CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-23 16:33:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

do not start elastalert if elasticsearch is not v8

Browse Source
This commit is contained in:
m0duspwnens
2022-07-13 11:21:27 -04:00
parent 7ae5d49a4a
commit 086cf3996d
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/elastalert/init.sls
View File

@@ -107,6 +107,10 @@ wait_for_elasticsearch:
cmd.run:
- name: so-elasticsearch-wait
is_elasticsearch_v8:
cmd.shell:
- name: "so-elasticsearch-query / | jq -r '.version.number[0:1]' | grep -q 8" #if not 8 do not start ES
so-elastalert:
docker_container.running:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elastalert:{{ VERSION }}
@@ -123,6 +127,7 @@ so-elastalert:
- {{MANAGER_URL}}:{{MANAGER_IP}}
- require:
- cmd: wait_for_elasticsearch
- cmd: is_elasticsearch_v8
- file: elastarules
- file: elastalogdir
- file: elastacustmodulesdir