From 51db158b2d63e5f5bcbee82437ed6db3aebfecd7 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 27 Sep 2018 12:35:59 -0400 Subject: [PATCH] Suricata Module - Modify default meta data collection --- salt/suricata/files/suricata.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/salt/suricata/files/suricata.yaml b/salt/suricata/files/suricata.yaml index 244e5f160..4172a034a 100644 --- a/salt/suricata/files/suricata.yaml +++ b/salt/suricata/files/suricata.yaml @@ -54,12 +54,12 @@ vars: ## Step 2: select the rules to enable or disable ## -default-rule-path: /usr/local/etc/suricata/rules +default-rule-path: /etc/suricata/rules rule-files: - all.rules -classification-file: /usr/local/etc/suricata/classification.config -reference-config-file: /usr/local/etc/suricata/reference.config +classification-file: /etc/suricata/classification.config +reference-config-file: /etc/suricata/reference.config # threshold-file: /usr/local/etc/suricata/threshold.config @@ -70,7 +70,7 @@ reference-config-file: /usr/local/etc/suricata/reference.config # The default logging directory. Any log or output file will be # placed here if its not specified with a full path name. This can be # overridden with the -l command line parameter. -default-log-dir: /usr/local/var/log/suricata/ +default-log-dir: /var/log/suricata/ # global stats configuration stats: @@ -123,8 +123,8 @@ outputs: # http-body: yes # enable dumping of http body in Base64 # http-body-printable: yes # enable dumping of http body in printable format metadata: - app-layer: true - flow: true + app-layer: false + flow: false rule: metadata: true raw: true