Change grains.role so-node to so-searchnode to align with minion id and role naming conventions

Security-Onion-Solutions / securityonion

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

https://securityonion.net

3.19k stars 495 forks source link

Change grains.role so-node to so-searchnode to align with minion id and role naming conventions #1398

Closed m0duspwnens closed 1 year ago

m0duspwnens commented 4 years ago

All of our minion ids are hostname_role and that role matches the grains.role for all roles expect for the searchnode where the minion id is *_searchnode and the grains.role is so-node. Update grains.role from so-node to so-searchnode.

jertel commented 3 years ago

If this changes I suggest making it so-search, instead of so-node, for consistency with the other nodes in the grid. For example, we have an so-sensor and an so-manager, not an so-sensornode or so-managernode.

The SOC Grid interface is ready for so-search and also has so-node mapped to "Search" nodes.