Version 1.0.0 (#1)

* initial Release
Signed-off-by: Zachary Christensen <zchristensen@splunk.com>

.github/CODEOWNERS

@@ -1,69 +1,2 @@
-# See https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
-
-/docs/ @ZachChristensen28 @ZachTheSplunker
-
-# This is a comment.
-# Each line is a file pattern followed by one or more owners.
-
-# These owners will be the default owners for everything in
-# the repo. Unless a later match takes precedence,
-# @global-owner1 and @global-owner2 will be requested for
-# review when someone opens a pull request.
-#*       @global-owner1 @global-owner2
-
-# Order is important; the last matching pattern takes the most
-# precedence. When someone opens a pull request that only
-# modifies JS files, only @js-owner and not the global
-# owner(s) will be requested for a review.
-#*.js    @js-owner #This is an inline comment.
-
-# You can also use email addresses if you prefer. They'll be
-# used to look up users just like we do for commit author
-# emails.
-#*.go docs@example.com
-
-# Teams can be specified as code owners as well. Teams should
-# be identified in the format @org/team-name. Teams must have
-# explicit write access to the repository. In this example,
-# the octocats team in the octo-org organization owns all .txt files.
-#*.txt @octo-org/octocats
-
-# In this example, @doctocat owns any files in the build/logs
-# directory at the root of the repository and any of its
-# subdirectories.
-#/build/logs/ @doctocat
-
-# The `docs/*` pattern will match files like
-# `docs/getting-started.md` but not further nested files like
-# `docs/build-app/troubleshooting.md`.
-#docs/*  docs@example.com
-
-# In this example, @octocat owns any file in an apps directory
-# anywhere in your repository.
-#apps/ @octocat
-
-# In this example, @doctocat owns any file in the `/docs`
-# directory in the root of your repository and any of its
-# subdirectories.
-#/docs/ @doctocat
-
-# In this example, any change inside the `/scripts` directory
-# will require approval from @doctocat or @octocat.
-#/scripts/ @doctocat @octocat
-
-# In this example, @octocat owns any file in a `/logs` directory such as
-# `/build/logs`, `/scripts/logs`, and `/deeply/nested/logs`. Any changes
-# in a `/logs` directory will require approval from @octocat.
-#**/logs @octocat
-
-# In this example, @octocat owns any file in the `/apps`
-# directory in the root of your repository except for the `/apps/github`
-# subdirectory, as its owners are left empty.
-#/apps/ @octocat
-#/apps/github
-
-# In this example, @octocat owns any file in the `/apps`
-# directory in the root of your repository except for the `/apps/github`
-# subdirectory, as this subdirectory has its own owner @doctocat
-#/apps/ @octocat
-#/apps/github @doctocat
+*      @ZachChristensen28 @ZachTheSplunker
+/src/  @noodletoad

.github/ISSUE_TEMPLATE/01-bug-report.yml

@@ -20,33 +20,33 @@ body:
       label: Related links
       description: >-
         Please list all links to the sections of
-        [the documentation](#TODO) that
+        [the documentation](https://cs-intel.rba.community/) that
         are relevant to the bug in order to show that you have consulted and
         thoroughly read it. Additionally, list links to possibly related open
-        and closed [issues](#TODO).
+        and closed [issues](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/issues).
       value: |-
-        - [Example Issue](#TODO)
+        - [Example Issue](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/issues)
         -
     validations:
       required: true
 
   - type: input
     id: sa-version
     attributes:
-      label: #TODO Version
+      label: SA-CrowdstrikeIntelIndicators Version
       description: >-
-        Which version of this add-on (#TODO) are you using?
+        Which version of this add-on (SA-CrowdstrikeIntelIndicators) are you using?
       placeholder: |-
         1.0.0
 
   - type: input
     id: ta-version
     attributes:
-      label: #TODO Add-on Version
+      label: CrowdStrike Intel Indicator TA Version
       description: >-
-        Which version of the [#TODO](#TODO) are you using?
+        Which version of the [CrowdStrike Intel Indicator TA](https://splunkbase.splunk.com/app/5083) are you using?
       placeholder: |-
-        1.3.2
+        3.1.2
     validations:
       required: true
 

.github/ISSUE_TEMPLATE/02-docs-issue.yml

@@ -8,7 +8,7 @@ body:
     attributes:
       label: Description
       description: >-
-        Please describe the issue found in the [documentation](#TODO) or an improvement that can be made.
+        Please describe the issue found in the [documentation](https://cs-intel.rba.community/) or an improvement that can be made.
     validations:
       required: true
 
@@ -17,7 +17,7 @@ body:
     attributes:
       label: Related links
       description: >-
-        Please list all links to the sections of [our documentation](#TODO) that are impacted by the issue you described above.
+        Please list all links to the sections of [our documentation](https://cs-intel.rba.community/) that are impacted by the issue you described above.
     validations:
       required: true
 

.github/ISSUE_TEMPLATE/03-feature-request.yml

@@ -19,8 +19,8 @@ body:
     attributes:
       label: Related links
       description: >-
-        (optional) Please list all links to open and closed [issues](#TODO) or to [documentation sections](#TODO)
+        (optional) Please list all links to open and closed [issues](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/issues) or to [documentation sections](https://cs-intel.rba.community/)
         that are relevant to your idea.
       value: |-
-        - [Feature Request](#TODO)
+        - [Feature Request](https://cs-intel.rba.community/)
         -

LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [#TODO name of copyright owner]
+   Copyright 2023 Dennis Morton
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

README.md

@@ -1,41 +1,39 @@
-<picture>
-  <source media="(prefers-color-scheme: dark)" srcset="docs/static/sa-#TODO-hero.webp">
-  <source media="(prefers-color-scheme: light)" srcset="docs/static/sa-#TODO-hero.webp">
-  <img alt="SA-#TODO" src="docs/static/sa-#TODO-hero.webp">
-</picture>
-
-![GitHub](https://img.shields.io/github/license/rba-community/SA-#TODO)
-[![Docs](https://github.com/rba-community/SA-#TODO/actions/workflows/docs.yml/badge.svg)](https://splunk-#TODO.ztsplunker.com/)
-![Appinspect](https://github.com/rba-community/SA-#TODO/actions/workflows/appinspect.yml/badge.svg)
-![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/rba-community/SA-#TODO)
-[![Splunkbase App](https://img.shields.io/badge/Splunkbase-SA--#TODO-blue)](https://splunkbase.splunk.com/app/#TODO)
+# SA-CrowdstrikeIntelIndicators for Enterprise Security
+
+![GitHub](https://img.shields.io/github/license/rba-community/SA-CrowdstrikeIntelIndicators)
+[![Docs](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/actions/workflows/docs.yml/badge.svg)](https://cs-intel.rba.community/)
+![Appinspect](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/actions/workflows/appinspect.yml/badge.svg)
+![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/rba-community/SA-CrowdstrikeIntelIndicators)
+[![Splunkbase App](https://img.shields.io/badge/Splunkbase-SA--CrowdstrikeIntelIndicators-blue)](https://splunkbase.splunk.com/app/#TODO)
 [![Splunk ES Compatibility](https://img.shields.io/badge/Splunk%20ES%20Compatibility-7.x%20|%206.x-success)](https://splunkbase.splunk.com/app/263)
-[![#TODO TA Compatibility](https://img.shields.io/badge/#TODO%20TA%20Compatibility->=1.3.2-success)](https://splunkbase.splunk.com/app/#TODO)
+[![CrowdStrike Intel Indicator TA Compatibility](https://img.shields.io/badge/CrowdStrike%20Indicator%20TA%20Compatibility->=3.1.2-success)](https://splunkbase.splunk.com/app/5083)
 ![Splunk Cloud Compatibility](https://img.shields.io/badge/Splunk%20Cloud%20Ready-Victoria%20|%20Classic-informational?logo=splunk)
+[![Author LinkedIn](https://img.shields.io/badge/Author-Dennis%20Morton-blue?logo=linkedin)](https://www.linkedin.com/in/dennis-morton-627632/)
 
-This supporting add-on comes with prebuilt content for #TODO InsightVM data to be easily used with Splunk Enterprise Security's Asset database.
+This supporting add-on Adds CrowdStrike's intelligence indicators to Splunk Enterprise Security's threat framework.
 
 > ** This supporting add-on is only intended to work with Splunk Enterprise Security deployments **
 
 ## Documentation
 
-Full documentation can be found at [https://splunk-#TODO.ztsplunker.com](https://splunk-#TODO.ztsplunker.com).
+Full documentation can be found at [https://cs-intel.rba.community](https://cs-intel.rba.community).
 
 ## Disclaimer
 
-> *This Splunk Supporting Add-on is __not__ affiliated with [__#TODO__<small>:icon-link-external:</small>][#TODO]{ target="blank" } and is not sponsored or sanctioned by the #TODO team. Please visit [#TODO<small>:icon-link-external:</small>][#TODO]{ target="blank" } for more information about #TODO.*
+> *This Splunk Supporting Add-on is __not__ affiliated with [__CrowdStrike, Inc.__][cs] and is not sponsored or sanctioned by the CrowdStrike team. Please visit [https://www.crowdstrike.com/][cs] for more information about CrowdStrike.*
 
 ## About
 
 Info | Description
 ------|----------
-SA-#TODO | 1.0.1 - [Splunkbase](https://splunkbase.splunk.com/app/#TODO) \| [GitHub](https://github.com/rba-community/SA-#TODO/releases)
+SA-CrowdstrikeIntelIndicators | 1.0.0 - [Splunkbase](https://splunkbase.splunk.com/app/#TODO) \| [GitHub](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/releases)
 Splunk Enterprise Security Version (Required) | [7.x \| 6.x](https://splunkbase.splunk.com/app/263)
-#TODO InsightVM Technology Add-On (Required) | [>=1.3.2](https://splunkbase.splunk.com/app/#TODO)
+CrowdStrike Intel Indicators TA (Required) | [>=3.1.2](https://splunkbase.splunk.com/app/5083)
 Add-on has a web UI | No, this add-on does not contain views.
+Author | [Dennis Morton](https://www.linkedin.com/in/dennis-morton-627632/)
 
 ## Issues or Feature Requests
 
-Please open an issue or feature request on [Github](https://github.com/rba-community/SA-#TODO/issues).
+Please open an issue or feature request on [Github](https://github.com/rba-community/SA-CrowdstrikeIntelIndicators/issues).
 
-[#TODO]: https://www.#TODO.com/
+[cs]: https://www.crowdstrike.com/