afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable active-response section

Browse Source 
As of now the whole active-response section was commented out and
inactive
This commit is contained in:
Pawel Krawczyk 2019-02-17 00:16:31 +00:00
parent f527db79f7
commit 58a76a8c08
1 changed files with 0 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -308,12 +308,6 @@
</command> </command>
{% endfor %} {% endfor %}
<!--
<active-response>
active-response options here
</active-response>
-->
<ruleset> <ruleset>
<!-- Default ruleset --> <!-- Default ruleset -->
<decoder_dir>ruleset/decoders</decoder_dir> <decoder_dir>ruleset/decoders</decoder_dir>
@ -398,7 +392,6 @@
{% endif %} {% endif %}
<!-- Active Response Config
{% for response in wazuh_manager_config.active_responses %} {% for response in wazuh_manager_config.active_responses %}
<active-response> <active-response>
<disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled> <disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled>
@ -412,7 +405,6 @@
{%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %} {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
</active-response> </active-response>
{% endfor %} {% endfor %}
-->
<!-- Files to monitor (localfiles) --> <!-- Files to monitor (localfiles) -->
{% for localfile in wazuh_manager_config.localfiles.common %} {% for localfile in wazuh_manager_config.localfiles.common %}