CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-03 01:48:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

manage threshold.conf with Salt - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/127

Browse Source
This commit is contained in:
m0duspwnens
2020-01-03 13:31:19 -05:00
parent bbd95c977c
commit 7415ed8dd0
4 changed files with 106 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/suricata/init.sls
+10
View File
@@ -70,6 +70,14 @@ suriconfigsync:
- group: 940
- template: jinja
surithresholding:
file.managed:
- name: /opt/so/conf/suricata/threshold.conf
- source: salt://suricata/files/threshold.conf.jinja
- user: 940
- group: 940
- template: jinja
so-suricataimage:
cmd.run:
- name: docker pull --disable-content-trust=false docker.io/soshybridhunter/so-suricata:HH1.1.1
@@ -84,9 +92,11 @@ so-suricata:
- INTERFACE={{ interface }}
- binds:
- /opt/so/conf/suricata/suricata.yaml:/etc/suricata/suricata.yaml:ro
- /opt/so/conf/suricata/threshold.conf:/etc/suricata/threshold.conf:ro
- /opt/so/conf/suricata/rules:/etc/suricata/rules:ro
- /opt/so/log/suricata/:/var/log/suricata/:rw
- network_mode: host
- watch:
- file: /opt/so/conf/suricata/suricata.yaml
- file: surithresholding
- file: /opt/so/conf/suricata/rules/