securityonion/salt/idstools/sorules/filer.rules

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 05:57:49 +02:00
# Start the filters at sid 1200000
# Example of filtering out google.com from being dns logged.
#config dns any any -> any any (dns.query; content:"google.com"; config: logging disable, type tx, scope tx; sid:1200000;)
	`# Start the filters at sid 1200000`
	`# Example of filtering out google.com from being dns logged.`
	`#config dns any any -> any any (dns.query; content:"google.com"; config: logging disable, type tx, scope tx; sid:1200000;)`