Add regex defaults

Security-Onion-Solutions · Mar 11, 2024 · 61a183b · 61a183b
1 parent 8c54a19
commit 61a183b
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
@@ -1078,8 +1078,10 @@ soc:
         kratos:
           hostUrl:
         elastalertengine:
+          allowRegex: ''
           autoUpdateEnabled: false
-          communityRulesImportFrequencySeconds: 180
+          communityRulesImportFrequencySeconds: 86400
+          denyRegex: '.*'
           elastAlertRulesFolder: /opt/sensoroni/elastalert
           rulesFingerprintFile: /opt/sensoroni/fingerprints/sigma.fingerprint
           sigmaRulePackages:
@@ -1128,15 +1130,19 @@ soc:
           userFiles:
             - rbac/users_roles
         strelkaengine:
+          allowRegex: ''
           autoUpdateEnabled: false
           compileYaraPythonScriptPath: /opt/so/conf/strelka/compile_yara.py
+          denyRegex: '.*'
           reposFolder: /opt/sensoroni/yara/repos
           rulesRepos:
           - repo: https://github.com/Security-Onion-Solutions/securityonion-yara
             license: DRL
           yaraRulesFolder: /opt/sensoroni/yara/rules
         suricataengine:
+          allowRegex: ''
           communityRulesFile: /nsm/rules/suricata/emerging-all.rules
+          denyRegex: '.*'
           rulesFingerprintFile: /opt/sensoroni/fingerprints/emerging-all.fingerprint
       client:
         enableReverseLookup: false