From 8cc4d2668ed5f47e1e984c2e2920d80fe33e6ef9 Mon Sep 17 00:00:00 2001
From: DefensiveDepth <Josh@defensivedepth.com>
Date: Tue, 16 Apr 2024 12:52:14 -0400
Subject: [PATCH] Move compile_yara

---
 .../files/bin => strelka/compile_yara}/compile_yara.py    | 5 +++++
 salt/strelka/config.sls                                   | 8 ++++++++
 2 files changed, 13 insertions(+)
 rename salt/{soc/files/bin => strelka/compile_yara}/compile_yara.py (58%)

diff --git a/salt/soc/files/bin/compile_yara.py b/salt/strelka/compile_yara/compile_yara.py
similarity index 58%
rename from salt/soc/files/bin/compile_yara.py
rename to salt/strelka/compile_yara/compile_yara.py
index 43c8b1a09..b840dcab6 100644
--- a/salt/soc/files/bin/compile_yara.py
+++ b/salt/strelka/compile_yara/compile_yara.py
@@ -1,3 +1,8 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
 import os
 import yara
 import glob
diff --git a/salt/strelka/config.sls b/salt/strelka/config.sls
index 929bef113..f6c66d8ff 100644
--- a/salt/strelka/config.sls
+++ b/salt/strelka/config.sls
@@ -14,6 +14,14 @@ strelkaconfdir:
     - group: 939
     - makedirs: True
 
+strelkacompileyara:
+  file.managed:
+    - name: /opt/so/conf/strelka/compile_yara.py
+    - source: salt://strelka/compile_yara/compile_yara.py
+    - user: 939
+    - group: 939
+    - makedirs: True
+
 strelkarulesdir:
   file.directory:
     - name: /opt/so/conf/strelka/rules