CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-20 16:03:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update defaults

Browse Source
This commit is contained in:
Josh Brower
2024-02-12 16:44:54 -05:00
parent 64f6d0fba9
commit 5102269440
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/idstools/soc_idstools.yaml
View File

@@ -8,7 +8,7 @@ idstools:
global: True
helpLink: rules.html
ruleset:
description: Defines the ruleset you want to run. Options are ETOPEN or ETPRO.
description: Defines the ruleset you want to run. Options are ETOPEN or ETPRO. -- WARNING -- Changing the ruleset will remove all existing Suricata rules of the previous ruleset and their associated overrides.'
global: True
regex: ETPRO\b|ETOPEN\b
helpLink: rules.html

2
salt/soc/defaults.yaml
View File

@@ -1050,7 +1050,7 @@ soc:
- rbac/users_roles
strelkaengine:
compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py
reposFolder: /nsm/rules/strelka/repos
reposFolder: /nsm/rules/yara/repos
rulesRepos:
- https://github.com/Security-Onion-Solutions/securityonion-yara
yaraRulesFolder: /opt/sensoroni/yara

2
salt/soc/soc_soc.yaml
View File

@@ -72,7 +72,7 @@ soc:
modules:
elastalertengine:
sigmaRulePackages:
description: 'One of the following: core | core+ | core++ | all'
description: 'Defines the Sigma Community Ruleset you want to run: core | core+ | core++ | all. -- WARNING -- Changing the ruleset will remove all existing Sigma rules of the previous ruleset and their associated overrides.'
global: True
advanced: False
elastic: