{% import_yaml 'firewall/portgroups.yaml' as portgroups %} {% set portgroups = portgroups.firewall.aliases.ports %} role: eval: chain: DOCKER-USER: hostgroups: master: portgroups: - {{ portgroups.wazuh_endpoint }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} - {{ portgroups.fleet_api }} - {{ portgroups.cortex }} - {{ portgroups.elasticsearch_rest }} - {{ portgroups.elasticsearch_node }} - {{ portgroups.cortex_es_rest }} - {{ portgroups.cortex_es_node }} minion: portgroups: - {{ portgroups.acng }} - {{ portgroups.docker_registry }} - {{ portgroups.osquery_8080 }} - {{ portgroups.influxdb }} - {{ portgroups.wazuh_minion }} sensor: portgroups: - {{ portgroups.sensoroni }} - {{ portgroups.beats_5044 }} - {{ portgroups.beats_5644 }} search_node: portgroups: - {{ portgroups.redis }} - {{ portgroups.elasticsearch_node }} self: portgroups: - {{ portgroups.syslog}} beats_endpoint: portgroups: - {{ portgroups.beats_5044 }} osquery_endpoint: portgroups: - {{ portgroups.fleet_api }} wazuh_endpoint: portgroups: - {{ portgroups.wazuh_endpoint }} analyst: portgroups: - {{ portgroups.nginx }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} minion: portgroups: - {{ portgroups.salt_master }} helixsensor: chain: DOCKER-USER: hostgroups: master: portgroups: - {{ portgroups.wazuh_endpoint }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} - {{ portgroups.fleet_api }} - {{ portgroups.cortex }} - {{ portgroups.elasticsearch_rest }} - {{ portgroups.elasticsearch_node }} - {{ portgroups.cortex_es_rest }} - {{ portgroups.cortex_es_node }} minion: portgroups: - {{ portgroups.acng }} - {{ portgroups.docker_registry }} - {{ portgroups.osquery_8080 }} - {{ portgroups.influxdb }} - {{ portgroups.wazuh_minion }} sensor: portgroups: - {{ portgroups.sensoroni }} - {{ portgroups.beats_5044 }} - {{ portgroups.beats_5644 }} search_node: portgroups: - {{ portgroups.redis }} - {{ portgroups.elasticsearch_node }} self: portgroups: - {{ portgroups.syslog}} beats_endpoint: portgroups: - {{ portgroups.beats_5044 }} osquery_endpoint: portgroups: - {{ portgroups.fleet_api }} wazuh_endpoint: portgroups: - {{ portgroups.wazuh_endpoint }} analyst: portgroups: - {{ portgroups.nginx }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} minion: portgroups: - {{ portgroups.salt_master }} master: chain: DOCKER-USER: hostgroups: master: portgroups: - {{ portgroups.wazuh_endpoint }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} - {{ portgroups.fleet_api }} - {{ portgroups.cortex }} - {{ portgroups.elasticsearch_rest }} - {{ portgroups.elasticsearch_node }} - {{ portgroups.cortex_es_rest }} - {{ portgroups.cortex_es_node }} minion: portgroups: - {{ portgroups.acng }} - {{ portgroups.docker_registry }} - {{ portgroups.osquery_8080 }} - {{ portgroups.influxdb }} - {{ portgroups.wazuh_minion }} sensor: portgroups: - {{ portgroups.sensoroni }} - {{ portgroups.beats_5044 }} - {{ portgroups.beats_5644 }} search_node: portgroups: - {{ portgroups.redis }} - {{ portgroups.elasticsearch_node }} self: portgroups: - {{ portgroups.syslog}} beats_endpoint: portgroups: - {{ portgroups.beats_5044 }} osquery_endpoint: portgroups: - {{ portgroups.fleet_api }} wazuh_endpoint: portgroups: - {{ portgroups.wazuh_endpoint }} analyst: portgroups: - {{ portgroups.nginx }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} minion: portgroups: - {{ portgroups.salt_master }} mastersearch: chain: DOCKER-USER: hostgroups: master: portgroups: - {{ portgroups.wazuh_endpoint }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} - {{ portgroups.fleet_api }} - {{ portgroups.cortex }} - {{ portgroups.elasticsearch_rest }} - {{ portgroups.elasticsearch_node }} - {{ portgroups.cortex_es_rest }} - {{ portgroups.cortex_es_node }} minion: portgroups: - {{ portgroups.acng }} - {{ portgroups.docker_registry }} - {{ portgroups.osquery_8080 }} - {{ portgroups.influxdb }} - {{ portgroups.wazuh_minion }} sensor: portgroups: - {{ portgroups.sensoroni }} - {{ portgroups.beats_5044 }} - {{ portgroups.beats_5644 }} search_node: portgroups: - {{ portgroups.redis }} - {{ portgroups.elasticsearch_node }} self: portgroups: - {{ portgroups.syslog}} beats_endpoint: portgroups: - {{ portgroups.beats_5044 }} osquery_endpoint: portgroups: - {{ portgroups.fleet_api }} wazuh_endpoint: portgroups: - {{ portgroups.wazuh_endpoint }} analyst: portgroups: - {{ portgroups.nginx }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} minion: portgroups: - {{ portgroups.salt_master }} standalone: chain: DOCKER-USER: hostgroups: master: portgroups: - {{ portgroups.wazuh_endpoint }} - {{ portgroups.playbook }} - {{ portgroups.mysql }} - {{ portgroups.navigator }} - {{ portgroups.kibana }} - {{ portgroups.redis }} - {{ portgroups.influxdb }} - {{ portgroups.fleet_api }} - {{ portgroups.cortex }} - {{ portgroups.elasticsearch_rest }} - {{ portgroups.elasticsearch_node }} - {{ portgroups.cortex_es_rest }} - {{ portgroups.cortex_es_node }} minion: portgroups: - {{ portgroups.acng }} - {{ portgroups.docker_registry }} - {{ portgroups.osquery_8080 }} - {{ portgroups.influxdb }} - {{ portgroups.wazuh_minion }} sensor: portgroups: - {{ portgroups.sensoroni }} - {{ portgroups.beats_5044 }} - {{ portgroups.beats_5644 }} search_node: portgroups: - {{ portgroups.redis }} - {{ portgroups.elasticsearch_node }} self: portgroups: - {{ portgroups.syslog}} beats_endpoint: portgroups: - {{ portgroups.beats_5044 }} osquery_endpoint: portgroups: - {{ portgroups.fleet_api }} wazuh_endpoint: portgroups: - {{ portgroups.wazuh_endpoint }} analyst: portgroups: - {{ portgroups.nginx }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} minion: portgroups: - {{ portgroups.salt_master }} searchnode: chain: DOCKER-USER: hostgroups: master: portgroups: - {{ portgroups.elasticsearch_node }} dockernet: portgroups: - {{ portgroups.elasticsearch_node }} - {{ portgroups.elasticsearch_node }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} sensor: chain: INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }} heavynode: chain: DOCKER-USER: hostgroups: self: portgroups: - {{ portgroups.redis }} - {{ portgroups.beats_5044 }} - {{ portgroups.beats_5644 }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} localhost: portgroups: - {{ portgroups.all }} fleet: chain: DOCKER-USER: hostgroups: self: portgroups: - {{ portgroups.redis }} - {{ portgroups.mysql }} - {{ portgroups.osquery_8080 }} localhost: portgroups: - {{ portgroups.mysql }} - {{ portgroups.osquery_8080 }} analyst: portgroups: - {{ portgroups.fleet_webui }} INPUT: hostgroups: anywhere: portgroups: - {{ portgroups.ssh }} dockernet: portgroups: - {{ portgroups.all }} localhost: portgroups: - {{ portgroups.all }}