Merge pull request #159 from kravietz/email_fix

Email fix
2019-04-03 15:02:31 +02:00 · 2019-04-03 15:02:31 +02:00 · deaffd9c8e
commit deaffd9c8e
parent ef3938c0c9 7381dc8b2b
4 changed files with 9 additions and 9 deletions
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@ -281,10 +281,10 @@ wazuh_agent_config:
      - format: 'syslog'
        location: '/var/ossec/logs/active-responses.log'
      - format: 'command'
-        command: 'df -P'
+        command: df -P -x squashfs -x tmpfs -x devtmpfs
        frequency: '360'
      - format: 'full_command'
-        command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d         
+        command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
        alias: 'netstat listening ports'      
        frequency: '360'
      - format: 'full_command'
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
@ -10,3 +10,7 @@

 # This is the template of Ansible for the file local_internal_options.conf
 # In this file you could include the configuration settings for your agents
+
+# Logcollector - If it should accept remote commands from the manager
+logcollector.remote_commands=1
+
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@ -182,10 +182,10 @@ wazuh_manager_config:
  localfiles:
    common:
       - format: 'command'
-         command: 'df -P'
+         command: df -P -x squashfs -x tmpfs -x devtmpfs
         frequency: '360'
       - format: 'full_command'
-         command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
+         command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
         alias: 'netstat listening ports'
         frequency: '360'
       - format: 'full_command'
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@ -11,11 +11,7 @@
    <alerts_log>{{ wazuh_manager_config.alerts_log }}</alerts_log>
    <logall>{{ wazuh_manager_config.logall }}</logall>
    <logall_json>{{ wazuh_manager_config.logall_json }}</logall_json>
-    {% if wazuh_manager_config.email_notification | lower == "yes" %}
-    <email_notification>yes</email_notification>
-    {% else %}
-    <email_notification>no</email_notification>
-    {% endif %}
+    <email_notification>{{ wazuh_manager_config.email_notification }}</email_notification>
    {% for to in wazuh_manager_config.mail_to %}
    <email_to>{{ to }}</email_to>
    {% endfor %}