Merge pull request #12611 from Security-Onion-Solutions/2.4/enable-detections

Change Detections defaults

salt/soc/defaults.yaml

@@ -1079,7 +1079,7 @@ soc:
           hostUrl:
         elastalertengine:
           allowRegex: ''
-          autoUpdateEnabled: false
+          autoUpdateEnabled: true
           communityRulesImportFrequencySeconds: 86400
           denyRegex: ''
           elastAlertRulesFolder: /opt/sensoroni/elastalert
@@ -1131,9 +1131,10 @@ soc:
             - rbac/users_roles
         strelkaengine:
           allowRegex: ''
-          autoUpdateEnabled: false
+          autoUpdateEnabled: true
+          communityRulesImportFrequencySeconds: 86400
           compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py
-          denyRegex: '.*'
+          denyRegex: ''
           reposFolder: /opt/sensoroni/yara/repos
           rulesRepos:
           - repo: https://github.com/Security-Onion-Solutions/securityonion-yara
@@ -1141,8 +1142,10 @@ soc:
           yaraRulesFolder: /opt/sensoroni/yara/rules
         suricataengine:
           allowRegex: ''
+          autoUpdateEnabled: true
+          communityRulesImportFrequencySeconds: 86400
           communityRulesFile: /nsm/rules/suricata/emerging-all.rules
-          denyRegex: '.*'
+          denyRegex: ''
           rulesFingerprintFile: /opt/sensoroni/fingerprints/emerging-all.fingerprint
       client:
         enableReverseLookup: false