afmarulanda/wazuh-ansible-4.7.2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update roles/wazuh/ansible-wazuh-manager/defaults/main.yml

Browse Source 
Modificaciones adaptadas a las necesidades de la empresa
This commit is contained in:
Andrés Felipe Marulanda Hernández 2024-02-29 20:08:16 +00:00
parent 8981160803
commit adf68bb732
1 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
roles/wazuh/ansible-wazuh-manager/defaults/main.yml
View File

@ -21,12 +21,12 @@ wazuh_manager_sources_installation:
user_enable_active_response: null
user_enable_syscheck: "y"
user_enable_rootcheck: "y"
user_enable_openscap: "n"
user_enable_openscap: "y"
user_enable_authd: "y"
user_generate_authd_cert: null
user_update: "y"
user_binaryinstall: null
user_enable_email: "n"
user_enable_email: "y"
user_auto_start: "y"
user_email_address: null
user_email_smpt: null
@ -47,15 +47,15 @@ agent_groups: []
## Global
wazuh_manager_json_output: 'yes'
wazuh_manager_alerts_log: 'yes'
wazuh_manager_logall: 'no'
wazuh_manager_logall_json: 'no'
wazuh_manager_logall: 'yes'
wazuh_manager_logall_json: 'yes'
wazuh_manager_email_notification: 'no'
wazuh_manager_email_notification: 'yes'
wazuh_manager_mailto:
- 'admin@example.net'
- 'infosec@agofer.com.co'
wazuh_manager_email_smtp_server: smtp.example.wazuh.com
wazuh_manager_email_from: wazuh@example.wazuh.com
wazuh_manager_email_smtp_server: smtp-relay.gmail.com
wazuh_manager_email_from: sistemas@agofer.com.co
wazuh_manager_email_maxperhour: 12
wazuh_manager_email_queue_size: 131072
wazuh_manager_email_log_source: 'alerts.log'
@ -77,8 +77,8 @@ wazuh_manager_log_format: 'plain'
## Email alerts
wazuh_manager_extra_emails:
- enable: false
mail_to: 'recipient@example.wazuh.com'
- enable: true
mail_to: 'infosec@agofer.com.co'
format: full
level: 7
event_location: null
@ -97,10 +97,10 @@ wazuh_manager_connection:
## Reports
wazuh_manager_reports:
- enable: false
- enable: true
category: 'syscheck'
title: 'Daily report: File changes'
email_to: 'recipient@example.wazuh.com'
email_to: 'infosec@agofer.com.co'
location: null
group: null
rule: null
@ -114,13 +114,13 @@ wazuh_manager_rootcheck:
frequency: 43200
wazuh_manager_openscap:
disable: 'yes'
disable: 'no'
timeout: 1800
interval: '1d'
scan_on_start: 'yes'
wazuh_manager_ciscat:
disable: 'yes'
disable: 'no'
install_java: 'yes'
timeout: 1800
interval: '1d'
@ -129,7 +129,7 @@ wazuh_manager_ciscat:
ciscat_path: 'wodles/ciscat'
wazuh_manager_osquery:
disable: 'yes'
disable: 'no'
run_daemon: 'yes'
log_path: '/var/log/osquery/osqueryd.results.log'
config_path: '/etc/osquery/osquery.conf'
@ -147,7 +147,7 @@ wazuh_manager_syscollector:
processes: 'yes'
wazuh_manager_monitor_aws:
disabled: 'yes'
disabled: 'no'
interval: '10m'
run_on_start: 'yes'
skip_on_error: 'yes'
@ -171,12 +171,12 @@ wazuh_manager_sca:
## Vulnerability Detector
wazuh_manager_vulnerability_detector:
enabled: 'no'
enabled: 'yes'
interval: '5m'
min_full_scan_interval: '6h'
run_on_start: 'yes'
providers:
- enabled: 'no'
- enabled: 'yes'
os:
- 'trusty'
- 'xenial'
@ -185,14 +185,14 @@ wazuh_manager_vulnerability_detector:
- 'jammy'
update_interval: '1h'
name: '"canonical"'
- enabled: 'no'
- enabled: 'yes'
os:
- 'buster'
- 'bullseye'
- 'bookworm'
update_interval: '1h'
name: '"debian"'
- enabled: 'no'
- enabled: 'yes'
os:
- '5'
- '6'
@ -201,20 +201,20 @@ wazuh_manager_vulnerability_detector:
- '9'
update_interval: '1h'
name: '"redhat"'
- enabled: 'no'
- enabled: 'yes'
os:
- '8'
- '9'
update_interval: '1h'
name: '"almalinux"'
- enabled: 'no'
- enabled: 'yes'
os:
- 'amazon-linux'
- 'amazon-linux-2'
- 'amazon-linux-2023'
update_interval: '1h'
name: '"alas"'
- enabled: 'no'
- enabled: 'yes'
os:
- '11-server'
- '11-desktop'
@ -224,13 +224,13 @@ wazuh_manager_vulnerability_detector:
- '15-desktop'
update_interval: '1h'
name: '"suse"'
- enabled: 'no'
- enabled: 'yes'
update_interval: '1h'
name: '"arch"'
- enabled: 'no'
- enabled: 'yes'
update_interval: '1h'
name: '"msu"'
- enabled: 'no'
- enabled: 'yes'
update_interval: '1h'
name: '"nvd"'