From de7d64a8a0be0dcb7a8375e248525b01813563c4 Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Tue, 23 Oct 2018 12:58:22 +0200
Subject: [TOOL-5160] OSSEC detection test

---
 include/tests_tooling | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/include/tests_tooling b/include/tests_tooling
index 3112ef0c..6dc486ba 100644
--- a/include/tests_tooling
+++ b/include/tests_tooling
@@ -362,6 +362,23 @@
     fi
 #
 #################################################################################
+#
+    # Test        : TOOL-5160
+    # Description : Check for OSSEC
+    Register --test-no TOOL-5126 --weight L --network NO --category security --description "Check for presence of Snort"
+    if [ ${SKIPTEST} -eq 0 ]; then
+
+        if IsRunning "ossec-analysisd"; then
+            IDS_IPS_TOOL_FOUND=1
+            LogText "Result: OSSEC analysis daemon is active"
+            Report "ids_ips_tooling[]=ossec"
+            Display --indent 2 --text "- Checking presence of OSSEC" --result "${STATUS_FOUND}" --color GREEN
+        else
+            LogText "Result: OSSEC analysis daemon not active"
+        fi
+    fi
+#
+#################################################################################
 #
     # Test        : TOOL-5190
     # Description : Check for an IDS/IPS tool
-- 
cgit v1.2.3