CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-14 22:28:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

Change how zeek and suri are populated in the minion file

Browse Source
This commit is contained in:
Mike Reeves
2022-09-14 09:53:57 -04:00
parent 064b64f68a
commit a4dc63f3a4
8 changed files with 31 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/zeek/map.jinja → salt/zeek/config.map.jinja
View File
salt/zeek/fileextraction_defaults.yaml
-29
View File
@@ -1,29 +0,0 @@
zeek:
policy:
file_extraction:
- application/x-dosexec: exe
- application/pdf: pdf
- application/msword: doc
- application/vnd.ms-powerpoint: doc
- application/rtf: doc
- application/vnd.ms-word.document.macroenabled.12: doc
- application/vnd.ms-word.template.macroenabled.12: doc
- application/vnd.ms-powerpoint.template.macroenabled.12: doc
- application/vnd.ms-excel: doc
- application/vnd.ms-excel.addin.macroenabled.12: doc
- application/vnd.ms-excel.sheet.binary.macroenabled.12: doc
- application/vnd.ms-excel.template.macroenabled.12: doc
- application/vnd.ms-excel.sheet.macroenabled.12: doc
- application/vnd.openxmlformats-officedocument.presentationml.presentation: doc
- application/vnd.openxmlformats-officedocument.presentationml.slide: doc
- application/vnd.openxmlformats-officedocument.presentationml.slideshow: doc
- application/vnd.openxmlformats-officedocument.presentationml.template: doc
- application/vnd.openxmlformats-officedocument.spreadsheetml.sheet: doc
- application/vnd.openxmlformats-officedocument.spreadsheetml.template: doc
- application/vnd.openxmlformats-officedocument.wordprocessingml.document: doc
- application/vnd.openxmlformats-officedocument.wordprocessingml.template: doc
- application/vnd.ms-powerpoint.addin.macroenabled.12: doc
- application/vnd.ms-powerpoint.slide.macroenabled.12: doc
- application/vnd.ms-powerpoint.presentation.macroenabled.12: doc
- application/vnd.ms-powerpoint.slideshow.macroenabled.12: doc
- application/vnd.openxmlformats-officedocument: doc
salt/zeek/init.sls
+1 -1
View File
@@ -6,7 +6,7 @@
{% from 'allowed_states.map.jinja' import allowed_states %}
{% if sls in allowed_states %}
{% from "zeek/map.jinja" import ZEEKOPTIONS with context %}
{% from "zeek/config.map.jinja" import ZEEKOPTIONS with context %}
{% set VERSION = salt['pillar.get']('global:soversion') %}
{% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}