Ossec conf generator does not correctly combine configuration for syscollector in integration test

[jmv74211]

A member of the core team told us that after applying the following custom configuration for syscollector in an integration test:

- tags:
  - TAG
  apply_to_modules:
  - test_general_configuration_enabled
  sections:
  - section: wodle
    attributes:
      - name: 'syscollector'
    elements:
      - disabled:
          value: yes

the resulting configuration appears to be as follows

  <wodle name="syscollector">
    <disabled>True</disabled>
  </wodle>

  <wodle name="syscollector">
    <disabled>no</disabled>
    <interval>1h</interval>
    <scan_on_start>yes</scan_on_start>
    <hardware>yes</hardware>
    <os>yes</os>
    <network>yes</network>
    <packages>yes</packages>
    <ports all="no">yes</ports>
    <processes>yes</processes>
  </wodle>   

When in fact it should be mixed and unified, giving preference to the configuration specified in the test.

It is requested to investigate this case and solve it.

Regards.

[jmv74211]

I have been investigating the configuration generator tool, and the main problem was the query that was made when comparing different sections.

So far everything has worked correctly because we have not configured wodle sections in the tests, since wazuh ossec.conf has different wodle sections but with different names in the attributes.

With the current implementation, the first wodle block of the ossec.conf configuration was being replaced, resulting in repeated blocks (since the first one that was the ciscat one was always eliminated).

I have added a new comparer that now also takes into account the attributes of the sections.