CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

engines config for valueWatch

Browse Source
This commit is contained in:
m0duspwnens
2024-04-29 14:02:10 -04:00
parent 05244cfd75
commit a0388fd568
1 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
salt/salt/files/engines.conf
View File

@@ -4,6 +4,49 @@ engines_dirs:
engines: engines:
- checkmine: - checkmine:
interval: 60 interval: 60
- valueWatch:
watched:
- value: GLOBALMERGED.pipeline
files:
- /opt/so/saltstack/local/pillar/global/soc_global.sls
- /opt/so/saltstack/local/pillar/global/adv_global.sls
map: global/map.jinja
targets:
- so-manager
- so-managersearch
ttype: compound
actions:
from:
'*':
to:
KAFKA:
- cmd.run:
cmd: /usr/sbin/so-yaml.py replace /opt/so/saltstack/local/pillar/kafka/soc_kafka.sls kafka.enabled True
KAFKA:
to:
'*':
- cmd.run:
cmd: /usr/sbin/so-yaml.py replace /opt/so/saltstack/local/pillar/kafka/soc_kafka.sls kafka.enabled False
- value: FIREWALL_MERGED
files:
- /opt/so/saltstack/local/pillar/firewall/soc_firewall.sls
- /opt/so/saltstack/local/pillar/firewall/adv_firewall.sls
- /opt/so/saltstack/local/pillar/minions/*.sls
map: firewall/map.jinja
targets:
- so-*
ttype: compound
actions:
from:
'*':
to:
'*':
- cmd.run:
cmd: date
interval: 10
- pillarWatch: - pillarWatch:
fpa: fpa:
# these files will be checked in reversed order to replicate the same hierarchy as the pillar top file # these files will be checked in reversed order to replicate the same hierarchy as the pillar top file