Backup Suricata for migration and remove advanced from reverselookups

2025-12-16 22:12:48 +01:00 · 2024-05-13 09:50:14 -04:00
parent a4f2d8f327
commit 641899ad56
2 changed files with 12 additions and 1 deletions
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -583,6 +583,7 @@ up_to_2.4.60() {

 up_to_2.4.70() {
  playbook_migration
+  suricata_idstools_migration
  toggle_telemetry
  add_detection_test_pillars
  INSTALLEDVERSION=2.4.70
@@ -634,6 +635,16 @@ ASSIST_EOF
  fi
 }

+suricata_idstools_migration() {
+  #Backup the pillars for idstools
+  mkdir -p /nsm/backup/detections-migration/idstools
+  rsync -av /opt/so/saltstack/local/pillar/idstools /nsm/backup/detections-migration/idstools
+
+  #Backup Thresholds
+  mkdir -p /nsm/backup/detections-migration/suricata
+  rsync -av /opt/so/saltstack/local/salt/suricata/thresholding /nsm/backup/detections-migration/suricata
+}
+
 playbook_migration() {
  # Start SOC Detections migration
  mkdir -p /nsm/backup/detections-migration/{suricata,sigma/rules,elastalert}
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -235,7 +235,7 @@ soc:
        apiTimeoutMs:
          description: Duration (in milliseconds) to wait for a response from the SOC server API before giving up and showing an error on the SOC UI.
          global: True
-          advanced: True
+          advanced: False
          forcedType: int
        webSocketTimeoutMs:
          description: Duration (in milliseconds) to wait for a response from the SOC server websocket before giving up and reconnecting.