Remove exclusions and repos

salt/strelka/defaults.yaml

@@ -733,28 +733,6 @@ strelka:
     enabled: False
   rules:
     enabled: True
-    repos:
-      - https://github.com/Security-Onion-Solutions/securityonion-yara.git
-    excluded:
-      - apt_flame2_orchestrator.yar
-      - apt_tetris.yar
-      - gen_susp_js_obfuscatorio.yar
-      - gen_webshells.yar
-      - generic_anomalies.yar
-      - general_cloaking.yar
-      - thor_inverse_matches.yar
-      - yara_mixed_ext_vars.yar
-      - apt_apt27_hyperbro.yar
-      - apt_turla_gazer.yar
-      - gen_google_anomaly.yar
-      - gen_icon_anomalies.yar
-      - gen_nvidia_leaked_cert.yar
-      - gen_sign_anomalies.yar
-      - gen_susp_xor.yar
-      - gen_webshells_ext_vars.yar
-      - configured_vulns_ext_vars.yar
-      - expl_outlook_cve_2023_23397.yar
-      - gen_mal_3cx_compromise_mar23.yar
   filecheck:
     historypath: '/nsm/strelka/history/'
     strelkapath: '/nsm/strelka/unprocessed/'

salt/strelka/rules/repos.txt.jinja

@@ -1,2 +0,0 @@
-# DO NOT EDIT THIS FILE! Strelka YARA rule repos are stored here from the strelka:rules:repos pillar section
-{{ STRELKAREPOS | join('\n') }}

salt/strelka/soc_strelka.yaml

@@ -578,18 +578,6 @@ strelka:
       global: False
       helpLink: strelka.html
       advanced: False
-    repos:
-      description: List of repos for so-yara-download to use to download rules.
-      readonly: False
-      global: False
-      helpLink: strelka.html
-      advanced: False
-    excluded:
-      description: List of rules to exclude so-yara-update from download and propagating to backend nodes.
-      readonly: False
-      global: False
-      helpLink: strelka.html
-      advanced: False
   filecheck:
     historypath:
       description: The path for previously scanned files.