Upgrade ELK stack to 8.11.1 #86
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cbaxley
added
improvement
- get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal
|
Added the following:
Testing: |
mitchelbaker-cisa
approved these changes
Dec 7, 2023
llwaterhouse
approved these changes
Dec 11, 2023
mitchelbaker-cisa
added a commit
that referenced
this pull request
Dec 12, 2023
* Added instructions to update from Release 1.1.0 to Release 1.2.0 to upgrading.md file * Upgrade ELK stack to 8.11.1 (#86) * Update ELK to 8.11.1 * Pull images before starting cluster * Pull images before deploylme * Upgrade versions in the live docker compose upon upgrade * Pull new images before deploying new stack * Globalize version variable * Adding the following: - get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal * Update the version in dashboard_update.sh --------- Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> * Changed ELK Stack from deploy.sh update to deploy.sh upgrade --------- Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com>
adhilto
added a commit
that referenced
this pull request
Dec 13, 2023
* Added instructions to update from Release 1.1.0 to Release 1.2.0 to upgrading.md file * Upgrade ELK stack to 8.11.1 (#86) * Update ELK to 8.11.1 * Pull images before starting cluster * Pull images before deploylme * Upgrade versions in the live docker compose upon upgrade * Pull new images before deploying new stack * Globalize version variable * Adding the following: - get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal * Update the version in dashboard_update.sh --------- * Changed ELK Stack from deploy.sh update to deploy.sh upgrade --------- Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com>
mitchelbaker-cisa
added a commit
that referenced
this pull request
Dec 20, 2023
* added branch naming conventions to Contributing, fixed typo (#85) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * adding line change from clint's old pr * Release 1.2.0 MERGE INTO MAIN (#101) (#102) * Added instructions to update from Release 1.1.0 to Release 1.2.0 to upgrading.md file * Upgrade ELK stack to 8.11.1 (#86) * Update ELK to 8.11.1 * Pull images before starting cluster * Pull images before deploylme * Upgrade versions in the live docker compose upon upgrade * Pull new images before deploying new stack * Globalize version variable * Adding the following: - get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal * Update the version in dashboard_update.sh --------- * Changed ELK Stack from deploy.sh update to deploy.sh upgrade --------- Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> * Add .gitattributes file to exclude the testing folder from releases. (#105) * Updated dashboard Process Explorer file downloads panels * Update workflow file to include linting and static security scans (#106) * Update main.yml to add linting * Update main.yml * Update troubleshooting.md with instructions on how to change elastic password (#110) * Delete Chapter 4 Files/dashboards/user_security.ndjson * Delete Chapter 4 Files/dashboards/security_dashboard_security_log.ndjson * Updated dashboards * Remove elastic user password prompt from deploy.sh (#107) * Remove elastic password prompt and condition in setpasswords() * create displaycredentials() fnc, link troubleshooting.md documentation at end of script * update deploy.sh to link to changing elastic username/password in troubleshooting.md * updated upgrading.md for release 1.3.0 and fixed link in chapter3.md (#117) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * imported new dashboard * Rearrange sysmon dashboard (#115) * updating sysmon dashboard * adding line change from clint's old pr * Add .gitattributes file to exclude the testing folder from releases. (#105) * updating sysmon dashboard --------- Co-authored-by: mreeve-snl <mreeve@sandia.gov> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> * Healthcheckoverview dashboard update (#120) * imported new dashboard * updated healthcheck dashboard * Delete Chapter 4 Files/dashboards/alerting_dashboard.ndjson (#121) removed alerting dashboard from this PR healthcheck PR --------- Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: ddiabe <you@example.com> * adding push so that I can track this branch * pushing all changes as documented in the PR: 112 * Updated Healthcheck Overview Dashboard panels --------- Co-authored-by: Linda Waterhouse <82845774+llwaterhouse@users.noreply.github.com> Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> Co-authored-by: Andrew Arz <149685528+aarz-snl@users.noreply.github.com> Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: Grant (SNL) <108766839+rgbrow1949@users.noreply.github.com> Co-authored-by: Connor <107427279+causand22@users.noreply.github.com> Co-authored-by: ddiabe <you@example.com>
cbaxley
added a commit
that referenced
this pull request
Dec 26, 2023
* added branch naming conventions to Contributing, fixed typo (#85) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * adding line change from clint's old pr * Release 1.2.0 MERGE INTO MAIN (#101) (#102) * Added instructions to update from Release 1.1.0 to Release 1.2.0 to upgrading.md file * Upgrade ELK stack to 8.11.1 (#86) * Update ELK to 8.11.1 * Pull images before starting cluster * Pull images before deploylme * Upgrade versions in the live docker compose upon upgrade * Pull new images before deploying new stack * Globalize version variable * Adding the following: - get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal * Update the version in dashboard_update.sh --------- * Changed ELK Stack from deploy.sh update to deploy.sh upgrade --------- Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> * Add .gitattributes file to exclude the testing folder from releases. (#105) * Updated dashboard Process Explorer file downloads panels * Update workflow file to include linting and static security scans (#106) * Update main.yml to add linting * Update main.yml * Update troubleshooting.md with instructions on how to change elastic password (#110) * Delete Chapter 4 Files/dashboards/user_security.ndjson * Delete Chapter 4 Files/dashboards/security_dashboard_security_log.ndjson * Updated dashboards * Remove elastic user password prompt from deploy.sh (#107) * Remove elastic password prompt and condition in setpasswords() * create displaycredentials() fnc, link troubleshooting.md documentation at end of script * update deploy.sh to link to changing elastic username/password in troubleshooting.md * updated upgrading.md for release 1.3.0 and fixed link in chapter3.md (#117) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * imported new dashboard * Rearrange sysmon dashboard (#115) * updating sysmon dashboard * adding line change from clint's old pr * Add .gitattributes file to exclude the testing folder from releases. (#105) * updating sysmon dashboard --------- Co-authored-by: mreeve-snl <mreeve@sandia.gov> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> * Healthcheckoverview dashboard update (#120) * imported new dashboard * updated healthcheck dashboard * Delete Chapter 4 Files/dashboards/alerting_dashboard.ndjson (#121) removed alerting dashboard from this PR healthcheck PR --------- Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: ddiabe <you@example.com> * adding push so that I can track this branch * pushing all changes as documented in the PR: 112 * Updated Healthcheck Overview Dashboard panels --------- Co-authored-by: Linda Waterhouse <82845774+llwaterhouse@users.noreply.github.com> Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> Co-authored-by: Andrew Arz <149685528+aarz-snl@users.noreply.github.com> Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: Grant (SNL) <108766839+rgbrow1949@users.noreply.github.com> Co-authored-by: Connor <107427279+causand22@users.noreply.github.com> Co-authored-by: ddiabe <you@example.com>
cbaxley
added a commit
that referenced
this pull request
Jan 10, 2024
* added branch naming conventions to Contributing, fixed typo (#85) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * adding line change from clint's old pr * Release 1.2.0 MERGE INTO MAIN (#101) (#102) * Added instructions to update from Release 1.1.0 to Release 1.2.0 to upgrading.md file * Upgrade ELK stack to 8.11.1 (#86) * Update ELK to 8.11.1 * Pull images before starting cluster * Pull images before deploylme * Upgrade versions in the live docker compose upon upgrade * Pull new images before deploying new stack * Globalize version variable * Adding the following: - get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal * Update the version in dashboard_update.sh --------- * Changed ELK Stack from deploy.sh update to deploy.sh upgrade --------- Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> * Add .gitattributes file to exclude the testing folder from releases. (#105) * Updated dashboard Process Explorer file downloads panels * Update workflow file to include linting and static security scans (#106) * Update main.yml to add linting * Update main.yml * Update troubleshooting.md with instructions on how to change elastic password (#110) * Delete Chapter 4 Files/dashboards/user_security.ndjson * Delete Chapter 4 Files/dashboards/security_dashboard_security_log.ndjson * Updated dashboards * Remove elastic user password prompt from deploy.sh (#107) * Remove elastic password prompt and condition in setpasswords() * create displaycredentials() fnc, link troubleshooting.md documentation at end of script * update deploy.sh to link to changing elastic username/password in troubleshooting.md * updated upgrading.md for release 1.3.0 and fixed link in chapter3.md (#117) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * imported new dashboard * Rearrange sysmon dashboard (#115) * updating sysmon dashboard * adding line change from clint's old pr * Add .gitattributes file to exclude the testing folder from releases. (#105) * updating sysmon dashboard --------- Co-authored-by: mreeve-snl <mreeve@sandia.gov> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> * Healthcheckoverview dashboard update (#120) * imported new dashboard * updated healthcheck dashboard * Delete Chapter 4 Files/dashboards/alerting_dashboard.ndjson (#121) removed alerting dashboard from this PR healthcheck PR --------- Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: ddiabe <you@example.com> * adding push so that I can track this branch * pushing all changes as documented in the PR: 112 * Updated Healthcheck Overview Dashboard panels --------- Co-authored-by: Linda Waterhouse <82845774+llwaterhouse@users.noreply.github.com> Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> Co-authored-by: Andrew Arz <149685528+aarz-snl@users.noreply.github.com> Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: Grant (SNL) <108766839+rgbrow1949@users.noreply.github.com> Co-authored-by: Connor <107427279+causand22@users.noreply.github.com> Co-authored-by: ddiabe <you@example.com>
mitchelbaker-cisa
added a commit
to mitchelbaker-cisa/LME
that referenced
this pull request
Jan 31, 2024
* added branch naming conventions to Contributing, fixed typo (cisagov#85) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * adding line change from clint's old pr * Release 1.2.0 MERGE INTO MAIN (cisagov#101) (cisagov#102) * Added instructions to update from Release 1.1.0 to Release 1.2.0 to upgrading.md file * Upgrade ELK stack to 8.11.1 (cisagov#86) * Update ELK to 8.11.1 * Pull images before starting cluster * Pull images before deploylme * Upgrade versions in the live docker compose upon upgrade * Pull new images before deploying new stack * Globalize version variable * Adding the following: - get_latest_version function - pulling version from this function - old password reading text update to reduce confusion - print statements in upgrade from 1.0 -> 1.2 - sleep so it doesn't fail if docker does a slow removal * Update the version in dashboard_update.sh --------- * Changed ELK Stack from deploy.sh update to deploy.sh upgrade --------- Co-authored-by: mitchelbaker-cisa <149098823+mitchelbaker-cisa@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: mreeve.snl <mreeve@sandia.gov> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> * Add .gitattributes file to exclude the testing folder from releases. (cisagov#105) * Updated dashboard Process Explorer file downloads panels * Update workflow file to include linting and static security scans (cisagov#106) * Update main.yml to add linting * Update main.yml * Update troubleshooting.md with instructions on how to change elastic password (cisagov#110) * Delete Chapter 4 Files/dashboards/user_security.ndjson * Delete Chapter 4 Files/dashboards/security_dashboard_security_log.ndjson * Updated dashboards * Remove elastic user password prompt from deploy.sh (cisagov#107) * Remove elastic password prompt and condition in setpasswords() * create displaycredentials() fnc, link troubleshooting.md documentation at end of script * update deploy.sh to link to changing elastic username/password in troubleshooting.md * updated upgrading.md for release 1.3.0 and fixed link in chapter3.md (cisagov#117) Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> * imported new dashboard * Rearrange sysmon dashboard (cisagov#115) * updating sysmon dashboard * adding line change from clint's old pr * Add .gitattributes file to exclude the testing folder from releases. (cisagov#105) * updating sysmon dashboard --------- Co-authored-by: mreeve-snl <mreeve@sandia.gov> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> * Healthcheckoverview dashboard update (cisagov#120) * imported new dashboard * updated healthcheck dashboard * Delete Chapter 4 Files/dashboards/alerting_dashboard.ndjson (cisagov#121) removed alerting dashboard from this PR healthcheck PR --------- Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: ddiabe <you@example.com> * adding push so that I can track this branch * pushing all changes as documented in the PR: 112 * Updated Healthcheck Overview Dashboard panels --------- Co-authored-by: Linda Waterhouse <82845774+llwaterhouse@users.noreply.github.com> Co-authored-by: Linda Lovero-Waterhouse <l.lovero-waterhouse@ecstech.com> Co-authored-by: mreeve-snl <mreeve@sandia.gov> Co-authored-by: Alden Hilton <106177711+adhilto@users.noreply.github.com> Co-authored-by: Rishi Aggarwal <Rishi.Aggarwal@ecstech.com> Co-authored-by: Clint Baxley <c.baxley-ctr@ecstech.com> Co-authored-by: Clint Baxley <clint.baxley-ctr@ecstech.com> Co-authored-by: ddiabe <133152385+ddiabe@users.noreply.github.com> Co-authored-by: rishagg01 <149525835+rishagg01@users.noreply.github.com> Co-authored-by: Michael Reeves <147089975+mreeve-snl@users.noreply.github.com> Co-authored-by: Andrew Arz <149685528+aarz-snl@users.noreply.github.com> Co-authored-by: ddiabe <0743724407@HQ.DHS.GOV> Co-authored-by: Grant (SNL) <108766839+rgbrow1949@users.noreply.github.com> Co-authored-by: Connor <107427279+causand22@users.noreply.github.com> Co-authored-by: ddiabe <you@example.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🗣 Upgrade ELK stack to 8.11.1##
Update the compose file to pull 8.11.1 images and modify deploy to upgrade the stack.
💭 Motivation and context
The ELK stack version had a security vulnerability that needed to be addressed.
🧪 Testing
Test Upgrade
Install a fresh version of LME and then do an upgrade on it. Make sure the new version of ELK is running and the dashboards are not erroring. Check that
/opt/lme.confhas the correct version number of the release, and that `cat /opt/lme/Chapter\ 3\ Files/docker-compose-stack-live.yml' shows 8.11.1 for all three of the images.Test Fresh Install
On a new server, install this version directly. Make sure the new version of ELK is running and the dashboards are not erroring.
Note: You can check the versions with a
docker pson the command line, and from the "Help" ( round lifebuoy ) menu at the top right of the Kibana interface.✅ Pre-approval checklist
in code comments.
to reflect the changes in this PR.
✅ Pre-merge checklist
✅ Post-merge checklist