bpf:
  pcap:
    description: List of BPF filters to apply to the PCAP engine.
    multiline: True
    forcedType: "[]string"
    helpLink: bpf
  suricata:
    description: List of BPF filters to apply to Suricata. This will apply to alerts and, if enabled, to metadata and PCAP logs generated by Suricata.
    multiline: True
    forcedType: "[]string"
    helpLink: bpf
  zeek:
    description: List of BPF filters to apply to Zeek.
    multiline: True
    forcedType: "[]string"
    helpLink: bpf