CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added Watch Statements

Browse Source
This commit is contained in:
Mike Reeves
2018-11-13 13:40:25 -05:00
parent a70b7ed3de
commit 2a300263e1
5 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/bro/init.sls
View File

@@ -76,6 +76,10 @@ so-bro:
- /opt/so/conf/bro/policy/custom:/opt/bro/share/bro/policy/custom:ro - /opt/so/conf/bro/policy/custom:/opt/bro/share/bro/policy/custom:ro
- /opt/so/conf/bro/policy/intel:/opt/bro/share/bro/policy/intel:rw - /opt/so/conf/bro/policy/intel:/opt/bro/share/bro/policy/intel:rw
- network_mode: host - network_mode: host
- watch:
- file: /opt/so/conf/bro/local.bro
- file: /opt/so/conf/bro/node.cfg
- file: /opt/so/conf/bro/policy/*
{% else %} {% else %}
localbrosync: localbrosync:
@@ -99,5 +103,10 @@ so-bro:
- /opt/so/conf/bro/policy/custom:/opt/bro/share/bro/policy/custom:ro - /opt/so/conf/bro/policy/custom:/opt/bro/share/bro/policy/custom:ro
- /opt/so/conf/bro/policy/intel:/opt/bro/share/bro/policy/intel:rw - /opt/so/conf/bro/policy/intel:/opt/bro/share/bro/policy/intel:rw
- network_mode: host - network_mode: host
- watch:
- file: /opt/so/conf/bro/local.bro
- file: /opt/so/conf/bro/node.cfg
- file: /opt/so/conf/bro/policy/*
{% endif %} {% endif %}

2
salt/common/init.sls
View File

@@ -127,3 +127,5 @@ so-core:
- port_bindings: - port_bindings:
- 80:80 - 80:80
- 443:443 - 443:443
- watch:
- file: /opt/so/conf/nginx/nginx.conf

2
salt/filebeat/init.sls
View File

@@ -64,3 +64,5 @@ so-filebeat:
- /opt/so/conf/filebeat/etc/pki/filebeat.crt:/usr/share/filebeat/filebeat.crt:ro - /opt/so/conf/filebeat/etc/pki/filebeat.crt:/usr/share/filebeat/filebeat.crt:ro
- /opt/so/conf/filebeat/etc/pki/filebeat.key:/usr/share/filebeat/filebeat.key:ro - /opt/so/conf/filebeat/etc/pki/filebeat.key:/usr/share/filebeat/filebeat.key:ro
- /etc/ssl/certs/intca.crt:/usr/share/filebeat/intraca.crt:ro - /etc/ssl/certs/intca.crt:/usr/share/filebeat/intraca.crt:ro
- watch:
- file: /opt/so/conf/filebeat/etc/filebeat.yml

8
salt/suricata/init.sls
View File

@@ -14,6 +14,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
{% set interface = salt['pillar.get']('sensor:interface', 'bond0') %} {% set interface = salt['pillar.get']('sensor:interface', 'bond0') %}
{%- set BROVER = salt['pillar.get']('static:broversion', 'COMMUNITY') %}
# Suricata # Suricata
@@ -60,7 +61,11 @@ surirulesync:
suriconfigsync: suriconfigsync:
file.managed: file.managed:
- name: /opt/so/conf/suricata/suricata.yaml - name: /opt/so/conf/suricata/suricata.yaml
{%- if BROVER != SURICATA %}
- source: salt://suricata/files/suricata.yaml - source: salt://suricata/files/suricata.yaml
{%- else %}
- source: salt://suricata/files/suricataMETA.yaml
{%- endif %}
- user: 940 - user: 940
- group: 940 - group: 940
- template: jinja - template: jinja
@@ -76,3 +81,6 @@ so-suricata:
- /opt/so/conf/suricata/rules:/etc/suricata/rules:ro - /opt/so/conf/suricata/rules:/etc/suricata/rules:ro
- /opt/so/log/suricata/:/var/log/suricata/:rw - /opt/so/log/suricata/:/var/log/suricata/:rw
- network_mode: host - network_mode: host
- watch:
- file: /opt/so/conf/suricata/suricata.yaml
- file: /opt/so/conf/rules/all.rules

3
salt/top.sls
View File

@@ -1,3 +1,4 @@
{%- set BROVER = salt['pillar.get']('static:broversion', 'COMMUNITY') %}
base: base:
'G@role:so-sensor': 'G@role:so-sensor':
- ssl - ssl
@@ -5,7 +6,9 @@ base:
- firewall - firewall
- pcap - pcap
- suricata - suricata
{%- if BROVER != SURICATA %}
- bro - bro
{%- endif %}
- filebeat - filebeat
'G@role:so-eval': 'G@role:so-eval':