Merge pull request #13 from hilt86/main

tomchop · web-flow · commit f67c6de9211b · 2024-12-21T10:13:21.000+01:00
documents github monitor analytic
diff --git a/content/docs/plugins/_index.md b/content/docs/plugins/_index.md
@@ -0,0 +1,11 @@
+---
+title: "Plugin configuration"
+date: 2024-12-21
+draft: false
+cascade: { type: "docs" }
+weight: 99
+---
+
+Documentation on different plugin's configuration options.
+
+- [Github Monitor](githubmonitor)
diff --git a/content/docs/plugins/github-monitor-example.png b/content/docs/plugins/github-monitor-example.png
diff --git a/content/docs/plugins/githubMonitor.md b/content/docs/plugins/githubMonitor.md
@@ -0,0 +1,33 @@
+---
+title: Github Monitor
+date: 2024-12-17T12:00:00
+draft: false
+weight: 1
+---
+
+1. Create a Github token at https://github.com/settings/tokens
+2. Pop that in `yeti.conf`
+3. Create a an indicator with the following essential details :
+   * query text : (see [query template](#query-template) below)
+   * query type : `github`
+   * diamond model : depends on context
+
+![Example of the Github Monitor settings](github-monitor-example.png)
+
+Here are some gotchas:
+
+* The query type won't show up in the list - you need to type it in
+* The query text isn't really documented outside of the code for this plugin.
+  The example in the code is missing an inverted comma.
+* You need to fill in the diamond model field.
+
+#### Query Template
+
+```json
+[
+    {
+        "type": "code",
+        "query": "CVE-2024-49138 poc"
+    }
+]
+```
