diff --git a/CHANGELOG.md b/CHANGELOG.md
index 42bc1a06..d2357017 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -31,6 +31,12 @@ All notable changes to this project will be documented in this file.
- Update to [Wazuh v4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)
+## [v4.5.4]
+
+### Added
+
+- Update to [Wazuh v4.5.4](https://github.com/wazuh/wazuh/blob/v4.5.4/CHANGELOG.md#v454)
+
## [v4.5.3]
### Added
diff --git a/README.md b/README.md
index 617f0a4e..9c0b351b 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb
| v4.7.1 | | |
| v4.7.0 | | |
| v4.6.0 | | |
+| v4.5.4 | | |
| v4.5.3 | | |
| v4.5.2 | | |
| v4.5.1 | | |
diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
index 22fcfa77..16ff48ae 100644
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@@ -10,7 +10,7 @@
port: 1514
protocol: tcp
api_port: 55000
- api_proto: 'http'
- api_user: ansible
+ api_proto: 'https'
+ api_user: wazuh
max_retries: 5
retry_interval: 5
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/README.md b/roles/wazuh/ansible-wazuh-agent/README.md
index baf7e57e..10255e54 100644
--- a/roles/wazuh/ansible-wazuh-agent/README.md
+++ b/roles/wazuh/ansible-wazuh-agent/README.md
@@ -12,6 +12,8 @@ This role is compatible with:
* Fedora
* Debian
* Ubuntu
+ * Windows
+ * macOS
Role Variables
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 878a4075..566fb056 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -16,6 +16,7 @@ authd_pass: ''
wazuh_api_reachable_from_agent: yes
wazuh_profile_centos: 'centos, centos7, centos7.6'
wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
+wazuh_profile_macos: 'darwin, darwin21, darwin21.1'
wazuh_auto_restart: 'yes'
wazuh_notify_time: '10'
@@ -30,6 +31,11 @@ wazuh_winagent_config:
auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
check_sha512: True
+# macOS deployment
+wazuh_macos_config:
+ download_dir: /tmp/
+ install_dir: /Library/Ossec/
+
wazuh_dir: "/var/ossec"
# This is deprecated, see: wazuh_agent_address
@@ -76,6 +82,7 @@ wazuh_agent_enrollment:
agent_certificate_path: ''
agent_key_path: ''
authorization_pass_path: "{{ wazuh_dir }}/etc/authd.pass"
+ authorization_pass_path_macos: "/etc/authd.pass"
auto_method: 'no'
delay_after_enrollment: 20
use_source_ip: 'no'
@@ -201,6 +208,11 @@ wazuh_agent_syscheck:
checks: ''
- dirs: /bin,/sbin,/boot
checks: ''
+ macos_directories:
+ - dirs: /etc,/usr/bin,/usr/sbin
+ checks: ''
+ - dirs: /bin,/sbin
+ checks: ''
win_directories:
- dirs: '%WINDIR%'
checks: 'recursion_level="0" restrict="regedit.exe$|system.ini$|win.ini$"'
@@ -303,6 +315,17 @@ wazuh_agent_localfiles:
command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
alias: 'netstat listening ports'
frequency: '360'
+ macos:
+ - format: 'full_command'
+ command: netstat -an | awk '{if ((/^(tcp|udp)/) && ($4 != "*.*") && ($5 == "*.*")) {print $1" "$4" "$5}}' | sort -u
+ alias: 'netstat listening ports'
+ frequency: '360'
+ - format: 'macos'
+ location: 'macos'
+ query:
+ type: 'trace,log,activity'
+ level: 'info'
+ value: (process == "sudo") or (process == "sessionlogoutd" and message contains "logout is complete.") or (process == "sshd") or (process == "tccd" and message contains "Update Access Record") or (message contains "SessionAgentNotificationCenter") or (process == "screensharingd" and message contains "Authentication") or (process == "securityd" and eventMessage contains "Session" and subsystem == "com.apple.securityd")
windows:
- format: 'eventlog'
location: 'Application'
@@ -326,6 +349,7 @@ wazuh_agent_active_response:
ar_disabled: 'no'
ca_store: "{{ wazuh_dir }}/etc/wpk_root.pem"
ca_store_win: 'wpk_root.pem'
+ ca_store_macos: 'etc/wpk_root.pem'
ca_verification: 'yes'
## Logging
diff --git a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
index 84f3ff45..f4770eb3 100644
--- a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
@@ -4,3 +4,6 @@
- name: Windows | Restart Wazuh Agent
win_service: name=WazuhSvc start_mode=auto state=restarted
+
+- name: macOS | Restart Wazuh Agent
+ command: /Library/Ossec/bin/wazuh-control restart
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml b/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml
new file mode 100644
index 00000000..9c1f6ce7
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml
@@ -0,0 +1,231 @@
+---
+- name: macOS | Check architecture
+ command: "/usr/bin/uname -m"
+ register: uname_result
+
+- name: macOS | Set architecture variable
+ set_fact:
+ macos_architecture: "{{ 'arm' if uname_result.stdout == 'arm64' else 'intel' }}"
+
+- name: macOS | Set package name and URL based on architecture
+ set_fact:
+ wazuh_macos_package_url: "{{ wazuh_macos_intel_package_url if macos_architecture == 'intel' else wazuh_macos_arm_package_url }}"
+ wazuh_macos_package_name: "{{ wazuh_macos_intel_package_name if macos_architecture == 'intel' else wazuh_macos_arm_package_name }}"
+
+- name: macOS | Check if Wazuh installer is already downloaded
+ stat:
+ path: "{{ wazuh_macos_config.download_dir }}{{ wazuh_macos_package_name }}"
+ register: wazuh_package_downloaded
+
+- name: macOS | Download Wazuh Agent package
+ get_url:
+ url: "{{ wazuh_macos_package_url }}"
+ dest: "{{ wazuh_macos_config.download_dir }}"
+ register: download_result
+ when:
+ - not wazuh_package_downloaded.stat.exists
+
+- name: macOS | Check if Wazuh Agent is already installed
+ stat:
+ path: "{{ wazuh_macos_config.install_dir }}"
+ register: wazuh_installed
+
+- name: macOS | Install Agent if not already installed
+ command: "installer -pkg {{ wazuh_macos_config.download_dir }}{{ wazuh_macos_package_name }} -target /"
+ register: install_result
+
+- name: macOS | Check if client.keys exists
+ stat:
+ path: "{{ wazuh_macos_config.install_dir }}/etc/client.keys"
+ register: client_keys_file
+ tags:
+ - config
+
+- name: macOS | Agent registration via authd
+ block:
+ - name: macOS | Register agent (via authd)
+ shell: >
+ {{ wazuh_macos_config.install_dir }}/bin/agent-auth
+ {% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
+ -A {{ wazuh_agent_authd.agent_name }}
+ {% endif %}
+ -m {{ wazuh_agent_authd.registration_address }}
+ -p {{ wazuh_agent_authd.port }}
+ {% if wazuh_agent_nat %} -I "any" {% endif %}
+ {% if authd_pass | length > 0 %} -P {{ authd_pass }} {% endif %}
+ {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
+ {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups | length > 0 %}
+ -G "{{ wazuh_agent_authd.groups | join(',') }}"
+ {% endif %}
+ register: agent_auth_output
+ notify: macOS | Restart Wazuh Agent
+ vars:
+ agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
+ when:
+ - not client_keys_file.stat.exists or client_keys_file.stat.size == 0
+ - wazuh_agent_authd.registration_address is not none
+
+ - name: macOS | Verify agent registration
+ shell: >
+ sh -c "echo '{{ agent_auth_output.stdout }} {{ agent_auth_output.stderr }}' | grep 'Valid key received'"
+ when:
+ - not client_keys_file.stat.exists or client_keys_file.stat.size == 0
+ - wazuh_agent_authd.registration_address is not none
+ when:
+ - wazuh_agent_authd.enable | bool
+ - wazuh_agent_config.enrollment.enabled != 'yes'
+ tags:
+ - config
+ - authd
+
+- name: macOS | Agent registration via rest-API
+ block:
+
+ - name: macOS | Establish target Wazuh Manager for registration task
+ set_fact:
+ target_manager: '{{ manager_primary | length | ternary(manager_primary, manager_fallback) | first }}'
+ vars:
+ manager_primary: "{{ wazuh_managers | selectattr('register','true') | list }}"
+ manager_fallback: "{{ wazuh_managers | list }}"
+
+ - name: macOS | Obtain JWT Token
+ uri:
+ url: '{{ target_manager.api_proto }}://{{ target_manager.address }}:{{ target_manager.api_port }}/security/user/authenticate'
+ method: POST
+ url_username: '{{ target_manager.api_user }}'
+ url_password: '{{ api_pass }}'
+ status_code: 200
+ return_content: yes
+ force_basic_auth: yes
+ validate_certs: '{{ target_manager.validate_certs | default(false) }}'
+ no_log: '{{ wazuh_agent_nolog_sensible | bool }}'
+ delegate_to: '{{ inventory_hostname if wazuh_api_reachable_from_agent else "localhost" }}'
+ changed_when: api_jwt_result.json.error == 0
+ register: api_jwt_result
+ become: no
+ tags:
+ - config
+ - api
+
+ - name: macOS | Create the agent key via rest-API
+ uri:
+ url: '{{ target_manager.api_proto }}://{{ target_manager.address }}:{{ target_manager.api_port }}/agents'
+ method: POST
+ body_format: json
+ body:
+ name: '{{ agent_name }}'
+ headers:
+ Authorization: 'Bearer {{ jwt_token }}'
+ status_code: 200
+ return_content: yes
+ validate_certs: '{{ target_manager.validate_certs | default(false) }}'
+ become: no
+ no_log: '{{ wazuh_agent_nolog_sensible | bool }}'
+ delegate_to: '{{ inventory_hostname if wazuh_api_reachable_from_agent else "localhost" }}'
+ changed_when: api_agent_post.json.error == 0
+ register: api_agent_post
+ vars:
+ agent_name: '{{ target_manager.agent_name | default(ansible_hostname) }}'
+ jwt_token: '{{ api_jwt_result.json.data.token }}'
+ tags:
+ - config
+ - api
+
+ - name: macOS | Validate registered agent key matches manager record
+ uri:
+ url: '{{ target_manager.api_proto }}://{{ target_manager.address }}:{{ target_manager.api_port }}/agents/{{ agent_id }}/key'
+ method: GET
+ headers:
+ Authorization: 'Bearer {{ jwt_token }}'
+ status_code: 200
+ return_content: yes
+ validate_certs: '{{ target_manager.validate_certs | default(false) }}'
+ become: no
+ no_log: '{{ wazuh_agent_nolog_sensible | bool }}'
+ delegate_to: '{{ inventory_hostname if wazuh_api_reachable_from_agent else "localhost" }}'
+ register: api_agent_validation
+ vars:
+ agent_id: '{{ api_agent_post.json.data.id }}'
+ agent_key: '{{ api_agent_post.json.data.key }}'
+ jwt_token: '{{ api_jwt_result.json.data.token }}'
+ failed_when: api_agent_validation.json.data.affected_items[0].key != agent_key
+ when:
+ - wazuh_agent_api_validate | bool
+ - api_agent_post.json.error == 0
+ tags:
+ - config
+ - api
+
+ - name: macOS | Import Key (via rest-API)
+ command: "{{ wazuh_macos_config.install_dir }}/bin/manage_agents"
+ environment:
+ OSSEC_ACTION: i
+ OSSEC_AGENT_NAME: '{{ agent_name }}'
+ OSSEC_AGENT_IP: '{{ wazuh_agent_address }}'
+ OSSEC_AGENT_ID: '{{ api_agent_post.json.data.id }}'
+ OSSEC_AGENT_KEY: '{{ api_agent_post.json.data.key }}'
+ OSSEC_ACTION_CONFIRMED: y
+ register: manage_agents_output
+ vars:
+ agent_name: '{{ target_manager.agent_name | default(ansible_hostname) }}'
+ notify: macOS | Restart Wazuh Agent
+ when:
+ - not ( wazuh_agent_authd.enable | bool )
+ - wazuh_agent_config.enrollment.enabled != 'yes'
+ - not client_keys_file.stat.exists or client_keys_file.stat.size == 0
+ tags:
+ - config
+ - api
+
+- name: macOS | Agent registration via auto-enrollment
+ debug:
+ msg: Agent registration will be performed through enrollment option in templated ossec.conf
+ when: wazuh_agent_config.enrollment.enabled == 'yes'
+
+- name: macOS | Ensure group "wazuh" exists
+ ansible.builtin.group:
+ name: wazuh
+ state: present
+
+- name: macOS | Installing agent configuration (ossec.conf)
+ template:
+ src: var-ossec-etc-ossec-agent.conf.j2
+ dest: "{{ wazuh_macos_config.install_dir }}/etc/ossec.conf"
+ owner: root
+ group: wazuh
+ mode: 0644
+ notify: macOS | Restart Wazuh Agent
+ tags:
+ - init
+ - config
+
+- name: macOS | Installing local_internal_options.conf
+ template:
+ src: var-ossec-etc-local-internal-options.conf.j2
+ dest: "{{ wazuh_macos_config.install_dir }}/etc/local_internal_options.conf"
+ owner: root
+ group: wazuh
+ mode: 0640
+ notify: macOS | Restart Wazuh Agent
+ tags:
+ - init
+ - config
+
+- name: Create auto-enrollment password file
+ template:
+ src: authd_pass.j2
+ dest: "{{ wazuh_macos_config.install_dir }}/etc/authd.pass"
+ owner: wazuh
+ group: wazuh
+ mode: 0640
+ when:
+ - wazuh_agent_config.enrollment.enabled == 'yes'
+ - wazuh_agent_config.enrollment.authorization_pass_path_macos | length > 0
+ - authd_pass | length > 0
+ tags:
+ - config
+
+- name: macOS | Delete downloaded Wazuh agent installer file
+ file:
+ path: "{{ wazuh_macos_config.download_dir }}{{ wazuh_macos_package_name }}"
+ state: absent
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
index d12446b1..26c27817 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
@@ -23,3 +23,6 @@
- include_tasks: "Linux.yml"
when: ansible_system == "Linux"
+
+- include_tasks: "macOS.yml"
+ when: ansible_system == "Darwin"
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 8eef3d1d..1ae07862 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -30,6 +30,9 @@
{{ wazuh_profile_ubuntu }}
{% endif %}
{% endif %}
+ {% if ansible_system == "Darwin" %}
+ {{ wazuh_profile_macos }}
+ {% endif %}
{% if wazuh_notify_time is not none and wazuh_time_reconnect is not none %}
{{ wazuh_notify_time }}
{{ wazuh_time_reconnect }}
@@ -64,8 +67,10 @@
{% if wazuh_agent_config.enrollment.agent_key_path | length > 0 %}
{{ wazuh_agent_config.enrollment.agent_key_path }}
{% endif %}
- {% if wazuh_agent_config.enrollment.authorization_pass_path | length > 0 %}
+ {% if wazuh_agent_config.enrollment.authorization_pass_path | length > 0 and ansible_system != "Darwin" %}
{{ wazuh_agent_config.enrollment.authorization_pass_path }}
+ {% else %}
+ {{ wazuh_agent_config.enrollment.authorization_pass_path_macos }}
{% endif %}
{% if wazuh_agent_config.enrollment.auto_method | length > 0 %}
{{ wazuh_agent_config.enrollment.auto_method }}
@@ -91,7 +96,7 @@
{% if wazuh_agent_config.rootcheck is defined %}
no
- {% if ansible_system == "Linux" %}
+ {% if ansible_system == "Linux" or ansible_system == "Darwin" %}
yes
yes
yes
@@ -103,10 +108,14 @@
{{ wazuh_agent_config.rootcheck.frequency }}
+ {% if ansible_system == "Darwin" %}
+ etc/shared/rootkit_files.txt
+ etc/shared/rootkit_trojans.txt
+ {% else %}
{{ wazuh_dir }}/etc/shared/rootkit_files.txt
{{ wazuh_dir }}/etc/shared/rootkit_trojans.txt
- yes
{% endif %}
+ yes
{% if ansible_os_family == "Windows" %}
./shared/win_applications_rcl.txt
./shared/win_malware_rcl.txt
@@ -179,6 +188,7 @@
{% endif %}
+ {% if ansible_system != "Darwin" %}
{{ wazuh_agent_config.cis_cat.disable }}
{{ wazuh_agent_config.cis_cat.timeout }}
@@ -193,6 +203,7 @@
{% endif %}
{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.cis_cat.ciscat_path_win }}{% else %}{{ wazuh_agent_config.cis_cat.ciscat_path }}{% endif %}
+ {% endif %}
@@ -249,13 +260,18 @@
no
{{ wazuh_agent_config.syscheck.frequency }}
- {% if ansible_system == "Linux" %}
+ {% if ansible_system == "Linux" or ansible_system == "Darwin" %}
{{ wazuh_agent_config.syscheck.scan_on_start }}
{% if wazuh_agent_config.syscheck.directories is defined and ansible_system == "Linux" %}
{% for directory in wazuh_agent_config.syscheck.directories %}
{{ directory.dirs }}
{% endfor %}
+ {% elif ansible_system == "Darwin" %}
+ {% for directory in wazuh_agent_config.syscheck.macos_directories %}
+ {{ directory.dirs }}
+ {% endfor %}
+ {% endif %}
{% endif %}
{% endif %}
@@ -267,7 +283,7 @@
{% endif %}
- {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Linux" %}
+ {% if wazuh_agent_config.syscheck.ignore is defined and (ansible_system == "Linux" or ansible_system == "Darwin") %}
{% for ignore in wazuh_agent_config.syscheck.ignore %}
{{ ignore }}
{% endfor %}
@@ -286,7 +302,7 @@
{% endfor %}
{% endif %}
- {% if ansible_system == "Linux" %}
+ {% if ansible_system == "Linux" or ansible_system == "Darwin" %}
{% for no_diff in wazuh_agent_config.syscheck.no_diff %}
{{ no_diff }}
@@ -363,6 +379,27 @@
{% endfor %}
{% endif %}
+ {% if ansible_system == "Darwin" %}
+ {% for localfile in wazuh_agent_config.localfiles.macos %}
+
+
+ {{ localfile.format }}
+ {% if localfile.format == 'command' or localfile.format == 'full_command' %}
+ {{ localfile.command }}
+ {{ localfile.frequency }}
+ {% if localfile.alias is defined %}
+ {{ localfile.alias }}
+ {% endif %}
+ {% else %}
+ {{ localfile.location }}
+ {% if localfile.format == 'macos' %}
+ {{ localfile.query.value }}
+ {% endif %}
+ {% endif %}
+
+ {% endfor %}
+ {% endif %}
+
{% if ansible_os_family == "Debian" %}
{% for localfile in wazuh_agent_config.localfiles.debian %}
@@ -439,7 +476,15 @@
{{ wazuh_agent_config.active_response.ar_disabled|default('no') }}
- {% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}{% else %}{{ wazuh_agent_config.active_response.ca_store }}{% endif %}
+
+ {% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}
+ {% else %}
+ {% if ansible_system == "Darwin" %}{{ wazuh_agent_config.active_response.ca_store_macos }}
+ {% else %}
+ {{ wazuh_agent_config.active_response.ca_store }}
+ {% endif %}
+ {% endif %}
+
{{ wazuh_agent_config.active_response.ca_verification }}
diff --git a/roles/wazuh/vars/repo.yml b/roles/wazuh/vars/repo.yml
index d038f024..1703c4c2 100644
--- a/roles/wazuh/vars/repo.yml
+++ b/roles/wazuh/vars/repo.yml
@@ -7,6 +7,11 @@ wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{
wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_sha512_url: "https://packages.wazuh.com/4.x/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512"
+wazuh_macos_intel_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.intel64.pkg"
+wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg"
+wazuh_macos_intel_package_url: "https://packages.wazuh.com/4.x/macos/{{ wazuh_macos_intel_package_name }}"
+wazuh_macos_arm_package_url: "https://packages.wazuh.com/4.x/macos/{{ wazuh_macos_arm_package_name }}"
+
certs_gen_tool_version: 4.8
# Url of certificates generator tool
diff --git a/roles/wazuh/vars/repo_pre-release.yml b/roles/wazuh/vars/repo_pre-release.yml
index 3ad401c6..502aa584 100644
--- a/roles/wazuh/vars/repo_pre-release.yml
+++ b/roles/wazuh/vars/repo_pre-release.yml
@@ -7,6 +7,11 @@ wazuh_winagent_config_url: "https://packages-dev.wazuh.com/pre-release/windows/w
wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_sha512_url: "https://packages-dev.wazuh.com/pre-release/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512"
+wazuh_macos_intel_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.intel64.pkg"
+wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg"
+wazuh_macos_intel_package_url: "https://packages-dev.wazuh.com/staging/pre-release/{{ wazuh_macos_intel_package_name }}"
+wazuh_macos_arm_package_url: "https://packages-dev.wazuh.com/pre-release/macos/{{ wazuh_macos_arm_package_name }}"
+
certs_gen_tool_version: 4.8
# Url of certificates generator tool
diff --git a/roles/wazuh/vars/repo_staging.yml b/roles/wazuh/vars/repo_staging.yml
index 06343c88..7bd37414 100644
--- a/roles/wazuh/vars/repo_staging.yml
+++ b/roles/wazuh/vars/repo_staging.yml
@@ -6,6 +6,11 @@ wazuh_repo:
wazuh_winagent_config_url: "https://packages-dev.wazuh.com/staging/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
+wazuh_macos_intel_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.intel64.pkg"
+wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg"
+wazuh_macos_intel_package_url: "https://packages-dev.wazuh.com/staging/macos/{{ wazuh_macos_intel_package_name }}"
+wazuh_macos_arm_package_url: "https://packages-dev.wazuh.com/staging/macos/{{ wazuh_macos_arm_package_name }}"
+
certs_gen_tool_version: 4.8
# Url of certificates generator tool