New Settings for Manual Sync in Detections

2025-12-06 17:22:49 +01:00 · 2024-03-29 12:25:03 -06:00
parent cc2164221c
commit e747a4e3fe
1 changed files with 7 additions and 0 deletions
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1993,6 +1993,13 @@ soc:
          mostRecentlyUsedLimit: 5
          safeStringMaxLength: 100
          queryBaseFilter: '_index:"*:so-detection" AND so_kind:detection'
          presets:
            manualSync:
              customEnabled:false
              labels:
                - Suricata
                - Strelka
                - ElastAlert
          eventFields:
            default:
              - so_detection.title