Provides the WazuhInternalSyscheckConfiguration which allows to parse the
syscheck section of the Wazuh internal configuration.
- class WazuhInternalSyscheckConfiguration(**kwargs)#
Bases:
objectObject representation of the wazuh agent’s internal option syscheck section.
Wazuh reference: https://documentation.wazuh.com/current/user-manual/reference/internal-options.html#syscheck
- debug: int | None#
The debug log level configuration of the wazuh agent.
0: No debug output
1: Standard debug output
2: Verbose debug output
- default_max_depth: int | None#
Maximum level of recursion allowed while reading directories.
- file_max_size: int | None#
Maximum file size for calculating integrity hashes (in mebibytes).
- max_audit_entries: int | None#
Maximum number of directories monitored for who-data on Linux.
- max_fd_win_rt: int | None#
Maximum numbers of directories can be configured in ossec.conf for Windows in realtime and whodata mode.
- rt_delay: int | None#
Time in milliseconds for delay between alerts in real-time.
- symlink_scan_interval: int | None#
Check interval of the symbolic links configured in the directories section.