CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8973 from lock-wire/patch-3

Browse Source 
Add Modbus, DNP3, BZAR, and oui-logging
This commit is contained in:
Peter Di Giorgio
2022-10-21 18:06:13 -07:00
committed by GitHub
parent 930620fce6 cd4e0c1f8e
commit 24cf481f4a
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pillar/zeek/init.sls
View File

@@ -48,6 +48,11 @@ zeek:
- securityonion/bpfconf - securityonion/bpfconf
- securityonion/communityid - securityonion/communityid
- securityonion/file-extraction - securityonion/file-extraction
- oui-logging
- bzar
- icsnpp-dnp3
- icsnpp-modbus
-
'@load-sigs': '@load-sigs':
- frameworks/signatures/detect-windows-shells - frameworks/signatures/detect-windows-shells
redef: redef:

6
setup/so-functions
View File

@@ -3013,6 +3013,10 @@ zeek_logs_enabled() {
" - weird"\ " - weird"\
" - mysql"\ " - mysql"\
" - socks"\ " - socks"\
" - x509" >> "$zeeklogs_pillar" " - x509" \
" - dnp3_objects" \
" - modbus_detailed" \
" - modbus_mask_write_single_register" \
" - modbus_read_write_multiple_registers" >> "$zeeklogs_pillar"
fi fi
} }