From a97ca94354887fc33f3b4cf55e369805e926f419 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Sun, 23 Aug 2020 16:08:17 -0400
Subject: [PATCH] Rotate suri stats log hourly

---
 salt/suricata/cron/surirotate | 4 +---
 salt/suricata/init.sls        | 2 +-
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/salt/suricata/cron/surirotate b/salt/suricata/cron/surirotate
index b77c4d635..4da651d0e 100644
--- a/salt/suricata/cron/surirotate
+++ b/salt/suricata/cron/surirotate
@@ -1,6 +1,4 @@
 #!/bin/bash
 
 # Gzip the eve logs
-find /nsm/suricata/eve*.json -type f -printf '%T@\t%p\n' | sort -t $'\t' -g |  head -n -1 |  cut -d $'\t' -f 2- | xargs nice gzip
-
-# TODO Add stats log
\ No newline at end of file
+/usr/sbin/logrotate -f /opt/so/conf/suricata/suri-rotate.conf > /dev/null 2>&1
diff --git a/salt/suricata/init.sls b/salt/suricata/init.sls
index f8fd13067..79e06db66 100644
--- a/salt/suricata/init.sls
+++ b/salt/suricata/init.sls
@@ -168,7 +168,7 @@ surilogrotate:
 /usr/local/bin/surirotate:
   cron.present:
     - user: root
-    - minute: '6'
+    - minute: '11'
     - hour: '*'
     - daymonth: '*'
     - month: '*'