Add fileanalyze module salt configuration

Adds sensoroni agent configuration for the new fileanalyze module
that replaces the Strelka file analysis containers:
- defaults.yaml: default config values (watchDirs, concurrency, dedup, etc.)
- sensoroni.json: Jinja2 template to render module config when enabled
- soc_sensoroni.yaml: SOC config schema with descriptions for all settings

salt/sensoroni/defaults.yaml

@@ -16,6 +16,21 @@ sensoroni:
     soc_host:
     suripcap:
       pcapMaxCount: 100000
+    fileanalyze:
+      enabled: False
+      watchDirs:
+        - /nsm/zeek/extracted/complete
+      processedDir: /nsm/strelka/processed
+      historyDir: /nsm/strelka/history
+      logFile: /var/log/strelka/strelka.log
+      concurrency: 8
+      maxDepth: 15
+      recycleSeconds: 300
+      dedupMaxEntries: 100000
+      dedupTTLSeconds: 3600
+      yaraRulesPath: /opt/so/conf/strelka/rules/compiled/rules.compiled
+      passwordsPath: /etc/strelka/passwords.dat
+      scannerTimeout: 150
   analyzers:
       echotrail:
         base_url: https://api.echotrail.io/insights/