From ea89621b0be91232b5c705b5e0198caf357afc52 Mon Sep 17 00:00:00 2001 From: Thomas Chopitea Date: Sat, 21 Dec 2024 09:12:44 +0000 Subject: [PATCH] Minor changes to structure / fix markdown --- .../docs/feeds + analytics/githubMonitor.md | 27 -------------- content/docs/plugins/_index.md | 11 ++++++ .../github-monitor-example.png} | Bin content/docs/plugins/githubMonitor.md | 33 ++++++++++++++++++ 4 files changed, 44 insertions(+), 27 deletions(-) delete mode 100644 content/docs/feeds + analytics/githubMonitor.md create mode 100644 content/docs/plugins/_index.md rename content/docs/{feeds + analytics/Pasted image 20241211114808.png => plugins/github-monitor-example.png} (100%) create mode 100644 content/docs/plugins/githubMonitor.md diff --git a/content/docs/feeds + analytics/githubMonitor.md b/content/docs/feeds + analytics/githubMonitor.md deleted file mode 100644 index b752b30..0000000 --- a/content/docs/feeds + analytics/githubMonitor.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: How to use the Github Monitor Scheduled Analytic -date: 2024-12-17T12:00:00 -draft: false -weight: 1 ---- - -1. Create a Github token at https://github.com/settings/tokens -2. Pop that in `yeti.conf` -3. Create a an indicator with the following essential details : - 1. query text : (see [[#Query Template]] - 2. query type : `github` - 3. diamond model : depends on context - -![[Pasted image 20241211114808.png]] -Here are some gotchas: -- The query type won't show up in the list - you need to type it in -- The query text isn't really documented outside of the code for this plugin. The example in the code is missing an inverted comma. -- You need to fill in the diamond model field. I'm unsure if other fields are required. - -#### Query Template - -```json - [ - {"type": "code", "query": "CVE-2024-49138 poc"} - ] -``` \ No newline at end of file diff --git a/content/docs/plugins/_index.md b/content/docs/plugins/_index.md new file mode 100644 index 0000000..14ae7c9 --- /dev/null +++ b/content/docs/plugins/_index.md @@ -0,0 +1,11 @@ +--- +title: "Plugin configuration" +date: 2024-12-21 +draft: false +cascade: { type: "docs" } +weight: 99 +--- + +Documentation on different plugin's configuration options. + +- [Github Monitor](githubmonitor) diff --git a/content/docs/feeds + analytics/Pasted image 20241211114808.png b/content/docs/plugins/github-monitor-example.png similarity index 100% rename from content/docs/feeds + analytics/Pasted image 20241211114808.png rename to content/docs/plugins/github-monitor-example.png diff --git a/content/docs/plugins/githubMonitor.md b/content/docs/plugins/githubMonitor.md new file mode 100644 index 0000000..dfbe9a6 --- /dev/null +++ b/content/docs/plugins/githubMonitor.md @@ -0,0 +1,33 @@ +--- +title: Github Monitor +date: 2024-12-17T12:00:00 +draft: false +weight: 1 +--- + +1. Create a Github token at https://github.com/settings/tokens +2. Pop that in `yeti.conf` +3. Create a an indicator with the following essential details : + * query text : (see [query template](#query-template) below) + * query type : `github` + * diamond model : depends on context + +![Example of the Github Monitor settings](github-monitor-example.png) + +Here are some gotchas: + +* The query type won't show up in the list - you need to type it in +* The query text isn't really documented outside of the code for this plugin. + The example in the code is missing an inverted comma. +* You need to fill in the diamond model field. + +#### Query Template + +```json +[ + { + "type": "code", + "query": "CVE-2024-49138 poc" + } +] +```