CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ensure so-yara-updata script is logging to a file during cron job execution

Browse Source
This commit is contained in:
Jason Ertel
2020-12-11 10:04:38 -05:00
parent 25f2075e22
commit 14f28e38be
2 changed files with 13 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/common/tools/sbin/so-yara-update
View File

@@ -27,6 +27,7 @@ updatecounter=0
{% if ISAIRGAP is sameas true %} {% if ISAIRGAP is sameas true %}
echo "Updating rules in airgap mode..."
clone_dir="/nsm/repo/rules/strelka" clone_dir="/nsm/repo/rules/strelka"
repo_name="signature-base" repo_name="signature-base"
@@ -87,6 +88,8 @@ echo "Done!"
{% else %} {% else %}
echo "Starting to update rules..."
gh_status=$(curl -s -o /dev/null -w "%{http_code}" http://github.com) gh_status=$(curl -s -o /dev/null -w "%{http_code}" http://github.com)
clone_dir="/tmp" clone_dir="/tmp"
if [ "$gh_status" == "200" ] || [ "$gh_status" == "301" ]; then if [ "$gh_status" == "200" ] || [ "$gh_status" == "301" ]; then

2
salt/manager/init.sls
View File

@@ -91,7 +91,7 @@ append_so-aptcacherng_so-status.conf:
strelka_yara_update: strelka_yara_update:
cron.present: cron.present:
- user: root - user: root
- name: '/usr/sbin/so-yara-update > /dev/null 2>&1' - name: '/usr/sbin/so-yara-update >> /nsm/strelka/log/yara-update.log 2>&1'
- hour: '7' - hour: '7'
- minute: '1' - minute: '1'
{% else %} {% else %}