Merge pull request #413 from wazuh/feature-integrations

Added AWS S3 block to template
2020-04-27 21:37:59 +02:00 · 2020-04-27 21:37:59 +02:00 · fb28059324
commit fb28059324
parent d0c4bac3ab a543fc7ed1
2 changed files with 72 additions and 0 deletions
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@ -354,6 +354,29 @@ wazuh_manager_config:
    - server: null
      port: null
      format: null
+  integrations:
+    #slack
+    - name: null
+      hook_url: '<hook_url>'
+      alert_level: 10
+      alert_format: 'json'
+      rule_id: null
+    #pagerduty
+    - name: null
+      api_key: '<api_key>'
+      alert_level: 12
+  monitor_aws:
+    disabled: 'yes'
+    interval: '10m'
+    run_on_start: 'yes'
+    skip_on_error: 'yes'
+    s3:
+      - name: null
+        bucket_type: null
+        path: null
+        only_logs_after: null
+        access_key: null
+        secret_key: null
  labels:
    enable: false
    list:
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@ -544,6 +544,55 @@
 {% endfor %}
 {% endif %}

+{% if wazuh_manager_config.integrations is defined %}
+{% for integration in wazuh_manager_config.integrations %}
+{% if integration.name is not none %}
+  <!-- Integration with {{ integration.name }} -->
+  <integration>
+    <name>{{ integration.name }}</name>
+    {% if integration.hook_url is defined %}
+    <hook_url>{{ integration.hook_url }}</hook_url>
+    {% endif %}
+    {% if integration.api_key is defined %}
+    <api_key>{{ integration.api_key }}</api_key>
+    {% endif %}
+    {% if integration.alert_format is defined %}
+    <alert_format>{{ integration.alert_format }}</alert_format>
+    {% endif %}
+    {% if integration.alert_level is defined %}
+    <level>{{ integration.alert_level }}</level>
+    {% endif %}
+    {% if integration.rule_id is defined %}
+    <rule_id>{{ integration.rule_id }}</rule_id>
+    {% endif %}
+  </integration>
+{% endif %}
+{% endfor %}
+{% endif %}
+
+{% if monitor_aws is defined and monitor_aws.disabled == "no" %}
+  <!-- S3 -->
+  <wodle name="aws-s3">
+    <disabled>{{ monitor_aws.disabled }}</disabled>
+    <interval>{{ monitor_aws.interval }}</interval>
+    <run_on_start>{{ monitor_aws.run_on_start }}</run_on_start>
+    <skip_on_error>{{ monitor_aws.skip_on_error }}</skip_on_error>
+    {% for bucket in monitor_aws.s3 %}
+    <bucket type="{{ bucket.bucket_type }}">
+      <name>{{ bucket.name }}</name>
+      {% if bucket.path is defined %}
+      <path>{{ bucket.path }}</path>
+      {% endif %}
+      {% if bucket.only_logs_after is defined %}
+      <only_logs_after>{{ bucket.only_logs_after }}</only_logs_after>
+      {% endif %}
+      <access_key>{{ bucket.access_key }}</access_key>
+      <secret_key>{{ bucket.secret_key }}</secret_key>
+    </bucket>
+    {% endfor %}
+  </wodle>
+{% endif %}
+
 {% if wazuh_manager_config.labels.enable == true %}
  <labels>
  {% for label in wazuh_manager_config.labels.list %}