CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update Zeek config

Browse Source
This commit is contained in:
Wes Lambert
2020-01-29 22:09:32 +00:00
parent eba02ef3b4
commit 3277ca185e
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/zeek/files/local.zeek
View File

@@ -102,10 +102,10 @@
# @load policy/protocols/conn/mac-logging
# JA3 - SSL Detection Goodness
@load policy/ja3
@load ja3
# HASSH
@load policy/hassh
@load hassh
# You can load your own intel into:
# /opt/so/saltstack/bro/policy/intel/ on the master

1
salt/zeek/init.sls
View File

@@ -110,6 +110,7 @@ so-zeek:
- /opt/so/conf/zeek/node.cfg:/opt/zeek/etc/node.cfg:ro
- /opt/so/conf/zeek/policy/securityonion:/opt/zeek/share/zeek/policy/securityonion:ro
- /opt/so/conf/zeek/policy/custom:/opt/zeek/share/zeek/policy/custom:ro
- /opt/so/conf/zeek/policy/cve-2020-0601:/opt/zeek/share/zeek/policy/cve-2020-0601:ro
- /opt/so/conf/zeek/policy/intel:/opt/zeek/share/zeek/policy/intel:rw
- network_mode: host
- watch: