CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

soc_firewall.yaml update adding idh and rename analyst to workstation

Browse Source
This commit is contained in:
m0duspwnens
2023-08-04 09:37:58 -04:00
parent 726ec72350
commit 0f52530d07
1 changed files with 24 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
salt/firewall/soc_firewall.yaml
View File

@@ -213,7 +213,7 @@ firewall:
portgroups: *portgroupsdocker
syslog:
portgroups: *portgroupsdocker
analyst:
workstation:
portgroups: *portgroupsdocker
customhostgroup0:
portgroups: *portgroupsdocker
@@ -338,7 +338,9 @@ firewall:
DOCKER-USER:
hostgroups:
manager:
portgroups: *portgroupsdocker
portgroups: *portgroupsdocker
idh:
portgroups: *portgroupsdocker
sensor:
portgroups: *portgroupsdocker
searchnode:
@@ -359,7 +361,7 @@ firewall:
portgroups: *portgroupsdocker
endgame:
portgroups: *portgroupsdocker
analyst:
workstation:
portgroups: *portgroupsdocker
customhostgroup0:
portgroups: *portgroupsdocker
@@ -389,12 +391,16 @@ firewall:
portgroups: *portgroupshost
localhost:
portgroups: *portgroupshost
idh:
portgroups: *portgroupshost
sensor:
portgroups: *portgroupshost
searchnode:
portgroups: *portgroupshost
heavynode:
portgroups: *portgroupshost
workstation:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
customhostgroup1:
@@ -422,6 +428,8 @@ firewall:
hostgroups:
managersearch:
portgroups: *portgroupsdocker
idh:
portgroups: *portgroupsdocker
sensor:
portgroups: *portgroupsdocker
searchnode:
@@ -442,7 +450,7 @@ firewall:
portgroups: *portgroupsdocker
syslog:
portgroups: *portgroupsdocker
analyst:
workstation:
portgroups: *portgroupsdocker
customhostgroup0:
portgroups: *portgroupsdocker
@@ -472,12 +480,16 @@ firewall:
portgroups: *portgroupshost
localhost:
portgroups: *portgroupshost
idh:
portgroups: *portgroupshost
sensor:
portgroups: *portgroupshost
searchnode:
portgroups: *portgroupshost
heavynode:
portgroups: *portgroupshost
workstation:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
customhostgroup1:
@@ -509,6 +521,8 @@ firewall:
portgroups: *portgroupsdocker
fleet:
portgroups: *portgroupsdocker
idh:
portgroups: *portgroupsdocker
sensor:
portgroups: *portgroupsdocker
searchnode:
@@ -531,7 +545,7 @@ firewall:
portgroups: *portgroupsdocker
syslog:
portgroups: *portgroupsdocker
analyst:
workstation:
portgroups: *portgroupsdocker
customhostgroup0:
portgroups: *portgroupsdocker
@@ -565,12 +579,16 @@ firewall:
portgroups: *portgroupshost
standalone:
portgroups: *portgroupshost
idh:
portgroups: *portgroupshost
sensor:
portgroups: *portgroupshost
searchnode:
portgroups: *portgroupshost
heavynode:
portgroups: *portgroupshost
workstation:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
customhostgroup1:
@@ -793,7 +811,7 @@ firewall:
portgroups: *portgroupsdocker
elastic_agent_endpoint:
portgroups: *portgroupsdocker
analyst:
workstation:
portgroups: *portgroupsdocker
customhostgroup0:
portgroups: *portgroupsdocker