Update files

2025-12-06 09:12:45 +01:00 · 2025-10-07 14:20:25 -04:00
parent 9752d61699
commit c16bf50493
1 changed files with 13 additions and 1 deletions
--- a/salt/zeek/policy/custom/filters/files
+++ b/salt/zeek/policy/custom/filters/files
@@ -1 +1,13 @@
-# Placeholder
+hook Files::log_policy(rec: Files::Info, id: Log::ID, filter: Log::Filter)
+    {
+       # Turn off a specific mimetype
+           if (rec?$mime_type && ( /soap+xml/ | /json/ | /xml/ | /x509/ )in rec$mime_type)
+               break;
+    }
+
+event zeek_init()
+{
+    Log::remove_default_filter(Files::LOG);
+    local filter: Log::Filter = [$name="files-filter"];
+    Log::add_filter(Files::LOG, filter);
+}