Merge pull request #125 from toniblyx/master

Added osqueryd as FIM
2016-03-01 16:29:04 +01:00 · 2016-03-01 16:29:04 +01:00 · 597a80cac0
parent 13cfbd3019 617ede8686
commit 597a80cac0
1 changed files with 19 additions and 2 deletions
--- a/include/tests_file_integrity
+++ b/include/tests_file_integrity
@ -246,6 +246,24 @@
            Display --indent 6 --text "- Directory/File watches" --result DISABLED --color YELLOW
        fi
    fi
+    
+#################################################################################
+#
+    # Test        : FINT-4351
+    # Description : Check if osquery system integrity tool is running
+    Register --test-no FINT-4351 --weight L --network NO --description "osqueryd syscheck daemon running"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        LogText "Test: Checking if osqueryd syscheck daemon is running"
+        IsRunning osqueryd
+        if [ ${RUNNING} -eq 1 ]; then
+            LogText "Result: syscheck (osquery) installed"
+            FILE_INT_TOOL="osquery"
+            FILE_INT_TOOL_FOUND=1
+            Display --indent 4 --text "- osquery (syscheck)" --result FOUND --color GREEN
+          else
+            LogText "Result: syscheck (osquery) not installed"
+        fi
+    fi
 #
 #################################################################################
 #
@ -266,8 +284,7 @@
        fi
    fi
 #
-#################################################################################
-#
+

 Report "file_integrity_tool=${FILE_INT_TOOL}"
 Report "file_integrity_tool_installed=${FILE_INT_TOOL_FOUND}"