CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
be4df48742f5250574d2cc36f6bca95bbd6ff47a
securityonion/salt/sensoroni/files/analyzers/sublime
History
Jason Ertel 5d2bed950e update analyser deps for py 3.13
2025-05-01 11:16:58 -04:00
..
source-packages
update analyser deps for py 3.13
2025-05-01 11:16:58 -04:00
__init__.py
Add Sublime Platform analyzer
2023-12-05 18:31:50 +00:00
README.md
Fix analyzer image links
2023-12-19 18:42:59 +00:00
requirements.txt
Add Sublime Platform analyzer
2023-12-05 18:31:50 +00:00
sublime_test.py
Update live flow option
2023-12-05 19:55:23 +00:00
sublime.json
Change author
2023-12-05 18:36:25 +00:00
sublime.py
Fix indentation for rule_results
2023-12-06 17:37:07 +00:00
sublime.yaml
Update live flow option
2023-12-05 19:55:23 +00:00

README.md

Sublime

Description

Submit a base64-encoded EML file to Sublime Platform for analysis.

Configuration Requirements

In SOC, navigate to Administration, toggle Show all configurable settings, including advanced settings., and navigate to sensoroni -> analyzers -> sublime_platform.

image

The following configuration options are available for:

api_key - API key used for communication with the Sublime Platform API (Required)

base_url - URL used for communication with Sublime Platform. If no value is supplied, the default of https://api.platform.sublimesecurity.com will be used.

The following options relate to Live Flow analysis only:

live_flow - Determines if live flow analysis should be used. Defaults to False.

mailbox_email_address - The mailbox address to use for during live flow analysis. (Required for live flow analysis)

message_source_id - The ID of the message source to use during live flow analysis. (Required for live flow analysis)

Reference in New Issue View Git Blame Copy Permalink