sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-05-30 18:06:27 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security/wazuh-agent: update to 4.3.6

Browse source 
- Take maintership

ChangeLog at:	https://documentation.wazuh.com/current/release-notes/release-4-3-6.html
Approved by:	maintainer via email
This commit is contained in:
Jose Alonso Cardenas Marquez 2022-07-31 15:59:44 -05:00
parent 6ebe0d4e84
commit f9711a59ff
10 changed files with 945 additions and 210 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

225
security/wazuh-agent/Makefile
View file

@ -1,98 +1,189 @@
PORTNAME= wazuh
DISTVERSION= 4.3.6
DISTVERSIONPREFIX= v
DISTVERSION= 4.1.5
CATEGORIES= security
MASTER_SITES= https://packages.wazuh.com/deps/11/libraries/sources/
MASTER_SITES= https://packages.wazuh.com/deps/16/libraries/sources/:wazuh_sources
PKGNAMESUFFIX= -agent
DISTFILES= cJSON.tar.gz libplist.tar.gz curl.tar.gz libdb.tar.gz libffi.tar.gz \
libyaml.tar.gz openssl.tar.gz procps.tar.gz sqlite.tar.gz zlib.tar.gz \
audit-userspace.tar.gz msgpack.tar.gz bzip2.tar.gz libpcre2.tar.gz
DISTFILES= ${EXTERNAL_DISTFILES}
DIST_SUBDIR= ${PORTNAME}-${DISTVERSION}
EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX}
MAINTAINER= m.muenz@gmail.com
COMMENT= Security tool to monitor and check logs and intrusions
MAINTAINER= acm@FreeBSD.org
COMMENT= Security tool to monitor and check logs and intrusions (agent)
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/LICENSE
BROKEN_aarch64= fails to compile: rootcheck/os_string.c:188:20: use of undeclared identifier '__LDPGSZ'
BROKEN_i386= fails to build external OpenSSL dependency
BUILD_DEPENDS= cmake:devel/cmake \
USES= cpe gmake perl5 readline shebangfix sqlite:3 uidfix
USES= cpe gmake perl5 readline shebangfix uidfix
USE_GITHUB= yes
USE_RC_SUBR= ${PORTNAME}-agent
USE_RC_SUBR= ${PORTNAME}${PKGNAMESUFFIX}
SHEBANG_FILES= ${WRKSRC}/contrib/util.sh \
${WRKSRC}/src/external/openssl/Configurations/unix-checker.pm \
${WRKSRC}/src/init/ossec-client.sh \
${WRKSRC}/wodles/oscap/oscap.py \
${WRKSRC}/active-response/*.sh
MAKE_ARGS+= TARGET=agent
CONFLICTS_INSTALL= ossec
EXTERNAL_DISTFILES= cJSON.tar.gz:wazuh_sources \
curl.tar.gz:wazuh_sources \
libdb.tar.gz:wazuh_sources \
libffi.tar.gz:wazuh_sources \
libyaml.tar.gz:wazuh_sources \
openssl.tar.gz:wazuh_sources \
procps.tar.gz:wazuh_sources \
sqlite.tar.gz:wazuh_sources \
zlib.tar.gz:wazuh_sources \
audit-userspace.tar.gz:wazuh_sources \
msgpack.tar.gz:wazuh_sources \
bzip2.tar.gz:wazuh_sources \
nlohmann.tar.gz:wazuh_sources \
googletest.tar.gz:wazuh_sources \
libpcre2.tar.gz:wazuh_sources \
libplist.tar.gz:wazuh_sources \
libarchive.tar.gz:wazuh_sources \
popt.tar.gz:wazuh_sources
USERS= ossec ossecm ossecr
GROUPS= ossec
OPTIONS_DEFINE= INOTIFY PRELUDE ZEROMQ
OSSEC_GROUP= ossec
OSSEC_USER= ossec
INOTIFY_LIB_DEPENDS= libinotify.so:devel/libinotify
PRELUDE_LIB_DEPENDS= libprelude.so:security/libprelude
ZEROMQ_LIB_DEPENDS= libczmq.so:net/czmq
WAZUHMOD750= / /logs/ossec /bin /lib /queue /queue/diff /ruleset /ruleset/sca /wodles \
/active-response /active-response/bin /agentless /var /backup /queue/rids \
/wodles/oscap /wodles/oscap/content
INOTIFY_DESC= Kevent based real time monitoring
PRELUDE_DESC= Sensor support from Prelude SIEM
ZEROMQ_DESC= ZeroMQ support
WAZUHMOD770= /logs /queue/alerts /queue/fim /queue/fim/db /queue/ossec /etc /etc/shared \
/.ssh /var/run /var/upgrade /var/wodles /var/incoming /queue/ossec/fim \
/queue/ossec/fim/db
ZEROMQ_MAKE_ENV= USE_ZEROMQ=yes
PRELUDE_MAKE_ENV= USE_PRELUDE=yes
INOTIFY_MAKE_ENV= USE_INOTIFY=yes
INOTIFY_USES= pkgconfig
WAZUH_USER= wazuh
WAZUH_GROUP= wazuh
USERS= ${WAZUH_USER}
GROUPS= ${WAZUH_GROUP}
CONFLICTS= ossec-* wazuh-manager
SUB_FILES= pkg-message
WZBIN_FILES= agent-auth manage_agents wazuh-agentd wazuh-execd wazuh-logcollector \
wazuh-modulesd wazuh-syscheckd
WZARBIN_FILES= default-firewall-drop pf npf ipfw firewalld-drop disable-account \
host-deny ip-customblock restart-wazuh route-null kaspersky wazuh-slack
WAZUHMOD750= / /logs/wazuh /bin /lib /queue /queue/diff /queue/logcollector \
/queue/syscollector /queue/syscollector/db /ruleset /ruleset/sca /wodles \
/active-response /active-response/bin /agentless /var /backup \
/wodles/aws /wodles/azure /wodles/docker /wodles/gcloud \
/wodles/gcloud/buckets /wodles/gcloud/pubsub
WAZUHMOD770= /etc/shared/default /logs /queue/alerts /queue/fim \
/queue/fim/db /queue/rids /queue/sockets /etc /etc/shared \
/var/run /var/upgrade /var/selinux /var/wodles /var/incoming
WAZUHPREFIX= /var/ossec
# extract all extra distfiles in src/external
.include <bsd.port.pre.mk>
post-extract:
@for file in ${DISTFILES}; do \
if ! (cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/$$file ${EXTRACT_AFTER_ARGS}); \
then \
exit 1; \
fi; \
done
.for FILE in ${EXTERNAL_DISTFILES}
@cd ${WRKSRC}/src/external && ${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/${FILE:S/:wazuh_sources//} ${EXTRACT_AFTER_ARGS}
.endfor
post-patch:
${REINPLACE_CMD} -e 's|HOST_NAME_MAX|_POSIX_HOST_NAME_MAX|g' ${WRKSRC}/src/wazuh_modules/wm_database.c
${REINPLACE_CMD} -e 's|CC=|CC?=|g' -e 's|AR=|AR?=|g' ${WRKSRC}/src/external/bzip2/Makefile
${REINPLACE_CMD} '115d' ${WRKSRC}/src/wazuh_modules/syscollector/CMakeLists.txt
do-build:
@cd ${WRKSRC}/src && ${GMAKE} TARGET=agent
cd ${WRKSRC}/src/ && ${SETENV} ${MAKE_ENV} STAGEDIR=${STAGEDIR} \
${MAKE_CMD} ${MAKE_ARGS}
do-install:
@for mod750 in ${WAZUHMOD750}; do \
${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}$$mod750; \
done
${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/bin
${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/lib
${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/tmp
@for mod770 in ${WAZUHMOD770}; do \
${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}$$mod770; \
done
.for DIRE in ${WAZUHMOD750}
${MKDIR} -m 0750 ${STAGEDIR}${WAZUHPREFIX}${DIRE}
.endfor
.for DIRE in ${WAZUHMOD770}
${MKDIR} -m 0770 ${STAGEDIR}${WAZUHPREFIX}${DIRE}
.endfor
.for FILE in ${WZBIN_FILES}
${INSTALL_PROGRAM} ${WRKSRC}/src/${FILE} ${STAGEDIR}${WAZUHPREFIX}/bin
.endfor
${INSTALL_SCRIPT} ${WRKSRC}/src/init/wazuh-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/wazuh-control
${TOUCH} ${STAGEDIR}${WAZUHPREFIX}/etc/localtime
${INSTALL_DATA} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc
${INSTALL_DATA} ${WRKSRC}/src/wazuh_modules/syscollector/norm_config.json ${STAGEDIR}${WAZUHPREFIX}/queue/syscollector
${INSTALL_DATA} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf
${INSTALL_DATA} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys
${INSTALL_DATA} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/
${INSTALL_DATA} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf
${MKDIR} -m 1770 ${STAGEDIR}${WAZUHPREFIX}/tmp
${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-logcollector ${STAGEDIR}${WAZUHPREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-syscheckd ${STAGEDIR}${WAZUHPREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-execd ${STAGEDIR}${WAZUHPREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/src/manage_agents ${STAGEDIR}${WAZUHPREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-modulesd ${STAGEDIR}${WAZUHPREFIX}/bin/
${INSTALL_PROGRAM} ${WRKSRC}/src/ossec-agentd ${STAGEDIR}${WAZUHPREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib
${INSTALL_PROGRAM} ${WRKSRC}/src/agent-auth ${STAGEDIR}${WAZUHPREFIX}/bin
${CP} ${WRKSRC}/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/
${CP} ${WRKSRC}/active-response/firewalls/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/
${CP} ${WRKSRC}/etc/internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/
${CP} ${WRKSRC}/etc/local_internal_options.conf ${STAGEDIR}${WAZUHPREFIX}/etc/local_internal_options.conf
${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf
${CP} ${WRKSRC}/etc/ossec-agent.conf ${STAGEDIR}${WAZUHPREFIX}/etc/ossec.conf.sample
${CP} /dev/null ${STAGEDIR}${WAZUHPREFIX}/etc/client.keys
${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.log
${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/ossec.json
${INSTALL_SCRIPT} /dev/null ${STAGEDIR}${WAZUHPREFIX}/logs/active-responses.log
${INSTALL_SCRIPT} ${WRKSRC}/contrib/util.sh ${STAGEDIR}${WAZUHPREFIX}/bin/
${INSTALL_SCRIPT} ${WRKSRC}/src/init/ossec-client.sh ${STAGEDIR}${WAZUHPREFIX}/bin/ossec-control
${INSTALL_SCRIPT} ${WRKSRC}/src/agentlessd/scripts/* ${STAGEDIR}${WAZUHPREFIX}/agentless/
${INSTALL_SCRIPT} ${WRKSRC}/src/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/
${INSTALL_SCRIPT} ${WRKSRC}/etc/wpk_root.pem ${STAGEDIR}${WAZUHPREFIX}/etc/
${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/oscap.py ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap
${INSTALL_SCRIPT} ${WRKSRC}/wodles/oscap/template_*.xsl ${STAGEDIR}${WAZUHPREFIX}/wodles/oscap
.include <bsd.port.mk>
.for FILE in ${WZARBIN_FILES}
${INSTALL_PROGRAM} ${WRKSRC}/src/${FILE} ${STAGEDIR}${WAZUHPREFIX}/active-response/bin
.endfor
${INSTALL_PROGRAM} ${WRKSRC}/src/wazuh-slack ${STAGEDIR}${WAZUHPREFIX}/active-response/bin
${INSTALL_SCRIPT} ${WRKSRC}/src/active-response/*.sh ${STAGEDIR}${WAZUHPREFIX}/active-response/bin
${INSTALL_SCRIPT} ${WRKSRC}/src/active-response/*.py ${STAGEDIR}${WAZUHPREFIX}/active-response/bin
${INSTALL_PROGRAM} ${WRKSRC}/src/default-firewall-drop ${STAGEDIR}${WAZUHPREFIX}/active-response/bin/firewall-drop
${INSTALL_DATA} ${WRKSRC}/ruleset/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared
${INSTALL_DATA} ${WRKSRC}/ruleset/rootcheck/db/*.txt ${STAGEDIR}${WAZUHPREFIX}/etc/shared/default
${INSTALL_SCRIPT} ${WRKSRC}/wodles/__init__.py ${STAGEDIR}${WAZUHPREFIX}/wodles/__init__.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/utils.py ${STAGEDIR}${WAZUHPREFIX}/wodles/utils.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/aws/aws_s3.py ${STAGEDIR}${WAZUHPREFIX}/wodles/aws/aws-s3.py
${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/aws/aws-s3
${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/gcloud.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/gcloud.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/integration.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/integration.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/tools.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/tools.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/buckets/bucket.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/buckets/bucket.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/buckets/access_logs.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/buckets/access_logs.py
${INSTALL_SCRIPT} ${WRKSRC}/wodles/gcloud/pubsub/subscriber.py ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/pubsub/subscriber.py
${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/gcloud/gcloud
${INSTALL_SCRIPT} ${WRKSRC}/wodles/docker-listener/DockerListener.py ${STAGEDIR}${WAZUHPREFIX}/wodles/docker/DockerListener.py
${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/docker/DockerListener
${INSTALL_SCRIPT} ${WRKSRC}/wodles/azure/azure-logs.py ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs.py
${INSTALL_SCRIPT} ${WRKSRC}/framework/wrappers/generic_wrapper.sh ${STAGEDIR}${WAZUHPREFIX}/wodles/azure/azure-logs
${FIND} ${WRKSRC}/ruleset/sca -type f -name "*.yml" -exec ${INSTALL_DATA} "{}" ${STAGEDIR}${WAZUHPREFIX}/ruleset/sca \;
${INSTALL_LIB} ${WRKSRC}/src/libwazuhext.so ${STAGEDIR}${WAZUHPREFIX}/lib
${INSTALL_LIB} ${WRKSRC}/src/libwazuhshared.so ${STAGEDIR}${WAZUHPREFIX}/lib
${INSTALL_LIB} ${WRKSRC}/src/shared_modules/dbsync/build/lib/libdbsync.so ${STAGEDIR}${WAZUHPREFIX}/lib
${INSTALL_LIB} ${WRKSRC}/src/shared_modules/rsync/build/lib/librsync.so ${STAGEDIR}${WAZUHPREFIX}/lib
${INSTALL_LIB} ${WRKSRC}/src/wazuh_modules/syscollector/build/lib/libsyscollector.so ${STAGEDIR}${WAZUHPREFIX}/lib
${INSTALL_LIB} ${WRKSRC}/src/data_provider/build/lib/libsysinfo.so ${STAGEDIR}${WAZUHPREFIX}/lib
${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/etc/templates
${MKDIR} ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/src
cd ${WRKSRC}/etc/templates && ${COPYTREE_SHARE} config \
${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/etc/templates/
cd ${WRKSRC}/ruleset && ${COPYTREE_SHARE} sca \
${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/
cd ${WRKSRC}/src && ${COPYTREE_SHARE} init \
${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/src/
${INSTALL_SCRIPT} ${WRKSRC}/gen_ossec.sh ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/
${INSTALL_SCRIPT} ${WRKSRC}/add_localfiles.sh ${STAGEDIR}${WAZUHPREFIX}/packages_files/agent_installation_scripts/
.include <bsd.port.post.mk>

70
security/wazuh-agent/distinfo
View file

@ -1,31 +1,39 @@
TIMESTAMP = 1620770195
SHA256 (wazuh-4.1.5/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1
SIZE (wazuh-4.1.5/cJSON.tar.gz) = 27863
SHA256 (wazuh-4.1.5/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c
SIZE (wazuh-4.1.5/libplist.tar.gz) = 1520623
SHA256 (wazuh-4.1.5/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66
SIZE (wazuh-4.1.5/curl.tar.gz) = 3692998
SHA256 (wazuh-4.1.5/libdb.tar.gz) = 885f01aebcca995bcef48d8dc47acb8c4bd5eab06ec188e76cb5863e4f9b2d9b
SIZE (wazuh-4.1.5/libdb.tar.gz) = 4283467
SHA256 (wazuh-4.1.5/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69
SIZE (wazuh-4.1.5/libffi.tar.gz) = 964576
SHA256 (wazuh-4.1.5/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a
SIZE (wazuh-4.1.5/libyaml.tar.gz) = 424656
SHA256 (wazuh-4.1.5/openssl.tar.gz) = a88f46d7dd7b1a88db1faa94943911bf24a0081f90fd1a28bbf06ad54eeab013
SIZE (wazuh-4.1.5/openssl.tar.gz) = 12936469
SHA256 (wazuh-4.1.5/procps.tar.gz) = 87336a7860f5116ac5c5222b6b0d5c892e202ce136947e4776037bb7670ce6e2
SIZE (wazuh-4.1.5/procps.tar.gz) = 55692
SHA256 (wazuh-4.1.5/sqlite.tar.gz) = 23e109ee91ed16b4a95b2d361ecfd82820842fc337a80aa8032590b96eebddd2
SIZE (wazuh-4.1.5/sqlite.tar.gz) = 1980218
SHA256 (wazuh-4.1.5/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01
SIZE (wazuh-4.1.5/zlib.tar.gz) = 643568
SHA256 (wazuh-4.1.5/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434
SIZE (wazuh-4.1.5/audit-userspace.tar.gz) = 1682820
SHA256 (wazuh-4.1.5/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2
SIZE (wazuh-4.1.5/msgpack.tar.gz) = 591294
SHA256 (wazuh-4.1.5/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd
SIZE (wazuh-4.1.5/bzip2.tar.gz) = 71277
SHA256 (wazuh-4.1.5/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa
SIZE (wazuh-4.1.5/libpcre2.tar.gz) = 1252173
SHA256 (wazuh-4.1.5/wazuh-wazuh-v4.1.5_GH0.tar.gz) = 506161168fc4fdf45988c2e88f9938ac829bb79a441035c9061bf84173c6a179
SIZE (wazuh-4.1.5/wazuh-wazuh-v4.1.5_GH0.tar.gz) = 18380705
TIMESTAMP = 1659299134
SHA256 (wazuh-4.3.6/cJSON.tar.gz) = 678d796318da57d5f38075e74bbb3b77375dc3f8bb49da341ad1b43c417e8cc1
SIZE (wazuh-4.3.6/cJSON.tar.gz) = 27863
SHA256 (wazuh-4.3.6/curl.tar.gz) = 78ad4a75fec89dd83c75cf35203c1c757c21cb2a6ff574647b13bf86c8798d66
SIZE (wazuh-4.3.6/curl.tar.gz) = 3692998
SHA256 (wazuh-4.3.6/libdb.tar.gz) = 7e9c44e8c7fdb186ff521a8d085b1bfa634d342dcc777ecea1fbf9a98ab5dc5e
SIZE (wazuh-4.3.6/libdb.tar.gz) = 3874990
SHA256 (wazuh-4.3.6/libffi.tar.gz) = 0e971f64bacc22094e89f034bba075b40ecc2c2c2900eecd7ae85815fd6c9f69
SIZE (wazuh-4.3.6/libffi.tar.gz) = 964576
SHA256 (wazuh-4.3.6/libyaml.tar.gz) = 35daad608b372d5ce099f738c0f21bfcc03d6920d92f448386c584e664f1376a
SIZE (wazuh-4.3.6/libyaml.tar.gz) = 424656
SHA256 (wazuh-4.3.6/openssl.tar.gz) = cdd47d1de792c94eef02344a768afee151c16f5fb92582ba3b97168a7b65ffc0
SIZE (wazuh-4.3.6/openssl.tar.gz) = 10162682
SHA256 (wazuh-4.3.6/procps.tar.gz) = 221f395e29d1bdbe4bacc9db39602eee0bae685a935437be0d7feb42e3192d07
SIZE (wazuh-4.3.6/procps.tar.gz) = 55897
SHA256 (wazuh-4.3.6/sqlite.tar.gz) = e68521637d9e4e60115707cd7f35275a92ce6d0fc1ff04e22d7bbf0c393f8ff1
SIZE (wazuh-4.3.6/sqlite.tar.gz) = 2296429
SHA256 (wazuh-4.3.6/zlib.tar.gz) = ddbeac924cc7fc3274ad0d5cfcf2a72792f0500e9607c65d02e8753f3a510a01
SIZE (wazuh-4.3.6/zlib.tar.gz) = 643568
SHA256 (wazuh-4.3.6/audit-userspace.tar.gz) = e82a32e5edf93b055160e14bc97f41dead39287925851dc80a7638e2d4d30434
SIZE (wazuh-4.3.6/audit-userspace.tar.gz) = 1682820
SHA256 (wazuh-4.3.6/msgpack.tar.gz) = 06d63bcf32896cd0af5480c401134b1ad1c166fd84ebe5b486e792101ee854e2
SIZE (wazuh-4.3.6/msgpack.tar.gz) = 591294
SHA256 (wazuh-4.3.6/bzip2.tar.gz) = 27688ee0316a64b39e511b2c224070cad97c394a5f711f9d055fc1809d895bcd
SIZE (wazuh-4.3.6/bzip2.tar.gz) = 71277
SHA256 (wazuh-4.3.6/nlohmann.tar.gz) = b5c3a99e9eb5331d958e2bdd3a6283c4b9ea7ad674dd4669ee26d5c5eef845fe
SIZE (wazuh-4.3.6/nlohmann.tar.gz) = 134429
SHA256 (wazuh-4.3.6/googletest.tar.gz) = 8c1e8a0a7f221c2125e99e6acb709da2ba472476b4d057c58de504bebf38d417
SIZE (wazuh-4.3.6/googletest.tar.gz) = 885874
SHA256 (wazuh-4.3.6/libpcre2.tar.gz) = d0bafc3579fa0af0a39951586edfa349e1f4be83d28bed86abe0a3fc4b34fcfa
SIZE (wazuh-4.3.6/libpcre2.tar.gz) = 1252173
SHA256 (wazuh-4.3.6/libplist.tar.gz) = 88278d4bdfc1bd6a3a1a55a4f3d933683d2732ba09cf7a749fe8ec8eec406e3c
SIZE (wazuh-4.3.6/libplist.tar.gz) = 1520623
SHA256 (wazuh-4.3.6/libarchive.tar.gz) = f863f382ead9f61abc560ff0ead0be3aa9e95b6f8c62756e1f034f4c2386ba79
SIZE (wazuh-4.3.6/libarchive.tar.gz) = 7040169
SHA256 (wazuh-4.3.6/popt.tar.gz) = d6880a06622ca32dc4aa39ad5dcf7bef2faa81bd931afbe64ba434ad8fee1daa
SIZE (wazuh-4.3.6/popt.tar.gz) = 891309
SHA256 (wazuh-4.3.6/wazuh-wazuh-v4.3.6_GH0.tar.gz) = 81b7d549b5956e59ba2ded9f1305cfda57377858a8560891573a27b9139d2472
SIZE (wazuh-4.3.6/wazuh-wazuh-v4.3.6_GH0.tar.gz) = 8346134

19
security/wazuh-agent/files/patch-api_Makefile Normal file
View file

@ -0,0 +1,19 @@
--- api/Makefile 2022-07-26 15:51:47.002374000 -0500
+++ api/Makefile 2022-07-26 15:52:25.960498000 -0500
@@ -8,11 +8,11 @@
INSTALLDIR ?= /var/ossec
RM_FILE = rm -f
-INSTALL_DIR = install -o root -g ${WAZUH_GROUP} -m 0750 -d
-INSTALL_RW_DIR = install -o root -g ${WAZUH_GROUP} -m 0770 -d
-INSTALL_EXEC = install -o root -g ${WAZUH_GROUP} -m 0750
-INSTALL_FILE = install -o root -g ${WAZUH_GROUP} -m 0640
-INSTALL_CONFIG_FILE = install -o root -g ${WAZUH_GROUP} -m 0660
+INSTALL_DIR = install -m 0750 -d
+INSTALL_RW_DIR = install -m 0770 -d
+INSTALL_EXEC = install -m 0750
+INSTALL_FILE = install -m 0640
+INSTALL_CONFIG_FILE = install -m 0660
PYTHON_BIN = $(INSTALLDIR)/framework/python/bin/python3

21
security/wazuh-agent/files/patch-framework_Makefile Normal file
View file

@ -0,0 +1,21 @@
--- framework/Makefile 2022-07-26 15:50:26.898033000 -0500
+++ framework/Makefile 2022-07-26 15:51:11.464092000 -0500
@@ -7,13 +7,13 @@
WAZUH_GROUP = wazuh
INSTALLDIR ?= /var/ossec
-CC = gcc
-CFLAGS = -pipe -Wall -Wextra
+CC ?= gcc
+CFLAGS ?= -pipe -Wall -Wextra
THREAD_FLAGS = -pthread
RM_FILE = rm -f
-INSTALL_DIR = install -o root -g ${WAZUH_GROUP} -m 0750 -d
-INSTALL_EXEC = install -o root -g ${WAZUH_GROUP} -m 0750
-INSTALL_FILE = install -o root -g ${WAZUH_GROUP} -m 0640
+INSTALL_DIR = install -m 0750 -d
+INSTALL_EXEC = install -m 0750
+INSTALL_FILE = install -m 0640
ifdef DEBUG
CFLAGS+=-g -I ../src

76
security/wazuh-agent/files/patch-src-Makefile Normal file
View file

@ -0,0 +1,76 @@
--- src/Makefile 2022-07-15 04:10:46.000000000 -0500
+++ src/Makefile 2022-07-29 01:20:22.816107000 -0500
@@ -16,8 +16,10 @@
uname_M := $(shell sh -c 'uname -m 2>/dev/null || echo not')
HAS_CHECKMODULE = $(shell command -v checkmodule > /dev/null && echo YES)
HAS_SEMODULE_PACKAGE = $(shell command -v semodule_package > /dev/null && echo YES)
+ifeq (${uname_S},Linux)
CHECK_ARCHLINUX := $(shell sh -c 'grep "Arch Linux" /etc/os-release > /dev/null && echo YES || echo not')
CHECK_CENTOS5 := $(shell sh -c 'grep "CentOS release 5." /etc/redhat-release > /dev/null && echo YES || echo not')
+endif
ARCH_FLAGS =
@@ -208,10 +210,10 @@
ifeq (${uname_S},FreeBSD)
DEFINES+=-DFreeBSD
OSSEC_CFLAGS+=-pthread -I/usr/local/include
- OSSEC_LDFLAGS+=-pthread
+ OSSEC_LDFLAGS+=-pthread -lnghttp2
OSSEC_LDFLAGS+=-L/usr/local/lib
OSSEC_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../lib'
- AR_LDFLAGS+=-pthread
+ AR_LDFLAGS+=-pthread -lnghttp2
AR_LDFLAGS+=-L/usr/local/lib
AR_LDFLAGS+='-Wl,-rpath,$$ORIGIN/../../lib'
PRECOMPILED_OS:=freebsd
@@ -812,6 +814,8 @@
EXTERNAL_LIBS += $(LIBCURL_LIB)
else ifeq (${uname_S},Linux)
EXTERNAL_LIBS += $(LIBCURL_LIB)
+else ifeq (${uname_S},FreeBSD)
+ EXTERNAL_LIBS += $(LIBCURL_LIB)
else ifeq (${uname_S},Darwin)
EXTERNAL_LIBS += $(LIBCURL_LIB)
endif
@@ -2112,26 +2116,28 @@
mkdir -p ${WPYTHON_DIR}
cp external/${WPYTHON_TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} && ${TAR} ${WPYTHON_DIR}/${WPYTHON_TAR} -C ${WPYTHON_DIR} && rm -rf ${WPYTHON_DIR}/${WPYTHON_TAR}
endif
- find ${WPYTHON_DIR} -name "*${WLIBPYTHON}" -exec ln -f {} ${INSTALLDIR}/lib/${WLIBPYTHON} \;
+ mkdir -p $(STAGEDIR)${INSTALLDIR}/lib
+ find $(STAGEDIR)${WPYTHON_DIR} -name "*${WLIBPYTHON}" -exec ln -f {} $(STAGEDIR)${INSTALLDIR}/lib/${WLIBPYTHON} \;
+
python_dependencies := requirements.txt
-install_dependencies: install_python
+install_dependencies:
ifneq (,$(wildcard ${EXTERNAL_CPYTHON}))
- ${WPYTHON_DIR}/bin/python3 -m pip install --upgrade pip --index-url=file://${ROUTE_PATH}/${EXTERNAL_CPYTHON}/Dependencies/simple
- LD_LIBRARY_PATH="${INSTALLDIR}/lib" LDFLAGS="-L${INSTALLDIR}/lib" ${WPYTHON_DIR}/bin/pip3 install -r ../framework/${python_dependencies} --index-url=file://${ROUTE_PATH}/${EXTERNAL_CPYTHON}/Dependencies/simple
+ $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B -m pip install --upgrade pip --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --no-index --find-links=wazuh-cache/ --cache-dir=wazuh-cache/ --no-compile
+ LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-cache-any/*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile
+ LD_LIBRARY_PATH="$(STAGEDIR)${INSTALLDIR}/lib" LDFLAGS="-L$(STAGEDIR)${INSTALLDIR}/lib" $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -m pip install wazuh-cache-${uname_M}/*.whl --root=$(STAGEDIR) --prefix=${WPYTHON_DIR} --no-deps --no-compile
endif
-install_framework: install_python
- cd ../framework && ${WPYTHON_DIR}/bin/python3 setup.py clean --all install --prefix=${WPYTHON_DIR} --wazuh-version=$(shell cat VERSION) --install-type=${TARGET}
- chown -R root:${WAZUH_GROUP} ${WPYTHON_DIR}
- chmod -R o=- ${WPYTHON_DIR}
+install_framework:
+ cd ../framework && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B setup.py clean --all install --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --wazuh-version=$(shell cat VERSION) --install-type=${TARGET} --no-compile
+ chmod -R o=- $(STAGEDIR)${WPYTHON_DIR}
-install_api: install_python
- cd ../api && ${WPYTHON_DIR}/bin/python3 setup.py clean --all install --prefix=${WPYTHON_DIR}
+install_api:
+ cd ../api && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 -B setup.py clean --all install --prefix=${WPYTHON_DIR} --root=$(STAGEDIR) --no-compile
-install_mitre: install_python
- cd ../tools/mitre && ${WPYTHON_DIR}/bin/python3 mitredb.py -d ${INSTALLDIR}/var/db/mitre.db
+install_mitre:
+ cd ../tools/mitre && $(STAGEDIR)${WPYTHON_DIR}/bin/python3 mitredb.py -d $(STAGEDIR)${INSTALLDIR}/var/db/mitre.db
####################

16
security/wazuh-agent/files/patch-tools-mitre_mitredb-py Normal file
View file

@ -0,0 +1,16 @@
--- tools/mitre/mitredb.py 2022-07-26 14:50:02.401104000 -0500
+++ tools/mitre/mitredb.py 2022-07-26 15:25:13.375626000 -0500
@@ -763,13 +763,6 @@
# Parse enterprise-attack.json file:
parse_json(pathfile, session, database)
- # User and group permissions
- os.chmod(database, 0o660)
- uid = pwd.getpwnam("root").pw_uid
- gid = grp.getgrnam("wazuh").gr_gid
- os.chown(database, uid, gid)
-
-
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='This script installs mitre.db in a directory.')
parser.add_argument('--database', '-d', help='-d /your/directory/mitre.db (default: /var/ossec/var/db/mitre.db')

32
security/wazuh-agent/files/pkg-message.in Normal file
View file

@ -0,0 +1,32 @@
[
{ type: install
message: <<EOM
Wazuh Agent was installed
1) Copy /etc/locatime to /var/ossec/etc directory
# cp /etc/localtime /var/ossec/etc
2) You must edit /var/ossec/etc/ossec.conf.sample for your setup and rename/copy
it to ossec.conf
Take a look wazuh configuration at the following url:
https://documentation.wazuh.com/current/user-manual/index.html
3) You can find additional useful files installed at
# /var/ossec/packages_files/agent_installation_scripts
4) Add Wazuh agent to /etc/rc.conf
# sysrc wazuh_agent_enable="YES"
5) Start Wazuh agent
# service wazuh_agent start
6) Enjoy it ;)
EOM
}
]

6
security/wazuh-agent/files/wazuh-agent.in
View file

@ -19,7 +19,7 @@ load_rc_config $name # Loads the config file, if relevant.
: ${wazuh_agent_enable:="NO"}
command="/var/ossec/bin/ossec-control"
command="/var/ossec/bin/wazuh-control"
extra_commands="status"
start_cmd="wazuh_agent_start"
@ -27,7 +27,7 @@ stop_cmd="wazuh_agent_stop"
status_cmd="wazuh_agent_status"
wazuh_agent_start() {
echo -n "Starting Wazuh: "
echo -n "Starting Wazuh Agent: "
${command} start > /dev/null
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
@ -40,7 +40,7 @@ wazuh_agent_start() {
}
wazuh_agent_stop() {
echo -n "Stopping Wazuh: "
echo -n "Stopping Wazuh Agent: "
${command} stop > /dev/null
RETVAL=$?
if [ $RETVAL -eq 0 ]; then

7
security/wazuh-agent/pkg-message
View file

@ -1,7 +0,0 @@
************************************************************************************
* *
* You must edit /var/ossec/etc/ossec.conf.sample for your setup, and *
* follow the other directions for wazuh client configuration at: *
* https://documentation.wazuh.com/3.12/user-manual/reference/ossec-conf/index.html *
* *
************************************************************************************

683
security/wazuh-agent/pkg-plist
View file

@ -1,102 +1,581 @@
@info(root,ossec,0750) /var/ossec/active-response/bin/default-firewall-drop.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/disable-account.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/firewalld-drop.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/host-deny.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ip-customblock.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ipfw_mac.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/kaspersky.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/npf.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-slack.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/ossec-tweeter.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/pf.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/restart-ossec.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/restart.sh
@info(root,ossec,0750) /var/ossec/active-response/bin/route-null.sh
@info(root,ossec,0750) /var/ossec/agentless/main.exp
@info(root,ossec,0750) /var/ossec/agentless/register_host.sh
@info(root,ossec,0750) /var/ossec/agentless/ssh.exp
@info(root,ossec,0750) /var/ossec/agentless/ssh_asa-fwsmconfig_diff
@info(root,ossec,0750) /var/ossec/agentless/ssh_foundry_diff
@info(root,ossec,0750) /var/ossec/agentless/ssh_generic_diff
@info(root,ossec,0750) /var/ossec/agentless/ssh_integrity_check_bsd
@info(root,ossec,0750) /var/ossec/agentless/ssh_integrity_check_linux
@info(root,ossec,0750) /var/ossec/agentless/ssh_nopass.exp
@info(root,ossec,0750) /var/ossec/agentless/ssh_pixconfig_diff
@info(root,ossec,0750) /var/ossec/agentless/sshlogin.exp
@info(root,ossec,0750) /var/ossec/agentless/su.exp
@info(root,root,0750) /var/ossec/bin/agent-auth
@info(root,root,0750) /var/ossec/bin/manage_agents
@info(root,root,0750) /var/ossec/bin/ossec-agentd
@info(root,root,0750) /var/ossec/bin/ossec-control
@info(root,root,0750) /var/ossec/bin/ossec-execd
@info(root,root,0750) /var/ossec/bin/ossec-logcollector
@info(root,root,0750) /var/ossec/bin/ossec-syscheckd
@info(root,root,0750) /var/ossec/bin/util.sh
@info(root,root,0750) /var/ossec/bin/wazuh-modulesd
@info(root,ossec,0640) /var/ossec/etc/client.keys
@info(root,ossec,0640) /var/ossec/etc/internal_options.conf
@info(root,ossec,0640) /var/ossec/etc/local_internal_options.conf
@info(root,ossec,0640) /var/ossec/etc/ossec.conf.sample
@info(root,ossec,0640) /var/ossec/etc/ossec.conf
@info(root,ossec,0660) /var/ossec/etc/shared/cis_apache2224_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_debian_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_rhel_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles11_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_sles12_linux_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_files.txt
@info(root,ossec,0660) /var/ossec/etc/shared/rootkit_trojans.txt
@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/system_audit_ssh.txt
@info(root,ossec,0660) /var/ossec/etc/shared/win_applications_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/win_audit_rcl.txt
@info(root,ossec,0660) /var/ossec/etc/shared/win_malware_rcl.txt
@info(root,ossec,0640) /var/ossec/etc/wpk_root.pem
@info(root,ossec,0750) /var/ossec/lib/libwazuhext.so
@info(ossec,ossec,0666) /var/ossec/logs/active-responses.log
@info(ossec,ossec,0666) /var/ossec/logs/ossec.json
@info(ossec,ossec,0666) /var/ossec/logs/ossec.log
@info(root,ossec,0750) /var/ossec/wodles/oscap/oscap.py
@info(root,ossec,0750) /var/ossec/wodles/oscap/template_oval.xsl
@info(root,ossec,0750) /var/ossec/wodles/oscap/template_xccdf.xsl
@dir(root,ossec,0770) /var/ossec/.ssh
@dir(root,ossec,0750) /var/ossec/active-response/bin
@dir(root,ossec,0750) /var/ossec/active-response
@dir(root,ossec,0750) /var/ossec/agentless
@dir(root,ossec,0750) /var/ossec/backup
@dir(root,wheel,0750) /var/ossec/bin
@dir(root,ossec,0770) /var/ossec/etc/shared
@dir(ossec,ossec,0770) /var/ossec/etc
@dir(root,ossec,0750) /var/ossec/lib
@dir(ossec,ossec,0750) /var/ossec/logs/ossec
@dir(ossec,ossec,0770) /var/ossec/logs
@dir(ossec,ossec,0770) /var/ossec/queue/alerts
@dir(ossec,ossec,0750) /var/ossec/queue/diff
@dir(ossec,ossec,0770) /var/ossec/queue/fim/db
@dir(ossec,ossec,0770) /var/ossec/queue/fim
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim/db
@dir(ossec,ossec,0770) /var/ossec/queue/ossec/fim
@dir(ossec,ossec,0770) /var/ossec/queue/ossec
@dir(ossec,ossec,0750) /var/ossec/queue/rids
@dir(root,ossec,0750) /var/ossec/queue
@dir(root,ossec,0750) /var/ossec/ruleset/sca
@dir(root,ossec,0750) /var/ossec/ruleset
@dir(root,ossec,1770) /var/ossec/tmp
@dir(root,ossec,0770) /var/ossec/var/incoming
@dir(root,ossec,0770) /var/ossec/var/run
@dir(root,ossec,0770) /var/ossec/var/upgrade
@dir(root,ossec,0770) /var/ossec/var/wodles
@dir(root,ossec,0750) /var/ossec/var
@dir(root,ossec,0750) /var/ossec/wodles/oscap/content
@dir(root,ossec,0750) /var/ossec/wodles/oscap
@dir(root,ossec,0750) /var/ossec/wodles
@dir(root,ossec,0750) /var/ossec
@mode 750
@owner root
@group wazuh
/var/ossec/active-response/bin/default-firewall-drop
/var/ossec/active-response/bin/disable-account
/var/ossec/active-response/bin/firewall-drop
/var/ossec/active-response/bin/firewalld-drop
/var/ossec/active-response/bin/host-deny
/var/ossec/active-response/bin/ip-customblock
/var/ossec/active-response/bin/ipfw
/var/ossec/active-response/bin/kaspersky
/var/ossec/active-response/bin/kaspersky.py
/var/ossec/active-response/bin/npf
/var/ossec/active-response/bin/pf
/var/ossec/active-response/bin/restart-wazuh
/var/ossec/active-response/bin/restart.sh
/var/ossec/active-response/bin/route-null
/var/ossec/active-response/bin/wazuh-slack
@mode 750
@owner root
@group wazuh
/var/ossec/agentless/main.exp
/var/ossec/agentless/register_host.sh
/var/ossec/agentless/ssh.exp
/var/ossec/agentless/ssh_asa-fwsmconfig_diff
/var/ossec/agentless/ssh_foundry_diff
/var/ossec/agentless/ssh_generic_diff
/var/ossec/agentless/ssh_integrity_check_bsd
/var/ossec/agentless/ssh_integrity_check_linux
/var/ossec/agentless/ssh_nopass.exp
/var/ossec/agentless/ssh_pixconfig_diff
/var/ossec/agentless/sshlogin.exp
/var/ossec/agentless/su.exp
/var/ossec/bin/agent-auth
/var/ossec/bin/manage_agents
/var/ossec/bin/wazuh-agentd
/var/ossec/bin/wazuh-control
/var/ossec/bin/wazuh-execd
/var/ossec/bin/wazuh-logcollector
/var/ossec/bin/wazuh-modulesd
/var/ossec/bin/wazuh-syscheckd
@mode 640
@owner root
@group wazuh
/var/ossec/etc/client.keys
/var/ossec/etc/internal_options.conf
/var/ossec/etc/local_internal_options.conf
/var/ossec/etc/localtime
@mode 660
@owner root
@group wazuh
/var/ossec/etc/ossec.conf
/var/ossec/etc/shared/cis_apache2224_rcl.txt
/var/ossec/etc/shared/cis_debian_linux_rcl.txt
/var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
/var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel_linux_rcl.txt
/var/ossec/etc/shared/cis_sles11_linux_rcl.txt
/var/ossec/etc/shared/cis_sles12_linux_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
/var/ossec/etc/shared/default/cis_apache2224_rcl.txt
/var/ossec/etc/shared/default/cis_debian_linux_rcl.txt
/var/ossec/etc/shared/default/cis_mysql5-6_community_rcl.txt
/var/ossec/etc/shared/default/cis_mysql5-6_enterprise_rcl.txt
/var/ossec/etc/shared/default/cis_rhel5_linux_rcl.txt
/var/ossec/etc/shared/default/cis_rhel6_linux_rcl.txt
/var/ossec/etc/shared/default/cis_rhel7_linux_rcl.txt
/var/ossec/etc/shared/default/cis_rhel_linux_rcl.txt
/var/ossec/etc/shared/default/cis_sles11_linux_rcl.txt
/var/ossec/etc/shared/default/cis_sles12_linux_rcl.txt
/var/ossec/etc/shared/default/cis_win2012r2_domainL1_rcl.txt
/var/ossec/etc/shared/default/cis_win2012r2_domainL2_rcl.txt
/var/ossec/etc/shared/default/cis_win2012r2_memberL1_rcl.txt
/var/ossec/etc/shared/default/cis_win2012r2_memberL2_rcl.txt
/var/ossec/etc/shared/default/rootkit_files.txt
/var/ossec/etc/shared/default/rootkit_trojans.txt
/var/ossec/etc/shared/default/system_audit_rcl.txt
/var/ossec/etc/shared/default/system_audit_ssh.txt
/var/ossec/etc/shared/default/win_applications_rcl.txt
/var/ossec/etc/shared/default/win_audit_rcl.txt
/var/ossec/etc/shared/default/win_malware_rcl.txt
/var/ossec/etc/shared/rootkit_files.txt
/var/ossec/etc/shared/rootkit_trojans.txt
/var/ossec/etc/shared/system_audit_rcl.txt
/var/ossec/etc/shared/system_audit_ssh.txt
/var/ossec/etc/shared/win_applications_rcl.txt
/var/ossec/etc/shared/win_audit_rcl.txt
/var/ossec/etc/shared/win_malware_rcl.txt
/var/ossec/etc/wpk_root.pem
@mode 750
@owner root
@group wazuh
/var/ossec/lib/libdbsync.so
/var/ossec/lib/librsync.so
/var/ossec/lib/libsyscollector.so
/var/ossec/lib/libsysinfo.so
/var/ossec/lib/libwazuhext.so
/var/ossec/lib/libwazuhshared.so
@mode 660
@owner root
@group wazuh
/var/ossec/packages_files/agent_installation_scripts/add_localfiles.sh
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/HP-UX/localfile-commands.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/HP-UX/wodle-syscollector.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/README.md
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/aix/localfile-commands.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/aix/wodle-syscollector.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/amzn/1/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/amzn/2/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/bsd/localfile-commands.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/bsd/wodle-syscollector.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/5/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/5/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/5/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/6/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/6/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/6/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/7/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/7/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/7/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/8/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/8/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/8/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/15/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/16/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/17/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/18/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/19/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/20/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/21/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/localfile-commands.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/sca.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/syscheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/syscheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/wodle-syscollector.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/10/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/10/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/10/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/7/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/8/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/9/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/29/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/30/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/31/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/32/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/33/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/34/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/alerts.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/ar-commands.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/ar-definitions.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/auth.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/cluster.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/global-ar.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/global.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/header-comments.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-commands.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs/apache-logs.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs/audit-logs.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs/ossec-logs.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs/pgsql-logs.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs/snort-logs.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs/syslog-logs.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/logging.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/osquery.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/remote-secure.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/rule_test.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/rules.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/sca.manager.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/sca.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/syscheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/syscheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/wodle-ciscat.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/wodle-syscollector.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/wodle-vulnerability-detector.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/5/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/5/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/5/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/6/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/6/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/6/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/7/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/7/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/7/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/8/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/8/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/8/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/11/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/11/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/11/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/12/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/12/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/12/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/15/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/15/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/15/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos/5/11.4/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos/5/11/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos/wodle-syscollector.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/11/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/11/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/11/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/12/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/12/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/12/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/15/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/15/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/15/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/12/04/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/14/04/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/16/04/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/18/04/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/20/04/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/22/04/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/rootcheck.agent.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/rootcheck.manager.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/sca.files
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/10/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2003/localfile-events.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2003/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2003/syscheck.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2008/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2008R2/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2012/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2012R2/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2016/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2019/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/7/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/8.1/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/8/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/Vista/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/xp/localfile-events.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/xp/profile.template
/var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/xp/syscheck.template
/var/ossec/packages_files/agent_installation_scripts/gen_ossec.sh
/var/ossec/packages_files/agent_installation_scripts/sca/amazon/cis_amazon_linux_1.yml
/var/ossec/packages_files/agent_installation_scripts/sca/amazon/cis_amazon_linux_2.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_apache_24.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_iis_10.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_mysql5-6_community.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_mysql5-6_enterprise.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_postgre-sql-13.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_sqlserver_2012.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_sqlserver_2014.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_sqlserver_2016.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_sqlserver_2017.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/cis_sqlserver_2019.yml
/var/ossec/packages_files/agent_installation_scripts/sca/applications/web_vulnerabilities.yml
/var/ossec/packages_files/agent_installation_scripts/sca/centos/6/cis_centos6_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/centos/7/cis_centos7_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/centos/8/cis_centos8_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/15/cis_apple_macOS_10.11.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/16/cis_apple_macOS_10.12.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/17/cis_apple_macOS_10.13.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/18/cis_apple_macOS_10.14.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/19/cis_apple_macOS_10.15.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/20/cis_apple_macOS_11.1.yml
/var/ossec/packages_files/agent_installation_scripts/sca/darwin/21/cis_apple_macOS_12.0.yml
/var/ossec/packages_files/agent_installation_scripts/sca/debian/cis_debian10.yml
/var/ossec/packages_files/agent_installation_scripts/sca/debian/cis_debian7.yml
/var/ossec/packages_files/agent_installation_scripts/sca/debian/cis_debian8.yml
/var/ossec/packages_files/agent_installation_scripts/sca/debian/cis_debian9.yml
/var/ossec/packages_files/agent_installation_scripts/sca/generic/sca_unix_audit.yml
/var/ossec/packages_files/agent_installation_scripts/sca/mongodb/cis_mongodb_36.yml
/var/ossec/packages_files/agent_installation_scripts/sca/nginx/cis_nginx_1.yml
/var/ossec/packages_files/agent_installation_scripts/sca/oracledb/cis_oracle_database_19c.yml
/var/ossec/packages_files/agent_installation_scripts/sca/rhel/5/cis_rhel5_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/rhel/6/cis_rhel6_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/rhel/7/cis_rhel7_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/rhel/8/cis_rhel8_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/sles/11/cis_sles11_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/sles/12/cis_sles12_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/sles/15/cis_sles15_linux.yml
/var/ossec/packages_files/agent_installation_scripts/sca/sunos/cis_solaris11.4.yml
/var/ossec/packages_files/agent_installation_scripts/sca/sunos/cis_solaris11.yml
/var/ossec/packages_files/agent_installation_scripts/sca/ubuntu/cis_ubuntu14-04.yml
/var/ossec/packages_files/agent_installation_scripts/sca/ubuntu/cis_ubuntu16-04.yml
/var/ossec/packages_files/agent_installation_scripts/sca/ubuntu/cis_ubuntu18-04.yml
/var/ossec/packages_files/agent_installation_scripts/sca/ubuntu/cis_ubuntu20-04.yml
/var/ossec/packages_files/agent_installation_scripts/sca/ubuntu/cis_ubuntu22-04.yml
/var/ossec/packages_files/agent_installation_scripts/sca/windows/cis_win10_enterprise.yml
/var/ossec/packages_files/agent_installation_scripts/sca/windows/cis_win2012r2.yml
/var/ossec/packages_files/agent_installation_scripts/sca/windows/cis_win2016.yml
/var/ossec/packages_files/agent_installation_scripts/sca/windows/cis_win2019.yml
/var/ossec/packages_files/agent_installation_scripts/sca/windows/sca_win_audit.yml
/var/ossec/packages_files/agent_installation_scripts/src/init/adduser.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/darwin-addusers.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/darwin-delete-oldusers.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/darwin-init.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/delete-oldusers.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/dist-detect.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/functions.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/fw-check.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/init.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/inst-functions.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/language.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/pkg_installer.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/pkg_installer_mac.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/replace_manager_ip.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/shared.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/template-select.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-aix.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-debian.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-gentoo.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-hpux.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-rh.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-solaris.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids-suse.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/ossec-hids.init
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/wazuh-agent.service
/var/ossec/packages_files/agent_installation_scripts/src/init/templates/wazuh-manager.service
/var/ossec/packages_files/agent_installation_scripts/src/init/update.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/wazuh-client.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/wazuh-local.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/wazuh-server.sh
/var/ossec/packages_files/agent_installation_scripts/src/init/wazuh/deprecated_ruleset.txt
/var/ossec/packages_files/agent_installation_scripts/src/init/wazuh/wazuh.sh
@mode 640
@owner root
@group wazuh
/var/ossec/queue/syscollector/norm_config.json
/var/ossec/ruleset/sca/cis_amazon_linux_1.yml
/var/ossec/ruleset/sca/cis_amazon_linux_2.yml
/var/ossec/ruleset/sca/cis_apache_24.yml
/var/ossec/ruleset/sca/cis_apple_macOS_10.11.yml
/var/ossec/ruleset/sca/cis_apple_macOS_10.12.yml
/var/ossec/ruleset/sca/cis_apple_macOS_10.13.yml
/var/ossec/ruleset/sca/cis_apple_macOS_10.14.yml
/var/ossec/ruleset/sca/cis_apple_macOS_10.15.yml
/var/ossec/ruleset/sca/cis_apple_macOS_11.1.yml
/var/ossec/ruleset/sca/cis_apple_macOS_12.0.yml
/var/ossec/ruleset/sca/cis_centos6_linux.yml
/var/ossec/ruleset/sca/cis_centos7_linux.yml
/var/ossec/ruleset/sca/cis_centos8_linux.yml
/var/ossec/ruleset/sca/cis_debian10.yml
/var/ossec/ruleset/sca/cis_debian7.yml
/var/ossec/ruleset/sca/cis_debian8.yml
/var/ossec/ruleset/sca/cis_debian9.yml
/var/ossec/ruleset/sca/cis_iis_10.yml
/var/ossec/ruleset/sca/cis_mongodb_36.yml
/var/ossec/ruleset/sca/cis_mysql5-6_community.yml
/var/ossec/ruleset/sca/cis_mysql5-6_enterprise.yml
/var/ossec/ruleset/sca/cis_nginx_1.yml
/var/ossec/ruleset/sca/cis_oracle_database_19c.yml
/var/ossec/ruleset/sca/cis_postgre-sql-13.yml
/var/ossec/ruleset/sca/cis_rhel5_linux.yml
/var/ossec/ruleset/sca/cis_rhel6_linux.yml
/var/ossec/ruleset/sca/cis_rhel7_linux.yml
/var/ossec/ruleset/sca/cis_rhel8_linux.yml
/var/ossec/ruleset/sca/cis_sles11_linux.yml
/var/ossec/ruleset/sca/cis_sles12_linux.yml
/var/ossec/ruleset/sca/cis_sles15_linux.yml
/var/ossec/ruleset/sca/cis_solaris11.4.yml
/var/ossec/ruleset/sca/cis_solaris11.yml
/var/ossec/ruleset/sca/cis_sqlserver_2012.yml
/var/ossec/ruleset/sca/cis_sqlserver_2014.yml
/var/ossec/ruleset/sca/cis_sqlserver_2016.yml
/var/ossec/ruleset/sca/cis_sqlserver_2017.yml
/var/ossec/ruleset/sca/cis_sqlserver_2019.yml
/var/ossec/ruleset/sca/cis_ubuntu14-04.yml
/var/ossec/ruleset/sca/cis_ubuntu16-04.yml
/var/ossec/ruleset/sca/cis_ubuntu18-04.yml
/var/ossec/ruleset/sca/cis_ubuntu20-04.yml
/var/ossec/ruleset/sca/cis_ubuntu22-04.yml
/var/ossec/ruleset/sca/cis_win10_enterprise.yml
/var/ossec/ruleset/sca/cis_win2012r2.yml
/var/ossec/ruleset/sca/cis_win2016.yml
/var/ossec/ruleset/sca/cis_win2019.yml
/var/ossec/ruleset/sca/sca_unix_audit.yml
/var/ossec/ruleset/sca/sca_win_audit.yml
/var/ossec/ruleset/sca/web_vulnerabilities.yml
@mode 750
@owner root
@group wazuh
/var/ossec/wodles/__init__.py
/var/ossec/wodles/aws/aws-s3
/var/ossec/wodles/aws/aws-s3.py
/var/ossec/wodles/azure/azure-logs
/var/ossec/wodles/azure/azure-logs.py
/var/ossec/wodles/docker/DockerListener
/var/ossec/wodles/docker/DockerListener.py
/var/ossec/wodles/gcloud/buckets/access_logs.py
/var/ossec/wodles/gcloud/buckets/bucket.py
/var/ossec/wodles/gcloud/gcloud
/var/ossec/wodles/gcloud/gcloud.py
/var/ossec/wodles/gcloud/integration.py
/var/ossec/wodles/gcloud/pubsub/subscriber.py
/var/ossec/wodles/gcloud/tools.py
/var/ossec/wodles/utils.py
@mode 750
@owner root
@group wazuh
@dir /var/ossec/active-response/bin
@dir /var/ossec/active-response
@dir /var/ossec/agentless
@dir /var/ossec/backup
@dir /var/ossec/bin
@dir /var/ossec/etc/shared/default
@dir /var/ossec/etc/shared
@dir(wazuh,wazuh,770) /var/ossec/etc
@dir(root,wazuh,750) /var/ossec/lib
@dir(wazuh,wazuh,750) /var/ossec/logs/wazuh
@dir(wazuh,wazuh,770) /var/ossec/logs
@mode 750
@owner root
@group wazuh
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/HP-UX
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/aix
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/amzn/1
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/amzn/2
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/amzn
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/bsd
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/5
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/6
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/7
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos/8
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/centos
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/15
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/16
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/17
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/18
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/19
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/20
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin/21
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/darwin
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/10
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/7
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/8
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian/9
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/debian
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/29
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/30
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/31
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/32
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/33
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora/34
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/fedora
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic/localfile-logs
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/generic
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/5
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/6
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/7
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel/8
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/rhel
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/11
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/12
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles/15
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sles
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos/5/11
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos/5/11.4
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos/5
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/sunos
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/11
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/12
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse/15
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/suse
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/12/04
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/12
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/14/04
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/14
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/16/04
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/16
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/18/04
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/18
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/20/04
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/20
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/22/04
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu/22
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/ubuntu
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/10
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2003
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2008
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2008R2
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2012
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2012R2
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2016
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/2019
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/7
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/8
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/8.1
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/Vista
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows/xp
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config/windows
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates/config
@dir /var/ossec/packages_files/agent_installation_scripts/etc/templates
@dir /var/ossec/packages_files/agent_installation_scripts/etc
@dir /var/ossec/packages_files/agent_installation_scripts/sca/amazon
@dir /var/ossec/packages_files/agent_installation_scripts/sca/applications
@dir /var/ossec/packages_files/agent_installation_scripts/sca/centos/6
@dir /var/ossec/packages_files/agent_installation_scripts/sca/centos/7
@dir /var/ossec/packages_files/agent_installation_scripts/sca/centos/8
@dir /var/ossec/packages_files/agent_installation_scripts/sca/centos
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/15
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/16
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/17
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/18
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/19
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/20
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin/21
@dir /var/ossec/packages_files/agent_installation_scripts/sca/darwin
@dir /var/ossec/packages_files/agent_installation_scripts/sca/debian
@dir /var/ossec/packages_files/agent_installation_scripts/sca/generic
@dir /var/ossec/packages_files/agent_installation_scripts/sca/mongodb
@dir /var/ossec/packages_files/agent_installation_scripts/sca/nginx
@dir /var/ossec/packages_files/agent_installation_scripts/sca/oracledb
@dir /var/ossec/packages_files/agent_installation_scripts/sca/rhel/5
@dir /var/ossec/packages_files/agent_installation_scripts/sca/rhel/6
@dir /var/ossec/packages_files/agent_installation_scripts/sca/rhel/7
@dir /var/ossec/packages_files/agent_installation_scripts/sca/rhel/8
@dir /var/ossec/packages_files/agent_installation_scripts/sca/rhel
@dir /var/ossec/packages_files/agent_installation_scripts/sca/sles/11
@dir /var/ossec/packages_files/agent_installation_scripts/sca/sles/12
@dir /var/ossec/packages_files/agent_installation_scripts/sca/sles/15
@dir /var/ossec/packages_files/agent_installation_scripts/sca/sles
@dir /var/ossec/packages_files/agent_installation_scripts/sca/sunos
@dir /var/ossec/packages_files/agent_installation_scripts/sca/ubuntu
@dir /var/ossec/packages_files/agent_installation_scripts/sca/windows
@dir /var/ossec/packages_files/agent_installation_scripts/sca
@dir /var/ossec/packages_files/agent_installation_scripts/src/init/templates
@dir /var/ossec/packages_files/agent_installation_scripts/src/init/wazuh
@dir /var/ossec/packages_files/agent_installation_scripts/src/init
@dir /var/ossec/packages_files/agent_installation_scripts/src
@dir /var/ossec/packages_files/agent_installation_scripts
@dir /var/ossec/packages_files
@mode 750
@owner wazuh
@group wazuh
@dir /var/ossec/queue/alerts
@dir /var/ossec/queue/diff
@dir /var/ossec/queue/fim/db
@dir /var/ossec/queue/fim
@dir /var/ossec/queue/logcollector
@dir /var/ossec/queue/rids
@dir /var/ossec/queue/sockets
@dir /var/ossec/queue/syscollector/db
@dir /var/ossec/queue/syscollector
@dir /var/ossec/queue
@dir /var/ossec/ruleset/sca
@dir /var/ossec/ruleset
@dir /var/ossec/tmp
@dir /var/ossec/var/incoming
@dir /var/ossec/var/run
@dir /var/ossec/var/selinux
@dir /var/ossec/var/upgrade
@dir(root,wazuh,770) /var/ossec/var/wodles
@dir /var/ossec/var
@dir /var/ossec/wodles/aws
@dir /var/ossec/wodles/azure
@dir /var/ossec/wodles/docker
@dir /var/ossec/wodles/gcloud/buckets
@dir /var/ossec/wodles/gcloud/pubsub
@dir /var/ossec/wodles/gcloud
@dir /var/ossec/wodles
@dir /var/ossec
@mode
@owner
@group