Logstash Module - Added Redis Docker

2025-12-06 09:12:45 +01:00 · 2018-04-19 14:41:25 -04:00
parent a57f44a022
commit 1621b3bf02
5 changed files with 1373 additions and 1 deletions
--- a/salt/logstash/files/dynamic/9999_output_redis.conf
+++ b/salt/logstash/files/dynamic/9999_output_redis.conf
@@ -1,6 +1,6 @@
 output {
 	redis {
-		host => 'redis'
+		host => 'so-redis'
 		data_type => 'list'
 		key => 'logstash:redis'
 		congestion_interval => 1
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -93,6 +93,7 @@ so-logstash:
    - environment:
      - LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }}
    - port_bindings:
+      - {{ lsaccessip }}:514:514
      - {{ lsaccessip }}:5044:5044
      - {{ lsaccessip }}:6050:6050
      - {{ lsaccessip }}:6051:6051
--- a/salt/redis/etc/redis.conf
+++ b/salt/redis/etc/redis.conf
--- a/salt/redis/init.sls
+++ b/salt/redis/init.sls
@@ -0,0 +1,54 @@
+# Copyright 2014,2015,2016,2017,2018 Security Onion Solutions, LLC
+
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# IDSTools Setup
+redisconfdir:
+  file.directory:
+    - name: /opt/so/conf/redis/etc
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+redisworkdir:
+  file.directory:
+    - name: /opt/so/conf/redis/working
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+redisconfsync:
+  file.recurse:
+    - name: /opt/so/conf/redis/etc
+    - source: salt://redis/etc
+    - user: 939
+    - group: 939
+    - template: jinja
+
+redis:latest:
+  docker_image.present
+
+so-redis:
+  docker_container.running:
+    - image: redis:latest
+    - hostname: so-redis
+    - user: socore
+    - port_bindings:
+      - {{ lsaccessip }}:6379:6379
+    - binds:
+      - /opt/so/log/redis:/var/log/redis:rw
+      - /opt/so/conf/redis/etc/redis.conf:/usr/local/etc/redis/redis.conf:ro
+      - /opt/so/conf/redis/working:/redis:rw
+    - entrypoint: "redis-server /usr/local/etc/redis/redis.conf"
+    - network_mode: so-elastic-net
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -15,6 +15,7 @@ base:
    - common
    - master
    - idstools
+    - redis
    - elasticsearch
    - logstash