diff --git a/salt/manager/beacons.sls b/salt/manager/beacons.sls new file mode 100644 index 000000000..11574f9e2 --- /dev/null +++ b/salt/manager/beacons.sls @@ -0,0 +1,21 @@ +{% from 'vars/globals.map.jinja' import GLOBALS %} +{% from 'global/map.jinja' import GLOBALMERGED %} + +include: + - salt.minion + +{% if GLOBALS.is_manager and GLOBALMERGED.push.enabled %} +salt_beacons_pushstate: + file.managed: + - name: /etc/salt/minion.d/beacons_pushstate.conf + - source: salt://manager/files/beacons_pushstate.conf.jinja + - template: jinja + - watch_in: + - service: salt_minion_service +{% else %} +salt_beacons_pushstate: + file.absent: + - name: /etc/salt/minion.d/beacons_pushstate.conf + - watch_in: + - service: salt_minion_service +{% endif %} diff --git a/salt/manager/files/beacons_pushstate.conf.jinja b/salt/manager/files/beacons_pushstate.conf.jinja new file mode 100644 index 000000000..31a12159b --- /dev/null +++ b/salt/manager/files/beacons_pushstate.conf.jinja @@ -0,0 +1,53 @@ +beacons: + inotify: + - disable_during_state_run: True + - coalesce: True + - files: + /opt/so/saltstack/local/salt/suricata/rules/: + mask: + - close_write + - moved_to + - delete + recurse: True + auto_add: True + exclude: + - '\.sw[a-z]$': + regex: True + - '~$': + regex: True + - '/4913$': + regex: True + - '/\.#': + regex: True + /opt/so/saltstack/local/salt/strelka/rules/compiled/: + mask: + - close_write + - moved_to + - delete + recurse: True + auto_add: True + exclude: + - '\.sw[a-z]$': + regex: True + - '~$': + regex: True + - '/4913$': + regex: True + - '/\.#': + regex: True + /opt/so/saltstack/local/pillar/: + mask: + - close_write + - moved_to + - delete + recurse: True + auto_add: True + exclude: + - '\.sw[a-z]$': + regex: True + - '~$': + regex: True + - '/4913$': + regex: True + - '/\.#': + regex: True diff --git a/salt/manager/init.sls b/salt/manager/init.sls index 2353bb64b..ef2428492 100644 --- a/salt/manager/init.sls +++ b/salt/manager/init.sls @@ -15,6 +15,7 @@ include: - manager.elasticsearch - manager.kibana - manager.managed_soc_annotations + - manager.beacons repo_log_dir: file.directory: @@ -231,6 +232,7 @@ surifiltersrules: - user: 939 - group: 939 + {% else %} {{sls}}_state_not_allowed: diff --git a/salt/salt/beacons.sls b/salt/salt/beacons.sls index bce3635f6..2df927d75 100644 --- a/salt/salt/beacons.sls +++ b/salt/salt/beacons.sls @@ -1,5 +1,3 @@ -{% from 'vars/globals.map.jinja' import GLOBALS %} -{% from 'global/map.jinja' import GLOBALMERGED %} {% set CHECKS = salt['pillar.get']('healthcheck:checks', {}) %} {% set ENABLED = salt['pillar.get']('healthcheck:enabled', False) %} {% set SCHEDULE = salt['pillar.get']('healthcheck:schedule', 30) %} @@ -26,18 +24,3 @@ salt_beacons: - service: salt_minion_service {% endif %} -{% if GLOBALS.is_manager and GLOBALMERGED.push.enabled %} -salt_beacons_pushstate: - file.managed: - - name: /etc/salt/minion.d/beacons_pushstate.conf - - source: salt://salt/files/beacons_pushstate.conf.jinja - - template: jinja - - watch_in: - - service: salt_minion_service -{% else %} -salt_beacons_pushstate: - file.absent: - - name: /etc/salt/minion.d/beacons_pushstate.conf - - watch_in: - - service: salt_minion_service -{% endif %} diff --git a/salt/salt/files/beacons_pushstate.conf.jinja b/salt/salt/files/beacons_pushstate.conf.jinja deleted file mode 100644 index 8d3f05864..000000000 --- a/salt/salt/files/beacons_pushstate.conf.jinja +++ /dev/null @@ -1,26 +0,0 @@ -beacons: - inotify: - - disable_during_state_run: True - - coalesce: True - - files: - /opt/so/saltstack/local/salt/suricata/rules/: - mask: - - close_write - - moved_to - - delete - recurse: True - auto_add: True - /opt/so/saltstack/local/salt/strelka/rules/compiled/: - mask: - - close_write - - moved_to - - delete - recurse: True - auto_add: True - /opt/so/saltstack/local/pillar/: - mask: - - close_write - - moved_to - - delete - recurse: True - auto_add: True