Merge pull request #342 from wazuh/feature-339-new-api-behavior
Set new API configuration behavior
This commit is contained in:
Jose M. Garcia
GitHub
commit
4739841494
@ -9,6 +9,14 @@ elastic_stack_version: 7.5.1
|
||||
wazuh_version: 3.11.0
|
||||
wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
|
||||
|
||||
# API credentials
|
||||
wazuh_api_credentials:
|
||||
- id: "default"
|
||||
url: "http://localhost"
|
||||
port: 55000
|
||||
user: "foo"
|
||||
password: "bar"
|
||||
|
||||
# Xpack Security
|
||||
kibana_xpack_security: false
|
||||
|
||||
@ -33,4 +41,4 @@ nodejs:
|
||||
|
||||
# Build from sources
|
||||
build_from_sources: false
|
||||
wazuh_plugin_branch: 3.10-7.4
|
||||
wazuh_plugin_branch: 3.11-7.5
|
||||
|
||||
@ -134,6 +134,30 @@
|
||||
when:
|
||||
- not build_from_sources
|
||||
|
||||
- name: Wait for Elasticsearch port
|
||||
wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}
|
||||
|
||||
- name: Select correct API protocol
|
||||
set_fact:
|
||||
elastic_api_protocol: "{% if kibana_xpack_security %}https{% else %}http{% endif %}"
|
||||
|
||||
- name: Attempting to delete legacy Wazuh index if exists
|
||||
uri:
|
||||
url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
|
||||
method: DELETE
|
||||
user: "{{ elasticsearch_xpack_security_user }}"
|
||||
password: "{{ elasticsearch_xpack_security_password }}"
|
||||
validate_certs: no
|
||||
status_code: 200, 404
|
||||
|
||||
- name: Configure Wazuh Kibana Plugin
|
||||
template:
|
||||
src: wazuh.yml.j2
|
||||
dest: /usr/share/kibana/plugins/wazuh/wazuh.yml
|
||||
owner: kibana
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Reload systemd configuration
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
|
||||
134
roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
Normal file
134
roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
Normal file
@ -0,0 +1,134 @@
|
||||
---
|
||||
#
|
||||
# Wazuh app - App configuration file
|
||||
# Copyright (C) 2015-2019 Wazuh, Inc.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Find more information about this on the LICENSE file.
|
||||
#
|
||||
# ======================== Wazuh app configuration file ========================
|
||||
#
|
||||
# Please check the documentation for more information on configuration options:
|
||||
# https://documentation.wazuh.com/current/installation-guide/index.html
|
||||
#
|
||||
# Also, you can check our repository:
|
||||
# https://github.com/wazuh/wazuh-kibana-app
|
||||
#
|
||||
# ------------------------------- Index patterns -------------------------------
|
||||
#
|
||||
# Default index pattern to use.
|
||||
#pattern: wazuh-alerts-3.x-*
|
||||
#
|
||||
# ----------------------------------- Checks -----------------------------------
|
||||
#
|
||||
# Defines which checks must to be consider by the healthcheck
|
||||
# step once the Wazuh app starts. Values must to be true or false.
|
||||
#checks.pattern : true
|
||||
#checks.template: true
|
||||
#checks.api : true
|
||||
#checks.setup : true
|
||||
#
|
||||
# --------------------------------- Extensions ---------------------------------
|
||||
#
|
||||
# Defines which extensions should be activated when you add a new API entry.
|
||||
# You can change them after Wazuh app starts.
|
||||
# Values must to be true or false.
|
||||
#extensions.pci : true
|
||||
#extensions.gdpr : true
|
||||
#extensions.hipaa : true
|
||||
#extensions.nist : true
|
||||
#extensions.audit : true
|
||||
#extensions.oscap : false
|
||||
#extensions.ciscat : false
|
||||
#extensions.aws : false
|
||||
#extensions.virustotal: false
|
||||
#extensions.osquery : false
|
||||
#extensions.docker : false
|
||||
#
|
||||
# ---------------------------------- Time out ----------------------------------
|
||||
#
|
||||
# Defines maximum timeout to be used on the Wazuh app requests.
|
||||
# It will be ignored if it is bellow 1500.
|
||||
# It means milliseconds before we consider a request as failed.
|
||||
# Default: 20000
|
||||
#timeout: 20000
|
||||
#
|
||||
# ------------------------------ Advanced indices ------------------------------
|
||||
#
|
||||
# Configure .wazuh indices shards and replicas.
|
||||
#wazuh.shards : 1
|
||||
#wazuh.replicas : 0
|
||||
#
|
||||
# --------------------------- Index pattern selector ---------------------------
|
||||
#
|
||||
# Defines if the user is allowed to change the selected
|
||||
# index pattern directly from the Wazuh app top menu.
|
||||
# Default: true
|
||||
#ip.selector: true
|
||||
#
|
||||
# List of index patterns to be ignored
|
||||
#ip.ignore: []
|
||||
#
|
||||
# -------------------------------- X-Pack RBAC ---------------------------------
|
||||
#
|
||||
# Custom setting to enable/disable built-in X-Pack RBAC security capabilities.
|
||||
# Default: enabled
|
||||
#xpack.rbac.enabled: true
|
||||
#
|
||||
# ------------------------------ wazuh-monitoring ------------------------------
|
||||
#
|
||||
# Custom setting to enable/disable wazuh-monitoring indices.
|
||||
# Values: true, false, worker
|
||||
# If worker is given as value, the app will show the Agents status
|
||||
# visualization but won't insert data on wazuh-monitoring indices.
|
||||
# Default: true
|
||||
#wazuh.monitoring.enabled: true
|
||||
#
|
||||
# Custom setting to set the frequency for wazuh-monitoring indices cron task.
|
||||
# Default: 900 (s)
|
||||
#wazuh.monitoring.frequency: 900
|
||||
#
|
||||
# Configure wazuh-monitoring-3.x-* indices shards and replicas.
|
||||
#wazuh.monitoring.shards: 2
|
||||
#wazuh.monitoring.replicas: 0
|
||||
#
|
||||
# Configure wazuh-monitoring-3.x-* indices custom creation interval.
|
||||
# Values: h (hourly), d (daily), w (weekly), m (monthly)
|
||||
# Default: d
|
||||
#wazuh.monitoring.creation: d
|
||||
#
|
||||
# Default index pattern to use for Wazuh monitoring
|
||||
#wazuh.monitoring.pattern: wazuh-monitoring-3.x-*
|
||||
#
|
||||
#
|
||||
# ------------------------------- App privileges --------------------------------
|
||||
#admin: true
|
||||
#
|
||||
# ------------------------------- App logging level -----------------------------
|
||||
# Set the logging level for the Wazuh App log files.
|
||||
# Default value: info
|
||||
# Allowed values: info, debug
|
||||
#logs.level: info
|
||||
#
|
||||
#-------------------------------- API entries -----------------------------------
|
||||
#The following configuration is the default structure to define an API entry.
|
||||
#
|
||||
#hosts:
|
||||
# - <id>:
|
||||
# url: http(s)://<url>
|
||||
# port: <port>
|
||||
# user: <user>
|
||||
# password: <password>
|
||||
|
||||
hosts:
|
||||
{% for api in wazuh_api_credentials %}
|
||||
- {{ api['id'] }}:
|
||||
url: {{ api['url'] }}
|
||||
port: {{ api['port'] }}
|
||||
user: {{ api['user'] }}
|
||||
password: {{ api['password'] }}
|
||||
{% endfor %}
|
||||
Loading…
Reference in New Issue
Block a user