add Wazuh manager whitelist script

salt/wazuh/files/wazuh-manager-whitelist

@@ -0,0 +1,33 @@
+{%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+#!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Check if Wazuh enabled
+if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then
+      WAZUH_MGR_CFG="/opt/so/wazuh/etc/ossec.conf"
+      if ! grep -q "<white_list>{{ MASTERIP }}</white_list>" $WAZUH_MGR_CFG ; then
+              DATE=`date`
+              sed -i 's/<\/ossec_config>//' $WAZUH_MGR_CFG
+              sed -i '/^$/N;/^\n$/D' $WAZUH_MGR_CFG
+              echo -e "<!--Address {{ MASTERIP }} added by setup on "$DATE"-->\n  <global>\n    <white_list>{{ MASTERIP }}</white_list>\n  </global>\n</ossec_config>" >> $WAZUH_MGR_CFG
+              echo "Added whitelist entry for {{ MASTERIP }} in $WAZUH_MGR_CFG."
+              echo
+              echo "Restarting OSSEC Server..."
+              /usr/sbin/so-wazuh-restart
+      fi
+fi
+