CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Helix changes and Wazuh

Browse Source
This commit is contained in:
Mike Reeves
2019-12-09 16:27:03 -05:00
parent 8342dc1447
commit 4c4cdb7189
3 changed files with 5 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/logstash/conf/conf.enabled.txt.so-helix
View File

@@ -7,12 +7,5 @@
# /usr/share/logstash/pipeline.custom/1234_input_custom.conf
##
# All of the defaults are loaded.
/usr/share/logstash/pipeline.so/0000_input_syslogng.conf
/usr/share/logstash/pipeline.so/0001_input_json.conf
/usr/share/logstash/pipeline.so/0002_input_windows_json.conf
/usr/share/logstash/pipeline.so/0003_input_syslog.conf
/usr/share/logstash/pipeline.so/0005_input_suricata.conf
#/usr/share/logstash/pipeline.dynamic/0006_input_beats.conf
/usr/share/logstash/pipeline.dynamic/0010_input_hhbeats.conf
/usr/share/logstash/pipeline.so/0007_input_import.conf
/usr/share/logstash/pipeline.dynamic/9999_output_redis.conf
/usr/share/logstash/pipeline.dynamic/9997_output_helix.conf

1
salt/top.sls
View File

@@ -14,6 +14,7 @@ base:
- ssl
- common
- firewall
- idstools
- pcap
- suricata
- bro

4
salt/wazuh/init.sls
View File

@@ -64,13 +64,13 @@ wazuhagentregister:
so-wazuhimage:
cmd.run:
- name: docker pull --disable-content-trust=false docker.io/soshybridhunter/so-wazuh:HH1.1.0
- name: docker pull --disable-content-trust=false docker.io/soshybridhunter/so-wazuh:HH1.1.3
so-wazuh:
docker_container.running:
- require:
- so-wazuhimage
- image: docker.io/soshybridhunter/so-wazuh:HH1.1.0
- image: docker.io/soshybridhunter/so-wazuh:HH1.1.3
- hostname: {{HOSTNAME}}-wazuh-manager
- name: so-wazuh
- detach: True