Comments (3)
TASK [ansible-wazuh-manager : Configure ossec.conf] ********************************************************************************************************************************************************
fatal: [10.142.0.11]: FAILED! => {"changed": false, "msg": "AnsibleError: Unexpected templating type error occurred on (<!--\n Wazuh - Manager - Default configuration\n More info at: https://documentation.wazuh.com\n Mailing list: https://groups.google.com/forum/#!forum/wazuh\n-->\n\n<ossec_config>\n <global>\n <jsonout_output>{{ wazuh_manager_config.json_output }}</jsonout_output>\n <alerts_log>{{ wazuh_manager_config.alerts_log }}</alerts_log>\n <logall>{{ wazuh_manager_config.logall }}</logall>\n {% if wazuh_manager_config.email_notification | lower == \"yes\" %}\n <email_notification>yes</email_notification>\n {% else %}\n <email_notification>no</email_notification>\n {% endif %}\n {% for to in wazuh_manager_config.mail_to %}\n <email_to>{{ to }}</email_to>\n {% endfor %}\n <smtp_server>{{ wazuh_manager_config.mail_smtp_server }}</smtp_server>\n <email_from>{{ wazuh_manager_config.mail_from }}</email_from>\n </global>\n\n <cluster>\n <disabled>{{ wazuh_manager_config.cluster.disable }}</disabled>\n <name>{{ wazuh_manager_config.cluster.name }}</name>\n <node_name>{{ wazuh_manager_config.cluster.node_name }}</node_name>\n <node_type>{{ wazuh_manager_config.cluster.node_type }}</node_type>\n <key>{{ wazuh_manager_config.cluster.key }}</key>\n <interval>{{ wazuh_manager_config.cluster.interval }}</interval>\n <port>{{ wazuh_manager_config.cluster.port }}</port>\n <bind_addr>{{ wazuh_manager_config.cluster.bind_addr }}</bind_addr>\n <nodes>\n {% for node in wazuh_manager_config.cluster.nodes %}\n <node>{{ node }}</node>\n {% endfor %}\n </nodes>\n <hidden>{{ wazuh_manager_config.cluster.hidden }}</hidden>\n </cluster>\n\n <logging>\n <log_format>{{ wazuh_manager_config.log_format }}</log_format>\n </logging>\n\n{% if wazuh_manager_config.authd.enable == true %}\n <auth>\n <disabled>no</disabled>\n {% if wazuh_manager_config.authd.port is not none %}<port>{{wazuh_manager_config.authd.port}}</port>{% else %}<port>1515</port>{% endif %}\n {% if wazuh_manager_config.authd.use_source_ip is not none %}<use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>{% endif %}\n {% if wazuh_manager_config.authd.force_insert is not none %}<force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>{% endif %}\n {% if wazuh_manager_config.authd.force_time is not none %}<force_time>{{wazuh_manager_config.authd.force_time}}</force_time>{% endif %}\n {% if wazuh_manager_config.authd.purge is not none %}<purge>{{wazuh_manager_config.authd.purge}}</purge>{% endif %}\n {% if wazuh_manager_config.authd.use_password is not none %}<use_password>{{wazuh_manager_config.authd.use_password}}</use_password>{% endif %}\n {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}<ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>{% endif %}\n {% if wazuh_manager_config.authd.ssl_verify_host is not none %}<ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>{% endif %}\n {% if wazuh_manager_config.authd.ssl_manager_cert is not none %}<ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>{% endif %}\n {% if wazuh_manager_config.authd.ssl_manager_key is not none %}<ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>{% endif %}\n {% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}<ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>{% endif %}\n </auth>\n{% endif %}\n\n{% if wazuh_manager_config.extra_emails is defined %}\n{% for mail in wazuh_manager_config.extra_emails %}\n{% if mail.enable == true %}\n <email_alerts>\n <email_to>{{ mail.mail_to }}</email_to>\n {% if mail.format is not none %}\n <format>{{ mail.format }}</format>\n {% endif %}\n {% if mail.level is not none %}\n <level>{{ mail.level }}</level>\n {% endif %}\n {% if mail.event_location is not none %}\n <event_location>{{ mail.event_location }}</event_location>\n {% endif %}\n {% if mail.group is not none %}\n <group>{{ mail.group }}</group>\n {% endif %}\n {% if mail.do_not_delay is not none and mail.do_not_delay == true %}\n <do_not_delay />\n {% endif %}\n {% if mail.do_not_group is not none and mail.do_not_group == true %}\n <do_not_group />\n {% endif %}\n {% if mail.rule_id is not none %}\n <rule_id>{{ mail.rule_id }}</rule_id>\n {% endif %}\n </email_alerts>\n{% endif %}\n{% endfor %}\n{% endif %}\n\n{% if wazuh_manager_config.reports is defined %}\n{% for report in wazuh_manager_config.reports %}\n{% if report.enable == true %}\n <reports>\n <category>{{ report.category }}</category>\n <title>{{ report.title }}</title>\n <email_to>{{ report.email_to }}</email_to>\n {% if report.location is not none %}<location>{{ report.location }}</location>{% endif %}\n {% if report.group is not none %}<group>{{ report.group }}</group>{% endif %}\n {% if report.rule is not none %}<rule>{{ report.rule }}</rule>{% endif %}\n {% if report.level is not none %}<level>{{ report.level }}</level>{% endif %}\n {% if report.srcip is not none %}<srcip>{{ report.srcip }}</srcip>{% endif %}\n {% if report.user is not none %}<user>{{ report.user }}</user>{% endif %}\n {% if report.showlogs is not none %}<showlogs>{{ report.showlogs }}</showlogs>{% endif %}\n </reports>\n{% endif %}\n{% endfor %}\n{% endif %}\n\n <alerts>\n <log_alert_level>{{ wazuh_manager_config.log_level }}</log_alert_level>\n <email_alert_level>{{ wazuh_manager_config.email_level }}</email_alert_level>\n </alerts>\n\n <remote>\n {% for connection in wazuh_manager_config.connection %}\n <connection>{{ connection.type }}</connection>\n <port>{{ connection.port }}</port>\n <protocol>{{ connection.protocol }}</protocol>\n {% endfor %}\n </remote>\n\n <rootcheck>\n <disabled>no</disabled>\n <check_unixaudit>yes</check_unixaudit>\n <check_files>yes</check_files>\n <check_trojans>yes</check_trojans>\n <check_dev>yes</check_dev>\n <check_sys>yes</check_sys>\n <check_pids>yes</check_pids>\n <check_ports>yes</check_ports>\n <check_if>yes</check_if>\n\n <!-- Frequency that rootcheck is executed - every 12 hours -->\n <frequency>{{ wazuh_manager_config.rootcheck.frequency }}</frequency>\n\n <rootkit_files>/var/ossec/etc/shared/default/rootkit_files.txt</rootkit_files>\n <rootkit_trojans>/var/ossec/etc/shared/default/rootkit_trojans.txt</rootkit_trojans>\n <system_audit>/var/ossec/etc/shared/default/system_audit_rcl.txt</system_audit>\n <system_audit>/var/ossec/etc/shared/default/system_audit_ssh.txt</system_audit>\n {% if cis_distribution_filename is defined %}\n <system_audit>/var/ossec/etc/shared/default/{{ cis_distribution_filename }}</system_audit>\n {% endif %}\n\n <skip_nfs>yes</skip_nfs>\n </rootcheck>\n\n <syscheck>\n <auto_ignore>{{ wazuh_manager_config.syscheck.auto_ignore }}</auto_ignore>\n <alert_new_files>{{ wazuh_manager_config.syscheck.alert_new_files }}</alert_new_files>\n <!-- Frequency that syscheck is executed -- default every 20 hours -->\n <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>\n <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>\n\n <!-- Directories to check (perform all possible verifications) -->\n {% if wazuh_manager_config.syscheck.directories is defined %}\n {% for directory in wazuh_manager_config.syscheck.directories %}\n <directories {{ directory.checks }}>{{ directory.dirs }}</directories>\n {% endfor %}\n {% endif %}\n\n <!-- Files/directories to ignore -->\n {% if wazuh_manager_config.syscheck.ignore is defined %}\n {% for ignore in wazuh_manager_config.syscheck.ignore %}\n <ignore>{{ ignore }}</ignore>\n {% endfor %}\n {% endif %}\n\n <!-- Files no diff -->\n {% for no_diff in wazuh_manager_config.syscheck.no_diff %}\n <nodiff>{{ no_diff }}</nodiff>\n {% endfor %}\n </syscheck>\n\n {% if ansible_system == \"Linux\" and wazuh_manager_config.openscap.disable == 'no' %}\n <wodle name=\"open-scap\">\n <disabled>no</disabled>\n <timeout>{{ wazuh_manager_config.openscap.timeout }}</timeout>\n <interval>{{ wazuh_manager_config.openscap.interval }}</interval>\n <scan-on-start>{{ wazuh_manager_config.openscap.scan_on_start }}</scan-on-start>\n {% if ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial' %}\n <content type=\"xccdf\" path=\"ssg-ubuntu-1604-ds.xml\">\n <profile>xccdf_org.ssgproject.content_profile_common</profile>\n </content>\n {% elif ansible_distribution == 'Debian' %}\n {% if ansible_distribution_release == 'jessie' %}\n {% if openscap_version_valid.stdout == \"0\" %}\n <content type=\"xccdf\" path=\"ssg-debian-8-ds.xml\">\n <profile>xccdf_org.ssgproject.content_profile_common</profile>\n </content>\n <content type=\"oval\" path=\"cve-debian-8-oval.xml\"/>\n {% endif %}\n {% elif ansible_distribution_release == 'stretch' %}\n <content type=\"oval\" path=\"cve-debian-9-oval.xml\"/>\n {% endif %}\n {% elif ansible_distribution == 'CentOS' %}\n {% if ansible_distribution_major_version == '7' %}\n <content type=\"xccdf\" path=\"ssg-centos-7-ds.xml\">\n {% elif ansible_distribution_major_version == '6' %}\n <content type=\"xccdf\" path=\"ssg-centos-6-ds.xml\">\n {% endif %}\n <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>\n <profile>xccdf_org.ssgproject.content_profile_common</profile>\n </content>\n {% elif ansible_distribution == 'RedHat' %}\n {% if ansible_distribution_major_version == '7' %}\n <content type=\"xccdf\" path=\"ssg-rhel-7-ds.xml\">\n {% elif ansible_distribution_major_version == '6' %}\n <content type=\"xccdf\" path=\"ssg-rhel-6-ds.xml\">\n {% endif %}\n <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>\n <profile>xccdf_org.ssgproject.content_profile_common</profile>\n </content>\n {% if ansible_distribution_major_version == '7' %}\n <content type=\"oval\" path=\"cve-redhat-7-ds.xml\"/>\n {% elif ansible_distribution_major_version == '6' %}\n <content type=\"oval\" path=\"cve-redhat-6-ds.xml\"/>\n {% endif %}\n {% elif ansible_distribution == 'Fedora' %}\n <content type=\"xccdf\" path=\"ssg-fedora-ds.xml\">\n <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>\n <profile>xccdf_org.ssgproject.content_profile_common</profile>\n </content>\n {% endif %}\n </wodle>\n {% endif %}\n\n {% if wazuh_manager_config.cis_cat.disable == 'no' %}\n <wodle name=\"cis-cat\">\n <disabled>no</disabled>\n <timeout>{{ wazuh_manager_config.cis_cat.timeout }}</timeout>\n <interval>{{ wazuh_manager_config.cis_cat.interval }}</interval>\n <scan-on-start>{{ wazuh_manager_config.cis_cat.scan_on_start }}</scan-on-start>\n {% if wazuh_manager_config.cis_cat.install_java == 'yes' %}\n <java_path>/usr/bin</java_path>\n {% else %}\n <java_path>{{ wazuh_manager_config.cis_cat.java_path }}</java_path>\n {% endif %}\n <ciscat_path>{{ wazuh_manager_config.cis_cat.ciscat_path }}</ciscat_path>\n {% for benchmark in wazuh_manager_config.cis_cat.content %}\n <content type=\"{{ benchmark.type }}\" path=\"{{ benchmark.path }}\">\n <profile>{{ benchmark.profile }}</profile>\n </content>\n {% endfor %}\n </wodle>\n {% endif %}\n\n {% if ansible_system == \"Linux\" and wazuh_manager_config.vuls.disable == 'no' %}\n <wodle name=\"command\">\n <disabled>no</disabled>\n <tag>Wazuh-VULS</tag>\n <command>/usr/bin/python /var/ossec/wodles/vuls/vuls.py{% for arg in wazuh_manager_config.vuls.args %} --{{ arg }}{% endfor %}</command>\n <interval>{{ wazuh_manager_config.vuls.interval }}</interval>\n <ignore_output>yes</ignore_output>\n <run_on_start>{{ wazuh_manager_config.vuls.run_on_start }}</run_on_start>\n </wodle>\n {% endif %}\n\n{% if agentless_creeds is defined %}\n{% for agentless in agentless_creeds %}\n <agentless>\n <type>{{ agentless.type }}</type>\n <frequency>{{ agentless.frequency }}</frequency>\n <host>{{ agentless.host }}</host>\n <state>{{ agentless.state }}</state>\n {% if agentless.arguments is defined %}\n <arguments>{{ agentless.arguments }}</arguments>\n {% endif %}\n </agentless>\n\n{% endfor %}\n{% endif %}\n\n <global>\n{% for white_list in wazuh_manager_config.globals %}\n <white_list>{{ white_list }}</white_list>\n{% endfor %}\n </global>\n\n {% for command in wazuh_manager_config.commands %}\n <command>\n <name>{{ command.name }}</name>\n <executable>{{ command.executable }}</executable>\n <expect>{{ command.expect }}</expect>\n <timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed>\n </command>\n {% endfor %}\n\n\n <ruleset>\n <!-- Default ruleset -->\n <decoder_dir>ruleset/decoders</decoder_dir>\n <rule_dir>ruleset/rules</rule_dir>\n <rule_exclude>0215-policy_rules.xml</rule_exclude>\n {% if cdb_lists is defined %}\n {% for list in cdb_lists %}\n <list>etc/lists/{{ list.name }}</list>\n {% endfor %}\n {% endif %}\n\n <!-- User-defined ruleset -->\n <decoder_dir>etc/decoders</decoder_dir>\n <rule_dir>etc/rules</rule_dir>\n </ruleset>\n\n <!-- Active Response Config -->\n{% for response in wazuh_manager_config.active_responses %}\n <active-response>\n <disabled>no</disabled>\n <command>{{ response.command }}</command>\n {%if response.location is defined %}<location>{{ response.location }}</location>{% endif %}\n {%if response.agent_id is defined %}<agent_id>{{ response.agent_id }}</agent_id>{% endif %}\n {%if response.level is defined %}<level>{{ response.level }}</level>{% endif %}\n {%if response.rules_group is defined %}<rules_group>{{ response.rules_group }}</rules_group>{% endif %}\n {%if response.rules_id is defined %}<rules_id>{{ response.rules_id }}</rules_id>{% endif %}\n {%if response.timeout is defined %}<timeout>{{ response.timeout }}</timeout>{% endif %}\n {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}\n </active-response>\n{% endfor %}\n\n <!-- Files to monitor (localfiles) -->\n{% for localfile in wazuh_manager_config.localfiles %}\n <localfile>\n <log_format>{{ localfile.format }}</log_format>\n {% if localfile.format == 'command' or localfile.format == 'full_command' %}\n <command>{{ localfile.command }}</command>\n <frequency>{{ localfile.frequency }}</frequency>\n {% else %}\n <location>{{ localfile.location }}</location>\n {% endif %}\n </localfile>\n{% endfor %}\n\n{% if wazuh_manager_config.syslog_outputs is defined %}\n{% for syslog_output in wazuh_manager_config.syslog_outputs %}\n{% if syslog_output.server is not none %}\n <syslog_output>\n <server>{{ syslog_output.server }}</server>\n <port>{{ syslog_output.port }}</port>\n <format>{{ syslog_output.format }}</format>\n </syslog_output>\n{% endif %}\n{% endfor %}\n{% endif %}\n\n</ossec_config>\n): 'NoneType' object is not iterable"}
from wazuh-ansible.
I think I understand the issue a bit better now.
Based on documentation (https://documentation.wazuh.com/current/deploying-with-ansible/roles/wazuh-manager.html) I can create a variable file - vars-production.yml. Add specific configurations and the run:
ansible-playbook wazuh-manager.yml [email protected]
However if I create a wazuh_manager_config dictionary in vars-production.yml it completely overrides wazuh_manager_config from default/main.yml and then I get to copy-attributes-hell.
Either documentation should be fixed in some way or the variables in the playbook.
from wazuh-ansible.
Hi @andel7,
Yes, this is the expected behavior according to Ansible the variable precedence. We're going to update our ansible documentation in ASAP, I created an issue here: wazuh/wazuh-documentation#282 in order to track this one and add your suggestions. Thanks!
Best Regards,
from wazuh-ansible.
Related Issues (20)
- Scheduled upward merges for numbered branches in wazuh-ansible repository - Fortnight #5
- Support new stage Beta 3 for 4.8.0 in wazuh-ansible repository HOT 1
- Generate final tag and publish draft release for Wazuh 4.7.3 HOT 1
- Post release tasks for 4.7.3 HOT 1
- Role wazuh-ansible-agent not idempotent when installing from repository HOT 4
- Support new stage Beta 4 for 4.8.0 in wazuh-ansible repository HOT 1
- Expand syscollector - Firewall status.
- Scheduled upward merges for numbered branches in wazuh-ansible repository - Fortnight #7 HOT 1
- Support new stage Beta 5 for 4.8.0 in wazuh-ansible repository HOT 1
- Fix `4.x` and `4.9` references in master branch
- Add possibility to choose url or path for cve sources in var-ossec-etc-ossec-server.conf.j2 template in 4.7.3 HOT 1
- V4.8 / V4.9 / V5.0 var-ossec-etc-ossec-server.conf.j2 does not support offline update for cve HOT 1
- Support new Wazuh version 4.7.4 in wazuh-ansible repository
- Support new stage Beta 6 for 4.8.0 in wazuh-ansible repository HOT 1
- Support new stage RC 1 for 4.7.4 in wazuh-ansible repository HOT 1
- Support new stage RC 2 for 4.7.4 in wazuh-ansible repository HOT 1
- Generate final tag and publish draft release for Wazuh 4.7.4
- Post release tasks for 4.7.4
- Repository 5.x does not have release file HOT 3
- Support new stage RC 1 for 4.8.0 in wazuh-ansible repository HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wazuh-ansible.