CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6762 from Security-Onion-Solutions/kilo

Browse Source 
Switch soc.json to use lowercase labels in default queries; Also enab…
This commit is contained in:
Jason Ertel
2022-01-05 09:59:39 -05:00
committed by GitHub
parent 1adc4c5346 4bfdfffe21
commit 89415b12ce
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/soc/files/soc/cases.queries.json
View File

@@ -1,5 +1,5 @@
[ [
{ "name": "Open Cases", "query": "NOT case.status:Closed AND NOT case.category:Template" }, { "name": "Open Cases", "query": "NOT case.status:closed AND NOT case.category:template" },
{ "name": "Closed Cases", "query": "case.status:Closed AND NOT case.category:Template" }, { "name": "Closed Cases", "query": "case.status:closed AND NOT case.category:template" },
{ "name": "Templates", "query": "case.category:Template" } { "name": "Templates", "query": "case.category:template" }
] ]

1
salt/soc/files/soc/soc.json
View File

@@ -207,6 +207,7 @@
"escalateEnabled": false, "escalateEnabled": false,
"escalateRelatedEventsEnabled": false, "escalateRelatedEventsEnabled": false,
"viewEnabled": true, "viewEnabled": true,
"createLink": "/case/create",
"eventFields": {{ cases_eventfields | json }}, "eventFields": {{ cases_eventfields | json }},
"queryBaseFilter": "_index:\"*:so-case\" AND kind:case", "queryBaseFilter": "_index:\"*:so-case\" AND kind:case",
"queryToggleFilters": [ "queryToggleFilters": [