CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3cf31e2460467e06e2068eee6980bfd56e735d24
securityonion/salt/wazuh/init.sls

115 lines
2.4 KiB
Plaintext
Raw Blame History

{%- set HOSTNAME = salt['grains.get']('host', '') %}
{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
{% set MANAGER = salt['grains.get']('manager') %}
# Add ossec group
ossecgroup:
group.present:
- name: ossec
- gid: 945
# Add ossecm user
ossecm:
user.present:
- uid: 943
- gid: 945
- home: /opt/so/conf/wazuh
- createhome: False
- allow_uid_change: True
- allow_gid_change: True
# Add ossecr user
ossecr:
user.present:
- uid: 944
- gid: 945
- home: /opt/so/conf/wazuh
- createhome: False
- allow_uid_change: True
- allow_gid_change: True
# Add ossec user
ossec:
user.present:
- uid: 945
- gid: 945
- home: /opt/so/conf/wazuh
- createhome: False
- allow_uid_change: True
- allow_gid_change: True
wazuhpkgs:
pkg.installed:
- skip_suggestions: False
- pkgs:
- wazuh-agent: 3.10.2-1
- hold: True
- update_holds: True
wazuhdir:
file.directory:
- name: /opt/so/wazuh
- user: 945
- group: 945
- makedirs: True
# Add Wazuh agent conf
wazuhagentconf:
file.managed:
- name: /var/ossec/etc/ossec.conf
- source: salt://wazuh/files/agent/ossec.conf
- user: 0
- group: 945
- template: jinja
# Wazuh agent registration script
wazuhagentregister:
file.managed:
- name: /usr/sbin/wazuh-register-agent
- source: salt://wazuh/files/agent/wazuh-register-agent
- user: 0
- group: 0
- mode: 755
- template: jinja
# Whitelist script
wazuhmgrwhitelist:
file.managed:
- name: /usr/sbin/wazuh-manager-whitelist
- source: salt://wazuh/files/wazuh-manager-whitelist
- user: 0
- group: 0
- mode: 755
- template: jinja
so-wazuh:
docker_container.running:
- image: {{ MANAGER }}:5000/soshybridhunter/so-wazuh:{{ VERSION }}
- hostname: {{HOSTNAME}}-wazuh-manager
- name: so-wazuh
- detach: True
- port_bindings:
- 0.0.0.0:1514:1514/udp
- 0.0.0.0:1514:1514/tcp
- 0.0.0.0:1515:1515/tcp
- 0.0.0.0:55000:55000
- binds:
- /opt/so/wazuh:/var/ossec/data:rw
# Register the agent
registertheagent:
cmd.run:
- name: /usr/sbin/wazuh-register-agent
- cwd: /
#- stateful: True
# Whitelist manager IP
whitelistmanager:
cmd.run:
- name: /usr/sbin/wazuh-manager-whitelist
- cwd: /
wazuhagentservice:
service.running:
- name: wazuh-agent
- enable: True
Reference in New Issue View Git Blame Copy Permalink