Compare commits
8 commits
bugfix-nod
...
bug/erenfr
Author | SHA1 | Date | |
---|---|---|---|
2d129fea01 | |||
c9d8f75885 | |||
9835c970b4 | |||
38b65851d0 | |||
354dc0870b | |||
d7e73af7cf | |||
9fbc10d0f3 | |||
e362585c9d |
4 changed files with 76 additions and 63 deletions
|
@ -3,6 +3,7 @@ source "https://supermarket.chef.io"
|
||||||
metadata
|
metadata
|
||||||
|
|
||||||
cookbook "selinux_policy", "~> 1.1.1"
|
cookbook "selinux_policy", "~> 1.1.1"
|
||||||
cookbook "yum-atomic", "~> 0.1.2"
|
cookbook "yum", "~> 4.1.0"
|
||||||
|
cookbook "yum-atomic", path: "/home/psi-jack/Chef/cookbooks/yum-atomic"
|
||||||
cookbook "yum-epel", "~> 2.1.1"
|
cookbook "yum-epel", "~> 2.1.1"
|
||||||
cookbook "apt-atomic", "~> 0.1.2"
|
cookbook "apt-atomic", "~> 0.1.3"
|
||||||
|
|
|
@ -53,73 +53,86 @@ default["ossec"]["syscheck"]["alert_new_files"] = 'yes'
|
||||||
default["ossec"]["syscheck"]["auto_ignore"] = 'no'
|
default["ossec"]["syscheck"]["auto_ignore"] = 'no'
|
||||||
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/bin'] = {
|
default["ossec"]["syscheck"]["directories"]['/bin'] = {
|
||||||
'report_changes' => 'no',
|
'report_changes' => 'yes',
|
||||||
'realtime' => 'yes'
|
'realtime' => 'yes',
|
||||||
}
|
'check_all' => 'yes'
|
||||||
default["ossec"]["syscheck"]["directories"]['/boot'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'no'
|
|
||||||
}
|
}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/boot'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'no'
|
||||||
|
#}
|
||||||
default["ossec"]["syscheck"]["directories"]['/etc'] = {
|
default["ossec"]["syscheck"]["directories"]['/etc'] = {
|
||||||
'report_changes' => 'yes',
|
'report_changes' => 'yes',
|
||||||
'realtime' => 'no'
|
'realtime' => 'yes',
|
||||||
}
|
'check_all' => 'yes'
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/lsb'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/modules'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/plymouth'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/security'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/terminfo'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/ufw'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/lib/xtables'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'no'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/media'] = {
|
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'no'
|
|
||||||
}
|
}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/lsb'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/modules'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/plymouth'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/security'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/terminfo'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/ufw'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/lib/xtables'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'no'
|
||||||
|
#}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/media'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'no'
|
||||||
|
#}
|
||||||
default["ossec"]["syscheck"]["directories"]['/opt'] = {
|
default["ossec"]["syscheck"]["directories"]['/opt'] = {
|
||||||
'report_changes' => 'no',
|
'report_changes' => 'no',
|
||||||
'realtime' => 'no'
|
'realtime' => 'no'
|
||||||
}
|
}
|
||||||
default["ossec"]["syscheck"]["directories"]['/root'] = {
|
#default["ossec"]["syscheck"]["directories"]['/root'] = {
|
||||||
'report_changes' => 'yes',
|
# 'report_changes' => 'yes',
|
||||||
'realtime' => 'no'
|
# 'realtime' => 'no'
|
||||||
}
|
#}
|
||||||
default["ossec"]["syscheck"]["directories"]['/srv'] = {
|
#default["ossec"]["syscheck"]["directories"]['/srv'] = {
|
||||||
'report_changes' => 'no',
|
# 'report_changes' => 'no',
|
||||||
'realtime' => 'no'
|
# 'realtime' => 'no'
|
||||||
}
|
#}
|
||||||
default["ossec"]["syscheck"]["directories"]['/sbin'] = {
|
default["ossec"]["syscheck"]["directories"]['/sbin'] = {
|
||||||
'report_changes' => 'no',
|
|
||||||
'realtime' => 'yes'
|
|
||||||
}
|
|
||||||
default["ossec"]["syscheck"]["directories"]['/usr/'] = {
|
|
||||||
'report_changes' => 'yes',
|
'report_changes' => 'yes',
|
||||||
'realtime' => 'yes'
|
'realtime' => 'yes',
|
||||||
|
'check_all' => 'yes'
|
||||||
}
|
}
|
||||||
default["ossec"]["syscheck"]["directories"]['/tmp'] = {
|
#default["ossec"]["syscheck"]["directories"]['/usr/'] = {
|
||||||
'report_changes' => 'no',
|
# 'report_changes' => 'yes',
|
||||||
'realtime' => 'no'
|
# 'realtime' => 'yes'
|
||||||
|
#}
|
||||||
|
default["ossec"]["syscheck"]["directories"]['/usr/bin'] = {
|
||||||
|
'report_changes' => 'yes',
|
||||||
|
'realtime' => 'yes',
|
||||||
|
'check_all' => 'yes'
|
||||||
}
|
}
|
||||||
|
default["ossec"]["syscheck"]["directories"]['/usr/sbin'] = {
|
||||||
|
'report_changes' => 'yes',
|
||||||
|
'realtime' => 'yes',
|
||||||
|
'check_all' => 'yes'
|
||||||
|
}
|
||||||
|
#default["ossec"]["syscheck"]["directories"]['/tmp'] = {
|
||||||
|
# 'report_changes' => 'no',
|
||||||
|
# 'realtime' => 'no'
|
||||||
|
#}
|
||||||
|
|
||||||
# Syscheck Ignore Files
|
# Syscheck Ignore Files
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/openvpn/openvpn-status.log'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/openvpn/openvpn-status.log'] = {}
|
||||||
|
@ -131,8 +144,8 @@ default["ossec"]["syscheck"]["ignore"]['/etc/mail/statistics'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/random-seed'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/random-seed'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/adjtime'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/adjtime'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/prelink.cache'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/prelink.cache'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/root/.bash_history'] = {}
|
#default["ossec"]["syscheck"]["ignore"]['/root/.bash_history'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/root/.viminfo'] = {}
|
#default["ossec"]["syscheck"]["ignore"]['/root/.viminfo'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/dnscache/stats'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/dnscache/stats'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/dnscache/log'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/dnscache/log'] = {}
|
||||||
default["ossec"]["syscheck"]["ignore"]['/etc/dnscache2/stats'] = {}
|
default["ossec"]["syscheck"]["ignore"]['/etc/dnscache2/stats'] = {}
|
||||||
|
|
|
@ -4,7 +4,7 @@ maintainer_email "psi-jack@linux-help.org"
|
||||||
license "GPLv2"
|
license "GPLv2"
|
||||||
description "Installs/Configures ossec"
|
description "Installs/Configures ossec"
|
||||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||||
version "1.2.3"
|
version "1.2.6"
|
||||||
issues_url "http://git.linux-help.org/Linux-Help/ossec-ng/issues"
|
issues_url "http://git.linux-help.org/Linux-Help/ossec-ng/issues"
|
||||||
source_url "http://git.linux-help.org/Linux-Help/ossec-ng"
|
source_url "http://git.linux-help.org/Linux-Help/ossec-ng"
|
||||||
|
|
||||||
|
@ -30,4 +30,3 @@ depends 'apt-atomic', '~> 0.1.3'
|
||||||
|
|
||||||
suggests 'postfix'
|
suggests 'postfix'
|
||||||
suggests 'selinux_policy'
|
suggests 'selinux_policy'
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
# Ossec Agent provisioning recipe
|
# Ossec Agent provisioning recipe
|
||||||
# install the ossec-hids-client package, push the global
|
# install the ossec-hids-agent package, push the global
|
||||||
# and role specific configuration for the node
|
# and role specific configuration for the node
|
||||||
# get a key from the ossec-server if there's one
|
# get a key from the ossec-server if there's one
|
||||||
|
|
||||||
|
@ -38,7 +38,7 @@ else
|
||||||
end
|
end
|
||||||
|
|
||||||
# install the agent package
|
# install the agent package
|
||||||
package "ossec-hids-client"
|
package "ossec-hids-agent"
|
||||||
|
|
||||||
# define the agent parameters
|
# define the agent parameters
|
||||||
agent_hash = ossec_agent_create_parameters(node, ossec_server)
|
agent_hash = ossec_agent_create_parameters(node, ossec_server)
|
||||||
|
|
Loading…
Reference in a new issue