CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add Suricata

Browse Source
This commit is contained in:
Mike Reeves
2023-05-24 09:35:50 -04:00
parent c42959d040
commit 2c4ba2e8b2
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
salt/suricata/enabled.sls
View File

@@ -17,6 +17,11 @@ so-suricata:
- privileged: True - privileged: True
- environment: - environment:
- INTERFACE={{ GLOBALS.sensor.interface }} - INTERFACE={{ GLOBALS.sensor.interface }}
{% if DOCKER.containers['so-suricata'].extra_env %}
{% for XTRAENV in DOCKER.containers['so-suricata'].extra_env %}
- {{ XTRAENV }}
{% endfor %}
{% endif %}
- binds: - binds:
- /opt/so/conf/suricata/suricata.yaml:/etc/suricata/suricata.yaml:ro - /opt/so/conf/suricata/suricata.yaml:/etc/suricata/suricata.yaml:ro
- /opt/so/conf/suricata/threshold.conf:/etc/suricata/threshold.conf:ro - /opt/so/conf/suricata/threshold.conf:/etc/suricata/threshold.conf:ro
@@ -25,7 +30,18 @@ so-suricata:
- /nsm/suricata/:/nsm/:rw - /nsm/suricata/:/nsm/:rw
- /nsm/suricata/extracted:/var/log/suricata//filestore:rw - /nsm/suricata/extracted:/var/log/suricata//filestore:rw
- /opt/so/conf/suricata/bpf:/etc/suricata/bpf:ro - /opt/so/conf/suricata/bpf:/etc/suricata/bpf:ro
{% if DOCKER.containers['so-suricata'].custom_bind_mounts %}
{% for BIND in DOCKER.containers['so-suricata'].custom_bind_mounts %}
- {{ BIND }}
{% endfor %}
{% endif %}
- network_mode: host - network_mode: host
{% if DOCKER.containers['so-suricata'].extra_hosts %}
- extra_hosts:
{% for XTRAHOST in DOCKER.containers['so-suricata'].extra_hosts %}
- {{ XTRAHOST }}
{% endfor %}
{% endif %}
- watch: - watch:
- file: suriconfig - file: suriconfig
- file: surithresholding - file: surithresholding