afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

merge de 4.2 a master

Browse Source
This commit is contained in:
Nicolas Lastra 2021-10-01 12:24:53 -03:00
commit 4b774dfeb3
No known key found for this signature in database
GPG Key ID: 749E0D60DEC5E4D8
11 changed files with 36 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGELOG.md
View File

@ -6,6 +6,17 @@ All notable changes to this project will be documented in this file.
### Added ### Added
- Update to [Wazuh v4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430) - Update to [Wazuh v4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430)
## [v4.2.2]
### Added
- Update to [Wazuh v4.2.2](https://github.com/wazuh/wazuh/blob/v4.2.2/CHANGELOG.md#v420)
## [v4.2.1]
### Added
- Update to [Wazuh v4.2.1](https://github.com/wazuh/wazuh/blob/v4.2.1/CHANGELOG.md#v420)
## [v4.2.0] ## [v4.2.0]

3
README.md
View File

@ -16,6 +16,8 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
| Wazuh version | Elastic | ODFE | | Wazuh version | Elastic | ODFE |
|---------------|---------|--------| |---------------|---------|--------|
| v4.3.0 | 7.10.2 | 1.13.2 | | v4.3.0 | 7.10.2 | 1.13.2 |
| v4.2.2 | 7.10.2 | 1.13.2 |
| v4.2.1 | 7.10.2 | 1.13.2 |
| v4.2.0 | 7.10.2 | 1.13.2 | | v4.2.0 | 7.10.2 | 1.13.2 |
| v4.1.5 | 7.10.2 | 1.13.2 | | v4.1.5 | 7.10.2 | 1.13.2 |
| v4.1.4 | 7.10.0 | 1.12.0 | | v4.1.4 | 7.10.0 | 1.12.0 |
@ -23,7 +25,6 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
| v4.1.2 | 7.10.0 | 1.12.0 | | v4.1.2 | 7.10.0 | 1.12.0 |
| v4.1.1 | 7.10.0 | 1.12.0 | | v4.1.1 | 7.10.0 | 1.12.0 |
## Documentation ## Documentation
* [Wazuh Ansible documentation](https://documentation.wazuh.com/current/deploying-with-ansible/index.html) * [Wazuh Ansible documentation](https://documentation.wazuh.com/current/deploying-with-ansible/index.html)

4
VERSION
View File

@ -1,2 +1,2 @@
WAZUH-ANSIBLE_VERSION="v4" WAZUH-ANSIBLE_VERSION="v4.2.2"
REVISION="40000" REVISION="40215"

2
playbooks/wazuh-agent.yml
View File

@ -1,5 +1,7 @@
--- ---
- hosts: <your wazuh agents hosts> - hosts: <your wazuh agents hosts>
become: yes
become_user: root
roles: roles:
- ../roles/wazuh/ansible-wazuh-agent - ../roles/wazuh/ansible-wazuh-agent
vars: vars:

4
playbooks/wazuh-odfe-single.yml
View File

@ -12,9 +12,9 @@
single_node: true single_node: true
minimum_master_nodes: 1 minimum_master_nodes: 1
elasticsearch_node_master: true elasticsearch_node_master: true
elasticsearch_network_host: 127.0.0.1 elasticsearch_network_host: 127.0.0.1
filebeat_node_name: node-1 filebeat_node_name: node-1
filebeat_output_elasticsearch_hosts: 127.0.0.1 filebeat_output_elasticsearch_hosts: 127.0.0.1
instances: instances:
node1: node1:
name: node-1 # Important: must be equal to elasticsearch_node_name. name: node-1 # Important: must be equal to elasticsearch_node_name.

7
roles/opendistro/opendistro-elasticsearch/tasks/main.yml
View File

@ -11,8 +11,11 @@
- import_tasks: Debian.yml - import_tasks: Debian.yml
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: Remove Performance analyzer plugin - name: Remove performance analyzer plugin from elasticsearch
command: "/usr/share/elasticsearch/bin/elasticsearch-plugin remove opendistro-performance-analyzer" become: true
command: ./elasticsearch-plugin remove opendistro-performance-analyzer
args:
chdir: /usr/share/elasticsearch/bin/
- name: Remove elasticsearch configuration file - name: Remove elasticsearch configuration file
file: file:

4
roles/opendistro/opendistro-kibana/defaults/main.yml
View File

@ -9,7 +9,7 @@ kibana_server_host: "0.0.0.0"
kibana_server_port: "5601" kibana_server_port: "5601"
kibana_server_name: "kibana" kibana_server_name: "kibana"
kibana_max_payload_bytes: 1048576 kibana_max_payload_bytes: 1048576
elastic_stack_version: 2 elastic_stack_version: 7.10.2
wazuh_version: 4.3.0 wazuh_version: 4.3.0
wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
@ -41,7 +41,7 @@ kibana_telemetry_optin: "false"
kibana_telemetry_enabled: "false" kibana_telemetry_enabled: "false"
opendistro_admin_password: changeme opendistro_admin_password: changeme
opendistro_kibana_user: changeme opendistro_kibana_user: kibanaserver
opendistro_kibana_password: changeme opendistro_kibana_password: changeme
local_certs_path: "{{ playbook_dir }}/opendistro/certificates" local_certs_path: "{{ playbook_dir }}/opendistro/certificates"

2
roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
View File

@ -84,7 +84,7 @@
- config - config
- name: Windows | Installing local_internal_options.conf - name: Windows | Installing local_internal_options.conf
win_template: template:
src: var-ossec-etc-local-internal-options.conf.j2 src: var-ossec-etc-local-internal-options.conf.j2
dest: "{{ wazuh_agent_win_path }}local_internal_options.conf" dest: "{{ wazuh_agent_win_path }}local_internal_options.conf"
notify: Windows | Restart Wazuh Agent notify: Windows | Restart Wazuh Agent

28
roles/wazuh/ansible-wazuh-manager/defaults/main.yml
View File

@ -253,39 +253,25 @@ wazuh_manager_syscheck:
## Command ## Command
wazuh_manager_commands: wazuh_manager_commands:
- name: 'disable-account' - name: 'disable-account'
executable: 'disable-account.sh' executable: 'disable-account'
expect: 'user'
timeout_allowed: 'yes' timeout_allowed: 'yes'
- name: 'restart-ossec' - name: 'restart-wazuh'
executable: 'restart-ossec.sh' executable: 'restart-wazuh'
expect: ''
- name: 'firewall-drop' - name: 'firewall-drop'
executable: 'firewall-drop' executable: 'firewall-drop'
expect: 'srcip' expect: 'srcip'
timeout_allowed: 'yes' timeout_allowed: 'yes'
- name: 'host-deny' - name: 'host-deny'
executable: 'host-deny.sh' executable: 'host-deny'
expect: 'srcip'
timeout_allowed: 'yes' timeout_allowed: 'yes'
- name: 'route-null' - name: 'route-null'
executable: 'route-null.sh' executable: 'route-null'
expect: 'srcip'
timeout_allowed: 'yes' timeout_allowed: 'yes'
- name: 'win_route-null' - name: 'win_route-null'
executable: 'route-null.cmd' executable: 'route-null.exe'
expect: 'srcip'
timeout_allowed: 'yes'
- name: 'win_route-null-2012'
executable: 'route-null-2012.cmd'
expect: 'srcip'
timeout_allowed: 'yes' timeout_allowed: 'yes'
- name: 'netsh' - name: 'netsh'
executable: 'netsh.cmd' executable: 'netsh.exe'
expect: 'srcip'
timeout_allowed: 'yes'
- name: 'netsh-win-2016'
executable: 'netsh-win-2016.cmd'
expect: 'srcip'
timeout_allowed: 'yes' timeout_allowed: 'yes'
## Localfile ## Localfile