Sunday, September 14, 2014

OnionSalt Saltstack Cheat Sheet

I was asked by a couple of folks about some handy dandy salt commands that would help with a Security Onion deployment with Onionsalt at BSides Augusta and the Security Onion Conference. So being true to my word here are a few good things to know when writing your own salt scripts. Also feel free to fork and contribute to my repo on github HERE.

Let's start with some basics.

    - name: /opt/somedir

Createdirectory is the name of the task we are performing. We are saying make sure you have the directory /opt/somedir

    - name: /opt/somedir/
    - source: salt://files/

We are saying in that last example always make sure that /opt/somedir/ matches the one we have on our salt file area.

    - name: /opt/somedir
    - source: salt://files/somedir

This says lets make sure that all the files in file/somedir are copied to /opt/somedir

    - source: salt://scripts/
    - shell: /bin/bash
    - cwd: /root

Sometime you want to write a script that you run every time the minion checks in. I typically use this to check certain states on the box to make sure everything looks good. We are saying use bash to execute the script from the /root directory.

    - name: df -h

This one is if you just want to run some sort of command each time something checks in.

    - name: service httpd restart
    - watch:
      - file: /etc/httpd.conf
      - file: /etc/somedir

Here we are saying watch for anything changing in the httpd.conf or any file in /etc/somedir and if you see something run "service httpd restart"

These are a few easy things to use to get you started in writing your own salt scripts. has a lot of documentation that can enable you to get much deeper than this.