From dc5b438ff547c80c1582913d539b73b3865576da Mon Sep 17 00:00:00 2001 From: jp Date: Mon, 25 Mar 2024 16:24:42 +0100 Subject: [PATCH 1/6] added empty links to docs --- .../en/docs/soarca-extensions/_index.md | 54 +++++++++---------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/docs/content/en/docs/soarca-extensions/_index.md b/docs/content/en/docs/soarca-extensions/_index.md index 59ee0547..95c632e9 100644 --- a/docs/content/en/docs/soarca-extensions/_index.md +++ b/docs/content/en/docs/soarca-extensions/_index.md @@ -1,27 +1,27 @@ ---- -title: Extensions & Capabilities -description: > - Extending SOARCA is done by developing a SOARCA-Fin. -categories: [extensions, architecture, capabilities] -tags: [fin] -weight: 5 -date: 2023-01-05 ---- - - -{{% alert title="Warning" color="warning" %}} -SOARCA V.1.0.X implements currently the following native capalities: **HTTP capability**, **OpenC2 capability**, and **SSH capability**. Other core capabilities are part of our milestones which can be found [here](https://github.com/COSSAS/SOARCA/milestones). -{{% /alert %}} - -SOARCA features a set of [native capabilities](/docs/soarca-extensions/native-capabilities). The HTTP, OpenC2 HTTP, and SSH transport mechanisms are supported by the first release of SOARCA. SOARCA's capabilities can be extended with custom implementations, which is further discussed on this page. - -## Extending the native capabilities - -The native capabilities supported by SOARCA can be extended through a mechanism we named Fins. Your capability can be integrated with SOARCA by implementing the Fin protocol. This protocol regulates communication between SOARCA and the extension capabilities over an MQTT bus. - -MQTT is a lightweight messaging protocol with libraries written in various programming languages. To integrate with SOARCA, you can write your own implementation of the Fin protocol, or use our [python]() or [golang]() libraries for easier integration. - -## Fin protocol - -The underlying protocol for the SOARCA fins can be found [here](/docs/soarca-extensions/fin-protocol). - +--- +title: Extensions & Capabilities +description: > + Extending SOARCA is done by developing a SOARCA-Fin. +categories: [extensions, architecture, capabilities] +tags: [fin] +weight: 5 +date: 2023-01-05 +--- + + +{{% alert title="Warning" color="warning" %}} +SOARCA V.1.0.X implements currently the following native capalities: **HTTP capability**, **OpenC2 capability**, and **SSH capability**. Other core capabilities are part of our milestones which can be found [here](https://github.com/COSSAS/SOARCA/milestones). +{{% /alert %}} + +SOARCA features a set of [native capabilities](/docs/soarca-extensions/native-capabilities). The HTTP, OpenC2 HTTP, and SSH transport mechanisms are supported by the first release of SOARCA. SOARCA's capabilities can be extended with custom implementations, which is further discussed on this page. + +## Extending the native capabilities + +The native capabilities supported by SOARCA can be extended through a mechanism we named Fins. Your capability can be integrated with SOARCA by implementing the Fin protocol. This protocol regulates communication between SOARCA and the extension capabilities over an MQTT bus. + +MQTT is a lightweight messaging protocol with libraries written in various programming languages. To integrate with SOARCA, you can write your own implementation of the Fin protocol, or use our [python](https://www.python.org/) or [golang](https://go.dev/) libraries for easier integration. + +## Fin protocol + +The underlying protocol for the SOARCA fins can be found [here](/docs/soarca-extensions/fin-protocol). + From f3b5e9406693b0c80a85c8a68e0f8cbc2f34a90a Mon Sep 17 00:00:00 2001 From: jp Date: Tue, 21 May 2024 10:17:20 +0200 Subject: [PATCH 2/6] updated cacao version 1.1. to 2.0 in api design --- docs/content/en/docs/core-components/api-design.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/content/en/docs/core-components/api-design.md b/docs/content/en/docs/core-components/api-design.md index 8cd659f1..6120c384 100644 --- a/docs/content/en/docs/core-components/api-design.md +++ b/docs/content/en/docs/core-components/api-design.md @@ -69,7 +69,7 @@ When the caller does not have valid authentication 401/unauthorized will be retu @startjson { "type": "playbook", - "spec_version": "1.1", + "spec_version": "cacao-2.0", "id": "playbook--91220064-3c6f-4b58-99e9-196e64f9bde7", "name": "coa flow", "description": "This playbook will trigger a specific coa", @@ -446,7 +446,7 @@ Get all running playbooks { "playbooks": [ {"type": "playbook", - "spec_version": "1.1", + "spec_version": "cacao-2.0", "id": "playbook--91220064-3c6f-4b58-99e9-196e64f9bde7", "name": "SOARCA Main Flow", "description": "This playbook will run for each trigger event in SOARCA", From b727f5c9c7813f1dbb75690f45ce0da2981383eb Mon Sep 17 00:00:00 2001 From: jp Date: Tue, 21 May 2024 10:19:57 +0200 Subject: [PATCH 3/6] only username and password auth for ssh in docs edited --- docs/content/en/docs/core-components/modules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/en/docs/core-components/modules.md b/docs/content/en/docs/core-components/modules.md index 4ef88399..a68755a9 100644 --- a/docs/content/en/docs/core-components/modules.md +++ b/docs/content/en/docs/core-components/modules.md @@ -22,7 +22,7 @@ The capability will be selected based on the agent in the CACAO playbook step. T This capability executes [SSH Commands](https://docs.oasis-open.org/cacao/security-playbooks/v2.0/cs01/security-playbooks-v2.0-cs01.html#_Toc152256500) on the specified targets. -This capability support [User Authentication](https://docs.oasis-open.org/cacao/security-playbooks/v2.0/cs01/security-playbooks-v2.0-cs01.html#_Toc152256508) using the `user-auth` type. Both username/password and username/privatekey authentication are supported. +This capability support [User Authentication](https://docs.oasis-open.org/cacao/security-playbooks/v2.0/cs01/security-playbooks-v2.0-cs01.html#_Toc152256508) using the `user-auth` type. For SSH authentication username/password is authentication supported. #### Success and failure From 6f18436920e5f3a8b2a04ff9f741ada46bc59a2f Mon Sep 17 00:00:00 2001 From: jp Date: Tue, 21 May 2024 10:24:17 +0200 Subject: [PATCH 4/6] updated env options in getting started to latest version --- docs/content/en/docs/getting-started/_index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/content/en/docs/getting-started/_index.md b/docs/content/en/docs/getting-started/_index.md index 86a4c81d..0629e48b 100644 --- a/docs/content/en/docs/getting-started/_index.md +++ b/docs/content/en/docs/getting-started/_index.md @@ -86,13 +86,18 @@ MONGODB_URI: "mongodb://localhost:27017" DATABASE_NAME: "soarca" DB_USERNAME: "root" DB_PASSWORD: "rootpassword" -WORKFLOW_API_LOG_LEVEL: trace +PLAYBOOK_API_LOG_LEVEL: trace DATABASE: "false" +MAX_REPORTERS: "5" LOG_GLOBAL_LEVEL: "info" LOG_MODE: "development" LOG_FILE_PATH: "" LOG_FORMAT: "json" + +ENABLE_FINS: false +MQTT_BROKER: "localhost" +MQTT_PORT: 1883 {{< /tab >}} {{< /tabpane >}} From 66e907485470b250058b98b648b1a43b0cab33fa Mon Sep 17 00:00:00 2001 From: jp Date: Tue, 21 May 2024 10:30:38 +0200 Subject: [PATCH 5/6] updated slack links to most recent --- docs/content/en/docs/contribution-guidelines/_index.md | 4 ++-- .../en/docs/contribution-guidelines/code_of_conduct.md | 2 +- docs/hugo.toml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/content/en/docs/contribution-guidelines/_index.md b/docs/content/en/docs/contribution-guidelines/_index.md index bb955d84..dc24b4d1 100644 --- a/docs/content/en/docs/contribution-guidelines/_index.md +++ b/docs/content/en/docs/contribution-guidelines/_index.md @@ -24,7 +24,7 @@ If there's something you'd like to see in SOARCA (or if you've found something t {{% alert title="Security issues" color="warning" %}} -For security issues, we kindly request that you refrain from reporting them using the issue tracker. Instead, please contact us directly: [slack](https://cossas.slack.com/archives/C06L65375TN) +For security issues, we kindly request that you refrain from reporting them using the issue tracker. Instead, please contact us directly: [slack](https://join.slack.com/t/cossas/shared_invite/zt-2i4zxg0oh-dhhL4zTSX5olysngrPxDkg) {{% /alert %}} @@ -58,7 +58,7 @@ The project has opted to select the [go style guide](https://google.github.io/st Feel free to engage with the community for discussions and assistance via one of the following channels: -- [slack](https://cossas.slack.com/archives/C06L65375TN) +- [slack](https://join.slack.com/t/cossas/shared_invite/zt-2i4zxg0oh-dhhL4zTSX5olysngrPxDkg) - [GitHub discussions](https://github.com/COSSAS/SOARCA/discussions) ## Contributing to these docs diff --git a/docs/content/en/docs/contribution-guidelines/code_of_conduct.md b/docs/content/en/docs/contribution-guidelines/code_of_conduct.md index a396615e..f7ff2330 100644 --- a/docs/content/en/docs/contribution-guidelines/code_of_conduct.md +++ b/docs/content/en/docs/contribution-guidelines/code_of_conduct.md @@ -39,7 +39,7 @@ This Code of Conduct applies both within project spaces and in public spaces whe ## Enforcement -Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at [insert project email]. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team via [Github](https://github.com/COSSAS/SOARCA) or join our [Slack](https://cossas.slack.com/join/shared_invite/zt-2i4zxg0oh-dhhL4zTSX5olysngrPxDkg#/shared-invite/email) channel. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. diff --git a/docs/hugo.toml b/docs/hugo.toml index 6780dc74..6d35963c 100644 --- a/docs/hugo.toml +++ b/docs/hugo.toml @@ -187,7 +187,7 @@ enable = false desc = "Development takes place here!" [[params.links.developer]] name = "Slack" - url = "https://cossas.slack.com/archives/C06L65375TN" + url = "https://join.slack.com/t/cossas/shared_invite/zt-2i4zxg0oh-dhhL4zTSX5olysngrPxDkg" icon = "fab fa-slack" desc = "Chat with other project developers" # [[params.links.developer]] From 80c25c398d512635b704473d7c0b298ee5c891b0 Mon Sep 17 00:00:00 2001 From: jp Date: Tue, 21 May 2024 10:32:31 +0200 Subject: [PATCH 6/6] fix for commit url github --- docs/hugo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/hugo.toml b/docs/hugo.toml index 6d35963c..19c2c074 100644 --- a/docs/hugo.toml +++ b/docs/hugo.toml @@ -111,7 +111,7 @@ version = "0.0" url_latest_version = "https://cossas.github.io/SOARCA/docs/" # Repository configuration (URLs for in-page links to opening issues and suggesting changes) -github_repo = "https://github.com/COSSAS/SOARCA/issues" +github_repo = "https://github.com/COSSAS/SOARCA/" # An optional link to a related project repo. For example, the sibling repository where your product code lives. github_project_repo = "https://github.com/COSSAS/SOARCA/"