CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

tests will retry on any rule import failure

Browse Source
This commit is contained in:
Jason Ertel
2024-05-09 14:52:58 -04:00
parent 8364b2a730
commit 074d063fee
2 changed files with 22 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
setup/so-functions
View File

@@ -1259,12 +1259,27 @@ soc_pillar() {
" srvKey: '$SOCSRVKEY'"\
" modules:"\
" elastalertengine:"\
" allowRegex: '$ELASTALERT_ALLOW_REGEX'"\
" allowRegex: '$ELASTALERT_ALLOW_REGEX'" > "$soc_pillar_file"
if [[ -n "$ELASTALERT_FAIL_ERROR_COUNT" ]]; then
printf '%s\n'\
" failAfterConsecutiveErrorCount: $ELASTALERT_FAIL_ERROR_COUNT" >> "$soc_pillar_file"
fi
printf '%s\n'\
" strelkaengine:"\
" allowRegex: '$STRELKA_ALLOW_REGEX'"\
" allowRegex: '$STRELKA_ALLOW_REGEX'" >> "$soc_pillar_file"
if [[ -n "$STRELKA_FAIL_ERROR_COUNT" ]]; then
printf '%s\n'\
" failAfterConsecutiveErrorCount: $STRELKA_FAIL_ERROR_COUNT" >> "$soc_pillar_file"
fi
printf '%s\n'\
" suricataengine:"\
" allowRegex: '$SURICATA_ALLOW_REGEX'"\
"" > "$soc_pillar_file"
" allowRegex: '$SURICATA_ALLOW_REGEX'" >> "$soc_pillar_file"
if [[ -n "$SURICATA_FAIL_ERROR_COUNT" ]]; then
printf '%s\n'\
" failAfterConsecutiveErrorCount: $SURICATA_FAIL_ERROR_COUNT" >> "$soc_pillar_file"
fi
if [[ $telemetry -ne 0 ]]; then
echo " telemetryEnabled: false" >> $soc_pillar_file