fix some things

2025-12-25 10:23:20 +01:00 · 2022-09-20 13:19:15 -04:00
parent 29285b8fb1
commit 75aa121b2d
5 changed files with 10 additions and 10 deletions
--- a/pillar/zeek/init.sls
+++ b/pillar/zeek/init.sls
@@ -0,0 +1 @@
+zeek:
--- a/salt/vars/sensor.map.jinja
+++ b/salt/vars/sensor.map.jinja
@@ -2,10 +2,9 @@

 {% set SENSOR_GLOBALS = {
    'sensor': {
-      'interface': INIT.PILLAR.sensor.interface
+      'interface': pillar.sensor.interface
+    }
   }
 %}

-{% for sg in SENSOR_GLOBALS %}
-{%   do salt['defaults.merge'](ROLE_GLOBALS, sg, merge_lists=False, in_place=True) %}
-{% endfor %}
+{% do salt['defaults.merge'](ROLE_GLOBALS, SENSOR_GLOBALS, merge_lists=False, in_place=True) %}
--- a/salt/zeek/config.map.jinja
+++ b/salt/zeek/config.map.jinja
@@ -1,8 +1,8 @@
-{% from 'vars/sensor.map.jinja' import GLOBALS %}
+{% from 'vars/sensor.map.jinja' import ROLE_GLOBALS %}
 {% import_yaml 'zeek/defaults.yaml' as zeek_defaults with context %}
 {% set zeek_pillar = salt['pillar.get']('zeek', []) %}
-{% do ZEEKMERGED.zeek.config.node.update({'interface': GLOBALS.sensor.interface}) %} {# update this first so user can specify a differet interface with pillar.zeek.config.node.interface #}
 {% set ZEEKMERGED = salt['defaults.merge'](zeek_defaults, zeek_pillar, in_place=False) %}
+{% do ZEEKMERGED.zeek.config.node.update({'interface': ROLE_GLOBALS.sensor.interface}) %}

 {% set ZEEKOPTIONS = {} %}
 {% set ENABLED = salt['pillar.get']('zeek:enabled', True) %}
--- a/salt/zeek/defaults.yaml
+++ b/salt/zeek/defaults.yaml
@@ -59,7 +59,7 @@ zeek:
        - LogAscii::use_json = T;
        - CaptureLoss::watch_interval = 5 mins;
    networks:
-      HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"
+      HOME_NET: 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12
  file_extraction:
    - application/x-dosexec: exe
    - application/pdf: pdf
--- a/salt/zeek/init.sls
+++ b/salt/zeek/init.sls
@@ -73,7 +73,7 @@ zeekpolicysync:
    - group: 939
    - template: jinja
    - defaults:
-        FILE_EXTRACTION: {{ ZEEKMERGED.file_extraction }}
+        FILE_EXTRACTION: {{ ZEEKMERGED.zeek.file_extraction }}

 # Ensure the zeek spool tree (and state.db) ownership is correct
 zeekspoolownership:
@@ -110,7 +110,7 @@ zeekctlcfg:
 nodecfg:
  file.managed:
    - name: /opt/so/conf/zeek/node.cfg
-    - source: salt://zeek/files/node.cfg,jinja
+    - source: salt://zeek/files/node.cfg.jinja
    - user: 937
    - group: 939
    - template: jinja
@@ -125,7 +125,7 @@ networkscfg:
    - group: 939
    - template: jinja
    - defaults:
-        NETWORKS: {{ ZEEKMERGED.zeek.networks }}
+        NETWORKS: {{ ZEEKMERGED.zeek.config.networks }}

 #zeekcleanscript:
 #  file.managed: