From 5678e66b399c86af9b126492ead664bcf611ff73 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Fri, 26 Feb 2021 08:33:24 -0500
Subject: [PATCH] Fix so-playbook-sigma-refresh

---
 salt/common/tools/sbin/so-playbook-sigma-refresh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/salt/common/tools/sbin/so-playbook-sigma-refresh b/salt/common/tools/sbin/so-playbook-sigma-refresh
index 10697bc2f..7445786f9 100644
--- a/salt/common/tools/sbin/so-playbook-sigma-refresh
+++ b/salt/common/tools/sbin/so-playbook-sigma-refresh
@@ -17,4 +17,11 @@
 
 . /usr/sbin/so-common
 
-docker exec so-soctopus python3 playbook_play-update.py
\ No newline at end of file
+# Regenerate ElastAlert & update Plays
+docker exec so-soctopus python3 playbook_play-update.py
+
+# Delete current Elastalert Rules
+rm /opt/so/rules/elastalert/playbook/*.yaml
+
+# Regenerate Elastalert Rules
+so-playbook-sync
\ No newline at end of file