CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

update to allow use of custom modules and local config

Browse Source
This commit is contained in:
Wes Lambert
2019-09-09 20:23:37 +00:00
parent 209a46bad6
commit a1998a8aa2
1 changed files with 40 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
salt/elastalert/init.sls
View File

@@ -64,20 +64,42 @@ elastarules:
- group: 939 - group: 939
- makedirs: True - makedirs: True
#elastaconfdir: elastaconfdir:
# file.directory: file.directory:
# - name: /opt/so/conf/elastalert - name: /opt/so/conf/elastalert
# - user: 933 - user: 933
# - group: 939 - group: 939
# - makedirs: True - makedirs: True
#elastaconf: elastasomodulesdir:
# file.managed: file.directory:
# - name: /opt/so/conf/elastalert/config.yaml - name: /opt/so/conf/elastalert/modules/so
# - source: salt://elastalert/files/config.yaml - user: 933
# - user: 933 - group: 939
# - group: 939 - makedirs: True
# - template: jinja
elastacustmodulesdir:
file.directory:
- name: /opt/so/conf/elastalert/modules/custom
- user: 933
- group: 939
- makedirs: True
elastasomodulesync:
file.recurse:
- name: /opt/so/conf/elastalert/modules/so
- source: salt://elastalert/files/modules/so
- user: 933
- group: 939
- makedirs: True
elastaconf:
file.managed:
- name: /opt/so/conf/elastalert/elastalert_config.yaml
- source: salt://elastalert/files/elastalert_config.yaml
- user: 933
- group: 939
- template: jinja
so-elastalertimage: so-elastalertimage:
cmd.run: cmd.run:
@@ -93,15 +115,16 @@ so-elastalert:
- user: elastalert - user: elastalert
- detach: True - detach: True
- binds: - binds:
# - /opt/so/conf/elastalert/config.yaml:/etc/elastalert/conf/elastalert_config.yaml:ro
- /opt/so/rules/elastalert:/etc/elastalert/rules/:ro - /opt/so/rules/elastalert:/etc/elastalert/rules/:ro
- /opt/so/log/elastalert:/var/log/elastalert:rw - /opt/so/log/elastalert:/var/log/elastalert:rw
- /opt/so/conf/elastalert/modules:/opt/elastalert/elastalert/modules:ro
- /opt/so/conf/elastalert/elastalert_config.yaml:/etc/elastalert/conf/elastalert_config.yaml:ro
- environment: - environment:
- ELASTICSEARCH_HOST: {{ esip }} #- ELASTICSEARCH_HOST: {{ esip }}
- ELASTICSEARCH_PORT: {{ esport }} #- ELASTICSEARCH_PORT: {{ esport }}
- ELASTALERT_CONFIG: /etc/elastalert/conf/elastalert_config.yaml - ELASTALERT_CONFIG: /etc/elastalert/conf/elastalert_config.yaml
- ELASTALERT_SUPERVISOR_CONF: /etc/elastalert/conf/elastalert_supervisord.conf - ELASTALERT_SUPERVISOR_CONF: /etc/elastalert/conf/elastalert_supervisord.conf
- RULES_DIRECTORY: /etc/elastalert/rules/ #- RULES_DIRECTORY: /etc/elastalert/rules/
- LOG_DIR: /var/log/elastalert - LOG_DIR: /var/log/elastalert
{% endif %} {% endif %}