Add files via upload

A script that gets the version of the agent. Query if there is local_internal_options.conf, if it does not exist, create the file. If the agent version is equal to 3.1 or higher, add to the file: # Wazuh Command Module - If it should accept remote commands from the manager wazuh_command.remote_commands=1 Regardless of the version, add to the file: # Logcollector - If it should accept remote commands from the manager logcollector.remote_commands=1 Finally, restart the agent.
2018-09-20 14:59:00 +02:00 · 2018-09-20 14:59:00 +02:00 · 990a56cdf4
commit 990a56cdf4
parent 8fe61c17ce
1 changed files with 154 additions and 0 deletions
--- a/configure_commands_wazuh_agent.ps1
+++ b/configure_commands_wazuh_agent.ps1
@ -0,0 +1,154 @@
 #------------------------- Gather parameters --------------------------#
 param (
    [switch]$Elevated,
    [switch]$help
    )
 #------------------------- Gather parameters --------------------------#
 # ------------------------- Common functions ------------------------- #
 # Restart agent service
 function restartAgent {
  $service="OssecSvc"
  $status= (Get-Service $service).status
  if($status -eq "Running"){
    Restart-Service $service -Force
  }
  elseif($status -eq "Stopped"){
    Start-Service $service 
  }
 }
 # Get agent version
 function getVersion
 {
    $version = ""
    $version_path = "$($path)\VERSION"
    if (Test-Path $version_path) {
       $version_path = "$($path)\VERSION"
    } else {
       $version_path = "$($path)\VERSION.txt"
    }
    foreach($line in Get-Content "$($version_path)") {
       if ($line -like '*v2.*'){
       $version = "v2"
       }
       if ($line -like '*v3.*'){
          if ($line -like '*v3.0.*'){
              $version = "v3.0"
          } else{
              $version = "v3"
          }
       }
    }
    if ($wazuh_version -eq ""){
      "The agent version could not be obtained."
      Exit
    } else{
    return $version
    }
 }
 # Agent configuration
 function confAgent
 {
    "Updating local_internal_options.conf file..."
    $local_conf_path = "$($path)\local_internal_options.conf"
    $local_conf_path
    if (Test-Path $local_conf_path) {
         "local_internal_options.conf already exists. Proceeding with the changes. "
    } else{
         "Creating local_internal_options.conf"
         New-Item "$($path)\local_internal_options.conf" -ItemType file
         Add-Content "$($path)\local_internal_options.conf" -value "# local_internal_options.conf`r`n
 #`r`n
 # This file should be handled with care. It contains`r`n
 # run time modifications that can affect the use`r`n
 # of OSSEC. Only change it if you know what you`r`n
 # are doing. Look first at ossec.conf`r`n
 # for most of the things you want to change.`r`n
 #`r`n
 # This file will not be overwritten during upgrades.`r`n"
    }
    if ($wazuh_version -eq "v3") {
      $contain_output = Select-String -Path "$($path)\local_internal_options.conf" -pattern wazuh_command.remote_commands
      if ($contain_output -ne $null) {
        (Get-Content "$($path)\local_internal_options.conf") -replace('wazuh_command.remote_commands.*', 'wazuh_command.remote_commands=1') | Set-Content "$($path)\local_internal_options.conf"
      } else {
        Add-Content "$($path)\local_internal_options.conf" -value "# Wazuh Command Module - If it should accept remote commands from the manager`r`nwazuh_command.remote_commands=1`r`n"
      }
    }
    $contain_output = Select-String -Path "$($path)\local_internal_options.conf" -pattern 'logcollector.remote_commands'
    if ($contain_output -ne $null) {
      (Get-Content "$($path)\local_internal_options.conf") -replace('logcollector.remote_commands.*', 'logcollector.remote_commands=1') | Set-Content "$($path)\local_internal_options.conf"
    } else {
      Add-Content "$($path)\local_internal_options.conf" -value "# Logcollector - If it should accept remote commands from the manager`r`nlogcollector.remote_commands=1`r`n"
    }
 }
 # Usage function
 function Usage
 {
    "
       /\__/\
      /      \    WAZUH agent - Windows deploy
      \ \  / /    Site: http://www.wazuh.com
       \ VV /
        \__/
    USE: ./configure_commands_wazuh_agent.ps1 [options]
    -help: usage information.
    Examples:
        ./configure_commands_wazuh_agent.ps1
    "
 }
 # ------------------------- Common functions ------------------------- #
 #------------------------- Analyze parameters -------------------------#
 if(($help.isPresent)) {
    Usage
    Exit
 }
 #------------------------- Analyze parameters -------------------------#
 #------------------------- Main workflow --------------------------#
 # Opening powershell as Administrator
 if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
       Write-Host "This script requires Administrator privileges"
       Exit
 }
 $path = "C:\Program Files (x86)\ossec-agent\"
 if (Test-Path $path) {
    $path = "C:\Program Files (x86)\ossec-agent\"
 } else {
    $path = "C:\Program Files\ossec-agent\"
 }
 # Get agent version
 $wazuh_version = getVersion
 "Agent version: $wazuh_version"
 # Configure agent
 confAgent
 # Restart agent
 restartAgent
 #------------------------- Main workflow --------------------------#