CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Annotate integrityCheckFrequencySeconds per det engine

Browse Source
This commit is contained in:
Corey Ogburn
2024-05-20 14:35:11 -06:00
parent d7ee89542a
commit 026023fd0a
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/soc/soc_soc.yaml
View File

@@ -113,6 +113,9 @@ soc:
global: True global: True
advanced: True advanced: True
helpLink: sigma.html helpLink: sigma.html
integrityCheckFrequencySeconds:
description: 'How often the ElastAlert integrity checker runs (in seconds). This verifies the integrity of deployed rules.'
global: True
rulesRepos: rulesRepos:
default: &eerulesRepos default: &eerulesRepos
description: "Custom Git repos to pull Sigma rules from. 'license' field is required, 'folder' is optional. 'community' disables some management options for the imported rules - they can't be deleted or edited, just tuned, duplicated and Enabled | Disabled." description: "Custom Git repos to pull Sigma rules from. 'license' field is required, 'folder' is optional. 'community' disables some management options for the imported rules - they can't be deleted or edited, just tuned, duplicated and Enabled | Disabled."
@@ -211,6 +214,9 @@ soc:
global: True global: True
advanced: True advanced: True
helpLink: yara.html helpLink: yara.html
integrityCheckFrequencySeconds:
description: 'How often the Strelka integrity checker runs (in seconds). This verifies the integrity of deployed rules.'
global: True
rulesRepos: rulesRepos:
default: &serulesRepos default: &serulesRepos
description: "Custom Git repos to pull YARA rules from. 'license' field is required, 'folder' is optional. 'community' disables some management options for the imported rules - they can't be deleted or edited, just tuned, duplicated and Enabled | Disabled." description: "Custom Git repos to pull YARA rules from. 'license' field is required, 'folder' is optional. 'community' disables some management options for the imported rules - they can't be deleted or edited, just tuned, duplicated and Enabled | Disabled."
@@ -235,6 +241,9 @@ soc:
global: True global: True
advanced: True advanced: True
helpLink: suricata.html helpLink: suricata.html
integrityCheckFrequencySeconds:
description: 'How often the Suricata integrity checker runs (in seconds). This verifies the integrity of deployed rules.'
global: True
client: client:
enableReverseLookup: enableReverseLookup:
description: Set to true to enable reverse DNS lookups for IP addresses in the SOC UI. description: Set to true to enable reverse DNS lookups for IP addresses in the SOC UI.