Slide 19
Slide 19 text
Reset the Client
"
define ossec::reset() {
notify { "OSSEC SERVER RESET: $name (prev:$::prev_ossec_server)": }
# Remove the Client Keys
exec {
"ossec-stop":
path => [ '/sbin', '/bin', '/usr/bin', '/var/ossec/bin' ],
timeout => 10,
command => "ossec-control stop";
"
"ossec-remove-client-keys":
before => Exec['agent-auth'],
onlyif => 'test -f /var/ossec/etc/client.keys',
command => '/bin/rm -f /var/ossec/etc/client.keys’,
require => Exec['ossec-stop'];
"
"ossec-rids-reset":
path => [ '/bin', ‘/usr/bin' ],
timeout => 10,
command => "rm -f /var/ossec/queue/rids/*",
require => Exec['ossec-stop'],
notify => Service['ossec-hids'];
}
}
}