afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change /var/ossec to user_dir var

Browse Source
This commit is contained in:
Sergio García 2021-01-20 11:09:58 +01:00
parent dd99e03668
commit 3aa90efed4
9 changed files with 52 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
roles/wazuh/ansible-wazuh-agent/defaults/main.yml
View File

@ -30,7 +30,7 @@ wazuh_agent_sources_installation:
user_agent_server_ip: "YOUR_MANAGER_IP" user_agent_server_ip: "YOUR_MANAGER_IP"
user_agent_server_name: null user_agent_server_name: null
user_agent_config_profile: null user_agent_config_profile: null
user_ca_store: "/var/ossec/wpk_root.pem" user_ca_store: "{{ wazuh_manager_sources_installation.user_dir }}/wpk_root.pem"
wazuh_agent_yum_lock_timeout: 30 wazuh_agent_yum_lock_timeout: 30
@ -107,7 +107,7 @@ wazuh_agent_enrollment:
server_ca_path: '' server_ca_path: ''
agent_certificate_path: '' agent_certificate_path: ''
agent_key_path: '' agent_key_path: ''
authorization_pass_path: /var/ossec/etc/authd.pass authorization_pass_path: "{{ wazuh_manager_sources_installation.user_dir }}/etc/authd.pass"
auto_method: 'no' auto_method: 'no'
delay_after_enrollment: 20 delay_after_enrollment: 20
use_source_ip: 'no' use_source_ip: 'no'
@ -324,7 +324,7 @@ wazuh_agent_localfiles:
location: '/var/log/audit/audit.log' location: '/var/log/audit/audit.log'
linux: linux:
- format: 'syslog' - format: 'syslog'
location: '/var/ossec/logs/active-responses.log' location: "{{ wazuh_manager_sources_installation.user_dir }}/logs/active-responses.log"
- format: 'full_command' - format: 'full_command'
command: 'last -n 20' command: 'last -n 20'
frequency: '360' frequency: '360'
@ -356,7 +356,7 @@ wazuh_agent_labels:
## Active response ## Active response
wazuh_agent_active_response: wazuh_agent_active_response:
ar_disabled: 'no' ar_disabled: 'no'
ca_store: '/var/ossec/etc/wpk_root.pem' ca_store: "{{ wazuh_manager_sources_installation.user_dir }}/etc/wpk_root.pem"
ca_store_win: 'wpk_root.pem' ca_store_win: 'wpk_root.pem'
ca_verification: 'yes' ca_verification: 'yes'

22
roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
View File

@ -40,7 +40,7 @@
- name: Linux | Check if client.keys exists - name: Linux | Check if client.keys exists
stat: stat:
path: /var/ossec/etc/client.keys path: "{{ wazuh_manager_sources_installation.user_dir }}/etc/client.keys"
register: client_keys_file register: client_keys_file
tags: tags:
- config - config
@ -51,7 +51,7 @@
- name: Copy CA root certificate to verify authd - name: Copy CA root certificate to verify authd
copy: copy:
src: "{{ wazuh_agent_authd.ssl_agent_ca }}" src: "{{ wazuh_agent_authd.ssl_agent_ca }}"
dest: "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}" dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
mode: 0644 mode: 0644
when: when:
- wazuh_agent_authd.ssl_agent_ca is not none - wazuh_agent_authd.ssl_agent_ca is not none
@ -59,7 +59,7 @@
- name: Copy TLS/SSL certificate for agent verification - name: Copy TLS/SSL certificate for agent verification
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "/var/ossec/etc/{{ item | basename }}" dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/{{ item | basename }}"
mode: 0644 mode: 0644
with_items: with_items:
- "{{ wazuh_agent_authd.ssl_agent_cert }}" - "{{ wazuh_agent_authd.ssl_agent_cert }}"
@ -70,7 +70,7 @@
- name: Linux | Register agent (via authd) - name: Linux | Register agent (via authd)
shell: > shell: >
/var/ossec/bin/agent-auth {{ wazuh_manager_sources_installation.user_dir }}/bin/agent-auth
{% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %} {% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
-A {{ wazuh_agent_authd.agent_name }} -A {{ wazuh_agent_authd.agent_name }}
{% endif %} {% endif %}
@ -79,13 +79,13 @@
{% if wazuh_agent_nat %} -I "any" {% endif %} {% if wazuh_agent_nat %} -I "any" {% endif %}
{% if authd_pass | length > 0 %} -P {{ authd_pass }} {% endif %} {% if authd_pass | length > 0 %} -P {{ authd_pass }} {% endif %}
{% if wazuh_agent_authd.ssl_agent_ca is defined and wazuh_agent_authd.ssl_agent_ca != None %} {% if wazuh_agent_authd.ssl_agent_ca is defined and wazuh_agent_authd.ssl_agent_ca != None %}
-v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}" -v "{{ wazuh_manager_sources_installation.user_dir }}/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
{% endif %} {% endif %}
{% if wazuh_agent_authd.ssl_agent_cert is defined and wazuh_agent_authd.ssl_agent_cert != None %} {% if wazuh_agent_authd.ssl_agent_cert is defined and wazuh_agent_authd.ssl_agent_cert != None %}
-x "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}" -x "{{ wazuh_manager_sources_installation.user_dir }}/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}"
{% endif %} {% endif %}
{% if wazuh_agent_authd.ssl_agent_key is defined and wazuh_agent_authd.ssl_agent_key != None %} {% if wazuh_agent_authd.ssl_agent_key is defined and wazuh_agent_authd.ssl_agent_key != None %}
-k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}" -k "{{ wazuh_manager_sources_installation.user_dir }}/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
{% endif %} {% endif %}
{% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %} {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
{% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups | length > 0 %} {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups | length > 0 %}
@ -193,7 +193,7 @@
- api - api
- name: Linux | Import Key (via rest-API) - name: Linux | Import Key (via rest-API)
command: /var/ossec/bin/manage_agents command: "{{ wazuh_manager_sources_installation.user_dir }}/bin/manage_agents"
environment: environment:
OSSEC_ACTION: i OSSEC_ACTION: i
OSSEC_AGENT_NAME: '{{ agent_name }}' OSSEC_AGENT_NAME: '{{ agent_name }}'
@ -221,7 +221,7 @@
- name: Linux | Installing agent configuration (ossec.conf) - name: Linux | Installing agent configuration (ossec.conf)
template: template:
src: var-ossec-etc-ossec-agent.conf.j2 src: var-ossec-etc-ossec-agent.conf.j2
dest: /var/ossec/etc/ossec.conf dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/ossec.conf"
owner: root owner: root
group: ossec group: ossec
mode: 0644 mode: 0644
@ -233,7 +233,7 @@
- name: Linux | Installing local_internal_options.conf - name: Linux | Installing local_internal_options.conf
template: template:
src: var-ossec-etc-local-internal-options.conf.j2 src: var-ossec-etc-local-internal-options.conf.j2
dest: /var/ossec/etc/local_internal_options.conf dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/local_internal_options.conf"
owner: root owner: root
group: ossec group: ossec
mode: 0640 mode: 0640
@ -245,7 +245,7 @@
- name: Create auto-enrollment password file - name: Create auto-enrollment password file
template: template:
src: authd_pass.j2 src: authd_pass.j2
dest: "/var/ossec/etc/authd.pass" dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/authd.pass"
owner: ossec owner: ossec
group: ossec group: ossec
mode: 0640 mode: 0640

4
roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
View File

@ -103,8 +103,8 @@
<!-- Frequency that rootcheck is executed - every 12 hours --> <!-- Frequency that rootcheck is executed - every 12 hours -->
<frequency>{{ wazuh_agent_config.rootcheck.frequency }}</frequency> <frequency>{{ wazuh_agent_config.rootcheck.frequency }}</frequency>
<rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files> <rootkit_files>{{ wazuh_manager_sources_installation.user_dir }}/etc/shared/rootkit_files.txt</rootkit_files>
<rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans> <rootkit_trojans>{{ wazuh_manager_sources_installation.user_dir }}/etc/shared/rootkit_trojans.txt</rootkit_trojans>
<skip_nfs>yes</skip_nfs> <skip_nfs>yes</skip_nfs>
{% endif %} {% endif %}
{% if ansible_os_family == "Windows" %} {% if ansible_os_family == "Windows" %}

4
roles/wazuh/ansible-wazuh-manager/defaults/main.yml
View File

@ -297,7 +297,7 @@ wazuh_manager_localfiles:
command: 'last -n 20' command: 'last -n 20'
frequency: '360' frequency: '360'
- format: 'syslog' - format: 'syslog'
location: '/var/ossec/logs/active-responses.log' location: "{{ wazuh_manager_sources_installation.user_dir }}/logs/active-responses.log"
debian: debian:
- format: 'syslog' - format: 'syslog'
location: '/var/log/auth.log' location: '/var/log/auth.log'
@ -500,7 +500,7 @@ wazuh_manager_config_defaults:
# - format: 'apache' # - format: 'apache'
# location: '/var/log/httpd/access_log' # location: '/var/log/httpd/access_log'
# - format: 'apache' # - format: 'apache'
# location: '/var/ossec/logs/active-responses.log' # location: "{{ wazuh_manager_sources_installation.user_dir }}/logs/active-responses.log"
# - type: os # - type: os
# type_value: Windows # type_value: Windows
# syscheck: # syscheck:

4
roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
View File

@ -38,7 +38,7 @@
when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA") when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
- name: CentOS 6 | Install Software Collections (SCL) Repository - name: CentOS 6 | Install Software Collections (SCL) Repository
package: name=centos-release-scl state=present package: name=centos-release-scl state=present"
register: wazuh_manager_scl_packages_installed register: wazuh_manager_scl_packages_installed
until: wazuh_manager_scl_packages_installed is succeeded until: wazuh_manager_scl_packages_installed is succeeded
when: when:
@ -117,7 +117,7 @@
replace: replace:
path: /etc/init.d/wazuh-manager path: /etc/init.d/wazuh-manager
regexp: 'echo -n "Starting Wazuh-manager: "' regexp: 'echo -n "Starting Wazuh-manager: "'
replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib' replace: "echo -n \"Starting Wazuh-manager (EL6): \"; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:{{ wazuh_manager_sources_installation.user_dir }}/framework/lib"
when: when:
- ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6 - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6
- wazuh_manager_config.cluster.disable != 'yes' - wazuh_manager_config.cluster.disable != 'yes'

2
roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
View File

@ -2,7 +2,7 @@
# Wazuh Manager # Wazuh Manager
- name: Check if Wazuh Manager is already installed - name: Check if Wazuh Manager is already installed
stat: stat:
path: /var/ossec/bin/ossec-control path: "{{ wazuh_manager_sources_installation.user_dir }}/bin/ossec-control"
register: wazuh_ossec_control register: wazuh_ossec_control
- name: Installing Wazuh Manager from sources - name: Installing Wazuh Manager from sources

48
roles/wazuh/ansible-wazuh-manager/tasks/main.yml
View File

@ -33,7 +33,7 @@
command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{ wazuh_manager_fqdn }}/" command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{ wazuh_manager_fqdn }}/"
args: args:
creates: sslmanager.cert creates: sslmanager.cert
chdir: /var/ossec/etc/ chdir: "{{ wazuh_manager_sources_installation.user_dir }}/etc/"
tags: tags:
- config - config
when: wazuh_manager_config.authd.ssl_agent_ca is not none when: wazuh_manager_config.authd.ssl_agent_ca is not none
@ -41,7 +41,7 @@
- name: Copy CA, SSL key and cert for authd - name: Copy CA, SSL key and cert for authd
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "/var/ossec/etc/{{ item }}" dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/{{ item }}"
mode: 0644 mode: 0644
with_items: with_items:
- "{{ wazuh_manager_config.authd.ssl_agent_ca }}" - "{{ wazuh_manager_config.authd.ssl_agent_ca }}"
@ -80,7 +80,7 @@
- name: Installing the local_rules.xml (default local_rules.xml) - name: Installing the local_rules.xml (default local_rules.xml)
template: src=var-ossec-rules-local_rules.xml.j2 template: src=var-ossec-rules-local_rules.xml.j2
dest=/var/ossec/etc/rules/local_rules.xml dest="{{ wazuh_manager_sources_installation.user_dir }}/etc/rules/local_rules.xml"
owner=ossec owner=ossec
group=ossec group=ossec
mode=0640 mode=0640
@ -92,7 +92,7 @@
- name: Adding local rules files - name: Adding local rules files
copy: src="{{ wazuh_manager_config.ruleset.rules_path }}" copy: src="{{ wazuh_manager_config.ruleset.rules_path }}"
dest=/var/ossec/etc/rules/ dest="{{ wazuh_manager_sources_installation.user_dir }}/etc/rules/"
owner=ossec owner=ossec
group=ossec group=ossec
mode=0640 mode=0640
@ -104,7 +104,7 @@
- name: Installing the local_decoder.xml - name: Installing the local_decoder.xml
template: src=var-ossec-rules-local_decoder.xml.j2 template: src=var-ossec-rules-local_decoder.xml.j2
dest=/var/ossec/etc/decoders/local_decoder.xml dest="{{ wazuh_manager_sources_installation.user_dir }}/etc/decoders/local_decoder.xml"
owner=ossec owner=ossec
group=ossec group=ossec
mode=0640 mode=0640
@ -116,7 +116,7 @@
- name: Adding local decoders files - name: Adding local decoders files
copy: src="{{ wazuh_manager_config.ruleset.decoders_path }}" copy: src="{{ wazuh_manager_config.ruleset.decoders_path }}"
dest=/var/ossec/etc/decoders/ dest="{{ wazuh_manager_sources_installation.user_dir }}/etc/decoders/"
owner=ossec owner=ossec
group=ossec group=ossec
mode=0640 mode=0640
@ -129,11 +129,11 @@
- name: Configure the shared-agent.conf - name: Configure the shared-agent.conf
template: template:
src: var-ossec-etc-shared-agent.conf.j2 src: var-ossec-etc-shared-agent.conf.j2
dest: /var/ossec/etc/shared/default/agent.conf dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/shared/default/agent.conf"
owner: ossec owner: ossec
group: ossec group: ossec
mode: 0640 mode: 0640
validate: '/var/ossec/bin/verify-agent-conf -f %s' validate: "{{ wazuh_manager_sources_installation.user_dir }}/bin/verify-agent-conf -f %s"
notify: restart wazuh-manager notify: restart wazuh-manager
tags: tags:
- init - init
@ -143,7 +143,7 @@
- name: Installing the api.yaml (api configuration) - name: Installing the api.yaml (api configuration)
template: src=api.yaml.j2 template: src=api.yaml.j2
dest=/var/ossec/api/configuration/api.yaml dest="{{ wazuh_manager_sources_installation.user_dir }}/api/configuration/api.yaml"
owner=root owner=root
group=ossec group=ossec
mode=0640 mode=0640
@ -156,7 +156,7 @@
- name: Installing the local_internal_options.conf - name: Installing the local_internal_options.conf
template: src=var-ossec-etc-local-internal-options.conf.j2 template: src=var-ossec-etc-local-internal-options.conf.j2
dest=/var/ossec/etc/local_internal_options.conf dest="{{ wazuh_manager_sources_installation.user_dir }}/etc/local_internal_options.conf"
owner=root owner=root
group=ossec group=ossec
mode=0640 mode=0640
@ -186,9 +186,9 @@
- name: Check if client-syslog is enabled - name: Check if client-syslog is enabled
shell: | shell: |
set -o pipefail set -o pipefail
"grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo" "grep -c 'ossec-csyslogd' {{ wazuh_manager_sources_installation.user_dir }}/bin/.process_list | xargs echo"
args: args:
removes: /var/ossec/bin/.process_list removes: "{{ wazuh_manager_sources_installation.user_dir }}/bin/.process_list"
executable: /bin/bash executable: /bin/bash
changed_when: false changed_when: false
check_mode: false check_mode: false
@ -197,7 +197,7 @@
- config - config
- name: Enable client-syslog - name: Enable client-syslog
command: /var/ossec/bin/ossec-control enable client-syslog command: "{{ wazuh_manager_sources_installation.user_dir }}/bin/ossec-control enable client-syslog"
notify: restart wazuh-manager notify: restart wazuh-manager
when: when:
- csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout
@ -208,9 +208,9 @@
- name: Check if ossec-agentlessd is enabled - name: Check if ossec-agentlessd is enabled
shell: | shell: |
set -o pipefail set -o pipefail
"grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo" "grep -c 'ossec-agentlessd' {{ wazuh_manager_sources_installation.user_dir }}/bin/.process_list | xargs echo"
args: args:
removes: /var/ossec/bin/.process_list removes: "{{ wazuh_manager_sources_installation.user_dir }}/bin/.process_list"
executable: /bin/bash executable: /bin/bash
changed_when: false changed_when: false
check_mode: false check_mode: false
@ -219,7 +219,7 @@
- config - config
- name: Enable ossec-agentlessd - name: Enable ossec-agentlessd
command: /var/ossec/bin/ossec-control enable agentless command: "{{ wazuh_manager_sources_installation.user_dir }}/bin/ossec-control enable agentless"
notify: restart wazuh-manager notify: restart wazuh-manager
when: when:
- agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout - agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout
@ -239,7 +239,7 @@
- name: Configure ossec.conf - name: Configure ossec.conf
template: template:
src: var-ossec-etc-ossec-server.conf.j2 src: var-ossec-etc-ossec-server.conf.j2
dest: /var/ossec/etc/ossec.conf dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/ossec.conf"
owner: root owner: root
group: ossec group: ossec
mode: 0644 mode: 0644
@ -251,7 +251,7 @@
- name: Ossec-authd password - name: Ossec-authd password
template: template:
src: authd_pass.j2 src: authd_pass.j2
dest: "/var/ossec/etc/authd.pass" dest: "{{ wazuh_manager_sources_installation.user_dir }}/etc/authd.pass"
owner: ossec owner: ossec
group: ossec group: ossec
mode: 0640 mode: 0640
@ -268,16 +268,16 @@
- name: Copy create_user script - name: Copy create_user script
copy: copy:
src: create_user.py src: create_user.py
dest: /var/ossec/framework/scripts/create_user.py dest: "{{ wazuh_manager_sources_installation.user_dir }}/framework/scripts/create_user.py"
owner: root owner: root
group: ossec group: ossec
mode: 0644 mode: 0644
- name: Execute create_user script - name: Execute create_user script
script: script:
chdir: /var/ossec/framework/scripts/ chdir: "{{ wazuh_manager_sources_installation.user_dir }}/framework/scripts/"
cmd: create_user.py --username "{{ item.username }}" --password "{{ item.password }}" cmd: create_user.py --username "{{ item.username }}" --password "{{ item.password }}"
executable: /var/ossec/framework/python/bin/python3 executable: "{{ wazuh_manager_sources_installation.user_dir }}/framework/python/bin/python3"
with_items: with_items:
- "{{ wazuh_api_users }}" - "{{ wazuh_api_users }}"
@ -290,7 +290,7 @@
- name: Agentless Hosts & Passwd - name: Agentless Hosts & Passwd
template: template:
src: agentless.j2 src: agentless.j2
dest: "/var/ossec/agentless/.passlist_tmp" dest: "{{ wazuh_manager_sources_installation.user_dir }}/agentless/.passlist_tmp"
owner: root owner: root
group: root group: root
mode: 0644 mode: 0644
@ -300,7 +300,7 @@
- config - config
- name: Encode the secret - name: Encode the secret
shell: /usr/bin/base64 /var/ossec/agentless/.passlist_tmp > /var/ossec/agentless/.passlist && rm /var/ossec/agentless/.passlist_tmp shell: "/usr/bin/base64 {{ wazuh_manager_sources_installation.user_dir }}/agentless/.passlist_tmp > {{ wazuh_manager_sources_installation.user_dir }}/agentless/.passlist && rm {{ wazuh_manager_sources_installation.user_dir }}/agentless/.passlist_tmp"
when: agentless_creds is defined when: agentless_creds is defined
tags: tags:
- config - config
@ -314,7 +314,7 @@
- config - config
- name: Create agent groups - name: Create agent groups
command: "/var/ossec/bin/agent_groups -a -g {{ item }} -q" command: "{{ wazuh_manager_sources_installation.user_dir }}/bin/agent_groups -a -g {{ item }} -q"
with_items: with_items:
- "{{ agent_groups }}" - "{{ agent_groups }}"
when: when:

10
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -128,8 +128,8 @@
<!-- Frequency that rootcheck is executed - every 12 hours --> <!-- Frequency that rootcheck is executed - every 12 hours -->
<frequency>{{ wazuh_manager_config.rootcheck.frequency }}</frequency> <frequency>{{ wazuh_manager_config.rootcheck.frequency }}</frequency>
<rootkit_files>/var/ossec/etc/rootcheck/rootkit_files.txt</rootkit_files> <rootkit_files>{{ wazuh_manager_sources_installation.user_dir }}/etc/rootcheck/rootkit_files.txt</rootkit_files>
<rootkit_trojans>/var/ossec/etc/rootcheck/rootkit_trojans.txt</rootkit_trojans> <rootkit_trojans>{{ wazuh_manager_sources_installation.user_dir }}/etc/rootcheck/rootkit_trojans.txt</rootkit_trojans>
<skip_nfs>yes</skip_nfs> <skip_nfs>yes</skip_nfs>
</rootcheck> </rootcheck>
@ -640,16 +640,16 @@
<ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers> <ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.ssl_agent_ca is not none %} {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
<ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca> <ssl_agent_ca>{{ wazuh_manager_sources_installation.user_dir }}/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.ssl_verify_host is not none %} {% if wazuh_manager_config.authd.ssl_verify_host is not none %}
<ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host> <ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.ssl_manager_cert is not none %} {% if wazuh_manager_config.authd.ssl_manager_cert is not none %}
<ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert> <ssl_manager_cert>{{ wazuh_manager_sources_installation.user_dir }}/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.ssl_manager_key is not none %} {% if wazuh_manager_config.authd.ssl_manager_key is not none %}
<ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key> <ssl_manager_key>{{ wazuh_manager_sources_installation.user_dir }}/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>
{% endif %} {% endif %}
{% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %} {% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}
<ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate> <ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>

2
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
View File

@ -94,7 +94,7 @@
<frequency>{{ agent_config.rootcheck.frequency }}</frequency> <frequency>{{ agent_config.rootcheck.frequency }}</frequency>
{% if agent_config.rootcheck.cis_distribution_filename is defined %} {% if agent_config.rootcheck.cis_distribution_filename is defined %}
<system_audit>/var/ossec/etc/shared/default/{{ agent_config.rootcheck.cis_distribution_filename }}</system_audit> <system_audit>{{ wazuh_manager_sources_installation.user_dir }}/etc/shared/default/{{ agent_config.rootcheck.cis_distribution_filename }}</system_audit>
{% endif %} {% endif %}
<skip_nfs>yes</skip_nfs> <skip_nfs>yes</skip_nfs>
</rootcheck> </rootcheck>