Merge pull request wazuh#717 from wazuh/merge-4.7.0-into-master

Merge `4.7.0` into `master`

CHANGELOG.md

@@ -19,6 +19,12 @@ All notable changes to this project will be documented in this file.
 
 - Support to 4.6.0 Wazuh release.
 
+## Wazuh Puppet v4.5.2
+
+### Added
+
+- Support to 4.5.2 Wazuh release.
+
 ## Wazuh Puppet v4.5.1
 
 ### Added

kitchen/Puppetfile

@@ -24,3 +24,6 @@ mod "wazuh/wazuh"
 
 # A module from Github pre-packaged tarball
 # mod 'puppetlabs-apache', '0.6.0', :github_tarball => 'puppetlabs/puppetlabs-apache'
+
+# A module for configure zypper repo
+# mod 'puppet-zypprepo', '4.0.1'

manifests/agent.pp

@@ -318,7 +318,7 @@
   'Linux': {
     ## ossec.conf generation concats
     case $::operatingsystem {
-      'RedHat', 'OracleLinux':{
+      'RedHat', 'OracleLinux', 'Suse':{
         $apply_template_os = 'rhel'
         if ( $::operatingsystemrelease =~ /^9.*/ ){
           $rhel_version = '9'
@@ -342,6 +342,8 @@
         $apply_template_os = 'amazon'
       }'CentOS','Centos','centos','AlmaLinux':{
         $apply_template_os = 'centos'
+      }'SLES':{
+        $apply_template_os = 'suse'
       }
       default: { fail('OS not supported') }
     }

manifests/manager.pp

@@ -177,13 +177,11 @@
       $vulnerability_detector_provider_redhat                    = $wazuh::params_manager::vulnerability_detector_provider_redhat,
       $vulnerability_detector_provider_redhat_enabled            = $wazuh::params_manager::vulnerability_detector_provider_redhat_enabled,
       $vulnerability_detector_provider_redhat_os                 = $wazuh::params_manager::vulnerability_detector_provider_redhat_os,
-      $vulnerability_detector_provider_redhat_update_from_year   = $wazuh::params_manager::vulnerability_detector_provider_redhat_update_from_year,
       $vulnerability_detector_provider_redhat_update_interval    = $wazuh::params_manager::vulnerability_detector_provider_redhat_update_interval,
 
       $vulnerability_detector_provider_nvd                       = $wazuh::params_manager::vulnerability_detector_provider_nvd,
       $vulnerability_detector_provider_nvd_enabled               = $wazuh::params_manager::vulnerability_detector_provider_nvd_enabled,
       $vulnerability_detector_provider_nvd_os                    = $wazuh::params_manager::vulnerability_detector_provider_nvd_os,
-      $vulnerability_detector_provider_nvd_update_from_year      = $wazuh::params_manager::vulnerability_detector_provider_nvd_update_from_year,
       $vulnerability_detector_provider_nvd_update_interval       = $wazuh::params_manager::vulnerability_detector_provider_nvd_update_interval,
       #lint:endignore
 

manifests/params_agent.pp

@@ -466,6 +466,25 @@
             default: { fail('This ossec module has not been tested on your distribution') }
           }
         }
+        'Suse': {
+          $service_has_status = true
+
+          $default_local_files = [
+            { 'location' => '/var/log/audit/audit.log', 'log_format' => 'audit' },
+            { 'location' => '/var/ossec/logs/active-responses.log', 'log_format' => 'syslog' },
+            { 'location' => '/var/log/messages', 'log_format' => 'syslog' },
+            { 'location' => '/var/log/secure', 'log_format' => 'syslog' },
+            { 'location' => '/var/log/maillog', 'log_format' => 'syslog' },
+          ]
+          case $::operatingsystem {
+            'SLES': {
+              if ( $::operatingsystemrelease =~ /^(12|15).*/ ) {
+                $ossec_service_provider = 'redhat'
+              }
+            }
+            default: { fail('This ossec module has not been tested on your distribution') }
+          }
+        }
         default: { fail('This ossec module has not been tested on your distribution') }
       }
     }

manifests/params_manager.pp

@@ -186,14 +186,12 @@
       $vulnerability_detector_provider_redhat                    = 'yes'
       $vulnerability_detector_provider_redhat_enabled            = 'no'
       $vulnerability_detector_provider_redhat_os                 = ['5','6','7','8']
-      $vulnerability_detector_provider_redhat_update_from_year   = '2010'
       $vulnerability_detector_provider_redhat_update_interval    = '1h'      # syslog
 
 
       $vulnerability_detector_provider_nvd                    = 'yes'
       $vulnerability_detector_provider_nvd_enabled            = 'no'
       $vulnerability_detector_provider_nvd_os                 = []
-      $vulnerability_detector_provider_nvd_update_from_year   = '2010'
       $vulnerability_detector_provider_nvd_update_interval    = '1h'
 
       $vulnerability_detector_provider_arch                   = 'yes'
@@ -551,6 +549,31 @@
             default: { fail('This ossec module has not been tested on your distribution') }
           }
         }
+        'Suse': {
+
+          $agent_service  = 'wazuh-agent'
+          $agent_package  = 'wazuh-agent'
+          $server_service = 'wazuh-manager'
+          $server_package = 'wazuh-manager'
+          $service_has_status  = true
+
+          $default_local_files =[
+              {  'location' => '/var/log/audit/audit.log' , 'log_format' => 'audit'},
+              {  'location' => '/var/ossec/logs/active-responses.log' , 'log_format' => 'syslog'},
+              {  'location' => '/var/log/messages', 'log_format' => 'syslog'},
+              {  'location' => '/var/log/secure' , 'log_format' => 'syslog'},
+              {  'location' => '/var/log/maillog' , 'log_format' => 'syslog'},
+          ]
+          case $::operatingsystem {
+            'SLES': {
+              if ( $::operatingsystemrelease =~ /^(12|15).*/ ) {
+                $ossec_service_provider = 'redhat'
+                $api_service_provider = 'redhat'
+              }
+            }
+            default: { fail('This ossec module has not been tested on your distribution') }
+          }
+        }
         default: { fail('This ossec module has not been tested on your distribution') }
       }
     }

manifests/repo.pp

@@ -33,9 +33,9 @@
         default: { fail('This ossec module has not been tested on your distribution (or lsb package not installed)') }
       }
     }
-    'Linux', 'RedHat' : {
+    'Linux', 'RedHat', 'Suse' : {
         case $::os[name] {
-          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux)$/: {
+          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux|SLES)$/: {
             if ( $::operatingsystemrelease =~ /^5.*/ ) {
               $baseurl  = 'https://packages.wazuh.com/4.x/yum/5/'
               $gpgkey   = 'http://packages.wazuh.com/key/GPG-KEY-WAZUH'
@@ -46,16 +46,30 @@
           }
           default: { fail('This ossec module has not been tested on your distribution.') }
         }
-      # Set up OSSEC repo
-      yumrepo { 'wazuh':
-        descr    => 'WAZUH OSSEC Repository - www.wazuh.com',
-        enabled  => true,
-        gpgcheck => 1,
-        gpgkey   => $gpgkey,
-        baseurl  => $baseurl
-      }
-
+        # Set up OSSEC repo
+        case $::os[name] {
+          /^(CentOS|RedHat|OracleLinux|Fedora|Amazon|AlmaLinux)$/: {
+            yumrepo { 'wazuh':
+              descr    => 'WAZUH OSSEC Repository - www.wazuh.com',
+              enabled  => true,
+              gpgcheck => 1,
+              gpgkey   => $gpgkey,
+              baseurl  => $baseurl
+            }
+          }
+          /^(SLES)$/: {
+            zypprepo { 'wazuh':
+              ensure        => present,
+              name          => 'WAZUH OSSEC Repository - www.wazuh.com',
+              enabled       => 1,
+              gpgcheck      => 0,
+              repo_gpgcheck => 0,
+              pkg_gpgcheck  => 0,
+              gpgkey        => $gpgkey,
+              baseurl       => $baseurl
+            }
+          }
+        }
     }
-    default: { fail('This ossec module has not been tested on your distribution') }
   }
 }

metadata.json

@@ -36,6 +36,10 @@
       "name": "puppetlabs/powershell",
       "version_requirement": ">= 2.0.0 < 5.0.0"
     },
+    {
+      "name": "puppet/zypprepo",
+      "version_requirement": "= 4.0.1"
+    },
     {
       "name": "puppet/archive",
       "version_requirement": ">= 0.4.8 < 7.0.0"

templates/fragments/_vulnerability_detector.erb

@@ -29,7 +29,6 @@
 <% if @vulnerability_detector_provider_redhat %>
   <provider name="redhat">
     <% if @vulnerability_detector_provider_redhat_enabled %><enabled><%= @vulnerability_detector_provider_redhat_enabled %></enabled><% end %>
-    <% if @vulnerability_detector_provider_redhat_update_from_year %><update_from_year><%= @vulnerability_detector_provider_redhat_update_from_year %></update_from_year><% end %>
     <% if @vulnerability_detector_provider_redhat_update_interval %><update_interval><%= @vulnerability_detector_provider_redhat_update_interval %></update_interval><% end %>
     <% if !@vulnerability_detector_provider_redhat_os.empty? %>
     <% @vulnerability_detector_provider_redhat_os.each do |os| %>
@@ -41,9 +40,8 @@
 <% if @vulnerability_detector_provider_nvd %>
   <provider name="nvd">
     <% if @vulnerability_detector_provider_nvd_enabled %><enabled><%= @vulnerability_detector_provider_nvd_enabled %></enabled><% end %>
-    <% if @vulnerability_detector_provider_nvd_update_from_year %><update_from_year><%= @vulnerability_detector_provider_nvd_update_from_year %></update_from_year><% end %>
     <% if @vulnerability_detector_provider_nvd_update_interval %><update_interval><%= @vulnerability_detector_provider_nvd_update_interval %></update_interval><% end %>
-  </provider>   
+  </provider>
 <% end %>
 <% if @vulnerability_detector_provider_arch %>
   <provider name="arch">
@@ -69,4 +67,3 @@
   </provider>
 <% end %>
 </vulnerability-detector>
-