Update roles/wazuh/ansible-wazuh-manager/defaults/main.yml
Modificaciones adaptadas a las necesidades de la empresa
This commit is contained in:
parent
8981160803
commit
adf68bb732
@ -21,12 +21,12 @@ wazuh_manager_sources_installation:
|
|||||||
user_enable_active_response: null
|
user_enable_active_response: null
|
||||||
user_enable_syscheck: "y"
|
user_enable_syscheck: "y"
|
||||||
user_enable_rootcheck: "y"
|
user_enable_rootcheck: "y"
|
||||||
user_enable_openscap: "n"
|
user_enable_openscap: "y"
|
||||||
user_enable_authd: "y"
|
user_enable_authd: "y"
|
||||||
user_generate_authd_cert: null
|
user_generate_authd_cert: null
|
||||||
user_update: "y"
|
user_update: "y"
|
||||||
user_binaryinstall: null
|
user_binaryinstall: null
|
||||||
user_enable_email: "n"
|
user_enable_email: "y"
|
||||||
user_auto_start: "y"
|
user_auto_start: "y"
|
||||||
user_email_address: null
|
user_email_address: null
|
||||||
user_email_smpt: null
|
user_email_smpt: null
|
||||||
@ -47,15 +47,15 @@ agent_groups: []
|
|||||||
## Global
|
## Global
|
||||||
wazuh_manager_json_output: 'yes'
|
wazuh_manager_json_output: 'yes'
|
||||||
wazuh_manager_alerts_log: 'yes'
|
wazuh_manager_alerts_log: 'yes'
|
||||||
wazuh_manager_logall: 'no'
|
wazuh_manager_logall: 'yes'
|
||||||
wazuh_manager_logall_json: 'no'
|
wazuh_manager_logall_json: 'yes'
|
||||||
|
|
||||||
wazuh_manager_email_notification: 'no'
|
wazuh_manager_email_notification: 'yes'
|
||||||
wazuh_manager_mailto:
|
wazuh_manager_mailto:
|
||||||
- 'admin@example.net'
|
- 'infosec@agofer.com.co'
|
||||||
|
|
||||||
wazuh_manager_email_smtp_server: smtp.example.wazuh.com
|
wazuh_manager_email_smtp_server: smtp-relay.gmail.com
|
||||||
wazuh_manager_email_from: wazuh@example.wazuh.com
|
wazuh_manager_email_from: sistemas@agofer.com.co
|
||||||
wazuh_manager_email_maxperhour: 12
|
wazuh_manager_email_maxperhour: 12
|
||||||
wazuh_manager_email_queue_size: 131072
|
wazuh_manager_email_queue_size: 131072
|
||||||
wazuh_manager_email_log_source: 'alerts.log'
|
wazuh_manager_email_log_source: 'alerts.log'
|
||||||
@ -77,8 +77,8 @@ wazuh_manager_log_format: 'plain'
|
|||||||
|
|
||||||
## Email alerts
|
## Email alerts
|
||||||
wazuh_manager_extra_emails:
|
wazuh_manager_extra_emails:
|
||||||
- enable: false
|
- enable: true
|
||||||
mail_to: 'recipient@example.wazuh.com'
|
mail_to: 'infosec@agofer.com.co'
|
||||||
format: full
|
format: full
|
||||||
level: 7
|
level: 7
|
||||||
event_location: null
|
event_location: null
|
||||||
@ -97,10 +97,10 @@ wazuh_manager_connection:
|
|||||||
|
|
||||||
## Reports
|
## Reports
|
||||||
wazuh_manager_reports:
|
wazuh_manager_reports:
|
||||||
- enable: false
|
- enable: true
|
||||||
category: 'syscheck'
|
category: 'syscheck'
|
||||||
title: 'Daily report: File changes'
|
title: 'Daily report: File changes'
|
||||||
email_to: 'recipient@example.wazuh.com'
|
email_to: 'infosec@agofer.com.co'
|
||||||
location: null
|
location: null
|
||||||
group: null
|
group: null
|
||||||
rule: null
|
rule: null
|
||||||
@ -114,13 +114,13 @@ wazuh_manager_rootcheck:
|
|||||||
frequency: 43200
|
frequency: 43200
|
||||||
|
|
||||||
wazuh_manager_openscap:
|
wazuh_manager_openscap:
|
||||||
disable: 'yes'
|
disable: 'no'
|
||||||
timeout: 1800
|
timeout: 1800
|
||||||
interval: '1d'
|
interval: '1d'
|
||||||
scan_on_start: 'yes'
|
scan_on_start: 'yes'
|
||||||
|
|
||||||
wazuh_manager_ciscat:
|
wazuh_manager_ciscat:
|
||||||
disable: 'yes'
|
disable: 'no'
|
||||||
install_java: 'yes'
|
install_java: 'yes'
|
||||||
timeout: 1800
|
timeout: 1800
|
||||||
interval: '1d'
|
interval: '1d'
|
||||||
@ -129,7 +129,7 @@ wazuh_manager_ciscat:
|
|||||||
ciscat_path: 'wodles/ciscat'
|
ciscat_path: 'wodles/ciscat'
|
||||||
|
|
||||||
wazuh_manager_osquery:
|
wazuh_manager_osquery:
|
||||||
disable: 'yes'
|
disable: 'no'
|
||||||
run_daemon: 'yes'
|
run_daemon: 'yes'
|
||||||
log_path: '/var/log/osquery/osqueryd.results.log'
|
log_path: '/var/log/osquery/osqueryd.results.log'
|
||||||
config_path: '/etc/osquery/osquery.conf'
|
config_path: '/etc/osquery/osquery.conf'
|
||||||
@ -147,7 +147,7 @@ wazuh_manager_syscollector:
|
|||||||
processes: 'yes'
|
processes: 'yes'
|
||||||
|
|
||||||
wazuh_manager_monitor_aws:
|
wazuh_manager_monitor_aws:
|
||||||
disabled: 'yes'
|
disabled: 'no'
|
||||||
interval: '10m'
|
interval: '10m'
|
||||||
run_on_start: 'yes'
|
run_on_start: 'yes'
|
||||||
skip_on_error: 'yes'
|
skip_on_error: 'yes'
|
||||||
@ -171,12 +171,12 @@ wazuh_manager_sca:
|
|||||||
|
|
||||||
## Vulnerability Detector
|
## Vulnerability Detector
|
||||||
wazuh_manager_vulnerability_detector:
|
wazuh_manager_vulnerability_detector:
|
||||||
enabled: 'no'
|
enabled: 'yes'
|
||||||
interval: '5m'
|
interval: '5m'
|
||||||
min_full_scan_interval: '6h'
|
min_full_scan_interval: '6h'
|
||||||
run_on_start: 'yes'
|
run_on_start: 'yes'
|
||||||
providers:
|
providers:
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
os:
|
os:
|
||||||
- 'trusty'
|
- 'trusty'
|
||||||
- 'xenial'
|
- 'xenial'
|
||||||
@ -185,14 +185,14 @@ wazuh_manager_vulnerability_detector:
|
|||||||
- 'jammy'
|
- 'jammy'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"canonical"'
|
name: '"canonical"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
os:
|
os:
|
||||||
- 'buster'
|
- 'buster'
|
||||||
- 'bullseye'
|
- 'bullseye'
|
||||||
- 'bookworm'
|
- 'bookworm'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"debian"'
|
name: '"debian"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
os:
|
os:
|
||||||
- '5'
|
- '5'
|
||||||
- '6'
|
- '6'
|
||||||
@ -201,20 +201,20 @@ wazuh_manager_vulnerability_detector:
|
|||||||
- '9'
|
- '9'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"redhat"'
|
name: '"redhat"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
os:
|
os:
|
||||||
- '8'
|
- '8'
|
||||||
- '9'
|
- '9'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"almalinux"'
|
name: '"almalinux"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
os:
|
os:
|
||||||
- 'amazon-linux'
|
- 'amazon-linux'
|
||||||
- 'amazon-linux-2'
|
- 'amazon-linux-2'
|
||||||
- 'amazon-linux-2023'
|
- 'amazon-linux-2023'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"alas"'
|
name: '"alas"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
os:
|
os:
|
||||||
- '11-server'
|
- '11-server'
|
||||||
- '11-desktop'
|
- '11-desktop'
|
||||||
@ -224,13 +224,13 @@ wazuh_manager_vulnerability_detector:
|
|||||||
- '15-desktop'
|
- '15-desktop'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"suse"'
|
name: '"suse"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"arch"'
|
name: '"arch"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"msu"'
|
name: '"msu"'
|
||||||
- enabled: 'no'
|
- enabled: 'yes'
|
||||||
update_interval: '1h'
|
update_interval: '1h'
|
||||||
name: '"nvd"'
|
name: '"nvd"'
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user