CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-26 22:47:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

https://github.com/Security-Onion-Solutions/securityonion/issues/404

Browse Source
This commit is contained in:
m0duspwnens
2020-07-09 11:27:06 -04:00
parent 2c32c24bf0
commit 3cf31e2460
134 changed files with 609 additions and 609 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/telegraf/etc/telegraf.conf
+5 -5
View File
@@ -13,7 +13,7 @@
# them with $. For strings the variable must be within quotes (ie, "$STR_VAR"),
# for numbers and booleans they should be plain (ie, $INT_VAR, $BOOL_VAR)
{%- set MASTER = grains['master'] %}
{%- set MANAGER = grains['manager'] %}
{% set NODEIP = salt['pillar.get']('elasticsearch:mainip', '') %}
{% set HELIX_API_KEY = salt['pillar.get']('fireeye:helix:api_key', '') %}
{% set UNIQUEID = salt['pillar.get']('sensor:uniqueid', '') %}
@@ -98,7 +98,7 @@
## urls will be written to each interval.
# urls = ["unix:///var/run/influxdb.sock"]
# urls = ["udp://127.0.0.1:8089"]
urls = ["https://{{ MASTER }}:8086"]
urls = ["https://{{ MANAGER }}:8086"]
## The target database for metrics; will be created as needed.
@@ -616,13 +616,13 @@
# # Read stats from one or more Elasticsearch servers or clusters
{% if grains['role'] in ['so-master', 'so-eval', 'so-mastersearch', 'so-standalone'] %}
{% if grains['role'] in ['so-manager', 'so-eval', 'so-managersearch', 'so-standalone'] %}
[[inputs.elasticsearch]]
# ## specify a list of one or more Elasticsearch servers
# # you can add username and password to your url to use basic authentication:
# # servers = ["http://user:pass@localhost:9200"]
servers = ["http://{{ MASTER }}:9200"]
servers = ["http://{{ MANAGER }}:9200"]
{% elif grains['role'] in ['so-node', 'so-hotnode', 'so-warmnode', 'so-heavynode'] %}
[[inputs.elasticsearch]]
servers = ["http://{{ NODEIP }}:9200"]
@@ -666,7 +666,7 @@
# # Read metrics from one or more commands that can output to stdout
# ## Commands array
{% if grains['role'] in ['so-master', 'so-mastersearch'] %}
{% if grains['role'] in ['so-manager', 'so-managersearch'] %}
[[inputs.exec]]
commands = [
"/scripts/redis.sh",
salt/telegraf/init.sls
+3 -3
View File
@@ -1,4 +1,4 @@
{% set MASTER = salt['grains.get']('master') %}
{% set MANAGER = salt['grains.get']('manager') %}
{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
# Add Telegraf to monitor all the things.
@@ -36,7 +36,7 @@ tgrafconf:
so-telegraf:
docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-telegraf:{{ VERSION }}
- image: {{ MANAGER }}:5000/soshybridhunter/so-telegraf:{{ VERSION }}
- environment:
- HOST_PROC=/host/proc
- HOST_ETC=/host/etc
@@ -53,7 +53,7 @@ so-telegraf:
- /proc:/host/proc:ro
- /nsm:/host/nsm:ro
- /etc:/host/etc:ro
{% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
{% if grains['role'] == 'so-manager' or grains['role'] == 'so-eval' or grains['role'] == 'so-managersearch' %}
- /etc/pki/ca.crt:/etc/telegraf/ca.crt:ro
{% else %}
- /etc/ssl/certs/intca.crt:/etc/telegraf/ca.crt:ro