Merge pull request #612 from Security-Onion-Solutions/cogburn/various…

…-fixes Updated Defaults to match 1st install Config, Tests
Security-Onion-Solutions · Aug 9, 2024 · 281c442 · 281c442
2 parents d65dff6 + 3cc77be
commit 281c442
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 6 deletions.
diff --git a/html/js/routes/detection.js b/html/js/routes/detection.js
@@ -998,7 +998,7 @@ routes.push({ path: '/detection/:id', name: 'detection', component: {
 		extractSuricataSeverity() {
 			const results = this.severityExtract.exec(this.detect.content);
 
-			let sev = (results[1] || '').toLowerCase();
+			let sev = (results && results[1] || '').toLowerCase();
 			if (this.severityTranslations[sev]) {
 				sev = this.severityTranslations[sev]
 			}
@@ -1404,7 +1404,7 @@ routes.push({ path: '/detection/:id', name: 'detection', component: {
 				this.$root.stopLoading();
 			}
 		},
-		async convertDetection(content) {
+		async convertDetection() {
 			this.$root.startLoading();
 			try {
 				const response = await this.$root.papi.post('detection/convert', this.detect);

diff --git a/html/js/routes/detection.test.js b/html/js/routes/detection.test.js
@@ -66,7 +66,7 @@ test('extract strelka', () => {
 
 	comp.detect = {
 		engine: 'strelka',
-		content: 'rule Test {\nmeta:\nreference1="example.com"\nreference2="example_text"\ndate = "2020-01-01";\nauthor = "Bob";\n condition:\n$a\n }',
+		content: 'rule Test {\nmeta:\nreference1="example.com"\nreference2="example_text"\ndate = "2020-01-01";\nauthor = "Bob";\n condition:\n$a\n\n }',
 		title: 'Test',
 		description: 'Example Rule',
 	};
@@ -1213,4 +1213,66 @@ test('showAiSummary', () => {
 
 	comp.detect.aiSummary = '';
 	expect(comp.showAiSummary()).toBe(false);
+});
+
+test('isPresetCustomEnabled', () => {
+	comp.presets = {
+		"language": {
+			"labels": ["suricata", "sigma", "yara"],
+			"customEnabled": false
+		},
+		"license": {
+			"labels": ["None", "Apache-2.0", "AGPL-3.0-only", "BSD-3-Clause", "DRL-1.1", "GPL-2.0-only", "GPL-3.0-only", "MIT"],
+			"customEnabled": true
+		}
+	};
+
+	let customEnabled = comp.isPresetCustomEnabled('language');
+	expect(customEnabled).toBe(false);
+
+	customEnabled = comp.isPresetCustomEnabled('license');
+	expect(customEnabled).toBe(true);
+
+	customEnabled = comp.isPresetCustomEnabled('severity');
+	expect(customEnabled).toBe(false);
+});
+
+test('extractSuricataSeverity', () => {
+	comp.severityTranslations = {
+		major: "high",
+		minor: "low"
+	},
+	comp.presets = {
+		severity: {
+			labels: ["unknown", "informational", "low", "medium", "high", "critical"],
+			customEnabled: false
+		}
+	};
+	comp.detect = {
+		content: 'alert http any any <> any any (sid: 999999; rev: 1; metadata: signature_severity Major;)',
+	};
+
+	let sev = comp.extractSuricataSeverity();
+	expect(sev).toBe('high');
+
+	comp.detect = {
+		content: 'alert http any any <> any any (sid: 999999; rev: 1; metadata: signature_severity Minor;)',
+	};
+	sev = comp.extractSuricataSeverity();
+	expect(sev).toBe('low');
+
+	comp.detect = {
+		content: 'alert http any any <> any any (sid: 999999; rev: 1;)',
+	};
+	sev = comp.extractSuricataSeverity();
+	expect(sev).toBe('unknown');
+});
+
+test('loadHistory', async () => {
+	resetPapi().mockPapi("get", { data: [{}] }, null);
+	comp.$root.populateUserDetails = jest.fn();
+	await comp.loadHistory(true);
+
+	expect(comp.$root.populateUserDetails).toHaveBeenCalledTimes(1);
+	expect(comp.history).toStrictEqual([{overrides: []}]);
 });
diff --git a/server/modules/elastalert/elastalert.go b/server/modules/elastalert/elastalert.go
@@ -63,7 +63,7 @@ const (
 	DEFAULT_INTEGRITY_CHECK_FREQUENCY_SECONDS        = 600
 	DEFAULT_AI_REPO                                  = "https://github.com/Security-Onion-Solutions/securityonion-resources"
 	DEFAULT_AI_REPO_BRANCH                           = "generated-summaries-stable"
-	DEFAULT_AI_REPO_PATH                             = "/opt/sensoroni/repos"
+	DEFAULT_AI_REPO_PATH                             = "/opt/sensoroni/ai_summary_repos"
 	DEFAULT_SHOW_AI_SUMMARIES                        = true
 )
 

diff --git a/server/modules/strelka/strelka.go b/server/modules/strelka/strelka.go
@@ -52,7 +52,7 @@ const (
 	DEFAULT_INTEGRITY_CHECK_FREQUENCY_SECONDS        = 600
 	DEFAULT_AI_REPO                                  = "https://github.com/Security-Onion-Solutions/securityonion-resources"
 	DEFAULT_AI_REPO_BRANCH                           = "generated-summaries-stable"
-	DEFAULT_AI_REPO_PATH                             = "/opt/sensoroni/repos"
+	DEFAULT_AI_REPO_PATH                             = "/opt/sensoroni/ai_summary_repos"
 	DEFAULT_SHOW_AI_SUMMARIES                        = true
 )
 

diff --git a/server/modules/suricata/suricata.go b/server/modules/suricata/suricata.go
@@ -58,7 +58,7 @@ const (
 	DEFAULT_INTEGRITY_CHECK_FREQUENCY_SECONDS     = 600
 	DEFAULT_AI_REPO                               = "https://github.com/Security-Onion-Solutions/securityonion-resources"
 	DEFAULT_AI_REPO_BRANCH                        = "generated-summaries-stable"
-	DEFAULT_AI_REPO_PATH                          = "/opt/sensoroni/repos"
+	DEFAULT_AI_REPO_PATH                          = "/opt/sensoroni/ai_summary_repos"
 	DEFAULT_SHOW_AI_SUMMARIES                     = true
 
 	CUSTOM_RULE_LOC = "/nsm/rules/detect-suricata/custom_temp"