From f36d8be92ef7850fd3474cede6acd2dd1952bd5b Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 10:35:59 +0100 Subject: [PATCH 01/11] Fixing repo_v5 | skipped ocurrences. Updating to new format --- roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 2 +- roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml index 7bfcc611..cbc981d5 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml @@ -21,7 +21,7 @@ gpgcheck: true changed_when: false when: - - repo_v5_installed.skipped + - repo_v5_installed is skipped - name: RedHat/CentOS/Fedora | download Oracle Java RPM get_url: diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index fd614765..d64829a9 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -52,7 +52,7 @@ gpgcheck: true changed_when: false when: - - repo_v5_manager_installed|skipped + - repo_v5_manager_installed is skipped - name: RedHat/CentOS/Fedora | Install openscap package: name={{ item }} state=present From 0ce3590b6e84f5fa7703211a6038d50446c25dfe Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 12:48:38 +0100 Subject: [PATCH 02/11] Add "agent_name" var to "wazuh_agent_authd" vars --- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index d7155415..22b1f26c 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -12,6 +12,7 @@ wazuh_auto_restart: 'yes' wazuh_agent_authd: enable: false port: 1515 + agent_name: null ssl_agent_ca: null ssl_agent_cert: null ssl_agent_key: null From 5af556b72c4263e05fc405f5eedd7700aa4c14d4 Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 12:49:21 +0100 Subject: [PATCH 03/11] Update Wazuh Agent registration task with new "agent_name" var --- roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index 37a8a8eb..4300576f 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -51,7 +51,7 @@ - name: Linux | Register agent (via authd) shell: > /var/ossec/bin/agent-auth - -A {{ agent_name }} + {% if wazuh_agent_authd.agent_name is not none %}-A {{ agent_name }} {% endif %} -m {{ wazuh_managers.0.address }} -p {{ wazuh_agent_authd.port }} {% if wazuh_agent_nat %}-I "any" {% endif %} From e531427df05c3263f49d7914cb3aef99d5c9369e Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 13:30:47 +0100 Subject: [PATCH 04/11] Fix syntax error on Register agent task --- roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index 4300576f..88c0784b 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -51,7 +51,7 @@ - name: Linux | Register agent (via authd) shell: > /var/ossec/bin/agent-auth - {% if wazuh_agent_authd.agent_name is not none %}-A {{ agent_name }} {% endif %} + {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %} -m {{ wazuh_managers.0.address }} -p {{ wazuh_agent_authd.port }} {% if wazuh_agent_nat %}-I "any" {% endif %} From e52a5dba4fa308e1694f541d46947dc63f8faf31 Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 14:44:33 +0100 Subject: [PATCH 05/11] Update windows register task to use new "agent_name" variable --- roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml index 8dff6274..2de09a8e 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml @@ -60,6 +60,7 @@ {{ wazuh_agent_win_auth_path }} -m {{ wazuh_managers.0.address }} -p {{ wazuh_agent_authd.port }} + {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %} {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %} register: agent_auth_output notify: Windows | Restart Wazuh Agent From 9dcb8b424432f3a5d2ddd8c28645eb81929a8e4c Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 16:36:36 +0100 Subject: [PATCH 06/11] Update CHANGELOG.md --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b434ff63..6bd805cb 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ All notable changes to this project will be documented in this file. - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288) +### Fixed + +- Wazuh Agent registration using agent name has been fixed [@jm404](https://github.com/jm404) [#298](https://github.com/wazuh/wazuh-ansible/pull/298) + ## [v3.10.2_7.3.2] ### Added From c02885c2ad21abcd0b18e084e065986120726a71 Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 11:48:31 +0100 Subject: [PATCH 07/11] Update conditional in Redhat/Debian installation --- roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index 37a8a8eb..41cf60df 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -10,7 +10,7 @@ async: 90 poll: 30 when: - - ansible_distribution in ['CentOS','RedHat'] + - {{ ansible_os_family|lower == "redhat" }} tags: - init @@ -20,7 +20,7 @@ state: present cache_valid_time: 3600 when: - - not (ansible_distribution in ['CentOS','RedHat']) + - {{ ansible_os_family|lower != "redhat" }} tags: - init From 1593e7fdc243f8aa668459b1ee37df7d48636b25 Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 11:51:22 +0100 Subject: [PATCH 08/11] Fix syntax errors on Wazuh Agent installation conditionals --- roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index 41cf60df..3d9d04dc 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -10,7 +10,7 @@ async: 90 poll: 30 when: - - {{ ansible_os_family|lower == "redhat" }} + - ansible_os_family|lower == "redhat" tags: - init @@ -20,7 +20,7 @@ state: present cache_valid_time: 3600 when: - - {{ ansible_os_family|lower != "redhat" }} + - ansible_os_family|lower != "redhat" tags: - init From 2ad7e03a7cbc8822c2a1fef8e5f6fad6a33a153c Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 16:22:32 +0100 Subject: [PATCH 09/11] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b434ff63..ff30cea7 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file. ## Changed - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288) +- Fix Wazuh repository and installation conditionals [@jm404](https://github.com/jm404) [#299](https://github.com/wazuh/wazuh-ansible/pull/299) ## [v3.10.2_7.3.2] From 5fb65306b7d09c462503749ab3f84b2b0d3635a5 Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 16:24:00 +0100 Subject: [PATCH 10/11] Update CHANGELOG.md --- CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ff30cea7..1ddce2c9 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,9 +3,12 @@ All notable changes to this project will be documented in this file. ## [v3.xx.x_x.x.x] -## Changed +### Changed - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288) + +### Fixed + - Fix Wazuh repository and installation conditionals [@jm404](https://github.com/jm404) [#299](https://github.com/wazuh/wazuh-ansible/pull/299) ## [v3.10.2_7.3.2] From 27c332183d289ef70f0b7b5b9c3cd26c638a07fb Mon Sep 17 00:00:00 2001 From: Jose M Date: Tue, 5 Nov 2019 16:51:41 +0100 Subject: [PATCH 11/11] Add Amazon conditonal to RHEL/Centos --- roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml index cbc981d5..5c026a13 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml @@ -8,7 +8,7 @@ gpgcheck: true changed_when: false when: - - (ansible_facts['os_family']|lower == 'redhat') + - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon') - (ansible_distribution_major_version|int <= 5) register: repo_v5_installed