Join GitHub today
Store CIS-CAT results into Wazuh DB #568
It has been added a new table into agent databases to store the CIS-CAT summary information of each scan.
An example of the stored data:
I think CIS-CAT should not be a plugin decoder: it won't have a definition in the XML decoders. CIS-CAT should behave like Syscollector: reserve a message queue type like
CISCAT_MQ='e' in headers/mq_op.c and switch the proper decoder in analysisd.c, just like Syscollector.