CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts

Browse Source
This commit is contained in:
Jason Ertel
2021-06-04 20:01:30 -04:00
parent 416b38fc71
commit e22421ec99
3 changed files with 41 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/logstash/pipelines/config/so/9100_output_osquery.conf.jinja
View File

@@ -4,7 +4,7 @@
{%- set ES = salt['pillar.get']('elasticsearch:mainip', '') -%}
{%- endif %}
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_logstash_user:user', '') %}
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_logstash_pass:pass', '') %}
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_logstash_user:pass', '') %}
output {
if [module] =~ "osquery" and "live_query" not in [dataset] {
elasticsearch {