CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
1470e120ef6ac9946f7b445354686d2d7c011a72
securityonion/salt/top.sls

526 lines
10 KiB
Plaintext
Raw Blame History

{% set ZEEKVER = salt['pillar.get']('global:mdengine', '') %}
{% set WAZUH = salt['pillar.get']('global:wazuh', '0') %}
{% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %}
{% set FREQSERVER = salt['pillar.get']('manager:freq', '0') %}
{% set DOMAINSTATS = salt['pillar.get']('manager:domainstats', '0') %}
{% set FLEETMANAGER = salt['pillar.get']('global:fleet_manager', False) %}
{% set FLEETNODE = salt['pillar.get']('global:fleet_node', False) %}
{% set ELASTALERT = salt['pillar.get']('elastalert:enabled', True) %}
{% set ELASTICSEARCH = salt['pillar.get']('elasticsearch:enabled', True) %}
{% set FILEBEAT = salt['pillar.get']('filebeat:enabled', True) %}
{% set KIBANA = salt['pillar.get']('kibana:enabled', True) %}
{% set LOGSTASH = salt['pillar.get']('logstash:enabled', True) %}
{% set REDIS = salt['pillar.get']('redis:enabled', True) %}
{% set STRELKA = salt['pillar.get']('strelka:enabled', '0') %}
{% import_yaml 'salt/minion.defaults.yaml' as saltversion %}
{% set saltversion = saltversion.salt.minion.version %}
{% set INSTALLEDSALTVERSION = grains.saltversion %}
base:
'*':
- cron.running
- repo.client
'not G@saltversion:{{saltversion}}':
- match: compound
- salt.minion-state-apply-test
- salt.minion
'G@os:CentOS and G@saltversion:{{saltversion}}':
- match: compound
- yum.packages
'* and G@saltversion:{{saltversion}}':
- match: compound
- salt.minion
- patch.os.schedule
- motd
- salt.minion-check
- salt.lasthighstate
'not *_workstation and G@saltversion:{{saltversion}}':
- match: compound
- common
'*_helixsensor and G@saltversion:{{saltversion}}':
- match: compound
- salt.master
- ca
- ssl
- registry
- sensoroni
- telegraf
- firewall
- idstools
- suricata.manager
- pcap
- suricata
- zeek
- redis
- elasticsearch
- logstash
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule
'*_sensor and G@saltversion:{{saltversion}}':
- match: compound
- ssl
- sensoroni
- telegraf
- firewall
- nginx
- pcap
- suricata
- healthcheck
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if STRELKA %}
- strelka
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
- docker_clean
'*_eval and G@saltversion:{{saltversion}}':
- match: compound
- salt.master
- ca
- ssl
- registry
- sensoroni
- manager
- nginx
- telegraf
- influxdb
- grafana
- soc
- kratos
- firewall
- idstools
- suricata.manager
- healthcheck
{%- if (FLEETMANAGER or FLEETNODE) or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if KIBANA %}
- kibana.so_savedobjects_defaults
{%- endif %}
- pcap
- suricata
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
{%- if STRELKA %}
- strelka
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- curator
{%- if ELASTALERT %}
- elastalert
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- redis
- fleet
- fleet.install_package
{%- endif %}
- utility
- schedule
- soctopus
{%- if PLAYBOOK != 0 %}
- playbook
- redis
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
- docker_clean
- pipeline.load
- learn
'*_manager and G@saltversion:{{saltversion}}':
- match: compound
- salt.master
- ca
- ssl
- registry
- sensoroni
- nginx
- telegraf
- influxdb
- grafana
- soc
- kratos
- firewall
- manager
- idstools
- suricata.manager
{%- if (FLEETMANAGER or FLEETNODE) or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if LOGSTASH %}
- logstash
{%- endif %}
{%- if REDIS %}
- redis
{%- endif %}
{%- if KIBANA %}
- kibana.so_savedobjects_defaults
{%- endif %}
- curator
{%- if ELASTALERT %}
- elastalert
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- curator
- utility
- schedule
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- fleet.install_package
{%- endif %}
- soctopus
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
- docker_clean
- pipeline.load
- learn
'*_standalone and G@saltversion:{{saltversion}}':
- match: compound
- salt.master
- ca
- ssl
- registry
- sensoroni
- manager
- nginx
- telegraf
- influxdb
- grafana
- soc
- kratos
- firewall
- idstools
- suricata.manager
- healthcheck
{%- if (FLEETMANAGER or FLEETNODE) or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if LOGSTASH %}
- logstash
{%- endif %}
{%- if REDIS %}
- redis
{%- endif %}
{%- if KIBANA %}
- kibana.so_savedobjects_defaults
{%- endif %}
- pcap
- suricata
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
{%- if STRELKA %}
- strelka
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- curator
{%- if ELASTALERT %}
- elastalert
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- fleet.install_package
{%- endif %}
- utility
- schedule
- soctopus
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
- docker_clean
- pipeline.load
- learn
'*_searchnode and G@saltversion:{{saltversion}}':
- match: compound
- ssl
- sensoroni
- nginx
- telegraf
- firewall
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if LOGSTASH %}
- logstash
{%- endif %}
- curator
{%- if FILEBEAT %}
- filebeat
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
- docker_clean
- pipeline.load
'*_managersearch and G@saltversion:{{saltversion}}':
- match: compound
- salt.master
- ca
- ssl
- registry
- sensoroni
- nginx
- telegraf
- influxdb
- grafana
- soc
- kratos
- firewall
- manager
- idstools
- suricata.manager
{%- if (FLEETMANAGER or FLEETNODE) or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if LOGSTASH %}
- logstash
{%- endif %}
{%- if REDIS %}
- redis
{%- endif %}
- curator
{%- if KIBANA %}
- kibana.so_savedobjects_defaults
{%- endif %}
{%- if ELASTALERT %}
- elastalert
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- utility
- schedule
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- fleet.install_package
{%- endif %}
- soctopus
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
- docker_clean
- pipeline.load
- learn
'*_heavynode and G@saltversion:{{saltversion}}':
- match: compound
- ssl
- sensoroni
- nginx
- telegraf
- firewall
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if LOGSTASH %}
- logstash
{%- endif %}
{%- if REDIS %}
- redis
{%- endif %}
- curator
{%- if FILEBEAT %}
- filebeat
{%- endif %}
{%- if STRELKA %}
- strelka
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- pcap
- suricata
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule
- docker_clean
- pipeline.load
'*_fleet and G@saltversion:{{saltversion}}':
- match: compound
- ssl
- sensoroni
- nginx
- telegraf
- firewall
- mysql
- redis
- fleet
- fleet.install_package
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule
- docker_clean
'*_import and G@saltversion:{{saltversion}}':
- match: compound
- salt.master
- ca
- ssl
- registry
- sensoroni
- manager
- nginx
- soc
- kratos
- firewall
- idstools
- suricata.manager
- pcap
{%- if ELASTICSEARCH %}
- elasticsearch
{%- endif %}
{%- if KIBANA %}
- kibana.so_savedobjects_defaults
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- utility
- suricata
- zeek
- schedule
- docker_clean
- pipeline.load
- learn
'*_receiver and G@saltversion:{{saltversion}}':
- match: compound
- ssl
- sensoroni
- telegraf
- firewall
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if LOGSTASH %}
- logstash
{%- endif %}
{%- if REDIS %}
- redis
{%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
- docker_clean
'*_idh and G@saltversion:{{saltversion}}':
- match: compound
- ssl
- sensoroni
- telegraf
- firewall
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
- docker_clean
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- idh
'J@workstation:gui:enabled:^[Tt][Rr][Uu][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:CentOS )':
- match: compound
- workstation
'J@workstation:gui:enabled:^[Ff][Aa][Ll][Ss][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:CentOS )':
- match: compound
- workstation.remove_gui
Reference in New Issue View Git Blame Copy Permalink