Rule Updates

2025-12-06 17:22:49 +01:00 · 2023-05-26 16:21:07 -04:00
parent 38881231ac
commit b4d85a7bf8
4 changed files with 14 additions and 6 deletions
--- a/salt/idstools/etc/rulecat.conf
+++ b/salt/idstools/etc/rulecat.conf
@@ -1,10 +1,10 @@
 {%- from 'vars/globals.map.jinja' import GLOBALS -%}
 {%- from 'idstools/map.jinja' import IDSTOOLSMERGED -%}
--merged=/nsm/rules/suricata/all.rules
+--merged=/opt/so/rules/nids/all.rules
--local=/nsm/rules/local/local.rules
+--local=/opt/so/rules/nids/local.rules
 {%-   if GLOBALS.md_engine == "SURICATA" %}
--local=/nsm/rules/sorules/ids/extraction.rules
+--local=/opt/so/rules/nids/sorules/extraction.rules
--local=/nsm/rules/sorules/filters.rules
+--local=/opt/so/rules/nids/sorules/filters.rules
 {%-   endif %}
 --url=http://{{ GLOBALS.manager }}:7788/suricata/emerging-all.rules
 --disable=/opt/so/idstools/etc/disable.conf
--- a/salt/idstools/tools/sbin_jinja/so-rule-update
+++ b/salt/idstools/tools/sbin_jinja/so-rule-update
@@ -1,5 +1,4 @@
 #!/bin/bash
 . /usr/sbin/so-common
 {%- from 'vars/globals.map.jinja' import GLOBALS %}
--- a/salt/nginx/enabled.sls
+++ b/salt/nginx/enabled.sls
@@ -12,6 +12,15 @@ include:
  - nginx.config
  - nginx.sostatus
 make-rule-dir-nginx:
  file.directory:
    - name: /nsm/rules
    - user: socore
    - group: socore
    - recurse:
      - user
      - group
 so-nginx:
  docker_container.running:
    - image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-nginx:{{ GLOBALS.so_version }}
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -648,7 +648,7 @@ if ! [[ -f $install_opt_file ]]; then
 			title "Downloading IDS Rules"
 			logCmd "so-rule-update"
 			title "Downloading YARA rules"
-			logCmd "so-yara-update"
+			logCmd "runuser -l socore 'so-yara-update'"
 		fi
 		title "Setting up Kibana Default Space"
 		logCmd "so-kibana-space-defaults"