CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 19:22:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix bindings

Browse Source
This commit is contained in:
Josh Brower
2024-02-02 18:25:54 -05:00
parent 8f81c9eb68
commit 378c99ae88
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
salt/soc/defaults.yaml
View File

@@ -1004,8 +1004,8 @@ soc:
hostUrl:
elastalertengine:
communityRulesImportFrequencySeconds: 180
elastAlertRulesFolder: /opt/so/rules/elastalert
rulesFingerprintFile: /opt/so/conf/soc/sigma.fingerprint
elastAlertRulesFolder: /opt/sensoroni/elastalert
rulesFingerprintFile: /opt/sensoroni/fingerprints/sigma.fingerprint
sigmaRulePackages: all
elastic:
hostUrl:
@@ -1053,10 +1053,10 @@ soc:
reposFolder: /nsm/rules/strelka/repos
rulesRepos:
- https://github.com/Security-Onion-Solutions/securityonion-yara
yaraRulesFolder: /opt/so/conf/strelka/rules
yaraRulesFolder: /opt/sensoroni/yara
suricataengine:
communityRulesFile: /nsm/rules/suricata/emerging-all.rules
rulesFingerprintFile: /opt/so/conf/soc/emerging-all.fingerprint
rulesFingerprintFile: /opt/sensoroni/fingerprints/emerging-all.fingerprint
client:
enableReverseLookup: false
docsUrl: /docs/

3
salt/soc/enabled.sls
View File

@@ -23,6 +23,9 @@ so-soc:
- ipv4_address: {{ DOCKER.containers['so-soc'].ip }}
- binds:
- /nsm/rules:/nsm/rules:rw #Need to tighten this up?
- /opt/so/rules/yara:/opt/sensoroni/yara:rw
- /opt/so/rules/elastalert/rules:/opt/sensoroni/elastalert:rw
- /opt/so/conf/soc/fingerprints:/opt/sensoroni/fingerprints:rw
- /nsm/soc/jobs:/opt/sensoroni/jobs:rw
- /nsm/soc/uploads:/nsm/soc/uploads:rw
- /opt/so/log/soc/:/opt/sensoroni/logs/:rw