CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-01 10:21:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15628 from Security-Onion-Solutions/zeekload

Browse Source 
Add salt states for custom Zeek package loading
This commit is contained in:
Mike Reeves
2026-03-17 13:40:14 -04:00
committed by GitHub
parent d2d2f0cb5f e0e0e3e97b
commit 4bb61d999d
3 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/zeek/config.sls
View File

@@ -32,6 +32,15 @@ zeekpolicydir:
- group: 939
- makedirs: True
zeekzkgsync:
file.recurse:
- name: /opt/so/conf/zeek/zkg
- source: salt://zeek/zkg
- user: 937
- group: 939
- makedirs: True
- exclude_pat: README
# Zeek Log Directory
zeeklogdir:
file.directory:

1
salt/zeek/enabled.sls
View File

@@ -35,6 +35,7 @@ so-zeek:
- /opt/so/conf/zeek/policy/intel:/opt/zeek/share/zeek/policy/intel:rw
- /opt/so/conf/zeek/bpf:/opt/zeek/etc/bpf:ro
- /opt/so/conf/zeek/config.zeek:/opt/zeek/share/zeek/site/packages/ja4/config.zeek:ro
- /opt/so/conf/zeek/zkg:/opt/so/conf/zeek/zkg:ro
{% if DOCKER.containers['so-zeek'].custom_bind_mounts %}
{% for BIND in DOCKER.containers['so-zeek'].custom_bind_mounts %}
- {{ BIND }}

1
salt/zeek/zkg/README Normal file
View File

@@ -0,0 +1 @@
# Place custom Zeek packages in /opt/so/saltstack/local/salt/zeek/zkg/