CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10287 from Security-Onion-Solutions/fix/strelka_ignore_yara_rules_2.4

Browse Source 
Ignore "expl_outlook_cve_2023_23397.yar" and "gen_mal_3cx_compromise_mar23.yar" since they are causing problems with YARA compilation
This commit is contained in:
weslambert
2023-05-08 11:58:17 -04:00
committed by GitHub
parent 7483dbf442 c7ed29dfa8
commit a1e0041b14
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/strelka/defaults.yaml
View File

@@ -551,6 +551,8 @@ strelka:
- gen_susp_xor.yar - gen_susp_xor.yar
- gen_webshells_ext_vars.yar - gen_webshells_ext_vars.yar
- configured_vulns_ext_vars.yar - configured_vulns_ext_vars.yar
- expl_outlook_cve_2023_23397.yar
- gen_mal_3cx_compromise_mar23.yar
filecheck: filecheck:
historypath: '/nsm/strelka/history/' historypath: '/nsm/strelka/history/'
strelkapath: '/nsm/strelka/unprocessed/' strelkapath: '/nsm/strelka/unprocessed/'