From c7ed29dfa83ce3f9941f1e92e29fcc12618e2882 Mon Sep 17 00:00:00 2001
From: weslambert <wlambertts@gmail.com>
Date: Thu, 4 May 2023 16:16:06 -0400
Subject: [PATCH] Ignore "expl_outlook_cve_2023_23397.yar" and
 "gen_mal_3cx_compromise_mar23.yar" since they are causing problems with YARA
 compilation

---
 salt/strelka/defaults.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/salt/strelka/defaults.yaml b/salt/strelka/defaults.yaml
index bcef0fd9b..8ef162779 100644
--- a/salt/strelka/defaults.yaml
+++ b/salt/strelka/defaults.yaml
@@ -551,6 +551,8 @@ strelka:
       - gen_susp_xor.yar
       - gen_webshells_ext_vars.yar
       - configured_vulns_ext_vars.yar
+      - expl_outlook_cve_2023_23397.yar
+      - gen_mal_3cx_compromise_mar23.yar
   filecheck:
     historypath: '/nsm/strelka/history/'
     strelkapath: '/nsm/strelka/unprocessed/'