From c226c6f44df537441aff287b3a02c3b905d7e42a Mon Sep 17 00:00:00 2001
From: cadoming <carlos.dominguez@wazuh.com>
Date: Wed, 5 Dec 2018 12:01:36 +0000
Subject: [PATCH] Moved custom_ruleset files

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 13 +++++++------
 .../decoders/sample_custom_decoders.xml             |  0
 .../custom_ruleset/rules/sample_custom_rules.xml    |  0
 3 files changed, 7 insertions(+), 6 deletions(-)
 rename roles/wazuh/ansible-wazuh-manager/{ => files}/custom_ruleset/decoders/sample_custom_decoders.xml (100%)
 rename roles/wazuh/ansible-wazuh-manager/{ => files}/custom_ruleset/rules/sample_custom_rules.xml (100%)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index eb5688b9..c7e319d1 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -185,8 +185,8 @@ wazuh_manager_config:
       expect: 'srcip'
       timeout_allowed: 'yes'
   ruleset:
-      rules_path: '/etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager/custom_ruleset/rules/'
-      decoders_path: '/etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager/custom_ruleset/decoders/'
+      rules_path: 'custom_ruleset/rules/'
+      decoders_path: 'custom_ruleset/decoders/'
   rule_exclude:
     - '0215-policy_rules.xml'
   active_responses:
@@ -221,10 +221,11 @@ wazuh_agent_configs:
       - /etc/svc/volatile
       no_diff:
         - /etc/ssl/private.key
-      # Example
-      #directories:
-        #- dirs: /etc,/usr/bin,/usr/sbin
-        #  checks: 'check_all="yes"'
+      directories:
+        - dirs: /etc,/usr/bin,/usr/sbin
+          checks: 'check_all="yes"'
+        - dirs: /bin,/sbin
+          checks: 'check_all="yes"'
     rootcheck:
       frequency: 43200
       cis_distribution_filename: null
diff --git a/roles/wazuh/ansible-wazuh-manager/custom_ruleset/decoders/sample_custom_decoders.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml
similarity index 100%
rename from roles/wazuh/ansible-wazuh-manager/custom_ruleset/decoders/sample_custom_decoders.xml
rename to roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml
diff --git a/roles/wazuh/ansible-wazuh-manager/custom_ruleset/rules/sample_custom_rules.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml
similarity index 100%
rename from roles/wazuh/ansible-wazuh-manager/custom_ruleset/rules/sample_custom_rules.xml
rename to roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml