From 4a238322679e696f1a011894c65f7e2fa57ba2b9 Mon Sep 17 00:00:00 2001 From: Wes Date: Tue, 19 Dec 2023 15:14:33 +0000 Subject: [PATCH] Don't require advanced options for required values --- salt/sensoroni/soc_sensoroni.yaml | 606 +++++++++++++++--------------- 1 file changed, 303 insertions(+), 303 deletions(-) diff --git a/salt/sensoroni/soc_sensoroni.yaml b/salt/sensoroni/soc_sensoroni.yaml index 242c74cc8..f7a10c6f7 100644 --- a/salt/sensoroni/soc_sensoroni.yaml +++ b/salt/sensoroni/soc_sensoroni.yaml @@ -1,303 +1,303 @@ -sensoroni: - enabled: - description: Enable or disable Sensoroni. - advanced: True - helpLink: grid.html - config: - analyze: - enabled: - description: Enable or disable the analyzer. - advanced: True - helpLink: cases.html - timeout_ms: - description: Timeout period for the analyzer. - advanced: True - helpLink: cases.html - parallel_limit: - description: Parallel limit for the analyzer. - advanced: True - helpLink: cases.html - node_checkin_interval_ms: - description: Interval in ms to checkin to the soc_host. - advanced: True - helpLink: grid.html - node_description: - description: Description of the specific node. - helpLink: grid.html - node: True - forcedType: string - sensoronikey: - description: Shared key for sensoroni authentication. - helpLink: grid.html - global: True - sensitive: True - advanced: True - soc_host: - description: Host for sensoroni agents to connect to. - helpLink: grid.html - global: True - advanced: True - analyzers: - echotrail: - api_key: - description: API key for the Echotrail analyzer. - helpLink: sensoroni.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the Echotrail analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - elasticsearch: - api_key: - description: API key for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Connection URL for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - auth_user: - description: Username for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - auth_pwd: - description: User password for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: True - advanced: True - forcedType: string - num_results: - description: Number of documents to return for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - index: - description: Search index for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - time_delta_minutes: - description: Time (in minutes) to search back for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: int - timestamp_field_name: - description: Specified name for a documents' timestamp field for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - map: - description: Map between observable types and search field for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - cert_path: - description: Path to a TLS certificate for the Elasticsearch analyzer. - helpLink: sensoroni.html - global: False - sensitive: False - advanced: True - forcedType: string - emailrep: - api_key: - description: API key for the EmailRep analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the EmailRep analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - greynoise: - api_key: - description: API key for the GreyNoise analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - api_version: - description: API version for the GreyNoise analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - base_url: - description: Base URL for the GreyNoise analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - localfile: - file_path: - description: File path for the LocalFile analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: "[]string" - otx: - api_key: - description: API key for the OTX analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the OTX analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - pulsedive: - api_key: - description: API key for the Pulsedive analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the Pulsedive analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - spamhaus: - lookup_host: - description: Host to use for lookups. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - nameservers: - description: Nameservers used for queries. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedTypes: "[]string" - sublime_platform: - api_key: - description: API key for the Sublime Platform analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the Sublime Platform analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - live_flow: - description: Determines if live flow analysis is used. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: bool - mailbox_email_address: - description: Source mailbox address used for live flow analysis. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - message_source_id: - description: ID of the message source used for live flow analysis. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - urlscan: - api_key: - description: API key for the Urlscan analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the Urlscan analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - enabled: - description: Analyzer enabled - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: bool - timeout: - description: Timeout for the Urlscan analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: int - visibility: - description: Type of visibility. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string - virustotal: - api_key: - description: API key for the VirusTotal analyzer. - helpLink: cases.html - global: False - sensitive: True - advanced: True - forcedType: string - base_url: - description: Base URL for the VirusTotal analyzer. - helpLink: cases.html - global: False - sensitive: False - advanced: True - forcedType: string +sensoroni: + enabled: + description: Enable or disable Sensoroni. + advanced: True + helpLink: grid.html + config: + analyze: + enabled: + description: Enable or disable the analyzer. + advanced: True + helpLink: cases.html + timeout_ms: + description: Timeout period for the analyzer. + advanced: True + helpLink: cases.html + parallel_limit: + description: Parallel limit for the analyzer. + advanced: True + helpLink: cases.html + node_checkin_interval_ms: + description: Interval in ms to checkin to the soc_host. + advanced: True + helpLink: grid.html + node_description: + description: Description of the specific node. + helpLink: grid.html + node: True + forcedType: string + sensoronikey: + description: Shared key for sensoroni authentication. + helpLink: grid.html + global: True + sensitive: True + advanced: True + soc_host: + description: Host for sensoroni agents to connect to. + helpLink: grid.html + global: True + advanced: True + analyzers: + echotrail: + api_key: + description: API key for the Echotrail analyzer. + helpLink: sensoroni.html + global: False + sensitive: True + advanced: False + forcedType: string + base_url: + description: Base URL for the Echotrail analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: False + forcedType: string + elasticsearch: + api_key: + description: API key for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Connection URL for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: False + forcedType: string + auth_user: + description: Username for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: False + forcedType: string + auth_pwd: + description: User password for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: True + advanced: False + forcedType: string + num_results: + description: Number of documents to return for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: True + forcedType: string + index: + description: Search index for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: False + forcedType: string + time_delta_minutes: + description: Time (in minutes) to search back for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: True + forcedType: int + timestamp_field_name: + description: Specified name for a documents' timestamp field for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: True + forcedType: string + map: + description: Map between observable types and search field for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: False + forcedType: string + cert_path: + description: Path to a TLS certificate for the Elasticsearch analyzer. + helpLink: sensoroni.html + global: False + sensitive: False + advanced: False + forcedType: string + emailrep: + api_key: + description: API key for the EmailRep analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Base URL for the EmailRep analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + greynoise: + api_key: + description: API key for the GreyNoise analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + api_version: + description: API version for the GreyNoise analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + base_url: + description: Base URL for the GreyNoise analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + localfile: + file_path: + description: File path for the LocalFile analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: "[]string" + otx: + api_key: + description: API key for the OTX analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Base URL for the OTX analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + pulsedive: + api_key: + description: API key for the Pulsedive analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Base URL for the Pulsedive analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + spamhaus: + lookup_host: + description: Host to use for lookups. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + nameservers: + description: Nameservers used for queries. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedTypes: "[]string" + sublime_platform: + api_key: + description: API key for the Sublime Platform analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Base URL for the Sublime Platform analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + live_flow: + description: Determines if live flow analysis is used. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: bool + mailbox_email_address: + description: Source mailbox address used for live flow analysis. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + message_source_id: + description: ID of the message source used for live flow analysis. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + urlscan: + api_key: + description: API key for the Urlscan analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Base URL for the Urlscan analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + enabled: + description: Analyzer enabled + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: bool + timeout: + description: Timeout for the Urlscan analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: int + visibility: + description: Type of visibility. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string + virustotal: + api_key: + description: API key for the VirusTotal analyzer. + helpLink: cases.html + global: False + sensitive: True + advanced: True + forcedType: string + base_url: + description: Base URL for the VirusTotal analyzer. + helpLink: cases.html + global: False + sensitive: False + advanced: True + forcedType: string