Merge branch 'dev' into foxtrot

salt/zeek/init.sls

@@ -119,7 +119,7 @@ zeekctlcfg:
         ZEEKCTL: {{ ZEEK.zeekctl | tojson }}
 
 # Sync node.cfg
-nodecfgsync:
+nodecfg:
   file.managed:
     - name: /opt/so/conf/zeek/node.cfg
     - source: salt://zeek/files/node.cfg
@@ -149,7 +149,7 @@ plcronscript:
     - mode: 755
 
 zeekpacketlosscron:
-  cron.present:
+  cron.{{ZEEKOPTIONS.pl_cron_state}}:
     - name: /usr/local/bin/packetloss.sh
     - user: root
     - minute: '*/10'
@@ -185,7 +185,7 @@ zeekbpf:
 {% endif %}
 
 
-localzeeksync:
+localzeek:
   file.managed:
     - name: /opt/so/conf/zeek/local.zeek
     - source: salt://zeek/files/local.zeek.jinja
@@ -222,6 +222,11 @@ so-zeek:
       - file: /opt/so/conf/zeek/zeekctl.cfg
       - file: /opt/so/conf/zeek/policy
       - file: /opt/so/conf/zeek/bpf
+    - require:
+      - file: localzeek
+      - file: nodecfg
+      - file: zeekctlcfg
+      - file: zeekbpf
   {% else %} {# if Zeek isn't enabled, then stop and remove the container #}
     - force: True
   {% endif %}

salt/zeek/map.jinja

@@ -1,15 +1,17 @@
 {% set ZEEKOPTIONS = {} %}
-{% set ENABLED = salt['pillar.get']('zeek:enabled', 'True') %}
+{% set ENABLED = salt['pillar.get']('zeek:enabled', True) %}
 
 # don't start the docker container if it is an import node or disabled via pillar
-{% if grains.id.split('_')|last == 'import' or ENABLED is sameas false %}
+{% if grains.id.split('_')|last == 'import' or not ENABLED %}
   {% do ZEEKOPTIONS.update({'start': False}) %}
+  {% do ZEEKOPTIONS.update({'pl_cron_state': 'absent'}) %}
 {% else %}
   {% do ZEEKOPTIONS.update({'start': True}) %}
+  {% do ZEEKOPTIONS.update({'pl_cron_state': 'present'}) %}
 {% endif %}
 
-{% if ENABLED is sameas false %}
+{% if not ENABLED %}
   {% do ZEEKOPTIONS.update({'status': 'absent'}) %}
 {% else %}
   {% do ZEEKOPTIONS.update({'status': 'running'}) %}
-{% endif %}
+{% endif %}