From 08f2b8251b95638ef5611e203bd476f8e259c74c Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 5 Mar 2024 09:53:35 -0500
Subject: [PATCH 1/3] add GLOBALS.is_sensor

---
 salt/vars/globals.map.jinja | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/salt/vars/globals.map.jinja b/salt/vars/globals.map.jinja
index 6241732172..ed7129678a 100644
--- a/salt/vars/globals.map.jinja
+++ b/salt/vars/globals.map.jinja
@@ -8,6 +8,7 @@
   set GLOBALS = {
     'hostname': INIT.GRAINS.nodename,
     'is_manager': false,
+    'is_sensor': false,
     'manager': INIT.GRAINS.master,
     'minion_id': INIT.GRAINS.id,
     'main_interface': INIT.PILLAR.host.mainint,
@@ -63,5 +64,8 @@
 {%   do GLOBALS.update({'is_manager': true}) %}
 {% endif %}
 
+{% if GLOBALS.role in GLOBALS.sensor_roles %}
+{%   do GLOBALS.update({'is_sensor': true}) %}
+{% endif %}
 
 {% do salt['defaults.merge'](GLOBALS, ROLE_GLOBALS, merge_lists=False, in_place=True) %}

From 1a58aa61a0409889194fe7f427078c7de5623aff Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 5 Mar 2024 09:54:40 -0500
Subject: [PATCH 2/3] only import pcap and suricata if sensor

---
 salt/sensoroni/files/sensoroni.json | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/salt/sensoroni/files/sensoroni.json b/salt/sensoroni/files/sensoroni.json
index 97c91f0b33..93708440a6 100644
--- a/salt/sensoroni/files/sensoroni.json
+++ b/salt/sensoroni/files/sensoroni.json
@@ -1,7 +1,5 @@
-{%- from 'vars/globals.map.jinja' import GLOBALS %}
-{%- from 'sensoroni/map.jinja' import SENSORONIMERGED %}
-{%- from 'pcap/config.map.jinja' import PCAPMERGED %}
-{%- from 'suricata/map.jinja' import SURICATAMERGED %}
+{%  from 'vars/globals.map.jinja' import GLOBALS %}
+{%- from 'sensoroni/map.jinja' import SENSORONIMERGED -%}
 {
   "logFilename": "/opt/sensoroni/logs/sensoroni.log",
   "logLevel":"info",
@@ -24,24 +22,28 @@
       "importer": {},
       "statickeyauth": {
         "apiKey": "{{ GLOBALS.sensoroni_key }}"
-{#- if PCAPMERGED.enabled is true then we know that steno is the pcap engine #}
-{#- if it is false, then user has steno disabled in ui or has selected suricata for pcap engine #}
-{%- if PCAPMERGED.enabled %}
+{%  if GLOBALS.is_sensor %}
+{%    from 'pcap/config.map.jinja' import PCAPMERGED %}
+{%    from 'suricata/map.jinja' import SURICATAMERGED %}
+{#    if PCAPMERGED.enabled is true then we know that steno is the pcap engine #}
+{#    if it is false, then user has steno disabled in ui or has selected suricata for pcap engine #}
+{%-   if PCAPMERGED.enabled %}
       },     
       "stenoquery": {
         "executablePath": "/opt/sensoroni/scripts/stenoquery.sh",
         "pcapInputPath": "/nsm/pcap",
         "pcapOutputPath": "/nsm/pcapout"
       }
-{%- elif GLOBALS.pcap_engine == "SURICATA" and SURICATAMERGED.enabled %}
+{%-   elif GLOBALS.pcap_engine == "SURICATA" and SURICATAMERGED.enabled %}
       },     
       "suriquery": {
         "executablePath": "/opt/sensoroni/scripts/suriquery.sh",
         "pcapInputPath": "/nsm/suripcap",
         "pcapOutputPath": "/nsm/pcapout"
       }
-{%- else %}
+{%-   else %}
       }
+{%   endif %}
 {%- endif %}
     }
   }

From c0d19e11b9bad6ee1ebb93088f42f3e44b0bc13c Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 5 Mar 2024 10:07:32 -0500
Subject: [PATCH 3/3] fix } placement

---
 salt/sensoroni/files/sensoroni.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/sensoroni/files/sensoroni.json b/salt/sensoroni/files/sensoroni.json
index 93708440a6..5090967efb 100644
--- a/salt/sensoroni/files/sensoroni.json
+++ b/salt/sensoroni/files/sensoroni.json
@@ -41,9 +41,9 @@
         "pcapInputPath": "/nsm/suripcap",
         "pcapOutputPath": "/nsm/pcapout"
       }
-{%-   else %}
+{%    endif %}
+{%- else %}
       }
-{%   endif %}
 {%- endif %}
     }
   }