CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5911 from Security-Onion-Solutions/tunesteno

Browse Source 
Add Steno Tuning Options
This commit is contained in:
Mike Reeves
2021-10-18 09:01:14 -04:00
committed by GitHub
parent 4016b416ec a9f6c84d7c
commit 00e5b54dda
1 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
salt/pcap/files/config
View File

@@ -1,20 +1,23 @@
{%- set interface = salt['pillar.get']('sensor:interface', 'bond0') %} {%- set INTERFACE = salt['pillar.get']('sensor:interface', 'bond0') %}
{%- set diskfreepercentage = salt['pillar.get']('steno:diskfreepercentage', 10) %} {%- set DISKFREEPERCENTAGE = salt['pillar.get']('steno:diskfreepercentage', 10) %}
{%- set maxfiles = salt['pillar.get']('steno:maxfiles', 30000) %} {%- set MAXFILES = salt['pillar.get']('steno:maxfiles', 30000) %}
{%- set BLOCKS = salt['pillar.get']('steno:blocks', 2048) %}
{%- set FILEMB = salt['pillar.get']('steno:filemb', 4096) %}
{%- set AIOPS = salt['pillar.get']('steno:aiops', 128) %}
{%- set THREADS = salt['pillar.get']('steno:threads', 1) %}
{ {
"Threads": [ "Threads": [
{ "PacketsDirectory": "/nsm/pcap" { "PacketsDirectory": "/nsm/pcap", "IndexDirectory": "/nsm/pcapindex", "MaxDirectoryFiles": {{ MAXFILES }}, "DiskFreePercentage": {{ DISKFREEPERCENTAGE }} }
, "IndexDirectory": "/nsm/pcapindex" {%- if THREADS > 1 %}
, "MaxDirectoryFiles": {{ maxfiles }} {%- for i in range(2,THREADS+1) %}
, "DiskFreePercentage": {{ diskfreepercentage }} , { "PacketsDirectory": "/nsm/pcap" , "IndexDirectory": "/nsm/pcapindex", "MaxDirectoryFiles": {{ MAXFILES }}, "DiskFreePercentage": {{ DISKFREEPERCENTAGE }} }
} {%- endfor %}
{%- endif %}
] ]
, "StenotypePath": "/usr/bin/stenotype" , "StenotypePath": "/usr/bin/stenotype"
, "Interface": "{{ interface }}" , "Interface": "{{ INTERFACE }}"
, "Port": 1234 , "Port": 1234
, "Host": "127.0.0.1" , "Host": "127.0.0.1"
, "Flags": ["-v", "--uid=stenographer", "--gid=stenographer"{{ BPF_COMPILED }}] , "Flags": ["-v", "--blocks={{ BLOCKS }}", "--preallocate_file_mb={{ FILEMB }}", "--aiops={{ AIOPS }}", "--uid=stenographer", "--gid=stenographer"{{ BPF_COMPILED }}]
, "CertPath": "/etc/stenographer/certs" , "CertPath": "/etc/stenographer/certs"
} }