CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Create unprocessed dir and move Zeek extracted files there

Browse Source
This commit is contained in:
weslambert
2020-12-18 10:52:14 -05:00
committed by GitHub
parent 575098e368
commit bf76c1b58c
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
salt/strelka/init.sls
View File

@@ -72,13 +72,20 @@ strelkalogdir:
- group: 939 - group: 939
- makedirs: True - makedirs: True
strelkastagedir: strelkaprocessed:
file.directory: file.directory:
- name: /nsm/strelka/processed - name: /nsm/strelka/processed
- user: 939 - user: 939
- group: 939 - group: 939
- makedirs: True - makedirs: True
strelkaunprocessed:
file.directory:
- name: /nsm/strelka/unprocessed
- user: 939
- group: 939
- makedirs: True
strelka_coordinator: strelka_coordinator:
docker_container.running: docker_container.running:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-redis:{{ VERSION }} - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-redis:{{ VERSION }}
@@ -167,7 +174,7 @@ append_so-strelka-filestream_so-status.conf:
strelka_zeek_extracted_sync: strelka_zeek_extracted_sync:
cron.present: cron.present:
- user: root - user: root
- name: '[ -d /nsm/zeek/extracted/complete/ ] && mv /nsm/zeek/extracted/complete/* /nsm/strelka/ > /dev/null 2>&1' - name: '[ -d /nsm/zeek/extracted/complete/ ] && mv /nsm/zeek/extracted/complete/* /nsm/strelka/unprocessed/ > /dev/null 2>&1'
- minute: '*' - minute: '*'
{% else %} {% else %}