mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Merge pull request #1273 from Security-Onion-Solutions/fix/zeek_syslog_default
Fix/zeek syslog default
This commit is contained in:
weslambert
GitHub
@@ -1980,6 +1980,47 @@ zeek_logs_enabled() {
|
||||
for BLOG in "${BLOGS[@]}"; do
|
||||
echo " - $BLOG" | tr -d '"' >> "$zeeklogs_pillar"
|
||||
done
|
||||
elif [ "$install_type" == "EVAL" ]; then
|
||||
printf '%s\n'\
|
||||
" - conn"\
|
||||
" - dce_rpc"\
|
||||
" - dhcp"\
|
||||
" - dhcpv6"\
|
||||
" - dnp3"\
|
||||
" - dns"\
|
||||
" - dpd"\
|
||||
" - files"\
|
||||
" - ftp"\
|
||||
" - http"\
|
||||
" - intel"\
|
||||
" - irc"\
|
||||
" - kerberos"\
|
||||
" - modbus"\
|
||||
" - mqtt"\
|
||||
" - notice"\
|
||||
" - ntlm"\
|
||||
" - openvpn"\
|
||||
" - pe"\
|
||||
" - radius"\
|
||||
" - rfb"\
|
||||
" - rdp"\
|
||||
" - signatures"\
|
||||
" - sip"\
|
||||
" - smb_files"\
|
||||
" - smb_mapping"\
|
||||
" - smtp"\
|
||||
" - snmp"\
|
||||
" - software"\
|
||||
" - ssh"\
|
||||
" - ssl"\
|
||||
" - syslog"\
|
||||
" - telnet"\
|
||||
" - tunnel"\
|
||||
" - weird"\
|
||||
" - mysql"\
|
||||
" - socks"\
|
||||
" - x509" >> "$zeeklogs_pillar"
|
||||
# Disable syslog log by default
|
||||
else
|
||||
printf '%s\n'\
|
||||
" - conn"\
|
||||
@@ -2013,7 +2054,6 @@ zeek_logs_enabled() {
|
||||
" - software"\
|
||||
" - ssh"\
|
||||
" - ssl"\
|
||||
" - syslog"\
|
||||
" - telnet"\
|
||||
" - tunnel"\
|
||||
" - weird"\
|
||||
|
||||
Reference in New Issue
Block a user