Add files via upload

A script that gets the version of the agent. Query if there is local_internal_options.conf, if it does not exist, create the file. If the agent version is equal to 3.1 or higher, add to the file: # Wazuh Command Module - If it should accept remote commands from the manager wazuh_command.remote_commands=1 Regardless of the version, add to the file: # Logcollector - If it should accept remote commands from the manager logcollector.remote_commands=1 Finally, restart the agent.
2018-09-20 14:59:00 +02:00 · 2018-09-20 14:59:00 +02:00 · 990a56cdf4
commit 990a56cdf4
parent 8fe61c17ce
1 changed files with 154 additions and 0 deletions
--- a/configure_commands_wazuh_agent.ps1
+++ b/configure_commands_wazuh_agent.ps1
@ -0,0 +1,154 @@
+#------------------------- Gather parameters --------------------------#
+
+param (
+    [switch]$Elevated,
+    [switch]$help
+    )
+
+#------------------------- Gather parameters --------------------------#
+
+# ------------------------- Common functions ------------------------- #
+
+# Restart agent service
+function restartAgent {
+  $service="OssecSvc"
+  $status= (Get-Service $service).status
+
+  if($status -eq "Running"){
+    Restart-Service $service -Force
+  }
+  elseif($status -eq "Stopped"){
+    Start-Service $service 
+  }
+}
+
+# Get agent version
+
+function getVersion
+{
+    $version = ""
+    $version_path = "$($path)\VERSION"
+    if (Test-Path $version_path) {
+       $version_path = "$($path)\VERSION"
+    } else {
+       $version_path = "$($path)\VERSION.txt"
+    }
+
+    foreach($line in Get-Content "$($version_path)") {
+       if ($line -like '*v2.*'){
+       $version = "v2"
+       }
+       if ($line -like '*v3.*'){
+          if ($line -like '*v3.0.*'){
+              $version = "v3.0"
+          } else{
+              $version = "v3"
+          }
+       }
+    }
+
+    if ($wazuh_version -eq ""){
+      "The agent version could not be obtained."
+      Exit
+    } else{
+    return $version
+    }
+}
+
+# Agent configuration
+function confAgent
+{
+
+    "Updating local_internal_options.conf file..."
+
+    $local_conf_path = "$($path)\local_internal_options.conf"
+    $local_conf_path
+    if (Test-Path $local_conf_path) {
+         "local_internal_options.conf already exists. Proceeding with the changes. "
+    } else{
+         "Creating local_internal_options.conf"
+         New-Item "$($path)\local_internal_options.conf" -ItemType file
+         Add-Content "$($path)\local_internal_options.conf" -value "# local_internal_options.conf`r`n
+#`r`n
+# This file should be handled with care. It contains`r`n
+# run time modifications that can affect the use`r`n
+# of OSSEC. Only change it if you know what you`r`n
+# are doing. Look first at ossec.conf`r`n
+# for most of the things you want to change.`r`n
+#`r`n
+# This file will not be overwritten during upgrades.`r`n"
+    }
+         
+
+    if ($wazuh_version -eq "v3") {
+      $contain_output = Select-String -Path "$($path)\local_internal_options.conf" -pattern wazuh_command.remote_commands
+
+      if ($contain_output -ne $null) {
+        (Get-Content "$($path)\local_internal_options.conf") -replace('wazuh_command.remote_commands.*', 'wazuh_command.remote_commands=1') | Set-Content "$($path)\local_internal_options.conf"
+      } else {
+        Add-Content "$($path)\local_internal_options.conf" -value "# Wazuh Command Module - If it should accept remote commands from the manager`r`nwazuh_command.remote_commands=1`r`n"
+      }
+    }
+
+    $contain_output = Select-String -Path "$($path)\local_internal_options.conf" -pattern 'logcollector.remote_commands'
+
+    if ($contain_output -ne $null) {
+      (Get-Content "$($path)\local_internal_options.conf") -replace('logcollector.remote_commands.*', 'logcollector.remote_commands=1') | Set-Content "$($path)\local_internal_options.conf"
+    } else {
+      Add-Content "$($path)\local_internal_options.conf" -value "# Logcollector - If it should accept remote commands from the manager`r`nlogcollector.remote_commands=1`r`n"
+    }
+}
+
+# Usage function
+function Usage
+{
+    "
+       /\__/\
+      /      \    WAZUH agent - Windows deploy
+      \ \  / /    Site: http://www.wazuh.com
+       \ VV /
+        \__/
+    USE: ./configure_commands_wazuh_agent.ps1 [options]
+    -help: usage information.
+    Examples:
+        ./configure_commands_wazuh_agent.ps1
+    "
+}
+
+# ------------------------- Common functions ------------------------- #
+
+#------------------------- Analyze parameters -------------------------#
+
+if(($help.isPresent)) {
+    Usage
+    Exit
+}
+
+#------------------------- Analyze parameters -------------------------#
+
+#------------------------- Main workflow --------------------------#
+
+# Opening powershell as Administrator
+if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
+       Write-Host "This script requires Administrator privileges"
+       Exit
+}
+
+
+$path = "C:\Program Files (x86)\ossec-agent\"
+if (Test-Path $path) {
+    $path = "C:\Program Files (x86)\ossec-agent\"
+} else {
+    $path = "C:\Program Files\ossec-agent\"
+}
+
+# Get agent version
+$wazuh_version = getVersion
+"Agent version: $wazuh_version"
+# Configure agent
+confAgent
+
+# Restart agent
+restartAgent
+
+#------------------------- Main workflow --------------------------#