CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Adjust imports for filebeat configuration to ensure import data is placed into ES

Browse Source
This commit is contained in:
Jason Ertel
2020-07-01 17:18:01 -04:00
parent d6feafb12a
commit 96e93b012d
3 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/common/tools/sbin/so-import-pcap
View File

@@ -76,11 +76,13 @@ function zeek() {
NSM_PATH=/nsm/import/${HASH}/zeek
mkdir -p $NSM_PATH/logs
mkdir -p $NSM_PATH/spool
mkdir -p $NSM_PATH/extracted
mkdir -p $NSM_PATH/spool
chown -R zeek:socore $NSM_PATH
docker run --rm \
-v $NSM_PATH:/nsm:rw \
-v $NSM_PATH/logs:/nsm/zeek/logs:rw \
-v $NSM_PATH/spool:/nsm/zeek/spool:rw \
-v $NSM_PATH/extracted:/nsm/zeek/extracted:rw \
-v $PCAP:/input.pcap:ro \
-v /opt/so/conf/zeek/local.zeek:/opt/zeek/share/zeek/site/local.zeek:ro \
-v /opt/so/conf/zeek/node.cfg:/opt/zeek/etc/node.cfg:ro \