From 6fa11a38ef6baf3e2a61f788d74898eeccc6b4bf Mon Sep 17 00:00:00 2001 From: Joshua Brower Date: Tue, 7 Jan 2025 13:14:50 -0500 Subject: [PATCH] Update defaults --- salt/nginx/enabled.sls | 1 - salt/nginx/files/navigator_config.json | 9 ++++++--- salt/soc/defaults.yaml | 4 ++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/salt/nginx/enabled.sls b/salt/nginx/enabled.sls index 91ea0fd24..8140aaa9f 100644 --- a/salt/nginx/enabled.sls +++ b/salt/nginx/enabled.sls @@ -164,7 +164,6 @@ so-nginx: - x509: managerssl_crt {% endif%} - file: navigatorconfig - - file: navigatordefaultlayer {% endif %} delete_so-nginx_so-status.disabled: diff --git a/salt/nginx/files/navigator_config.json b/salt/nginx/files/navigator_config.json index 6073179c5..2b04a11e0 100644 --- a/salt/nginx/files/navigator_config.json +++ b/salt/nginx/files/navigator_config.json @@ -17,11 +17,14 @@ } ], - "custom_context_menu_items": [ {"label": "view related Detections","url": " https://{{URL_BASE}}/#/detections?q=*{{ "{{technique_attackID}}" }}*+|+groupby+so_detection.language+|+groupby+so_detection.ruleset+so_detection.isEnabled+|+groupby+%22so_detection.category%22&z=America/New_York&el=500&gl=50&rt=0&rtu=hours"}], + "custom_context_menu_items": [ + {"label": "View related Detections","url": " https://{{URL_BASE}}/#/detections?q=*{{ "{{technique_attackID}}" }}*+|+groupby+so_detection.language+|+groupby+so_detection.ruleset+so_detection.isEnabled+|+groupby+%22so_detection.category%22&z=America/New_York&el=500&gl=50&rt=0&rtu=hours"}, + {"label": "View related Alerts","url": " https://{{URL_BASE}}/#/alerts?q=*{{ "{{technique_attackID}}" }}*+|+groupby+rule.name+event.module*+event.severity_label+rule.uuid&z=America/New_York&el=500&gl=500&rt=15&rtu=days"} + ], "default_layers": { "enabled": true, - "urls": ["assets/so/navigator_layer_sigma.json","assets/so/navigator_layer_suricata.json"] + "urls": ["assets/so/navigator_layer_all_detections.json","assets/so/navigator_layer_sigma.json","assets/so/navigator_layer_suricata.json","assets/so/navigator_layer_alerts.json"] }, "comment_color": "yellow", @@ -40,7 +43,7 @@ {"name": "link_underline", "enabled": true, "description": "Disable to remove the hyperlink underline effect on techniques."} ], "features": [ - {"name": "leave_site_dialog", "enabled": true, "description": "Disable to remove the dialog prompt when leaving site."}, + {"name": "leave_site_dialog", "enabled": false, "description": "Disable to remove the dialog prompt when leaving site."}, {"name": "tabs", "disabled": true, "description": "Disable to remove the ability to open new tabs."}, {"name": "selecting_techniques", "enabled": true, "description": "Disable to remove the ability to select techniques."}, {"name": "header", "enabled": true, "description": "Disable to remove the header containing banner."}, diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml index 813b54223..a8b5f4b4c 100644 --- a/salt/soc/defaults.yaml +++ b/salt/soc/defaults.yaml @@ -1502,6 +1502,10 @@ soc: integrityCheckFrequencySeconds: 1200 ignoredSidRanges: - '1100000-1101000' + navigator: + intervalMinutes: 30 + outputPath: /opt/sensoroni/navigator + lookbackDays: 3 client: enableReverseLookup: false docsUrl: /docs/