Change Detections defaults

2025-12-06 17:22:49 +01:00 · 2024-03-19 13:53:37 -04:00
parent 4237210f0b
commit 020eb47026
1 changed files with 6 additions and 3 deletions
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1080,7 +1080,7 @@ soc:
        elastalertengine:
          allowRegex: ''
          autoUpdateEnabled: false
-          communityRulesImportFrequencySeconds: 86400
+          communityRulesImportFrequencySeconds: 180
          denyRegex: ''
          elastAlertRulesFolder: /opt/sensoroni/elastalert
          rulesFingerprintFile: /opt/sensoroni/fingerprints/sigma.fingerprint
@@ -1132,8 +1132,9 @@ soc:
        strelkaengine:
          allowRegex: ''
          autoUpdateEnabled: false
+          communityRulesImportFrequencySeconds: 180
          compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py
-          denyRegex: '.*'
+          denyRegex: ''
          reposFolder: /opt/sensoroni/yara/repos
          rulesRepos:
          - repo: https://github.com/Security-Onion-Solutions/securityonion-yara
@@ -1141,8 +1142,10 @@ soc:
          yaraRulesFolder: /opt/sensoroni/yara/rules
        suricataengine:
          allowRegex: ''
+          autoUpdateEnabled: false
+          communityRulesImportFrequencySeconds: 180
          communityRulesFile: /nsm/rules/suricata/emerging-all.rules
-          denyRegex: '.*'
+          denyRegex: ''
          rulesFingerprintFile: /opt/sensoroni/fingerprints/emerging-all.fingerprint
      client:
        enableReverseLookup: false