Replies: 1 comment
-
|
You can add disablements in the pillar if you like (if you do not want to use https://docs.securityonion.net/en/latest/managing-alerts.html?highlight=disable#disable-the-sid |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
I have recently started using Security Onion 2.3.40. I want to customize the existing rules. Please advise how I can disable the unwanted rules (as now I am using cmdlet sudo so-rule disabled add SID).
Can i comment on the specific rules by adding to local.rules..
Thanks
GS
Beta Was this translation helpful? Give feedback.
All reactions