Update pdnssoccli.cron

files/configuration/pdnssoccli/pdnssoccli.cron

@@ -1,8 +1,8 @@
-# Run fetch_iocs every 10 minutes
-*/10 * * * * dnscollector /usr/local/bin/pdnssoc-cli fetch-iocs -c /etc/pdnssoccli/pdnssoccli.yml
+# Run fetch_iocs every 1 minute
+* * * * * root (pdnssoc-cli fetch-iocs && /bin/kill -SIGHUP $(cat /var/dnscollector/collector.pid)) >> /var/log/pdnssoc-cli-fetch-iocs.log 2>&1
 
-# Run correlation every 1 minute
-* * * * * dnscollector /usr/local/bin/pdnssoc-cli correlate -c /etc/pdnssoccli/pdnssoccli.yml
+# Run correlation & alert every 1 minute
+* * * * * root pdnssoc-cli correlate  /var/dnscollector/matches >> /var/log/pdnssoc-cli-correlate.log 2>&1 &&  pdnssoc-cli alert /var/dnscollector/alerts/ >> /var/log/pdnssoc-cli-alert.log 2>&1
 
-# Run alerting every 1 minute
-* * * * * dnscollector /usr/local/bin/pdnssoc-cli alert -c /etc/pdnssoccli/pdnssoccli.yml
+# Retro-active searches every hour, if the system is not overloaded
+5 * * * * root ([ $(awk '{print $1}' /proc/loadavg) \< 0.5 ] && pdnssoc-cli  correlate --retro_disco_lookup /var/dnscollector/queries/) >> /var/log/pdnssoc-cli-retro.log  2>&1