From 4d41d3aee1297f80f234eb2e3afa158484d4b1b2 Mon Sep 17 00:00:00 2001 From: weslambert Date: Wed, 15 Sep 2021 10:29:11 -0400 Subject: [PATCH] Ignore these rules by default because they are causing issues with YARA compilation with Strelka --- salt/strelka/defaults.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 salt/strelka/defaults.yaml diff --git a/salt/strelka/defaults.yaml b/salt/strelka/defaults.yaml new file mode 100644 index 000000000..2a3805283 --- /dev/null +++ b/salt/strelka/defaults.yaml @@ -0,0 +1,9 @@ +strelka: + ignore: + - generic_anomalies.yar + - general_cloaking.yar + - thor_inverse_matches.yar + - yara_mixed_ext_vars.yar + - gen_susp_js_obfuscatorio.yar + - apt_flame2_orchestrator.yar + - apt_tetris.yar