Merge branch 'dev' into feature/issue124

2025-12-26 02:43:11 +01:00 · 2020-01-21 16:48:26 -05:00
parent a39edad3f6 533d54793d
commit e038a8b731
58 changed files with 5157 additions and 2937 deletions
--- a/salt/wazuh/files/wazuh-manager-whitelist
+++ b/salt/wazuh/files/wazuh-manager-whitelist
@@ -0,0 +1,33 @@
+{%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+#!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Check if Wazuh enabled
+if grep -q -R "wazuh: 1" /opt/so/saltstack/pillar/*; then
+      WAZUH_MGR_CFG="/opt/so/wazuh/etc/ossec.conf"
+      if ! grep -q "<white_list>{{ MASTERIP }}</white_list>" $WAZUH_MGR_CFG ; then
+              DATE=`date`
+              sed -i 's/<\/ossec_config>//' $WAZUH_MGR_CFG
+              sed -i '/^$/N;/^\n$/D' $WAZUH_MGR_CFG
+              echo -e "<!--Address {{ MASTERIP }} added by setup on "$DATE"-->\n  <global>\n    <white_list>{{ MASTERIP }}</white_list>\n  </global>\n</ossec_config>" >> $WAZUH_MGR_CFG
+              echo "Added whitelist entry for {{ MASTERIP }} in $WAZUH_MGR_CFG."
+              echo
+              echo "Restarting OSSEC Server..."
+              /usr/sbin/so-wazuh-restart
+      fi
+fi
+
--- a/salt/wazuh/init.sls
+++ b/salt/wazuh/init.sls
@@ -1,5 +1,6 @@
 {%- set HOSTNAME = salt['grains.get']('host', '') %}
-
+{% set VERSION = salt['pillar.get']('static:soversion', '1.1.4') %}
+{% set MASTER = salt['grains.get']('master') %}
 # Add ossec group
 ossecgroup:
  group.present:
@@ -62,15 +63,18 @@ wazuhagentregister:
    - mode: 755
    - template: jinja

-so-wazuhimage:
- cmd.run:
-   - name: docker pull --disable-content-trust=false docker.io/soshybridhunter/so-wazuh:HH1.1.3
+wazuhmgrwhitelist:
+   file.managed:
+    - name: /usr/sbin/wazuh-manager-whitelist
+    - source: salt://wazuh/files/wazuh-manager-whitelist
+    - user: 0
+    - group: 0
+    - mode: 755
+    - template: jinja

 so-wazuh:
  docker_container.running:
-    - require:
-      - so-wazuhimage
-    - image: docker.io/soshybridhunter/so-wazuh:HH1.1.3
+    - image: {{ MASTER }}:5000/soshybridhunter/so-wazuh:HH{{ VERSION }}
    - hostname: {{HOSTNAME}}-wazuh-manager
    - name: so-wazuh
    - detach: True
@@ -87,3 +91,9 @@ registertheagent:
    - name: /usr/sbin/wazuh-register-agent
    - cwd: /
    #- stateful: True
+
+# Whitelist manager IP
+whitelistmanager:
+  cmd.run:
+    - name: /usr/sbin/wazuh-manager-whitelist
+    - cwd: /