From 510226944077b5ac460869d2eced99c0438ba169 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Mon, 12 Feb 2024 16:44:54 -0500 Subject: [PATCH] Update defaults --- salt/idstools/soc_idstools.yaml | 2 +- salt/soc/defaults.yaml | 2 +- salt/soc/soc_soc.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/salt/idstools/soc_idstools.yaml b/salt/idstools/soc_idstools.yaml index 634f68803..7cf11dba4 100644 --- a/salt/idstools/soc_idstools.yaml +++ b/salt/idstools/soc_idstools.yaml @@ -8,7 +8,7 @@ idstools: global: True helpLink: rules.html ruleset: - description: Defines the ruleset you want to run. Options are ETOPEN or ETPRO. + description: Defines the ruleset you want to run. Options are ETOPEN or ETPRO. -- WARNING -- Changing the ruleset will remove all existing Suricata rules of the previous ruleset and their associated overrides.' global: True regex: ETPRO\b|ETOPEN\b helpLink: rules.html diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml index cc6b417e6..fd2eaf8c0 100644 --- a/salt/soc/defaults.yaml +++ b/salt/soc/defaults.yaml @@ -1050,7 +1050,7 @@ soc: - rbac/users_roles strelkaengine: compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py - reposFolder: /nsm/rules/strelka/repos + reposFolder: /nsm/rules/yara/repos rulesRepos: - https://github.com/Security-Onion-Solutions/securityonion-yara yaraRulesFolder: /opt/sensoroni/yara diff --git a/salt/soc/soc_soc.yaml b/salt/soc/soc_soc.yaml index f413b5c73..fe0458820 100644 --- a/salt/soc/soc_soc.yaml +++ b/salt/soc/soc_soc.yaml @@ -72,7 +72,7 @@ soc: modules: elastalertengine: sigmaRulePackages: - description: 'One of the following: core | core+ | core++ | all' + description: 'Defines the Sigma Community Ruleset you want to run: core | core+ | core++ | all. -- WARNING -- Changing the ruleset will remove all existing Sigma rules of the previous ruleset and their associated overrides.' global: True advanced: False elastic: