CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

jinja for the suricata outputs

Browse Source
This commit is contained in:
m0duspwnens
2022-09-15 10:35:59 -04:00
parent 8528645c2c
commit 4cb955fe8d
1 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
salt/suricata/suricata_config.map.jinja
View File

@@ -1,6 +1,7 @@
{% import_yaml 'suricata/defaults.yaml' as suricata_defaults with context %} {% import_yaml 'suricata/defaults.yaml' as suricata_defaults with context %}
{% set suricata_pillar = pillar.suricata %} {% set suricata_pillar = pillar.suricata %}
{% set surimerge = salt['defaults.merge'](suricata_defaults, suricata_pillar, in_place=False) %} {% set surimerge = salt['defaults.merge'](suricata_defaults, suricata_pillar, in_place=False) %}
{% load_yaml as afpacket %} {% load_yaml as afpacket %}
af-packet: af-packet:
- interface: {{ surimerge.suricata.config['af-packet'].interface }} - interface: {{ surimerge.suricata.config['af-packet'].interface }}
@@ -15,12 +16,8 @@ af-packet:
{% do suricata_defaults.suricata.config.update({'af-packet': afpacket}) %} {% do suricata_defaults.suricata.config.update({'af-packet': afpacket}) %}
{% load_yaml as outputs %} {% load_yaml as outputs %}
outputs: {% for le, ld in surimerge.suricata.config.outputs.items() %}
- fast: - {{ le }}: {{ ld }}
enabled: {{ surimerge.suricata.config.outputs.fast.enabled }} {% endfor %}
filename: {{ surimerge.suricata.config.outputs.fast.filename }}
append: {{ surimerge.suricata.config.outputs.fast.append }}
- eve-log
enabled: {{ surimerge.suricata.config.outputs['eve-log'].enabled }}
{% endload %} {% endload %}
{% do suricata_defaults.suricata.config.update({'outputs': outputs}) %} {% do suricata_defaults.suricata.config.update({'outputs': outputs}) %}