Merge pull request #12696 from Security-Onion-Solutions/cogburn/manual-sync

New Settings for Manual Sync in Detections
2025-12-06 09:12:45 +01:00 · 2024-03-29 12:43:08 -06:00
parent cc2164221c e747a4e3fe
commit d9d851040c
1 changed files with 7 additions and 0 deletions
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1993,6 +1993,13 @@ soc:
          mostRecentlyUsedLimit: 5
          safeStringMaxLength: 100
          queryBaseFilter: '_index:"*:so-detection" AND so_kind:detection'
+          presets:
+            manualSync:
+              customEnabled:false
+              labels:
+                - Suricata
+                - Strelka
+                - ElastAlert
          eventFields:
            default:
              - so_detection.title