CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12732 from Security-Onion-Solutions/2.4/detections-defaults

Browse Source 
Feature - auto-enabled Sigma rules
This commit is contained in:
Josh Brower
2024-04-03 09:01:09 -04:00
committed by GitHub
parent 23a6c4adb6 a8f25150f6
commit fbdcc53fe0
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/soc/defaults.yaml
View File

@@ -1236,6 +1236,10 @@ soc:
elastalertengine: elastalertengine:
allowRegex: '' allowRegex: ''
autoUpdateEnabled: true autoUpdateEnabled: true
autoEnabledSigmaRules:
- core+critical
- securityonion-resources+critical
- securityonion-resources+high
communityRulesImportFrequencySeconds: 86400 communityRulesImportFrequencySeconds: 86400
denyRegex: '' denyRegex: ''
elastAlertRulesFolder: /opt/sensoroni/elastalert elastAlertRulesFolder: /opt/sensoroni/elastalert