CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 01:02:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

replace . with _x_

Browse Source
This commit is contained in:
m0duspwnens
2023-06-30 14:18:20 -04:00
parent d6d8ba7479
commit 7319d7ae9b
4 changed files with 178 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
pillar/logrotate/init.sls
View File

@@ -1,13 +0,0 @@
logrotate:
conf: |
daily
rotate 14
missingok
copytruncate
compress
create
extension .log
dateext
dateyesterday
group_conf: |
su root socore

40
salt/logrotate/defaults.yaml
View File

@@ -1,6 +1,6 @@
logrotate:
config:
/opt/so/log/idstools/*.log:
/opt/so/log/idstools/*_x_log:
- daily
- rotate 14
- missingok
@@ -10,7 +10,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/nginx/*.log:
/opt/so/log/nginx/*_x_log:
- daily
- rotate 14
- missingok
@@ -20,7 +20,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/soc/*.log:
/opt/so/log/soc/*_x_log:
- daily
- rotate 14
- missingok
@@ -30,7 +30,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/kratos/*.log:
/opt/so/log/kratos/*_x_log:
- daily
- rotate 14
- missingok
@@ -40,7 +40,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/kibana/*.log:
/opt/so/log/kibana/*_x_log:
- daily
- rotate 14
- missingok
@@ -50,7 +50,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/influxdb/*.log:
/opt/so/log/influxdb/*_x_log:
- daily
- rotate 14
- missingok
@@ -60,7 +60,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/elastalert/*.log:
/opt/so/log/elastalert/*_x_log:
- daily
- rotate 14
- missingok
@@ -70,7 +70,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/soctopus/*.log:
/opt/so/log/soctopus/*_x_log:
- daily
- rotate 14
- missingok
@@ -80,7 +80,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/curator/*.log:
/opt/so/log/curator/*_x_log:
- daily
- rotate 14
- missingok
@@ -90,7 +90,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/fleet/*.log:
/opt/so/log/fleet/*_x_log:
- daily
- rotate 14
- missingok
@@ -100,7 +100,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/suricata/*.log:
/opt/so/log/suricata/*_x_log:
- daily
- rotate 14
- missingok
@@ -110,7 +110,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/mysql/*.log:
/opt/so/log/mysql/*_x_log:
- daily
- rotate 14
- missingok
@@ -120,7 +120,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/telegraf/*.log:
/opt/so/log/telegraf/*_x_log:
- daily
- rotate 14
- missingok
@@ -130,7 +130,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/redis/*.log:
/opt/so/log/redis/*_x_log:
- daily
- rotate 14
- missingok
@@ -140,7 +140,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/sensoroni/*.log:
/opt/so/log/sensoroni/*_x_log:
- daily
- rotate 14
- missingok
@@ -150,7 +150,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/stenographer/*.log:
/opt/so/log/stenographer/*_x_log:
- daily
- rotate 14
- missingok
@@ -190,7 +190,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/nsm/idh/*.log:
/nsm/idh/*_x_log:
- daily
- rotate 14
- missingok
@@ -200,7 +200,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/playbook/*.log:
/opt/so/log/playbook/*_x_log:
- daily
- rotate 14
- missingok
@@ -211,7 +211,7 @@ logrotate:
- dateext
- dateyesterday
- su root socore
/nsm/strelka/log/strelka.log:
/nsm/strelka/log/strelka_x_log:
- daily
- rotate 14
- missingok
@@ -221,7 +221,7 @@ logrotate:
- extension .log
- dateext
- dateyesterday
/opt/so/log/sensor_clean.log:
/opt/so/log/sensor_clean_x_log:
- daily
- rotate 2
- missingok

2
salt/logrotate/etc/rotate.conf.jinja
View File

@@ -1,5 +1,5 @@
{%- for file, opts in CONFIG.items() %}
{{ file }}
{{ file | replace("_x_", ".")}}
{
{%- for opt in opts %}
{{ opt }}

180
salt/logrotate/soc_logrotate.yaml
View File

@@ -1,29 +1,163 @@
logrotate:
config:
/opt/so/log/idstools/*.log: &rotateopts
"/opt/so/log/idstools/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/idstools/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/nginx/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/nginx/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/soc/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/soc/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/kratos/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/kratos/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/kibana/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/kibana/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/influxdb/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/influxdb/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/elastalert/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/elastalert/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/soctopus/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/soctopus/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/curator/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/curator/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/fleet/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/fleet/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/suricata/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/suricata/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/mysql/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/mysql/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/telegraf/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/telegraf/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/redis/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/redis/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/sensoroni/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/sensoroni/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/stenographer/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/stenographer/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/salt/so-salt-minion-check":
description: List of logrotate options for this file.
title: /opt/so/log/salt/so-salt-minion-check
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/salt/minion":
description: List of logrotate options for this file.
title: /opt/so/log/salt/minion
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/salt/master":
description: List of logrotate options for this file.
title: /opt/so/log/salt/master
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/nsm/idh/*_x_log":
description: List of logrotate options for this file.
title: /nsm/idh/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/playbook/*_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/playbook/*.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/nsm/strelka/log/strelka_x_log":
description: List of logrotate options for this file.
title: /nsm/strelka/log/strelka.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
"/opt/so/log/sensor_clean_x_log":
description: List of logrotate options for this file.
title: /opt/so/log/sensor_clean.log
advanced: True
multiline: True
global: True
forcedType: "[]string"
/opt/so/log/nginx/*.log: *rotateopts
/opt/so/log/soc/*.log: *rotateopts
/opt/so/log/kratos/*.log: *rotateopts
/opt/so/log/kibana/*.log: *rotateopts
/opt/so/log/influxdb/*.log: *rotateopts
/opt/so/log/elastalert/*.log: *rotateopts
/opt/so/log/soctopus/*.log: *rotateopts
/opt/so/log/curator/*.log: *rotateopts
/opt/so/log/fleet/*.log: *rotateopts
/opt/so/log/suricata/*.log: *rotateopts
/opt/so/log/mysql/*.log: *rotateopts
/opt/so/log/telegraf/*.log: *rotateopts
/opt/so/log/redis/*.log: *rotateopts
/opt/so/log/sensoroni/*.log: *rotateopts
/opt/so/log/stenographer/*.log: *rotateopts
/opt/so/log/salt/so-salt-minion-check: *rotateopts
/opt/so/log/salt/minion: *rotateopts
/opt/so/log/salt/master: *rotateopts
/nsm/idh/*.log: *rotateopts
/opt/so/log/playbook/*.log: *rotateopts
/nsm/strelka/log/strelka.log: *rotateopts
/opt/so/log/sensor_clean.log: *rotateopts