Merge pull request #12732 from Security-Onion-Solutions/2.4/detection…

…s-defaults Feature - auto-enabled Sigma rules
Security-Onion-Solutions · Apr 3, 2024 · fbdcc53 · fbdcc53
2 parents 23a6c4a + a8f2515
commit fbdcc53
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
@@ -1236,6 +1236,10 @@ soc:
         elastalertengine:
           allowRegex: ''
           autoUpdateEnabled: true
+          autoEnabledSigmaRules:
+            - core+critical
+            - securityonion-resources+critical
+            - securityonion-resources+high
           communityRulesImportFrequencySeconds: 86400
           denyRegex: ''
           elastAlertRulesFolder: /opt/sensoroni/elastalert