From 7153d222c0fa2d3b90d5caef62ec0392f9ba3f9b Mon Sep 17 00:00:00 2001
From: orianelou <126462046+orianelou@users.noreply.github.com>
Date: Tue, 1 Oct 2024 13:03:59 +0300
Subject: [PATCH] Update local_policy.yaml

---
 .../linux/v1beta2/default/local_policy.yaml   | 29 +++++++------------
 1 file changed, 10 insertions(+), 19 deletions(-)

diff --git a/config/linux/v1beta2/default/local_policy.yaml b/config/linux/v1beta2/default/local_policy.yaml
index 3672785..d1dcc93 100644
--- a/config/linux/v1beta2/default/local_policy.yaml
+++ b/config/linux/v1beta2/default/local_policy.yaml
@@ -6,25 +6,16 @@ apiVersion: v1beta2
 
 policies:
   default:
-    # start in detect-learn and move to prevent-learn based on learning progress 
+    # start in detect-learn and move to prevent-learn based on learning progress
     mode: detect-learn
-    threatPreventionPractices:
-    - default-threat-prevention-practice
-    accessControlPractices:
-    - default-access-control-practice
+    threatPreventionPractices: [default-threat-prevention-practice]
+    accessControlPractices: [default-access-control-practice]
     customResponses: default-web-user-response
-    triggers:
-    - default-log-trigger
-  specificRules:
-    - host: www.example.com
-      # this is an example for specific rule, adjust the values as required for the protected app
-      mode: detect-learn
-      threatPreventionPractices:
-      - default-threat-prevention-practice
-      accessControlPractices:
-      - default-access-control-practice
-      triggers:
-      - default-log-trigger
+    triggers: [default-log-trigger]
+    sourceIdentifiers: ""
+    trustedSources: ""
+    exceptions: []
+  specificRules: []
 
 threatPreventionPractices:
   - name: default-threat-prevention-practice
@@ -57,7 +48,7 @@ threatPreventionPractices:
       files: []
       # relevant for docker and linux embedded deployments
       # 0 or 1 files supported in array
-    openapiSchemaValidation: # schema validation requires "Premium Edition" 
+    schemaValidation: # schema validation requires "Premium Edition" 
       overrideMode: inherited
       configmap: []
       # relevant for deployments on kubernetes
@@ -91,7 +82,7 @@ logTriggers:
       urlPath: true
       urlQuery: true
       httpHeaders: false
-      requestBody: false      
+      requestBody: false
     additionalSuspiciousEventsLogging:
       enabled: true
       minSeverity: high