IDSTOOLS Pillar Items

setup/so-functions

@@ -982,7 +982,18 @@ manager_pillar() {
 		"pcap:">> "$pillar_file"\
 		"  sensor_checkin_interval_ms: $SENSOR_CHECKIN_INTERVAL_MS"\
 		""\
+		"idstools:"\
+		"  config:"\
+		"    ruleset: $RULESETUP"\
+		"    oinkcode: $OINKCODE"\
+		"    url:"\
+		"  sids:"\
+		"    enabled:"\
+		"    disabled:"\
+		"    modify:"\
+		""
 		"kratos:" >> "$pillar_file"
+		
 
 	printf '%s\n'\
 		"  kratoskey: $KRATOSKEY"\

setup/so-whiptail

@@ -576,7 +576,7 @@ whiptail_oinkcode() {
 	[ -n "$TESTING" ] && return
 
 	OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \
-	"Enter your oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3)
+	"Enter your ET Pro or oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus
@@ -956,8 +956,7 @@ whiptail_rule_setup() {
 	"Which IDS ruleset would you like to use?\n\nThis manager server is responsible for downloading the IDS ruleset from the Internet.\n\nSensors then pull a copy of this ruleset from the manager server.\n\nIf you select a commercial ruleset, it is your responsibility to purchase enough licenses for all of your sensors in compliance with your vendor's policies." 20 75 4 \
 	"ETOPEN" "Emerging Threats Open" ON \
 	"ETPRO" "Emerging Threats PRO" OFF \
-	"TALOSET" "Snort Subscriber (Talos) and ET NoGPL rulesets" OFF \
-	"TALOS" "Snort Subscriber (Talos) ruleset and set a policy" OFF \
+	"TALOS" "Snort Subscriber ruleset - Experimental" OFF \
 	3>&1 1>&2 2>&3)
 
 	local exitstatus=$?