Fixing Velociraptor

ESXi/ansible/roles/logger/tasks/main.yml

@@ -394,17 +394,28 @@
   become: yes
   shell: |
     echo "[$(date +%H:%M:%S)]: Installing Velociraptor..."
-    mkdir /opt/install_velociraptor
+    mkdir /opt/velociraptor
     echo "[$(date +%H:%M:%S)]: Attempting to determine the URL for the latest release of Velociraptor"
     LATEST_VELOCIRAPTOR_LINUX_URL=$(curl -sL https://github.com/Velocidex/velociraptor/releases/latest | grep 'linux-amd64' | grep -Eo "/(?[^\"]+)" | grep amd | sed 's#^#https://github.com#g')
     echo "[$(date +%H:%M:%S)]: The URL for the latest release was extracted as $LATEST_VELOCIRAPTOR_LINUX_URL"
     echo "[$(date +%H:%M:%S)]: Attempting to download..."
-    wget -P --progress=bar:force /opt/velociraptor "$LATEST_VELOCIRAPTOR_LINUX_URL"
+    wget -P /opt/velociraptor --progress=bar:force "$LATEST_VELOCIRAPTOR_LINUX_URL"
     if [ "$(file /opt/velociraptor/velociraptor*linux-amd64 | grep -c 'ELF 64-bit LSB executable')" -eq 1 ]; then
       echo "[$(date +%H:%M:%S)]: Velociraptor successfully downloaded!"
     else
       echo "[$(date +%H:%M:%S)]: Failed to download the latest version of Velociraptor. Please open a DetectionLab issue on Github."
-      return
+    fi
+    cd /opt/velociraptor || exit 1
+    mv velociraptor-*-linux-amd64 velociraptor
+    chmod +x velociraptor
+    cp /vagrant/resources/velociraptor/server.config.yaml /opt/velociraptor
+    echo "[$(date +%H:%M:%S)]: Creating Velociraptor dpkg..."
+    ./velociraptor --config /opt/velociraptor/server.config.yaml debian server
+    echo "[$(date +%H:%M:%S)]: Installing the dpkg..."
+    if dpkg -i velociraptor_*_server.deb >/dev/null; then
+      echo "[$(date +%H:%M:%S)]: Installation complete!"
+    else
+      echo "[$(date +%H:%M:%S)]: Failed to install the dpkg"
     fi
 
 - name: Install Suricata