diff --git a/ansible-wazuh-manager/defaults/main.yml b/ansible-wazuh-manager/defaults/main.yml
index b598c053..c5d2e9dc 100644
--- a/ansible-wazuh-manager/defaults/main.yml
+++ b/ansible-wazuh-manager/defaults/main.yml
@@ -2,36 +2,47 @@
 wazuh_manager_fqdn: "wazuh-server"
 
 wazuh_manager_config:
+  json_output: 'yes'
+  alerts_log: 'yes'
+  logall: 'no'
+  enable_authd: false
   email_notification: no
   mail_to:
     - admin@example.net
   mail_smtp_server: localhost
   mail_from: wazuh-server@example.com
-  frequency_check: 43200
-  syscheck_scan_on_start: 'yes'
+  syscheck:
+    frequency: 43200
+    scan_on_start: 'yes'
+    ignore:
+      - /etc/mtab
+      - /etc/mnttab
+      - /etc/hosts.deny
+      - /etc/mail/statistics
+      - /etc/random-seed
+      - /etc/random.seed
+      - /etc/adjtime
+      - /etc/httpd/logs
+      - /etc/utmpx
+      - /etc/wtmpx
+      - /etc/cups/certs
+      - /etc/dumpdates
+      - /etc/svc/volatile
+    no_diff:
+      - /etc/ssl/private.key
+    directories:
+      - dirs: /etc,/usr/bin,/usr/sbin
+        checks: 'check_all="yes"'
+      - dirs: /bin,/sbin
+        checks: 'check_all="yes"'
+  rootcheck:
+    frequency: 43200
+  openscap:
+    timeout: 1800
+    interval: '1d'
+    scan_on_start: 'yes'
   log_level: 1
   email_level: 12
-  ignore_files:
-    - /etc/mtab
-    - /etc/mnttab
-    - /etc/hosts.deny
-    - /etc/mail/statistics
-    - /etc/random-seed
-    - /etc/random.seed
-    - /etc/adjtime
-    - /etc/httpd/logs
-    - /etc/utmpx
-    - /etc/wtmpx
-    - /etc/cups/certs
-    - /etc/dumpdates
-    - /etc/svc/volatile
-  no_diff:
-    - /etc/ssl/private.key
-  directories:
-    - check_all: 'yes'
-      dirs: /etc,/usr/bin,/usr/sbin
-    - check_all: 'yes'
-      dirs: /bin,/sbin
   localfiles:
     - format: 'syslog'
       location: '/var/log/messages'
diff --git a/ansible-wazuh-manager/tasks/Debian.yml b/ansible-wazuh-manager/tasks/Debian.yml
index f96f07ce..b051acd3 100644
--- a/ansible-wazuh-manager/tasks/Debian.yml
+++ b/ansible-wazuh-manager/tasks/Debian.yml
@@ -26,3 +26,25 @@
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
     cis_distribution_filename: cis_debian_linux_rcl.txt
+
+- name: Debian/Ubuntu | Install OpenScap
+  package: name={{ item }} state=present
+  with_items:
+    - libopenscap8
+    - xsltproc
+  tags:
+    - init
+
+- name: Debian/Ubuntu | Get OpenScap installed version
+  shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
+  register: openscap_version
+  changed_when: true
+  tags:
+    - config
+
+- name: Debian/Ubuntu | Check OpenScap version
+  shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
+  register: openscap_version_valid
+  changed_when: true
+  tags:
+    - config
diff --git a/ansible-wazuh-manager/tasks/main.yml b/ansible-wazuh-manager/tasks/main.yml
index ebc5341d..bff50411 100644
--- a/ansible-wazuh-manager/tasks/main.yml
+++ b/ansible-wazuh-manager/tasks/main.yml
@@ -89,6 +89,15 @@
 - name: Retrieving Wazuh-api User Credentials
   include_vars: wazuh_api_creds.yml
 
+- name: Checking alert log output settings
+  fail: msg="Please enable json_output or alerts_log options."
+  when:
+    - wazuh_manager_config.json_output == 'no'
+    - wazuh_manager_config.alerts_log == 'no'
+  tags:
+    - init
+    - config
+
 - name: Configure ossec.conf
   template: src=var-ossec-etc-ossec-server.conf.j2
             dest=/var/ossec/etc/ossec.conf
@@ -106,7 +115,10 @@
             owner=root
             group=root
             mode=0755
-  when: ansible_service_mgr == "upstart" and ansible_os_family != "CoreOS"
+  when:
+    - ansible_service_mgr == "upstart"
+    - ansible_os_family != "CoreOS"
+    - wazuh_manager_config.enable_authd == true
   tags:
     - init
     - config
@@ -115,11 +127,20 @@
   template:
     src: ossec-authd.service
     dest: /lib/systemd/system/ossec-authd.service
-  when: ansible_service_mgr == "systemd" and ansible_os_family != "CoreOS"
+  when:
+    - ansible_service_mgr == "systemd"
+    - ansible_os_family != "CoreOS"
+    - wazuh_manager_config.enable_authd == true
   tags:
     - init
     - config
 
+- name: Ensure ossec-authd service is started and enabled
+  service: name=ossec-authd enabled=yes state=started
+  when: wazuh_manager_config.enable_authd == true
+  tags:
+    - config
+
 - name: Wazuh-api User
   template:
     src: api_user.j2
@@ -145,7 +166,7 @@
   shell: /usr/bin/base64 /var/ossec/agentless/.passlist_tmp > /var/ossec/agentless/.passlist && rm /var/ossec/agentless/.passlist_tmp
   when: agentless_creeds is defined
 
-- name: Ensure Wazuh Manager, wazuh api and ossec-authd service is started and enabled
+- name: Ensure Wazuh Manager, wazuh api service is started and enabled
   service:
     name: "{{ item }}"
     enabled: yes
@@ -153,7 +174,8 @@
   with_items:
     - wazuh-manager
     - wazuh-api
-    - ossec-authd
+  tags:
+    - config
 
 - include: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
diff --git a/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 348c9cf1..6a421309 100644
--- a/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -6,8 +6,9 @@
 
 <ossec_config>
   <global>
-    <jsonout_output>yes</jsonout_output>
-    <alerts_log>yes</alerts_log>
+    <jsonout_output>{{ wazuh_manager_config.json_output }}</jsonout_output>
+    <alerts_log>{{ wazuh_manager_config.alerts_log }}</alerts_log>
+    <logall>{{ wazuh_manager_config.logall }}</logall>
     {% if wazuh_manager_config.email_notification | lower == "yes" %}
     <email_notification>yes</email_notification>
     {% else %}
@@ -47,6 +48,23 @@
     {% endif %}
   </email_alerts>
 {% endfor %}
+{% endif %}
+
+{% if wazuh_manager_config.reports is defined %}
+{% for report in wazuh_manager_config.reports %}
+  <reports>
+    <category>{{ report.category }}</category>
+    <title>{{ report.title }}</title>
+    <email_to>{{ report.email_to }}</email_to>
+    {% if report.location is defined %}<location>{{ report.location }}</location>{% endif %}
+    {% if report.group is defined %}<group>{{ report.group }}</group>{% endif %}
+    {% if report.rule is defined %}<rule>{{ report.rule }}</rule>{% endif %}
+    {% if report.level is defined %}<level>{{ report.level }}</level>{% endif %}
+    {% if report.srcip is defined %}<srcip>{{ report.srcip }}</srcip>{% endif %}
+    {% if report.user is defined %}<user>{{ report.user }}</user>{% endif %}
+    {% if report.showlogs is defined %}<showlogs>{{ report.showlogs }}</showlogs>{% endif %}
+  </reports>
+{% endfor %}
 {% endif %}
 
   <alerts>
@@ -74,7 +92,7 @@
     <check_if>yes</check_if>
 
     <!-- Frequency that rootcheck is executed - every 12 hours -->
-    <frequency>43200</frequency>
+    <frequency>{{ wazuh_manager_config.rootcheck.frequency }}</frequency>
 
     <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
     <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
@@ -89,92 +107,75 @@
 
   <syscheck>
     <!-- Frequency that syscheck is executed -- default every 20 hours -->
-    <frequency>{{ wazuh_manager_config.frequency_check }}</frequency>
-    <scan_on_start>{{ wazuh_manager_config.syscheck_scan_on_start }}</scan_on_start>
+    <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
+    <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>
 
     <!-- Directories to check  (perform all possible verifications) -->
-{% for directory in wazuh_manager_config.directories %}
-   <directories check_all="{{ directory.check_all }}">{{ directory.dirs }}</directories>
-{% endfor %}
+    {% if wazuh_manager_config.syscheck.directories is defined %}
+    {% for directory in wazuh_manager_config.syscheck.directories %}
+    <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
+    {% endfor %}
+    {% endif %}
 
     <!-- Files/directories to ignore -->
-    {% for ignore_file in wazuh_manager_config.ignore_files %}
-    <ignore>{{ ignore_file }}</ignore>
+    {% if wazuh_manager_config.syscheck.ignore is defined %}
+    {% for ignore in wazuh_manager_config.syscheck.ignore %}
+    <ignore>{{ ignore }}</ignore>
     {% endfor %}
+    {% endif %}
 
     <!-- Files no diff -->
-    {% for no_diff in wazuh_manager_config.no_diff %}
+    {% for no_diff in wazuh_manager_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
     {% endfor %}
   </syscheck>
 
-  {% if ansible_distribution == 'Ubuntu'  and ansible_distribution_release == 'xenial' %}
   <wodle name="open-scap">
     <disabled>no</disabled>
-    <timeout>1800</timeout>
-    <interval>1d</interval>
-    <scan-on-start>yes</scan-on-start>
-
+    <timeout>{{ wazuh_manager_config.openscap.timeout }}</timeout>
+    <interval>{{ wazuh_manager_config.openscap.interval }}</interval>
+    <scan-on-start>{{ wazuh_manager_config.openscap.scan_on_start }}</scan-on-start>
+    {% if ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial' %}
     <content type="xccdf" path="ssg-ubuntu-1604-ds.xml">
       <profile>xccdf_org.ssgproject.content_profile_common</profile>
     </content>
-  </wodle>
-  {% elif ansible_distribution == 'Debian'  and ansible_distribution_release == 'jessie' %}
-  <wodle name="open-scap">
-    <disabled>no</disabled>
-    <timeout>1800</timeout>
-    <interval>1d</interval>
-    <scan-on-start>yes</scan-on-start>
-
+    {% elif ansible_distribution == 'Debian' and ansible_distribution_release == 'jessie' %}
+    {% if openscap_version_valid.stdout == "0" %}
     <content type="xccdf" path="ssg-debian-8-ds.xml">
       <profile>xccdf_org.ssgproject.content_profile_common</profile>
     </content>
-  </wodle>
-  {% elif ansible_distribution == 'CentOS' %}
-  <wodle name="open-scap">
-    <disabled>no</disabled>
-    <timeout>1800</timeout>
-    <interval>1d</interval>
-    <scan-on-start>yes</scan-on-start>
-
-    {% if ansible_distribution_major_version == '7' %}
-    <content type="xccdf" path="ssg-centos-7-ds.xml">
-    {% elif ansible_distribution_major_version == '6' %}
-    <content type="xccdf" path="ssg-centos-6-ds.xml">
     {% endif %}
-    <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
-      <profile>xccdf_org.ssgproject.content_profile_common</profile>
-    </content>
-  </wodle>
-  {% elif ansible_distribution == 'RedHat' %}
-  <wodle name="open-scap">
-    <disabled>no</disabled>
-    <timeout>1800</timeout>
-    <interval>1d</interval>
-    <scan-on-start>yes</scan-on-start>
-
-    {% if ansible_distribution_major_version == '7' %}
-    <content type="xccdf" path="ssg-rhel-7-ds.xml">
-    {% elif ansible_distribution_major_version == '6' %}
-    <content type="xccdf" path="ssg-rhel-7-ds.xml">
+    <content type="oval" path="cve-debian-oval.xml"/>
+    {% elif ansible_distribution == 'CentOS' %}
+      {% if ansible_distribution_major_version == '7' %}
+      <content type="xccdf" path="ssg-centos-7-ds.xml">
+      {% elif ansible_distribution_major_version == '6' %}
+      <content type="xccdf" path="ssg-centos-6-ds.xml">
+      {% endif %}
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
+    {% elif ansible_distribution == 'RedHat' %}
+      {% if ansible_distribution_major_version == '7' %}
+      <content type="xccdf" path="ssg-rhel-7-ds.xml">
+      {% elif ansible_distribution_major_version == '6' %}
+      <content type="xccdf" path="ssg-rhel-6-ds.xml">
+      {% endif %}
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
+      {% if ansible_distribution_major_version == '7' %}
+      <content type="oval" path="cve-redhat-7-ds.xml"/>
+      {% elif ansible_distribution_major_version == '6' %}
+      <content type="oval" path="cve-redhat-6-ds.xml"/>
+      {% endif %}
+    {% elif ansible_distribution == 'Fedora' %}
+      <content type="xccdf" path="ssg-fedora-ds.xml">
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
     {% endif %}
-      <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
-      <profile>xccdf_org.ssgproject.content_profile_common</profile>
-    </content>
   </wodle>
-  {% elif ansible_distribution == 'Fedora' %}
-  <wodle name="open-scap">
-    <disabled>no</disabled>
-    <timeout>1800</timeout>
-    <interval>1d</interval>
-    <scan-on-start>yes</scan-on-start>
-
-    <content type="xccdf" path="ssg-fedora-ds.xml">
-      <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
-      <profile>xccdf_org.ssgproject.content_profile_common</profile>
-    </content>
-  </wodle>
-  {% endif %}
 
 {% if agentless_creeds is defined %}
 {% for agentless in agentless_creeds %}