CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Sensor Changes

Browse Source
This commit is contained in:
Mike Reeves
2018-02-21 12:14:23 -05:00
parent efab67984c
commit 31bda9571a
5 changed files with 91 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/pcap/files/config
+15
View File
@@ -0,0 +1,15 @@
{
"Threads": [
{ "PacketsDirectory": "/nsm/pcap"
, "IndexDirectory": "/nsm/pcapindex"
, "MaxDirectoryFiles": 30000
, "DiskFreePercentage": 5
}
]
, "StenotypePath": "/usr/bin/stenotype"
, "Interface": "em1"
, "Port": 1234
, "Host": "127.0.0.1"
, "Flags": []
, "CertPath": "/etc/stenographer/certs"
}
salt/pcap/init.sls
+15 -4
View File
@@ -15,13 +15,24 @@
# PCAP Section
file.directory:
- name: /opt/so/conf/steno
stenoconfdir:
file.directory:
- name: /opt/so/conf/steno
- user: 941
- group: 939
- makedirs: True
file.directory:
- name: /nsm/pcap
pcapdir:
file.directory:
- name: /nsm/pcap
pcapindexdir:
file.directory:
- name: /nsm/pcapindex
so-steno:
dockerng.running:
- image: pillaritem/so-steno
- network_mode: host
- /opt/so/conf/stenographer/certs:/etc/stenographer/certs:rw
- /opt/so/conf/stenographer/config:/etc/stenographer/config:ro