mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-06-14 14:18:40 +02:00
Mike Reeves
625bfb3ba7
The so-soc Dockerfile base image moved to python:3.14.3-slim but analyzer source-packages still contained cp313 wheels for pyyaml and charset_normalizer, causing pip install failures at container startup. Replace all cp313 wheels with cp314 builds (pyyaml 6.0.3, charset_normalizer 3.4.6) across all 14 analyzers and update the CI python-test workflow to match.
Localfile
Description
Utilize a local CSV file (or multiple) for associating a value to contextual data.
Configuration Requirements
file_path - Path(s) used for CSV files containing associative data. CSV files can be dropped in the analyzer directory, with file_path specified like mycsv.csv.
- The value in the first column is used for matching
- Header information should be supplied, as it is used for dynamically creating result sets
- Matches will be aggregated from the provided CSV files
The content of the CSV file(s) should be similar to the following:
Ex.
MatchValue,MatchDescription,MatchReference
abcd1234,ThisIsADescription,https://siteabouthings.abc
The file_path value(s) should be set in the sensoroni pillar, like so:
sensoroni:
analyzers:
localfile:
file_path:
- $file_path1
- $file_path2