Merge branch 'ent-12342-nuevos-valores-de-configuracion-por-defecto-para-los-agentes' into 'develop'

Ent-12342-nuevos-valores-de-configuracion-por-defecto-para-los-agentes See merge request artica/pandorafms!6710
2023-12-11 08:30:04 +00:00 · 2023-12-11 08:30:04 +00:00 · fcd37cba14
parent be553ed170 dbd7de857b
commit fcd37cba14
6 changed files with 123 additions and 44 deletions
--- a/pandora_agents/pc/Linux/pandora_agent.conf
+++ b/pandora_agents/pc/Linux/pandora_agent.conf
@ -234,6 +234,21 @@ module_description Number of cron task files
 module_unit files
 module_end

+# This module /var/log/syslog file, under the module name "syslog"
+# And search for "ssh" string into it, sending only that information.
+module_begin                    
+module_name Syslog   
+module_description Search for ssh string into /var/log/syslog file          
+module_type log                
+module_regexp /var/log/syslog
+module_pattern ssh
+module_end
+
+#Hardening plugin for security compliance analysis. Enable to use it.
+#module_begin
+#module_plugin /usr/share/pandora_agent/plugins/pandora_hardening -t 150
+#module_absoluteinterval 7d
+#module_end

 # Plugin example

@ -241,11 +256,6 @@ module_end

 module_plugin pandora_df

-# This parses /var/log/syslog file, under the module name "syslog"
-# And search for "ssh" string into it, sending only that information.
-
-module_plugin grep_log /var/log/syslog Syslog ssh
-
 # Get disk space free in MB
 #module_begin 
 #module_name disk_root_free
@ -270,7 +280,6 @@ module_plugin grep_log /var/log/syslog Syslog ssh
 #module_end

 # Plugin for inventory on the agent.
-
 # module_plugin inventory 1 cpu ram video nic hd cdrom software init_services filesystem users process ip route

 # Example of preconditions
@ -303,4 +312,13 @@ module_plugin grep_log /var/log/syslog Syslog ssh

 # This plugin runs several security checks in a Linux system

-#module_plugin pandora_security_check
+#module_plugin pandora_security_check
+
+# Extraction module example
+#module_begin                    
+#module_name Collector   
+#module_description Logs extraction module           
+#module_type log                
+#module_regexp /var/log/logfile.log
+#module_pattern .*
+#module_end
--- a/pandora_agents/pc/Win32/pandora_agent.conf
+++ b/pandora_agents/pc/Win32/pandora_agent.conf
@ -1,6 +1,6 @@
 # Base config file for Pandora FMS Windows Agent
 # (c) 2006-2023 Pandora FMS 
-# Version 7.0NG.774
+# Version 7.0NG.774
 # This program is Free Software, you can redistribute it and/or modify it
 # under the terms of the GNU General Public Licence as published by the Free Software
 # Foundation; either version 2 of the Licence or any later version
@ -147,22 +147,23 @@ module_max_critical 20
 module_end

 # Log events
+
+# Get logs from System source.
 module_begin
 module_name System Events (TermService)
-module_type async_string
-module_logevent
 module_description Log Events coming from Terminal Service
+module_type log
+module_logevent
 module_source System
-module_application TermService
 module_end

+# Get logs from Security source.
 module_begin
-module_name Security Events (Invalid Login)
-module_type async_string
-module_description Security log events for invalid login attempt
+module_name Security Events
+module_description Security log events
+module_type log
 module_logevent
 module_source Security
-module_eventcode 529
 module_end

 # Check if Dhcp service is enabled
@ -219,6 +220,12 @@ module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df.vbs"
 # module_description Free space on drive D: (%)
 # module_end

+# Hardening plugin for security compliance analysis.
+# module_begin
+# module_plugin "%PROGRAMFILES%\Pandora_Agent\util\pandora_hardening.exe -t 150"
+# module_absoluteinterval 7d
+# module_end
+
 # Sample of Windows inventory module (ONLY ENTERPRISE)!
 #module_begin
 #module_name Inventory
@ -344,4 +351,13 @@ module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df.vbs"
 #module_condition (3,8) cmd.exe /c echo range >> c:\log.txt
 #module_exec echo 5
 #module_description Postcondition test module
+#module_end
+
+# Example of collector module 
+#module_begin                    
+#module_name Collector   
+#module_description Logs extraction module           
+#module_type log                
+#module_regexp /var/log/logfile.log
+#module_pattern .*
 #module_end
--- a/pandora_agents/shellscript/linux/pandora_agent.conf
+++ b/pandora_agents/shellscript/linux/pandora_agent.conf
@ -157,12 +157,32 @@ module_exec last | head -1
 module_description Last Login
 module_end

-# Plugin example
+#Hardening plugin for security compliance analysis. Enable to use it.
+#module_begin
+#module_plugin /usr/share/pandora_agent/plugins/pandora_hardening -t 150
+#module_absoluteinterval 7d
+#module_end

-# This parses /var/log/syslog file, under the module name "syslog"
+# This module parses /var/log/syslog file, under the module name "syslog"
 # And search for "ssh" string into it, sending only that information.
+module_begin                    
+module_name Syslog   
+module_description Search for ssh string into /var/log/syslog file          
+module_type log                
+module_regexp /var/log/syslog
+module_pattern ssh
+module_end

-module_plugin grep_log /var/log/syslog Syslog ssh
+# Plugin example

 # Plugin for inventory on the agent.
 # module_plugin inventory 1 cpu ram video nic hd cdrom software
+
+# Extraction module example
+#module_begin                    
+#module_name Collector   
+#module_description Logs extraction module           
+#module_type log                
+#module_regexp /var/log/logfile.log
+#module_pattern .*
+#module_end
--- a/pandora_agents/shellscript/mac_osx/pandora_agent.conf
+++ b/pandora_agents/shellscript/mac_osx/pandora_agent.conf
@ -372,13 +372,32 @@ module_end
 #module_description XGrid
 #module_end

+#Hardening plugin for security compliance analysis. Enable to use it.
+#module_begin
+#module_plugin /usr/share/pandora_agent/plugins/pandora_hardening -t 150
+#module_absoluteinterval 7d
+#module_end
+
+# This module parses /var/log/syslog file, under the module name "syslog"
+# And search for "ssh" string into it, sending only that information.
+module_begin                    
+module_name Syslog   
+module_description Log collection modules         
+module_type log                
+module_regexp /var/log/syslog
+module_pattern ssh
+module_end
+
 # Plugin example

-# This parses /var/log/syslog file, under the module name "syslog"
-# And search for "ssh" string into it, sending only that information.
-
-#module_plugin grep_log /var/log/syslog Syslog ssh
-
 # Plugin for inventory on the agent.
-
 # module_plugin inventory 1 cpu ram video nic hd cdrom software
+
+# Extraction module example
+#module_begin                    
+#module_name Collector   
+#module_description Logs extraction module           
+#module_type log                
+#module_regexp /var/log/logfile.log
+#module_pattern .*
+#module_end
--- a/pandora_agents/unix/Linux/pandora_agent.conf
+++ b/pandora_agents/unix/Linux/pandora_agent.conf
@ -271,11 +271,17 @@ module_plugin pandora_netusage
 module_plugin autodiscover --default

 # Plugin for inventory on the agent.
-#module_plugin inventory 1 cpu ram video nic hd cdrom software init_services filesystem users route
+# module_plugin inventory 1 cpu ram video nic hd cdrom software init_services filesystem users route

 # Log collection modules. This will collect log files for forensic analysis and store everything
 # This is for LOG monitoring. Different than log monitoring.
-#module_plugin grep_log_module /var/log/messages Syslog \.\*
+module_begin                    
+module_name Syslog   
+module_description Log collection modules         
+module_type log                
+module_regexp /var/log/messages
+module_pattern .*
+module_end

 # Another samples of monitoring modules

@ -317,9 +323,9 @@ module_plugin autodiscover --default
 #module_absoluteinterval 7d
 #module_end

-# Logs extraction 
+# Extraction module example
 #module_begin                    
-#module_name Syslog   
+#module_name Collector   
 #module_description Logs extraction module           
 #module_type log                
 #module_regexp /var/log/logfile.log
--- a/pandora_agents/win32/bin/pandora_agent.conf
+++ b/pandora_agents/win32/bin/pandora_agent.conf
@ -179,6 +179,22 @@ module_description Total number of TCP connections active
 module_group Networking
 module_end

+# Get logs from System source. 
+module_begin
+module_name Eventlog_System
+module_type log
+module_logevent
+module_source System
+module_end
+
+# Get logs from Security source. 
+module_begin
+module_name Eventlog_Security
+module_type log
+module_logevent
+module_source Security
+module_end
+
 # Example plugin to retrieve drive usage
 module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df_percent_used.vbs"

@ -273,22 +289,6 @@ module_plugin "%PROGRAMFILES%\Pandora_Agent\util\autodiscover.exe" --default
 #module_type generic_data_string
 #module_end

-# Get logs from System source. Need enterprise version.
-#module_begin
-#module_name Eventlog_System
-#module_type log
-#module_logevent
-#module_source System
-#module_end
-
-# Get logs from Security source. Need enterprise version.
-#module_begin
-#module_name Eventlog_Security
-#module_type log
-#module_logevent
-#module_source Security
-#module_end
-
 # Get logs from Application source. Need enterprise version.
 #module_begin
 #module_name Eventlog_Application