2 files changed, 48 insertions, 0 deletions

diff --git a/roles/active_defence/tasks/main.yml b/roles/active_defence/tasks/main.yml
index 864628e..85bb4b9 100644
--- a/roles/active_defence/tasks/main.yml
+++ b/roles/active_defence/tasks/main.yml
@@ -134,6 +134,12 @@
     dest: /opt/houyi/bin/houyi_etc/houyi.conf
   tags: template
 
+- name: "Template wire_graft.conf"
+  template:
+    src: "{{ role_path }}/templates/wire_graft.conf.j2"
+    dest: /home/mesasoft/sapp_run/etc/wire_graft/wire_graft.conf
+  tags: template
+  
 - name: "Creates /opt/tsg/etc directory"
   file:
     path: /opt/tsg/etc
diff --git a/roles/active_defence/templates/wire_graft.conf.j2 b/roles/active_defence/templates/wire_graft.conf.j2
new file mode 100644
index 0000000..1c99337
--- /dev/null
+++ b/roles/active_defence/templates/wire_graft.conf.j2
@@ -0,0 +1,42 @@
+[main]
+#twig_type分为三种:
+#1: ZX在线环境, 根据WY某项目, 沿用NingSi的配置文件, 存于./etc/wire_graft/session目录;
+#2: mrzcpd的mrmonit.tunnat文件, json格式, 即: /var/run/mrzcpd/mrmonit.tunnat;
+#3: web focus, connect log等模块入库, galaxy做统计后, 写入maat, 通过maat回调表获得.
+
+twig_type=ningsi_conf
+#twig_type=mrmonit
+#twig_type=maat
+
+
+[record_link_info]
+#单个流超过此包数的才发送链路信息, 防止遭受ddos攻击疯狂发日志
+at_least_total_num=2
+at_least_total_byte=10
+
+[toroad]
+sendto_toroad_enable=0
+toroad_ip=192.168.40.133
+toroad_port=8888
+
+#是否将link_info存入streaminfo,供其他插件读取
+stream_project_tag_enable=0
+#用于标识本机ip使用哪块网卡,可能是管理口,可能是其他业务口
+identification_by_which_device=lo
+
+[maat]
+table_info=./houyi_etc/maat_tableinfo.conf
+#json, redis, local_file
+#config_src_type=redis
+config_src_type=json
+json_cfg_file=./houyi_etc/maat_test.json
+inc_dir=./redis_dump/
+full_dir=./redis_dump/
+redis_server_ip=192.168.40.131
+redis_server_port=7002
+redis_index=0
+
+[log]
+log_path=./log/wire_graft.log
+log_level=30
+