CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix #6317 - Do not attempt to whitelist when wazuh isn't enabled

Browse Source
This commit is contained in:
Jason Ertel
2021-11-23 10:06:14 -05:00
parent 3bfc3b8943
commit 4672b0c15c
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
salt/common/tools/sbin/so-allow
View File

@@ -79,10 +79,10 @@ def ip_prompt() -> str:
def wazuh_enabled() -> bool:
for file in os.listdir(f'{LOCAL_SALT_DIR}/pillar'):
with open(file, 'r') as pillar:
if 'wazuh: 1' in pillar.read():
return True
file = f'{LOCAL_SALT_DIR}/pillar/global.sls'
with open(file, 'r') as pillar:
if 'wazuh: 1' in pillar.read():
return True
return False
@@ -124,7 +124,7 @@ def apply(role: str, ip: str) -> int:
else:
return cmd.returncode
if cmd.returncode == 0:
if wazuh_enabled and role=='analyst':
if wazuh_enabled() and role=='analyst':
try:
add_wl(ip)
print(f'Added whitelist entry for {ip} from {WAZUH_CONF}', file=sys.stderr)