Skip to content

Commit

Permalink
Replace external zeek-community-id with builtin community-id. Disable…
Browse files Browse the repository at this point in the history 
… plugin-tds + plugin-profinet. Not updated for Zeek 6.x

Signed-off-by: reyesj2 <[email protected]>
  • Loading branch information
@reyesj2
reyesj2 committed Oct 16, 2023
1 parent 2f0e673 commit e5c936e
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions salt/zeek/defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,12 +49,13 @@ zeek:
- frameworks/files/hash-all-files
- frameworks/files/detect-MHR
- policy/frameworks/notice/extend-email/hostnames
- policy/frameworks/notice/community-id
- policy/protocols/conn/community-id-logging
- ja3
- hassh
- intel
- cve-2020-0601
- securityonion/bpfconf
- securityonion/communityid
- securityonion/file-extraction
- oui-logging
- icsnpp-modbus
Expand All @@ -65,8 +66,8 @@ zeek:
- icsnpp-opcua-binary
- icsnpp-bsap
- icsnpp-s7comm
- zeek-plugin-tds
- zeek-plugin-profinet
# - zeek-plugin-tds
# - zeek-plugin-profinet
- zeek-spicy-wireguard
- zeek-spicy-stun
load-sigs:
Expand All @@ -75,7 +76,7 @@ zeek:
- LogAscii::use_json = T;
- CaptureLoss::watch_interval = 5 mins;
networks:
HOME_NET:
HOME_NET:
- 192.168.0.0/16
- 10.0.0.0/8
- 172.16.0.0/12
Expand Down Expand Up @@ -120,4 +121,4 @@ zeek:
- stats
- stderr
- stdout

0 comments on commit e5c936e

Please sign in to comment.