-
Notifications
You must be signed in to change notification settings - Fork 1
/
ossec_install.sh
93 lines (85 loc) · 2.69 KB
/
ossec_install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#!/bin/bash
#
# @dorancemc - 10-sep-2016
#
# Script para installar ossec
# Validado en : Debian 7+, Ubuntu 16+, Centos 6+, SuSE 13+
#
#
linux_variant() {
if [ -f "/etc/debian_version" ]; then
distro="debian"
elif [ -f "/etc/redhat-release" ]; then
distro="redhat"
elif [ -f "/etc/SuSE-release" ]; then
distro="suse"
else
distro="unknown"
fi
}
command_exists () {
type "$1" &> /dev/null ;
}
debian() {
if ! command_exists lsb_release ; then
apt-get install -y lsb-release
fi
distro=$(lsb_release -s -i | tr '[:upper:]' '[:lower:]')
version=$(lsb_release -s -c )
echo "deb http://ossec.wazuh.com/repos/apt/${distro} ${version} main" > /etc/apt/sources.list.d/ossec.list &&
apt-key adv --fetch-keys http://ossec.wazuh.com/repos/apt/conf/ossec-key.gpg.key &&
apt-get update &&
apt-cache search ossec &&
if [ "$install" = "server" ]; then
echo ossec-hids ossec-hids/email_notification select yes | debconf-set-selections &&
echo ossec-hids ossec-hids/email_from string ossecm@localhost | debconf-set-selections &&
echo ossec-hids ossec-hids/smtp_server string localhost | debconf-set-selections &&
echo ossec-hids ossec-hids/email_to string root@localhost | debconf-set-selections &&
apt-get install ossec-hids -y
else
echo ossec-hids-agent ossec-hids-agent/server-ip string 127.0.0.1 | debconf-set-selections &&
apt-get install ossec-hids-agent -y
fi
}
redhat() {
if ! command_exists wget ; then
yum install wget -y
fi
wget -q https://www.atomicorp.com/RPM-GPG-KEY.art.txt 1>/dev/null 2>&1 &&
wget -q https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt 1>/dev/null 2>&1 &&
rpm -import RPM-GPG-KEY.art.txt >/dev/null 2>&1
rpm -import RPM-GPG-KEY.atomicorp.txt >/dev/null 2>&1
wget -q http://updates.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/atomic-release-1.0-21.el6.art.noarch.rpm &&
rpm -Uvh atomic-release-1.0-21.el6.art.noarch.rpm &&
if [ "$install" == "server" ]; then
yum install -y ossec-hids-server
else
yum install -y ossec-hids-client
fi
}
suse (){
if ! command_exists wget ; then
zypper --non-interactive install wget
fi
zypper --non-interactive install gcc &&
mkdir -p /tmp/ossec && cd /tmp/ossec &&
wget https://github.com/ossec/ossec-hids/archive/v2.8.3.tar.gz &&
tar -zxvf v2.8.3 &&
cd ossec-hids-2.8.3/src/ &&
if [ "$install" == "server" ]; then
make setlocal && make all && make local
else
make setagent && make all && make agent
fi
cp init/ossec-hids-suse.init /etc/init.d/ossec-hids
chmod 755 /etc/init.d/ossec-hids
chkconfig --add ossec-hids
}
unknown() {
echo "distro no soportada por este script :( "
}
run_core() {
linux_variant
$distro
}
run_core