Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Here are all the files necessary to setup a beacon to monitor bad logins on Linux machines
- BEACON SETUP
- 1. Copy "badlogins.sls" to /srv/pillar
- 2. Update your pillar top file to include the information from "top.sls"
- -- You might need to restart the salt-minion agent for the beacon to start immediatly otherwise it could take a few hours.
- -- At this point your minions should generate events when a bad login happens
- ---> Example event: "event example"
- REACTOR SETUP
- 1. Copy "logins.sls" to /srv/reactors
- 2. Copy "reactors.conf" to /etc/salt/master.d
- 3. Restart the master service salt-master restart
- -- At this point (if you have slack configured) when a badlogin happens a message will be sent to the "security" slack channel.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement