CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ccc2ed4478cf287d2986d16fb1fa174f8045ee93
securityonion/salt/top.sls
m0duspwnens 961cc67e3f add nginx state to heavynode
2020-08-19 16:05:40 -04:00

414 lines
7.9 KiB
Plaintext
Raw Blame History

{%- set ZEEKVER = salt['pillar.get']('global:zeekversion', '') -%}
{%- set WAZUH = salt['pillar.get']('global:wazuh', '0') -%}
{%- set THEHIVE = salt['pillar.get']('manager:thehive', '0') -%}
{%- set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') -%}
{%- set FREQSERVER = salt['pillar.get']('manager:freq', '0') -%}
{%- set DOMAINSTATS = salt['pillar.get']('manager:domainstats', '0') -%}
{%- set FLEETMANAGER = salt['pillar.get']('global:fleet_manager', False) -%}
{%- set FLEETNODE = salt['pillar.get']('global:fleet_node', False) -%}
{%- set STRELKA = salt['pillar.get']('strelka:enabled', '0') -%}
{% import_yaml 'salt/minion.defaults.yaml' as salt %}
{% set saltversion = salt.salt.minion.version %}
base:
'not G@saltversion:{{saltversion}}':
- match: compound
- salt.minion
'G@os:CentOS and G@saltversion:{{saltversion}}':
- match: compound
- yum
- yum.packages
'* and G@saltversion:{{saltversion}}':
- match: compound
- salt.minion
- docker
- patch.os.schedule
- motd
'*_helix and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- registry
- common
- telegraf
- firewall
- idstools
- suricata.manager
- pcap
- suricata
- zeek
- redis
- logstash
- filebeat
- schedule
'*_sensor and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- common
- telegraf
- firewall
- pcap
- suricata
- healthcheck
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
- wazuh
{%- if STRELKA %}
- strelka
{%- endif %}
- filebeat
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
'*_eval and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- registry
- manager
- common
- nginx
- telegraf
- influxdb
- grafana
- soc
- firewall
- idstools
- suricata.manager
- healthcheck
{%- if FLEETMANAGER or FLEETNODE or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
- elasticsearch
- kibana
- pcap
- suricata
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
{%- if STRELKA %}
- strelka
{%- endif %}
- filebeat
- curator
- elastalert
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- redis
- fleet.install_package
{%- endif %}
- utility
- schedule
- soctopus
{%- if THEHIVE != 0 %}
- thehive
{%- endif %}
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
'*_manager and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- registry
- common
- nginx
- telegraf
- influxdb
- grafana
- soc
- firewall
- manager
- idstools
- suricata.manager
{%- if FLEETMANAGER or FLEETNODE or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
- logstash
- minio
- redis
- kibana
- elastalert
- filebeat
- utility
- schedule
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- fleet.install_package
- redis
{%- endif %}
- soctopus
{%- if THEHIVE != 0 %}
- thehive
{%- endif %}
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
'*_standalone and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- registry
- manager
- common
- nginx
- telegraf
- influxdb
- grafana
- soc
- firewall
- idstools
- suricata.manager
- healthcheck
{%- if FLEETMANAGER or FLEETNODE or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
- logstash
- minio
- kibana
- pcap
- suricata
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
{%- if STRELKA %}
- strelka
{%- endif %}
- filebeat
- curator
- elastalert
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- redis
- fleet.install_package
{%- endif %}
- utility
- schedule
- soctopus
{%- if THEHIVE != 0 %}
- thehive
{%- endif %}
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
# Search node logic
'*_node and I@node:node_type:parser and G@saltversion:{{saltversion}}':
- match: compound
- common
- firewall
- logstash
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
'*_node and I@node:node_type:hot and G@saltversion:{{saltversion}}':
- match: compound
- common
- firewall
- logstash
- curator
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
'*_node and I@node:node_type:warm and G@saltversion:{{saltversion}}':
- match: compound
- common
- firewall
- elasticsearch
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
'*_searchnode and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- common
- nginx
- telegraf
- firewall
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
- logstash
- curator
- filebeat
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
'*_managersensor and G@saltversion:{{saltversion}}':
- match: compound
- common
- nginx
- telegraf
- influxdb
- grafana
- firewall
- sensor
- manager
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
{%- endif %}
- schedule
'*_managersearch and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- registry
- common
- nginx
- telegraf
- influxdb
- grafana
- soc
- firewall
- manager
- idstools
- suricata.manager
- minio
{%- if FLEETMANAGER or FLEETNODE or PLAYBOOK != 0 %}
- mysql
{%- endif %}
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
- logstash
- curator
- kibana
- elastalert
- filebeat
- utility
- schedule
{%- if FLEETMANAGER or FLEETNODE %}
- fleet
- redis
- fleet.install_package
{%- endif %}
- soctopus
{%- if THEHIVE != 0 %}
- thehive
{%- endif %}
{%- if PLAYBOOK != 0 %}
- playbook
{%- endif %}
{%- if FREQSERVER != 0 %}
- freqserver
{%- endif %}
{%- if DOMAINSTATS != 0 %}
- domainstats
{%- endif %}
'*_heavynode and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- common
- nginx
- telegraf
- firewall
- minio
{%- if WAZUH != 0 %}
- wazuh
{%- endif %}
- logstash
- curator
- filebeat
{%- if STRELKA %}
- strelka
{%- endif %}
{%- if FLEETMANAGER or FLEETNODE %}
- fleet.install_package
- redis
{%- endif %}
- pcap
- suricata
{%- if ZEEKVER != 'SURICATA' %}
- zeek
{%- endif %}
- filebeat
- schedule
'*_fleet and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- common
- nginx
- telegraf
- firewall
- mysql
- redis
- fleet
- fleet.install_package
- filebeat
'*_import and G@saltversion:{{saltversion}}':
- match: compound
- ca
- ssl
- registry
- manager
- common
- nginx
- soc
- firewall
- idstools
- suricata.manager
- pcap
- elasticsearch
- kibana
- filebeat
- utility
- suricata
- zeek
- schedule
Reference in New Issue View Git Blame Copy Permalink