--- etc/ossec-server.conf 2024-05-10 18:10:43.842257000 -0500
+++ etc/ossec-server.conf 2024-05-10 18:15:26.471699000 -0500
@@ -28,7 +28,8 @@
secure
1514
- tcp
+ udp
+ 131072
@@ -200,7 +201,7 @@
syslog
- /var/log/syslog
+ /var/log/userlog
@@ -211,7 +212,7 @@
full_command
- netstat -tan |grep LISTEN |grep -v 127.0.0.1 | sort
+ (netstat -n -f inet && netstat -n -f inet) | grep -e "udp" -e "tcp" | sed 's/\([[:alnum:]]*\)\ *[[:digit:]]*\ *[[:digit:]]*\ *\([[:digit:]\.]*\)\.\([[:digit:]]*\)\ *\([[:digit:]\.]*\).*/\1 \2 == \3 == \4/' | sort -k4 -g | sed 's/ == \(.*\) ==/.\1/'
360
@@ -233,4 +234,32 @@
etc/rules
+
+
+ no
+ 1515
+ no
+ yes
+ yes
+ HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH
+
+ no
+ etc/sslmanager.cert
+ etc/sslmanager.key
+ no
+
+
+
+ wazuh
+ indexer1
+ master
+
+ 1516
+ 0.0.0.0
+
+ NODE_IP
+
+ no
+ yes
+