CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

use sensor.interface for suricata. make af-packet.interface ro in soc ui

Browse Source
This commit is contained in:
m0duspwnens
2023-08-09 11:18:47 -04:00
parent 204ef7e68f
commit 8844e305ab
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/suricata/map.jinja
View File

@@ -11,7 +11,7 @@
{# suricata.config.af-packet has to be rewritten here since we cant display '- interface' in the ui #} {# suricata.config.af-packet has to be rewritten here since we cant display '- interface' in the ui #}
{# we are limited to only one iterface #} {# we are limited to only one iterface #}
{% load_yaml as afpacket %} {% load_yaml as afpacket %}
- interface: {{ SURICATAMERGED.config['af-packet'].interface }} - interface: {{ GLOBALS.sensor.interface) }}
cluster-id: {{ SURICATAMERGED.config['af-packet']['cluster-id'] }} cluster-id: {{ SURICATAMERGED.config['af-packet']['cluster-id'] }}
cluster-type: {{ SURICATAMERGED.config['af-packet']['cluster-type'] }} cluster-type: {{ SURICATAMERGED.config['af-packet']['cluster-type'] }}
defrag: {{ SURICATAMERGED.config['af-packet'].defrag }} defrag: {{ SURICATAMERGED.config['af-packet'].defrag }}

4
salt/suricata/soc_suricata.yaml
View File

@@ -14,7 +14,9 @@ suricata:
config: config:
af-packet: af-packet:
interface: interface:
description: The network interface that Suricata will monitor. description: The network interface that Suricata will monitor. This is set under sensor > interface.
advanced: True
readonly: True
helpLink: suricata.html helpLink: suricata.html
cluster-id: cluster-id:
advanced: True advanced: True