actions

2025-12-06 09:12:45 +01:00 · 2025-02-26 13:34:32 -05:00
parent ee1af39c55
commit 6fec217068
4 changed files with 10 additions and 0 deletions
--- a/salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml
+++ b/salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml
@@ -1,4 +1,5 @@
 elastic_fleet_package_registry:
  enabled:
+    forcedType: bool
    description: Enables or disables the Fleet package registry process. This process must remain enabled to allow Elastic Agent packages to be updated.
    advanced: True
--- a/salt/elasticagent/soc_elasticagent.yaml
+++ b/salt/elasticagent/soc_elasticagent.yaml
@@ -1,4 +1,5 @@
 elasticagent:
  enabled:
+    forcedType: bool
    description: Enables or disables the Elastic Agent process. This process must remain enabled to allow collection of node events.
    advanced: True
--- a/salt/elasticfleet/soc_elasticfleet.yaml
+++ b/salt/elasticfleet/soc_elasticfleet.yaml
@@ -3,6 +3,7 @@ elasticfleet:
    description: Enables or disables the Elastic Fleet process. This process is critical for managing Elastic Agents.
    advanced: True
    helpLink: elastic-fleet.html
+    forcedType: bool
  enable_manager_output:
    description: Setting this option to False should only be considered if there is at least one receiver node in the grid. If True, Elastic Agent will send events to the manager and receivers. If False, events will only be send to the receivers.
    advanced: True
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -63,6 +63,13 @@ soc:
      description: A list of actions a user can take from the SOC UI against a hunt, alert, and other records. The action must be defined in JSON object format, and contain a "name" key and "links" key. The links is a list of URLs, where the most suitable URL in the list will be the selected URL when the user clicks the action.
      global: True
      forcedType: "[]{}"
+      uiElements:
+        - field: description
+          label: Description
+        - field: icon
+          label: Icon
+        - field: links
+          label: Links
    eventFields:
      default: &eventFields
        description: Event fields mappings are defined by the format ":event.module:event.dataset". For example, to customize which fields show for 'syslog' events originating from 'zeek', find the eventField item in the left panel that looks like ':zeek:syslog'. The 'default' entry is used for all events that do not match an existing mapping defined in the list to the left.