CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 07:23:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Don't require advanced options for required values

Browse Source
This commit is contained in:
Wes
2023-12-19 15:14:33 +00:00
parent 614589153b
commit 4a23832267
1 changed files with 303 additions and 303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

606
salt/sensoroni/soc_sensoroni.yaml
View File

@@ -1,303 +1,303 @@
sensoroni: sensoroni:
enabled: enabled:
description: Enable or disable Sensoroni. description: Enable or disable Sensoroni.
advanced: True advanced: True
helpLink: grid.html helpLink: grid.html
config: config:
analyze: analyze:
enabled: enabled:
description: Enable or disable the analyzer. description: Enable or disable the analyzer.
advanced: True advanced: True
helpLink: cases.html helpLink: cases.html
timeout_ms: timeout_ms:
description: Timeout period for the analyzer. description: Timeout period for the analyzer.
advanced: True advanced: True
helpLink: cases.html helpLink: cases.html
parallel_limit: parallel_limit:
description: Parallel limit for the analyzer. description: Parallel limit for the analyzer.
advanced: True advanced: True
helpLink: cases.html helpLink: cases.html
node_checkin_interval_ms: node_checkin_interval_ms:
description: Interval in ms to checkin to the soc_host. description: Interval in ms to checkin to the soc_host.
advanced: True advanced: True
helpLink: grid.html helpLink: grid.html
node_description: node_description:
description: Description of the specific node. description: Description of the specific node.
helpLink: grid.html helpLink: grid.html
node: True node: True
forcedType: string forcedType: string
sensoronikey: sensoronikey:
description: Shared key for sensoroni authentication. description: Shared key for sensoroni authentication.
helpLink: grid.html helpLink: grid.html
global: True global: True
sensitive: True sensitive: True
advanced: True advanced: True
soc_host: soc_host:
description: Host for sensoroni agents to connect to. description: Host for sensoroni agents to connect to.
helpLink: grid.html helpLink: grid.html
global: True global: True
advanced: True advanced: True
analyzers: analyzers:
echotrail: echotrail:
api_key: api_key:
description: API key for the Echotrail analyzer. description: API key for the Echotrail analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: False
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the Echotrail analyzer. description: Base URL for the Echotrail analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: False
forcedType: string forcedType: string
elasticsearch: elasticsearch:
api_key: api_key:
description: API key for the Elasticsearch analyzer. description: API key for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Connection URL for the Elasticsearch analyzer. description: Connection URL for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: False
forcedType: string forcedType: string
auth_user: auth_user:
description: Username for the Elasticsearch analyzer. description: Username for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: False
forcedType: string forcedType: string
auth_pwd: auth_pwd:
description: User password for the Elasticsearch analyzer. description: User password for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: False
forcedType: string forcedType: string
num_results: num_results:
description: Number of documents to return for the Elasticsearch analyzer. description: Number of documents to return for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
index: index:
description: Search index for the Elasticsearch analyzer. description: Search index for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: False
forcedType: string forcedType: string
time_delta_minutes: time_delta_minutes:
description: Time (in minutes) to search back for the Elasticsearch analyzer. description: Time (in minutes) to search back for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: int forcedType: int
timestamp_field_name: timestamp_field_name:
description: Specified name for a documents' timestamp field for the Elasticsearch analyzer. description: Specified name for a documents' timestamp field for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
map: map:
description: Map between observable types and search field for the Elasticsearch analyzer. description: Map between observable types and search field for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: False
forcedType: string forcedType: string
cert_path: cert_path:
description: Path to a TLS certificate for the Elasticsearch analyzer. description: Path to a TLS certificate for the Elasticsearch analyzer.
helpLink: sensoroni.html helpLink: sensoroni.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: False
forcedType: string forcedType: string
emailrep: emailrep:
api_key: api_key:
description: API key for the EmailRep analyzer. description: API key for the EmailRep analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the EmailRep analyzer. description: Base URL for the EmailRep analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
greynoise: greynoise:
api_key: api_key:
description: API key for the GreyNoise analyzer. description: API key for the GreyNoise analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
api_version: api_version:
description: API version for the GreyNoise analyzer. description: API version for the GreyNoise analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the GreyNoise analyzer. description: Base URL for the GreyNoise analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
localfile: localfile:
file_path: file_path:
description: File path for the LocalFile analyzer. description: File path for the LocalFile analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: "[]string" forcedType: "[]string"
otx: otx:
api_key: api_key:
description: API key for the OTX analyzer. description: API key for the OTX analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the OTX analyzer. description: Base URL for the OTX analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
pulsedive: pulsedive:
api_key: api_key:
description: API key for the Pulsedive analyzer. description: API key for the Pulsedive analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the Pulsedive analyzer. description: Base URL for the Pulsedive analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
spamhaus: spamhaus:
lookup_host: lookup_host:
description: Host to use for lookups. description: Host to use for lookups.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
nameservers: nameservers:
description: Nameservers used for queries. description: Nameservers used for queries.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedTypes: "[]string" forcedTypes: "[]string"
sublime_platform: sublime_platform:
api_key: api_key:
description: API key for the Sublime Platform analyzer. description: API key for the Sublime Platform analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the Sublime Platform analyzer. description: Base URL for the Sublime Platform analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
live_flow: live_flow:
description: Determines if live flow analysis is used. description: Determines if live flow analysis is used.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: bool forcedType: bool
mailbox_email_address: mailbox_email_address:
description: Source mailbox address used for live flow analysis. description: Source mailbox address used for live flow analysis.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
message_source_id: message_source_id:
description: ID of the message source used for live flow analysis. description: ID of the message source used for live flow analysis.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
urlscan: urlscan:
api_key: api_key:
description: API key for the Urlscan analyzer. description: API key for the Urlscan analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the Urlscan analyzer. description: Base URL for the Urlscan analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
enabled: enabled:
description: Analyzer enabled description: Analyzer enabled
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: bool forcedType: bool
timeout: timeout:
description: Timeout for the Urlscan analyzer. description: Timeout for the Urlscan analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: int forcedType: int
visibility: visibility:
description: Type of visibility. description: Type of visibility.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string
virustotal: virustotal:
api_key: api_key:
description: API key for the VirusTotal analyzer. description: API key for the VirusTotal analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: True sensitive: True
advanced: True advanced: True
forcedType: string forcedType: string
base_url: base_url:
description: Base URL for the VirusTotal analyzer. description: Base URL for the VirusTotal analyzer.
helpLink: cases.html helpLink: cases.html
global: False global: False
sensitive: False sensitive: False
advanced: True advanced: True
forcedType: string forcedType: string