afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added autoenrollment feature to agent ossec.conf template

Browse Source
This commit is contained in:
Manuel J. Bernal 2020-09-01 15:31:35 +02:00
parent f2e7a75b09
commit bc7e1fbb8a
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
roles/wazuh/ansible-wazuh-agent/defaults/main.yml
View File

@ -294,4 +294,19 @@ wazuh_agent_config:
list: list:
- key: Env - key: Env
value: Production value: Production
enrollment:
enabled: no
manager_address: ''
port: 1515
agent_name: ''
groups: ''
agent_address: ''
ssl_cipher: HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH
server_ca_path: ''
agent_certificate_path: ''
agent_key_path: ''
authorization_pass: ChangeMe
auto_method: no
delay_after_enrollment: 20
use_source_ip: no
wazuh_agent_nat: false wazuh_agent_nat: false

20
roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
View File

@ -45,6 +45,26 @@
<events_per_second>{{ wazuh_agent_config.client_buffer.events_per_sec }}</events_per_second> <events_per_second>{{ wazuh_agent_config.client_buffer.events_per_sec }}</events_per_second>
</client_buffer> </client_buffer>
{% if wazuh_agent_config.enrollment is defined and wazuh_agent_config.enrollment.enabled == 'yes' %}
<enrollment>
<enabled>{{ wazuh_agent_config.enrollment.enabled }}</enabled>
<manager_address>{{ wazuh_agent_config.enrollment.manager_address }}</manager_address>
<port>{{ wazuh_agent_config.enrollment.port }}</port>
<agent_name>{{ wazuh_agent_config.enrollment.agent_name }}</agent_name>
<groups>{{ wazuh_agent_config.enrollment.groups }}</groups>
<agent_address>{{ wazuh_agent_config.enrollment.agent_address }}</agent_address>
<ssl_cipher>{{ wazuh_agent_config.enrollment.ssl_cipher }}</ssl_cipher>
<server_ca_path>{{ wazuh_agent_config.enrollment.server_ca_path }}</server_ca_path>
<agent_certificate_path>{{ wazuh_agent_config.enrollment.agent_certificate_path }}</agent_certificate_path>
<agent_key_path>{{ wazuh_agent_config.enrollment.agent_key_path }}</agent_key_path>
<authorization_pass>{{ wazuh_agent_config.enrollment.authorization_pass }}</authorization_pass>
<auto_method>{{ wazuh_agent_config.enrollment.auto_method }}</auto_method>
<delay_after_enrollment>{{ wazuh_agent_config.enrollment.delay_after_enrollment }}</delay_after_enrollment>
<use_source_ip>{{ wazuh_agent_config.enrollment.use_source_ip }}</use_source_ip>
</enrollment>
{% endif %}
{% if wazuh_agent_config.rootcheck is defined %} {% if wazuh_agent_config.rootcheck is defined %}
<rootcheck> <rootcheck>
<disabled>no</disabled> <disabled>no</disabled>