CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-24 08:53:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12974 from Security-Onion-Solutions/fix/strelka_yara

Browse Source 
Account for 0 active rules and change watch
This commit is contained in:
weslambert
2024-05-08 15:59:20 -04:00
committed by GitHub
parent c7845bdf56 0567b93534
commit b916465b06
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/strelka/backend/enabled.sls
View File

@@ -42,6 +42,8 @@ strelka_backend:
{% endfor %}
{% endif %}
- restart_policy: on-failure
- watch:
- file: /opt/so/conf/strelka/rules/compiled/*
delete_so-strelka-backend_so-status.disabled:
file.uncomment:

7
salt/strelka/config.sls
View File

@@ -31,11 +31,12 @@ strelkarulesdir:
{%- if grains.role in ['so-sensor', 'so-heavynode'] %}
strelkasensorrules:
file.managed:
- name: /opt/so/conf/strelka/rules/compiled/rules.compiled
- source: salt://strelka/rules/compiled/rules.compiled
file.recurse:
- name: /opt/so/conf/strelka/rules/compiled/
- source: salt://strelka/rules/compiled/
- user: 939
- group: 939
- clean: True
{%- endif %}
strelkareposdir: