From adf68bb73250b780ac21350706f257013dad540d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9s=20Felipe=20Marulanda=20Hern=C3=A1ndez?=
 <afmarulanda@noreply.example.org>
Date: Thu, 29 Feb 2024 20:08:16 +0000
Subject: [PATCH] Update roles/wazuh/ansible-wazuh-manager/defaults/main.yml

Modificaciones adaptadas a las necesidades de la empresa
---
 .../ansible-wazuh-manager/defaults/main.yml   | 52 +++++++++----------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 310520c..8496083 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -21,12 +21,12 @@ wazuh_manager_sources_installation:
   user_enable_active_response: null
   user_enable_syscheck: "y"
   user_enable_rootcheck: "y"
-  user_enable_openscap: "n"
+  user_enable_openscap: "y"
   user_enable_authd: "y"
   user_generate_authd_cert: null
   user_update: "y"
   user_binaryinstall: null
-  user_enable_email: "n"
+  user_enable_email: "y"
   user_auto_start: "y"
   user_email_address: null
   user_email_smpt: null
@@ -47,15 +47,15 @@ agent_groups: []
 ## Global
 wazuh_manager_json_output: 'yes'
 wazuh_manager_alerts_log: 'yes'
-wazuh_manager_logall: 'no'
-wazuh_manager_logall_json: 'no'
+wazuh_manager_logall: 'yes'
+wazuh_manager_logall_json: 'yes'
 
-wazuh_manager_email_notification: 'no'
+wazuh_manager_email_notification: 'yes'
 wazuh_manager_mailto:
-  - 'admin@example.net'
+  - 'infosec@agofer.com.co'
 
-wazuh_manager_email_smtp_server: smtp.example.wazuh.com
-wazuh_manager_email_from: wazuh@example.wazuh.com
+wazuh_manager_email_smtp_server: smtp-relay.gmail.com
+wazuh_manager_email_from: sistemas@agofer.com.co
 wazuh_manager_email_maxperhour: 12
 wazuh_manager_email_queue_size: 131072
 wazuh_manager_email_log_source: 'alerts.log'
@@ -77,8 +77,8 @@ wazuh_manager_log_format: 'plain'
 
 ## Email alerts
 wazuh_manager_extra_emails:
-  - enable: false
-    mail_to: 'recipient@example.wazuh.com'
+  - enable: true
+    mail_to: 'infosec@agofer.com.co'
     format: full
     level: 7
     event_location: null
@@ -97,10 +97,10 @@ wazuh_manager_connection:
 
 ## Reports
 wazuh_manager_reports:
-  - enable: false
+  - enable: true
     category: 'syscheck'
     title: 'Daily report: File changes'
-    email_to: 'recipient@example.wazuh.com'
+    email_to: 'infosec@agofer.com.co'
     location: null
     group: null
     rule: null
@@ -114,13 +114,13 @@ wazuh_manager_rootcheck:
   frequency: 43200
 
 wazuh_manager_openscap:
-  disable: 'yes'
+  disable: 'no'
   timeout: 1800
   interval: '1d'
   scan_on_start: 'yes'
 
 wazuh_manager_ciscat:
-  disable: 'yes'
+  disable: 'no'
   install_java: 'yes'
   timeout: 1800
   interval: '1d'
@@ -129,7 +129,7 @@ wazuh_manager_ciscat:
   ciscat_path: 'wodles/ciscat'
 
 wazuh_manager_osquery:
-  disable: 'yes'
+  disable: 'no'
   run_daemon: 'yes'
   log_path: '/var/log/osquery/osqueryd.results.log'
   config_path: '/etc/osquery/osquery.conf'
@@ -147,7 +147,7 @@ wazuh_manager_syscollector:
   processes: 'yes'
 
 wazuh_manager_monitor_aws:
-  disabled: 'yes'
+  disabled: 'no'
   interval: '10m'
   run_on_start: 'yes'
   skip_on_error: 'yes'
@@ -171,12 +171,12 @@ wazuh_manager_sca:
 
 ## Vulnerability Detector
 wazuh_manager_vulnerability_detector:
-  enabled: 'no'
+  enabled: 'yes'
   interval: '5m'
   min_full_scan_interval: '6h'
   run_on_start: 'yes'
   providers:
-    - enabled: 'no'
+    - enabled: 'yes'
       os:
         - 'trusty'
         - 'xenial'
@@ -185,14 +185,14 @@ wazuh_manager_vulnerability_detector:
         - 'jammy'
       update_interval: '1h'
       name: '"canonical"'
-    - enabled: 'no'
+    - enabled: 'yes'
       os:
         - 'buster'
         - 'bullseye'
         - 'bookworm'
       update_interval: '1h'
       name: '"debian"'
-    - enabled: 'no'
+    - enabled: 'yes'
       os:
         - '5'
         - '6'
@@ -201,20 +201,20 @@ wazuh_manager_vulnerability_detector:
         - '9'
       update_interval: '1h'
       name: '"redhat"'
-    - enabled: 'no'
+    - enabled: 'yes'
       os:
         - '8'
         - '9'
       update_interval: '1h'
       name: '"almalinux"'
-    - enabled: 'no'
+    - enabled: 'yes'
       os:
         - 'amazon-linux'
         - 'amazon-linux-2'
         - 'amazon-linux-2023'
       update_interval: '1h'
       name: '"alas"'
-    - enabled: 'no'
+    - enabled: 'yes'
       os:
         - '11-server'
         - '11-desktop'
@@ -224,13 +224,13 @@ wazuh_manager_vulnerability_detector:
         - '15-desktop'
       update_interval: '1h'
       name: '"suse"'
-    - enabled: 'no'
+    - enabled: 'yes'
       update_interval: '1h'
       name: '"arch"'
-    - enabled: 'no'
+    - enabled: 'yes'
       update_interval: '1h'
       name: '"msu"'
-    - enabled: 'no'
+    - enabled: 'yes'
       update_interval: '1h'
       name: '"nvd"'