CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

corrections to allowed_states

Browse Source
This commit is contained in:
Josh Patterson
2025-05-28 13:34:17 -04:00
parent 502e1e1f1b
commit 05dfce62fb
1 changed files with 10 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
salt/allowed_states.map.jinja
View File

@@ -47,7 +47,9 @@
'pcap', 'pcap',
'suricata', 'suricata',
'healthcheck', 'healthcheck',
'tcpreplay' 'tcpreplay',
'zeek',
'strelka'
] %} ] %}
{% set kafka_states = [ {% set kafka_states = [
@@ -78,14 +80,12 @@
ssl_states + ssl_states +
manager_states + manager_states +
sensor_states + sensor_states +
elastic_stack_states elastic_stack_states | reject('equalto', 'logstash') | list
), ),
'so-heavynode': ( 'so-heavynode': (
ssl_states + ssl_states +
sensor_states + sensor_states +
['elasticagent', 'zeek', 'strelka'] + ['elasticagent', 'elasticsearch', 'logstash', 'redis', 'nginx']
['elasticsearch', 'logstash', 'redis'] +
stig_states
), ),
'so-idh': ( 'so-idh': (
ssl_states + ssl_states +
@@ -94,9 +94,8 @@
'so-import': ( 'so-import': (
ssl_states + ssl_states +
manager_states + manager_states +
sensor_states + sensor_states | reject('equalto', 'strelka') | reject('equalto', 'healthcheck') | list +
['zeek'] + ['elasticsearch', 'elasticsearch.auth', 'kibana', 'kibana.secrets', 'strelka.manager']
['elasticsearch', 'elasticsearch.auth', 'kibana', 'kibana.secrets']
), ),
'so-manager': ( 'so-manager': (
ssl_states + ssl_states +
@@ -124,7 +123,7 @@
), ),
'so-searchnode': ( 'so-searchnode': (
ssl_states + ssl_states +
['kafka.ca', 'kafka.ssl', 'elasticsearch', 'logstash'] + ['kafka.ca', 'kafka.ssl', 'elasticsearch', 'logstash', 'nginx'] +
stig_states stig_states
), ),
'so-standalone': ( 'so-standalone': (
@@ -133,13 +132,12 @@
sensor_states + sensor_states +
stig_states + stig_states +
kafka_states + kafka_states +
elastic_stack_states + elastic_stack_states
['zeek', 'strelka']
), ),
'so-sensor': ( 'so-sensor': (
ssl_states + ssl_states +
sensor_states + sensor_states +
['nginx', 'zeek', 'strelka'] + ['nginx'] +
stig_states stig_states
), ),
'so-fleet': ( 'so-fleet': (