Closed GoogleCodeExporter closed 9 years ago
cat << EOF > $CONF
# /etc/nsm/securityonion.conf
# Generated by Security Onion Setup (sosetup) at $DATE
# Which IDS engine would you like to run?
ENGINE=$IDS_ENGINE_LOWER
# How many days would you like to keep in the Sguil database archive?
DAYSTOKEEP=$DAYSTOKEEP
# How many days worth of tables would you like to repair every day?
DAYSTOREPAIR=$DAYSTOREPAIR
# At what percentage of disk usage should the NSM scripts warn you?
WARN_DISK_USAGE=$WARN_DISK_USAGE
# At what percentage of disk usage should the NSM scripts begin purging old
data?
CRIT_DISK_USAGE=$CRIT_DISK_USAGE
# Do you want to run Bro? yes/no
BRO_ENABLED=$BRO_ENABLED
# The OSSEC agent sends OSSEC HIDS alerts into the Sguil database.
# Do you want to run the OSSEC Agent? yes/no
OSSEC_AGENT_ENABLED=$OSSEC_AGENT_ENABLED
# Do you want to run the Snorby worker? yes/no
SNORBY_ENABLED=yes
# Do you want to run Xplico? yes/no
XPLICO_ENABLED=yes
# LOCAL_HIDS_RULE_TUNING
# If set to no (default), sensor will copy OSSEC rules from master server as-is
(no changes).
# If set to yes, sensor will keep its own copy of the OSSEC rules.
LOCAL_HIDS_RULE_TUNING=no
# LOCAL_NIDS_RULE_TUNING
# The effect of this option is different depending on whether this box is a
server or not.
# SERVER
# LOCAL_NIDS_RULE_TUNING=yes
# rule-update will operate on a local copy of the rules instead of downloading
rules from the Internet
# LOCAL_NIDS_RULE_TUNING=no
# rule-update will try to download rules from the Internet
# SENSOR-ONLY
# LOCAL_NIDS_RULE_TUNING=yes
# rule-update will copy rules from master server and then try to run PulledPork
locally for tuning
# LOCAL_NIDS_RULE_TUNING=no
# rule-update will copy rules from master server as-is (no changes)
EOF
Original comment by doug.bu...@gmail.com
on 16 Jul 2014 at 8:41
Submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/my5dRuEsvBQ/discussion
Original comment by doug.bu...@gmail.com
on 16 Jul 2014 at 9:04
Published:
http://blog.securityonion.net/2014/07/new-securityonion-setup-package.html
Original comment by doug.bu...@gmail.com
on 22 Jul 2014 at 2:35
Original issue reported on code.google.com by
doug.bu...@gmail.com
on 1 Jun 2014 at 1:13