CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 03:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

update Wazuh path

Browse Source
This commit is contained in:
Wes Lambert
2020-02-12 03:34:12 +00:00
parent f7ab43e428
commit 0344ea7878
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/common/tools/sbin/so-allow
View File

@@ -86,7 +86,7 @@ echo "Adding $IP to the $FULLROLE role. This can take a few seconds"
if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then
# If analyst, add to Wazuh AR whitelist # If analyst, add to Wazuh AR whitelist
if [ "$FULLROLE" == "analyst" ]; then if [ "$FULLROLE" == "analyst" ]; then
WAZUH_MGR_CFG="/opt/so/conf/wazuh/etc/ossec.conf" WAZUH_MGR_CFG="/opt/so/wazuh/etc/ossec.conf"
if ! grep -q "<white_list>$IP</white_list>" $WAZUH_MGR_CFG ; then if ! grep -q "<white_list>$IP</white_list>" $WAZUH_MGR_CFG ; then
DATE=`date` DATE=`date`
sed -i 's/<\/ossec_config>//' $WAZUH_MGR_CFG sed -i 's/<\/ossec_config>//' $WAZUH_MGR_CFG

2
salt/wazuh/files/wazuh-manager-whitelist
View File

@@ -18,7 +18,7 @@
# Check if Wazuh enabled # Check if Wazuh enabled
if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then
WAZUH_MGR_CFG="/opt/so/conf/wazuh/etc/ossec.conf" WAZUH_MGR_CFG="/opt/so/wazuh/etc/ossec.conf"
if ! grep -q "<white_list>{{ MASTERIP }}</white_list>" $WAZUH_MGR_CFG ; then if ! grep -q "<white_list>{{ MASTERIP }}</white_list>" $WAZUH_MGR_CFG ; then
DATE=`date` DATE=`date`
sed -i 's/<\/ossec_config>//' $WAZUH_MGR_CFG sed -i 's/<\/ossec_config>//' $WAZUH_MGR_CFG