From 4a60310dc8a4a0b7c7060bcf0236662aa65f6f2e Mon Sep 17 00:00:00 2001
From: Peter Di Giorgio <16980376+lock-wire@users.noreply.github.com>
Date: Fri, 21 Oct 2022 14:04:40 -0700
Subject: [PATCH] Add Modbus, DNP3, BZAR, and oui-logging

This is an initial proof of concept.  Need to migrate these entries behind a flag.
---
 pillar/zeek/init.sls | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pillar/zeek/init.sls b/pillar/zeek/init.sls
index 5eeb273b9..76638522b 100644
--- a/pillar/zeek/init.sls
+++ b/pillar/zeek/init.sls
@@ -48,6 +48,11 @@ zeek:
       - securityonion/bpfconf
       - securityonion/communityid
       - securityonion/file-extraction
+      - oui-logging
+      - bzar
+      - icsnpp-dnp3
+      - icsnpp-modbus
+      - 
     '@load-sigs':
       - frameworks/signatures/detect-windows-shells
     redef: