From d3c5d0569a7d03ce9794d26e669448b5b1899e09 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Fri, 24 Feb 2023 10:20:02 -0500
Subject: [PATCH 1/2] Remove FleetDM tool instead of deactivating it

---
 salt/soc/defaults.yaml    | 5 -----
 salt/soc/merged.map.jinja | 2 --
 2 files changed, 7 deletions(-)

diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 0723f2da9..9a468902c 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1091,11 +1091,6 @@ soc:
           icon: fa-external-link-alt
           target: so-playbook
           link: /playbook/projects/detection-playbooks/issues/
-        - name: toolFleet
-          description: toolFleetHelp
-          icon: fa-external-link-alt
-          target: so-fleet
-          link: /fleet/
         - name: toolNavigator
           description: toolNavigatorHelp
           icon: fa-external-link-alt
diff --git a/salt/soc/merged.map.jinja b/salt/soc/merged.map.jinja
index 4ae7ce38e..0b5badba1 100644
--- a/salt/soc/merged.map.jinja
+++ b/salt/soc/merged.map.jinja
@@ -25,8 +25,6 @@
 {%   do SOCMERGED.server.client.inactiveTools.append('toolPlaybook') %}
 {% endif %}
 
-{% do SOCMERGED.server.client.inactiveTools.append('toolFleet') %}
-
 {% set standard_actions = SOCMERGED.pop('actions') %}
 {% if pillar.global.endgamehost is defined %}
 {%   set endgame_dict = {

From 316db8558432a4197d9e670c8508ce8ecb94e30a Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Fri, 24 Feb 2023 10:20:23 -0500
Subject: [PATCH 2/2] Generate SOC SRVKey during setup

---
 salt/soc/soc_soc.yaml | 5 +++++
 setup/so-functions    | 7 ++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml
index e6b43cf0b..17737abe4 100644
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -47,6 +47,11 @@ soc:
       global: True
       advanced: True
   server:
+    srvKey:
+      description: Unique key for protecting the integrity of user submitted data via the web browser.
+      global: True
+      sensitive: True
+      advanced: True
     maxPacketCount:
       description: Maximum number of packets to show in the PCAP viewer. Larger values can cause more resource utilization on both the SOC server and the browser.
       global: True
diff --git a/setup/so-functions b/setup/so-functions
index 8139b60a1..dc5d21f08 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1245,6 +1245,7 @@ generate_passwords(){
   SENSORONIKEY=$(get_random_value)
   KRATOSKEY=$(get_random_value)
   REDISPASS=$(get_random_value)
+  SOCSRVKEY=$(get_random_value 64)
 }
 
 generate_interface_vars() {
@@ -1380,7 +1381,11 @@ idstools_pillar() {
 soc_pillar() {
 	title "Creating the SOC pillar"
 	touch $adv_soc_pillar_file
-	touch $soc_pillar_file
+	printf '%s\n'\
+		"soc:"\
+		"  server:"\
+		"    srvKey: '$SOCSRVKEY'"\
+		"" > "$soc_pillar_file"
 }
 
 telegraf_pillar() {