bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/csconfig/tests/profiles.yaml (about) 1 2 name: enforce_mfa 3 #debug: true 4 filters: 5 - 'Alert.Remediation == true && Alert.GetScenario() == "breakteam/ssh-enforce-mfa" && Alert.GetScope() == "username"' 6 decisions: #remediation vs decision 7 - type: enforce_mfa 8 scope: "username" 9 duration: 1h 10 on_success: continue 11 --- 12 name: default_ip_remediation 13 #debug: true 14 filters: 15 # try types.Ip here :) 16 - Alert.Remediation == true && Alert.GetScope() == "Ip" 17 decisions: 18 - type: ban 19 duration: 1h 20 on_success: break 21 --- 22 #this one won't be reached ^^ 23 name: default_ip_remediation_2 24 #debug: true 25 filters: 26 # try types.Ip here :) 27 - Alert.Remediation == true && Alert.GetScope() == "Ip" 28 decisions: 29 - type: ratatatata 30 duration: 1h 31 on_success: break