wazuh · manuasir · Jul 25, 2019 · Jul 24, 2019 · Jul 24, 2019 · Jul 24, 2019
diff --git a/cookbooks/README.md b/cookbooks/README.md
@@ -1,3 +1,4 @@
+
 Wazuh cookbooks
 ====================================
 
@@ -126,3 +127,79 @@ The same example applies for Wazuh Agent and it's own attributes.
 
 You can get more info about attributes and how the work on the chef documentation: https://docs.chef.io/attributes.html
 
+
+
+### Centralized Configuration
+
+You can configure your Wazuh [Centralized Configuration](https://documentation.wazuh.com/3.9/user-manual/reference/centralized-configuration.html#centralized-configuration-process) with Chef.
+
+In order to achieve this, the following steps are required:
+
+##### Enable the `agent.conf` configuration
+
+The easiest way to achieve this is to modify the Wazuh Manager attributes in the role
+
+
+
+```
+{
+ "name": "wazuh_manager",
+ "description": "Wazuh Manager host",
+ "json_class": "Chef::Role",
+ "default_attributes": {
+ "ossec": {
+ "centralized_configuration":{
+ "enabled" : "yes",
+ "path": "/var/ossec/etc/shared/default",
+ }
+ }
+ },
+ "override_attributes": {
+
+ },
+ "chef_type": "role",
+ "run_list": [
+ "recipe[wazuh_manager::manager]"
+ ],
+ "env_run_lists": {
+
+ }
+ }
+```
+
+
+
+This, will render all `['ossec']['centralized_configuration']['conf']['agent_config']` variables and convert them to XML using Gyoku
+
+
+
+For example, the following attribute:
+
+```ruby
+default['ossec']['centralized_configuration']['conf']['agent_config']= [
+ { "@os" => "Linux",
+ "localfile" => {
+ "location" => "/var/log/linux.log",
+ "log_format" => "syslog"
+ }
+ }
+]
+```
+
+
+
+Generates this XML in the `agent.conf` file:
+
+```xml
+<agent_config os="Linux">
+ <localfile>
+ <location>/var/log/linux.log</location>
+ <log_format>syslog</log_format>
+ </localfile>
+</agent_config>
+```
+
+
+
+Please check our Documentation about [Wazuh Centralized Configuration](https://documentation.wazuh.com/3.9/user-manual/reference/centralized-configuration.html#centralized-configuration-process) for detailed information.
+
diff --git a/cookbooks/wazuh_agent/templates/var/ossec/etc/manager_local_internal_options.conf b/cookbooks/wazuh_agent/templates/var/ossec/etc/manager_local_internal_options.conf
diff --git a/cookbooks/wazuh_manager/attributes/agent_conf.rb b/cookbooks/wazuh_manager/attributes/agent_conf.rb
@@ -0,0 +1,22 @@
+default['ossec']['centralized_configuration']['enabled'] = 'no'
+default['ossec']['centralized_configuration']['path'] = '/var/ossec/etc/shared/default'
+
+# Example of configuration to include in agent.conf
+
+# <agent_config os="Linux">
+# <localfile>
+# <location>/var/log/linux.log</location>
+# <log_format>syslog</log_format>
+# </localfile>
+# </agent_config>
+
+# Would require to be be declared like:
+
+# default['ossec']['centralized_configuration']['conf']['agent_config']= [
+# { "@os" => "Linux",
+# "localfile" => {
+# "location" => "/var/log/linux.log",
+# "log_format" => "syslog"
+# }
+# }
+# ]
diff --git a/cookbooks/wazuh_manager/recipes/common.rb b/cookbooks/wazuh_manager/recipes/common.rb
@@ -43,6 +43,7 @@
  compile_time false if respond_to?(:compile_time)
 end
 
+## Generate Ossec.conf
 file "#{node['ossec']['dir']}/etc/ossec.conf" do
  owner 'root'
  group 'ossec'
@@ -57,3 +58,20 @@
 
 end
 
+## Generate agent.conf
+
+if node['ossec']['centralized_configuration']['enabled'] == 'yes' && !node['ossec']['centralized_configuration']['conf'].nil?
+
+ file "#{node['ossec']['centralized_configuration']['path']}/agent.conf" do
+ owner 'root'
+ group 'ossec'
+ mode '0440'
+ content lazy {
+ all_conf = node['ossec']['centralized_configuration']['conf'].to_hash
+ Chef::OSSEC::Helpers.ossec_to_xml(all_conf)
+ }
+ verify "/var/ossec/bin/verify-agent-conf -f #{node['ossec']['centralized_configuration']['path']}/agent.conf"
+ end
+
+end
+
diff --git a/cookbooks/wazuh_manager/templates/var/ossec/etc/agent_local_internal_options.conf b/cookbooks/wazuh_manager/templates/var/ossec/etc/agent_local_internal_options.conf