From 49a60bac765c3743399a000fbc786ea565326504 Mon Sep 17 00:00:00 2001
From: bryant-treacle <treacle.bryant@gmail.com>
Date: Wed, 26 Apr 2023 08:49:04 -0400
Subject: [PATCH] Update soc_idstools.yaml

---
 salt/idstools/soc_idstools.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/salt/idstools/soc_idstools.yaml b/salt/idstools/soc_idstools.yaml
index bda436928..a7ccac207 100644
--- a/salt/idstools/soc_idstools.yaml
+++ b/salt/idstools/soc_idstools.yaml
@@ -7,6 +7,7 @@ idstools:
     ruleset:
       description: Define the ruleset you want to run. Options are ETOPEN or ETPRO.
       global: True
+      regex: ET[PO][RP][OE]
       helpLink: rules.html
     urls:
       description: This is a list of additional rule download locations.
@@ -16,14 +17,20 @@ idstools:
     disabled:
       description: List of SIDS that you want to disable.
       global: True
+      multiline: True
+      forcedType: "[]string"
       helpLink: managing-alerts.html
     enabled:
       description: List of SIDS that are disabled by the rule source that you want to enable.
       global: True
+      multiline: True
+      forcedType: "[]string"
       helpLink: managing-alerts.html
     modify:
       description: List of SIDS that you want to modify.
       global: True
+      multiline: True
+      forcedType: "[]string"
       helpLink: managing-alerts.html
   rules:
     local__rules: