Merge pull request #569 from Security-Onion-Solutions/2.4/dev

2.4.80
Security-Onion-Solutions · Jun 25, 2024 · 70c33fb · 70c33fb
2 parents 09557cf + dae170b
commit 70c33fb
Show file tree

Hide file tree

Showing 51 changed files with 2,441 additions and 586 deletions.
diff --git a/.gitignore b/.gitignore
@@ -5,8 +5,10 @@ sensoroni
 jobs/
 logs/
 nsm/
+coverage/
 .vscode/
 .DS_Store
+node_modules/
 
 # Pytest output
 __pycache__

diff --git a/config/clientparameters.go b/config/clientparameters.go
@@ -16,27 +16,27 @@ const DEFAULT_CHART_LABEL_OTHER_LIMIT = 10
 const DEFAULT_CHART_LABEL_FIELD_SEPARATOR = ", "
 
 type ClientParameters struct {
-	HuntingParams       HuntingParameters   `json:"hunt"`
-	AlertingParams      HuntingParameters   `json:"alerts"`
-	CasesParams         HuntingParameters   `json:"cases"`
-	CaseParams          CaseParameters      `json:"case"`
-	DashboardsParams    HuntingParameters   `json:"dashboards"`
-	JobParams           HuntingParameters   `json:"job"`
-	DetectionsParams    DetectionParameters `json:"detections"`
-	DetectionParams     DetectionParameters `json:"detection"`
-	DocsUrl             string              `json:"docsUrl"`
-	CheatsheetUrl       string              `json:"cheatsheetUrl"`
-	ReleaseNotesUrl     string              `json:"releaseNotesUrl"`
-	GridParams          GridParameters      `json:"grid"`
-	WebSocketTimeoutMs  int                 `json:"webSocketTimeoutMs"`
-	TipTimeoutMs        int                 `json:"tipTimeoutMs"`
-	ApiTimeoutMs        int                 `json:"apiTimeoutMs"`
-	CacheExpirationMs   int                 `json:"cacheExpirationMs"`
-	InactiveTools       []string            `json:"inactiveTools"`
-	Tools               []ClientTool        `json:"tools"`
-	CasesEnabled        bool                `json:"casesEnabled"`
-	EnableReverseLookup bool                `json:"enableReverseLookup"`
-	DetectionsEnabled   bool                `json:"detectionsEnabled"`
+	HuntingParams       HuntingParameters    `json:"hunt"`
+	AlertingParams      HuntingParameters    `json:"alerts"`
+	CasesParams         HuntingParameters    `json:"cases"`
+	CaseParams          CaseParameters       `json:"case"`
+	DashboardsParams    HuntingParameters    `json:"dashboards"`
+	JobParams           HuntingParameters    `json:"job"`
+	DetectionsParams    DetectionsParameters `json:"detections"`
+	DetectionParams     DetectionParameters  `json:"detection"`
+	DocsUrl             string               `json:"docsUrl"`
+	CheatsheetUrl       string               `json:"cheatsheetUrl"`
+	ReleaseNotesUrl     string               `json:"releaseNotesUrl"`
+	GridParams          GridParameters       `json:"grid"`
+	WebSocketTimeoutMs  int                  `json:"webSocketTimeoutMs"`
+	TipTimeoutMs        int                  `json:"tipTimeoutMs"`
+	ApiTimeoutMs        int                  `json:"apiTimeoutMs"`
+	CacheExpirationMs   int                  `json:"cacheExpirationMs"`
+	InactiveTools       []string             `json:"inactiveTools"`
+	Tools               []ClientTool         `json:"tools"`
+	CasesEnabled        bool                 `json:"casesEnabled"`
+	EnableReverseLookup bool                 `json:"enableReverseLookup"`
+	DetectionsEnabled   bool                 `json:"detectionsEnabled"`
 }
 
 func (config *ClientParameters) Verify() error {
@@ -190,15 +190,23 @@ type GridParameters struct {
 	StaleMetricsMs uint64 `json:"staleMetricsMs,omitempty"`
 }
 
-type DetectionParameters struct {
+type DetectionsParameters struct {
 	HuntingParameters
 	Presets              map[string]PresetParameters `json:"presets"`
+}
+
+type DetectionParameters struct {
+	Presets              map[string]PresetParameters `json:"presets"`
 	SeverityTranslations map[string]string           `json:"severityTranslations"`
+	TemplateDetections   map[string]string           `json:"templateDetections"`
 }
 
-func (params *DetectionParameters) Verify() error {
+func (params *DetectionsParameters) Verify() error {
 	err := params.HuntingParameters.Verify()
 
 	return err
+}
 
+func (params *DetectionParameters) Verify() error {
+	return nil
 }
diff --git a/config/clientparameters_test.go b/config/clientparameters_test.go
@@ -91,3 +91,10 @@ func TestVerifyCaseParams(tester *testing.T) {
 	assert.Nil(tester, err)
 	assert.Equal(tester, params.MostRecentlyUsedLimit, 0)
 }
+
+func TestVerifyDetectionsParams(t *testing.T) {
+	params := &DetectionsParameters{}
+	err := params.Verify()
+	assert.Nil(t, err)
+	verifyInitialHuntingParams(t, &params.HuntingParameters)
+}
diff --git a/config/serverconfig.go b/config/serverconfig.go
@@ -37,6 +37,9 @@ type ServerConfig struct {
 	IdleConnectionTimeoutMs int                    `json:"idleConnectionTimeoutMs"`
 	TimezoneScript          string                 `json:"timezoneScript"`
 	MaxUploadSizeBytes      int                    `json:"maxUploadSizeBytes"`
+	Proxy                   string                 `json:"proxy"`
+	AdditionalCA            string                 `json:"additionalCA"`
+	InsecureSkipVerify      bool                   `json:"insecureSkipVerify"`
 	SrvKey                  string                 `json:"srvKey"`
 	SrvKeyBytes             []byte
 	SrvExpSeconds           int `json:"srvExpSeconds"`

diff --git a/go.mod b/go.mod
@@ -11,31 +11,32 @@ require (
 	github.com/gorilla/websocket v1.5.1
 	github.com/influxdata/influxdb-client-go/v2 v2.13.0
 	github.com/kennygrant/sanitize v1.2.4
-	github.com/stretchr/testify v1.8.4
+	github.com/stretchr/testify v1.9.0
 	github.com/tidwall/gjson v1.17.0
-	golang.org/x/crypto v0.21.0
-	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/crypto v0.23.0
+	golang.org/x/net v0.25.0 // indirect
+	golang.org/x/sys v0.20.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
-	github.com/go-git/go-git/v5 v5.11.0
+	github.com/go-git/go-git/v5 v5.12.0
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/pierrec/lz4/v4 v4.1.21
 	github.com/pkg/errors v0.9.1
 	github.com/samber/lo v1.39.0
 	github.com/tj/assert v0.0.3
 	go.uber.org/mock v0.3.0
+	golang.org/x/mod v0.17.0
 )
 
 require (
 	dario.cat/mergo v1.0.0 // indirect
-	github.com/Microsoft/go-winio v0.6.1 // indirect
-	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ProtonMail/go-crypto v1.0.0 // indirect
 	github.com/apapsch/go-jsonmerge/v2 v2.0.0 // indirect
-	github.com/cloudflare/circl v1.3.3 // indirect
-	github.com/cyphar/filepath-securejoin v0.2.4 // indirect
+	github.com/cloudflare/circl v1.3.8 // indirect
+	github.com/cyphar/filepath-securejoin v0.2.5 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/elastic/elastic-transport-go/v8 v8.3.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
@@ -49,13 +50,11 @@ require (
 	github.com/oapi-codegen/runtime v1.0.0 // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/sergi/go-diff v1.1.0 // indirect
-	github.com/skeema/knownhosts v1.2.1 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
+	github.com/skeema/knownhosts v1.2.2 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	golang.org/x/exp v0.0.0-20231214170342-aacd6d4b4611 // indirect
-	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/tools v0.16.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 )