From 8bfbd773671dec71f92132e436eaa16187a6786f Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Wed, 24 Jun 2020 17:18:05 +0000
Subject: [PATCH] Update whiptail for Strelka

---
 setup/so-whiptail | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/setup/so-whiptail b/setup/so-whiptail
index 48e74e9b5..b99f306b0 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -1028,6 +1028,26 @@ whiptail_shard_count() {
 
 }
 
+whiptail_strelka_rules() {
+
+        [ -n "$TESTING" ] && return
+
+        # Ask to inherit from master
+        whiptail --title "Security Onion Setup" --yesno "Do you want to enable the default YARA rules for Strelka?" 8 75
+
+        local exitstatus=$?
+
+        if [ $exitstatus == 0 ]; then
+                export STRELKARULES=1
+        else
+                local exitstatus=$?
+                whiptail_check_exitstatus $exitstatus
+                export STRELKARULES
+
+        fi
+
+}
+
 whiptail_suricata_pins() {
 
 	[ -n "$TESTING" ] && return