CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 02:02:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update suricata_config.map.jinja

Browse Source
This commit is contained in:
Mike Reeves
2022-09-14 15:02:55 -04:00
committed by GitHub
parent f8c1571a91
commit 8528645c2c
1 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
salt/suricata/suricata_config.map.jinja
View File

@@ -1,17 +1,26 @@
{% import_yaml 'suricata/defaults.yaml' as suricata_defaults with context %}
{% set suricata_pillar = pillar.suricata %}
{% set surimerge = salt['defaults.merge'](suricata_defaults, suricata_pillar, in_place=False)
{% set surimerge = salt['defaults.merge'](suricata_defaults, suricata_pillar, in_place=False) %}
{% load_yaml as afpacket %}
af-packet:
- interface: {{ surimerge.suricata.config.af-packet.interface }}
cluster-id: {{ surimerge.suricata.config.af-packet.cluster-id }}
cluster-type: {{ surimerge.suricata.config.af-packet.cluster-type }}
defrag: {{ surimerge.suricata.config.af-packet.defrag }}
use-mmap: {{ surimerge.suricata.config.af-packet.use-mmap }}
threads: {{ surimerge.suricata.config.af-packet.threads }}
tpacket-v3: {{ surimerge.suricata.config.af-packet.tpacket-v3 }}
ring-size: {{ surimerge.suricata.config.af-packet.ring-size }}
- interface: {{ surimerge.suricata.config['af-packet'].interface }}
cluster-id: {{ surimerge.suricata.config['af-packet']['cluster-id'] }}
cluster-type: {{ surimerge.suricata.config['af-packet']['cluster-type'] }}
defrag: {{ surimerge.suricata.config['af-packet'].defrag }}
use-mmap: {{ surimerge.suricata.config['af-packet']['use-mmap'] }}
threads: {{ surimerge.suricata.config['af-packet'].threads }}
tpacket-v3: {{ surimerge.suricata.config['af-packet']['tpacket-v3'] }}
ring-size: {{ surimerge.suricata.config['af-packet']['ring-size'] }}
{% endload %}
{% do suricata_defaults.suricata.config.update({'af-packet': afpacket}) %}
{% do salt['defaults.merge'](suricata_defaults.suricata.config, suricata_pillar, in_place=True) %}
{% load_yaml as outputs %}
outputs:
- fast:
enabled: {{ surimerge.suricata.config.outputs.fast.enabled }}
filename: {{ surimerge.suricata.config.outputs.fast.filename }}
append: {{ surimerge.suricata.config.outputs.fast.append }}
- eve-log
enabled: {{ surimerge.suricata.config.outputs['eve-log'].enabled }}
{% endload %}
{% do suricata_defaults.suricata.config.update({'outputs': outputs}) %}