CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Start using so-elastic-agent container

Browse Source
This commit is contained in:
Josh Brower
2022-09-14 10:33:27 -04:00
parent 6945596eee
commit 334a0d7b1c
2 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
salt/elastic-fleet/init.sls
View File

@@ -10,15 +10,39 @@
{% set FLEETSERVERPOLICY = salt['pillar.get']('elasticfleet:server:server_policy','so-manager') %}
{% set FLEETURL = salt['pillar.get']('elasticfleet:server:url') %}
elasticfleetdir:
# Add EA Group
elasticsagentgroup:
group.present:
- name: elastic-agent
- gid: 947
# Add EA user
elastic-agent:
user.present:
- uid: 947
- gid: 947
- home: /opt/so/conf/elastic-fleet
- createhome: False
eaconfdir:
file.directory:
- name: /opt/so/conf/elastic-fleet
- user: 947
- group: 939
- makedirs: True
eastatedir:
file.directory:
- name: /opt/so/conf/elastic-fleet/state
- user: 947
- group: 939
- makedirs: True
{% if SERVICETOKEN != '' %}
so-elastic-fleet:
docker_container.running:
- image: docker.elastic.co/beats/elastic-agent:8.4.1
- image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-elastic-agent:{{ GLOBALS.so_version }}
- name: so-elastic-fleet
- hostname: Fleet-{{ GLOBALS.hostname }}
- detach: True

2
salt/ssl/init.sls
View File

@@ -210,7 +210,7 @@ chownilogstashelasticfleetp8:
- replace: False
- name: /etc/pki/elasticfleet.p8
- mode: 640
- user: 931
- user: 947
- group: 939
# Create Symlinks to the keys so I can distribute it to all the things