CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add analyze feature

Browse Source
This commit is contained in:
Jason Ertel
2022-03-28 15:53:24 -04:00
parent a3f8a10eb9
commit deb9b0e5ef
7 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
salt/sensoroni/init.sls
View File

@@ -18,6 +18,13 @@ sensoroniagentconf:
- mode: 600
- template: jinja
analyzersdir:
file.directory:
- name: /opt/so/conf/soc/analyzers
- user: 939
- group: 939
- makedirs: True
sensoronilog:
file.directory:
- name: /opt/so/log/sensoroni
@@ -25,6 +32,15 @@ sensoronilog:
- group: 939
- makedirs: True
analyzerscripts:
file.recurse:
- name: /opt/so/conf/soc/analyzers
- user: 939
- group: 939
- file_mode: 755
- template: jinja
- source: salt://sensoroni/files/analyzers
so-sensoroni:
docker_container.running:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-soc:{{ VERSION }}
@@ -35,6 +51,7 @@ so-sensoroni:
- /nsm/import:/nsm/import:rw
- /nsm/pcapout:/nsm/pcapout:rw
- /opt/so/conf/sensoroni/sensoroni.json:/opt/sensoroni/sensoroni.json:ro
- /opt/so/conf/sensoroni/analyzers:/opt/sensoroni/analyzers:ro
- /opt/so/log/sensoroni:/opt/sensoroni/logs:rw
- watch:
- file: /opt/so/conf/sensoroni/sensoroni.json