afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Wazuh agent: disable or not the openscap install & scan

Browse Source
This commit is contained in:
Miguelangel Freitas 2017-08-01 00:09:26 -04:00
parent 0f72f5f606
commit a19d3d99f6
4 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible-wazuh-agent/defaults/main.yml
View File

@ -31,6 +31,7 @@ wazuh_agent_config:
rootcheck: rootcheck:
frequency: 43200 frequency: 43200
openscap: openscap:
disable: 'yes'
timeout: 1800 timeout: 1800
interval: '1d' interval: '1d'
scan_on_start: 'yes' scan_on_start: 'yes'

3
ansible-wazuh-agent/tasks/Debian.yml
View File

@ -21,6 +21,7 @@
- name: Debian/Ubuntu | Install OpenScap - name: Debian/Ubuntu | Install OpenScap
package: name={{ item }} state=present package: name={{ item }} state=present
when: wazuh_agent_config.openscap.disable == 'no'
with_items: with_items:
- libopenscap8 - libopenscap8
- xsltproc - xsltproc
@ -30,6 +31,7 @@
- name: Debian/Ubuntu | Get OpenScap installed version - name: Debian/Ubuntu | Get OpenScap installed version
shell: "dpkg-query --showformat='${Version}' --show libopenscap8" shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
register: openscap_version register: openscap_version
when: wazuh_agent_config.openscap.disable == 'no'
changed_when: true changed_when: true
tags: tags:
- config - config
@ -37,6 +39,7 @@
- name: Debian/Ubuntu | Check OpenScap version - name: Debian/Ubuntu | Check OpenScap version
shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?" shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
register: openscap_version_valid register: openscap_version_valid
when: wazuh_agent_config.openscap.disable == 'no'
changed_when: true changed_when: true
tags: tags:
- config - config

1
ansible-wazuh-agent/tasks/RedHat.yml
View File

@ -43,5 +43,6 @@
- name: RedHat/CentOS/RedHat | Install openscap - name: RedHat/CentOS/RedHat | Install openscap
package: name=openscap-scanner state=present package: name=openscap-scanner state=present
when: wazuh_agent_config.openscap.disable == 'no'
tags: tags:
- init - init

2
ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
View File

@ -71,6 +71,7 @@
{% endfor %} {% endfor %}
</syscheck> </syscheck>
{% if wazuh_agent_config.openscap.disable == 'no' %}
<wodle name="open-scap"> <wodle name="open-scap">
<disabled>no</disabled> <disabled>no</disabled>
<timeout>{{ wazuh_agent_config.openscap.timeout }}</timeout> <timeout>{{ wazuh_agent_config.openscap.timeout }}</timeout>
@ -117,6 +118,7 @@
</content> </content>
{% endif %} {% endif %}
</wodle> </wodle>
{% endif %}
<!-- Files to monitor (localfiles) --> <!-- Files to monitor (localfiles) -->
{% for localfile in wazuh_agent_config.localfiles %} {% for localfile in wazuh_agent_config.localfiles %}