Made profiles more coarse grained.

author: Dominik Lisiak <dominik.lisiak@bemsoft.pl> 2018-11-04 18:23:22 +0100
committer: Dominik Lisiak <dominik.lisiak@bemsoft.pl> 2018-11-04 18:23:22 +0100
commit: e5c91fca2a55a6a37273f474a32c0d82650680a1 (patch)
tree: 0e7d0863861d324fc13da0010ecfdead33d0a9bd
parent: Added furthe help messages and comments. (diff)
download: ossec-e5c91fca2a55a6a37273f474a32c0d82650680a1.tar.xz
7 files changed, 40 insertions, 36 deletions
diff --git a/security/ossec-hids-local-config/Makefile b/security/ossec-hids-local-config/Makefile
index df82b84..01cf6c6 100644
--- a/security/ossec-hids-local-config/Makefile
+++ b/security/ossec-hids-local-config/Makefile
@@ -172,13 +172,12 @@ ${conf_group}_ALL_OPTIONS+=			${option}
 
 ############################################################
 
+CONFIG_PROFILES=
 .for conf_group in ${CONF_GROUPS}
 . if !empty(${conf_group}_PROFILE)
 .  if ${OSSEC_TYPE} == agent
-.   if empty(CLIENT_PROFILES)
-CLIENT_PROFILES:=	${${conf_group}_PROFILE}
-.   else
-CLIENT_PROFILES:=	${CLIENT_PROFILES}, ${${conf_group}_PROFILE}
+.   if !${CONFIG_PROFILES:M${${conf_group}_PROFILE}}
+CONFIG_PROFILES+=	${${conf_group}_PROFILE}
 .   endif
 .  endif
 SUB_LIST+=		${conf_group}_PROFILE=${${conf_group}_PROFILE}
@@ -186,10 +185,8 @@ SUB_LIST+=		${conf_group}_PROFILE=${${conf_group}_PROFILE}
 . for option in ${${conf_group}_ALL_OPTIONS}
 .  if !empty(${option}_PROFILE)
 .   if ${OSSEC_TYPE} == agent
-.    if empty(CLIENT_PROFILES)
-CLIENT_PROFILES:=	${${option}_PROFILE}
-.    else
-CLIENT_PROFILES:=	${CLIENT_PROFILES}, ${${option}_PROFILE}
+.    if !${CONFIG_PROFILES:M${${option}_PROFILE}}
+CONFIG_PROFILES+=	${${option}_PROFILE}
 .    endif
 .   endif
 SUB_LIST+=		${option}_PROFILE=${${option}_PROFILE}
@@ -197,7 +194,14 @@ SUB_LIST+=		${option}_PROFILE=${${option}_PROFILE}
 . endfor
 .endfor
 
-SUB_LIST+=		CLIENT_PROFILES="${CLIENT_PROFILES}"
+.for profile in ${CONFIG_PROFILES}
+. if empty(CONFIG_PROFILE_VALUE)
+CONFIG_PROFILE_VALUE:=	${profile}
+. else
+CONFIG_PROFILE_VALUE:=	${CONFIG_PROFILE_VALUE}, ${profile}
+. endif
+.endfor
+SUB_LIST+=		CONFIG_PROFILES="${CONFIG_PROFILE_VALUE}"
 
 ############################################################
 
diff --git a/security/ossec-hids-local-config/files/template-logs-system.xml.in b/security/ossec-hids-local-config/files/template-logs-basic.xml.in
index eee09aa..bb0c10a 100644
--- a/security/ossec-hids-local-config/files/template-logs-system.xml.in
+++ b/security/ossec-hids-local-config/files/template-logs-basic.xml.in
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<template_config os="FreeBSD" profile="%%LOGS_SYSTEM_PROFILE%%">
+<template_config os="FreeBSD" profile="%%LOGS_BASIC_PROFILE%%">
 
   <localfile>
     <log_format>syslog</log_format>
@@ -33,7 +33,7 @@
 
 </template_config>
 
-<template_config os="Linux" profile="%%LOGS_SYSTEM_PROFILE%%">
+<template_config os="Linux" profile="%%LOGS_BASIC_PROFILE%%">
 
   <localfile>
     <log_format>syslog</log_format>
diff --git a/security/ossec-hids-local-config/files/template-logs-response.xml.in b/security/ossec-hids-local-config/files/template-logs-ossec.xml.in
index 17828ea..e284af8 100644
--- a/security/ossec-hids-local-config/files/template-logs-response.xml.in
+++ b/security/ossec-hids-local-config/files/template-logs-ossec.xml.in
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<template_config os="FreeBSD" profile="%%LOGS_RESPONSE_PROFILE%%">
+<template_config os="FreeBSD" profile="%%LOGS_OSSEC_PROFILE%%">
 
   <localfile>
     <log_format>syslog</log_format>
@@ -8,7 +8,7 @@
 
 </template_config>
 
-<template_config os="Linux" profile="%%LOGS_RESPONSE_PROFILE%%">
+<template_config os="Linux" profile="%%LOGS_OSSEC_PROFILE%%">
 
   <localfile>
     <log_format>syslog</log_format>
diff --git a/security/ossec-hids-local-config/files/template-sample-agent.xml.in b/security/ossec-hids-local-config/files/template-sample-agent.xml.in
index 8a2fa7b..099a6d3 100644
--- a/security/ossec-hids-local-config/files/template-sample-agent.xml.in
+++ b/security/ossec-hids-local-config/files/template-sample-agent.xml.in
@@ -8,7 +8,7 @@
     <!-- <server-hostname>example.com</server-hostname> -->
 
     <!-- Specifies the agent.conf profiles to be used by the agent. Multiple profiles can be included, separated by a comma and a space. -->
-    <!-- <config-profile>%%CLIENT_PROFILES%%</config-profile> -->
+    <!-- <config-profile>%%CONFIG_PROFILES%%</config-profile> -->
   </client>
 
 </template_config>
diff --git a/security/ossec-hids-local-config/opt-logs.mk b/security/ossec-hids-local-config/opt-logs.mk
index cec8bd4..b706eee 100644
--- a/security/ossec-hids-local-config/opt-logs.mk
+++ b/security/ossec-hids-local-config/opt-logs.mk
@@ -4,24 +4,24 @@ LOGS_LOCAL_CONF=	550.logs.local.conf
 LOGS_DESC=		Log Monitoring
 
 # Default logs support
-LOGS_SYSTEM_OPTION=	SYSTEM
-LOGS_SYSTEM_PROFILE=	system-logs
-LOGS_SYSTEM_DESC=	Default system logs
-LOGS_SYSTEM_DEFINE=	server local agent pushed
-LOGS_SYSTEM_DEFAULT=	server local pushed
-LOGS_OPTIONS+=		LOGS_SYSTEM
+LOGS_BASIC_OPTION=	BASIC
+LOGS_BASIC_PROFILE=	basic
+LOGS_BASIC_DESC=	Default system logs
+LOGS_BASIC_DEFINE=	server local agent pushed
+LOGS_BASIC_DEFAULT=	server local pushed
+LOGS_OPTIONS+=		LOGS_BASIC
 
 # Active response log support
-LOGS_RESPONSE_OPTION=	RESPONSE
-LOGS_RESPONSE_PROFILE=	active-response-logs
-LOGS_RESPONSE_DESC=	Active response logs
-LOGS_RESPONSE_DEFINE=	server local agent pushed
-LOGS_RESPONSE_DEFAULT=	server local pushed
-LOGS_OPTIONS+=		LOGS_RESPONSE
+LOGS_OSSEC_OPTION=	OSSEC
+LOGS_OSSEC_PROFILE=	ossec
+LOGS_OSSEC_DESC=	Active response logs
+LOGS_OSSEC_DEFINE=	server local agent pushed
+LOGS_OSSEC_DEFAULT=	server local pushed
+LOGS_OPTIONS+=		LOGS_OSSEC
 
 # Apache logs support
 LOGS_APACHE_OPTION=	APACHE
-LOGS_APACHE_PROFILE=	apache-logs
+LOGS_APACHE_PROFILE=	apache
 LOGS_APACHE_DESC=	Apache logs
 LOGS_APACHE_DEFINE=	server local agent pushed
 LOGS_APACHE_DEFAULT=	pushed
@@ -29,7 +29,7 @@ LOGS_OPTIONS+=		LOGS_APACHE
 
 # Nginx logs support
 LOGS_NGINX_OPTION=	NGINX
-LOGS_NGINX_PROFILE=	nginx-logs
+LOGS_NGINX_PROFILE=	nginx
 LOGS_NGINX_DESC=	Nginx logs
 LOGS_NGINX_DEFINE=	server local agent pushed
 LOGS_NGINX_DEFAULT=	pushed
@@ -37,7 +37,7 @@ LOGS_OPTIONS+=		LOGS_NGINX
 
 # Radius logs support
 LOGS_RADIUS_OPTION=	RADIUS
-LOGS_RADIUS_PROFILE=	radius-logs
+LOGS_RADIUS_PROFILE=	radius
 LOGS_RADIUS_DESC=	FreeRADIUS logs
 LOGS_RADIUS_DEFINE=	server local agent pushed
 LOGS_RADIUS_DEFAULT=	pushed
@@ -45,7 +45,7 @@ LOGS_OPTIONS+=		LOGS_RADIUS
 
 # Vsftpd logs support
 LOGS_VSFTPD_OPTION=	VSFTPD
-LOGS_VSFTPD_PROFILE=	vsftpd-logs
+LOGS_VSFTPD_PROFILE=	vsftpd
 LOGS_VSFTPD_DESC=	Vsftpd logs
 LOGS_VSFTPD_DEFINE=	server local agent pushed
 LOGS_VSFTPD_DEFAULT=	pushed
diff --git a/security/ossec-hids-local-config/opt-rootcheck.mk b/security/ossec-hids-local-config/opt-rootcheck.mk
index f846cd3..3183216 100644
--- a/security/ossec-hids-local-config/opt-rootcheck.mk
+++ b/security/ossec-hids-local-config/opt-rootcheck.mk
@@ -5,7 +5,7 @@ ROOTCHECK_DESC=			System Audit and Rootkit Detection (rootcheck)
 
 # Basic
 ROOTCHECK_BASIC_OPTION=		BASIC_RC
-ROOTCHECK_BASIC_PROFILE=	basic-rootcheck
+ROOTCHECK_BASIC_PROFILE=	basic
 ROOTCHECK_BASIC_DESC=		Basic audit and rootkits
 ROOTCHECK_BASIC_DEFINE=		server local agent pushed
 ROOTCHECK_BASIC_DEFAULT=	server local pushed
@@ -13,7 +13,7 @@ ROOTCHECK_OPTIONS+=		ROOTCHECK_BASIC
 
 # CIS default
 ROOTCHECK_CIS_OPTION=		CIS_RC
-ROOTCHECK_CIS_PROFILE=		cis-rootcheck
+ROOTCHECK_CIS_PROFILE=		cis
 ROOTCHECK_CIS_DESC=		CIS benchmark - Legacy
 ROOTCHECK_CIS_DEFINE=		pushed
 ROOTCHECK_CIS_DEFAULT=		pushed
@@ -21,7 +21,7 @@ ROOTCHECK_OPTIONS+=		ROOTCHECK_CIS
 
 # CIS level 1
 ROOTCHECK_CIS_L1_OPTION=	CIS_L1_RC
-ROOTCHECK_CIS_L1_PROFILE=	cis-level1-rootcheck
+ROOTCHECK_CIS_L1_PROFILE=	cis-level1
 ROOTCHECK_CIS_L1_DESC=		CIS benchmark - Level 1
 ROOTCHECK_CIS_L1_DEFINE=	pushed
 ROOTCHECK_CIS_L1_DEFAULT=	pushed
@@ -29,7 +29,7 @@ ROOTCHECK_OPTIONS+=		ROOTCHECK_CIS_L1
 
 # CIS level 2
 ROOTCHECK_CIS_L2_OPTION=	CIS_L2_RC
-ROOTCHECK_CIS_L2_PROFILE=	cis-level2-rootcheck
+ROOTCHECK_CIS_L2_PROFILE=	cis-level2
 ROOTCHECK_CIS_L2_DESC=		CIS benchmark - Level 2
 ROOTCHECK_CIS_L2_DEFINE=	pushed
 ROOTCHECK_CIS_L2_DEFAULT=	pushed
diff --git a/security/ossec-hids-local-config/opt-syscheck.mk b/security/ossec-hids-local-config/opt-syscheck.mk
index 6f1f0eb..9b4e6ef 100644
--- a/security/ossec-hids-local-config/opt-syscheck.mk
+++ b/security/ossec-hids-local-config/opt-syscheck.mk
@@ -5,7 +5,7 @@ SYSCHECK_DESC=			File Integrity Checking (syscheck)
 
 # Default direcotries
 SYSCHECK_BASIC_OPTION=		BASIC_SC
-SYSCHECK_BASIC_PROFILE=		basic-syscheck
+SYSCHECK_BASIC_PROFILE=		basic
 SYSCHECK_BASIC_DESC=		"bin", "sbin" and "etc"
 SYSCHECK_BASIC_DEFINE=		server local agent pushed
 SYSCHECK_BASIC_DEFAULT=		server local pushed
@@ -13,7 +13,7 @@ SYSCHECK_OPTIONS+=		SYSCHECK_BASIC
 
 # OSSEC directories
 SYSCHECK_OSSEC_OPTION=		OSSEC_SC
-SYSCHECK_OSSEC_PROFILE=		ossec-syscheck
+SYSCHECK_OSSEC_PROFILE=		ossec
 SYSCHECK_OSSEC_DESC=		OSSEC directories
 SYSCHECK_OSSEC_DEFINE=		server local agent pushed
 SYSCHECK_OSSEC_DEFAULT=		server local pushed
author	Dominik Lisiak <dominik.lisiak@bemsoft.pl>	2018-11-04 18:23:22 +0100
committer	Dominik Lisiak <dominik.lisiak@bemsoft.pl>	2018-11-04 18:23:22 +0100
commit	e5c91fca2a55a6a37273f474a32c0d82650680a1 (patch)
tree	0e7d0863861d324fc13da0010ecfdead33d0a9bd
parent	Added furthe help messages and comments. (diff)
download	ossec-e5c91fca2a55a6a37273f474a32c0d82650680a1.tar.xz