You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This configuration options allows you to specify which rules are automatically enabled upon initial import. The format for this filter is a YAML list that supports flexible filtering criteria based on a number of fields in a Sigma rule. A rule is enabled only if it matches all specified filters - if there is more than one filter for a field, then it has to match at least one.
Expand All
@@ -118,7 +118,7 @@ Each item in the YAML list represents a set of filters, using the following fiel
product
Type: List of strings
Description: Specifies the product(s) to filter by (e.g., "windows", "*" for all products).
Description: Specifies the product(s) to filter by (e.g., "windows", "*" for any products).
category
Type: List of strings
Expand All
@@ -132,7 +132,6 @@ For example:
::
Enabled_On_Import:
# Enable all critical and high rules from the "securityonion-resources" ruleset
