From 743bbfea35a5cd86b6362aa107dc2bd3542ff28f Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Fri, 5 May 2023 17:09:01 -0400 Subject: [PATCH] add zeek.enabled to zeek annotation file --- salt/zeek/soc_zeek.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/salt/zeek/soc_zeek.yaml b/salt/zeek/soc_zeek.yaml index a3ad624b6..8410d4e75 100644 --- a/salt/zeek/soc_zeek.yaml +++ b/salt/zeek/soc_zeek.yaml @@ -1,4 +1,7 @@ zeek: + enabled: + description: You can enable or disable ZEEK on all sensors or a single sensor. + helpLink: zeek.html logging: enabled: description: This is a list of Zeek logs that will be shipped through the pipeline. If you remove a log from this list, it will still persist on the sensor.