From f2b3ac68bba3418faec5ebcf4145abb7b575a16a Mon Sep 17 00:00:00 2001
From: cadoming <carlos.dominguez@wazuh.com>
Date: Thu, 15 Nov 2018 12:16:05 +0000
Subject: [PATCH 1/2] agent configuration and monitoring

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 ++
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 9 ++++-----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index db29e6ab..6aecd1ed 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -90,6 +90,8 @@ wazuh_agent_config:
       location: '/var/log/messages'
     - format: 'syslog'
       location: '/var/log/secure'
+    - format: 'syslog'
+      location: 'var/log/auth.log'
     - format: 'command'
       command: 'df -P'
       frequency: '360'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3b94cc22..eb5688b9 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -221,11 +221,10 @@ wazuh_agent_configs:
       - /etc/svc/volatile
       no_diff:
         - /etc/ssl/private.key
-      directories:
-        - dirs: /etc,/usr/bin,/usr/sbin
-          checks: 'check_all="yes"'
-        - dirs: /bin,/sbin
-          checks: 'check_all="yes"'
+      # Example
+      #directories:
+        #- dirs: /etc,/usr/bin,/usr/sbin
+        #  checks: 'check_all="yes"'
     rootcheck:
       frequency: 43200
       cis_distribution_filename: null

From e4ed2b3f2bedfb28fff35aa200a368af706858a4 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Fri, 16 Nov 2018 11:10:18 +0100
Subject: [PATCH 2/2] Update CHANGELOG.md

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 949b31ae..5278e0dc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,7 +3,9 @@ All notable changes to this project will be documented in this file.
 
 ## v3.7.0-37xx
 
+### Changed
 
+- Solve the conflict betwwen tha agent configuration and the shared master configuration. Also include monitoring for `/var/log/auth.log` ([#90](https://github.com/wazuh/wazuh-ansible/pull/90))
 
 ## v3.7.0-3701