fix pcap paths

salt/sensoroni/enabled.sls

@@ -23,6 +23,9 @@ so-sensoroni:
       - /opt/so/conf/sensoroni/sensoroni.json:/opt/sensoroni/sensoroni.json:ro
       - /opt/so/conf/sensoroni/analyzers:/opt/sensoroni/analyzers:rw
       - /opt/so/log/sensoroni:/opt/sensoroni/logs:rw
+      {% if GLOBALS.pcap_engine == "SURICATA" %}
+      - /nsm/suripcap/:/nsm/suripcap:rw
+      {% endif %}
       {% if DOCKER.containers['so-sensoroni'].custom_bind_mounts %}
         {% for BIND in DOCKER.containers['so-sensoroni'].custom_bind_mounts %}
       - {{ BIND }}

salt/suricata/defaults.yaml

@@ -137,7 +137,7 @@ suricata:
         max-files: 10
         use-stream-depth: "no"
         conditional: "all"
-        dir: "/nsm/pcap"
+        dir: "/nsm/suripcap"
       alert-debug:
         enabled: "no"
       alert-prelude:

salt/suricata/enabled.sls

@@ -36,7 +36,7 @@ so-suricata:
       - /nsm/suricata/extracted:/var/log/suricata//filestore:rw
       - /opt/so/conf/suricata/bpf:/etc/suricata/bpf:ro
       {% if GLOBALS.pcap_engine == "SURICATA" %}
-      - /nsm/suripcap/:/nsm/pcap:rw
+      - /nsm/suripcap/:/nsm/suripcap:rw
       {% endif %}
       {% if DOCKER.containers['so-suricata'].custom_bind_mounts %}
         {% for BIND in DOCKER.containers['so-suricata'].custom_bind_mounts %}