agent configuration and monitoring

2018-11-15 12:16:05 +00:00 · 2018-11-15 12:16:05 +00:00 · f2b3ac68bb
commit f2b3ac68bb
parent aa1dfcdb60
2 changed files with 6 additions and 5 deletions
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@ -90,6 +90,8 @@ wazuh_agent_config:
      location: '/var/log/messages'
    - format: 'syslog'
      location: '/var/log/secure'
+    - format: 'syslog'
+      location: 'var/log/auth.log'
    - format: 'command'
      command: 'df -P'
      frequency: '360'
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@ -221,11 +221,10 @@ wazuh_agent_configs:
      - /etc/svc/volatile
      no_diff:
        - /etc/ssl/private.key
-      directories:
-        - dirs: /etc,/usr/bin,/usr/sbin
-          checks: 'check_all="yes"'
-        - dirs: /bin,/sbin
-          checks: 'check_all="yes"'
+      # Example
+      #directories:
+        #- dirs: /etc,/usr/bin,/usr/sbin
+        #  checks: 'check_all="yes"'
    rootcheck:
      frequency: 43200
      cis_distribution_filename: null