afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed conflicts.

Browse Source
This commit is contained in:
jm404 2019-04-29 17:42:48 +02:00
commit 2716f2c7bf
62 changed files with 951 additions and 449 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.travis.yml
View File

@ -5,3 +5,4 @@ before_script:
- pipenv install --dev --system
script:
- pipenv run test
- pipenv run agent

1
Pipfile
View File

@ -15,3 +15,4 @@ python_version = "2.7"
[scripts]
test ="molecule test"
agent ="molecule test -s wazuh-agent"

366
Pipfile.lock generated
View File

@ -18,16 +18,17 @@
"default": {
"ansible": {
"hashes": [
"sha256:040cc936f959b947800ffaa5f940d2508aaa41f899efe56b47a7442c89689150"
"sha256:84a42d1e371c4222c82e575cb6961fafd3afe920d84e4b6d87affabe400be294"
],
"index": "pypi",
"version": "==2.7.7"
"version": "==2.7.10"
},
"ansible-lint": {
"hashes": [
"sha256:7686dad54aab9281562a5788415af1488b9af8a5acc99c042ecb9959b6ab7a57"
"sha256:9430ea6e654ba4bf5b9c6921efc040f46cda9c4fd2896a99ff71d21037bcb123",
"sha256:c1b442b01091eca13ef11d98c3376e9489ba5b69a8467828ca86044f384bc0a1"
],
"version": "==3.4.23"
"version": "==4.1.0"
},
"anyconfig": {
"hashes": [
@ -37,9 +38,10 @@
},
"arrow": {
"hashes": [
"sha256:9cb4a910256ed536751cd5728673bfb53e6f0026e240466f90c2a92c0b79c895"
"sha256:3397e5448952e18e1295bf047014659effa5ae8da6a5371d37ff0ddc46fa6872",
"sha256:6f54d9f016c0b7811fac9fb8c2c7fa7421d80c54dbdd75ffb12913c55db60b8a"
],
"version": "==0.13.0"
"version": "==0.13.1"
},
"asn1crypto": {
"hashes": [
@ -57,16 +59,17 @@
},
"attrs": {
"hashes": [
"sha256:10cbf6e27dbce8c30807caf056c8eb50917e0eaafe86347671b57254006c3e69",
"sha256:ca4be454458f9dec299268d472aaa5a11f67a4ff70093396e1ceae9c76cf4bbb"
"sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79",
"sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399"
],
"version": "==18.2.0"
"version": "==19.1.0"
},
"backports.functools-lru-cache": {
"hashes": [
"sha256:9d98697f088eb1b0fa451391f91afb5e3ebde16bbdb272819fd091151fda4f1a",
"sha256:f0b0e4eba956de51238e17573b7087e852dfe9854afd2e9c873f73fc0ca0a6dd"
],
"markers": "python_version == '2.7'",
"version": "==1.5"
},
"backports.ssl-match-hostname": {
@ -115,47 +118,43 @@
},
"certifi": {
"hashes": [
"sha256:47f9c83ef4c0c621eaef743f133f09fa8a74a9b75f037e8624f83bd1b6626cb7",
"sha256:993f830721089fef441cdfeb4b2c8c9df86f0c63239f06bd025a76a7daddb033"
"sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5",
"sha256:b26104d6835d1f5e49452a26eb2ff87fe7090b89dfcaee5ea2212697e1e1d7ae"
],
"version": "==2018.11.29"
"version": "==2019.3.9"
},
"cffi": {
"hashes": [
"sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743",
"sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef",
"sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50",
"sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f",
"sha256:3bb6bd7266598f318063e584378b8e27c67de998a43362e8fce664c54ee52d30",
"sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93",
"sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257",
"sha256:495c5c2d43bf6cebe0178eb3e88f9c4aa48d8934aa6e3cddb865c058da76756b",
"sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3",
"sha256:57b2533356cb2d8fac1555815929f7f5f14d68ac77b085d2326b571310f34f6e",
"sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc",
"sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04",
"sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6",
"sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359",
"sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596",
"sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b",
"sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd",
"sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95",
"sha256:a6a5cb8809091ec9ac03edde9304b3ad82ad4466333432b16d78ef40e0cce0d5",
"sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e",
"sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6",
"sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca",
"sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31",
"sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1",
"sha256:ca1bd81f40adc59011f58159e4aa6445fc585a32bb8ac9badf7a2c1aa23822f2",
"sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085",
"sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801",
"sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4",
"sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184",
"sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917",
"sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f",
"sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb"
"sha256:00b97afa72c233495560a0793cdc86c2571721b4271c0667addc83c417f3d90f",
"sha256:0ba1b0c90f2124459f6966a10c03794082a2f3985cd699d7d63c4a8dae113e11",
"sha256:0bffb69da295a4fc3349f2ec7cbe16b8ba057b0a593a92cbe8396e535244ee9d",
"sha256:21469a2b1082088d11ccd79dd84157ba42d940064abbfa59cf5f024c19cf4891",
"sha256:2e4812f7fa984bf1ab253a40f1f4391b604f7fc424a3e21f7de542a7f8f7aedf",
"sha256:2eac2cdd07b9049dd4e68449b90d3ef1adc7c759463af5beb53a84f1db62e36c",
"sha256:2f9089979d7456c74d21303c7851f158833d48fb265876923edcb2d0194104ed",
"sha256:3dd13feff00bddb0bd2d650cdb7338f815c1789a91a6f68fdc00e5c5ed40329b",
"sha256:4065c32b52f4b142f417af6f33a5024edc1336aa845b9d5a8d86071f6fcaac5a",
"sha256:51a4ba1256e9003a3acf508e3b4f4661bebd015b8180cc31849da222426ef585",
"sha256:59888faac06403767c0cf8cfb3f4a777b2939b1fbd9f729299b5384f097f05ea",
"sha256:59c87886640574d8b14910840327f5cd15954e26ed0bbd4e7cef95fa5aef218f",
"sha256:610fc7d6db6c56a244c2701575f6851461753c60f73f2de89c79bbf1cc807f33",
"sha256:70aeadeecb281ea901bf4230c6222af0248c41044d6f57401a614ea59d96d145",
"sha256:71e1296d5e66c59cd2c0f2d72dc476d42afe02aeddc833d8e05630a0551dad7a",
"sha256:8fc7a49b440ea752cfdf1d51a586fd08d395ff7a5d555dc69e84b1939f7ddee3",
"sha256:9b5c2afd2d6e3771d516045a6cfa11a8da9a60e3d128746a7fe9ab36dfe7221f",
"sha256:9c759051ebcb244d9d55ee791259ddd158188d15adee3c152502d3b69005e6bd",
"sha256:b4d1011fec5ec12aa7cc10c05a2f2f12dfa0adfe958e56ae38dc140614035804",
"sha256:b4f1d6332339ecc61275bebd1f7b674098a66fea11a00c84d1c58851e618dc0d",
"sha256:c030cda3dc8e62b814831faa4eb93dd9a46498af8cd1d5c178c2de856972fd92",
"sha256:c2e1f2012e56d61390c0e668c20c4fb0ae667c44d6f6a2eeea5d7148dcd3df9f",
"sha256:c37c77d6562074452120fc6c02ad86ec928f5710fbc435a181d69334b4de1d84",
"sha256:c8149780c60f8fd02752d0429246088c6c04e234b895c4a42e1ea9b4de8d27fb",
"sha256:cbeeef1dc3c4299bd746b774f019de9e4672f7cc666c777cd5b409f0b746dac7",
"sha256:e113878a446c6228669144ae8a56e268c91b7f1fafae927adc4879d9849e0ea7",
"sha256:e21162bf941b85c0cda08224dade5def9360f53b09f9f259adb85fc7dd0e7b35",
"sha256:fb6934ef4744becbda3143d30c6604718871495a5e36c408431bf33d9c146889"
],
"version": "==1.11.5"
"version": "==1.12.2"
},
"chardet": {
"hashes": [
@ -186,12 +185,11 @@
},
"configparser": {
"hashes": [
"sha256:5bd5fa2a491dc3cfe920a3f2a107510d65eceae10e9c6e547b90261a4710df32",
"sha256:c114ff90ee2e762db972fa205f02491b1f5cf3ff950decd8542c62970c9bedac",
"sha256:df28e045fbff307a28795b18df6ac8662be3219435560ddb068c283afab1ea7a"
"sha256:8be81d89d6e7b4c0d4e44bcc525845f6da25821de80cb5e06e7e0238a2899e32",
"sha256:da60d0014fd8c55eb48c1c5354352e363e2d30bbf7057e5e171a468390184c75"
],
"markers": "python_version < '3.2'",
"version": "==3.7.1"
"version": "==3.7.4"
},
"cookiecutter": {
"hashes": [
@ -202,27 +200,27 @@
},
"cryptography": {
"hashes": [
"sha256:05b3ded5e88747d28ee3ef493f2b92cbb947c1e45cf98cfef22e6d38bb67d4af",
"sha256:06826e7f72d1770e186e9c90e76b4f84d90cdb917b47ff88d8dc59a7b10e2b1e",
"sha256:08b753df3672b7066e74376f42ce8fc4683e4fd1358d34c80f502e939ee944d2",
"sha256:2cd29bd1911782baaee890544c653bb03ec7d95ebeb144d714b0f5c33deb55c7",
"sha256:31e5637e9036d966824edaa91bf0aa39dc6f525a1c599f39fd5c50340264e079",
"sha256:42fad67d7072216a49e34f923d8cbda9edacbf6633b19a79655e88a1b4857063",
"sha256:4946b67235b9d2ea7d31307be9d5ad5959d6c4a8f98f900157b47abddf698401",
"sha256:522fdb2809603ee97a4d0ef2f8d617bc791eb483313ba307cb9c0a773e5e5695",
"sha256:6f841c7272645dd7c65b07b7108adfa8af0aaea57f27b7f59e01d41f75444c85",
"sha256:7d335e35306af5b9bc0560ca39f740dfc8def72749645e193dd35be11fb323b3",
"sha256:8504661ffe324837f5c4607347eeee4cf0fcad689163c6e9c8d3b18cf1f4a4ad",
"sha256:9260b201ce584d7825d900c88700aa0bd6b40d4ebac7b213857bd2babee9dbca",
"sha256:9a30384cc402eac099210ab9b8801b2ae21e591831253883decdb4513b77a3cd",
"sha256:9e29af877c29338f0cab5f049ccc8bd3ead289a557f144376c4fbc7d1b98914f",
"sha256:ab50da871bc109b2d9389259aac269dd1b7c7413ee02d06fe4e486ed26882159",
"sha256:b13c80b877e73bcb6f012813c6f4a9334fcf4b0e96681c5a15dac578f2eedfa0",
"sha256:bfe66b577a7118e05b04141f0f1ed0959552d45672aa7ecb3d91e319d846001e",
"sha256:e091bd424567efa4b9d94287a952597c05d22155a13716bf5f9f746b9dc906d3",
"sha256:fa2b38c8519c5a3aa6e2b4e1cf1a549b54acda6adb25397ff542068e73d1ed00"
"sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1",
"sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705",
"sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6",
"sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1",
"sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8",
"sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151",
"sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d",
"sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659",
"sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537",
"sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e",
"sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb",
"sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c",
"sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9",
"sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5",
"sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad",
"sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a",
"sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460",
"sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd",
"sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6"
],
"version": "==2.5"
"version": "==2.6.1"
},
"docker-py": {
"hashes": [
@ -239,6 +237,13 @@
],
"version": "==0.4.0"
},
"entrypoints": {
"hashes": [
"sha256:589f874b313739ad35be6e0cd7efde2a4e9b6fea91edcc34e58ecbb8dbe56d19",
"sha256:c70dd71abe5a8c85e55e12c19bd91ccfeec11a6e99044204511f9ed547d48451"
],
"version": "==0.3"
},
"enum34": {
"hashes": [
"sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850",
@ -258,10 +263,10 @@
},
"flake8": {
"hashes": [
"sha256:7253265f7abd8b313e3892944044a365e3f4ac3fcdcfb4298f55ee9ddf188ba0",
"sha256:c7841163e2b576d435799169b78703ad6ac1bbb0f199994fc05f700b2a90ea37"
"sha256:859996073f341f2670741b51ec1e67a01da142831aa1fdc6242dbf88dffbe661",
"sha256:a796a115208f5c03b18f332f7c11729812c8c3ded6c46319c59b53efd3819da8"
],
"version": "==3.5.0"
"version": "==3.7.7"
},
"funcsigs": {
"hashes": [
@ -271,6 +276,14 @@
"markers": "python_version < '3.0'",
"version": "==1.0.2"
},
"functools32": {
"hashes": [
"sha256:89d824aa6c358c421a234d7f9ee0bd75933a67c29588ce50aaa3acdf4d403fa0",
"sha256:f6253dfbe0538ad2e387bd8fdfd9293c925d63553f5813c4e587745416501e6d"
],
"markers": "python_version < '3.2'",
"version": "==3.2.3.post2"
},
"future": {
"hashes": [
"sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8"
@ -279,25 +292,25 @@
},
"git-url-parse": {
"hashes": [
"sha256:0ae889a7fd7718c6409c3da5c8166efc2e41ea135c9667f2d762e76f39fc84bc",
"sha256:5817358173e9c41200da5750ca5cf9d1d3283d93d804f7e55613c1277e188060",
"sha256:8ed5a1ed3b19f9536a2f341882226beda359bc91f8b1ce3459ab9026afb637df"
"sha256:4655ee22f1d8bf7a1eb1066c1da16529b186966c6d8331f7f55686a76a9f7aef",
"sha256:7b5f4e3aeb1d693afeee67a3bd4ac063f7206c2e8e46e559f0da0da98445f117",
"sha256:9353ff40d69488ff2299b27f40e0350ad87bd5348ea6ea09a1895eda9e5733de"
],
"version": "==1.2.0"
"version": "==1.2.2"
},
"idna": {
"hashes": [
"sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407",
"sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c"
"sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e",
"sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16"
],
"version": "==2.8"
"version": "==2.7"
},
"ipaddress": {
"hashes": [
"sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794",
"sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c"
],
"markers": "python_version < '3.3'",
"markers": "python_version < '3'",
"version": "==1.0.22"
},
"jinja2": {
@ -316,36 +329,36 @@
},
"markupsafe": {
"hashes": [
"sha256:048ef924c1623740e70204aa7143ec592504045ae4429b59c30054cb31e3c432",
"sha256:130f844e7f5bdd8e9f3f42e7102ef1d49b2e6fdf0d7526df3f87281a532d8c8b",
"sha256:19f637c2ac5ae9da8bfd98cef74d64b7e1bb8a63038a3505cd182c3fac5eb4d9",
"sha256:1b8a7a87ad1b92bd887568ce54b23565f3fd7018c4180136e1cf412b405a47af",
"sha256:1c25694ca680b6919de53a4bb3bdd0602beafc63ff001fea2f2fc16ec3a11834",
"sha256:1f19ef5d3908110e1e891deefb5586aae1b49a7440db952454b4e281b41620cd",
"sha256:1fa6058938190ebe8290e5cae6c351e14e7bb44505c4a7624555ce57fbbeba0d",
"sha256:31cbb1359e8c25f9f48e156e59e2eaad51cd5242c05ed18a8de6dbe85184e4b7",
"sha256:3e835d8841ae7863f64e40e19477f7eb398674da6a47f09871673742531e6f4b",
"sha256:4e97332c9ce444b0c2c38dd22ddc61c743eb208d916e4265a2a3b575bdccb1d3",
"sha256:525396ee324ee2da82919f2ee9c9e73b012f23e7640131dd1b53a90206a0f09c",
"sha256:52b07fbc32032c21ad4ab060fec137b76eb804c4b9a1c7c7dc562549306afad2",
"sha256:52ccb45e77a1085ec5461cde794e1aa037df79f473cbc69b974e73940655c8d7",
"sha256:5c3fbebd7de20ce93103cb3183b47671f2885307df4a17a0ad56a1dd51273d36",
"sha256:5e5851969aea17660e55f6a3be00037a25b96a9b44d2083651812c99d53b14d1",
"sha256:5edfa27b2d3eefa2210fb2f5d539fbed81722b49f083b2c6566455eb7422fd7e",
"sha256:7d263e5770efddf465a9e31b78362d84d015cc894ca2c131901a4445eaa61ee1",
"sha256:83381342bfc22b3c8c06f2dd93a505413888694302de25add756254beee8449c",
"sha256:857eebb2c1dc60e4219ec8e98dfa19553dae33608237e107db9c6078b1167856",
"sha256:98e439297f78fca3a6169fd330fbe88d78b3bb72f967ad9961bcac0d7fdd1550",
"sha256:bf54103892a83c64db58125b3f2a43df6d2cb2d28889f14c78519394feb41492",
"sha256:d9ac82be533394d341b41d78aca7ed0e0f4ba5a2231602e2f05aa87f25c51672",
"sha256:e982fe07ede9fada6ff6705af70514a52beb1b2c3d25d4e873e82114cf3c5401",
"sha256:edce2ea7f3dfc981c4ddc97add8a61381d9642dc3273737e756517cc03e84dd6",
"sha256:efdc45ef1afc238db84cb4963aa689c0408912a0239b0721cb172b4016eb31d6",
"sha256:f137c02498f8b935892d5c0172560d7ab54bc45039de8805075e19079c639a9c",
"sha256:f82e347a72f955b7017a39708a3667f106e6ad4d10b25f237396a7115d8ed5fd",
"sha256:fb7c206e01ad85ce57feeaaa0bf784b97fa3cad0d4a5737bc5295785f5c613a1"
"sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473",
"sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161",
"sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235",
"sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5",
"sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff",
"sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b",
"sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1",
"sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e",
"sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183",
"sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66",
"sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1",
"sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1",
"sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e",
"sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b",
"sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905",
"sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735",
"sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d",
"sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e",
"sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d",
"sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c",
"sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21",
"sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2",
"sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5",
"sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b",
"sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6",
"sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f",
"sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f",
"sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7"
],
"version": "==1.1.0"
"version": "==1.1.1"
},
"mccabe": {
"hashes": [
@ -356,12 +369,11 @@
},
"molecule": {
"hashes": [
"sha256:23b1b30b37998f0eb747dc06a602df59157fe78d3f6a9882dea9271d8d37cdee",
"sha256:59734fa4487e1d4b9be6f5a3c1192ac76445670bc44ee172f23ac122d90412e3",
"sha256:9be671194019476dae73970ff92946595e7a2b7cc9c10afb0395a020b9f0fcde"
"sha256:0e9ef6845cdf2a01f6c386445e4e54add3f515a033ee16b7b658e6122c8f0d76",
"sha256:621797c54299775f284bbb010d5bb9be485500eecaaa14a476cbc0df285d0da7"
],
"index": "pypi",
"version": "==2.19.0"
"version": "==2.20.1"
},
"monotonic": {
"hashes": [
@ -376,6 +388,7 @@
"sha256:c0a5785b1109a6bd7fac76d6837fd1feca158e54e521ccd2ae8bfe393cc9d4fc",
"sha256:fe7a7cae1ccb57d33952113ff4fa1bc5f879963600ed74918f1236e212ee50b9"
],
"markers": "python_version <= '2.7'",
"version": "==5.0.0"
},
"paramiko": {
@ -401,10 +414,10 @@
},
"pbr": {
"hashes": [
"sha256:4f2b11d95917af76e936811be8361b2b19616e5ef3b55956a429ec7864378e0c",
"sha256:e0f23b61ec42473723b2fec2f33fb12558ff221ee551962f01dd4de9053c2055"
"sha256:f59d71442f9ece3dffc17bc36575768e1ee9967756e6b6535f0ee1f0054c3d68",
"sha256:f6d5b23f226a2ba58e14e49aa3b1bfaf814d0199144b95d78458212444de1387"
],
"version": "==4.1.0"
"version": "==5.1.1"
},
"pexpect": {
"hashes": [
@ -415,10 +428,10 @@
},
"pluggy": {
"hashes": [
"sha256:8ddc32f03971bfdf900a81961a48ccf2fb677cf7715108f85295c67405798616",
"sha256:980710797ff6a041e9a73a5787804f848996ecaa6f8a1b1e08224a5894f2074a"
"sha256:19ecf9ce9db2fce065a7a0586e07cfb4ac8614fe96edf628a264b1c70116cf8f",
"sha256:84d306a647cc805219916e62aab89caa97a33a1dd8c342e87a37f91073cd4746"
],
"version": "==0.8.1"
"version": "==0.9.0"
},
"poyo": {
"hashes": [
@ -441,7 +454,6 @@
"sha256:a9b85b335b40a528a8e2a6b549592138de8429c6296e7361892958956e6a73cf",
"sha256:dc85fad15ef98103ecc047a0d81b55bbf5fe1b03313b96e883acc2e2fa87ed5c"
],
"markers": "sys_platform != 'win32' and sys_platform != 'cygwin'",
"version": "==5.4.6"
},
"ptyprocess": {
@ -453,10 +465,10 @@
},
"py": {
"hashes": [
"sha256:bf92637198836372b520efcba9e020c330123be8ce527e535d185ed4b6f45694",
"sha256:e76826342cefe3c3d5f7e8ee4316b80d1dd8a300781612ddbc765c17ba25a6c6"
"sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa",
"sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53"
],
"version": "==1.7.0"
"version": "==1.8.0"
},
"pyasn1": {
"hashes": [
@ -467,10 +479,10 @@
},
"pycodestyle": {
"hashes": [
"sha256:682256a5b318149ca0d2a9185d365d8864a768a28db66a84a2ea946bcc426766",
"sha256:6c4245ade1edfad79c3446fadfc96b0de2759662dc29d07d80a6f27ad1ca6ba9"
"sha256:95a2219d12372f05704562a14ec30bc76b05a5b297b21a5dfe3f6fac3491ae56",
"sha256:e40a936c9a450ad81df37f549d676d127b1b66000a6c500caa2b085bc0ca976c"
],
"version": "==2.3.1"
"version": "==2.5.0"
},
"pycparser": {
"hashes": [
@ -480,10 +492,10 @@
},
"pyflakes": {
"hashes": [
"sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f",
"sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805"
"sha256:17dbeb2e3f4d772725c777fabc446d5634d1038f234e77343108ce445ea69ce0",
"sha256:d976835886f8c5b31d47970ed689944a0262b5f3afa00a5a7b4dc81e5449f8a2"
],
"version": "==1.6.0"
"version": "==2.1.1"
},
"pynacl": {
"hashes": [
@ -511,10 +523,10 @@
},
"pytest": {
"hashes": [
"sha256:65aeaa77ae87c7fc95de56285282546cfa9c886dc8e5dc78313db1c25e21bc07",
"sha256:6ac6d467d9f053e95aaacd79f831dbecfe730f419c6c7022cb316b365cd9199d"
"sha256:3773f4c235918987d51daf1db66d51c99fac654c81d6f2f709a046ab446d5e5d",
"sha256:b7802283b70ca24d7119b32915efa7c409982f59913c1a6c0640aacf118b95f5"
],
"version": "==4.2.0"
"version": "==4.4.1"
},
"python-dateutil": {
"hashes": [
@ -554,22 +566,61 @@
],
"version": "==2.21.0"
},
"ruamel.ordereddict": {
"hashes": [
"sha256:08b4b19fe518d32251a5338e039c4dc9eb0876f2919f94c9b8d2f9446ea80806",
"sha256:150ce8e6c514a2a2b62753622a75874962561f8e5eeec81a3172ab952807bf0b",
"sha256:45541836cbfdde630033cae7bbbe35acbac87a0ceec79f944b7a3bedd940fe78",
"sha256:854dd4a524811b16111b1107d8a751e4ca064d2bb103d3d91deab75de36b6620",
"sha256:aee2fa23e884249b4284b728888c553d551e5bfd4de2731f10153fd7813ec55f",
"sha256:bf0a198c8ce5d973c24e5dba12d3abc254996788ca6ad8448eabc6aa710db149"
],
"markers": "platform_python_implementation == 'CPython' and python_version <= '2.7'",
"version": "==0.4.13"
},
"ruamel.yaml": {
"hashes": [
"sha256:09ed5b07bfd09592dd265dc0f645b3e96e6c69de59ac1cd5b6dbcb8a243a28ee",
"sha256:10c194ef72f7419dd2fde7b35746c1e4bdaf80911e07c33eff3aedc1a89d574a",
"sha256:10e49c1b9ba35a9682fb3afffe52c2a1383e442bf05938dd87d30db252ce2e0b",
"sha256:1ca24a5ce2d2e61e6c504cbbbb24ece78127c79af87e8fe3175bb58c048f986d",
"sha256:272ade6dd5c27fdf2b917a497ee2bad1b11f41ad6f3f646a16a21b3ad78c2626",
"sha256:4be750a41289528e446d075b048e8cd06ea6a6779c2ef77f7b87ad3c567117d7",
"sha256:4d5c331e8a0e4423535e9dfecc6ea8f0ec4360b524b103f46432021cb9698d2e",
"sha256:69af34d4034659774e45d9f077e6f930d2c41c38ac721d5e7cb88b7629be446d",
"sha256:70229ffbd67a5171fc6aef24c32caa65042834bf6e8d0b3116d4046920a20be9",
"sha256:70a88e6ae131789e2fbe3816450a10c057b21ae93c875f717435fe2cea5fdcf3",
"sha256:89609fd5696cc82265877cdde3505242ebd2b262fb87a86e46d370fad5ff4111",
"sha256:92ff5ed79f5a98e3a57c741d238afa2846f2cae87d6385eebb93d0dcd6caf5b4",
"sha256:9f1323e7f6d25c8fba5fee5809a22f31805976978c7316a7d08ecdda0c22d6f0",
"sha256:af76d3350062124d8488b31c8dff9664a6a4934a71efb8af35d5c346632a765c",
"sha256:bf6931ac24676189ce061485a42e4ad36d158672dfde2bf7ba953b0edc8ee40b",
"sha256:c6d05e38a141922eca7902135e7a40b605763d6da8ec6624517370631ce9fb6d",
"sha256:dc4237c27602ceb8ff060e0172da2f6a7e759008dba592f58b8fae0003cf0a57",
"sha256:dfa4948d1a2ea577e53f05e9de7396db7cddba286f2827e7177d249fc7303681",
"sha256:e287e894dde92fc8555ad767e240d3e604a9e25afc02eeee35e21f0d25e152b8",
"sha256:e56b6f687a5361bcdab3dbc776cbdeff623a976760afeadc725129e53cf13092",
"sha256:ecaf924ab269c8ea4006792710d93ff5d900f99a81fb74a8040b0eeff3571baf",
"sha256:f624dd645ed2f342015a8b9149691feaac532f26b77fd206df2d724ebf82bd14"
],
"version": "==0.15.92"
},
"scandir": {
"hashes": [
"sha256:04b8adb105f2ed313a7c2ef0f1cf7aff4871aa7a1883fa4d8c44b5551ab052d6",
"sha256:1444134990356c81d12f30e4b311379acfbbcd03e0bab591de2696a3b126d58e",
"sha256:1b5c314e39f596875e5a95dd81af03730b338c277c54a454226978d5ba95dbb6",
"sha256:346619f72eb0ddc4cf355ceffd225fa52506c92a2ff05318cfabd02a144e7c4e",
"sha256:44975e209c4827fc18a3486f257154d34ec6eaec0f90fef0cca1caa482db7064",
"sha256:61859fd7e40b8c71e609c202db5b0c1dbec0d5c7f1449dec2245575bdc866792",
"sha256:a5e232a0bf188362fa00123cc0bb842d363a292de7126126df5527b6a369586a",
"sha256:c14701409f311e7a9b7ec8e337f0815baf7ac95776cc78b419a1e6d49889a383",
"sha256:c7708f29d843fc2764310732e41f0ce27feadde453261859ec0fca7865dfc41b",
"sha256:c9009c527929f6e25604aec39b0a43c3f831d2947d89d6caaab22f057b7055c8",
"sha256:f5c71e29b4e2af7ccdc03a020c626ede51da471173b4a6ad1e904f2b2e04b4bd"
"sha256:2586c94e907d99617887daed6c1d102b5ca28f1085f90446554abf1faf73123e",
"sha256:2ae41f43797ca0c11591c0c35f2f5875fa99f8797cb1a1fd440497ec0ae4b022",
"sha256:2b8e3888b11abb2217a32af0766bc06b65cc4a928d8727828ee68af5a967fa6f",
"sha256:2c712840c2e2ee8dfaf36034080108d30060d759c7b73a01a52251cc8989f11f",
"sha256:4d4631f6062e658e9007ab3149a9b914f3548cb38bfb021c64f39a025ce578ae",
"sha256:67f15b6f83e6507fdc6fca22fedf6ef8b334b399ca27c6b568cbfaa82a364173",
"sha256:7d2d7a06a252764061a020407b997dd036f7bd6a175a5ba2b345f0a357f0b3f4",
"sha256:8c5922863e44ffc00c5c693190648daa6d15e7c1207ed02d6f46a8dcc2869d32",
"sha256:92c85ac42f41ffdc35b6da57ed991575bdbe69db895507af88b9f499b701c188",
"sha256:b24086f2375c4a094a6b51e78b4cf7ca16c721dcee2eddd7aa6494b42d6d519d",
"sha256:cb925555f43060a1745d0a321cca94bcea927c50114b623d73179189a4e100ac"
],
"markers": "python_version < '3.5'",
"version": "==1.9.0"
"version": "==1.10.0"
},
"sh": {
"hashes": [
@ -593,10 +644,10 @@
},
"testinfra": {
"hashes": [
"sha256:499ba7201d1a0f418fa0318bf2ae28142893c4f9d49ab24af21441fdb529292f",
"sha256:da1d0d1ffd68935b950b7b83833d863436ea75398a5cbdc0d0ab9e61132e2088"
"sha256:8dbbf25039674d419598f576c5652947cebdf7cbbea8f23acacc80271009c6cb",
"sha256:d13dda899d5a051465f041a821363e2ebdd079391fbeae04089a2df7d35e3d54"
],
"version": "==1.16.0"
"version": "==1.19.0"
},
"tree-format": {
"hashes": [
@ -605,6 +656,15 @@
],
"version": "==0.1.2"
},
"typing": {
"hashes": [
"sha256:4027c5f6127a6267a435201981ba156de91ad0d1d98e9ddc2aa173453453492d",
"sha256:57dcf675a99b74d64dacf6fba08fb17cf7e3d5fdff53d4a30ea2a5e7e52543d4",
"sha256:a4c8473ce11a65999c8f59cb093e70686b6c84c98df58c1dae9b3b196089858a"
],
"markers": "python_version < '3.5'",
"version": "==3.6.6"
},
"urllib3": {
"hashes": [
"sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39",
@ -614,10 +674,10 @@
},
"websocket-client": {
"hashes": [
"sha256:8c8bf2d4f800c3ed952df206b18c28f7070d9e3dcbd6ca6291127574f57ee786",
"sha256:e51562c91ddb8148e791f0155fdb01325d99bb52c4cdbb291aee7a3563fd0849"
"sha256:1151d5fb3a62dc129164292e1227655e4bbc5dd5340a5165dfae61128ec50aa9",
"sha256:1fd5520878b68b84b5748bb30e592b10d0a91529d5383f74f4964e72b297fd3a"
],
"version": "==0.54.0"
"version": "==0.56.0"
},
"whichcraft": {
"hashes": [
@ -628,10 +688,10 @@
},
"yamllint": {
"hashes": [
"sha256:93e255e4bd96c7c0850bf182b09f6b35625130f15b37a0e03d8bf378d747081c",
"sha256:e9b7dec24921ef13180902e5dbcaae9157c773e3e3e2780ef77d3a4dd67d799f"
"sha256:5a53b6ebea563f944420d2964233173532af00a9579ab2c48c4cf8c56b704050",
"sha256:8f25759997acb42e52b96bf3af0b4b942e6516b51198bebd3402640102006af7"
],
"version": "==1.11.1"
"version": "==1.15.0"
}
},
"develop": {}

1
README.md
View File

@ -53,6 +53,7 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
pip install pipenv
sudo pipenv install
pipenv run test
pipenv run agent
```
## Contribute

27
molecule/default/molecule.yml
View File

@ -5,27 +5,44 @@ driver:
name: docker
lint:
name: yamllint
enabled: false # fix in seperate PR
enabled: false
platforms:
- name: bionic
image: ubuntu:bionic
- name: xenial
image: ubuntu:xenial
image: solita/ubuntu-systemd:xenial
privileged: true
command: /sbin/init
- name: trusty
image: ubuntu:trusty
- name: centos6
image: centos:6
- name: centos7
image: centos:7
image: milcom/centos7-systemd
privileged: true
provisioner:
name: ansible
env:
ANSIBLE_ROLES_PATH: $HOME/wazuh-ansible/roles
ANSIBLE_ROLES_PATH: ../../roles
lint:
name: ansible-lint
enabled: true # fix in seperate PR
enabled: true
scenario:
name: default
test_sequence:
- lint
- dependency
- cleanup
- destroy
- syntax
- create
- prepare
- converge
# - idempotence
- side_effect
- verify
- cleanup
- destroy
verifier:
name: testinfra
lint:

5
molecule/default/playbook.yml
View File

@ -2,8 +2,9 @@
- name: Converge
hosts: all
roles:
- {role: wazuh/ansible-wazuh-manager}
- {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
- role: wazuh/ansible-wazuh-manager
# - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
# Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
# - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
# - {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}

25
molecule/default/prepare.yml
View File

@ -1,5 +1,26 @@
---
- name: Prepare
hosts: all
gather_facts: false
tasks: []
gather_facts: true
tasks:
- name: "Install Python packages for Trusty to solve trust issues"
package:
name:
- python-setuptools
- python-pip
state: latest
register: wazuh_manager_trusty_packages_installed
until: wazuh_manager_trusty_packages_installed is succeeded
when:
- ansible_distribution == "Ubuntu"
- ansible_distribution_major_version | int == 14
- name: "Install dependencies"
package:
name:
- curl
- net-tools
state: latest
register: wazuh_manager_dependencies_packages_installed
until: wazuh_manager_dependencies_packages_installed is succeeded

82
molecule/default/tests/test_default.py
View File

@ -1,4 +1,5 @@
import os
import pytest
import testinfra.utils.ansible_runner
@ -6,25 +7,74 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_hosts_file(host):
f = host.file('/etc/hosts')
assert f.exists
assert f.user == 'root'
assert f.group == 'root'
def get_wazuh_version():
"""This return the version of Wazuh."""
return "3.8"
def test_filebeat_is_installed(host):
package = host.package("filebeat")
assert package.is_installed
assert package.version.startswith("6")
def test_wazuh_packages_are_installed(host):
"""Test if the main packages are installed."""
manager = host.package("wazuh-manager")
api = host.package("wazuh-api")
distribution = host.system_info.distribution.lower()
if distribution == 'centos':
if host.system_info.release == "7":
assert manager.is_installed
assert manager.version.startswith(get_wazuh_version())
assert api.is_installed
assert api.version.startswith(get_wazuh_version())
elif host.system_info.release.startswith("6"):
assert manager.is_installed
assert manager.version.startswith(get_wazuh_version())
elif distribution == 'ubuntu':
assert manager.is_installed
assert manager.version.startswith(get_wazuh_version())
def test_filebeat_service_enabled(host):
service = host.service('filebeat')
assert service.is_enabled
def test_wazuh_services_are_running(host):
"""Test if the services are enabled and running.
When assert commands are commented, this means that the service command has
a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
"""
manager = host.service("wazuh-manager")
api = host.service("wazuh-api")
distribution = host.system_info.distribution.lower()
if distribution == 'centos':
# assert manager.is_running
assert manager.is_enabled
# assert not api.is_running
assert not api.is_enabled
elif distribution == 'ubuntu':
# assert manager.is_running
assert manager.is_enabled
# assert api.is_running
assert api.is_enabled
def test_filebeat_config_file_present(host):
config_file = host.file('/etc/filebeat/filebeat.yml')
assert config_file.is_file
@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
])
def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
"""Test if Wazuh related files exist and have proper owners and mode."""
wazuh_file_host = host.file(wazuh_file)
assert wazuh_file_host.user == wazuh_owner
assert wazuh_file_host.group == wazuh_group
assert wazuh_file_host.mode == wazuh_mode
def test_open_ports(host):
"""Test if the main port is open and the agent-auth is not open."""
distribution = host.system_info.distribution.lower()
if distribution == 'ubuntu':
assert host.socket("tcp://0.0.0.0:1515").is_listening
assert not host.socket("tcp://0.0.0.0:1514").is_listening
elif distribution == 'centos':
assert host.socket("tcp://:::1515").is_listening
assert not host.socket("tcp://:::1514").is_listening

14
molecule/wazuh-agent/Dockerfile.j2 Normal file
View File

@ -0,0 +1,14 @@
# Molecule managed
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi

22
molecule/wazuh-agent/INSTALL.rst Normal file
View File

@ -0,0 +1,22 @@
*******
Docker driver installation guide
*******
Requirements
============
* Docker Engine
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule[docker]'

82
molecule/wazuh-agent/molecule.yml Normal file
View File

@ -0,0 +1,82 @@
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
platforms:
- name: wazuh_server_centos7
image: milcom/centos7-systemd
networks:
- name: wazuh
privileged: true
groups:
- manager
- name: wazuh_agent_bionic
image: ubuntu:bionic
networks:
- name: wazuh
groups:
- agent
- name: wazuh_agent_xenial
image: solita/ubuntu-systemd:xenial
privileged: true
command: /sbin/init
networks:
- name: wazuh
groups:
- agent
- name: wazuh_agent_trusty
image: ubuntu:trusty
networks:
- name: wazuh
groups:
- agent
- name: wazuh_agent_centos6
image: centos:6
networks:
- name: wazuh
groups:
- agent
- name: wazuh_agent_centos7
image: milcom/centos7-systemd
privileged: true
networks:
- name: wazuh
groups:
- agent
provisioner:
name: ansible
playbooks:
docker:
create: ../default/create.yml
destroy: ../default/destroy.yml
env:
ANSIBLE_ROLES_PATH: ../../roles
inventory:
group_vars:
agent:
api_pass: password
wazuh_managers:
- address: "{{ wazuh_manager_ip }}"
port: 1514
protocol: tcp
api_port: 55000
api_proto: 'http'
api_user: null
wazuh_agent_authd:
enable: true
port: 1515
ssl_agent_ca: null
ssl_agent_cert: null
ssl_agent_key: null
ssl_auto_negotiate: 'no'
lint:
name: ansible-lint
enabled: true
verifier:
name: testinfra
lint:
name: flake8

20
molecule/wazuh-agent/playbook.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Converge
hosts: agent
pre_tasks:
- name: "Get ip Wazuh Manager"
shell: |
set -o pipefail
grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 2 | tail -n 1
register: wazuh_manager_ip_stdout
changed_when: false
delegate_to: wazuh_server_centos7
args:
executable: /bin/bash
- name: "Set fact for ip address"
set_fact:
wazuh_manager_ip: "{{ wazuh_manager_ip_stdout.stdout }}"
roles:
- role: wazuh/ansible-wazuh-agent

43
molecule/wazuh-agent/prepare.yml Normal file
View File

@ -0,0 +1,43 @@
---
- name: Prepare
hosts: manager
gather_facts: true
tasks:
- name: "Install dependencies"
package:
name:
- curl
- net-tools
state: latest
register: wazuh_manager_dependencies_packages_installed
until: wazuh_manager_dependencies_packages_installed is succeeded
roles:
- role: wazuh/ansible-wazuh-manager
- name: Prepare
hosts: agent
gather_facts: true
tasks:
- name: "Install Python packages for Trusty to solve trust issues"
package:
name:
- python-setuptools
- python-pip
state: latest
register: wazuh_manager_trusty_packages_installed
until: wazuh_manager_trusty_packages_installed is succeeded
when:
- ansible_distribution == "Ubuntu"
- ansible_distribution_major_version | int == 14
- name: "Install dependencies"
package:
name:
- curl
- net-tools
state: latest
register: wazuh_agent_dependencies_packages_installed
until: wazuh_agent_dependencies_packages_installed is succeeded

23
molecule/wazuh-agent/tests/test_agents.py Normal file
View File

@ -0,0 +1,23 @@
import os
import pytest
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent')
def test_ossec_package_installed(Package):
ossec = Package('wazuh-agent')
assert ossec.is_installed
@pytest.mark.parametrize("wazuh_service, wazuh_owner", (
("ossec-agentd", "ossec"),
("ossec-execd", "root"),
("ossec-syscheckd", "root"),
("wazuh-modulesd", "root"),
))
def test_wazuh_processes_running(host, wazuh_service, wazuh_owner):
master = host.process.get(user=wazuh_owner, comm=wazuh_service)
assert master.args == "/var/ossec/bin/" + wazuh_service

15
molecule/wazuh-agent/tests/test_manager.py Normal file
View File

@ -0,0 +1,15 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('manager')
def test_agents_registered_on_manager(host):
cmd = host.run("/var/ossec/bin/manage_agents -l")
assert 'wazuh_agent_bionic' in cmd.stdout
assert 'wazuh_agent_xenial' in cmd.stdout
assert 'wazuh_agent_trusty' in cmd.stdout
assert 'wazuh_agent_centos6' in cmd.stdout
assert 'wazuh_agent_centos7' in cmd.stdout

1
playbooks/wazuh-agent.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your wazuh agents hosts>
roles:
- /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-agent

1
playbooks/wazuh-elastic.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your elasticsearch host>
roles:
- {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'your elasticsearch IP'}

1
playbooks/wazuh-elastic_stack-distributed.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your wazuh server host>
roles:
- role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager

1
playbooks/wazuh-elastic_stack-single.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your single server host>
roles:
- {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager}

1
playbooks/wazuh-kibana.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your kibana host>
roles:
- {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'your elasticsearch IP'}

1
playbooks/wazuh-logstash.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your logstash host>
roles:
- {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"]}

1
playbooks/wazuh-manager.yml
View File

@ -1,3 +1,4 @@
---
- hosts: <your wazuh server host>
roles:
- role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager

2
roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
View File

@ -7,4 +7,4 @@ elasticsearch_jvm_xms: null
elastic_stack_version: 6.7.1
elasticsearch_shards: 5
elasticsearch_replicas: 1
elasticsearch_install_java: yes
elasticsearch_install_java: true

2
roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
View File

@ -20,7 +20,7 @@
repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
state: present
filename: 'elastic_repo'
update_cache: yes
update_cache: true
- name: Debian/Ubuntu | Install Elasticsarch
apt:

2
roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
View File

@ -12,7 +12,7 @@
description: Elastic repository for 6.x packages
baseurl: https://artifacts.elastic.co/packages/6.x/yum
gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
gpgcheck: yes
gpgcheck: true
- name: RedHat/CentOS/Fedora | Install Elasticsarch
package: name=elasticsearch-{{ elastic_stack_version }} state=present

9
roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
View File

@ -68,19 +68,20 @@
notify: restart elasticsearch
tags: configure
# fix in new PR (ignore_errors)
- name: Reload systemd
systemd: daemon_reload=yes
ignore_errors: yes #fix in new PR
systemd: daemon_reload=true
ignore_errors: true
when:
- not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
- not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
- not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
- name: Ensure Elasticsearch started and enabled
ignore_errors: yes
ignore_errors: true
service:
name: elasticsearch
enabled: yes
enabled: true
state: started
- name: Make sure Elasticsearch is running before proceeding

1
roles/elastic-stack/ansible-kibana/defaults/main.yml
View File

@ -5,4 +5,3 @@ kibana_server_host: "0.0.0.0"
kibana_server_port: "5601"
elastic_stack_version: 6.7.1
wazuh_version: 3.8.2

2
roles/elastic-stack/ansible-kibana/tasks/Debian.yml
View File

@ -14,7 +14,7 @@
repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
state: present
filename: 'elastic_repo'
update_cache: yes
update_cache: true
- name: Debian/Ubuntu | Install Kibana
apt:

2
roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
View File

@ -5,7 +5,7 @@
description: Elastic repository for 6.x packages
baseurl: https://artifacts.elastic.co/packages/6.x/yum
gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
gpgcheck: yes
gpgcheck: true
- name: RedHat/CentOS/Fedora | Install Kibana
package: name=kibana-{{ elastic_stack_version }} state=present

11
roles/elastic-stack/ansible-kibana/tasks/main.yml
View File

@ -8,12 +8,11 @@
- name: Make sure Elasticsearch is running before proceeding.
wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
tags: configure
ignore_errors: yes # fix
wait_for: 50
ignore_errors: true
- name: Reload systemd
systemd: daemon_reload=yes
ignore_errors: yes
systemd: daemon_reload=true
ignore_errors: true
when:
- not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
- not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
@ -34,7 +33,7 @@
args:
removes: /usr/share/kibana/plugins/wazuh/package.json
register: wazuh_app_verify
changed_when: False
changed_when: false
tags: install
- name: Removing old Wazuh-APP
@ -59,7 +58,7 @@
- name: Ensure Kibana started and enabled
service:
name: kibana
enabled: yes
enabled: true
state: started
- import_tasks: RMRedHat.yml

2
roles/elastic-stack/ansible-logstash/defaults/main.yml
View File

@ -16,4 +16,4 @@ logstash_ssl_dir: /etc/pki/logstash
logstash_ssl_certificate_file: ""
logstash_ssl_key_file: ""
logstash_install_java: yes
logstash_install_java: true

6
roles/elastic-stack/ansible-logstash/tasks/Debian.yml
View File

@ -25,7 +25,7 @@
apt:
name: "logstash=1:{{ elastic_stack_version }}-1"
state: present
update_cache: yes
update_cache: true
tags: install
- name: Debian/Ubuntu | Checking if wazuh-manager is installed
@ -33,13 +33,13 @@
register: wazuh_manager_check_deb
when: logstash_input_beats == false
args:
warn: no
warn: false
- name: Debian/Ubuntu | Add user logstash to group ossec
user:
name: logstash
groups: ossec
append: yes
append: true
when:
- logstash_input_beats == false
- wazuh_manager_check_deb.rc == 0

6
roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
View File

@ -12,7 +12,7 @@
description: Elastic repository for 6.x packages
baseurl: https://artifacts.elastic.co/packages/6.x/yum
gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
gpgcheck: yes
gpgcheck: true
- name: RedHat/CentOS/Fedora | Install Logstash
package: name=logstash-{{ elastic_stack_version }} state=present
@ -24,13 +24,13 @@
register: wazuh_manager_check_rpm
when: logstash_input_beats == false
args:
warn: no
warn: false
- name: RedHat/CentOS/Fedora | Add user logstash to group ossec
user:
name: logstash
groups: ossec
append: yes
append: true
when:
- logstash_input_beats == false
- wazuh_manager_check_rpm.rc == 0

6
roles/elastic-stack/ansible-logstash/tasks/main.yml
View File

@ -10,7 +10,7 @@
- name: Reload systemd
systemd: daemon_reload=yes
ignore_errors: yes
ignore_errors: true
when:
- not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
- not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
@ -23,13 +23,13 @@
- name: Ensure Logstash started and enabled
service:
name: logstash
enabled: yes
enabled: true
state: started
- name: Amazon Linux start Logstash
service:
name: logstash
enabled: yes
enabled: true
state: started
when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"

2
roles/wazuh/ansible-filebeat/tasks/Debian.yml
View File

@ -14,4 +14,4 @@
apt_repository:
repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
state: present
update_cache: yes
update_cache: true

2
roles/wazuh/ansible-filebeat/tasks/RedHat.yml
View File

@ -5,4 +5,4 @@
description: Elastic repository for 6.x packages
baseurl: https://artifacts.elastic.co/packages/6.x/yum
gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
gpgcheck: yes
gpgcheck: true

4
roles/wazuh/ansible-filebeat/tasks/main.yml
View File

@ -15,7 +15,7 @@
- name: Reload systemd
systemd: daemon_reload=yes
ignore_errors: yes
ignore_errors: true
when:
- not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
- not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
@ -25,7 +25,7 @@
service:
name: filebeat
state: started
enabled: yes
enabled: true
- import_tasks: "RMRedHat.yml"
when: ansible_os_family == "RedHat"

1
roles/wazuh/ansible-wazuh-agent/defaults/main.yml
View File

@ -49,7 +49,6 @@ wazuh_agent_config:
skip_nfs: 'yes'
ignore:
- /etc/mtab
#- /etc/mnttab
- /etc/hosts.deny
- /etc/mail/statistics
- /etc/random-seed

2
roles/wazuh/ansible-wazuh-agent/meta/main.yml
View File

@ -18,6 +18,6 @@ galaxy_info:
- name: Fedora
versions:
- all
categories:
galaxy_tags:
- monitoring
dependencies: []

35
roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
View File

@ -1,17 +1,36 @@
---
- name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
apt:
name: ['apt-transport-https', 'ca-certificates']
name:
- apt-transport-https
- ca-certificates
state: present
register: wazuh_agent_ca_package_install
until: wazuh_agent_ca_package_install is succeeded
- name: Debian/Ubuntu | Installing repository key
- name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
become: true
shell: |
set -o pipefail
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
args:
warn: false
executable: /bin/bash
changed_when: false
when:
- ansible_distribution == "Ubuntu"
- ansible_distribution_major_version | int == 14
- name: Debian/Ubuntu | Installing Wazuh repository key
apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- name: Debian/Ubuntu | Add Wazuh repositories
apt_repository:
repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
state: present
update_cache: yes
update_cache: true
- name: Debian/Ubuntu | Set Distribution CIS filename for debian
set_fact:
@ -29,16 +48,20 @@
- name: Debian/Ubuntu | Install OpenScap
apt:
name: ['libopenscap8', 'xsltproc']
name:
- libopenscap8
- xsltproc
state: present
when: wazuh_agent_config.openscap.disable == 'no'
tags:
- init
register: wazuh_agent_OpenScap_package_install
until: wazuh_agent_OpenScap_package_install is succeeded
- name: Debian/Ubuntu | Get OpenScap installed version
shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
register: openscap_version
changed_when: true
changed_when: false
when: wazuh_agent_config.openscap.disable == 'no'
tags:
- config
@ -46,7 +69,7 @@
- name: Debian/Ubuntu | Check OpenScap version
shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
register: openscap_version_valid
changed_when: true
changed_when: false
when: wazuh_agent_config.openscap.disable == 'no'
tags:
- config

34
roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
View File

@ -53,16 +53,16 @@
vars:
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
when:
- check_keys.stat.exists == false or check_keys.stat.size == 0
- not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none
- name: Linux | Verify agent registration
shell: echo {{ agent_auth_output }} | grep "Valid key created"
when:
- check_keys.stat.exists == false or check_keys.stat.size == 0
- not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none
when: wazuh_agent_authd.enable == true
when: wazuh_agent_authd.enable
tags:
- config
- authd
@ -76,9 +76,9 @@
- name: Linux | Create the agent key via rest-API
uri:
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/"
validate_certs: no
validate_certs: false
method: POST
body: {"name":"{{ agent_name }}"}
body: '{"name":"{{ agent_name }}"}'
body_format: json
status_code: 200
headers:
@ -86,29 +86,30 @@
user: "{{ wazuh_managers.0.api_user }}"
password: "{{ api_pass }}"
register: newagent_api
changed_when: newagent_api.json.error == 0
# changed_when: newagent_api.json.error == 0
vars:
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
when:
- check_keys.stat.exists == false or check_keys.stat.size == 0
- not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none
become: no
become: false
ignore_errors: true
- name: Linux | Retieve new agent data via rest-API
uri:
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
validate_certs: no
validate_certs: false
method: GET
return_content: yes
return_content: true
user: "{{ wazuh_managers.0.api_user }}"
password: "{{ api_pass }}"
when:
- check_keys.stat.exists == false or check_keys.stat.size == 0
- not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none
- newagent_api.json.error == 0
register: newagentdata_api
delegate_to: localhost
become: no
become: false
- name: Linux | Register agent (via rest-API)
command: /var/ossec/bin/manage_agents
@ -121,12 +122,13 @@
OSSEC_ACTION_CONFIRMED: y
register: manage_agents_output
when:
- check_keys.stat.exists == false or check_keys.stat.size == 0
- not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none
- newagent_api.changed
notify: restart wazuh-agent
when: wazuh_agent_authd.enable == false
when:
- not wazuh_agent_authd.enable
tags:
- config
- api
@ -139,7 +141,7 @@
poll: 0
when:
- wazuh_agent_config.vuls.disable != 'yes'
- ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
- ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle']
tags:
- init
@ -168,7 +170,7 @@
- name: Linux | Ensure Wazuh Agent service is started and enabled
service:
name: wazuh-agent
enabled: yes
enabled: true
state: started
- import_tasks: "RMRedHat.yml"

1
roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
View File

@ -3,3 +3,4 @@
apt_repository:
repo: deb https://packages.wazuh.com/apt {{ ansible_distribution_release }} main
state: absent
changed_when: false

1
roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
View File

@ -3,3 +3,4 @@
yum_repository:
name: wazuh_repo
state: absent
changed_when: false

25
roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
View File

@ -5,7 +5,8 @@
description: Wazuh repository
baseurl: https://packages.wazuh.com/3.x/yum/
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
gpgcheck: yes
gpgcheck: true
changed_when: false
when:
- ansible_distribution_major_version|int > 5
@ -15,7 +16,8 @@
description: Wazuh repository
baseurl: https://packages.wazuh.com/3.x/yum/5/
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH-5
gpgcheck: yes
gpgcheck: true
changed_when: false
when:
- ansible_distribution_major_version|int == 5
@ -25,7 +27,8 @@
description: Wazuh repository
baseurl: https://packages.wazuh.com/3.x/yum/
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
gpgcheck: yes
gpgcheck: true
changed_when: false
when:
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
@ -35,6 +38,7 @@
dest: /tmp/jre-8-linux-x64.rpm
headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
register: oracle_java_task_rpm_download
until: oracle_java_task_rpm_download is succeeded
when:
- wazuh_agent_config.cis_cat.disable == 'no'
- wazuh_agent_config.cis_cat.install_java == 'yes'
@ -43,6 +47,8 @@
- name: RedHat/CentOS/Fedora | Install Oracle Java RPM
package: name=/tmp/jre-8-linux-x64.rpm state=present
register: wazuh_agent_java_package_install
until: wazuh_agent_java_package_install is succeeded
when:
- wazuh_agent_config.cis_cat.disable == 'no'
- wazuh_agent_config.cis_cat.install_java == 'yes'
@ -63,10 +69,21 @@
- name: Set Distribution CIS filename for RHEL7
set_fact:
cis_distribution_filename: cis_rhel7_linux_rcl.txt
when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == "7") or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version == "7"
- name: Set Distribution CIS filename for RHEL7 (Amazon)
set_fact:
cis_distribution_filename: cis_rhel7_linux_rcl.txt
when:
- ansible_distribution == "Amazon"
- ansible_distribution_major_version == "NA"
- name: RedHat/CentOS/RedHat | Install openscap
package: name=openscap-scanner state=present
register: wazuh_agent_openscap_package_install
until: wazuh_agent_openscap_package_install is succeeded
when: wazuh_agent_config.openscap.disable == 'no'
tags:
- init

28
roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
View File

@ -4,15 +4,19 @@
path: C:\Program Files (x86)
register: check_path
- name: "Set Win Path"
set_fact:
wazuh_agent_win_path: "{% wazuh_winagent_config.install_dir_x86 if check_path.stat.exists else wazuh_winagent_config.install_dir %}"
- name: Windows | Get current installed version
win_shell: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
win_shell: "{% if check_path.stat.exists %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
{{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe -h"
args:
removes: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
removes: "{% if check_path.stat.exists %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
{{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe"
register: agent_version
failed_when: False
changed_when: False
failed_when: false
changed_when: false
- name: Windows | Check Wazuh agent version installed
set_fact: correct_version=true
@ -30,7 +34,7 @@
- name: Windows | Verify the downloaded Wazuh agent installer
win_stat:
path: C:\wazuh-agent-installer.msi
get_checksum: yes
get_checksum: true
checksum_algorithm: md5
register: installer_md5
when:
@ -45,7 +49,7 @@
- correct_version is not defined
- name: Windows | Check if client.keys exists
win_stat: path="{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}client.keys"
win_stat: path="{{ wazuh_agent_win_path }}"
register: check_windows_key
notify: restart wazuh-agent windows
tags:
@ -58,18 +62,18 @@
- name: Windows | Register agent
win_shell: >
{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.auth_path_x86 }}{% else %}
{% if check_path.stat.exists %}{{ wazuh_winagent_config.auth_path_x86 }}{% else %}
{{ wazuh_winagent_config.auth_path }}{% endif %}
-m {{ wazuh_managers.0.address }}
-p {{ wazuh_agent_authd.port }}
{% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
args:
chdir: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}"
chdir: "{{ wazuh_agent_win_path }}"
register: agent_auth_output
notify: restart wazuh-agent windows
when:
- wazuh_agent_authd.enable == true
- check_windows_key.stat.exists == false or check_windows_key.stat.size == 0
- wazuh_agent_authd.enable
- not check_windows_key.stat.exists or check_windows_key.stat.size == 0
- wazuh_managers.0.address is not none
tags:
- config
@ -77,7 +81,7 @@
- name: Windows | Installing agent configuration (ossec.conf)
win_template:
src: var-ossec-etc-ossec-agent.conf.j2
dest: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}ossec.conf"
dest: "{{ wazuh_agent_win_path }}ossec.conf"
notify: restart wazuh-agent windows
tags:
- config
@ -85,7 +89,7 @@
- name: Windows | Installing local_internal_options.conf
win_template:
src: var-ossec-etc-local-internal-options.conf.j2
dest: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}local_internal_options.conf"
dest: "{{ wazuh_agent_win_path }}local_internal_options.conf"
notify: restart wazuh-agent windows
tags:
- config

2
roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
View File

@ -254,7 +254,7 @@
{% endif %}
<log_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.osquery.log_path_win }}{% else %}{{ wazuh_agent_config.osquery.log_path }}{% endif %}</log_path>
<config_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.osquery.config_path_win }}{% else %}{{ wazuh_agent_config.osquery.config_path }}{% endif %}</config_path>
<add_labels>{{ wazuh_agent_config.osquery.ad_labels }}</add_labels>
<add_labels>{{ wazuh_agent_config.osquery.add_labels }}</add_labels>
</wodle>
<!-- System inventory -->

5
roles/wazuh/ansible-wazuh-manager/defaults/main.yml
View File

@ -1,5 +1,6 @@
---
wazuh_manager_fqdn: "wazuh-server"
wazuh_manager_package_state: latest
wazuh_manager_config:
json_output: 'yes'
@ -281,10 +282,6 @@ wazuh_agent_configs:
- /etc/svc/volatile
no_diff:
- /etc/ssl/private.key
# Example
#directories:
#- dirs: /etc,/usr/bin,/usr/sbin
# checks: 'check_all="yes"'
rootcheck:
frequency: 43200
cis_distribution_filename: null

2
roles/wazuh/ansible-wazuh-manager/handlers/main.yml
View File

@ -13,3 +13,5 @@
name: wazuh-api
state: restarted
enabled: true
when:
- not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)

2
roles/wazuh/ansible-wazuh-manager/meta/main.yml
View File

@ -18,6 +18,6 @@ galaxy_info:
- name: Fedora
versions:
- all
categories:
galaxy_tags:
- monitoring
dependencies: []

52
roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
View File

@ -1,32 +1,64 @@
---
- name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
apt:
name: ['apt-transport-https', 'ca-certificates']
state: present
cache_valid_time: 3600
with_items:
name:
- apt-transport-https
- ca-certificates
- urllib3
- gnupg
state: present
cache_valid_time: 3600
register: wazuh_manager_https_packages_installed
until: wazuh_manager_https_packages_installed is succeeded
- name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
become: true
shell: |
set -o pipefail
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
args:
warn: false
executable: /bin/bash
changed_when: false
when:
- ansible_distribution == "Ubuntu"
- ansible_distribution_major_version | int == 14
- name: Debian/Ubuntu | Installing Wazuh repository key
apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- name: Debian/Ubuntu | Add Wazuh repositories
apt_repository:
repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
state: present
update_cache: yes
update_cache: true
changed_when: false
- name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
become: true
shell: |
set -o pipefail
curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
args:
warn: false
executable: /bin/bash
changed_when: false
when:
- ansible_distribution == "Ubuntu"
- ansible_distribution_major_version | int == 14
- name: Debian/Ubuntu | Installing NodeJS repository key
apt_key: url=https://deb.nodesource.com/gpgkey/nodesource.gpg.key
when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
- name: Debian/Ubuntu | Add NodeSource repositories for Node.js
apt_repository:
repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
state: present
update_cache: yes
update_cache: true
changed_when: false
- name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
set_fact:
@ -46,6 +78,8 @@
name: "{{ item }}"
state: present
cache_valid_time: 3600
register: wazuh_manager_openscap_installed
until: wazuh_manager_openscap_installed is succeeded
when: wazuh_manager_config.openscap.disable == 'no'
with_items:
- libopenscap8
@ -57,7 +91,7 @@
shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
when: wazuh_manager_config.openscap.disable == 'no'
register: openscap_version
changed_when: true
changed_when: false
tags:
- config
@ -65,6 +99,6 @@
shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
when: wazuh_manager_config.openscap.disable == 'no'
register: openscap_version_valid
changed_when: true
changed_when: false
tags:
- config

2
roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
View File

@ -3,8 +3,10 @@
apt_repository:
repo: deb https://packages.wazuh.com/apt {{ ansible_distribution_release }} main
state: absent
changed_when: false
- name: Debian/Ubuntu | Remove Nodejs repository.
apt_repository:
repo: deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main
state: absent
changed_when: false

2
roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
View File

@ -3,8 +3,10 @@
yum_repository:
name: NodeJS
state: absent
changed_when: false
- name: RedHat/CentOS/Fedora | Remove Wazuh repository (and clean up left-over metadata)
yum_repository:
name: wazuh_repo
state: absent
changed_when: false

45
roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
View File

@ -5,7 +5,8 @@
description: NodeJS-$releasever
baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
gpgcheck: yes
gpgcheck: true
changed_when: false
when:
- ansible_distribution_major_version|int > 5
@ -15,13 +16,16 @@
description: NodeJS-$releasever
baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
gpgcheck: yes
gpgcheck: true
when: ansible_distribution == 'Fedora'
- name: AmazonLinux | Get Nodejs
shell: curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
shell: |
set -o pipefail
curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
args:
warn: no
warn: false
executable: /bin/bash
when:
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
@ -29,6 +33,8 @@
yum:
name: nodejs
state: present
register: wazuh_manager_amz_node_packages_installed
until: wazuh_manager_amz_node_packages_installed is succeeded
when:
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
@ -38,7 +44,8 @@
description: Wazuh repository
baseurl: https://packages.wazuh.com/3.x/yum/
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
gpgcheck: yes
gpgcheck: true
changed_when: false
when:
- (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
@ -48,18 +55,25 @@
description: Wazuh repository
baseurl: https://packages.wazuh.com/3.x/yum/5/
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
gpgcheck: yes
gpgcheck: true
when:
- ansible_distribution_major_version|int == 5
- name: RedHat/CentOS/Fedora | Install openscap
package: name=openscap-scanner state=present
package: name={{ item }} state=present
with_items:
- openscap-scanner
- openssl
register: wazuh_manager_openscp_packages_installed
until: wazuh_manager_openscp_packages_installed is succeeded
tags:
- init
when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
- name: CentOS 6 | Install Software Collections (SCL) Repository
package: name=centos-release-scl state=present
register: wazuh_manager_scl_packages_installed
until: wazuh_manager_scl_packages_installed is succeeded
when:
- ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6'
- wazuh_manager_config.cluster.disable != 'yes'
@ -75,12 +89,16 @@
- name: CentOS/RedHat 6 | Install Python 2.7
package: name=python27 state=present
register: wazuh_manager_python_package_installed
until: wazuh_manager_python_package_installed is succeeded
when:
- ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
- wazuh_manager_config.cluster.disable != 'yes'
- name: CentOS/RedHat 6 | Install python-cryptography module
shell: pip2.7 install cryptography
pip: name=cryptography state=present
register: wazuh_manager_cryptography_package_installed
until: wazuh_manager_cryptography_package_installed is succeeded
environment:
PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}"
LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib"
@ -90,6 +108,8 @@
- name: RedHat/CentOS/Fedora | Install python-cryptography module
package: name=python-cryptography state=present
register: wazuh_manager_cryptography_package_installed
until: wazuh_manager_cryptography_package_installed is succeeded
when:
- not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' )
- wazuh_manager_config.cluster.disable != 'yes'
@ -115,4 +135,11 @@
- name: Set Distribution CIS filename for RHEL7/CentOS-7
set_fact:
cis_distribution_filename: cis_rhel7_linux_rcl.txt
when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == '7') or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
when:
- ansible_os_family == "RedHat" and ansible_distribution_major_version == '7'
- name: Set Distribution CIS filename for RHEL7/CentOS-7 (Amazon)
set_fact:
cis_distribution_filename: cis_rhel7_linux_rcl.txt
when:
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"

58
roles/wazuh/ansible-wazuh-manager/tasks/main.yml
View File

@ -6,13 +6,15 @@
when: ansible_os_family == "Debian"
- name: Install wazuh-manager, wazuh-api and expect
package: pkg={{ item }} state=latest
package: pkg={{ item }} state={{ wazuh_manager_package_state }}
with_items:
- wazuh-manager
- wazuh-api
- expect
register: wazuh_manager_main_packages_installed
until: wazuh_manager_main_packages_installed is succeeded
when:
- not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
- not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
tags:
- init
@ -22,16 +24,18 @@
regexp: 'echo -n "Starting Wazuh-manager: "'
replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
when:
- ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
- ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int == 6
- wazuh_manager_config.cluster.disable != 'yes'
- name: Install wazuh-manager and expect (EL5)
package: pkg={{ item }} state=latest
package: pkg={{ item }} state={{ wazuh_manager_package_state }}
with_items:
- wazuh-manager
- expect
register: wazuh_manager_main_packages_installed
until: wazuh_manager_main_packages_installed is succeeded
when:
- ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6
- ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6
tags:
- init
@ -71,7 +75,7 @@
- name: Ensure ossec-authd service is disabled
service: name=ossec-authd enabled=no state=stopped
when: old_authd_service.stat.exists == True
when: old_authd_service.stat.exists
tags:
- config
@ -80,7 +84,7 @@
with_items:
- "/etc/init.d/ossec-authd"
- "/lib/systemd/system/ossec-authd.service"
when: old_authd_service.stat.exists == True
when: old_authd_service.stat.exists
tags:
- config
@ -180,7 +184,7 @@
- name: Retrieving Wazuh-API User Credentials
include_vars: wazuh_api_creds.yml
when:
- not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
- not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
tags:
- config
@ -198,11 +202,14 @@
- config
- name: Check if client-syslog is enabled
shell: "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo"
shell: |
set -o pipefail
"grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo"
args:
removes: /var/ossec/bin/.process_list
changed_when: False
check_mode: no
executable: /bin/bash
changed_when: false
check_mode: false
register: csyslog_enabled
tags:
- config
@ -212,16 +219,19 @@
notify: restart wazuh-manager
when:
- csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout
- syslog_output is defined and syslog_output == true
- syslog_output is defined and syslog_output
tags:
- config
- name: Check if ossec-agentlessd is enabled
shell: "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo"
shell: |
set -o pipefail
"grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo"
args:
removes: /var/ossec/bin/.process_list
changed_when: False
check_mode: no
executable: /bin/bash
changed_when: false
check_mode: false
register: agentlessd_enabled
tags:
- config
@ -252,7 +262,7 @@
poll: 0
when:
- wazuh_manager_config.vuls.disable != 'yes'
- ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
- ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle']
tags:
- init
@ -293,7 +303,7 @@
notify: restart wazuh-api
when:
- wazuh_api_user is defined
- not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
- not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
tags:
- config
@ -323,19 +333,23 @@
group: ossec
mode: 0640
no_log: true
register: wazuh_manager_cdb_lists
until: wazuh_manager_cdb_lists is succeeded
notify:
- rebuild cdb_lists
- restart wazuh-manager
with_items:
- "{{ cdb_lists }}"
when: cdb_lists is defined
when:
- cdb_lists is defined
- cdb_lists is iterable
tags:
- config
- name: Ensure Wazuh Manager, wazuh API service is started and enabled
service:
name: "{{ item }}"
enabled: yes
enabled: true
state: started
with_items:
- wazuh-manager
@ -345,17 +359,17 @@
environment:
LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
when:
- not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
- not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
- name: Ensure Wazuh Manager is started and enabled (EL5)
service:
name: wazuh-manager
enabled: yes
enabled: true
state: started
tags:
- config
when:
- ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6
- ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 6
- import_tasks: "RMRedHat.yml"
when: ansible_os_family == "RedHat"