CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 11:12:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4559 from Security-Onion-Solutions/kilo

Browse Source 
Kilo
This commit is contained in:
Jason Ertel
2021-06-17 15:55:28 -04:00
committed by GitHub
parent 98526af82a b294cee278
commit 833559dde6
4 changed files with 0 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/soctopus/files/templates/es-generic.template
View File

@@ -1,13 +1,7 @@
{% set ES = salt['pillar.get']('global:managerip', '') %} {% set ES = salt['pillar.get']('global:managerip', '') %}
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
alert: modules.so.playbook-es.PlaybookESAlerter alert: modules.so.playbook-es.PlaybookESAlerter
elasticsearch_host: "{{ ES }}:9200" elasticsearch_host: "{{ ES }}:9200"
{% if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
elasticsearch_user: "{{ ES_USER }}"
elasticsearch_pass: "{{ ES_PASS }}"
{% endif %}
play_title: "" play_title: ""
play_url: "https://{{ ES }}/playbook/issues/6000" play_url: "https://{{ ES }}/playbook/issues/6000"
sigma_level: "" sigma_level: ""

6
salt/soctopus/files/templates/generic.template
View File

@@ -1,15 +1,9 @@
{% set es = salt['pillar.get']('global:url_base', '') %} {% set es = salt['pillar.get']('global:url_base', '') %}
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
alert: alert:
- "modules.so.playbook-es.PlaybookESAlerter" - "modules.so.playbook-es.PlaybookESAlerter"
elasticsearch_host: "{{ es }}:9200" elasticsearch_host: "{{ es }}:9200"
{% if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
elasticsearch_user: "{{ ES_USER }}"
elasticsearch_pass: "{{ ES_PASS }}"
{% endif %}
play_title: "" play_title: ""
play_id: "" play_id: ""
event.module: "playbook" event.module: "playbook"

6
salt/soctopus/files/templates/osquery.template
View File

@@ -1,15 +1,9 @@
{% set es = salt['pillar.get']('global:url_base', '') %} {% set es = salt['pillar.get']('global:url_base', '') %}
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
alert: alert:
- "modules.so.playbook-es.PlaybookESAlerter" - "modules.so.playbook-es.PlaybookESAlerter"
elasticsearch_host: "{{ es }}:9200" elasticsearch_host: "{{ es }}:9200"
{% if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
elasticsearch_user: "{{ ES_USER }}"
elasticsearch_pass: "{{ ES_PASS }}"
{% endif %}
play_title: "" play_title: ""
event.module: "playbook" event.module: "playbook"
event.dataset: "alert" event.dataset: "alert"

1
salt/soctopus/init.sls
View File

@@ -21,7 +21,6 @@ soctopus-sync:
- source: salt://soctopus/files/templates - source: salt://soctopus/files/templates
- user: 939 - user: 939
- group: 939 - group: 939
- file_mode: 600
- template: jinja - template: jinja
soctopusconf: soctopusconf: