afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #40 from pillarsdotnet/master

Browse Source 
Support documented configuration options: #39, #41, #43, #44
This commit is contained in:
José Luis Ruiz 2018-08-01 17:04:11 -04:00 committed by GitHub
commit 2a15f183d7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 72 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible-wazuh-manager/defaults/main.yml
View File

@ -167,6 +167,8 @@ wazuh_manager_config:
executable: 'route-null.cmd' executable: 'route-null.cmd'
expect: 'srcip' expect: 'srcip'
timeout_allowed: 'yes' timeout_allowed: 'yes'
rule_exclude:
- '0215-policy_rules.xml'
active_responses: active_responses:
- command: 'restart-ossec' - command: 'restart-ossec'
location: 'local' location: 'local'

51
ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -118,8 +118,21 @@
<remote> <remote>
{% for connection in wazuh_manager_config.connection %} {% for connection in wazuh_manager_config.connection %}
<connection>{{ connection.type }}</connection> <connection>{{ connection.type }}</connection>
<port>{{ connection.port }}</port> {% if connection.port is defined %}<port>{{ connection.port }}</port>{% endif %}
<protocol>{{ connection.protocol }}</protocol> {% if connection.protocol is defined %}<protocol>{{ connection.protocol }}</protocol>{% endif %}
{% if connection.allowed_ips is defined %}
{% for allowed_ip in connection.allowed_ips %}
<allowed-ips>{{ allowed_ip }}</allowed-ips>
{% endfor %}
{% endif %}
{% if connection.denied_ips is defined %}
{% for denied_ip in connection.denied_ips %}
<denied-ips>{{ denied_ip }}</denied-ips>
{% endfor %}
{% endif %}
{% if connection.local_ip is defined %}<local_ip>{{ connection.local_ip }}</local_ip>{% endif %}
{% if connection.ipv6 is defined %}<ipv6>{{ connection.ipv6 }}</ipv6>{% endif %}
{% if connection.queue_size is defined %}<queue_size>{{ connection.queue_size }}</queue_size>{% endif %}
{% endfor %} {% endfor %}
</remote> </remote>
@ -294,7 +307,11 @@
<!-- Default ruleset --> <!-- Default ruleset -->
<decoder_dir>ruleset/decoders</decoder_dir> <decoder_dir>ruleset/decoders</decoder_dir>
<rule_dir>ruleset/rules</rule_dir> <rule_dir>ruleset/rules</rule_dir>
<rule_exclude>0215-policy_rules.xml</rule_exclude> {% if wazuh_manager_config.rule_exclude is defined %}
{% for rule in wazuh_manager_config.rule_exclude %}
<rule_exclude>{{ rule }}</rule_exclude>
{% endfor %}
{% endif %}
{% if cdb_lists is defined %} {% if cdb_lists is defined %}
{% for list in cdb_lists %} {% for list in cdb_lists %}
<list>etc/lists/{{ list.name }}</list> <list>etc/lists/{{ list.name }}</list>
@ -309,8 +326,8 @@
<!-- Active Response Config --> <!-- Active Response Config -->
{% for response in wazuh_manager_config.active_responses %} {% for response in wazuh_manager_config.active_responses %}
<active-response> <active-response>
<disabled>no</disabled> <disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled>
<command>{{ response.command }}</command> {%if response.command is defined %}<command>{{ response.command }}</command>{% endif %}
{%if response.location is defined %}<location>{{ response.location }}</location>{% endif %} {%if response.location is defined %}<location>{{ response.location }}</location>{% endif %}
{%if response.agent_id is defined %}<agent_id>{{ response.agent_id }}</agent_id>{% endif %} {%if response.agent_id is defined %}<agent_id>{{ response.agent_id }}</agent_id>{% endif %}
{%if response.level is defined %}<level>{{ response.level }}</level>{% endif %} {%if response.level is defined %}<level>{{ response.level }}</level>{% endif %}
@ -327,9 +344,33 @@
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
<command>{{ localfile.command }}</command> <command>{{ localfile.command }}</command>
{% if localfile.alias is defined %}
<alias>{{ localfile.alias }}</alias>
{% endif %}
{% if localfile.frequency is defined %}
<frequency>{{ localfile.frequency }}</frequency> <frequency>{{ localfile.frequency }}</frequency>
{% endif %}
{% else %} {% else %}
<location>{{ localfile.location }}</location> <location>{{ localfile.location }}</location>
{% if localfile.format == 'eventchannel' %}
{% if localfile.only_future_events is defined %}
<only-future-events>{{ localfile.only_future_events }}</only_future_events>
{% endif %}
{% if localfile.query is defined %}
<query>{{ localfile.query }}</query>
{% endif %}
{% endif %}
{% endif %}
{% if localfile.format == 'json' and localfile.labels is defined %}
{% for key, value in localfile.labels.iteritems() %}
<label key="{{ key }}">{{ value }}</label>
{% endfor %}
{% endif %}
{% if localfile.target is defined %}
<target>{{ localfile.target }}</target>
{% endif %}
{% if localfile.out_format is defined %}
<out_format>{{ localfile.out_format }}</out_format>
{% endif %} {% endif %}
</localfile> </localfile>
{% endfor %} {% endfor %}

24
ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
View File

@ -46,9 +46,33 @@
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
<command>{{ localfile.command }}</command> <command>{{ localfile.command }}</command>
{% if localfile.alias is defined %}
<alias>{{ localfile.alias }}</alias>
{% endif %}
{% if localfile.frequency is defined %}
<frequency>{{ localfile.frequency }}</frequency> <frequency>{{ localfile.frequency }}</frequency>
{% endif %}
{% else %} {% else %}
<location>{{ localfile.location }}</location> <location>{{ localfile.location }}</location>
{% if localfile.format == 'eventchannel' %}
{% if localfile.only_future_events is defined %}
<only-future-events>{{ localfile.only_future_events }}</only_future_events>
{% endif %}
{% if localfile.query is defined %}
<query>{{ localfile.query }}</query>
{% endif %}
{% endif %}
{% endif %}
{% if localfile.format == 'json' and localfile.labels is defined %}
{% for key, value in localfile.labels.iteritems() %}
<label key="{{ key }}">{{ value }}</label>
{% endfor %}
{% endif %}
{% if localfile.target is defined %}
<target>{{ localfile.target }}</target>
{% endif %}
{% if localfile.out_format is defined %}
<out_format>{{ localfile.out_format }}</out_format>
{% endif %} {% endif %}
</localfile> </localfile>
{% endfor %} {% endfor %}