From 15155613c3d60a2e48a7e0c922ae09eb5d225acb Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Fri, 24 May 2024 08:23:45 -0400
Subject: [PATCH] provide default columns when viewing SOC logs

---
 salt/soc/defaults.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 86170b4ce..39960d946 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1271,6 +1271,14 @@ soc:
         - netflow.type
         - netflow.exporter.version
         - observer.ip
+      ':soc:':
+        - soc_timestamp
+        - source.ip
+        - soc.fields.requestMethod
+        - soc.fields.requestPath
+        - soc.fields.statusCode
+        - event.action
+        - soc.fields.error
     server:
       bindAddress: 0.0.0.0:9822
       baseUrl: /