CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

change how whitelist script determines if wazuh is enabled

Browse Source
This commit is contained in:
m0duspwnens
2020-05-29 17:22:39 -04:00
parent 5f4e480b4c
commit 4dfb58a98c
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/wazuh/files/wazuh-manager-whitelist
View File

@@ -1,4 +1,5 @@
{%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
{%- set WAZUH_ENABLED = salt['pillar.get']('static:wazuh', '0') %}
#!/bin/bash
# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
@@ -17,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Check if Wazuh enabled
if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then
if [ {{ WAZUH_ENABLED }} ]; then
WAZUH_MGR_CFG="/opt/so/wazuh/etc/ossec.conf"
if ! grep -q "<white_list>{{ MASTERIP }}</white_list>" $WAZUH_MGR_CFG ; then
DATE=`date`