mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-15 21:52:47 +01:00
50 lines
1.5 KiB
YAML
50 lines
1.5 KiB
YAML
idstools:
|
|
config:
|
|
oinkcode:
|
|
description: Enter your registration code for paid rulesets.
|
|
global: True
|
|
helpLink: rules.html
|
|
ruleset:
|
|
description: Define the ruleset you want to run. Options are ETOPEN or ETPRO.
|
|
global: True
|
|
helpLink: rules.html
|
|
urls:
|
|
description: This is a list of additional rule download locations.
|
|
global: True
|
|
helpLink: rules.html
|
|
sids:
|
|
disabled:
|
|
description: List of SIDS that you want to disable.
|
|
global: True
|
|
helpLink: managing-alerts.html
|
|
enabled:
|
|
description: List of SIDS that are disabled by the rule source that you want to enable.
|
|
global: True
|
|
helpLink: managing-alerts.html
|
|
modify:
|
|
description: List of SIDS that you want to modify.
|
|
global: True
|
|
helpLink: managing-alerts.html
|
|
rules:
|
|
local__rules:
|
|
description: This is where custom Suricata rules are entered.
|
|
file: True
|
|
global: True
|
|
advanced: True
|
|
title: Local Rules
|
|
helpLink: local-rules.html
|
|
filters__rules:
|
|
description: If you are using Suricata for metadata, then you can set custom filters for that metadata here.
|
|
file: True
|
|
global: True
|
|
advanced: True
|
|
title: Filter Rules
|
|
helpLink: suricata.html
|
|
extraction__rules:
|
|
description: If you are using Suricata for metadata, then you can set a list of MIME types for file extraction here.
|
|
file: True
|
|
global: True
|
|
advanced: True
|
|
title: Extraction Rules
|
|
helpLink: suricata.html
|