From 641899ad562b4fc02ed182396f07459c284c3456 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 13 May 2024 09:50:14 -0400
Subject: [PATCH 1/4] Backup Suricata for migration and remove advanced from
 reverselookups

---
 salt/manager/tools/sbin/soup | 11 +++++++++++
 salt/soc/soc_soc.yaml        |  2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup
index aaa703ba9..f22bdec22 100755
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -583,6 +583,7 @@ up_to_2.4.60() {
 
 up_to_2.4.70() {
   playbook_migration
+  suricata_idstools_migration
   toggle_telemetry
   add_detection_test_pillars
   INSTALLEDVERSION=2.4.70
@@ -634,6 +635,16 @@ ASSIST_EOF
   fi
 }
 
+suricata_idstools_migration() {
+  #Backup the pillars for idstools
+  mkdir -p /nsm/backup/detections-migration/idstools
+  rsync -av /opt/so/saltstack/local/pillar/idstools /nsm/backup/detections-migration/idstools
+
+  #Backup Thresholds
+  mkdir -p /nsm/backup/detections-migration/suricata
+  rsync -av /opt/so/saltstack/local/salt/suricata/thresholding /nsm/backup/detections-migration/suricata
+}
+
 playbook_migration() {
   # Start SOC Detections migration
   mkdir -p /nsm/backup/detections-migration/{suricata,sigma/rules,elastalert}
diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index c908521fa..2a7659384 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -235,7 +235,7 @@ soc:
         apiTimeoutMs:
           description: Duration (in milliseconds) to wait for a response from the SOC server API before giving up and showing an error on the SOC UI.
           global: True
-          advanced: True
+          advanced: False
           forcedType: int
         webSocketTimeoutMs:
           description: Duration (in milliseconds) to wait for a response from the SOC server websocket before giving up and reconnecting.

From 6c71c45ef6283d8c1849e706446168acc43a9dbc Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 13 May 2024 09:55:57 -0400
Subject: [PATCH 2/4] Update soup

---
 salt/manager/tools/sbin/soup | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup
index f22bdec22..b57af160d 100755
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -638,7 +638,7 @@ ASSIST_EOF
 suricata_idstools_migration() {
   #Backup the pillars for idstools
   mkdir -p /nsm/backup/detections-migration/idstools
-  rsync -av /opt/so/saltstack/local/pillar/idstools /nsm/backup/detections-migration/idstools
+  rsync -av /opt/so/saltstack/local/pillar/idstools/* /nsm/backup/detections-migration/idstools
 
   #Backup Thresholds
   mkdir -p /nsm/backup/detections-migration/suricata

From 28e40e42b388973ca3eca646458105ce970ab3cb Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 13 May 2024 09:58:32 -0400
Subject: [PATCH 3/4] Update soc_soc.yaml

---
 salt/soc/soc_soc.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index 2a7659384..c908521fa 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -235,7 +235,7 @@ soc:
         apiTimeoutMs:
           description: Duration (in milliseconds) to wait for a response from the SOC server API before giving up and showing an error on the SOC UI.
           global: True
-          advanced: False
+          advanced: True
           forcedType: int
         webSocketTimeoutMs:
           description: Duration (in milliseconds) to wait for a response from the SOC server websocket before giving up and reconnecting.

From 9d6f6c7893f45f2d830f0d064278334b4e57bae6 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 13 May 2024 10:09:35 -0400
Subject: [PATCH 4/4] Update soup

---
 salt/manager/tools/sbin/soup | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup
index b57af160d..8e77fecf0 100755
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -639,10 +639,20 @@ suricata_idstools_migration() {
   #Backup the pillars for idstools
   mkdir -p /nsm/backup/detections-migration/idstools
   rsync -av /opt/so/saltstack/local/pillar/idstools/* /nsm/backup/detections-migration/idstools
+  if [[ $? -eq 0 ]]; then
+  	echo "IDStools configuration has been backed up."
+  else
+  	fail "Error: rsync failed to copy the files. IDStools configuration has not been backed up."
+  fi
 
   #Backup Thresholds
   mkdir -p /nsm/backup/detections-migration/suricata
   rsync -av /opt/so/saltstack/local/salt/suricata/thresholding /nsm/backup/detections-migration/suricata
+  if [[ $? -eq 0 ]]; then
+  	echo "Suricata thresholds have been backed up."
+  else
+  	fail "Error: rsync failed to copy the files. Thresholds have not been backed up."
+  fi
 }
 
 playbook_migration() {