projects
/
ossec-hids.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
new upstream release (3.3.0); modify package compatibility for Stretch
[ossec-hids.git]
/
etc
/
internal_options.conf
diff --git
a/etc/internal_options.conf
b/etc/internal_options.conf
old mode 100755
(executable)
new mode 100644
(file)
index
a826f36
..
b4c7beb
--- a/
etc/internal_options.conf
+++ b/
etc/internal_options.conf
@@
-14,11
+14,11
@@
# Analysisd default rule timeframe.
analysisd.default_timeframe=360
# Analysisd stats maximum diff.
# Analysisd default rule timeframe.
analysisd.default_timeframe=360
# Analysisd stats maximum diff.
-analysisd.stats_maxdiff=25000
+analysisd.stats_maxdiff=999000
# Analysisd stats minimum diff.
# Analysisd stats minimum diff.
-analysisd.stats_mindiff=250
+analysisd.stats_mindiff=1250
# Analysisd stats percentage (how much to differ from average)
# Analysisd stats percentage (how much to differ from average)
-analysisd.stats_percent_diff=30
+analysisd.stats_percent_diff=150
# Analysisd FTS list size.
analysisd.fts_list_size=32
# Analysisd FTS minimum string size.
# Analysisd FTS list size.
analysisd.fts_list_size=32
# Analysisd FTS minimum string size.
@@
-26,8
+26,13
@@
analysisd.fts_min_size_for_str=14
# Analysisd Enable the firewall log (at logs/firewall/firewall.log)
# 1 to enable, 0 to disable.
analysisd.log_fw=1
# Analysisd Enable the firewall log (at logs/firewall/firewall.log)
# 1 to enable, 0 to disable.
analysisd.log_fw=1
+# Maximum number of fields in a decoder (order tag)
+analysisd.decoder_order_size=10
+# Output GeoIP data at JSON alerts
+analysisd.geoip_jsonout=0
+
# Logcollector file loop timeout (check every 2 seconds for file changes)
logcollector.loop_timeout=2
# Logcollector file loop timeout (check every 2 seconds for file changes)
logcollector.loop_timeout=2
@@
-48,6
+53,8
@@
remoted.comp_average_printout=19999
# Verify msg id (set to 0 to disable it)
remoted.verify_msg_id=1
# Verify msg id (set to 0 to disable it)
remoted.verify_msg_id=1
+# Don't exit when client.keys empty
+remoted.pass_empty_keyfile=0
# Maild strict checking (0=disabled, 1=enabled)
maild.strict_checking=1
# Maild strict checking (0=disabled, 1=enabled)
maild.strict_checking=1
@@
-63,7
+70,7
@@
maild.full_subject=0
maild.geoip=1
maild.geoip=1
-# Monitord day_wait. Ammount of seconds to wait before compressing/signing
+# Monitord day_wait. Amount of seconds to wait before compressing/signing
# the files.
monitord.day_wait=10
# the files.
monitord.day_wait=10
@@
-76,6
+83,9
@@
monitord.sign=1
# Monitord monitor_agents. (0=do not monitor, 1=monitor)
monitord.monitor_agents=1
# Monitord monitor_agents. (0=do not monitor, 1=monitor)
monitord.monitor_agents=1
+# Monitord notify_time. Frequency of which the clients' availability needs
+# to be checked. (60-3600)
+monitord.notify_time=600
# Syscheck checking/usage speed. To avoid large cpu/memory
# usage, you can specify how much to sleep after generating
# Syscheck checking/usage speed. To avoid large cpu/memory
# usage, you can specify how much to sleep after generating
@@
-84,6
+94,10
@@
monitord.monitor_agents=1
syscheck.sleep=2
syscheck.sleep_after=15
syscheck.sleep=2
syscheck.sleep_after=15
+# Rootcheck checking/usage speed. Rootcheck will pause for this
+# duration after scanning a PID or port.
+rootcheck.sleep=2
+
# Database - maximum number of reconnect attempts
dbd.reconnect_attempts=10
# Database - maximum number of reconnect attempts
dbd.reconnect_attempts=10