Strelkas Rules Update

setup/so-functions

@@ -50,6 +50,14 @@ airgap_rules() {
 	# Copy the rules for suricata if using Airgap
 	mkdir -p /nsm/repo/rules
 	cp -v /root/SecurityOnion/agrules/emerging-all.rules /nsm/repo/rules/
+	
+	# Copy over sigma rules
+	cp -Rv /root/SecurityOnion/agrules/sigma /nsm/repo/rules/
+
+	# Don't leave Strelka out
+	cp -v /root/SecurityOnion/agrules/strelka /nsm/repo/rules/
+
+
 }
 
 analyze_system() {