CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Playbook & SOCtopus init edits

Browse Source
This commit is contained in:
Josh Brower
2019-09-25 15:18:18 -04:00
parent 909e35ec3b
commit d9713cc14a
3 changed files with 14 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/playbook/files/nav_layer_playbook.json
View File

@@ -15,11 +15,6 @@
"viewMode": 0,
"hideDisabled": "false",
"techniques": [{
"techniqueID": "T1003",
"color": "#5AADFF",
"comment": "",
"enabled": "true",
"metadata": []
}],
"gradient": {
"colors": ["#ff6666", "#ffe766", "#8ec843"],

12
salt/playbook/init.sls
View File

@@ -1,15 +1,5 @@
navigatordefaultlayer:
file.manage:
- name: /opt/so/conf/playbook/nav_layer_playbook.json
- source: salt://playbook/files/nav_layer_playbook.json
- user: 939
- group: 939
- makedirs: True
- replace: False
- template: jinja
navigatorconfig:
file.manage:
file.managed:
- name: /opt/so/conf/playbook/navigator_config.json
- source: salt://playbook/files/navigator_config.json
- user: 939

15
salt/soctopus/init.sls
View File

@@ -28,19 +28,30 @@ playbookrulessync:
- group: 939
- template: jinja
navigatordefaultlayer:
file.managed:
- name: /opt/so/conf/playbook/nav_layer_playbook.json
- source: salt://playbook/files/nav_layer_playbook.json
- user: 939
- group: 939
- makedirs: True
- replace: False
- template: jinja
so-soctopusimage:
cmd.run:
- name: docker pull --disable-content-trust=false soshybridhunter/so-soctopus:HH1.1.0
- name: docker pull --disable-content-trust=false soshybridhunter/so-soctopus:HH1.1.1
so-soctopus:
docker_container.running:
- require:
- so-soctopusimage
- image: soshybridhunter/so-soctopus:HH1.1.0
- image: soshybridhunter/so-soctopus:HH1.1.1
- hostname: soctopus
- name: so-soctopus
- binds:
- /opt/so/conf/soctopus/SOCtopus.conf:/SOCtopus/SOCtopus.conf:ro
- /opt/so/rules/elastalert/playbook:/etc/playbook-rules:rw
- /opt/so/conf/playbook/nav_layer_playbook.json:/etc/playbook/nav_layer_playbook.json:rw
- port_bindings:
- 0.0.0.0:7000:7000