added EDR allowlist dashboard example

Signed-off-by: Zachary Christensen <zchristensen@splunk.com>
splunk · Sep 24, 2024 · a35b38e · a35b38e
1 parent 7c8d0a3
commit a35b38e
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 0 deletions.
diff --git a/docs/assets/edr_allowlist_dashboard.png b/docs/assets/edr_allowlist_dashboard.png
diff --git a/docs/dashboards/edr_allowlist_dashboard.md b/docs/dashboards/edr_allowlist_dashboard.md
@@ -0,0 +1,7 @@
+# EDR Allowlist
+
+A simple add-to-allowlist dashboard.
+
+[View on GitHub :simple-github:](https://github.com/splunk/rba/blob/main/dashboards/edr_allowlist_dashboard.xml){ .md-button .md-button--primary target="_blank" }
+
+![Attack Matrix Risk](../assets/edr_allowlist_dashboard.png)
diff --git a/docs/dashboards/index.md b/docs/dashboards/index.md
@@ -12,6 +12,12 @@ Portrays risk in your environment through the lense of RBA and the MTRE ATT&CK f
 
 Helpful for tuning new detections.
 
+## [EDR Allowlist](./edr_allowlist_dashboard.md)
+
+<small>:simple-github: [edr_allowlist_dashboard.xml](https://github.com/splunk/rba/blob/main/dashboards/edr_allowlist_dashboard.xml){ target="_blank" }</small>
+
+A simple add-to-allowlist dashboard.
+
 ## [RBA Data Source Review](./rba_data_source_overview.md)
 
 <small>:simple-github: [rba_data_source_overview.xml](https://github.com/splunk/rba/blob/main/dashboards/rba_data_source_overview.xml){ target="_blank" }</small>

diff --git a/mkdocs.yml b/mkdocs.yml
@@ -126,6 +126,7 @@ nav:
       - dashboards/index.md
       - ATT&CK Matrix Risk: dashboards/attack_matrix_risk.md
       - Attribution Analytics: dashboards/audit_attribution_analytics.md
+      - EDR Allowlist: dashboards/edr_allowlist_dashboard.md
       - RBA Data Source Review: dashboards/rba_data_source_overview.md
       - Risk Attributions: dashboards/risk_attributions.md
       - Risk Investigation: dashboards/risk_investigation.md