зеркало из https://github.com/mozilla/MozDef.git
Fixup remaining mozdefalertplugin references
This commit is contained in:
Brandon Myers
Родитель
3a56027084
Коммит
40e22c3ffa
|
|
@ -370,7 +370,7 @@ you can start the restapi and loginput processes from within your venv via::
|
|||
Supervisord
|
||||
***********
|
||||
|
||||
We use supervisord to run the alerts and alertplugins. If you plan on starting services manually, you can skip this step.
|
||||
We use supervisord to run the alerts and alertactions. If you plan on starting services manually, you can skip this step.
|
||||
|
||||
To install supervisord perform the following as the user mozdef::
|
||||
|
||||
|
|
@ -381,7 +381,7 @@ To install supervisord perform the following as the user mozdef::
|
|||
|
||||
Within the alerts directory there is a supervisord_alerts.ini which is preconfigured.
|
||||
If you've changed any directory paths for this installation then modify it to reflect your pathing changes.
|
||||
There are systemd files in the systemdfiles directory that you can use to start the mozdefalerts and mozdefalertplugins processes which we cover near the end of this tutorial.
|
||||
There are systemd files in the systemdfiles directory that you can use to start the mozdefalerts and mozdefalertactions processes which we cover near the end of this tutorial.
|
||||
|
||||
|
||||
ElasticSearch
|
||||
|
|
@ -473,7 +473,7 @@ Ensure it has root file permissions so that systemd can start it::
|
|||
cp /opt/mozdef/systemdfiles/consumer/mworker-eventtask.service /etc/systemd/system/
|
||||
cp /opt/mozdef/systemdfiles/alert/mozdefalerts.service /etc/systemd/system/
|
||||
cp /opt/mozdef/systemdfiles/alert/mozdefbot.service /etc/systemd/system/
|
||||
cp /opt/mozdef/systemdfiles/alert/mozdefalertplugins.service /etc/systemd/system/
|
||||
cp /opt/mozdef/systemdfiles/alert/mozdefalertactions.service /etc/systemd/system/
|
||||
|
||||
Then you will need to enable them::
|
||||
|
||||
|
|
@ -483,7 +483,7 @@ Then you will need to enable them::
|
|||
systemctl enable mworker-eventtask.service
|
||||
systemctl enable mozdefalerts.service
|
||||
systemctl enable mozdefbot.service
|
||||
systemctl enable mozdefalertplugins.service
|
||||
systemctl enable mozdefalertactions.service
|
||||
systemctl enable mongod.service
|
||||
|
||||
Reload systemd::
|
||||
|
|
@ -499,7 +499,7 @@ Now you can start your services::
|
|||
systemctl start mozdefrestapi
|
||||
systemctl start mozdefweb
|
||||
systemctl start mworker-eventtask
|
||||
systemctl start mozdefalertplugins
|
||||
systemctl start mozdefalertactions
|
||||
|
||||
|
||||
Alternatively you can start the following services manually in this way from inside the venv as mozdef::
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
[Unit]
|
||||
Description=uWSGI MozDef Alert Plugins Service
|
||||
Description=uWSGI MozDef Alert Actions Service
|
||||
After=rabbitmq-server.service
|
||||
|
||||
[Service]
|
||||
|
|
@ -9,7 +9,7 @@ ExecStartPre=-/usr/bin/mkdir -p /var/run/mozdef-alerts
|
|||
ExecStartPre=/usr/bin/chown -R mozdef:mozdef /var/run/mozdef-alerts
|
||||
User=mozdef
|
||||
Group=mozdef
|
||||
ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/alerts; source /opt/mozdef/envs/python/bin/activate; uwsgi --ini alert_plugins.ini'
|
||||
ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/alerts; source /opt/mozdef/envs/python/bin/activate; uwsgi --ini alert_actions.ini'
|
||||
Restart=always
|
||||
KillSignal=SIGQUIT
|
||||
Type=notify
|
||||
|
|
@ -18,4 +18,4 @@ NotifyAccess=all
|
|||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Alias=alertplugins
|
||||
Alias=alertactions
|
||||
Загрузка…
Ссылка в новой задаче