CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8291 from Security-Onion-Solutions/elastalert_esversion_check

Browse Source 
do not start elastalert if elasticsearch is not v8
This commit is contained in:
Josh Patterson
2022-07-13 11:24:12 -04:00
committed by GitHub
parent 7ae5d49a4a 086cf3996d
commit e79ca4bb9b
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/elastalert/init.sls
View File

@@ -107,6 +107,10 @@ wait_for_elasticsearch:
cmd.run:
- name: so-elasticsearch-wait
is_elasticsearch_v8:
cmd.shell:
- name: "so-elasticsearch-query / | jq -r '.version.number[0:1]' | grep -q 8" #if not 8 do not start ES
so-elastalert:
docker_container.running:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elastalert:{{ VERSION }}
@@ -123,6 +127,7 @@ so-elastalert:
- {{MANAGER_URL}}:{{MANAGER_IP}}
- require:
- cmd: wait_for_elasticsearch
- cmd: is_elasticsearch_v8
- file: elastarules
- file: elastalogdir
- file: elastacustmodulesdir