Merge pull request #12677 from Security-Onion-Solutions/fix/strelka_yara_ignore

Ignore more rules

Author: weslambert

salt/strelka/defaults.yaml

@@ -1,12 +1,43 @@
 strelka:
   ignore:
     - apt_flame2_orchestrator.yar
+    - apt_apt32.yar
+    - apt_aa19_024a.yar
+    - apt_apt15.yar
+    - apt_barracuda_esg_unc4841_jun23.yar
+    - apt_bluetermite_emdivi.yar
+    - apt_danti_svcmondr.yar
+    - apt_eqgrp.yar
+    - apt_eqgrp_apr17.yar
+    - apt_greenbug.yar
+    - apt_grizzlybear_uscert.yar
+    - apt_lazarus_jun18.yar
+    - apt_mal_gopuram_apr23.yar
+    - apt_moonlightmaze.yar
+    - apt_oilrig.yar
+    - apt_oilrig_oct17.yar
+    - apt_passthehashtoolkit.yar
+    - apt_poisonivy.yar
+    - apt_winnti_burning_umbrella.yar
+    - cn_pentestset_webshells.yar
+    - crime_emotet.yar
+    - gen_fake_amsi_dll.yar
+    - gen_onenote_phish.yar
+    - apt_laudanum_webshells.yar
+    - apt_sandworm_cyclops_blink.yar
+    - cn_pentestset_scripts.yar
+    - expl_connectwise_screenconnect_vuln_feb24.yar
+    - mal_fortinet_coathanger_feb24.yar
+    - thor-hacktools.yar
+    - thor-webshells.yar
     - apt_tetris.yar
     - gen_susp_js_obfuscatorio.yar
     - gen_webshells.yar
+    - gen_vcruntime140_dll_sideloading.yar
     - generic_anomalies.yar
     - general_cloaking.yar
     - thor_inverse_matches.yar
+    - yara-rules_vuln_drivers_strict_renamed.yar
     - yara_mixed_ext_vars.yar
     - apt_apt27_hyperbro.yar
     - apt_turla_gazer.yar
@@ -18,4 +49,5 @@ strelka:
     - gen_webshells_ext_vars.yar
     - configured_vulns_ext_vars.yar
     - expl_outlook_cve_2023_23397.yar
+    - expl_citrix_netscaler_adc_exploitation_cve_2023_3519.yar
     - gen_mal_3cx_compromise_mar23.yar