CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-08 12:27:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix broken things

Browse Source
This commit is contained in:
Josh Patterson
2026-04-30 15:35:24 -04:00
parent 0d166ef732
commit 9541024eb7
5 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/manager/tools/sbin/so-push-drainer
+1 -2
View File
@@ -1,4 +1,4 @@
#!/usr/bin/env python3
#!/opt/saltstack/salt/bin/python3
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
@@ -35,7 +35,6 @@ import subprocess
import sys
import time
sys.path.append('/opt/saltstack/salt/lib/python3.10/site-packages/')
import salt.client
PENDING_DIR = '/opt/so/state/push_pending'
salt/reactor/push_pillar.sls
+3 -3
View File
@@ -19,7 +19,7 @@ import logging
import os
import time
import salt.client
from salt.client import Caller
import yaml
LOG = logging.getLogger(__name__)
@@ -57,7 +57,7 @@ def _load_push_map():
def _push_enabled():
try:
caller = salt.client.Caller()
caller = Caller()
return bool(caller.cmd('pillar.get', 'global:push:enabled', True))
except Exception:
LOG.exception('push_pillar: pillar.get global:push:enabled failed, assuming enabled')
@@ -132,7 +132,7 @@ def run():
LOG.info('push_pillar: push disabled, skipping')
return {}
path = data.get('data', {}).get('path', '') # noqa: F821 -- data provided by reactor
path = data.get('path', '') # noqa: F821 -- data provided by reactor
if not path or not path.startswith(PILLAR_ROOT):
LOG.debug('push_pillar: ignoring path outside pillar root: %s', path)
return {}
salt/reactor/push_strelka.sls
+3 -3
View File
@@ -14,7 +14,7 @@ import logging
import os
import time
import salt.client
from salt.client import Caller
LOG = logging.getLogger(__name__)
@@ -34,7 +34,7 @@ def _sensor_compound():
def _push_enabled():
try:
caller = salt.client.Caller()
caller = Caller()
return bool(caller.cmd('pillar.get', 'global:push:enabled', True))
except Exception:
LOG.exception('push_strelka: pillar.get global:push:enabled failed, assuming enabled')
@@ -89,7 +89,7 @@ def run():
LOG.info('push_strelka: push disabled, skipping')
return {}
path = data.get('data', {}).get('path', '') # noqa: F821 -- data provided by reactor
path = data.get('path', '') # noqa: F821 -- data provided by reactor
actions = [{'state': 'strelka', 'tgt': _sensor_compound()}]
_write_intent('rules_strelka', actions, path)
LOG.info('push_strelka: intent updated for path=%s', path)
salt/reactor/push_suricata.sls
+3 -3
View File
@@ -14,7 +14,7 @@ import logging
import os
import time
import salt.client
from salt.client import Caller
LOG = logging.getLogger(__name__)
@@ -33,7 +33,7 @@ def _sensor_compound_plus_import():
def _push_enabled():
try:
caller = salt.client.Caller()
caller = Caller()
return bool(caller.cmd('pillar.get', 'global:push:enabled', True))
except Exception:
LOG.exception('push_suricata: pillar.get global:push:enabled failed, assuming enabled')
@@ -88,7 +88,7 @@ def run():
LOG.info('push_suricata: push disabled, skipping')
return {}
path = data.get('data', {}).get('path', '') # noqa: F821 -- data provided by reactor
path = data.get('path', '') # noqa: F821 -- data provided by reactor
actions = [{'state': 'suricata', 'tgt': _sensor_compound_plus_import()}]
_write_intent('rules_suricata', actions, path)
LOG.info('push_suricata: intent updated for path=%s', path)
salt/salt/files/reactor_pushstate.conf
+9 -3
View File
@@ -1,7 +1,13 @@
reactor:
- 'salt/beacon/*/inotify//opt/so/saltstack/local/salt/suricata/rules/':
- 'salt/beacon/*/inotify//opt/so/saltstack/local/salt/suricata/rules':
- salt://reactor/push_suricata.sls
- 'salt/beacon/*/inotify//opt/so/saltstack/local/salt/strelka/rules/compiled/':
- 'salt/beacon/*/inotify//opt/so/saltstack/local/salt/suricata/rules/*':
- salt://reactor/push_suricata.sls
- 'salt/beacon/*/inotify//opt/so/saltstack/local/salt/strelka/rules/compiled':
- salt://reactor/push_strelka.sls
- 'salt/beacon/*/inotify//opt/so/saltstack/local/pillar/':
- 'salt/beacon/*/inotify//opt/so/saltstack/local/salt/strelka/rules/compiled/*':
- salt://reactor/push_strelka.sls
- 'salt/beacon/*/inotify//opt/so/saltstack/local/pillar':
- salt://reactor/push_pillar.sls
- 'salt/beacon/*/inotify//opt/so/saltstack/local/pillar/*':
- salt://reactor/push_pillar.sls