Merge pull request #1317 from zbalkan/wazuh-malware-scan

Added Wazuh as a malware scanner/antivirus and rootkit detection tool

include/tests_malware

@@ -44,6 +44,7 @@
     SYMANTEC_SCANNER_RUNNING=0
     SYNOLOGY_DAEMON_RUNNING=0
     TRENDMICRO_DSA_DAEMON_RUNNING=0
+    WAZUH_DAEMON_RUNNING=0
 #
 #################################################################################
 #
@@ -319,6 +320,19 @@
             Report "malware_scanner[]=trend-micro-av"
         fi
 
+        # Wazuh agent
+        LogText "Test: checking process wazuh-agent to test for Wazuh agent"
+        if IsRunning "wazuh-agent"; then
+            if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} Wazuh agent" --result "${STATUS_FOUND}" --color GREEN; fi
+            LogText "Result: found Wazuh component"
+            FOUND=1
+            WAZUH_DAEMON_RUNNING=1
+            MALWARE_DAEMON_RUNNING=1
+            MALWARE_SCANNER_INSTALLED=1
+            ROOTKIT_SCANNER_FOUND=1
+            Report "malware_scanner[]=wazuh"
+        fi
+
         if [ ${FOUND} -eq 0 ]; then
             LogText "Result: no commercial anti-virus tools found"
             AddHP 0 3