CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add more logging for filecheck monitoring, and ensure scripts are accessible to salt-relay

Browse Source
This commit is contained in:
Jason Ertel
2022-11-17 10:43:05 -05:00
parent 0ffef75d7b
commit 7f7e5474ed
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/soc/files/bin/salt-relay.sh
View File

@@ -7,6 +7,7 @@
PIPE_OWNER=${PIPE_OWNER:-socore} PIPE_OWNER=${PIPE_OWNER:-socore}
PIPE_GROUP=${PIPE_GROUP:-socore} PIPE_GROUP=${PIPE_GROUP:-socore}
SOC_PIPE=${SOC_PIPE_REQUEST:-/opt/so/conf/soc/salt/pipe} SOC_PIPE=${SOC_PIPE_REQUEST:-/opt/so/conf/soc/salt/pipe}
PATH=${PATH}:/usr/sbin
function log() { function log() {
echo "$(date) | $1" echo "$(date) | $1"

6
salt/strelka/filecheck/filecheck
View File

@@ -65,6 +65,8 @@ if __name__ == "__main__":
event_handler =CreatedEventHandler() event_handler =CreatedEventHandler()
observer = Observer() observer = Observer()
logging.info("Starting filecheck")
observer.schedule(event_handler, extract_path, recursive=True) observer.schedule(event_handler, extract_path, recursive=True)
observer.start() observer.start()
try: try:
@@ -72,4 +74,6 @@ if __name__ == "__main__":
time.sleep(1) time.sleep(1)
except KeyboardInterrupt: except KeyboardInterrupt:
observer.stop() observer.stop()
observer.join() observer.join()
logging.info("Exiting filecheck")