[TOOL-5160] added support for OSSEC agent daemon

1 files changed, 16 insertions, 4 deletions

diff --git a/include/tests_tooling b/include/tests_tooling
index 2090e99e..15fa3540 100644
--- a/include/tests_tooling
+++ b/include/tests_tooling
@@ -375,17 +375,29 @@
 #
     # Test        : TOOL-5160
     # Description : Check for OSSEC
-    Register --test-no TOOL-5126 --weight L --network NO --category security --description "Check for active OSSEC analysis daemon"
+    Register --test-no TOOL-5126 --weight L --network NO --category security --description "Check for active OSSEC daemon"
     if [ ${SKIPTEST} -eq 0 ]; then
-
+        # Server side
         if IsRunning "ossec-analysisd"; then
             IDS_IPS_TOOL_FOUND=1
-            LogText "Result: OSSEC analysis daemon is active"
             Report "ids_ips_tooling[]=ossec"
-            Display --indent 2 --text "- Checking presence of OSSEC" --result "${STATUS_FOUND}" --color GREEN
+            Report "ids_ips_tooling[]=ossec-analysisd"
+            LogText "Result: OSSEC analysis daemon is active"
+            Display --indent 2 --text "- Checking presence of OSSEC (analysis)" --result "${STATUS_FOUND}" --color GREEN
         else
             LogText "Result: OSSEC analysis daemon not active"
         fi
+
+        # Client side
+        if IsRunning "ossec-agentd"; then
+            IDS_IPS_TOOL_FOUND=1
+            Report "ids_ips_tooling[]=ossec"
+            Report "ids_ips_tooling[]=ossec-agentd"
+            LogText "Result: OSSEC agent daemon is active"
+            Display --indent 2 --text "- Checking presence of OSSEC (agent)" --result "${STATUS_FOUND}" --color GREEN
+        else
+            LogText "Result: OSSEC agent daemon not active"
+        fi
     fi
 #
 #################################################################################