mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-25 02:13:08 +01:00
24 lines
980 B
Django/Jinja
24 lines
980 B
Django/Jinja
{% from 'vars/sensor.map.jinja' import ROLE_GLOBALS %}
|
|
{% import_yaml 'zeek/defaults.yaml' as zeek_defaults with context %}
|
|
{% set zeek_pillar = salt['pillar.get']('zeek', []) %}
|
|
{% set ZEEKMERGED = salt['defaults.merge'](zeek_defaults, zeek_pillar, in_place=False) %}
|
|
{% do ZEEKMERGED.zeek.config.node.update({'interface': ROLE_GLOBALS.sensor.interface}) %}
|
|
|
|
{% set ZEEKOPTIONS = {} %}
|
|
{% set ENABLED = salt['pillar.get']('zeek:enabled', True) %}
|
|
|
|
# don't start the docker container if it is an import node or disabled via pillar
|
|
{% if grains.id.split('_')|last == 'import' or not ENABLED %}
|
|
{% do ZEEKOPTIONS.update({'start': False}) %}
|
|
{% do ZEEKOPTIONS.update({'pl_cron_state': 'absent'}) %}
|
|
{% else %}
|
|
{% do ZEEKOPTIONS.update({'start': True}) %}
|
|
{% do ZEEKOPTIONS.update({'pl_cron_state': 'present'}) %}
|
|
{% endif %}
|
|
|
|
{% if not ENABLED %}
|
|
{% do ZEEKOPTIONS.update({'status': 'absent'}) %}
|
|
{% else %}
|
|
{% do ZEEKOPTIONS.update({'status': 'running'}) %}
|
|
{% endif %}
|