Add annotation logic

salt/suricata/soc_suricata.yaml

@@ -44,6 +44,7 @@ suricata:
       set-cpu-affinity:
         description: Bind(yes) or unbind(no) management and worker threads to a core or range of cores.
         regex: ^(yes|no)$
+        regexFailureMessage: You must enter either yes or no.
         helpLink: suricata.html
       cpu-affinity:
         management-cpu-set:
@@ -155,7 +156,7 @@ suricata:
                 helpLink: suricata.html
       pcap-log:
         enabled:
-          description: This value is ignored by SO. pcapengine in globals takes predidence.
+          description: This value is ignored by SO. pcapengine in globals takes precidence.
           readonly: True
           helpLink: suricata.html
           advanced: True
@@ -193,9 +194,13 @@ suricata:
         use-stream-depth: 
           description: Set to "no" to ignore the stream depth and capture the entire flow. Set this to "yes" to truncate the flow based on the stream depth. 
           advanced: True
+          regex: ^(yes|no)$
+          regexFailureMessage: You must enter either yes or no.
           helpLink: suricata.html
         conditional: 
           description: Set to "all" to capture PCAP for all flows. Set to "alert" to capture PCAP just for alerts or set to "tag" to capture PCAP for just tagged rules.
+          regex: ^(all|alert|tag)$
+          regexFailureMessage: You must enter either all, alert or tag.
           helpLink: suricata.html
         dir:
           description: Parent directory to store PCAP.