mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
17 lines
924 B
Plaintext
17 lines
924 B
Plaintext
{%- set INTERFACE = salt['pillar.get']('sensor:interface') %}
|
|
{%- set DISKFREEPERCENTAGE = salt['pillar.get']('pcap:config:diskfreepercentage') %}
|
|
{%- set MAXFILES = salt['pillar.get']('pcap:config:maxdirectoryfiles') %}
|
|
{%- set BLOCKS = salt['pillar.get']('pcap:config:blocks') %}
|
|
{%- set FILEMB = salt['pillar.get']('pcap:config:preallocate_file_mb') %}
|
|
{%- set AIOPS = salt['pillar.get']('pcap:config:aiops') %}
|
|
{
|
|
"Threads": [
|
|
{ "PacketsDirectory": "/nsm/pcap", "IndexDirectory": "/nsm/pcapindex", "MaxDirectoryFiles": {{ MAXFILES }}, "DiskFreePercentage": {{ DISKFREEPERCENTAGE }} }
|
|
, "StenotypePath": "/usr/bin/stenotype"
|
|
, "Interface": "{{ INTERFACE }}"
|
|
, "Port": 1234
|
|
, "Host": "127.0.0.1"
|
|
, "Flags": ["-v", "--blocks={{ BLOCKS }}", "--preallocate_file_mb={{ FILEMB }}", "--aiops={{ AIOPS }}", "--uid=stenographer", "--gid=stenographer"{{ BPF_COMPILED }}]
|
|
, "CertPath": "/etc/stenographer/certs"
|
|
}
|