Merge pull request #9033 from Security-Onion-Solutions/strelkafix

Add Filechecks
2026-01-27 02:13:30 +01:00 · 2022-10-31 15:49:40 -04:00
parent 8e4d0db738 06ddae13b5
commit cb33464668
6 changed files with 169 additions and 15 deletions
--- a/salt/common/files/sensor-rotate.conf
+++ b/salt/common/files/sensor-rotate.conf
@@ -19,4 +19,17 @@
    extension .log
    dateext
    dateyesterday
-}
+}
+
+/opt/so/log/strelka/filecheck.log
+{
+    daily
+    rotate 14
+    missingok
+    copytruncate
+    compress
+    create
+    extension .log
+    dateext
+    dateyesterday
+}
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -38,15 +38,15 @@ socore:
 soconfperms:
  file.directory:
    - name: /opt/so/conf
-    - uid: 939
-    - gid: 939
+    - user: 939
+    - group: 939
    - dir_mode: 770

 sostatusconf:
  file.directory:
    - name: /opt/so/conf/so-status
-    - uid: 939
-    - gid: 939
+    - user: 939
+    - group: 939
    - dir_mode: 770

 so-status.conf:
@@ -57,8 +57,8 @@ so-status.conf:
 sosaltstackperms:
  file.directory:
    - name: /opt/so/saltstack
-    - uid: 939
-    - gid: 939
+    - user: 939
+    - group: 939
    - dir_mode: 770

 so_log_perms:
@@ -113,6 +113,7 @@ commonpkgs:
      - python3-mysqldb
      - python3-packaging
      - python3-lxml
+      - python3-watchdog
      - git
      - vim

@@ -156,6 +157,7 @@ commonpkgs:
      - python36-mysql
      - python36-packaging
      - python36-lxml
+      - python36-watchdog
      - yum-utils
      - device-mapper-persistent-data
      - lvm2