Update defaults

salt/idstools/soc_idstools.yaml

@@ -8,7 +8,7 @@ idstools:
       global: True
       helpLink: rules.html
     ruleset:
-      description: Defines the ruleset you want to run. Options are ETOPEN or ETPRO.
+      description: Defines the ruleset you want to run. Options are ETOPEN or ETPRO.  -- WARNING -- Changing the ruleset will remove all existing Suricata rules of the previous ruleset and their associated overrides.'
       global: True
       regex:  ETPRO\b|ETOPEN\b
       helpLink: rules.html

salt/soc/defaults.yaml

@@ -1050,7 +1050,7 @@ soc:
             - rbac/users_roles
         strelkaengine:
           compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py
-          reposFolder: /nsm/rules/strelka/repos
+          reposFolder: /nsm/rules/yara/repos
           rulesRepos:
           - https://github.com/Security-Onion-Solutions/securityonion-yara
           yaraRulesFolder: /opt/sensoroni/yara

salt/soc/soc_soc.yaml

@@ -72,7 +72,7 @@ soc:
       modules:
         elastalertengine:
           sigmaRulePackages:
-            description: 'One of the following: core | core+ | core++ | all'
+            description: 'Defines the Sigma Community Ruleset you want to run: core | core+ | core++ | all.  -- WARNING -- Changing the ruleset will remove all existing Sigma rules of the previous ruleset and their associated overrides.'
             global: True
             advanced: False
         elastic: