CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-26 06:27:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

Default ruleset; Descriptions

Browse Source
This commit is contained in:
Josh Brower
2024-02-16 11:55:10 -05:00
parent e4dcb4a8dd
commit ffb3cc87b7
3 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/soc/defaults.yaml
+1
View File
@@ -1014,6 +1014,7 @@ soc:
rulesFingerprintFile: /opt/sensoroni/fingerprints/sigma.fingerprint
sigmaRulePackages:
- core
- emerging_threats_addon
elastic:
hostUrl:
remoteHostUrls: []
salt/soc/soc_soc.yaml
+1 -1
View File
@@ -72,7 +72,7 @@ soc:
modules:
elastalertengine:
sigmaRulePackages:
description: 'Defines the Sigma Community Ruleset you want to run: core | core+ | core++ | all. -- WARNING -- Changing the ruleset will remove all existing Sigma rules of the previous ruleset and their associated overrides.'
description: 'Defines the Sigma Community Ruleset you want to run. One of these (core | core+ | core++ | all ) as well as an optional Add-on (emerging_threats_addon). WARNING! Changing the ruleset will remove all existing Sigma rules of the previous ruleset and their associated overrides. This removal cannot be undone.'
global: True
advanced: False
elastic: