mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-09 18:52:52 +01:00
configure and enable/disable sensoroni via ui
This commit is contained in:
m0duspwnens
@@ -1,79 +1,13 @@
|
||||
{% from 'vars/globals.map.jinja' import GLOBALS %}
|
||||
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
|
||||
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
|
||||
# https://securityonion.net/license; you may not use this file except in compliance with the
|
||||
# Elastic License 2.0.
|
||||
|
||||
sensoroniconfdir:
|
||||
file.directory:
|
||||
- name: /opt/so/conf/sensoroni
|
||||
- user: 939
|
||||
- group: 939
|
||||
- makedirs: True
|
||||
{% from 'sensoroni/map.jinja' import SENSORONIMERGED %}
|
||||
|
||||
sensoroniagentconf:
|
||||
file.managed:
|
||||
- name: /opt/so/conf/sensoroni/sensoroni.json
|
||||
- source: salt://sensoroni/files/sensoroni.json
|
||||
- user: 939
|
||||
- group: 939
|
||||
- mode: 600
|
||||
- template: jinja
|
||||
|
||||
analyzersdir:
|
||||
file.directory:
|
||||
- name: /opt/so/conf/sensoroni/analyzers
|
||||
- user: 939
|
||||
- group: 939
|
||||
- makedirs: True
|
||||
|
||||
sensoronilog:
|
||||
file.directory:
|
||||
- name: /opt/so/log/sensoroni
|
||||
- user: 939
|
||||
- group: 939
|
||||
- makedirs: True
|
||||
|
||||
analyzerscripts:
|
||||
file.recurse:
|
||||
- name: /opt/so/conf/sensoroni/analyzers
|
||||
- user: 939
|
||||
- group: 939
|
||||
- file_mode: 755
|
||||
- template: jinja
|
||||
- source: salt://sensoroni/files/analyzers
|
||||
|
||||
sensoroni_sbin:
|
||||
file.recurse:
|
||||
- name: /usr/sbin
|
||||
- source: salt://sensoroni/tools/sbin
|
||||
- user: 939
|
||||
- group: 939
|
||||
- file_mode: 755
|
||||
|
||||
#sensoroni_sbin_jinja:
|
||||
# file.recurse:
|
||||
# - name: /usr/sbin
|
||||
# - source: salt://sensoroni/tools/sbin_jinja
|
||||
# - user: 939
|
||||
# - group: 939
|
||||
# - file_mode: 755
|
||||
# - template: jinja
|
||||
|
||||
so-sensoroni:
|
||||
docker_container.running:
|
||||
- image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-soc:{{ GLOBALS.so_version }}
|
||||
- network_mode: host
|
||||
- binds:
|
||||
- /opt/so/conf/steno/certs:/etc/stenographer/certs:rw
|
||||
- /nsm/pcap:/nsm/pcap:rw
|
||||
- /nsm/import:/nsm/import:rw
|
||||
- /nsm/pcapout:/nsm/pcapout:rw
|
||||
- /opt/so/conf/sensoroni/sensoroni.json:/opt/sensoroni/sensoroni.json:ro
|
||||
- /opt/so/conf/sensoroni/analyzers:/opt/sensoroni/analyzers:rw
|
||||
- /opt/so/log/sensoroni:/opt/sensoroni/logs:rw
|
||||
- watch:
|
||||
- file: /opt/so/conf/sensoroni/sensoroni.json
|
||||
- require:
|
||||
- file: sensoroniagentconf
|
||||
|
||||
append_so-sensoroni_so-status.conf:
|
||||
file.append:
|
||||
- name: /opt/so/conf/so-status/so-status.conf
|
||||
- text: so-sensoroni
|
||||
include:
|
||||
{% if SENSORONIMERGED.enabled %}
|
||||
- sensoroni.enabled
|
||||
{% else %}
|
||||
- sensoroni.disabled
|
||||
{% endif %}
|
||||
|
||||
Reference in New Issue
Block a user