salt toturial step by step

salt toturial step by step

SALT ( Port Scan Attack Detector ) Tutorial 

Q : How to configure salt
Q : Step by Step PSAD Configure

SALT : it's a automation tool like ceph, puppet , ansible
Hostname :

IP =

Step 1. A

Add Repository

A. Ubuntu 14.4 :

a. Run the following command to import the SaltStack repository key:

#wget -O - | sudo apt-key add -

b. Save the following file to /etc/apt/sources.list.d/saltstack.list:

deb trusty main

c. Then update repository.
 apt-get update

Ubuntu 16.4 :

a. Run the following command to import the SaltStack repository key:

wget -O - | sudo apt-key add -
b. Add  the following line in /etc/apt/sources.list.d/saltstack.list:
deb xenial main
c. Then update repository.

 apt-get update
Step 1. B

Run the following commands to install the SaltStack repository and key:

C. CentOS7 & rhel7 :

sudo yum install
D. CentOS6 & rhel6 :

sudo yum install

Step 2  

Salt general installation process is as follows:

a.Make sure that your Salt minions can find the salt master.

b..Install the Salt minion on each system that you want to manage.

c.Accept the Salt minion key after the Salt minion connects.

Step 3

Salt Master installation and configuration:

ubuntu 14&16 :

sudo apt-get install salt-master

Rhel/CentOS 6&7:

sudo yum install salt-master

Step 4

Salt master configuration file:

vi /etc/salt/master

Edit the following lines:

#interface: (uncomment and put your system ip address)
#publish_port: 4505 (uncomment the line)
#user: root (uncomment the line)
#ret_port: 4506 (uncomment the line)
#pidfile: /var/run/ (uncomment the line)
#pki_dir: /etc/salt/pki/master (uncomment the line)
#cachedir: /var/cache/salt/master (uncomment the line)
#pidfile: /var/run/ (uncomment the line)
#verify_env: True (uncomment the line)
#keep_jobs: 24 (uncomment the line)
#sock_dir: /var/run/salt/master (uncomment the line)
#file_roots: (uncomment the line)
# base: (uncomment the line)
# - /srv/salt/ (uncomment the line)

Save  and exit 

Step 5

Start salt-master service:

Ubuntu 14 and centos/rhel6:
sudo service salt-master start
Ubuntu 16 and Centos/Rhel7
systemctl start salt-master.service

Step 6

Salt-Minion Installation And Configuration:

Ubuntu 14 & 16:
sudo apt-get install salt-minion
Centos 6 & 7 :
sudo yum install salt-minion

Step 7

Salt master configuration file:

vi /etc/salt/minion

Uncomment & edit the following lines:

master: (master ip address"" or domain name )
user: root
id: (xyz)
.......     Save and Exit 

Step 8

Start the service of salt minion
service salt-minion start (ubuntu14 & centos6) 
         systemctl start salt-minion.service (ubuntu16 & centos7) 

Step 9

Create Directory In Master System:

mkdir -p /srv/salt

Now Check the minion request on master system:

salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys: xyz
Rejected Keys:

Accept Minion key by command:
salt-key -A

Now connection is establish between master and minion.

Step 10

Automation type of salt: 

1. CLI Module (salt bash command if you have execute limited job perform)

2. State Module ( If you have to perform multiple jobs on minions.)

CLI Module:

In this module you can perform single task on minion like you want to create directory ram on minion so 
salt ‘*’ ‘ mkdir /tmp/ram’
Here ‘*’ = all minion

Note: if you want to execute on single minion so you have mention its client id . If you want on xyz client so you will e execute 
salt xyz ‘mkdir /tmp/ram’
you want execute ifconfig common on every minion 
salt ‘*’ ‘ifconfig’

Step 11

Package installation on minion:-
salt ‘*’ pkg.install vim

State Module:-

In this phase of automation you can perform multiple task on minions. You can make own cookbook for you project.

Needs for salt state module.

1. Yaml Langaguge
2. Create /srv/salt directory to store your project cookbook
3. Knowldge of salt state function (file, git, apache, firewall etc)

Note: You have add .sls extension in your salt cookbook.

I am showing you example of psad cookbook.

1.Firstly go the /srv/salt directory:
2.And create psad.sls file.
3. Open file with ant text editor (i am using vim)

# vim psad.sls


   - installed
   - show_changes: True



   - name: /etc/psad/psad.conf

   - pattern: 'EMAIL_ADDRESSES root@localhost;'

   - repl: 'EMAIL_ADDRESSES;'

   - show_changes: True



   - name: /etc/psad/psad.conf

   - pattern: '/var/log/messages'

   - repl: '/var/log/kern.log'

   - show_changes: True



    - name: /etc/psad/psad.conf

    - pattern: 'EMAIL_LIMIT 0;'

    - repl: 'EMAIL_LIMIT 1;'

    - show_changes: True



    - name: /etc/psad/psad.conf

    - pattern: 'IMPORT_OLD_SCANS N;'

    - repl: 'IMPORT_OLD_SCANS Y;'

    - show_changes: True



    - name: /etc/psad/psad.conf

    - pattern: 'ENABLE_AUTO_IDS N;'
    - repl: 'ENABLE_AUTO_IDS Y;'

    - show_changes: True



    - name: /etc/psad/psad.conf

    - pattern: 'AUTO_IDS_DANGER_LEVEL 5;'

    - repl: 'AUTO_IDS_DANGER_LEVEL 3;'

    - show_changes: True



    - name: /etc/psad/psad.conf

    - pattern: 'AUTO_BLOCK_TIMEOUT 3600;'

    - repl: 'AUTO_BLOCK_TIMEOUT 86400;'

    - show_changes: True



    - name: psad

Save  and Exit  file.

Now your PSAD project successfully install and configure..

Some Reference:

Next Post »