afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #286 from wazuh/feature-259-fix-empty-lines

Browse Source 
Fix empty lines
This commit is contained in:
Jose M. Garcia 2019-10-28 10:11:26 +01:00 committed by GitHub
commit c4e6fa1acb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 193 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
View File

@ -1,4 +1,4 @@
#jinja2: trim_blocks: False #jinja2: lstrip_blocks: True
<!-- {{ ansible_managed }} --> <!-- {{ ansible_managed }} -->
<!-- <!--
Wazuh - Agent Wazuh - Agent
@ -8,7 +8,6 @@
<ossec_config> <ossec_config>
<client> <client>
{% for manager in wazuh_managers %} {% for manager in wazuh_managers %}
<server> <server>
<address>{{ manager.address }}</address> <address>{{ manager.address }}</address>
@ -20,7 +19,6 @@
{% endif %} {% endif %}
</server> </server>
{% endfor %} {% endfor %}
{% if wazuh_profile is not none %} {% if wazuh_profile is not none %}
<config-profile>{{ wazuh_profile }}</config-profile> <config-profile>{{ wazuh_profile }}</config-profile>
{% endif %} {% endif %}
@ -31,12 +29,14 @@
<auto_restart>{{ wazuh_auto_restart }}</auto_restart> <auto_restart>{{ wazuh_auto_restart }}</auto_restart>
<crypto_method>{{ wazuh_crypto_method }}</crypto_method> <crypto_method>{{ wazuh_crypto_method }}</crypto_method>
</client> </client>
<client_buffer> <client_buffer>
<!-- Agent buffer options --> <!-- Agent buffer options -->
<disabled>{{ wazuh_agent_config.client_buffer.disable }}</disabled> <disabled>{{ wazuh_agent_config.client_buffer.disable }}</disabled>
<queue_size>{{ wazuh_agent_config.client_buffer.queue_size }}</queue_size> <queue_size>{{ wazuh_agent_config.client_buffer.queue_size }}</queue_size>
<events_per_second>{{ wazuh_agent_config.client_buffer.events_per_sec }}</events_per_second> <events_per_second>{{ wazuh_agent_config.client_buffer.events_per_sec }}</events_per_second>
</client_buffer> </client_buffer>
<logging> <logging>
<log_format>{{ wazuh_agent_config.log_format }}</log_format> <log_format>{{ wazuh_agent_config.log_format }}</log_format>
</logging> </logging>
@ -72,7 +72,6 @@
{% endif %} {% endif %}
<skip_nfs>yes</skip_nfs> <skip_nfs>yes</skip_nfs>
{% endif %} {% endif %}
{% if ansible_os_family == "Windows" %} {% if ansible_os_family == "Windows" %}
<windows_audit>./shared/win_audit_rcl.txt</windows_audit> <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
<windows_apps>./shared/win_applications_rcl.txt</windows_apps> <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
@ -86,11 +85,11 @@
{% if wazuh_agent_config.syscheck is defined %} {% if wazuh_agent_config.syscheck is defined %}
<syscheck> <syscheck>
<disabled>no</disabled> <disabled>no</disabled>
<!-- #<alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> --> <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
<!-- Frequency that syscheck is executed -- default every 20 hours --> <!-- Frequency that syscheck is executed -- default every 20 hours -->
<frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency> <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
{% if ansible_system == "Linux" %} {% if ansible_system == "Linux" %}
<!-- #<directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> --> <!-- <directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> -->
<directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories> <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
<directories check_all="yes">/bin,/sbin,/boot</directories> <directories check_all="yes">/bin,/sbin,/boot</directories>
@ -308,6 +307,7 @@
<!-- Files to monitor (localfiles) --> <!-- Files to monitor (localfiles) -->
{% if ansible_system == "Linux" %} {% if ansible_system == "Linux" %}
{% for localfile in wazuh_agent_config.localfiles.linux %} {% for localfile in wazuh_agent_config.localfiles.linux %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@ -325,6 +325,7 @@
{% if ansible_os_family == "Debian" %} {% if ansible_os_family == "Debian" %}
{% for localfile in wazuh_agent_config.localfiles.debian %} {% for localfile in wazuh_agent_config.localfiles.debian %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@ -342,6 +343,7 @@
{% if ansible_os_family == "RedHat" %} {% if ansible_os_family == "RedHat" %}
{% for localfile in wazuh_agent_config.localfiles.centos %} {% for localfile in wazuh_agent_config.localfiles.centos %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@ -359,6 +361,7 @@
{% if ansible_os_family == "Windows" %} {% if ansible_os_family == "Windows" %}
{% for localfile in wazuh_agent_config.localfiles.windows %} {% for localfile in wazuh_agent_config.localfiles.windows %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'eventchannel' %} {% if localfile.format == 'eventchannel' %}

88
roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
View File

@ -1,4 +1,4 @@
#jinja2: trim_blocks: False #jinja2: lstrip_blocks: True
<!-- <!--
Wazuh - Manager - Default configuration Wazuh - Manager - Default configuration
More info at: https://documentation.wazuh.com More info at: https://documentation.wazuh.com
@ -65,8 +65,12 @@
{% for connection in wazuh_manager_config.connection %} {% for connection in wazuh_manager_config.connection %}
<remote> <remote>
<connection>{{ connection.type }}</connection> <connection>{{ connection.type }}</connection>
{% if connection.port is defined %}<port>{{ connection.port }}</port>{% endif %} {% if connection.port is defined %}
{% if connection.protocol is defined %}<protocol>{{ connection.protocol }}</protocol>{% endif %} <port>{{ connection.port }}</port>
{% endif %}
{% if connection.protocol is defined %}
<protocol>{{ connection.protocol }}</protocol>
{% endif %}
{% if connection.allowed_ips is defined %} {% if connection.allowed_ips is defined %}
{% for allowed_ip in connection.allowed_ips %} {% for allowed_ip in connection.allowed_ips %}
<allowed-ips>{{ allowed_ip }}</allowed-ips> <allowed-ips>{{ allowed_ip }}</allowed-ips>
@ -77,9 +81,15 @@
<denied-ips>{{ denied_ip }}</denied-ips> <denied-ips>{{ denied_ip }}</denied-ips>
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if connection.local_ip is defined %}<local_ip>{{ connection.local_ip }}</local_ip>{% endif %} {% if connection.local_ip is defined %}
{% if connection.ipv6 is defined %}<ipv6>{{ connection.ipv6 }}</ipv6>{% endif %} <local_ip>{{ connection.local_ip }}</local_ip>
{% if connection.queue_size is defined %}<queue_size>{{connection.queue_size}}</queue_size>{% endif %} {% endif %}
{% if connection.ipv6 is defined %}
<ipv6>{{ connection.ipv6 }}</ipv6>
{% endif %}
{% if connection.queue_size is defined %}
<queue_size>{{connection.queue_size}}</queue_size>
{% endif %}
</remote> </remote>
{% endfor %} {% endfor %}
@ -102,7 +112,6 @@
{% endfor %} {% endfor %}
{% endif %} {% endif %}
<!-- Policy monitoring --> <!-- Policy monitoring -->
<rootcheck> <rootcheck>
<disabled>no</disabled> <disabled>no</disabled>
@ -297,7 +306,6 @@
{% for no_diff in wazuh_manager_config.syscheck.no_diff %} {% for no_diff in wazuh_manager_config.syscheck.no_diff %}
<nodiff>{{ no_diff }}</nodiff> <nodiff>{{ no_diff }}</nodiff>
{% endfor %} {% endfor %}
{% if wazuh_manager_config.syscheck.skip_nfs is defined %} {% if wazuh_manager_config.syscheck.skip_nfs is defined %}
<skip_nfs>{{ wazuh_manager_config.syscheck.skip_nfs }}</skip_nfs> <skip_nfs>{{ wazuh_manager_config.syscheck.skip_nfs }}</skip_nfs>
{% endif %} {% endif %}
@ -320,6 +328,7 @@
</global> </global>
{% for command in wazuh_manager_config.commands %} {% for command in wazuh_manager_config.commands %}
<command> <command>
<name>{{ command.name }}</name> <name>{{ command.name }}</name>
<executable>{{ command.executable }}</executable> <executable>{{ command.executable }}</executable>
@ -351,21 +360,44 @@
{% if wazuh_manager_config.authd.enable == true %} {% if wazuh_manager_config.authd.enable == true %}
<auth> <auth>
<disabled>no</disabled> <disabled>no</disabled>
{% if wazuh_manager_config.authd.port is not none %}<port>{{wazuh_manager_config.authd.port}}</port>{% else %}<port>1515</port>{% endif %} {% if wazuh_manager_config.authd.port is not none %}
{% if wazuh_manager_config.authd.use_source_ip is not none %}<use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>{% endif %} <port>{{wazuh_manager_config.authd.port}}</port>
{% if wazuh_manager_config.authd.force_insert is not none %}<force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>{% endif %} {% else %}
{% if wazuh_manager_config.authd.force_time is not none %}<force_time>{{wazuh_manager_config.authd.force_time}}</force_time>{% endif %} <port>1515</port>
{% if wazuh_manager_config.authd.purge is not none %}<purge>{{wazuh_manager_config.authd.purge}}</purge>{% endif %} {% endif %}
{% if wazuh_manager_config.authd.use_password is not none %}<use_password>{{wazuh_manager_config.authd.use_password}}</use_password>{% endif %} {% if wazuh_manager_config.authd.use_source_ip is not none %}
{% if wazuh_manager_config.authd.ssl_agent_ca is not none %}<ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>{% endif %} <use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>
{% if wazuh_manager_config.authd.ssl_verify_host is not none %}<ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>{% endif %} {% endif %}
{% if wazuh_manager_config.authd.ssl_manager_cert is not none %}<ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>{% endif %} {% if wazuh_manager_config.authd.force_insert is not none %}
{% if wazuh_manager_config.authd.ssl_manager_key is not none %}<ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>{% endif %} <force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>
{% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}<ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>{% endif %} {% endif %}
{% if wazuh_manager_config.authd.force_time is not none %}
<force_time>{{wazuh_manager_config.authd.force_time}}</force_time>
{% endif %}
{% if wazuh_manager_config.authd.purge is not none %}
<purge>{{wazuh_manager_config.authd.purge}}</purge>
{% endif %}
{% if wazuh_manager_config.authd.use_password is not none %}
<use_password>{{wazuh_manager_config.authd.use_password}}</use_password>
{% endif %}
{% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
<ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
{% endif %}
{% if wazuh_manager_config.authd.ssl_verify_host is not none %}
<ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>
{% endif %}
{% if wazuh_manager_config.authd.ssl_manager_cert is not none %}
<ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>
{% endif %}
{% if wazuh_manager_config.authd.ssl_manager_key is not none %}
<ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>
{% endif %}
{% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}
<ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>
{% endif %}
</auth> </auth>
{% endif %} {% endif %}
<cluster> <cluster>
<disabled>{{ wazuh_manager_config.cluster.disable }}</disabled> <disabled>{{ wazuh_manager_config.cluster.disable }}</disabled>
<name>{{ wazuh_manager_config.cluster.name }}</name> <name>{{ wazuh_manager_config.cluster.name }}</name>
@ -394,7 +426,7 @@
<ignore_output>yes</ignore_output> <ignore_output>yes</ignore_output>
<run_on_start>{{ wazuh_manager_config.vuls.run_on_start }}</run_on_start> <run_on_start>{{ wazuh_manager_config.vuls.run_on_start }}</run_on_start>
</wodle> </wodle>
{% endif %} {% endif -%}
{% if agentless_creds is defined %} {% if agentless_creds is defined %}
{% for agentless in agentless_creds %} {% for agentless in agentless_creds %}
@ -407,11 +439,8 @@
<arguments>{{ agentless.arguments }}</arguments> <arguments>{{ agentless.arguments }}</arguments>
{% endif %} {% endif %}
</agentless> </agentless>
{% endfor %} {% endfor %}
{% endif %} {% endif -%}
{% if wazuh_manager_config.active_responses is defined %} {% if wazuh_manager_config.active_responses is defined %}
{% for response in wazuh_manager_config.active_responses %} {% for response in wazuh_manager_config.active_responses %}
@ -427,10 +456,11 @@
{%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %} {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
</active-response> </active-response>
{% endfor %} {% endfor %}
{% endif %} {% endif -%}
<!-- Files to monitor (localfiles) --> <!-- Files to monitor (localfiles) -->
{% for localfile in wazuh_manager_config.localfiles.common %} {% for localfile in wazuh_manager_config.localfiles.common %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@ -468,6 +498,7 @@
{% if ansible_os_family == "Debian" %} {% if ansible_os_family == "Debian" %}
{% for localfile in wazuh_manager_config.localfiles.debian %} {% for localfile in wazuh_manager_config.localfiles.debian %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@ -502,10 +533,11 @@
{% endif %} {% endif %}
</localfile> </localfile>
{% endfor %} {% endfor %}
{% endif %} {% endif -%}
{% if ansible_os_family == "RedHat" %} {% if ansible_os_family == "RedHat" %}
{% for localfile in wazuh_manager_config.localfiles.centos %} {% for localfile in wazuh_manager_config.localfiles.centos %}
<localfile> <localfile>
<log_format>{{ localfile.format }}</log_format> <log_format>{{ localfile.format }}</log_format>
{% if localfile.format == 'command' or localfile.format == 'full_command' %} {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@ -540,7 +572,7 @@
{% endif %} {% endif %}
</localfile> </localfile>
{% endfor %} {% endfor %}
{% endif %} {% endif -%}
{% if wazuh_manager_config.syslog_outputs is defined %} {% if wazuh_manager_config.syslog_outputs is defined %}
{% for syslog_output in wazuh_manager_config.syslog_outputs %} {% for syslog_output in wazuh_manager_config.syslog_outputs %}