CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-17 14:33:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Threads placeholder logic

Browse Source
This commit is contained in:
Mike Reeves
2024-01-29 15:44:57 -05:00
parent 88c01a22d6
commit ab551a747d
2 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/suricata/enabled.sls
View File

@@ -12,6 +12,9 @@
include:
- suricata.config
- suricata.sostatus
if blah
- suricata.pcap
endif
so-suricata:
docker_container.running:

25
salt/suricata/pcap.sls Normal file
View File

@@ -0,0 +1,25 @@
{% from 'vars/globals.map.jinja' import GLOBALS %}
{% import_yaml 'suricata/defaults.yaml' as SURICATADEFAULTS %}
{% set SURICATAMERGED = salt['pillar.get']('suricata', SURICATADEFAULTS.suricata, merge=True) %}
suripcapdir:
file.directory:
- name: /nsm/suripcap
- user: 940
- group: 939
- mode: 755
- makedirs: True
{{ SURICATAMERGED.config['af-packet'].threads }}
for thread in afp.threads
suripcapthreaddir:
file.directory:
- name: /nsm/suripcap/{{thread}}
- user: 940
- group: 939
- mode: 755
- makedirs: True
endfor