From 4be1214bab11f57286f042ce7dbebd76bcbb8259 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 30 Jan 2024 16:53:57 -0500
Subject: [PATCH] pcap engine logic for sensoroni

---
 salt/sensoroni/files/sensoroni.json | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/salt/sensoroni/files/sensoroni.json b/salt/sensoroni/files/sensoroni.json
index f813dad2f..97c91f0b3 100644
--- a/salt/sensoroni/files/sensoroni.json
+++ b/salt/sensoroni/files/sensoroni.json
@@ -1,6 +1,7 @@
 {%- from 'vars/globals.map.jinja' import GLOBALS %}
 {%- from 'sensoroni/map.jinja' import SENSORONIMERGED %}
 {%- from 'pcap/config.map.jinja' import PCAPMERGED %}
+{%- from 'suricata/map.jinja' import SURICATAMERGED %}
 {
   "logFilename": "/opt/sensoroni/logs/sensoroni.log",
   "logLevel":"info",
@@ -23,22 +24,22 @@
       "importer": {},
       "statickeyauth": {
         "apiKey": "{{ GLOBALS.sensoroni_key }}"
+{#- if PCAPMERGED.enabled is true then we know that steno is the pcap engine #}
+{#- if it is false, then user has steno disabled in ui or has selected suricata for pcap engine #}
 {%- if PCAPMERGED.enabled %}
-{%-   if GLOBALS.pcap_engine == "STENO" %}
       },     
       "stenoquery": {
         "executablePath": "/opt/sensoroni/scripts/stenoquery.sh",
         "pcapInputPath": "/nsm/pcap",
         "pcapOutputPath": "/nsm/pcapout"
       }
-{%-   elif GLOBALS.pcap_engine == "SURICATA" %}
+{%- elif GLOBALS.pcap_engine == "SURICATA" and SURICATAMERGED.enabled %}
       },     
       "suriquery": {
         "executablePath": "/opt/sensoroni/scripts/suriquery.sh",
         "pcapInputPath": "/nsm/suripcap",
         "pcapOutputPath": "/nsm/pcapout"
       }
-{%-   endif %}
 {%- else %}
       }
 {%- endif %}