taylorwalton · October 20, 2023 12:17 · Oct 22, 2022 · Oct 22, 2022 · Oct 22, 2022 · Oct 22, 2022
diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -38,7 +38,7 @@ if [ -d "$DIR" ]; then
         logger "Packetbeat found. Not Installing"
         exit 0
 else
-logger "Need assistance? Shoot us an email at [email protected]!"
+logger "Installing Packetbeat"
         if [ ${sys_type} == "yum" ]; then
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-7.16.3-x86_64.rpm ${debug}"
         eval "rpm -vi packetbeat-7.16.3-x86_64.rpm ${debug}"
@@ -49,4 +49,5 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         fi
     fi
-    service packetbeat restart
+    service packetbeat restart
+    logger "Need assistance? Shoot us an email at [email protected]!"
diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -43,12 +43,10 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-7.16.3-x86_64.rpm ${debug}"
         eval "rpm -vi packetbeat-7.16.3-x86_64.rpm ${debug}"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
-        #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         elif [ ${sys_type} == "apt-get" ]; then
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-7.16.3-amd64.deb ${debug}"
         eval "dpkg -i packetbeat-7.16.3-amd64.deb ${debug}"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
-        #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         fi
     fi
     service packetbeat restart
diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -50,6 +50,5 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         fi
-        service packetbeat restart
     fi
-fi
+    service packetbeat restart
diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -40,13 +40,13 @@ if [ -d "$DIR" ]; then
 else
 logger "Need assistance? Shoot us an email at [email protected]!"
         if [ ${sys_type} == "yum" ]; then
-        eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-x86_64.rpm ${debug}"
-        eval "rpm -vi packetbeat-8.4.3-x86_64.rpm ${debug}"
+        eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-7.16.3-x86_64.rpm ${debug}"
+        eval "rpm -vi packetbeat-7.16.3-x86_64.rpm ${debug}"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         elif [ ${sys_type} == "apt-get" ]; then
-        eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-amd64.deb ${debug}"
-        eval "dpkg -i packetbeat-8.4.3-amd64.deb ${debug}"
+        eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-7.16.3-amd64.deb ${debug}"
+        eval "dpkg -i packetbeat-7.16.3-amd64.deb ${debug}"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         fi

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -42,7 +42,6 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         if [ ${sys_type} == "yum" ]; then
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-x86_64.rpm ${debug}"
         eval "rpm -vi packetbeat-8.4.3-x86_64.rpm ${debug}"
-        install_result="${PIPESTATUS[0]}"
         eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         elif [ ${sys_type} == "apt-get" ]; then

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -43,13 +43,12 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-x86_64.rpm ${debug}"
         eval "rpm -vi packetbeat-8.4.3-x86_64.rpm ${debug}"
         install_result="${PIPESTATUS[0]}"
-        eval "wget --auth-no-challenge --user ${USER} --password "${PASS}" ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
+        eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         elif [ ${sys_type} == "apt-get" ]; then
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-amd64.deb ${debug}"
         eval "dpkg -i packetbeat-8.4.3-amd64.deb ${debug}"
-        install_result="${PIPESTATUS[0]}"
-        eval "wget --auth-no-challenge --user ${USER} --password "${PASS}" ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
+        eval "wget ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
         #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         fi
         service packetbeat restart

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -1,8 +1,6 @@
 #!/bin/bash
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-USER="freetiersocfortress"
-PASS="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"
-PACKETBEAT_YAML="https://raw.githubusercontent.com/socfortress/Free-Tier/main/Config%20Files/packetbeat.yml"
+PACKETBEAT_YAML="https://raw.githubusercontent.com/socfortress/Wazuh-Rules/main/Packetbeat/packetbeat.yml"
 
 logger() {
 

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -4,6 +4,26 @@ USER="freetiersocfortress"
 PASS="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"
 PACKETBEAT_YAML="https://raw.githubusercontent.com/socfortress/Free-Tier/main/Config%20Files/packetbeat.yml"
 
+logger() {
+
+    now=$(date +'%m/%d/%Y %H:%M:%S')
+    case $1 in 
+        "-e")
+            mtype="ERROR:"
+            message="$2"
+            ;;
+        "-w")
+            mtype="WARNING:"
+            message="$2"
+            ;;
+        *)
+            mtype="INFO:"
+            message="$1"
+            ;;
+    esac
+    echo $now $mtype $message
+}
+
 if [ -n "$(command -v yum)" ]; then
     sys_type="yum"
     sep="-"

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -26,7 +26,7 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         eval "rpm -vi packetbeat-8.4.3-x86_64.rpm ${debug}"
         install_result="${PIPESTATUS[0]}"
         eval "wget --auth-no-challenge --user ${USER} --password "${PASS}" ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
-        eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
+        #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         elif [ ${sys_type} == "apt-get" ]; then
         eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-amd64.deb ${debug}"
         eval "dpkg -i packetbeat-8.4.3-amd64.deb ${debug}"

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -32,7 +32,7 @@ logger "Need assistance? Shoot us an email at [email protected]!"
         eval "dpkg -i packetbeat-8.4.3-amd64.deb ${debug}"
         install_result="${PIPESTATUS[0]}"
         eval "wget --auth-no-challenge --user ${USER} --password "${PASS}" ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
-        eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
+        #eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
         fi
         service packetbeat restart
     fi

diff --git a/packetbeat_install.sh b/packetbeat_install.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+USER="freetiersocfortress"
+PASS="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"
+PACKETBEAT_YAML="https://raw.githubusercontent.com/socfortress/Free-Tier/main/Config%20Files/packetbeat.yml"
+
+if [ -n "$(command -v yum)" ]; then
+    sys_type="yum"
+    sep="-"
+elif [ -n "$(command -v zypper)" ]; then
+    sys_type="zypper"   
+    sep="-"  
+elif [ -n "$(command -v apt-get)" ]; then
+    sys_type="apt-get"   
+    sep="="
+fi
+
+DIR="/etc/packetbeat"
+if [ -d "$DIR" ]; then
+        logger "Packetbeat found. Not Installing"
+        exit 0
+else
+logger "Need assistance? Shoot us an email at [email protected]!"
+        if [ ${sys_type} == "yum" ]; then
+        eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-x86_64.rpm ${debug}"
+        eval "rpm -vi packetbeat-8.4.3-x86_64.rpm ${debug}"
+        install_result="${PIPESTATUS[0]}"
+        eval "wget --auth-no-challenge --user ${USER} --password "${PASS}" ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
+        eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
+        elif [ ${sys_type} == "apt-get" ]; then
+        eval "curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-8.4.3-amd64.deb ${debug}"
+        eval "dpkg -i packetbeat-8.4.3-amd64.deb ${debug}"
+        install_result="${PIPESTATUS[0]}"
+        eval "wget --auth-no-challenge --user ${USER} --password "${PASS}" ${PACKETBEAT_YAML} -O /etc/packetbeat/packetbeat.yml ${debug}"
+        eval "dos2unix /etc/packetbeat/packetbeat.yml ${debug}"
+        fi
+        service packetbeat restart
+    fi
+fi
No results found