Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add possibility to choose url or path for cve sources in var-ossec-etc-ossec-server.conf.j2 template in 4.7.3 #1256

Open
Wykx-Sama opened this issue Apr 9, 2024 · 2 comments
Open

Add possibility to choose url or path for cve sources in var-ossec-etc-ossec-server.conf.j2 template in 4.7.3 #1256

Wykx-Sama opened this issue Apr 9, 2024 · 2 comments

Comments

@Wykx-Sama
Copy link

Wykx-Sama commented Apr 9, 2024
edited
Loading

Description

While using Wazuh in a disconnected environment i saw that there is no possibility to choose if we want to set an url or a path for the vulnerability-detector section in the var-ossec-etc-ossec-server.conf.j2 template file.

  <vulnerability-detector>
  {% if wazuh_manager_config.vulnerability_detector.enabled is defined %}
    <enabled>{{ wazuh_manager_config.vulnerability_detector.enabled }}</enabled>
  {% endif %}
  {% if wazuh_manager_config.vulnerability_detector.interval is defined %}
    <interval>{{ wazuh_manager_config.vulnerability_detector.interval }}</interval>
  {% endif %}
  {% if wazuh_manager_config.vulnerability_detector.min_full_scan_interval is defined %}
    <min_full_scan_interval>{{ wazuh_manager_config.vulnerability_detector.min_full_scan_interval }}</min_full_scan_interval>
  {% endif %}
  {% if wazuh_manager_config.vulnerability_detector.run_on_start is defined %}
    <run_on_start>{{ wazuh_manager_config.vulnerability_detector.run_on_start }}</run_on_start>
  {% endif %}
  {% if wazuh_manager_config.vulnerability_detector.providers is defined %}
  {% for provider_ in wazuh_manager_config.vulnerability_detector.providers %}
    <provider name={{ provider_.name }}>
      {% if provider_.enabled is defined %}
      <enabled>{{ provider_.enabled }}</enabled>
      {% endif %}
      {% if provider_.os is defined %}
      {% for os_ in provider_.os %}
      <os>{{ os_ }}</os>
      {% endfor %}
      {% endif %}
      {% if provider_.update_interval is defined %}
      <update_interval>{{ provider_.update_interval }}</update_interval>
      {% endif %}
    </provider>
  {% endfor %}
  {% endif %}
  </vulnerability-detector>

I think it can be useful for people who use Wazuh in a disconnected environment to add this option.

tag v4.7.3
@Wykx-Sama
Copy link
Author

#1255

@Wykx-Sama Wykx-Sama mentioned this issue Apr 9, 2024
Open
@jonhattan
Copy link

In the meantime, here's a proposal to allow overriding any template from the calling playbook. This enables to configure it or any other thing. #1337

(sorry I'm spamming all related issues in the interest for people to get an universal solution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jonhattan @Wykx-Sama