Add new quick actions to SOC config template

salt/soc/files/soc/soc.json

@@ -141,6 +141,11 @@
           { "name": "x509", "description": "x.509 grouped by issuer", "query": "event.dataset:x509 | groupby x509.certificate.issuer"},
           { "name": "x509", "description": "x.509 grouped by subject", "query": "event.dataset:x509 | groupby x509.certificate.subject"},
           { "name": "Firewall", "description": "Firewall events grouped by action", "query": "event_type:firewall | groupby action"}
+        ],
+        "actions": [
+          { "name": "", "description": "actionPcapHelp", "icon": "fa-stream", "link": "/joblookup?esid={eventId}" },
+          { "name": "", "description": "actionAlertHelp", "icon": "fa-bell", "link": "/soctopus/thehive/alert/{eventId}" },
+          { "name": "", "description": "actionVirtusTotalHelp", "icon": "fa-globe", "link": "https://www.virustotal.com/gui/ip-address/{value}/detection", "fields": [ "source.ip", "destination.ip" ] }
         ]
       }
     }