From 10568bc6849a7075296545e247924c831324fff0 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Fri, 23 Apr 2021 02:21:41 +0000 Subject: [PATCH] Resolve "Security Center Bugfixes" --- scripts/services/wazuh/agent.sh | 2 +- scripts/subinstallers/extra/wazuh.sh | 39 ++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/scripts/services/wazuh/agent.sh b/scripts/services/wazuh/agent.sh index b478fa4..222d664 100755 --- a/scripts/services/wazuh/agent.sh +++ b/scripts/services/wazuh/agent.sh @@ -1,7 +1,7 @@ #!/bin/bash # detect if already installed -if [ $(dpkg -s wazuh-agent &> /dev/null) -eq 0 ]; then +if dpkg -s wazuh-agent &> /dev/null; then echo "Wazuh agent already installed" exit 0 fi diff --git a/scripts/subinstallers/extra/wazuh.sh b/scripts/subinstallers/extra/wazuh.sh index 6e2f834..1a7b6f7 100755 --- a/scripts/subinstallers/extra/wazuh.sh +++ b/scripts/subinstallers/extra/wazuh.sh @@ -48,6 +48,45 @@ echo "API_PASSWORD=${API_PASSWORD}" >> $WAZUH_PROD_FILE # https://elasticsearch:9200 echo "ELASTICSEARCH_URL=https://10.2.3.1:9200" >> $WAZUH_PROD_FILE + +cat >> ${WAZUH_PROD_FILE}<< EOF + +PATTERN="wazuh-alerts-*" + +CHECKS_PATTERN=true +CHECKS_TEMPLATE=true +CHECKS_API=true +CHECKS_SETUP=true + +EXTENSIONS_PCI=true +EXTENSIONS_GDPR=true +EXTENSIONS_HIPAA=true +EXTENSIONS_NIST=true +EXTENSIONS_TSC=true +EXTENSIONS_AUDIT=true +EXTENSIONS_OSCAP=false +EXTENSIONS_CISCAT=false +EXTENSIONS_AWS=false +EXTENSIONS_GCP=false +EXTENSIONS_VIRUSTOTAL=true +EXTENSIONS_OSQUERY=true +EXTENSIONS_DOCKER=true + +APP_TIMEOUT=20000 + +API_SELECTOR=true +IP_SELECTOR=true +IP_IGNORE="[]" + +WAZUH_MONITORING_ENABLED=true +WAZUH_MONITORING_FREQUENCY=900 +WAZUH_MONITORING_SHARDS=2 +WAZUH_MONITORING_REPLICAS=0 + +ADMIN_PRIVILEGES=true + +EOF + echo "MISTBORN_DEFAULT_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $WAZUH_PROD_FILE chmod 600 $WAZUH_PROD_FILE