X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=etc%2Finternal_options.conf;h=b4c7beb458377700380f1943abee800b93fd8b94;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=e40427177fd0cd8cf59ccac537719f79baf3c50c;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git

diff --git a/etc/internal_options.conf b/etc/internal_options.conf
old mode 100755
new mode 100644
index e404271..b4c7beb
--- a/etc/internal_options.conf
+++ b/etc/internal_options.conf
@@ -14,11 +14,11 @@
 # Analysisd default rule timeframe.
 analysisd.default_timeframe=360
 # Analysisd stats maximum diff.
-analysisd.stats_maxdiff=25000
+analysisd.stats_maxdiff=999000
 # Analysisd stats minimum diff.
-analysisd.stats_mindiff=250
+analysisd.stats_mindiff=1250
 # Analysisd stats percentage (how much to differ from average)
-analysisd.stats_percent_diff=30
+analysisd.stats_percent_diff=150
 # Analysisd FTS list size.
 analysisd.fts_list_size=32
 # Analysisd FTS minimum string size.    
@@ -26,14 +26,23 @@ analysisd.fts_min_size_for_str=14
 # Analysisd Enable the firewall log (at logs/firewall/firewall.log)
 # 1 to enable, 0 to disable.
 analysisd.log_fw=1
+# Maximum number of fields in a decoder (order tag)
+analysisd.decoder_order_size=10
 
 
+# Output GeoIP data at JSON alerts
+analysisd.geoip_jsonout=0
+
 # Logcollector file loop timeout (check every 2 seconds for file changes)
 logcollector.loop_timeout=2
 
 # Logcollector number of attempts to open a log file.
 logcollector.open_attempts=8
 
+# Logcollector - If it should accept remote commands from the manager
+logcollector.remote_commands=0
+
+
 
 # Remoted counter io flush.
 remoted.recv_counter_flush=128
@@ -44,6 +53,8 @@ remoted.comp_average_printout=19999
 # Verify msg id (set to 0 to disable it)
 remoted.verify_msg_id=1
 
+# Don't exit when client.keys empty
+remoted.pass_empty_keyfile=0
 
 # Maild strict checking (0=disabled, 1=enabled)
 maild.strict_checking=1
@@ -55,8 +66,11 @@ maild.groupping=1
 # Maild full subject (0=disabled, 1=enabled)
 maild.full_subject=0
 
+# Maild display GeoIP data (0=disabled, 1=enabled)
+maild.geoip=1
 
-# Monitord day_wait. Ammount of seconds to wait before compressing/signing
+
+# Monitord day_wait. Amount of seconds to wait before compressing/signing
 # the files.
 monitord.day_wait=10
 
@@ -69,6 +83,9 @@ monitord.sign=1
 # Monitord monitor_agents. (0=do not monitor, 1=monitor)
 monitord.monitor_agents=1
 
+# Monitord notify_time. Frequency of which the clients' availability needs
+# to be checked. (60-3600)
+monitord.notify_time=600
 
 # Syscheck checking/usage speed. To avoid large cpu/memory
 # usage, you can specify how much to sleep after generating
@@ -77,6 +94,10 @@ monitord.monitor_agents=1
 syscheck.sleep=2
 syscheck.sleep_after=15
 
+# Rootcheck checking/usage speed. Rootcheck will pause for this
+# duration after scanning a PID or port.
+rootcheck.sleep=2
+
 
 # Database - maximum number of reconnect attempts
 dbd.reconnect_attempts=10