CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3122 from Security-Onion-Solutions/strelka_repo_update

Browse Source 
Modify soup to add Strelka rule repo in pillar
This commit is contained in:
Mike Reeves
2021-02-24 15:35:35 -05:00
committed by GitHub
parent 38d60752b7 6ea8eab9af
commit 52fd3c0470
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
salt/common/tools/sbin/soup
View File

@@ -338,8 +338,16 @@ up_2.3.2X_to_2.3.30() {
# Replace any curly brace scalars with the same scalar in single quotes
readarray -t minion_pillars <<< "$(find /opt/so/saltstack/local/pillar/minions -type f -name '*.sls')"
for pillar in "${minion_pillars[@]}"; do
sed -i -r "s/ (\{\{.*}})$/ '\1'/g" "$pillar"
sed -i -r "s/ (\{\{.*}})$/ '\1'/g" "$pillar"
done
# Strelka rule repo pillar addition
if [ $is_airgap -eq 0 ]; then
# Add manager as default Strelka YARA rule repo
sed -i "/^strelka:/a \\ repos: \n - https://$HOSTNAME/repo/rules/strelka" /opt/so/saltstack/local/pillar/global.sls;
else
# Add Github repo for Strelka YARA rules
sed -i "/^strelka:/a \\ repos: \n - https://github.com/Neo23x0/signature-base" /opt/so/saltstack/local/pillar/global.sls;
fi
}
space_check() {