mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-08 18:22:47 +01:00
soc_firewall.yaml update adding idh and rename analyst to workstation
This commit is contained in:
m0duspwnens
@@ -213,7 +213,7 @@ firewall:
|
|||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
syslog:
|
syslog:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
analyst:
|
workstation:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
@@ -338,7 +338,9 @@ firewall:
|
|||||||
DOCKER-USER:
|
DOCKER-USER:
|
||||||
hostgroups:
|
hostgroups:
|
||||||
manager:
|
manager:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
|
idh:
|
||||||
|
portgroups: *portgroupsdocker
|
||||||
sensor:
|
sensor:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
searchnode:
|
searchnode:
|
||||||
@@ -359,7 +361,7 @@ firewall:
|
|||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
endgame:
|
endgame:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
analyst:
|
workstation:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
@@ -389,12 +391,16 @@ firewall:
|
|||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
localhost:
|
localhost:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
|
idh:
|
||||||
|
portgroups: *portgroupshost
|
||||||
sensor:
|
sensor:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
searchnode:
|
searchnode:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
heavynode:
|
heavynode:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
|
workstation:
|
||||||
|
portgroups: *portgroupshost
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
customhostgroup1:
|
customhostgroup1:
|
||||||
@@ -422,6 +428,8 @@ firewall:
|
|||||||
hostgroups:
|
hostgroups:
|
||||||
managersearch:
|
managersearch:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
|
idh:
|
||||||
|
portgroups: *portgroupsdocker
|
||||||
sensor:
|
sensor:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
searchnode:
|
searchnode:
|
||||||
@@ -442,7 +450,7 @@ firewall:
|
|||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
syslog:
|
syslog:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
analyst:
|
workstation:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
@@ -472,12 +480,16 @@ firewall:
|
|||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
localhost:
|
localhost:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
|
idh:
|
||||||
|
portgroups: *portgroupshost
|
||||||
sensor:
|
sensor:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
searchnode:
|
searchnode:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
heavynode:
|
heavynode:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
|
workstation:
|
||||||
|
portgroups: *portgroupshost
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
customhostgroup1:
|
customhostgroup1:
|
||||||
@@ -509,6 +521,8 @@ firewall:
|
|||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
fleet:
|
fleet:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
|
idh:
|
||||||
|
portgroups: *portgroupsdocker
|
||||||
sensor:
|
sensor:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
searchnode:
|
searchnode:
|
||||||
@@ -531,7 +545,7 @@ firewall:
|
|||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
syslog:
|
syslog:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
analyst:
|
workstation:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
@@ -565,12 +579,16 @@ firewall:
|
|||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
standalone:
|
standalone:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
|
idh:
|
||||||
|
portgroups: *portgroupshost
|
||||||
sensor:
|
sensor:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
searchnode:
|
searchnode:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
heavynode:
|
heavynode:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
|
workstation:
|
||||||
|
portgroups: *portgroupshost
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupshost
|
portgroups: *portgroupshost
|
||||||
customhostgroup1:
|
customhostgroup1:
|
||||||
@@ -793,7 +811,7 @@ firewall:
|
|||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
elastic_agent_endpoint:
|
elastic_agent_endpoint:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
analyst:
|
workstation:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
customhostgroup0:
|
customhostgroup0:
|
||||||
portgroups: *portgroupsdocker
|
portgroups: *portgroupsdocker
|
||||||
|
|||||||
Reference in New Issue
Block a user