CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clarify enabled settings

Browse Source
This commit is contained in:
Jason Ertel
2024-09-16 10:41:01 -04:00
parent b4e8dd8a7b
commit 0566f46d5b
5 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml
View File

@@ -1,4 +1,4 @@
elastic_fleet_package_registry:
enabled:
description: Enables or disables the Fleet package registry process. This process must remain enabled for proper HIDS functionality.
description: Enables or disables the Fleet package registry process. This process must remain enabled to allow Elastic Agent packages to be updated.
advanced: True

2
salt/elasticfleet/soc_elasticfleet.yaml
View File

@@ -1,6 +1,6 @@
elasticfleet:
enabled:
description: Enables or disables the Elastic Fleet process. This process is critical for ensuring HIDS events are made available in SOC.
description: Enables or disables the Elastic Fleet process. This process is critical for managing Elastic Agents.
advanced: True
helpLink: elastic-fleet.html
enable_manager_output:

2
salt/idstools/soc_idstools.yaml
View File

@@ -1,6 +1,6 @@
idstools:
enabled:
description: Enables or disables the IDS tools process, which is used by the Detection system.
description: Enables or disables the IDStools process which is used by the Detection system.
config:
oinkcode:
description: Enter your registration code or oinkcode for paid NIDS rulesets.

2
salt/suricata/soc_suricata.yaml
View File

@@ -1,6 +1,6 @@
suricata:
enabled:
description: Enables or disables the Suricata process. This process is used for triggering alerts and optionally for packet meta-data collection and network packet recording.
description: Enables or disables the Suricata process. This process is used for triggering alerts and optionally for protocol metadata collection and full packet capture.
helpLink: suricata.html
thresholding:
sids__yaml:

2
salt/zeek/soc_zeek.yaml
View File

@@ -1,6 +1,6 @@
zeek:
enabled:
description: Controls whether the Zeek (network packet inspection) process runs. Disabling this process could result in missed alerts and other important NIDS-related information. If Suricata was selected as the packet meta-data engine during setup then this will already be disabled.
description: Controls whether the Zeek (network packet inspection) process runs. Disabling this process could result in loss of network protocol metadata. If Suricata was selected as the protocol metadata engine during setup then this will already be disabled.
helpLink: zeek.html
config:
local: