CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Rule Updates

Browse Source
This commit is contained in:
Mike Reeves
2023-05-26 15:16:14 -04:00
parent 8ce0d76287
commit b2d2a9f0ed
6 changed files with 41 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
setup/so-functions
View File

@@ -1523,15 +1523,9 @@ create_strelka_pillar() {
"strelka:"\
" enabled: $STRELKA"\
" rules: 1" > "$strelka_pillar_file"
if [[ $is_airgap ]]; then
printf '%s\n'\
" repos:"\
" - 'https://$HOSTNAME/repo/rules/strelka'" >> "$strelka_pillar_file"
else
printf '%s\n'\
" repos:"\
" - 'https://github.com/Neo23x0/signature-base'" >> "$strelka_pillar_file"
fi
printf '%s\n'\
" repos:"\
" - 'https://$HOSTNAME:7788/yara'" >> "$strelka_pillar_file"
}
backup_pillar() {

6
setup/so-setup
View File

@@ -644,6 +644,12 @@ if ! [[ -f $install_opt_file ]]; then
logCmd "salt-call state.apply -l info manager"
logCmd "salt-call state.apply influxdb -l info"
logCmd "salt-call state.highstate -l info"
if [[ ! $is_airgap ]]; then
title "Downloading IDS Rules"
logCmd "so-rule-update"
title "Downloading YARA rules"
logCmd "so-yara-update"
fi
title "Setting up Kibana Default Space"
logCmd "so-kibana-space-defaults"
add_web_user