From e52f8eee5a4e5e5f24460780b31085094708afb0 Mon Sep 17 00:00:00 2001
From: Mike Haag <mike@redcanary.com>
Date: Thu, 19 Mar 2020 10:41:19 -0600
Subject: [PATCH] bootstrap.sh comment fix

---
 Vagrant/bootstrap.sh | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/Vagrant/bootstrap.sh b/Vagrant/bootstrap.sh
index 303026d..b15dbb6 100644
--- a/Vagrant/bootstrap.sh
+++ b/Vagrant/bootstrap.sh
@@ -187,7 +187,7 @@ install_splunk() {
 
     ### BOTSv2 COMMENT BLOCK ENDS ###
 
-        # Uncomment the following block to install BOTSv3
+    # Uncomment the following block to install BOTSv3
     # Thanks to @MHaggis for this addition!
     # More information on BOTSv3 can be found at https://github.com/splunk/botsv3
 
@@ -226,16 +226,13 @@ install_splunk() {
     # /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/url-toolbox_18.tgz -auth 'admin:changeme'
     # /opt/splunk/bin/splunk install app /vagrant/resources/splunk_server/virustotal-workflow-actions-for-splunk_020.tgz -auth 'admin:changeme'
 
-    ### UNCOMMENT THIS BLOCK FOR THE ATTACK-ONLY DATASET (Recommended) ###
+    ### UNCOMMENT THIS BLOCK FOR BOTSv3 DATASET ###
     # echo "[$(date +%H:%M:%S)]: Downloading Splunk BOTSv3 Attack Only Dataset..."
     # wget --progress=bar:force -P /opt/ https://botsdataset.s3.amazonaws.com/botsv3/botsv3_data_set.tgz
     # echo "[$(date +%H:%M:%S)]: Download Complete."
     # echo "[$(date +%H:%M:%S)]: Extracting to Splunk Apps directory"
     # tar zxvf /opt/botsv3_data_set.tgz -C /opt/splunk/etc/apps/
-    ### ATTACK-ONLY COMMENT BLOCK ENDS ###
-
-    ### BOTSv3 COMMENT BLOCK ENDS ###
-    
+    ### BOTSv3 COMMENT BLOCK ENDS ###    
 
     # Add custom Macro definitions for ThreatHunting App
     cp /vagrant/resources/splunk_server/macros.conf /opt/splunk/etc/apps/ThreatHunting/default/macros.conf