HELP with cis-cat module!!!!!!!!!!!!

538 views
Skip to first unread message

Stephany A

unread,
Apr 12, 2023, 1:17:38 PM4/12/23
to Wazuh mailing list
Hello please someone who can help me with the cis cat module, I have wazuh manager 4.3.10 wazuh indexer 4.3.10 and filebeat 7.10.2. I have doubts if I should have kibana and elasticsearch for cis cat?

I configured it as it says in the step by step and no response appears in the logs


<wodle name="cis-cat"> <disabled>no</disabled> <timeout>1800</timeout> <interval>1d</interval> <scan-on-start>yes</scan-on-start> <java_path>/usr/lib/debug/usr/lib/jvm/java-1.8.0-openjdk-amd64</java_path> <ciscat_path>home/wazuh/Descargas/CIS-CAT-Lite-v4.28.0</ciscat_path> <ciscat_binary>Assessor-CLI.sh</ciscat_binary> <content type="xccdf" path="benchmarks/CIS_Ubuntu_Linux_20.04_LTS_Benchmark_v1.1.0-xccdf.xml"> <profile>"Level 2 - Server"</profile> </content> </wodle>


----------------------------------------------------------------------------------------------------------------------------------------
Can someone please clarify this question for me to see what I'm doing wrong, I'm new with wazuh, please and thank you



Stephany A

unread,
Apr 12, 2023, 1:19:35 PM4/12/23
to Wazuh mailing list
I attach the ossec file
ossec.conf

Federico Gustavo Galland

unread,
Apr 18, 2023, 12:21:48 PM4/18/23
to Wazuh mailing list
Hi Stephany,

You can find our documentation's user guide pertaining to the CIS-CAT integration below (the link you shared points to the configuration reference):

However, and quoting the article:

>  This integration requires CIS-CAT Pro, which is proprietary software. You can learn more about this tool and how to download it at the official CIS website.

Because the CIS-CAT Pro package is proprietary, we recommend more open options:

Let us know if this helps you.

Regards,
Federico Galland
Reply all
Reply to author
Forward
0 new messages