Merge pull request #155 from kravietz/active_response

Enable active-response section

roles/wazuh/ansible-wazuh-agent/defaults/main.yml

@@ -223,7 +223,7 @@ wazuh_agent_config:
     log_path_win: 'C:\ProgramData\osquery\log\osqueryd.results.log'
     config_path: '/etc/osquery/osquery.conf'
     config_path_win: 'C:\ProgramData\osquery\osquery.conf'
-    ad_labels: 'yes'
+    add_labels: 'yes'
   syscollector:
     disable: 'no'
     interval: '1h'

roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2

@@ -304,12 +304,6 @@
     </command>
   {% endfor %}
 
-  <!--
-  <active-response>
-    active-response options here
-  </active-response>
-  -->
-
    <ruleset>
     <!-- Default ruleset -->
     <decoder_dir>ruleset/decoders</decoder_dir>
@@ -394,7 +388,7 @@
 {% endif %}
 
 
-  <!-- Active Response Config 
+
 {% if wazuh_manager_config.active_responses is defined %}
   {% for response in wazuh_manager_config.active_responses %}
     <active-response>
@@ -410,7 +404,6 @@
     </active-response>
   {% endfor %}
 {% endif %}
--->
 
   <!-- Files to monitor (localfiles) -->
 {% for localfile in wazuh_manager_config.localfiles.common %}

roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2

@@ -2,6 +2,7 @@
 {% if wazuh_agent_configs is defined %}
 {% for agent_config in wazuh_agent_configs %}
 <agent_config {{ agent_config.type }}="{{ agent_config.type_value }}">
+  {% if agent_config.syscheck is defined %}
   <syscheck>
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
     <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
@@ -40,6 +41,7 @@
     {% endfor %}
     {% endif %}
   </syscheck>
+  {% endif %}
 
   {% for localfile in agent_config.localfiles %}
     <localfile>