Merge pull request #3153 from Security-Onion-Solutions/bugfix/so-playbook-sigmarefresh

Fix so-playbook-sigma-refresh
2025-12-15 21:52:47 +01:00 · 2021-02-26 08:36:36 -05:00
parent e06ca75677 5678e66b39
commit 45f626887d
1 changed files with 8 additions and 1 deletions
--- a/salt/common/tools/sbin/so-playbook-sigma-refresh
+++ b/salt/common/tools/sbin/so-playbook-sigma-refresh
@@ -17,4 +17,11 @@

 . /usr/sbin/so-common

-docker exec so-soctopus python3 playbook_play-update.py
+# Regenerate ElastAlert & update Plays
+docker exec so-soctopus python3 playbook_play-update.py
+
+# Delete current Elastalert Rules
+rm /opt/so/rules/elastalert/playbook/*.yaml
+
+# Regenerate Elastalert Rules
+so-playbook-sync