CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9315 from Security-Onion-Solutions/jertel/surifilecheck

Browse Source 
Suricata support for filecheck; reduce cron noise
This commit is contained in:
Jason Ertel
2022-12-07 08:17:19 -05:00
committed by GitHub
parent e3c1b6dbba 7b05627d5c
commit 35ca08ea88
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/strelka/init.sls
View File

@@ -173,12 +173,19 @@ filecheck_script:
filecheck_restart: filecheck_restart:
cmd.run: cmd.run:
- name: pkill -f "python3 /opt/so/conf/strelka/filecheck" - name: pkill -f "python3 /opt/so/conf/strelka/filecheck"
- hide_output: True
- success_retcodes: [0,1]
- onchanges: - onchanges:
- file: filecheck_script - file: filecheck_script
filecheck_oldcronremoval:
cron.absent:
- name: 'ps -ef | grep filecheck | grep -v grep || python3 /opt/so/conf/strelka/filecheck >> /opt/so/log/strelka/filecheck_stdout.log 2>&1 &'
- user: {{ filecheck_runas }}
filecheck_run: filecheck_run:
cron.present: cron.present:
- name: 'ps -ef | grep filecheck | grep -v grep || python3 /opt/so/conf/strelka/filecheck >> /opt/so/log/strelka/filecheck_stdout.log 2>&1 &' - name: 'pgrep -f "python3 /opt/so/conf/strelka/filecheck" &> /dev/null || python3 /opt/so/conf/strelka/filecheck >> /opt/so/log/strelka/filecheck_stdout.log 2>&1 &'
- user: {{ filecheck_runas }} - user: {{ filecheck_runas }}
filcheck_history_clean: filcheck_history_clean: