From 5c57a47eb26cfaaeddba4b46c096339910f144ad Mon Sep 17 00:00:00 2001
From: Jeff Beley <jbeley@gmail.com>
Date: Wed, 29 Aug 2018 11:55:38 -0500
Subject: [PATCH] Added bro and suricata to the logger vagrant

configured splunk to ingest both bro and suricata logs

reconfigured logger vagrant box to have 2 CPUs and 4GB of RAM
---
 Vagrant/resources/bro/bro.service | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 Vagrant/resources/bro/bro.service

diff --git a/Vagrant/resources/bro/bro.service b/Vagrant/resources/bro/bro.service
new file mode 100644
index 0000000..6b81983
--- /dev/null
+++ b/Vagrant/resources/bro/bro.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=Bro
+After=network.target
+
+[Service]
+ExecStartPre=-/opt/bro/bin/broctl cleanup
+ExecStartPre=/opt/bro/bin/broctl check
+ExecStartPre=/opt/bro/bin/broctl install
+ExecStart=/opt/bro/bin/broctl start
+ExecStop=/opt/bro/bin/broctl stop
+RestartSec=10s
+Type=oneshot
+RemainAfterExit=yes
+TimeoutStopSec=600
+
+[Install]
+WantedBy=multi-user.target