CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Feature - auto-enabled Sigma rules

Browse Source
This commit is contained in:
DefensiveDepth
2024-04-03 08:21:50 -04:00
parent 7f488422b0
commit a8f25150f6
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/soc/defaults.yaml
View File

@@ -1216,6 +1216,10 @@ soc:
elastalertengine: elastalertengine:
allowRegex: '' allowRegex: ''
autoUpdateEnabled: true autoUpdateEnabled: true
autoEnabledSigmaRules:
- core+critical
- securityonion-resources+critical
- securityonion-resources+high
communityRulesImportFrequencySeconds: 86400 communityRulesImportFrequencySeconds: 86400
denyRegex: '' denyRegex: ''
elastAlertRulesFolder: /opt/sensoroni/elastalert elastAlertRulesFolder: /opt/sensoroni/elastalert