Merge pull request #3058 from Security-Onion-Solutions/delta

Fix intermittent Suricata rules load issue

setup/automation/import-airgap

@@ -30,7 +30,7 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
+# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit
@@ -58,7 +58,7 @@ NODESETUP=NODEBASIC
 NSMSETUP=BASIC
 NODEUPDATES=MANAGER
 # OINKCODE=
-OSQUERY=1
+# OSQUERY=1
 # PATCHSCHEDULEDAYS=
 # PATCHSCHEDULEHOURS=
 PATCHSCHEDULENAME=auto
@@ -71,8 +71,8 @@ RULESETUP=ETOPEN
 # SOREMOTEPASS1=onionuser
 # SOREMOTEPASS2=onionuser
 STRELKA=1
-THEHIVE=1
+# THEHIVE=1
-WAZUH=1
+# WAZUH=1
 WEBUSER=onionuser@somewhere.invalid
 WEBPASSWD1=0n10nus3r
 WEBPASSWD2=0n10nus3r

setup/automation/import-ami

@@ -30,7 +30,7 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
+# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit
@@ -57,7 +57,7 @@ NODESETUP=NODEBASIC
 NSMSETUP=BASIC
 NODEUPDATES=MANAGER
 # OINKCODE=
-OSQUERY=1
+# OSQUERY=1
 # PATCHSCHEDULEDAYS=
 # PATCHSCHEDULEHOURS=
 PATCHSCHEDULENAME=auto
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
 # SOREMOTEPASS1=onionuser
 # SOREMOTEPASS2=onionuser
 STRELKA=1
-THEHIVE=1
+# THEHIVE=1
-WAZUH=1
+# WAZUH=1
 WEBUSER=onionuser@somewhere.invalid
 WEBPASSWD1=0n10nus3r
 WEBPASSWD2=0n10nus3r

setup/automation/import-iso

@@ -30,7 +30,7 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
+# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit
@@ -57,7 +57,7 @@ NODESETUP=NODEBASIC
 NSMSETUP=BASIC
 NODEUPDATES=MANAGER
 # OINKCODE=
-OSQUERY=1
+# OSQUERY=1
 # PATCHSCHEDULEDAYS=
 # PATCHSCHEDULEHOURS=
 PATCHSCHEDULENAME=auto
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
 # SOREMOTEPASS1=onionuser
 # SOREMOTEPASS2=onionuser
 STRELKA=1
-THEHIVE=1
+# THEHIVE=1
-WAZUH=1
+# WAZUH=1
 WEBUSER=onionuser@somewhere.invalid
 WEBPASSWD1=0n10nus3r
 WEBPASSWD2=0n10nus3r

setup/automation/import-net-centos

@@ -30,7 +30,7 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
+# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit
@@ -57,11 +57,11 @@ NODESETUP=NODEBASIC
 NSMSETUP=BASIC
 NODEUPDATES=MANAGER
 # OINKCODE=
-OSQUERY=1
+# OSQUERY=1
 # PATCHSCHEDULEDAYS=
 # PATCHSCHEDULEHOURS=
 PATCHSCHEDULENAME=auto
-#PLAYBOOK=1
+# PLAYBOOK=1
 # REDIRECTHOST=
 REDIRECTINFO=IP
 RULESETUP=ETOPEN
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
 # SOREMOTEPASS1=onionuser
 # SOREMOTEPASS2=onionuser
 STRELKA=1
-THEHIVE=1
+# THEHIVE=1
-WAZUH=1
+# WAZUH=1
 WEBUSER=onionuser@somewhere.invalid
 WEBPASSWD1=0n10nus3r
 WEBPASSWD2=0n10nus3r

setup/automation/import-net-ubuntu

@@ -30,7 +30,7 @@ BASICSURI=2
 ZEEKVERSION=ZEEK
 # CURCLOSEDAYS=
 # EVALADVANCED=BASIC
-GRAFANA=1
+# GRAFANA=1
 # HELIXAPIKEY=
 HNMANAGER=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
 HNSENSOR=inherit
@@ -57,11 +57,11 @@ NODESETUP=NODEBASIC
 NSMSETUP=BASIC
 NODEUPDATES=MANAGER
 # OINKCODE=
-OSQUERY=1
+# OSQUERY=1
 # PATCHSCHEDULEDAYS=
 # PATCHSCHEDULEHOURS=
 PATCHSCHEDULENAME=auto
-#PLAYBOOK=1
+# PLAYBOOK=1
 # REDIRECTHOST=
 REDIRECTINFO=IP
 RULESETUP=ETOPEN
@@ -70,8 +70,8 @@ RULESETUP=ETOPEN
 # SOREMOTEPASS1=onionuser
 # SOREMOTEPASS2=onionuser
 STRELKA=1
-THEHIVE=1
+# THEHIVE=1
-WAZUH=1
+# WAZUH=1
 WEBUSER=onionuser@somewhere.invalid
 WEBPASSWD1=0n10nus3r
 WEBPASSWD2=0n10nus3r

setup/so-functions

@@ -891,6 +891,7 @@ create_local_nids_rules() {
 	# Create a local.rules file so it doesn't get blasted on updates
 	mkdir -p /opt/so/saltstack/local/salt/idstools
 	echo "# Custom Suricata rules go in this file" > /opt/so/saltstack/local/salt/idstools/local.rules
+	salt-run fileserver.clear_file_list_cache
 }
 
 create_repo() {