CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #106 from defensivedepth/playbook

Browse Source 
Playbook and Navigator - initial salt config
This commit is contained in:
Josh Brower
2019-09-25 13:07:44 -04:00
committed by GitHub
parent 58073cd04f 909e35ec3b
commit f69a5212ff
4 changed files with 165 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
salt/common/nginx/nginx.conf.so-master
View File

@@ -113,6 +113,30 @@ http {
}
location /playbook/ {
proxy_pass http://{{ masterip }}:3200/playbook/;
proxy_read_timeout 90;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Proxy "";
}
location /navigator/ {
auth_basic "Security Onion";
auth_basic_user_file /opt/so/conf/nginx/.htpasswd;
proxy_pass http://{{ masterip }}:4200/navigator/;
proxy_read_timeout 90;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Proxy "";
}
location /api/ {
proxy_pass https://{{ masterip }}:8080/api/;
proxy_read_timeout 90;

33
salt/playbook/files/nav_layer_playbook.json Normal file
View File

@@ -0,0 +1,33 @@
{
"name": "Playbook",
"version": "2.1",
"domain": "mitre-enterprise",
"description": "Current Coverage of Playbook",
"filters": {
"stages": ["act"],
"platforms": [
"windows",
"linux",
"mac"
]
},
"sorting": 0,
"viewMode": 0,
"hideDisabled": "false",
"techniques": [{
"techniqueID": "T1003",
"color": "#5AADFF",
"comment": "",
"enabled": "true",
"metadata": []
}],
"gradient": {
"colors": ["#ff6666", "#ffe766", "#8ec843"],
"minValue": 0,
"maxValue": 100
},
"metadata": [],
"showTacticRowBackground": "false",
"tacticRowBackground": "#dddddd",
"selectTechniquesAcrossTactics": "true"
}

59
salt/playbook/files/navigator_config.json Normal file
View File

@@ -0,0 +1,59 @@
{%- set ip = salt['pillar.get']('static:masterip', '') %}
{
"enterprise_attack_url": "https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json",
"pre_attack_url": "https://raw.githubusercontent.com/mitre/cti/master/pre-attack/pre-attack.json",
"mobile_data_url": "https://raw.githubusercontent.com/mitre/cti/master/mobile-attack/mobile-attack.json",
"taxii_server": {
"enabled": false,
"url": "https://cti-taxii.mitre.org/",
"collections": {
"enterprise_attack": "95ecc380-afe9-11e4-9b6c-751b66dd541e",
"pre_attack": "062767bd-02d2-4b72-84ba-56caef0f8658",
"mobile_attack": "2f669986-b40b-4423-b720-4396ca6a462b"
}
},
"domain": "mitre-enterprise",
"custom_context_menu_items": [ {"label": "view related plays","url": " https://{{ip}}/playbook/projects/playbook-prod/issues?utf8=%E2%9C%93&set_filter=1&sort=id%3Adesc&f%5B%5D=status_id&op%5Bstatus_id%5D=o&f%5B%5D=cf_27&op%5Bcf_27%5D=%3D&f%5B%5D=&c%5B%5D=status&c%5B%5D=cf_24&c%5B%5D=cf_25&c%5B%5D=cf_6&c%5B%5D=updated_on&group_by=&t%5B%5D=&v%5Bcf_27%5D%5B%5D=~Technique_ID~"}],
"default_layers": {
"enabled": true,
"urls": [
"assets/playbook.json"
]
},
"comment_color": "yellow",
"features": [
{"name": "tabs", "enabled": true, "description": "Disable to remove the ability to open new tabs."},
{"name": "selecting_techniques", "enabled": true, "description": "Disable to remove the ability to select techniques."},
{"name": "header", "enabled": true, "description": "Disable to remove the header containing 'MITRE ATT&CK Navigator' and the link to the help page. The help page can still be accessed from the new tab menu."},
{"name": "selection_controls", "enabled": true, "description": "Disable to to disable all subfeatures", "subfeatures": [
{"name": "search", "enabled": true, "description": "Disable to remove the technique search panel from the interface."},
{"name": "multiselect", "enabled": true, "description": "Disable to remove the multiselect panel from interface."},
{"name": "deselect_all", "enabled": true, "description": "Disable to remove the deselect all button from the interface."}
]},
{"name": "layer_controls", "enabled": true, "description": "Disable to to disable all subfeatures", "subfeatures": [
{"name": "layer_info", "enabled": true, "description": "Disable to remove the layer info (name, description and metadata) panel from the interface. Note that the layer can still be renamed in the tab."},
{"name": "download_layer", "enabled": true, "description": "Disable to remove the button to download the layer."},
{"name": "export_render", "enabled": true, "description": "Disable to the remove the button to render the current layer."},
{"name": "export_excel", "enabled": true, "description": "Disable to the remove the button to export the current layer to MS Excel (.xlsx) format."},
{"name": "filters", "enabled": true, "description": "Disable to the remove the filters panel from interface."},
{"name": "sorting", "enabled": true, "description": "Disable to the remove the sorting button from the interface."},
{"name": "color_setup", "enabled": true, "description": "Disable to the remove the color setup panel from interface, containing customization controls for scoring gradient and tactic row color."},
{"name": "toggle_hide_disabled", "enabled": true, "description": "Disable to the remove the hide disabled techniques button from the interface."},
{"name": "toggle_view_mode", "enabled": true, "description": "Disable to the remove the toggle view mode button from interface."},
{"name": "legend", "enabled": true, "description": "Disable to the remove the legend panel from the interface."}
]},
{"name": "technique_controls", "enabled": true, "description": "Disable to to disable all subfeatures", "subfeatures": [
{"name": "disable_techniques", "enabled": true, "description": "Disable to the remove the ability to disable techniques."},
{"name": "manual_color", "enabled": true, "description": "Disable to the remove the ability to assign manual colors to techniques."},
{"name": "scoring", "enabled": true, "description": "Disable to the remove the ability to score techniques."},
{"name": "comments", "enabled": true, "description": "Disable to the remove the ability to add comments to techniques."},
{"name": "clear_annotations", "enabled": true, "description": "Disable to remove the button to clear all annotations on the selected techniques."}
]}
]
}

49
salt/playbook/init.sls Normal file
View File

@@ -0,0 +1,49 @@
navigatordefaultlayer:
file.manage:
- name: /opt/so/conf/playbook/nav_layer_playbook.json
- source: salt://playbook/files/nav_layer_playbook.json
- user: 939
- group: 939
- makedirs: True
- replace: False
- template: jinja
navigatorconfig:
file.manage:
- name: /opt/so/conf/playbook/navigator_config.json
- source: salt://playbook/files/navigator_config.json
- user: 939
- group: 939
- makedirs: True
- template: jinja
so-playbookimage:
cmd.run:
- name: docker pull --disable-content-trust=false soshybridhunter/so-playbook:HH1.1.1
so-playbook:
docker_container.running:
- require:
- so-playbookimage
- image: soshybridhunter/so-playbook:HH1.1.1
- hostname: playbook
- name: so-playbook
- port_bindings:
- 0.0.0.0:3200:3000
so-navigatorimage:
cmd.run:
- name: docker pull --disable-content-trust=false soshybridhunter/so-navigator:HH1.1.1
so-navigator:
docker_container.running:
- require:
- so-navigatorimage
- image: soshybridhunter/so-navigator:HH1.1.1
- hostname: navigator
- name: so-navigator
- binds:
- /opt/so/conf/playbook/navigator_config.json:/nav-app/src/assets/config.json:ro
- /opt/so/conf/playbook/nav_layer_playbook.json:/nav-app/src/assets/playbook.json:ro
- port_bindings:
- 0.0.0.0:4200:4200