diff --git a/setup/so-functions b/setup/so-functions index afb7bd72b..ab01be05a 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1980,6 +1980,47 @@ zeek_logs_enabled() { for BLOG in "${BLOGS[@]}"; do echo " - $BLOG" | tr -d '"' >> "$zeeklogs_pillar" done + elif [ "$install_type" == "EVAL"]; then + printf '%s\n'\ + " - conn"\ + " - dce_rpc"\ + " - dhcp"\ + " - dhcpv6"\ + " - dnp3"\ + " - dns"\ + " - dpd"\ + " - files"\ + " - ftp"\ + " - http"\ + " - intel"\ + " - irc"\ + " - kerberos"\ + " - modbus"\ + " - mqtt"\ + " - notice"\ + " - ntlm"\ + " - openvpn"\ + " - pe"\ + " - radius"\ + " - rfb"\ + " - rdp"\ + " - signatures"\ + " - sip"\ + " - smb_files"\ + " - smb_mapping"\ + " - smtp"\ + " - snmp"\ + " - software"\ + " - ssh"\ + " - ssl"\ + " - syslog"\ + " - telnet"\ + " - tunnel"\ + " - weird"\ + " - mysql"\ + " - socks"\ + " - x509" >> "$zeeklogs_pillar" + # Disable syslog log by default else printf '%s\n'\ " - conn"\ @@ -2013,7 +2054,6 @@ zeek_logs_enabled() { " - software"\ " - ssh"\ " - ssl"\ - " - syslog"\ " - telnet"\ " - tunnel"\ " - weird"\