merge de 4.2 a master

2021-10-01 12:24:53 -03:00 · 2021-10-01 12:24:53 -03:00 · 4b774dfeb3
commit 4b774dfeb3
parent 193649bcf3 17a0d96fbb
11 changed files with 36 additions and 33 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,17 @@ All notable changes to this project will be documented in this file.
 ### Added

 - Update to [Wazuh v4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430)
+## [v4.2.2]
+
+### Added
+
+- Update to [Wazuh v4.2.2](https://github.com/wazuh/wazuh/blob/v4.2.2/CHANGELOG.md#v420)
+
+## [v4.2.1]
+
+### Added
+
+- Update to [Wazuh v4.2.1](https://github.com/wazuh/wazuh/blob/v4.2.1/CHANGELOG.md#v420)

 ## [v4.2.0]

--- a/README.md
+++ b/README.md
@ -16,6 +16,8 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 | Wazuh version | Elastic | ODFE   |
 |---------------|---------|--------|
 | v4.3.0        | 7.10.2  | 1.13.2 |
+| v4.2.2        | 7.10.2  | 1.13.2 |
+| v4.2.1        | 7.10.2  | 1.13.2 |
 | v4.2.0        | 7.10.2  | 1.13.2 |
 | v4.1.5        | 7.10.2  | 1.13.2 |
 | v4.1.4        | 7.10.0  | 1.12.0 |
@ -23,7 +25,6 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 | v4.1.2        | 7.10.0  | 1.12.0 |
 | v4.1.1        | 7.10.0  | 1.12.0 |

-
 ## Documentation

 * [Wazuh Ansible documentation](https://documentation.wazuh.com/current/deploying-with-ansible/index.html)
--- a/4
+++ b/4
@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v4"
-REVISION="40000"
+WAZUH-ANSIBLE_VERSION="v4.2.2"
+REVISION="40215"
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@ -1,5 +1,7 @@
 ---
 - hosts: <your wazuh agents hosts>
+  become: yes
+  become_user: root
  roles:
    - ../roles/wazuh/ansible-wazuh-agent
  vars:
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@ -11,8 +11,11 @@
    - import_tasks: Debian.yml
      when: ansible_os_family == 'Debian'

-    - name: Remove Performance analyzer plugin
-      command: "/usr/share/elasticsearch/bin/elasticsearch-plugin remove opendistro-performance-analyzer"
+    - name: Remove performance analyzer plugin from elasticsearch
+      become: true
+      command: ./elasticsearch-plugin remove opendistro-performance-analyzer
+      args:
+        chdir: /usr/share/elasticsearch/bin/

    - name: Remove elasticsearch configuration file
      file:
--- a/roles/opendistro/opendistro-kibana/defaults/main.yml
+++ b/roles/opendistro/opendistro-kibana/defaults/main.yml
@ -9,7 +9,7 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 kibana_server_name: "kibana"
 kibana_max_payload_bytes: 1048576
-elastic_stack_version: 2
+elastic_stack_version: 7.10.2
 wazuh_version: 4.3.0
 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana

@ -41,7 +41,7 @@ kibana_telemetry_optin: "false"
 kibana_telemetry_enabled: "false"

 opendistro_admin_password: changeme
-opendistro_kibana_user: changeme
+opendistro_kibana_user: kibanaserver
 opendistro_kibana_password: changeme
 local_certs_path: "{{ playbook_dir }}/opendistro/certificates"

--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@ -84,7 +84,7 @@
    - config

 - name: Windows | Installing local_internal_options.conf
-  win_template:
+  template:
    src: var-ossec-etc-local-internal-options.conf.j2
    dest: "{{ wazuh_agent_win_path }}local_internal_options.conf"
  notify: Windows | Restart Wazuh Agent
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@ -253,39 +253,25 @@ wazuh_manager_syscheck:
 ## Command
 wazuh_manager_commands:
  - name: 'disable-account'
-    executable: 'disable-account.sh'
-    expect: 'user'
+    executable: 'disable-account'
    timeout_allowed: 'yes'
-  - name: 'restart-ossec'
-    executable: 'restart-ossec.sh'
-    expect: ''
+  - name: 'restart-wazuh'
+    executable: 'restart-wazuh'
  - name: 'firewall-drop'
    executable: 'firewall-drop'
    expect: 'srcip'
    timeout_allowed: 'yes'
  - name: 'host-deny'
-    executable: 'host-deny.sh'
-    expect: 'srcip'
+    executable: 'host-deny'
    timeout_allowed: 'yes'
  - name: 'route-null'
-    executable: 'route-null.sh'
-    expect: 'srcip'
+    executable: 'route-null'
    timeout_allowed: 'yes'
  - name: 'win_route-null'
-    executable: 'route-null.cmd'
-    expect: 'srcip'
-    timeout_allowed: 'yes'
-  - name: 'win_route-null-2012'
-    executable: 'route-null-2012.cmd'
-    expect: 'srcip'
+    executable: 'route-null.exe'
    timeout_allowed: 'yes'
  - name: 'netsh'
-    executable: 'netsh.cmd'
-    expect: 'srcip'
-    timeout_allowed: 'yes'
-  - name: 'netsh-win-2016'
-    executable: 'netsh-win-2016.cmd'
-    expect: 'srcip'
+    executable: 'netsh.exe'
    timeout_allowed: 'yes'

 ## Localfile