only managers need node_ips

2025-12-08 10:12:53 +01:00 · 2025-03-25 10:17:43 -04:00
parent d7e831fbeb
commit 79388af645
2 changed files with 84 additions and 80 deletions
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -24,10 +24,10 @@ base:
    - firewall.adv_firewall
    - nginx.soc_nginx
    - nginx.adv_nginx
    - node_data.ips
  '*_manager or *_managersearch':
    - match: compound
    - node_data.ips
    {% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/elasticsearch/auth.sls') %}
    - elasticsearch.auth
    {% endif %}
@@ -90,6 +90,7 @@ base:
    - soc.license
  '*_eval':
    - node_data.ips
    - secrets
    - healthcheck.eval
    - elasticsearch.index_templates
@@ -138,6 +139,7 @@ base:
    - minions.adv_{{ grains.id }}
  '*_standalone':
    - node_data.ips
    - logstash.nodes
    - logstash.soc_logstash
    - logstash.adv_logstash
@@ -260,6 +262,7 @@ base:
    - soc.license
  '*_import':
    - node_data.ips
    - secrets
    - elasticsearch.index_templates
    {% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/elasticsearch/auth.sls') %}
@@ -305,6 +308,7 @@ base:
    - minions.adv_{{ grains.id }}
  '*_fleet':
    - node_data.ips
    - backup.soc_backup
    - backup.adv_backup
    - logstash.nodes
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -22,11 +22,7 @@ base:
    - salt.minion-state-apply-test
    - salt.minion
-  '*_eval or *_manager* or *_standalone or *_import and I@node_data:False':
+  '* and G@saltversion:{{saltversion}}':
    - match: compound
    - mine.update
  '* and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
    - salt.minion
    - patch.os.schedule
@@ -37,21 +33,9 @@ base:
    - docker
    - docker_clean
-  '*_sensor and G@saltversion:{{saltversion}} and not I@node_data:False':
+  '*_manager* or *_standalone or *_eval or *_import and I@node_data:False':
    - match: compound
-    - sensor
+    - mine.update
    - ssl
    - sensoroni
    - telegraf
    - firewall
    - nginx
    - pcap
    - suricata
    - healthcheck
    - zeek
    - strelka
    - elasticfleet.install_agent_grid
    - stig
  '*_eval and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
@@ -85,37 +69,6 @@ base:
    - utility
    - elasticfleet
  '*_manager and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
    - salt.master
    - ca
    - ssl
    - registry
    - nginx
    - influxdb
    - strelka.manager
    - soc
    - kratos
    - hydra
    - firewall
    - manager
    - sensoroni
    - telegraf
    - backup.config_backup
    - idstools
    - suricata.manager
    - elasticsearch
    - logstash
    - redis
    - elastic-fleet-package-registry
    - kibana
    - curator.disabled
    - elastalert
    - utility
    - elasticfleet
    - stig
    - kafka
  '*_standalone and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
    - salt.master
@@ -152,16 +105,34 @@ base:
    - stig
    - kafka
-  '*_searchnode and G@saltversion:{{saltversion}} and not I@node_data:False':
+  '*_manager and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
-    - firewall
+    - salt.master
    - ca
    - ssl
-    - elasticsearch
+    - registry
-    - logstash
+    - nginx
    - influxdb
    - strelka.manager
    - soc
    - kratos
    - hydra
    - firewall
    - manager
    - sensoroni
    - telegraf
-    - nginx
+    - backup.config_backup
-    - elasticfleet.install_agent_grid
+    - idstools
    - suricata.manager
    - elasticsearch
    - logstash
    - redis
    - elastic-fleet-package-registry
    - kibana
    - curator.disabled
    - elastalert
    - utility
    - elasticfleet
    - stig
    - kafka
@@ -196,25 +167,6 @@ base:
    - stig
    - kafka
  '*_heavynode and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
    - sensor
    - ssl
    - sensoroni
    - telegraf
    - nginx
    - firewall
    - elasticsearch
    - logstash
    - redis
    - curator.disabled
    - strelka
    - pcap
    - suricata
    - zeek
    - elasticfleet.install_agent_grid
    - elasticagent
  '*_import and G@saltversion:{{saltversion}} and not I@node_data:False':
    - match: compound
    - salt.master
@@ -243,7 +195,55 @@ base:
    - zeek
    - elasticfleet
-  '*_receiver and G@saltversion:{{saltversion}} and not I@node_data:False':
+  '*_searchnode and G@saltversion:{{saltversion}}':
    - match: compound
    - firewall
    - ssl
    - elasticsearch
    - logstash
    - sensoroni
    - telegraf
    - nginx
    - elasticfleet.install_agent_grid
    - stig
    - kafka
  '*_sensor and G@saltversion:{{saltversion}}':
    - match: compound
    - sensor
    - ssl
    - sensoroni
    - telegraf
    - firewall
    - nginx
    - pcap
    - suricata
    - healthcheck
    - zeek
    - strelka
    - elasticfleet.install_agent_grid
    - stig
  '*_heavynode and G@saltversion:{{saltversion}}':
    - match: compound
    - sensor
    - ssl
    - sensoroni
    - telegraf
    - nginx
    - firewall
    - elasticsearch
    - logstash
    - redis
    - curator.disabled
    - strelka
    - pcap
    - suricata
    - zeek
    - elasticfleet.install_agent_grid
    - elasticagent
  '*_receiver and G@saltversion:{{saltversion}}':
    - match: compound
    - ssl
    - sensoroni
@@ -255,7 +255,7 @@ base:
    - kafka
    - stig
-  '*_idh and G@saltversion:{{saltversion}} and not I@node_data:False':
+  '*_idh and G@saltversion:{{saltversion}}':
    - match: compound
    - ssl
    - sensoroni
@@ -264,7 +264,7 @@ base:
    - elasticfleet.install_agent_grid
    - idh
-  '*_fleet and G@saltversion:{{saltversion}} and not I@node_data:False':
+  '*_fleet and G@saltversion:{{saltversion}}':
    - match: compound
    - ssl
    - sensoroni
@@ -276,7 +276,7 @@ base:
    - elasticfleet.install_agent_grid
    - schedule
-  '*_desktop and G@saltversion:{{saltversion}} and not I@node_data:False':
+  '*_desktop and G@saltversion:{{saltversion}}':
    - ssl
    - sensoroni
    - telegraf