CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Airgap support

Browse Source
This commit is contained in:
defensivedepth
2024-09-24 12:04:24 -04:00
parent 5286739414
commit 01f87218de
2 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/manager/tools/sbin/soup
View File

@@ -888,6 +888,12 @@ update_airgap_rules() {
rsync -av $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/ rsync -av $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/
rsync -av $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/ rsync -av $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/
rsync -av $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/ rsync -av $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/
# Checkout the stable summaries branch and copy them over for SOC
git -C $UPDATE_DIR/agrules/securityonion-resources/ checkout generated-summaries-stable
rsync -av $UPDATE_DIR/agrules/securityonion-resources/* /opt/so/conf/soc/ai_summary_repos
# Checkout the main branch and copy them over to nsm
git -C $UPDATE_DIR/agrules/securityonion-resources/ checkout main
rsync -av $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/
} }
update_airgap_repo() { update_airgap_repo() {

5
setup/so-functions
View File

@@ -42,9 +42,10 @@ logCmd() {
### End Logging Section ### ### End Logging Section ###
airgap_rules() { airgap_rules() {
# Copy the rules for suricata if using Airgap # Copy the rules for detections if using Airgap
mkdir -p /nsm/rules mkdir -p /nsm/rules
cp -Rv /root/SecurityOnion/agrules/* /nsm/rules/ rsync -av --exclude='securityonion-resources' /root/SecurityOnion/agrules/ /nsm/rules/
rsync -av /root/SecurityOnion/agrules/securityonion-resources/ /nsm/
} }
add_admin_user() { add_admin_user() {