From bef955f8373ee87ed93b79bfde85f2c12f720dc4 Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Wed, 13 Oct 2021 15:02:06 -0300 Subject: [PATCH 1/9] 638-opendistro-documentation-from4.2 --- .../opendistro/opendistro-elasticsearch/tasks/Debian.yml | 1 + roles/opendistro/opendistro-elasticsearch/tasks/main.yml | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml index 41011ddc..a964ad8d 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -14,6 +14,7 @@ repo: "{{ package_repos.apt.openjdk.baseurl }}" state: present update_cache: yes + when: (ansible_facts['distribution'] == "Debian" and ansible_facts['distribution_major_version'] == "9") - name: Install openjdk-11-jdk apt: diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index bea869a9..7d7a6573 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -11,9 +11,18 @@ - import_tasks: Debian.yml when: ansible_os_family == 'Debian' + - name: Check if performance-analyzer is installed + become: true + command: ./elasticsearch-plugin list | grep 'opendistro-performance-analyzer' + register: elasticsearch_performance + args: + chdir: /usr/share/elasticsearch/bin/ + - name: Remove performance analyzer plugin from elasticsearch become: true command: ./elasticsearch-plugin remove opendistro-performance-analyzer + when: elasticsearch_performance == 'opendistro-performance-analyzer' + ignore_errors: true args: chdir: /usr/share/elasticsearch/bin/ From e1bc568a5504533ec5e8489b003d003cc7f56183 Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Thu, 14 Oct 2021 12:22:50 -0300 Subject: [PATCH 2/9] routine optimization --- roles/opendistro/opendistro-elasticsearch/tasks/main.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index 7d7a6573..4ceb8805 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -11,17 +11,10 @@ - import_tasks: Debian.yml when: ansible_os_family == 'Debian' - - name: Check if performance-analyzer is installed - become: true - command: ./elasticsearch-plugin list | grep 'opendistro-performance-analyzer' - register: elasticsearch_performance - args: - chdir: /usr/share/elasticsearch/bin/ - name: Remove performance analyzer plugin from elasticsearch become: true command: ./elasticsearch-plugin remove opendistro-performance-analyzer - when: elasticsearch_performance == 'opendistro-performance-analyzer' ignore_errors: true args: chdir: /usr/share/elasticsearch/bin/ From d656c1d82fa62c7efd8858e403609c59030e3b4d Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Thu, 14 Oct 2021 12:23:31 -0300 Subject: [PATCH 3/9] routine optimization --- roles/opendistro/opendistro-elasticsearch/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index 4ceb8805..98dd74ef 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -11,7 +11,6 @@ - import_tasks: Debian.yml when: ansible_os_family == 'Debian' - - name: Remove performance analyzer plugin from elasticsearch become: true command: ./elasticsearch-plugin remove opendistro-performance-analyzer From 3afe577d91083260e6d0188235d9d00aec9054d9 Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Thu, 14 Oct 2021 18:08:02 -0300 Subject: [PATCH 4/9] bump 4.2.4 --- CHANGELOG.md | 12 +++++++++--- README.md | 1 + VERSION | 4 ++-- molecule/default/tests/test_default.py | 2 +- .../distributed-wazuh-elk-xpack/group_vars/all.yml | 6 +++--- .../tests/test_default.py | 2 +- molecule/distributed-wazuh-elk/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-elk/tests/test_default.py | 2 +- molecule/distributed-wazuh-odfe/group_vars/all.yml | 6 +++--- .../distributed-wazuh-odfe/tests/test_default.py | 2 +- pyproject.toml | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +- roles/opendistro/opendistro-kibana/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++---- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- 17 files changed, 36 insertions(+), 29 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 94bea449..589aff29 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,23 +2,29 @@ All notable changes to this project will be documented in this file. +## [v4.2.4] + +### Added + +- Update to [Wazuh v4.2.4](https://github.com/wazuh/wazuh/blob/v4.2.4/CHANGELOG.md#v424) + ## [v4.2.3] ### Added -- Update to [Wazuh v4.2.3](https://github.com/wazuh/wazuh/blob/v4.2.3/CHANGELOG.md#v420) +- Update to [Wazuh v4.2.3](https://github.com/wazuh/wazuh/blob/v4.2.4/CHANGELOG.md#v423) ## [v4.2.2] ### Added -- Update to [Wazuh v4.2.2](https://github.com/wazuh/wazuh/blob/v4.2.2/CHANGELOG.md#v420) +- Update to [Wazuh v4.2.2](https://github.com/wazuh/wazuh/blob/v4.2.2/CHANGELOG.md#v422) ## [v4.2.1] ### Added -- Update to [Wazuh v4.2.1](https://github.com/wazuh/wazuh/blob/v4.2.1/CHANGELOG.md#v420) +- Update to [Wazuh v4.2.1](https://github.com/wazuh/wazuh/blob/v4.2.1/CHANGELOG.md#v421) ## [v4.2.0] diff --git a/README.md b/README.md index f7b569c8..aa343c07 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack. | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.2.4 | 7.10.2 | 1.13.2 | | v4.2.3 | 7.10.2 | 1.13.2 | | v4.2.2 | 7.10.2 | 1.13.2 | | v4.2.1 | 7.10.2 | 1.13.2 | diff --git a/VERSION b/VERSION index 87a80653..b9c424f0 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-ANSIBLE_VERSION="v4.2.3" -REVISION="40217" +WAZUH-ANSIBLE_VERSION="v4.2.4" +REVISION="40218" diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index 538bf706..9f884101 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.3" + return "4.2.4" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml index db745f46..b4fc99a4 100644 --- a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml @@ -18,11 +18,11 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.2.3-1 -wazuh_agent_version: 4.2.3-1 +wazuh_manager_version: 4.2.4-1 +wazuh_agent_version: 4.2.4-1 # Kibana role appends it automatically. -wazuh_version: 4.2.3 +wazuh_version: 4.2.4 ######################################################## diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py index 538bf706..9f884101 100644 --- a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py +++ b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.3" + return "4.2.4" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk/group_vars/all.yml b/molecule/distributed-wazuh-elk/group_vars/all.yml index 1faf7db3..f5156945 100644 --- a/molecule/distributed-wazuh-elk/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk/group_vars/all.yml @@ -16,8 +16,8 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.2.3-1 -wazuh_agent_version: 4.2.3-1 +wazuh_manager_version: 4.2.4-1 +wazuh_agent_version: 4.2.4-1 # Kibana role appends it automatically. -wazuh_version: 4.2.3 +wazuh_version: 4.2.4 diff --git a/molecule/distributed-wazuh-elk/tests/test_default.py b/molecule/distributed-wazuh-elk/tests/test_default.py index 538bf706..9f884101 100644 --- a/molecule/distributed-wazuh-elk/tests/test_default.py +++ b/molecule/distributed-wazuh-elk/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.3" + return "4.2.4" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml index 4baeb617..a79cf9cd 100644 --- a/molecule/distributed-wazuh-odfe/group_vars/all.yml +++ b/molecule/distributed-wazuh-odfe/group_vars/all.yml @@ -40,8 +40,8 @@ filebeat_version: 7.10.2 kibana_opendistro_version: 1.13.2-1 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.2.3-1 -wazuh_agent_version: 4.2.3-1 +wazuh_manager_version: 4.2.4-1 +wazuh_agent_version: 4.2.4-1 # Kibana role appends it automatically. -wazuh_version: 4.2.3 +wazuh_version: 4.2.4 diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py index 538bf706..9f884101 100644 --- a/molecule/distributed-wazuh-odfe/tests/test_default.py +++ b/molecule/distributed-wazuh-odfe/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.3" + return "4.2.4" def test_wazuh_packages_are_installed(host): diff --git a/pyproject.toml b/pyproject.toml index f4582b32..700cbb9e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "wazuh-ansible" -version = "4.2.3" +version = "4.2.4" description = "" authors = ["neonmei "] diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index bc4a635f..ba1e34bc 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -7,7 +7,7 @@ kibana_server_host: "0.0.0.0" kibana_server_port: "5601" kibana_conf_path: /etc/kibana elastic_stack_version: 7.10.2 -wazuh_version: 4.2.3 +wazuh_version: 4.2.4 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana elasticrepo: diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index a085720f..d580b0aa 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -10,7 +10,7 @@ kibana_server_port: "5601" kibana_server_name: "kibana" kibana_max_payload_bytes: 1048576 elastic_stack_version: 7.10.2 -wazuh_version: 4.2.3 +wazuh_version: 4.2.4 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana # The OpenDistro package repository diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 2682c034..e17bdc7a 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.2.3 +wazuh_template_branch: v4.2.4 filebeat_output_elasticsearch_hosts: - "localhost:9200" diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index c1b207a5..828f77c2 100644 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.2.3 +wazuh_template_branch: v4.2.4 filebeat_create_config: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 3f2fea6b..afa2c176 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.2.3-1 +wazuh_agent_version: 4.2.4-1 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.2.3" + branch: "v4.2.4" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -55,8 +55,8 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.2.3-1.msi -wazuh_winagent_package_name: wazuh-agent-4.2.3-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.2.4-1.msi +wazuh_winagent_package_name: wazuh-agent-4.2.4-1.msi wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index cd26b46f..d6fa9b7f 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.2.3-1 +wazuh_manager_version: 4.2.4-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.2.3" + branch: "v4.2.4" user_language: "en" user_no_stop: "y" user_install_type: "server" From 1a2199779c4cf4b58c52d78dff7b9175506e0f0b Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Thu, 14 Oct 2021 21:26:34 -0300 Subject: [PATCH 5/9] fix Debian apt-get update --- roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml index a964ad8d..2915a6fe 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -9,6 +9,10 @@ # ] # state: present +- name: Update cache + apt: + update_cache: yes + - name: Add openjdk repository apt_repository: repo: "{{ package_repos.apt.openjdk.baseurl }}" From 37b57b80883ee48e2713a2d5380048b1b8e5e495 Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Fri, 15 Oct 2021 13:42:03 -0300 Subject: [PATCH 6/9] fix url and task --- CHANGELOG.md | 2 +- roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 589aff29..e0e44caa 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,7 +12,7 @@ All notable changes to this project will be documented in this file. ### Added -- Update to [Wazuh v4.2.3](https://github.com/wazuh/wazuh/blob/v4.2.4/CHANGELOG.md#v423) +- Update to [Wazuh v4.2.3](https://github.com/wazuh/wazuh/blob/v4.2.3/CHANGELOG.md#v423) ## [v4.2.2] diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml index 2915a6fe..a964ad8d 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -9,10 +9,6 @@ # ] # state: present -- name: Update cache - apt: - update_cache: yes - - name: Add openjdk repository apt_repository: repo: "{{ package_repos.apt.openjdk.baseurl }}" From af696588217d930b296c5bfa01011e39749cce8d Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Tue, 19 Oct 2021 12:13:20 -0300 Subject: [PATCH 7/9] fix Opendistro task for Debian --- .../opendistro-elasticsearch/tasks/Debian.yml | 37 +++++++++++++------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml index a964ad8d..5b490844 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -1,20 +1,32 @@ --- -#- name: Install OpenDistro dependencies -# apt: -# name: [ -# 'unzip', 'wget', 'curl', -# 'apt-transport-https', software-properties-common -# ] -# state: present - -- name: Add openjdk repository - apt_repository: - repo: "{{ package_repos.apt.openjdk.baseurl }}" - state: present +- name: Update cache + apt: update_cache: yes + +- name: Debian 9 (Stretch) when: (ansible_facts['distribution'] == "Debian" and ansible_facts['distribution_major_version'] == "9") + block: + + - name: Install OpenDistro dependencies + apt: + name: [ + 'unzip', 'wget', 'curl', 'apt-transport-https', software-properties-common + ] + state: present + + - name: Add the repository key for Debian's Stretch Backports repository + ansible.builtin.apt_key: + keyserver: keyserver.ubuntu.com + id: 648ACFD622F3D138 + + - name: Add openjdk repository + apt_repository: + repo: "{{ package_repos.apt.openjdk.baseurl }}" + state: present + update_cache: yes + filename: 'wazuh-openjdk' - name: Install openjdk-11-jdk apt: @@ -34,6 +46,7 @@ apt_repository: repo: "{{ package_repos.apt.opendistro.baseurl }}" state: present + filename: 'wazuh-opendistro' update_cache: yes - name: Install OpenDistro From 4fa9a2de01922aa0255f0d9de45428bd52bf6e19 Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Tue, 19 Oct 2021 12:14:50 -0300 Subject: [PATCH 8/9] fix improve error handling in task --- roles/opendistro/opendistro-elasticsearch/tasks/main.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index 98dd74ef..463b78e6 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -14,9 +14,13 @@ - name: Remove performance analyzer plugin from elasticsearch become: true command: ./elasticsearch-plugin remove opendistro-performance-analyzer - ignore_errors: true args: chdir: /usr/share/elasticsearch/bin/ + register: remove_elasticsearch_performance_analyzer + failed_when: + - remove_elasticsearch_performance_analyzer.rc != 0 + - '"not found" not in remove_elasticsearch_performance_analyzer.stderr' + changed_when: "remove_elasticsearch_performance_analyzer.rc == 0" - name: Remove elasticsearch configuration file file: From d9f894fd09aefff8473606799d18b9acd477935c Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Tue, 19 Oct 2021 16:23:39 -0300 Subject: [PATCH 9/9] fix version --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index b9c424f0..b724c24a 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4.2.4" -REVISION="40218" +REVISION="40219"