blob: 51625150e5f3305172b5fe9149b89bcd2059d4e0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
SYSCHECK_MANAGED_CONF= 130.syscheck.conf
SYSCHECK_LOCAL_CONF= 530.syscheck.local.conf
SYSCHECK_DESC= File Integrity Checking (syscheck)
# Default direcotries
SYSCHECK_BASIC_OPTION= BASIC_SC
SYSCHECK_BASIC_PROFILE= basic
SYSCHECK_BASIC_DESC= "bin", "sbin" and "etc" directories
SYSCHECK_BASIC_DEFINE= server local agent pushed
SYSCHECK_BASIC_DEFAULT= server local pushed
SYSCHECK_OPTIONS+= SYSCHECK_BASIC
# OSSEC directories
SYSCHECK_OSSEC_OPTION= OSSEC_SC
SYSCHECK_OSSEC_PROFILE= ossec
SYSCHECK_OSSEC_DESC= OSSEC directories
SYSCHECK_OSSEC_DEFINE= server local agent pushed
SYSCHECK_OSSEC_DEFAULT= server local pushed
SYSCHECK_OPTIONS+= SYSCHECK_OSSEC
# Alert new files
SYSCHECK_NEWFILES_OPTION= NEWFILES_SC
SYSCHECK_NEWFILES_DESC= Alert on new files created
SYSCHECK_NEWFILES_DEFINE= server local
SYSCHECK_NEWFILES_DEFAULT= server local
SYSCHECK_OPTIONS+= SYSCHECK_NEWFILES
# Disable auto_ignore
SYSCHECK_NOAUTO_OPTION= NOAUTO_SC
SYSCHECK_NOAUTO_DESC= Disable auto_ignore feature
SYSCHECK_NOAUTO_DEFINE= server local
SYSCHECK_NOAUTO_DEFAULT= server local
SYSCHECK_OPTIONS+= SYSCHECK_NOAUTO
# Ignore /etc/hosts.allow
SYSCHECK_HOSTDENY_DEPENDS= AR_HOSTDENY
SYSCHECK_HOSTDENY_OPTION= HOSTDENY_SC
SYSCHECK_HOSTDENY_DESC= Ignore access control files
SYSCHECK_HOSTDENY_DEFINE= server local agent pushed
SYSCHECK_HOSTDENY_DEFAULT= server local pushed
SYSCHECK_OPTIONS+= SYSCHECK_HOSTDENY
# PostgreSQL directory
SYSCHECK_PGSQL_OPTION= PGSQL_SC
SYSCHECK_PGSQL_PROFILE= postgresql
SYSCHECK_PGSQL_DESC= PostgreSQL configuration files
SYSCHECK_PGSQL_DEFINE= server local agent pushed
SYSCHECK_PGSQL_DEFAULT= pushed
SYSCHECK_OPTIONS+= SYSCHECK_PGSQL
|
