diff --git a/pillar/docker/config.sls b/pillar/docker/config.sls index 647151eef..da6fac83a 100644 --- a/pillar/docker/config.sls +++ b/pillar/docker/config.sls @@ -5,7 +5,7 @@ {% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %} {% set FREQSERVER = salt['pillar.get']('manager:freq', '0') %} {% set DOMAINSTATS = salt['pillar.get']('manager:domainstats', '0') %} -{% set ZEEKVER = salt['pillar.get']('global:zeekversion', 'COMMUNITY') %} +{% set ZEEKVER = salt['pillar.get']('global:mdengine', 'COMMUNITY') %} {% set GRAFANA = salt['pillar.get']('manager:grafana', '0') %} eval: diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja index fb23e6708..12bddfec7 100644 --- a/salt/common/maps/so-status.map.jinja +++ b/salt/common/maps/so-status.map.jinja @@ -36,7 +36,7 @@ {% endif %} {% if role in ['heavynode', 'standalone'] %} - {{ append_containers('global', 'zeekversion', 'SURICATA') }} + {{ append_containers('global', 'mdengine', 'SURICATA') }} {% endif %} {% if role == 'searchnode' %} @@ -44,5 +44,5 @@ {% endif %} {% if role == 'sensor' %} - {{ append_containers('global', 'zeekversion', 'SURICATA') }} + {{ append_containers('global', 'mdengine', 'SURICATA') }} {% endif %} \ No newline at end of file diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 1b1688809..500651e80 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -178,7 +178,10 @@ rc2_to_rc3() { rm -rf /opt/so/saltstack/local/salt/idstools/localrules rm -rf /opt/so/saltstack/default/salt/idstools/localrules - # Rename ZEEKVERSION to MDENGINE + # Rename mdengine to MDENGINE + sed -i "s/ mdengine/ mdengine/g" /opt/so/saltstack/local/pillar/global.sls + # Enable Strelka Rules + sed -i "/ rules:/c\ rules: 1" /opt/so/saltstack/local/pillar/global.sls } diff --git a/salt/filebeat/etc/filebeat.yml b/salt/filebeat/etc/filebeat.yml index 6849b1c08..61c5a7b7c 100644 --- a/salt/filebeat/etc/filebeat.yml +++ b/salt/filebeat/etc/filebeat.yml @@ -6,7 +6,7 @@ {%- set HOSTNAME = salt['grains.get']('host', '') %} -{%- set ZEEKVER = salt['pillar.get']('global:zeekversion', 'COMMUNITY') %} +{%- set ZEEKVER = salt['pillar.get']('global:mdengine', 'COMMUNITY') %} {%- set WAZUHENABLED = salt['pillar.get']('global:wazuh', '0') %} {%- set STRELKAENABLED = salt['pillar.get']('strelka:enabled', '0') %} {%- set FLEETMANAGER = salt['pillar.get']('global:fleet_manager', False) -%} diff --git a/salt/suricata/init.sls b/salt/suricata/init.sls index 45b99586c..6245b9e51 100644 --- a/salt/suricata/init.sls +++ b/salt/suricata/init.sls @@ -18,7 +18,7 @@ {% if 'suricata' in top_states %} {% set interface = salt['pillar.get']('sensor:interface', 'bond0') %} -{% set ZEEKVER = salt['pillar.get']('global:zeekversion', '') %} +{% set ZEEKVER = salt['pillar.get']('global:mdengine', '') %} {% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %} {% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %} {% set MANAGER = salt['grains.get']('master') %} diff --git a/salt/suricata/suricata_config.map.jinja b/salt/suricata/suricata_config.map.jinja index a544f6d96..d8669c231 100644 --- a/salt/suricata/suricata_config.map.jinja +++ b/salt/suricata/suricata_config.map.jinja @@ -44,7 +44,7 @@ HOME_NET: "[{{salt['pillar.get']('global:hnmanager', '')}}]" {% endfor %} {% set surimeta_evelog_index = surimeta_evelog_index[0] %} -{% if salt['pillar.get']('global:zeekversion', 'ZEEK') == 'SURICATA' %} +{% if salt['pillar.get']('global:mdengine', 'ZEEK') == 'SURICATA' %} {% do suricata_defaults.suricata.config.outputs[default_evelog_index]['eve-log'].types.extend(suricata_meta.suricata.config.outputs[surimeta_evelog_index]['eve-log'].types) %} {% endif %} diff --git a/salt/top.sls b/salt/top.sls index 7120c15b7..0c636c6e4 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -1,4 +1,4 @@ -{% set ZEEKVER = salt['pillar.get']('global:zeekversion', '') %} +{% set ZEEKVER = salt['pillar.get']('global:mdengine', '') %} {% set WAZUH = salt['pillar.get']('global:wazuh', '0') %} {% set THEHIVE = salt['pillar.get']('manager:thehive', '0') %} {% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %} diff --git a/setup/so-functions b/setup/so-functions index f26fcaa24..2f301261a 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1117,7 +1117,7 @@ manager_global() { " hnmanager: $HNMANAGER"\ " ntpserver: $NTPSERVER"\ " proxy: $PROXY"\ - " zeekversion: $ZEEKVERSION"\ + " mdengine: $ZEEKVERSION"\ " ids: $NIDS"\ " url_base: $REDIRECTIT"\ " managerip: $MAINIP" > "$global_pillar"