From 3fd210463eaaec3a15837b0f81f6700f0ba19382 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 21 Dec 2022 18:11:39 -0500 Subject: [PATCH 1/3] fix redis defaults to force string keys instead of numeric --- salt/redis/soc_redis.yaml | 6 +++--- salt/soc/soc_soc.yaml | 6 ++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/salt/redis/soc_redis.yaml b/salt/redis/soc_redis.yaml index dad76bf80..9a86cb4c8 100644 --- a/salt/redis/soc_redis.yaml +++ b/salt/redis/soc_redis.yaml @@ -117,15 +117,15 @@ redis: advanced: True helpLink: redis.html save: - 900: + '900': description: Set the amount of keys that need to change to save after 15 minutes. global: True helpLink: redis.html - 300: + '300: description: Set the amount of keys that need to change to save after 5 minutes. global: True helpLink: redis.html - 60: + '60': description: Set the amount of keys that need to change to save after 1 minute global: True helpLink: redis.html diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml index d8dbacc29..8febe0681 100644 --- a/salt/soc/soc_soc.yaml +++ b/salt/soc/soc_soc.yaml @@ -42,8 +42,9 @@ soc: description: A list of actions a user can take from the SOC UI against a hunt, alert, and other records. The action must be defined in JSON object format, and contain a "name" key and "links" key. The links is a list of URLs, where the most suitable URL in the list will be the selected URL when the user clicks the action. global: True eventFields: - description: A map of event metadata groupings to field lists. The field list specifies all the columns to show when displaying individual events (not groups). The event metadata grouping uses the format ":event.module:event.dataset". - global: True + default: + description: The list of fields to show as columns in the Hunt/Dashboards event table, when no other specific mapping applies. Mappings are defined by the format ":event.module:event.dataset". + global: True server: maxPacketCount: description: Maximum number of packets to show in the PCAP viewer. Larger values can cause more resource utilization on both the SOC server and the browser. @@ -146,6 +147,7 @@ soc: global: True queries: description: List of default queries to show in the query list. Each query is represented in JSON object notation, and must include the "name" key and "query" key. + global: True alerts: *appSettings cases: *appSettings dashboards: *appSettings From 8b6006e9c3d2c310cf82cc21a5ff4e822fa80004 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 21 Dec 2022 18:14:18 -0500 Subject: [PATCH 2/3] fix redis defaults to force string keys instead of numeric --- salt/redis/defaults.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/salt/redis/defaults.yaml b/salt/redis/defaults.yaml index 252082901..a0ff4e685 100644 --- a/salt/redis/defaults.yaml +++ b/salt/redis/defaults.yaml @@ -29,9 +29,9 @@ redis: databases: 16 always-show-logo: 'yes' save: - 900: 1 - 300: 10 - 60: 1000 + '900': 1 + '300': 10 + '60': 1000 stop-writes-on-bgsave-error: 'yes' rdbcompression: 'yes' rdbchecksum: 'yes' From 38634fde17afaa3fc6ca86f5d2df5b3fbffd4b8c Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 21 Dec 2022 18:15:17 -0500 Subject: [PATCH 3/3] fix redis defaults to force string keys instead of numeric --- salt/redis/soc_redis.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/redis/soc_redis.yaml b/salt/redis/soc_redis.yaml index 9a86cb4c8..374b613b5 100644 --- a/salt/redis/soc_redis.yaml +++ b/salt/redis/soc_redis.yaml @@ -121,7 +121,7 @@ redis: description: Set the amount of keys that need to change to save after 15 minutes. global: True helpLink: redis.html - '300: + '300': description: Set the amount of keys that need to change to save after 5 minutes. global: True helpLink: redis.html