CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 23:43:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update Strelka init for rules

Browse Source
This commit is contained in:
Wes Lambert
2020-06-25 15:49:58 +00:00
parent 6487fdf5e6
commit 63c45be388
1 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
salt/strelka/init.sls
View File

@@ -25,6 +25,13 @@ strelkaconfdir:
- group: 939 - group: 939
- makedirs: True - makedirs: True
strelkarulesdir:
file.directory:
- name: /opt/so/conf/strelka/rules
- user: 939
- group: 939
- makedirs: True
# Sync dynamic config to conf dir # Sync dynamic config to conf dir
strelkasync: strelkasync:
file.recurse: file.recurse:
@@ -33,9 +40,21 @@ strelkasync:
- user: 939 - user: 939
- group: 939 - group: 939
- template: jinja - template: jinja
{%- if STRELKA_RULES != 1 %}
- exclude_pat: rules/ {%- if STRELKA_RULES == 1 %}
{%- endif %} strelka_yara_update:
cron.present:
- user: root
- name: '[ -d /opt/so/saltstack/default/salt/strelka/rules/ ] && /usr/sbin/so-yara-update > /dev/null 2>&1'
- hour: '7'
strelkarules:
file.recurse:
- name: /opt/so/conf/strelka/rules
- source: salt://strelka/rules
- user: 939
- group: 939
{%- endif %}
strelkadatadir: strelkadatadir:
file.directory: file.directory: