CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 22:17:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Disable by default

Browse Source
This commit is contained in:
defensivedepth
2024-09-24 10:51:52 -04:00
parent 9c7bedb715
commit 5286739414
2 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/elasticfleet/config.sls
+3 -1
View File
@@ -85,7 +85,7 @@ soresourcesrepoclone:
git.latest:
- name: https://github.com/Security-Onion-Solutions/securityonion-resources.git
- target: /nsm/securityonion-resources
- rev: 'dev/defend_filters'
- rev: 'main'
- depth: 1
{% endif %}
@@ -112,6 +112,7 @@ elasticdefendcustom:
- group: 939
- mode: 600
{% if ELASTICFLEETMERGED.config.defend_filters.enable_auto_configuration %}
cronelasticdefendfilters:
cron.present:
- name: python3 /sbin/so-elastic-defend-manage-filters.py -c /opt/so/conf/elasticsearch/curl.config -d /opt/so/conf/elastic-fleet/defend-exclusions/disabled-filters.yaml -i /nsm/securityonion-resources/event_filters/ -i /opt/so/conf/elastic-fleet/defend-exclusions/rulesets/custom-filters/ &>> /opt/so/log/elasticfleet/elastic-defend-manage-filters.log
@@ -122,6 +123,7 @@ cronelasticdefendfilters:
- daymonth: '*'
- month: '*'
- dayweek: '*'
{% endif %}
eaintegrationsdir:
file.directory: