search

Security-Onion-Solutions / security-onion

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
https://securityonion.net
3.06k stars 521 forks source link

Setup: change #inter#face to #interface #1675

Closed dougburks closed 4 years ago

dougburks commented 4 years ago

https://github.com/Security-Onion-Solutions/securityonion-setup/blob/master/bin/sosetup#L1478-L1489

sets this:

#inter#face=$INTERFACE

We should change that to:

#interface=$INTERFACE

so that folks can simply remove the comment mark at the beginning of the line.

I think that second comment mark may have been trying to avoid a match here: https://github.com/Security-Onion-Solutions/securityonion-setup/blob/master/bin/sosetup#L1938-L1940

BRO_IFACE=$(grep "interface=" /opt/bro/etc/node.cfg | cut -d'=' -f2)

If that's all we were trying to avoid, we could simply change the grep to:

grep "^interface="

But we should probably double-check that there are no extra corner cases lurking somewhere.

dougburks commented 4 years ago

https://github.com/Security-Onion-Solutions/securityonion-setup/commit/8a729d389338fbeb770a817b3b7c93fbb4dd4f72

weslambert commented 4 years ago

Confirmed setup now changes the format 👍

dougburks commented 4 years ago

Published: https://blog.securityonion.net/2020/02/zeek-301-elastic-686-and-cyberchef-9120.html