From 0f52530d0760cf67cbda82ee81d18b220fe3cc17 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Fri, 4 Aug 2023 09:37:58 -0400 Subject: [PATCH] soc_firewall.yaml update adding idh and rename analyst to workstation --- salt/firewall/soc_firewall.yaml | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/salt/firewall/soc_firewall.yaml b/salt/firewall/soc_firewall.yaml index 78c0ebc73..27c52e123 100644 --- a/salt/firewall/soc_firewall.yaml +++ b/salt/firewall/soc_firewall.yaml @@ -213,7 +213,7 @@ firewall: portgroups: *portgroupsdocker syslog: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -338,7 +338,9 @@ firewall: DOCKER-USER: hostgroups: manager: - portgroups: *portgroupsdocker + portgroups: *portgroupsdocker + idh: + portgroups: *portgroupsdocker sensor: portgroups: *portgroupsdocker searchnode: @@ -359,7 +361,7 @@ firewall: portgroups: *portgroupsdocker endgame: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -389,12 +391,16 @@ firewall: portgroups: *portgroupshost localhost: portgroups: *portgroupshost + idh: + portgroups: *portgroupshost sensor: portgroups: *portgroupshost searchnode: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost + workstation: + portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost customhostgroup1: @@ -422,6 +428,8 @@ firewall: hostgroups: managersearch: portgroups: *portgroupsdocker + idh: + portgroups: *portgroupsdocker sensor: portgroups: *portgroupsdocker searchnode: @@ -442,7 +450,7 @@ firewall: portgroups: *portgroupsdocker syslog: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -472,12 +480,16 @@ firewall: portgroups: *portgroupshost localhost: portgroups: *portgroupshost + idh: + portgroups: *portgroupshost sensor: portgroups: *portgroupshost searchnode: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost + workstation: + portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost customhostgroup1: @@ -509,6 +521,8 @@ firewall: portgroups: *portgroupsdocker fleet: portgroups: *portgroupsdocker + idh: + portgroups: *portgroupsdocker sensor: portgroups: *portgroupsdocker searchnode: @@ -531,7 +545,7 @@ firewall: portgroups: *portgroupsdocker syslog: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -565,12 +579,16 @@ firewall: portgroups: *portgroupshost standalone: portgroups: *portgroupshost + idh: + portgroups: *portgroupshost sensor: portgroups: *portgroupshost searchnode: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost + workstation: + portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost customhostgroup1: @@ -793,7 +811,7 @@ firewall: portgroups: *portgroupsdocker elastic_agent_endpoint: portgroups: *portgroupsdocker - analyst: + workstation: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker