Merge pull request #164 from wazuh/fix-default-active_response

Fix default active response

roles/wazuh/ansible-wazuh-manager/defaults/main.yml

@@ -255,17 +255,6 @@ wazuh_manager_config:
       decoders_path: 'custom_ruleset/decoders/'
   rule_exclude:
     - '0215-policy_rules.xml'
-  active_responses:
-    - command: 'restart-ossec'
-      location: 'local'
-      rules_id: '100002'
-    - command: 'win_restart-ossec'
-      location: 'local'
-      rules_id: '100003'
-    - command: 'host-deny'
-      location: 'local'
-      level: 6
-      timeout: 600
   syslog_outputs:
     - server: null
       port: null

roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2

@@ -395,7 +395,8 @@
 
 
   <!-- Active Response Config 
-{% for response in wazuh_manager_config.active_responses %}
+{% if wazuh_manager_config.active_responses is defined %}
+  {% for response in wazuh_manager_config.active_responses %}
     <active-response>
       <disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled>
       {%if response.command is defined %}<command>{{ response.command }}</command>{% endif %}
@@ -407,7 +408,8 @@
       {%if response.timeout is defined %}<timeout>{{ response.timeout }}</timeout>{% endif %}
       {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
     </active-response>
-{% endfor %}
+  {% endfor %}
+{% endif %}
 -->
 
   <!-- Files to monitor (localfiles) -->