CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add test

Browse Source
This commit is contained in:
DefensiveDepth
2024-04-16 12:22:53 -04:00
parent f5e42e73af
commit dbfb178556
2 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/soc/defaults.yaml
View File

@@ -1310,6 +1310,8 @@ soc:
- rbac/users_roles - rbac/users_roles
strelkaengine: strelkaengine:
allowRegex: '' allowRegex: ''
autoEnabledYaraRules:
- securityonion-yara
autoUpdateEnabled: true autoUpdateEnabled: true
communityRulesImportFrequencySeconds: 28800 communityRulesImportFrequencySeconds: 28800
compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py

5
salt/soc/soc_soc.yaml
View File

@@ -186,6 +186,11 @@ soc:
global: True global: True
advanced: True advanced: True
helpLink: yara.html helpLink: yara.html
autoEnabledYaraRules:
description: 'Yara rules to automatically enable on initial import. Format is $Ruleset - for example, for the default shipped ruleset: securityonion-yara'
global: True
advanced: True
helpLink: sigma.html
autoUpdateEnabled: autoUpdateEnabled:
description: 'Set to true to enable automatic Internet-connected updates of the Yara rulesets. If this is an Airgap system, this setting will be overridden and set to false.' description: 'Set to true to enable automatic Internet-connected updates of the Yara rulesets. If this is an Airgap system, this setting will be overridden and set to false.'
global: True global: True