add analyst back

2025-12-06 17:22:49 +01:00 · 2023-08-04 09:56:33 -04:00
parent 3b86b60207
commit 014aeffb2a
2 changed files with 27 additions and 3 deletions
--- a/salt/firewall/defaults.yaml
+++ b/salt/firewall/defaults.yaml
@@ -1,5 +1,6 @@
 firewall:
  hostgroups:
+    analyst: []
    anywhere:
      - 0.0.0.0/0
    beats_endpoint: []
@@ -215,9 +216,9 @@ firewall:
            strelka_frontend:
              portgroups:
                - strelka_frontend
-            workstation:
+            analyst:
              portgroups:
-                - yum
+                - nginx
            customhostgroup0:
              portgroups: []
            customhostgroup1:
@@ -441,6 +442,9 @@ firewall:
                - elastic_agent_data
                - elastic_agent_update
                - sensoroni
+            analyst:
+              portgroups:
+                - nginx
            beats_endpoint:
              portgroups:
                - beats_5044
@@ -626,6 +630,9 @@ firewall:
                - elastic_agent_data
                - elastic_agent_update
                - sensoroni
+            analyst:
+              portgroups:
+                - nginx
            beats_endpoint:
              portgroups:
                - beats_5044
@@ -816,6 +823,9 @@ firewall:
                - elastic_agent_data
                - elastic_agent_update
                - sensoroni
+            analyst:
+              portgroups:
+                - nginx
            beats_endpoint:
              portgroups:
                - beats_5044
@@ -1187,6 +1197,9 @@ firewall:
                - elastic_agent_control
                - elastic_agent_data
                - elastic_agent_update
+            analyst:
+              portgroups:
+                - nginx
            workstation:
              portgroups:
                - yum
--- a/salt/firewall/soc_firewall.yaml
+++ b/salt/firewall/soc_firewall.yaml
@@ -1,6 +1,6 @@
 firewall:
  hostgroups:
-    workstation: &hostgroupsettings
+    analyst: &hostgroupsettings
      description: List of IP or CIDR blocks to allow access to this hostgroup.
      forcedType: "[]string"
      helplink: firewall.html
@@ -45,6 +45,7 @@ firewall:
    standalone: *hostgroupsettings
    strelka_frontend: *hostgroupsettings
    syslog: *hostgroupsettings
+    workstation: *hostgroupsettings
    customhostgroup0: &customhostgroupsettings
      description: List of IP or CIDR blocks to allow to this hostgroup.
      forcedType: "[]string"
@@ -213,6 +214,8 @@ firewall:
              portgroups: *portgroupsdocker
            syslog:
              portgroups: *portgroupsdocker
+            analyst:
+              portgroups: *portgroupsdocker
            workstation:
              portgroups: *portgroupsdocker
            customhostgroup0:
@@ -361,6 +364,8 @@ firewall:
              portgroups: *portgroupsdocker
            endgame:
              portgroups: *portgroupsdocker
+            analyst:
+              portgroups: *portgroupsdocker
            workstation:
              portgroups: *portgroupsdocker
            customhostgroup0:
@@ -450,6 +455,8 @@ firewall:
              portgroups: *portgroupsdocker
            syslog:
              portgroups: *portgroupsdocker
+            analyst:
+              portgroups: *portgroupsdocker
            workstation:
              portgroups: *portgroupsdocker
            customhostgroup0:
@@ -545,6 +552,8 @@ firewall:
              portgroups: *portgroupsdocker
            syslog:
              portgroups: *portgroupsdocker
+            analyst:
+              portgroups: *portgroupsdocker
            workstation:
              portgroups: *portgroupsdocker
            customhostgroup0:
@@ -811,6 +820,8 @@ firewall:
              portgroups: *portgroupsdocker
            elastic_agent_endpoint:
              portgroups: *portgroupsdocker
+            analyst:
+              portgroups: *portgroupsdocker
            workstation:
              portgroups: *portgroupsdocker
            customhostgroup0: