Is there any programmatic way to accept grid members in 2.4?

[hovisms]

Version

2.4.100

Installation Method

Security Onion ISO image

Description

configuration

Installation Type

Distributed

Location

airgap

Hardware Specs

Meets minimum requirements

CPU

8

RAM

32

Storage for /

163GB

Storage for /nsm

2TB

Network Traffic Collection

span port

Network Traffic Speeds

1Gbps to 10Gbps

Status

Yes, all services on all nodes are running OK

Salt Status

No, there are no failures

Logs

No, there are no additional clues

Detail

I support a project where we deploy/tear-down cyber range environments for test and training. We support deploying Security Onion into those environments. I recently updated our Security Onion logic from 2.3.90 to 2.4.100. My question relates to grid membership in distributed mode. In 2.3, grid members could automatically be added based on credentials. In 2.4 is there any way to auto authenticate/accept pending grid members? I need to avoid the manual action of accepting grid members through the SOC web gui if at all possible. Again, this is not a production environment, so even less than secure methods would be acceptable.

Guidelines

• I have read the discussion guidelines at Read before posting! #1720 and assert that I have followed the guidelines.

[hovisms]

The salt-key -A -y command definitely got the sensor added as a grid member, but did didn't trigger necessary changes on the sensor. After waiting about an hour, running so-status on the sensor still resulted in the output "so-status is not yet available"

However, investigating that let me to the so-minion command. Running so-minion -o=list on the manager gives a list of pending minions. Then running so-minion -o=add -m=<id> for each one listed in category "minion_pre" adds the sensor to the grid and triggers the remaining setup tasks.

This is sufficient to accomplish what I needed. Thanks for pointing me in the right direction.