CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

add modules to be used in monitoring - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/90

Browse Source
This commit is contained in:
m0duspwnens
2020-03-24 17:27:55 -04:00
parent bc76739f6e
commit 7e6c70aff2
6 changed files with 48 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
salt/_modules/healthcheck.py Normal file
View File

@@ -0,0 +1,22 @@
#!py
import logging
def docker_restart(container, state):
stopdocker = __salt__['docker.rm'](container, 'force=True')
__salt__['state.apply'](state)
def zeek():
retcode = __salt__['zeekctl.status'](verbose=False)
logging.info('zeekctl.status retcode: %i' % retcode)
if retcode:
docker_restart('so-zeek', 'zeek')
zeek_restarted = True
else:
zeek_restarted = False
__salt__['telegraf.send']('healthcheck zeek_restarted: %s' % str(zeek_restarted))
return 'zeek_restarted: %s' % str(zeek_restarted)

16
salt/_modules/telegraf.py Normal file
View File

@@ -0,0 +1,16 @@
#!py
import logging
import socket
def send(data):
mainint = __salt__['pillar.get']('node:mainint')
mainip = __salt__['grains.get']('ip_interfaces').get(mainint)[0]
dstport = 8094
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sent = sock.sendto(data.encode('utf-8'), (mainip, dstport))
return sent

5
salt/_modules/zeekctl.py
View File

@@ -134,10 +134,13 @@ def start():
return retval
def status():
def status(verbose=True):
cmd = "runuser -l zeek -c '/opt/zeek/bin/zeekctl status'"
retval = __salt__['docker.run']('so-zeek', cmd)
if not verbose:
retval = __context__['retcode']
return retval