forked from tsigouris007/Falcon-CrowdStrike-SIEM-Connector
-
Notifications
You must be signed in to change notification settings - Fork 0
/
entrypoint.sh
executable file
·39 lines (30 loc) · 1.21 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/bin/bash
WORKDIR="/home/user"
CONFIGDIR="/opt/crowdstrike/etc"
CONFIG="cs.falconhoseclient.cfg"
# Read the .env file properties
F_CLIENT_ID="$(grep CLIENT_ID .env | awk -F'=' '{print $2}')"
F_CLIENT_SECRET="$(grep CLIENT_SECRET .env | awk -F'=' '{print $2}')"
F_API_BASE_URL="$(grep API_BASE_URL .env | awk -F'=' '{print $2}')"
# Set the necessary variables
if [ -n "$F_CLIENT_ID" ] && [ -z "$CLIENT_ID" ]; then
CLIENT_ID="$(echo $F_CLIENT_ID)"
fi
if [ -n "$F_CLIENT_SECRET" ] && [ -z "$CLIENT_SECRET" ]; then
CLIENT_SECRET="$(echo $F_CLIENT_SECRET)"
fi
if [ -n "$F_API_BASE_URL" ] && [ -z "$API_BASE_URL" ]; then
API_BASE_URL="$(echo $F_API_BASE_URL)"
fi
if [ -z "$CLIENT_ID" ] || [ -z "$CLIENT_SECRET" ] || [ -z "$API_BASE_URL" ]; then
echo "[-] Please define CLIENT_ID, CLIENT_SECRET, API_BASE_URL."
exit 1
fi
if [ -z "$LOG_DIR" ] && [ -z "$LOG_FILE" ]; then
LOG_DIR=""
LOG_FILE="/dev/stdout"
fi
# Substitute things properly
export $(echo "CLIENT_ID=$CLIENT_ID CLIENT_SECRET=$CLIENT_SECRET API_BASE_URL=$API_BASE_URL LOG_DIR=$LOG_DIR LOG_FILE=$LOG_FILE") && envsubst < "${WORKDIR}/${CONFIG}.template" > "${CONFIGDIR}/${CONFIG}"
# Run the client
cs.falconhoseclient -nodaemon -config="${CONFIGDIR}/${CONFIG}" 2>&1