{{ wazuh_manager_config.json_output }} {{ wazuh_manager_config.alerts_log }} {{ wazuh_manager_config.logall }} {% if wazuh_manager_config.email_notification | lower == "yes" %} yes {% else %} no {% endif %} {% for to in wazuh_manager_config.mail_to %} {{ to }} {% endfor %} {{ wazuh_manager_config.mail_smtp_server }} {{ wazuh_manager_config.mail_from }} {% if wazuh_manager_config.extra_emails is defined %} {% for mail in wazuh_manager_config.extra_emails %} {{ mail.mail_to }} {% if mail.format is defined %} {{ mail.format }} {% endif %} {% if mail.level is defined %} {{ mail.level }} {% endif %} {% if mail.event_location is defined %} {{ mail.event_location }} {% endif %} {% if mail.group is defined %} {{ mail.group }} {% endif %} {% if mail.do_not_delay is defined and mail.do_not_delay == true %} {% endif %} {% if mail.do_not_group is defined and mail.do_not_group == true %} {% endif %} {% if mail.rule_id is defined %} {{ mail.rule_id }} {% endif %} {% endfor %} {% endif %} {% if wazuh_manager_config.reports is defined %} {% for report in wazuh_manager_config.reports %} {{ report.category }} {{ report.title }} {{ report.email_to }} {% if report.location is defined %}{{ report.location }}{% endif %} {% if report.group is defined %}{{ report.group }}{% endif %} {% if report.rule is defined %}{{ report.rule }}{% endif %} {% if report.level is defined %}{{ report.level }}{% endif %} {% if report.srcip is defined %}{{ report.srcip }}{% endif %} {% if report.user is defined %}{{ report.user }}{% endif %} {% if report.showlogs is defined %}{{ report.showlogs }}{% endif %} {% endfor %} {% endif %} {{ wazuh_manager_config.log_level }} {{ wazuh_manager_config.email_level }} {% for connection in wazuh_manager_config.connection %} {{ connection.type }} {{ connection.port }} {{ connection.protocol }} {% endfor %} no yes yes yes yes yes yes yes yes {{ wazuh_manager_config.rootcheck.frequency }} /var/ossec/etc/shared/rootkit_files.txt /var/ossec/etc/shared/rootkit_trojans.txt /var/ossec/etc/shared/system_audit_rcl.txt /var/ossec/etc/shared/system_audit_ssh.txt {% if cis_distribution_filename is defined %} /var/ossec/etc/shared/{{ cis_distribution_filename }} {% endif %} yes {{ wazuh_manager_config.syscheck.frequency }} {{ wazuh_manager_config.syscheck.scan_on_start }} {% if wazuh_manager_config.syscheck.directories is defined %} {% for directory in wazuh_manager_config.syscheck.directories %} {{ directory.dirs }} {% endfor %} {% endif %} {% if wazuh_manager_config.syscheck.ignore is defined %} {% for ignore in wazuh_manager_config.syscheck.ignore %} {{ ignore }} {% endfor %} {% endif %} {% for no_diff in wazuh_manager_config.syscheck.no_diff %} {{ no_diff }} {% endfor %} no {{ wazuh_manager_config.openscap.timeout }} {{ wazuh_manager_config.openscap.interval }} {{ wazuh_manager_config.openscap.scan_on_start }} {% if ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial' %} xccdf_org.ssgproject.content_profile_common {% elif ansible_distribution == 'Debian' and ansible_distribution_release == 'jessie' %} xccdf_org.ssgproject.content_profile_common {% elif ansible_distribution == 'CentOS' %} {% if ansible_distribution_major_version == '7' %} {% elif ansible_distribution_major_version == '6' %} {% endif %} xccdf_org.ssgproject.content_profile_pci-dss xccdf_org.ssgproject.content_profile_common {% elif ansible_distribution == 'RedHat' %} {% if ansible_distribution_major_version == '7' %} {% elif ansible_distribution_major_version == '6' %} {% endif %} xccdf_org.ssgproject.content_profile_pci-dss xccdf_org.ssgproject.content_profile_common {% if ansible_distribution_major_version == '7' %} {% elif ansible_distribution_major_version == '6' %} {% endif %} {% elif ansible_distribution == 'Fedora' %} xccdf_org.ssgproject.content_profile_pci-dss xccdf_org.ssgproject.content_profile_common {% endif %} {% if agentless_creeds is defined %} {% for agentless in agentless_creeds %} {{ agentless.type }} {{ agentless.frequency }} {{ agentless.host }} {{ agentless.state }} {% if agentless.arguments is defined %} {{ agentless.arguments }} {% endif %} {% endfor %} {% endif %} {% for white_list in wazuh_manager_config.globals %} {{ white_list }} {% endfor %} {% for command in wazuh_manager_config.commands %} {{ command.name }} {{ command.executable }} {{ command.expect }} {{ command.timeout_allowed }} {% endfor %} ruleset/decoders ruleset/rules 0215-policy_rules.xml etc/lists/audit-keys etc/decoders etc/rules {% for response in wazuh_manager_config.active_responses %} {{ response.command }} {{ response.location }} {{ response.level }} {{ response.timeout }} {% endfor %} {% for localfile in wazuh_manager_config.localfiles %} {{ localfile.format }} {% if localfile.format == 'command' or localfile.format == 'full_command' %} {{ localfile.command }} {{ localfile.frequency }} {% else %} {{ localfile.location }} {% endif %} {% endfor %} {% if wazuh_manager_config.syslog_outputs is defined %} {% for syslog_output in wazuh_manager_config.syslog_outputs %} {{ syslog_output.server }} {{ syslog_output.port }} {{ syslog_output.format }} {% endfor %} {% endif %}