From e747a4e3fed1a42e5ec41be0d3f17cc6aa89d26b Mon Sep 17 00:00:00 2001
From: Corey Ogburn <corey.ogburn@securityonionsolutions.com>
Date: Fri, 29 Mar 2024 12:25:03 -0600
Subject: [PATCH] New Settings for Manual Sync in Detections

---
 salt/soc/defaults.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index 987011c991..4ecf1713d7 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1993,6 +1993,13 @@ soc:
           mostRecentlyUsedLimit: 5
           safeStringMaxLength: 100
           queryBaseFilter: '_index:"*:so-detection" AND so_kind:detection'
+          presets:
+            manualSync:
+              customEnabled:false
+              labels:
+                - Suricata
+                - Strelka
+                - ElastAlert
           eventFields:
             default:
               - so_detection.title