summaryrefslogtreecommitdiffstats
path: root/security/ossec-hids-local-config/opt-syscheck.mk
diff options
context:
space:
mode:
Diffstat (limited to 'security/ossec-hids-local-config/opt-syscheck.mk')
-rw-r--r--security/ossec-hids-local-config/opt-syscheck.mk41
1 files changed, 41 insertions, 0 deletions
diff --git a/security/ossec-hids-local-config/opt-syscheck.mk b/security/ossec-hids-local-config/opt-syscheck.mk
new file mode 100644
index 0000000..2c1210d
--- /dev/null
+++ b/security/ossec-hids-local-config/opt-syscheck.mk
@@ -0,0 +1,41 @@
+SYSCHECK_MANAGED_CONF= 130.syscheck.conf
+SYSCHECK_LOCAL_CONF= 530.syscheck.local.conf
+
+SYSCHECK_PROFILE= syscheck
+SYSCHECK_DESC= File Integrity Checking
+
+# Default direcotries
+SYSCHECK_DEFAULT_OPTION= DEFAULT_SC
+SYSCHECK_DEFAULT_DESC= Check "bin", "sbin" and "etc" directories
+SYSCHECK_DEFAULT_DEFINE= server local agent pushed
+SYSCHECK_DEFAULT_DEFAULT= server local pushed
+SYSCHECK_OPTIONS+= SYSCHECK_DEFAULT
+
+# OSSEC directories
+SYSCHECK_OSSEC_OPTION= OSSEC_SC
+SYSCHECK_OSSEC_DESC= Check OSSEC directories
+SYSCHECK_OSSEC_DEFINE= server local agent pushed
+SYSCHECK_OSSEC_DEFAULT= server local pushed
+SYSCHECK_OPTIONS+= SYSCHECK_OSSEC
+
+# Alert new files
+SYSCHECK_NEWFILES_OPTION= NEWFILES_SC
+SYSCHECK_NEWFILES_DESC= Alert on new files created
+SYSCHECK_NEWFILES_DEFINE= server local
+SYSCHECK_NEWFILES_DEFAULT= server local
+SYSCHECK_OPTIONS+= SYSCHECK_NEWFILES
+
+# Disable auto_ignore
+SYSCHECK_NOAUTO_OPTION= NOAUTO_SC
+SYSCHECK_NOAUTO_DESC= Disable auto_ignore feature
+SYSCHECK_NOAUTO_DEFINE= server local
+SYSCHECK_NOAUTO_DEFAULT= server local
+SYSCHECK_OPTIONS+= SYSCHECK_NOAUTO
+
+# Ignore /etc/hosts.allow
+SYSCHECK_HOSTDENY_DEPENDS= AR_HOSTDENY
+SYSCHECK_HOSTDENY_OPTION= HOSTDENY_SC
+SYSCHECK_HOSTDENY_DESC= Ignore access control files
+SYSCHECK_HOSTDENY_DEFINE= server local agent pushed
+SYSCHECK_HOSTDENY_DEFAULT= server local pushed
+SYSCHECK_OPTIONS+= SYSCHECK_HOSTDENY
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-19 01:33:58 +0000