Mirrors/marcredhat-siem-toolkit-patched
1
0
Fork 0
mirror of https://github.com/marcredhat/SIEM-toolkit-patched synced 2026-06-09 04:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit: SIEM Toolkit for SentinelOne

Browse Source 
Dockerized SecOps toolkit with:
- Coverage Map: STAR rule vs SDL parser field coverage analysis
- Ingest Dashboard: PowerQuery-powered event volume and source breakdown
- Onboarding Assistant: AI-guided log source onboarding with Claude
- Parser management via SDL MCP integration

Stack: FastAPI + PostgreSQL backend, nginx-served HTML frontend, Docker Compose.
PowerQuery runs via Scalyr XDR API (SDL_XDR_URL + SDL_LOG_READ_KEY).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Mick
2026-05-19 11:39:26 -04:00
commit c182d837ee
42 changed files with 2273 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/src/components/QueryProvider.tsx
+9
View File
@@ -0,0 +1,9 @@
'use client'
import { QueryClient, QueryClientProvider } from '@tanstack/react-query'
import { useState } from 'react'
export default function QueryProvider({ children }: { children: React.ReactNode }) {
const [client] = useState(() => new QueryClient({ defaultOptions: { queries: { retry: 1 } } }))
return <QueryClientProvider client={client}>{children}</QueryClientProvider>
}
frontend/src/components/Sidebar.tsx
+45
View File
@@ -0,0 +1,45 @@
'use client'
import Link from 'next/link'
import { usePathname } from 'next/navigation'
import { Shield, BarChart2, Zap, Home } from 'lucide-react'
import clsx from 'clsx'
const NAV = [
{ href: '/', label: 'Overview', icon: Home },
{ href: '/coverage', label: 'Parser Coverage', icon: Shield },
{ href: '/ingest', label: 'Ingest Dashboard', icon: BarChart2 },
{ href: '/onboarding', label: 'Onboarding', icon: Zap },
]
export default function Sidebar() {
const path = usePathname()
return (
<aside className="w-56 shrink-0 bg-gray-900 border-r border-gray-800 flex flex-col">
<div className="p-4 border-b border-gray-800">
<div className="flex items-center gap-2">
<div className="w-6 h-6 rounded bg-purple-600 flex items-center justify-center text-xs font-bold">S1</div>
<span className="font-semibold text-sm text-white">SIEM Toolkit</span>
</div>
<p className="text-xs text-gray-500 mt-1">demo.sentinelone.net</p>
</div>
<nav className="flex-1 p-3 space-y-1">
{NAV.map(({ href, label, icon: Icon }) => (
<Link
key={href}
href={href}
className={clsx(
'flex items-center gap-3 px-3 py-2 rounded-lg text-sm transition-colors',
path === href
? 'bg-purple-700 text-white'
: 'text-gray-400 hover:bg-gray-800 hover:text-gray-100'
)}
>
<Icon size={15} />
{label}
</Link>
))}
</nav>
</aside>
)
}