Switch soc.json to use lowercase labels in default queries; Also enable the 'Add Case' feature

2025-12-06 09:12:45 +01:00 · 2022-01-05 09:54:13 -05:00
parent e6051cb653
commit 4bfdfffe21
2 changed files with 4 additions and 3 deletions
--- a/salt/soc/files/soc/cases.queries.json
+++ b/salt/soc/files/soc/cases.queries.json
@@ -1,5 +1,5 @@
 [
-  { "name": "Open Cases", "query": "NOT case.status:Closed AND NOT case.category:Template" },
-  { "name": "Closed Cases", "query": "case.status:Closed AND NOT case.category:Template" },
-  { "name": "Templates", "query": "case.category:Template" }
+  { "name": "Open Cases", "query": "NOT case.status:closed AND NOT case.category:template" },
+  { "name": "Closed Cases", "query": "case.status:closed AND NOT case.category:template" },
+  { "name": "Templates", "query": "case.category:template" }
 ]
--- a/salt/soc/files/soc/soc.json
+++ b/salt/soc/files/soc/soc.json
@@ -207,6 +207,7 @@
        "escalateEnabled": false,
        "escalateRelatedEventsEnabled": false,
        "viewEnabled": true,
+        "createLink": "/case/create",
        "eventFields": {{ cases_eventfields | json }},
        "queryBaseFilter": "_index:\"*:so-case\" AND kind:case",
        "queryToggleFilters": [