CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into dev

Browse Source
This commit is contained in:
Mike Reeves
2020-09-09 14:57:17 -04:00
parent 04f4539385 a5b87850df
commit a77532c1d8
3 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/common/tools/sbin/so-user
View File

@@ -202,7 +202,6 @@ case "${operation}" in
createUser "$email"
echo "Successfully added new user to SOC"
check_container thehive && echo $password | so-thehive-user-add "$email"
check_container cortex && echo $password | so-cortex-user-add "$email"
check_container fleet && echo $password | so-fleet-user-add "$email"
;;
@@ -226,7 +225,6 @@ case "${operation}" in
updateStatus "$email" 'active'
echo "Successfully enabled user"
check_container thehive && so-thehive-user-enable "$email" true
check_container cortex && so-cortex-user-enable "$email" true
check_container fleet && so-fleet-user-enable "$email" true
;;
@@ -237,7 +235,6 @@ case "${operation}" in
updateStatus "$email" 'locked'
echo "Successfully disabled user"
check_container thehive && so-thehive-user-enable "$email" false
check_container cortex && so-cortex-user-enable "$email" false
check_container fleet && so-fleet-user-enable "$email" false
;;
@@ -248,7 +245,6 @@ case "${operation}" in
deleteUser "$email"
echo "Successfully deleted user"
check_container thehive && so-thehive-user-enable "$email" false
check_container cortex && so-cortex-user-enable "$email" false
check_container fleet && so-fleet-user-enable "$email" false
;;

3
salt/soc/files/soc/soc.json
View File

@@ -145,7 +145,8 @@
"actions": [
{ "name": "", "description": "actionPcapHelp", "icon": "fa-stream", "link": "/joblookup?esid={eventId}" },
{ "name": "", "description": "actionAlertHelp", "icon": "fa-bell", "link": "/soctopus/thehive/alert/{eventId}" },
{ "name": "", "description": "actionVirtusTotalHelp", "icon": "fa-globe", "link": "https://www.virustotal.com/gui/ip-address/{value}/detection", "fields": [ "source.ip", "destination.ip" ] }
{ "name": "", "description": "actionGoogleHelp", "icon": "fab fa-google", "link": "https://www.google.com/search?q={value}" },
{ "name": "actionVirusTotal", "description": "actionVirusTotalHelp", "icon": "", "link": "https://www.virustotal.com/gui/search/{value}" }
]
}
}

3
setup/so-whiptail
View File

@@ -621,8 +621,7 @@ whiptail_nids() {
[ -n "$TESTING" ] && return
NIDS=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose which IDS to run. \n
Snort 3.0 support will be added once it is out of beta:" 25 75 4 \
"Choose which IDS to run. \n\n(Snort 3.0 support will be added once it is out of beta.)" 25 75 4 \
"Suricata" "Suricata" ON \
"Snort" "Placeholder for Snort 3.0 " OFF 3>&1 1>&2 2>&3 )