CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Suricata Salt Module - add env variable for start script

Browse Source
This commit is contained in:
Mike Reeves
2018-02-27 14:57:26 -05:00
parent 69ba60d710
commit acda73feab
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
salt/suricata/init.sls
View File

@@ -13,7 +13,24 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
{% set interface = salt['pillar.get']('sensor:interface', 'bond0') %}
# Suricata # Suricata
# Add Suricata Group
suricatagroup:
group.present:
- name: suricata
- gid: 940
# Add ES user
suricata:
user.present:
- uid: 940
- gid: 940
- home: /opt/so/conf/suricata
- createhome: False
suridir: suridir:
file.directory: file.directory:
- name: /opt/so/conf/suricata - name: /opt/so/conf/suricata
@@ -51,6 +68,8 @@ so-suricata:
docker_container.running: docker_container.running:
- image: toosmooth/so-suricata:test2 - image: toosmooth/so-suricata:test2
- privileged: True - privileged: True
- environment:
- interface={{ interface }}
- binds: - binds:
- /opt/so/conf/suricata/suricata.yaml:/usr/local/etc/suricata/suricata.yaml:ro - /opt/so/conf/suricata/suricata.yaml:/usr/local/etc/suricata/suricata.yaml:ro
- /opt/so/conf/suricata/rules:/usr/local/etc/suricata/rules:ro - /opt/so/conf/suricata/rules:/usr/local/etc/suricata/rules:ro