CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

adjust suricata defaults

Browse Source
This commit is contained in:
m0duspwnens
2023-05-24 12:22:42 -04:00
parent 8995012c80
commit 67a608ea56
1 changed files with 22 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
salt/suricata/defaults.yaml
View File

@@ -2,28 +2,24 @@ suricata:
enabled: False
config:
threading:
set-cpu-affinity: 'no'
detect-thread-ratio: 1.0
cpu-affinity:
- management-cpu-set:
cpu: []
- receive-cpu-set:
cpu: []
- worker-cpu-set:
cpu: []
mode: exclusive
threads: 1
prio:
default: high
set-cpu-affinity: "no"
cpu-affinity:
- management-cpu-set:
cpu: []
- worker-cpu-set:
cpu: []
mode: exclusive
prio:
default: high
af-packet:
interface: bond0
cluster-id: 59
cluster-type: cluster_flow
defrag: true
use-mmap: true
threads: 1
tpacket-v3: true
ring-size: 5000
interface: bond0
cluster-id: 59
cluster-type: cluster_flow
defrag: "yes"
use-mmap: "yes"
threads: 1
tpacket-v3: "yes"
ring-size: 5000
vars:
address-groups:
HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"
@@ -69,11 +65,6 @@ suricata:
pcap-file: false
community-id: true
community-id-seed: 0
xff:
enabled: "no"
mode: extra-data
deployment: reverse
header: X-Forwarded-For
types:
- alert:
payload: "no"
@@ -87,6 +78,11 @@ suricata:
metadata: true
raw: true
tagged-packets: "no"
xff:
enabled: "no"
mode: extra-data
deployment: reverse
header: X-Forwarded-For
unified2-alert:
enabled: "no"
http-log: