FIX: Annotations for BPF and Suricata PCAP #12626

salt/suricata/soc_suricata.yaml

@@ -25,10 +25,10 @@ suricata:
       advanced: True
       helpLink: suricata.html 
     maxsize:
-      description: Maximum size in GB for total disk usage of all PCAP written by Suricata.
+      description: Maximum size in GB for total disk usage of all PCAP files written by Suricata.
       helpLink: suricata.html
     compression: 
-      description: Enable compression of Suricata PCAP.
+      description: Enable compression of Suricata PCAP files.
       advanced: True
       helpLink: suricata.html
     lz4-checksum: 
@@ -36,11 +36,11 @@ suricata:
       advanced: True
       helpLink: suricata.html
     lz4-level: 
-      description: lz4 compression level of PCAP. Set to 0 for no compression. Set to 16 for maximum compression.
+      description: lz4 compression level of PCAP files. Set to 0 for no compression. Set to 16 for maximum compression.
       advanced: True
       helpLink: suricata.html
     filename:
-      description: Filename output for Suricata PCAP.
+      description: Filename output for Suricata PCAP files.
       advanced: True
       readonly: True
       helpLink: suricata.html
@@ -56,7 +56,7 @@ suricata:
       regexFailureMessage: You must enter either yes or no.
       helpLink: suricata.html
     conditional: 
-      description: Set to "all" to record PCAP for all flows. Set to "alerts" to record PCAP just for alerts. Set to "tag" to record PCAP for just tagged rules.
+      description: Set to "all" to record PCAP for all flows. Set to "alerts" to only record PCAP for Suricata alerts. Set to "tag" to only record PCAP for tagged rules.
       regex: ^(all|alerts|tag)$
       regexFailureMessage: You must enter either all, alert or tag.
       helpLink: suricata.html