Added ClamAV installation with Ansible

See merge request medina/security-monitoring!1

security-monitoring-ansible/README.md

@@ -3,6 +3,8 @@
 This project is meant for quickly setting up Wazuh instance using Ansible scripts
 on top infrastructure provisioned using Vagrant.
 
+In addition to Wazuh, ClamAV is also installed to agent machines (for testing purposes).
+
 ## Requirements
 
  * Vagrant 2.2.14

security-monitoring-ansible/ansible/clamav/tasks/install-clamav.yml

+---
+- name: Install Epel-Release 
+  become: True
+  yum:
+    name: epel-release
+
+- name: Install ClamAV packages
+  become: True
+  yum:
+    name: 
+      - clamav-server 
+      - clamav-data 
+      - clamav-update 
+      - clamav-filesystem 
+      - clamav 
+      - clamav-scanner-systemd 
+      - clamav-devel 
+      - clamav-lib 
+      - clamav-server-systemd
+
+- name: Configure SELinux
+  become: true
+  command: setsebool -P {{ item }}
+  with_items:
+    - antivirus_can_scan_system 1
+    - clamd_use_jit 1
+
+- name: Edit ClamAV configuration
+  become: true  
+  replace:
+    path: /etc/clamd.d/scan.conf
+    regexp: '^Example'
+    replace: '#Example'
+
+- name: Edit ClamAV socket location configuration
+  become: true  
+  replace:
+    path: /etc/clamd.d/scan.conf
+    regexp: '#LocalSocket /run/clamd.scan/clamd.sock'
+    replace: 'LocalSocket /tmp/clamd.sock'
+
+- name: Edit ClamAV’s freshclam update engine configuration
+  become: true
+  replace:
+    path: /etc/freshclam.conf
+    regexp: '^Example'
+    replace: '#Example'
+
+- name: Run virus definition database update
+  become: True
+  command: freshclam
+
+- name: Start ClamAV and run it on boot
+  become: True
+  service:
+    name: clamd@scan
+    state: restarted
+    enabled: yes
\ No newline at end of file

security-monitoring-ansible/ansible/provision-agents.yml

@@ -17,3 +17,6 @@
           api_user: ansible
           max_retries: 5
           retry_interval: 5
+    tasks:
+      - name: Import ClamAV tasks
+        import_tasks: "{{ ansible_dir }}/clamav/tasks/install-clamav.yml" 
\ No newline at end of file

security-monitoring-ansible/environments/vagrant-1manager-2agents/Vagrantfile

@@ -28,6 +28,10 @@ servers=[
 Vagrant.configure(2) do |config|
   servers.each do |machine|
       config.vm.define machine[:hostname] do |node|
+          # Can cause error: 
+          #   "You are trying to forward a host IP that does not exist. Please set `host_ip`
+          #   to the address of an existing IPv4 network interface, or remove the option
+          #   from your port forward configuration."
           if machine[:hostname] == "manager"
             node.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "192.168.33.10"
             node.vm.network "forwarded_port", guest: 443, host: 8443 , host_ip: "192.168.33.10"