From 7b05627d5ca6b862e249cd517912706892ecac1f Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Wed, 7 Dec 2022 07:58:32 -0500
Subject: [PATCH] Suricata support for filecheck; reduce cron noise

---
 salt/strelka/init.sls | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/salt/strelka/init.sls b/salt/strelka/init.sls
index 502cb2bb7..ded7978d9 100644
--- a/salt/strelka/init.sls
+++ b/salt/strelka/init.sls
@@ -173,12 +173,19 @@ filecheck_script:
 filecheck_restart:
   cmd.run:
     - name: pkill -f "python3 /opt/so/conf/strelka/filecheck"
+    - hide_output: True
+    - success_retcodes: [0,1]
     - onchanges:
       - file: filecheck_script
 
+filecheck_oldcronremoval:
+  cron.absent:
+    - name: 'ps -ef | grep filecheck | grep -v grep || python3 /opt/so/conf/strelka/filecheck >> /opt/so/log/strelka/filecheck_stdout.log 2>&1 &'
+    - user: {{ filecheck_runas }}
+
 filecheck_run:
   cron.present:
-    - name: 'ps -ef | grep filecheck | grep -v grep || python3 /opt/so/conf/strelka/filecheck >> /opt/so/log/strelka/filecheck_stdout.log 2>&1 &'
+    - name: 'pgrep -f "python3 /opt/so/conf/strelka/filecheck" &> /dev/null || python3 /opt/so/conf/strelka/filecheck >> /opt/so/log/strelka/filecheck_stdout.log 2>&1 &'
     - user: {{ filecheck_runas }}
 
 filcheck_history_clean: