Merge pull request #14396 from Security-Onion-Solutions/reyesj2-patch-3

add zeek file_extraction forcedType for instances where a single line…
2025-12-06 17:22:49 +01:00 · 2025-03-17 14:40:40 -05:00
parent d23b6958c1 af6245f19d
commit fe21a19c5c
1 changed files with 1 additions and 0 deletions
--- a/salt/zeek/soc_zeek.yaml
+++ b/salt/zeek/soc_zeek.yaml
@@ -63,4 +63,5 @@ zeek:
          duplicates: True
  file_extraction:
    description: Contains a list of file or MIME types Zeek will extract from the network streams. Values must adhere to the following format - {"MIME_TYPE":"FILE_EXTENSION"}
+    forcedType: "[]{}"
    helpLink: zeek.html