|
tpl_path = "ilm/network-hosts-template.json"
|
|
if os.path.exists(tpl_path):
|
|
data = load_json(tpl_path)
|
|
put("/_index_template/network-hosts", data)
|
|
else:
|
|
print(f"Missing {tpl_path}")
|
|
|
|
print("Bootstrap complete.")
|
|
|
|
if __name__ == "__main__":
|
|
main()
|