Delete vars.yml
This commit is contained in:
Jose Luis
GitHub
parent
cbca038369
commit
8fe465a54a
110
vars.yml
110
vars.yml
@ -1,110 +0,0 @@
|
||||
ossec_server_config:
|
||||
mail_to:
|
||||
- me@example.com
|
||||
mail_smtp_server: localhost
|
||||
mail_from: ossec@example.com
|
||||
frequency_check: 43200
|
||||
syscheck_scan_on_start: 'yes'
|
||||
ignore_files:
|
||||
- /etc/mtab
|
||||
- /etc/mnttab
|
||||
- /etc/hosts.deny
|
||||
- /etc/mail/statistics
|
||||
- /etc/random-seed
|
||||
- /etc/random.seed
|
||||
- /etc/adjtime
|
||||
- /etc/httpd/logs
|
||||
- /etc/utmpx
|
||||
- /etc/wtmpx
|
||||
- /etc/cups/certs
|
||||
- /etc/dumpdates
|
||||
- /etc/svc/volatile
|
||||
no_diff:
|
||||
- /etc/ssl/private.key
|
||||
directories:
|
||||
- check_all: 'yes'
|
||||
dirs: /etc,/usr/bin,/usr/sbin
|
||||
- check_all: 'yes'
|
||||
dirs: /bin,/sbin
|
||||
localfiles:
|
||||
- format: 'syslog'
|
||||
location: '/var/log/messages'
|
||||
- format: 'syslog'
|
||||
location: '/var/log/secure'
|
||||
- format: 'command'
|
||||
command: 'df -P'
|
||||
frequency: '360'
|
||||
- format: 'full_command'
|
||||
command: 'netstat -tln | grep -v 127.0.0.1 | sort'
|
||||
frequency: '360'
|
||||
- format: 'full_command'
|
||||
command: 'last -n 20'
|
||||
frequency: '360'
|
||||
globals:
|
||||
- '127.0.0.1'
|
||||
- '192.168.2.1'
|
||||
connection:
|
||||
- type: 'secure'
|
||||
port: '1514'
|
||||
protocol: 'udp'
|
||||
log_level: 1
|
||||
email_level: 12
|
||||
commands:
|
||||
- name: 'disable-account'
|
||||
executable: 'disable-account.sh'
|
||||
expect: 'user'
|
||||
timeout_allowed: 'yes'
|
||||
- name: 'restart-ossec'
|
||||
executable: 'restart-ossec.sh'
|
||||
expect: ''
|
||||
timeout_allowed: 'no'
|
||||
- name: 'firewall-drop'
|
||||
executable: 'firewall-drop.sh'
|
||||
expect: 'srcip'
|
||||
timeout_allowed: 'yes'
|
||||
- name: 'host-deny'
|
||||
executable: 'host-deny.sh'
|
||||
expect: 'srcip'
|
||||
timeout_allowed: 'yes'
|
||||
- name: 'route-null'
|
||||
executable: 'route-null.sh'
|
||||
expect: 'srcip'
|
||||
timeout_allowed: 'yes'
|
||||
- name: 'win_route-null'
|
||||
executable: 'route-null.cmd'
|
||||
expect: 'srcip'
|
||||
timeout_allowed: 'yes'
|
||||
active_responses:
|
||||
- command: 'host-deny'
|
||||
location: 'local'
|
||||
level: 6
|
||||
timeout: 600
|
||||
|
||||
ossec_agent_configs:
|
||||
- type: os
|
||||
type_value: linux
|
||||
frequency_check: 79200
|
||||
ignore_files:
|
||||
- /etc/mtab
|
||||
- /etc/mnttab
|
||||
- /etc/hosts.deny
|
||||
- /etc/mail/statistics
|
||||
- /etc/svc/volatile
|
||||
directories:
|
||||
- check_all: yes
|
||||
dirs: /etc,/usr/bin,/usr/sbin
|
||||
- check_all: yes
|
||||
dirs: /bin,/sbin
|
||||
localfiles:
|
||||
- format: 'syslog'
|
||||
location: '/var/log/messages'
|
||||
- format: 'syslog'
|
||||
location: '/var/log/secure'
|
||||
- format: 'syslog'
|
||||
location: '/var/log/maillog'
|
||||
- format: 'apache'
|
||||
location: '/var/log/httpd/error_log'
|
||||
- format: 'apache'
|
||||
location: '/var/log/httpd/access_log'
|
||||
- format: 'apache'
|
||||
location: '/var/ossec/logs/active-responses.log'
|
||||
Loading…
Reference in New Issue
Block a user