CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-27 06:57:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

move zeek bpf from zeek pillar to bpf pillar

Browse Source
This commit is contained in:
m0duspwnens
2023-03-20 15:28:33 -04:00
parent 460f84d80f
commit 903ad530fe
7 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/bpf/defaults.yaml
+4 -3
View File
@@ -1,4 +1,5 @@
bpf:
pcap: []
suricata: []
zeek: []
pcap: []
suricata: []
zeek:
- ip or not ip
salt/bpf/soc_bpf.yaml
+3
View File
@@ -1,10 +1,13 @@
bpf:
pcap:
description: List of BPF filters to apply to PCAP.
multiline: True
helpLink: bpf.html
suricata:
description: List of BPF filters to apply to Suricata.
multiline: True
helpLink: bpf.html
zeek:
description: List of BPF filters to apply to Zeek.
multiline: True
helpLink: bpf.html
salt/bpf/zeek.map.jinja
+4
View File
@@ -0,0 +1,4 @@
{% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %}
{% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %}
{% set ZEEKBPF = BPFMERGED.zeek %}