Merge remote-tracking branch 'remotes/origin/dev' into feature/suripillar

salt/suricata/cron/surilogcompress

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+# Gzip the eve logs
+find /nsm/suricata/eve*.json -type f -printf '%T@\t%p\n' | sort -t $'\t' -g |  head -n -1 |  cut -d $'\t' -f 2- | xargs nice gzip
+
+# TODO Add stats log

salt/suricata/init.sls

@@ -71,6 +71,21 @@ surirulesync:
     - user: 940
     - group: 940
 
+surilogscript:
+  file.managed:
+    - name: /usr/local/bin/surilogcompress
+    - source: salt://suricata/cron/surilogcompress
+    - mode: 755
+
+/usr/local/bin/surilogcompress:
+  cron.present:
+    - user: suricata
+    - minute: '17'
+    - hour: '*'
+    - daymonth: '*'
+    - month: '*'
+    - dayweek: '*'
+
 suriconfigsync:
   file.managed:
     - name: /opt/so/conf/suricata/suricata.yaml