Merge pull request #9969 from Security-Onion-Solutions/guifixes

Add several annotations

salt/common/tools/sbin/so-repo-sync

@@ -12,5 +12,5 @@ set_os
 salt_minion_count
 
 curl --retry 5 --retry-delay 60 -A 'checkin/$VERSION/$OS/$(uname -r)/$MINIONCOUNT' https://sigs.securityonion.net/checkup --output /tmp/checkup
-dnf reposync --norepopath -n -g --delete -m -c /root/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/
+dnf reposync --norepopath -g --delete -m -c /root/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/
 createrepo /nsm/repo	

salt/docker/defaults.yaml

@@ -97,4 +97,4 @@ docker:
       port_bindings:
         - 0.0.0.0:8080:8080/tcp
     'so-idh':
-      final_octet: 45
+      final_octet: 45

salt/docker/soc_docker.yaml

@@ -0,0 +1,53 @@
+docker:
+  bip:
+    description: Bind IP for the default docker interface.
+    helpLink: docker.html
+    advanced: True
+  range:
+    description: Default docker IP range for containers.
+    helpLink: docker.html
+    advanced: True
+  sobip:
+    description: Bind IP for the SO docker interface.
+    helpLink: docker.html
+    advanced: True
+  sorange:
+    description: IP range for the SO docker containers.
+    helpLink: docker.html
+    advanced: True
+  containers:
+    so-curator: &dockerOptions
+      final_octet:
+        description: Last octet of the container IP address.
+        helpLink: docker.html
+        readonly: True
+        advanced: True
+        global: True
+      port_bindings:
+        description: List of port bindings for the container.
+        helpLink: docker.html
+        advanced: True
+        multiline: True
+    so-dockerregistry: *dockerOptions
+    so-elastalert: *dockerOptions
+    so-elastic-fleet-package-registry: *dockerOptions
+    so-elastic-fleet: *dockerOptions
+    so-elasticsearch: *dockerOptions
+    so-idh: *dockerOptions
+    so-idstools: *dockerOptions
+    so-influxdb: *dockerOptions
+    so-kibana: *dockerOptions
+    so-kratos: *dockerOptions
+    so-logstash: *dockerOptions
+    so-mysql: *dockerOptions
+    so-nginx: *dockerOptions
+    so-playbook: *dockerOptions
+    so-redis: *dockerOptions
+    so-soc: *dockerOptions
+    so-soctopus: *dockerOptions
+    so-strelka-backend: *dockerOptions
+    so-strelka-coordinator: *dockerOptions
+    so-strelka-filestream: *dockerOptions
+    so-strelka-frontend: *dockerOptions
+    so-strelka-gatekeeper: *dockerOptions
+    so-strelka-manager: *dockerOptions

salt/elasticfleet/soc_elasticfleet.yaml

@@ -4,15 +4,22 @@ elasticfleet:
       description: Endpoint enrollment key.
       global: True
       helpLink: elastic-fleet.html
+      sensitive: True
+      advanced: True
     es_token:
       description: Elastic auth token.
       global: True
       helpLink: elastic-fleet.html
+      sensitive: True
+      advanced: True
     grid_enrollment:
       description: Grid enrollment key.
       global: True
       helpLink: elastic-fleet.html
+      sensitive: True
+      advanced: True
     url:
       description: Agent connection URL.
       global: True
-      helpLink: elastic-fleet.html
+      helpLink: elastic-fleet.html
+      advanced: True

salt/elasticsearch/soc_elasticsearch.yaml

@@ -1,4 +1,7 @@
 elasticsearch:
+  esheap:
+    description: Specify the memory heap size in (m)egabytes for Elasticsearch.
+    helpLink: elasticsearch.html 
   config:
     cluster:
       name: 

salt/host/soc_host.yaml

@@ -0,0 +1,7 @@
+host:
+  mainint:
+    description: Main interface of the grid host.
+    helpLink: host.html    
+  mainip:
+    description: Main IP address of the grid host.
+    helpLink: host.html

salt/manager/soc_manager.yaml

@@ -0,0 +1,17 @@
+manager:
+  elastalert:
+    description: Enable elastalert 1=enabled 0=disabled.
+    global: True
+    helpLink: manager.html
+  no_proxy: 
+    description: String of hosts to ignore the proxy settings for. 
+    global: True
+    helpLink: manager.html
+  playbook:
+    description: Enable playbook 1=enabled 0=disabled.
+    global: True
+    helpLink: manager.html
+  proxy:
+    description: Proxy server to use for updates.
+    global: True
+    helpLink: manager.html

salt/patch/soc_patch.yaml

@@ -0,0 +1,79 @@
+patch:
+  os:
+    enabled:
+      description: Enable OS updates. 
+      helpLink: patch.html
+    schedule_to_run: 
+      description: Currently running schedule for updates.
+      helpLink: patch.html
+    schedules:
+      auto:
+        splay: &splayOptions
+          description: Seconds to splay updates.
+          helpLink: patch.html 
+        schedule:
+          hours: 
+            description: Run the OS updates every X hours. 
+            helpLink: patch.html
+      monday:
+        splay: *splayOptions
+        schedule: 
+          Monday: &dayOptions
+            description: List of times to run OS Updates on this day.
+            multiline: True
+      tuesday:
+        splay: *splayOptions
+        schedule:
+          Tuesday: *dayOptions
+      wednesday:
+        splay: *splayOptions
+        schedule:
+          Wednesday: *dayOptions
+      thursday:
+        splay: *splayOptions
+        schedule:
+          Thursday: *dayOptions
+      friday:
+        splay: *splayOptions
+        schedule:
+          Friday: *dayOptions
+      saturday:
+        splay: *splayOptions
+        schedule:
+          Saturday: *dayOptions
+      sunday:
+        splay: *splayOptions
+        schedule:
+          Sunday: *dayOptions
+      daily:
+        splay: *splayOptions
+        schedule:
+          Monday: &dailyOptions
+            description: List of times to apply OS patches daily.
+            multiline: True
+            helpLink: True
+          Tuesday: *dailyOptions
+          Wednesday: *dailyOptions
+          Thursday: *dailyOptions
+          Friday: *dailyOptions
+          Saturday: *dailyOptions
+          Sunday: *dailyOptions
+      weekdays:
+        splay: *splayOptions
+        schedule:
+          Monday: &weekdayOptions
+            description: List of times for weekdays.
+            multiline: True
+            helplink: patch.html
+          Tuesday: *weekdayOptions
+          Wednesday: *weekdayOptions
+          Thursday: *weekdayOptions
+          Friday: *weekdayOptions
+      weekends:
+        splay: *splayOptions
+        schedule:
+          Saturday: &weekendOptions
+            description:
+            multiline: true
+            helpLink: patch.html
+          Sunday: *weekendOptions

salt/sensor/soc_sensor.yaml

@@ -0,0 +1,7 @@
+sensor:
+  interface:
+    description: Main sensor monitoring interface.
+    helpLink: sensor.html    
+  mtu:
+    description: Main IP address of the grid host.
+    helpLink: host.html

salt/sensoroni/soc_sensoroni.yaml

@@ -0,0 +1,19 @@
+sensoroni:
+  node_checkin_interval_ms:
+    description: Interval in ms to checkin to the soc_host.
+    advanced: True
+    helpLink: sensoroni.html
+  node_description:
+    description: Description of the specific node.
+    helpLink: sensoroni.html
+  sensoronikey:
+    description: Shared key for sensoroni authentication.
+    helpLink: sensoroni.html
+    global: True
+    sensitive: True
+    advanced: True
+  soc_host:
+    description: Host for sensoroni agents to connect to.
+    helpLink: sensoroni.html
+    global: True
+    advanced: True

salt/soctopus/soc_soctopus.yaml

@@ -0,0 +1,7 @@
+soctopus:
+  playbook:
+    rulesets:
+      description: List of playbook rulesets.
+      advanced: True
+      helplink: soctopus.html
+      global: True

salt/strelka/filecheck/defaults.yaml

@@ -1,4 +0,0 @@
-filecheck:
-    historypath: '/nsm/strelka/history/'
-    strelkapath: '/nsm/strelka/unprocessed/'
-    logfile: '/opt/so/log/strelka/filecheck.log'