From 09620d3af67d58a081e7dcaea0769c435e4dec99 Mon Sep 17 00:00:00 2001
From: Bob Vincent <pillarsdotnet@gmail.com>
Date: Wed, 25 Jul 2018 11:35:12 -0400
Subject: [PATCH] Allow rule exclusions #44

---
 ansible-wazuh-manager/defaults/main.yml                     | 2 ++
 .../templates/var-ossec-etc-ossec-server.conf.j2            | 6 +++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/ansible-wazuh-manager/defaults/main.yml b/ansible-wazuh-manager/defaults/main.yml
index 93bec74d..67c83c0a 100644
--- a/ansible-wazuh-manager/defaults/main.yml
+++ b/ansible-wazuh-manager/defaults/main.yml
@@ -167,6 +167,8 @@ wazuh_manager_config:
       executable: 'route-null.cmd'
       expect: 'srcip'
       timeout_allowed: 'yes'
+  rule_exclude:
+    - '0215-policy_rules.xml'
   active_responses:
     - command: 'restart-ossec'
       location: 'local'
diff --git a/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 788ecec0..2476b9d1 100644
--- a/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -307,7 +307,11 @@
     <!-- Default ruleset -->
     <decoder_dir>ruleset/decoders</decoder_dir>
     <rule_dir>ruleset/rules</rule_dir>
-    <rule_exclude>0215-policy_rules.xml</rule_exclude>
+    {% if wazuh_manager_config.rule_exclude is defined %}
+    {% for rule in wazuh_manager_config.rule_exclude %}
+    <rule_exclude>{{ rule }}</rule_exclude>
+    {% endfor %}
+    {% endif %}
     {% if cdb_lists is defined %}
     {% for list in cdb_lists %}
     <list>etc/lists/{{ list.name }}</list>