CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-27 15:07:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

enabled/disable zeek

Browse Source
This commit is contained in:
m0duspwnens
2023-05-08 10:12:32 -04:00
parent 743bbfea35
commit 5d50dbb69e
8 changed files with 27 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/zeek/config.map.jinja
+5
View File
@@ -1,3 +1,8 @@
{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
https://securityonion.net/license; you may not use this file except in compliance with the
Elastic License 2.0. #}
{% from 'vars/sensor.map.jinja' import ROLE_GLOBALS %}
{% import_yaml 'zeek/defaults.yaml' as ZEEKDEFAULTS with context %}
{% set ZEEKMERGED = salt['pillar.get']('zeek', ZEEKDEFAULTS.zeek, merge=True) %}
salt/zeek/config.sls
-2
View File
@@ -8,9 +8,7 @@
{% from 'vars/globals.map.jinja' import GLOBALS %}
{% from "zeek/config.map.jinja" import ZEEKMERGED %}
{% from 'bpf/zeek.map.jinja' import ZEEKBPF %}
{% set BPF_STATUS = 0 %}
# Add Zeek group
salt/zeek/disabled.sls
+5
View File
@@ -1,3 +1,8 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% from 'allowed_states.map.jinja' import allowed_states %}
{% if sls.split('.')[0] in allowed_states %}
salt/zeek/enabled.sls
+5
View File
@@ -1,3 +1,8 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% from 'allowed_states.map.jinja' import allowed_states %}
{% if sls.split('.')[0] in allowed_states %}
salt/zeek/init.sls
+6 -1
View File
@@ -1,8 +1,13 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% from 'vars/globals.map.jinja' import GLOBALS %}
{% from 'zeek/config.map.jinja' import ZEEKMERGED %}
include:
{% if ZEEKMERGED.enabled and GLOBALS.role != 'so-import'%}
{% if ZEEKMERGED.enabled and GLOBALS.role != 'so-import' and GLOBALS.md_engine != 'SURICATA' %}
- zeek.enabled
{% elif GLOBALS.role == 'so-import' %}
- zeek.config
salt/zeek/sostatus.sls
+5
View File
@@ -1,3 +1,8 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% from 'allowed_states.map.jinja' import allowed_states %}
{% if sls.split('.')[0] in allowed_states %}