Active response manager settings present on agent manifests

[Zenidd]

Hi team,

Description

• The active-response module uses the following options in the agent side:

• However, the agent module wrongly includes variables only related to the manager:

Related lines

wazuh-puppet/manifests/params_agent.pp

Lines 75 to 83 in 61b3b50

	# active response
	$active_response_disabled = 'no'
	$active_response_ca_verification = 'yes'
	$active_response_location = undef
	$active_response_level = undef
	$active_response_agent_id = undef
	$active_response_rules_id = []
	$active_response_timeout = undef
	$active_response_repeated_offenders = []

wazuh-puppet/manifests/agent.pp

Lines 219 to 230 in 61b3b50

	# active-response
	$ossec_active_response_disabled = $wazuh::params_agent::active_response_disabled,
	$ossec_active_response_linux_ca_store = $wazuh::params_agent::active_response_linux_ca_store,
	$ossec_active_response_ca_verification = $wazuh::params_agent::active_response_ca_verification,
	$ossec_active_response_command = $wazuh::params_agent::active_response_command,
	$ossec_active_response_location = $wazuh::params_agent::active_response_location,
	$ossec_active_response_level = $wazuh::params_agent::active_response_level,
	$ossec_active_response_agent_id = $wazuh::params_agent::active_response_agent_id,
	$ossec_active_response_rules_id = $wazuh::params_agent::active_response_rules_id,
	$ossec_active_response_timeout = $wazuh::params_agent::active_response_timeout,
	$ossec_active_response_repeated_offenders = $wazuh::params_agent::active_response_repeated_offenders,

Also, the render target for active-response module in the agent side still points to the old concat target ossec.conf:

Warning: /Stage[main]/Wazuh::Agent/Wazuh::Activeresponse[active-response configuration]/Concat::Fragment[Rendering active-response template]/Concat_fragment[Rendering active-response template]: Target Concat_file with path or title 'ossec.conf' or tag 'ossec.conf not found in the catalog

Greetings,

JP