diff --git a/CHANGELOG.md b/CHANGELOG.md
index f30bc34a..a88f30e2 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,24 @@ All notable changes to this project will be documented in this file.
- Update to [Wazuh v4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
+## [v4.3.6]
+
+### Added
+
+- Update to [Wazuh v4.3.6](https://github.com/wazuh/wazuh/blob/v4.3.6/CHANGELOG.md#v436)
+
+## [v4.3.5]
+
+### Added
+
+- Update to [Wazuh v4.3.5](https://github.com/wazuh/wazuh/blob/v4.3.5/CHANGELOG.md#v435)
+
+## [v4.3.4]
+
+### Added
+
+- Update to [Wazuh v4.3.4](https://github.com/wazuh/wazuh/blob/v4.3.4/CHANGELOG.md#v434)
+
## [v4.3.3]
### Added
diff --git a/README.md b/README.md
index c0786da8..9298ff12 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,9 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb
|---------------|---------|--------|
| v4.5.0 | | |
| v4.4.0 | | |
+| v4.3.6 | | |
+| v4.3.5 | | |
+| v4.3.4 | | |
| v4.3.3 | | |
| v4.3.2 | | |
| v4.3.1 | | |
diff --git a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml
deleted file mode 100644
index 7b58f1af..00000000
--- a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-
-########################################################
-# Helper variables
-private_ip: '{{ ansible_default_ipv4.address }}'
-
-managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
-elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}"
-kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}"
-
-manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
-elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
-kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}"
-
-########################################################
-# Versions
-elastic_stack_version: 7.10.2
-filebeat_version: 7.10.2
-
-# Debian packages need the ${VERSION}-1
-wazuh_manager_version: 4.5.0-1
-wazuh_agent_version: 4.5.0-1
-
-# Kibana role appends it automatically.
-wazuh_version: 4.5.0
-
-########################################################
-# General ELK stack variables
-
-# Xpack Security: autogenerate CA
-generate_CA: true
-filebeat_xpack_security: true
-kibana_xpack_security: true
-elasticsearch_xpack_security: true
-elasticsearch_xpack_security_user: elastic
-elasticsearch_xpack_security_password: elastic_pass
diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py
deleted file mode 100644
index 3368c15f..00000000
--- a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py
+++ /dev/null
@@ -1,64 +0,0 @@
-import os
-import pytest
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
- os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def get_wazuh_version():
- """This return the version of Wazuh."""
- return "4.5.0"
-
-
-def test_wazuh_packages_are_installed(host):
- """Test the main packages are installed."""
- manager = host.package("wazuh-manager")
- assert manager.is_installed
- assert manager.version.startswith(get_wazuh_version())
-
-
-def test_wazuh_services_are_running(host):
- """Test the services are enabled and running.
-
- When assert commands are commented, this means that the service command has
- a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
- """
- # This currently doesn't work with out current Docker base images
- # manager = host.service("wazuh-manager")
- # api = host.service("wazuh-api")
- # assert manager.is_running
- # assert api.is_running
- output = host.check_output(
- 'ps aux | grep ossec | tr -s " " | cut -d" " -f11'
- )
- assert 'ossec-authd' in output
- assert 'wazuh-modulesd' in output
- assert 'wazuh-db' in output
- assert 'ossec-execd' in output
- assert 'ossec-monitord' in output
- assert 'ossec-remoted' in output
- assert 'ossec-logcollector' in output
- assert 'ossec-analysisd' in output
- assert 'ossec-syscheckd' in output
-
-
-@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
- ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
- ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
- ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640),
- ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660),
-])
-def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
- """Test Wazuh related files exist and have proper owners and mode."""
- wazuh_file_host = host.file(wazuh_file)
- assert wazuh_file_host.user == wazuh_owner
- assert wazuh_file_host.group == wazuh_group
- assert wazuh_file_host.mode == wazuh_mode
-
-
-def test_filebeat_is_installed(host):
- """Test the elasticsearch package is installed."""
- filebeat = host.package("filebeat")
- assert filebeat.is_installed
- assert filebeat.version.startswith('7.10.2')
diff --git a/molecule/distributed-wazuh-elk/group_vars/all.yml b/molecule/distributed-wazuh-elk/group_vars/all.yml
deleted file mode 100644
index cd4d12ab..00000000
--- a/molecule/distributed-wazuh-elk/group_vars/all.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-
-########################################################
-# Helper variables
-private_ip: '{{ ansible_default_ipv4.address }}'
-
-managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
-elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}"
-
-manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
-elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
-
-########################################################
-# Versions
-elastic_stack_version: 7.10.2
-filebeat_version: 7.10.2
-
-# Debian packages need the ${VERSION}-1
-wazuh_manager_version: 4.5.0-1
-wazuh_agent_version: 4.5.0-1
-
-# Kibana role appends it automatically.
-wazuh_version: 4.5.0
diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml
deleted file mode 100644
index e0c1a3d8..00000000
--- a/molecule/distributed-wazuh-odfe/group_vars/all.yml
+++ /dev/null
@@ -1,47 +0,0 @@
----
-
-########################################################
-# Helper variables
-private_ip: '{{ ansible_default_ipv4.address }}'
-
-managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
-elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}"
-kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}"
-
-manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
-elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
-kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}"
-
-########################################################
-# General ELK stack variables
-
-# OpenDistro
-kibana_opendistro_security: true
-
-opendistro_kibana_user: kibanaserver
-opendistro_security_user: elastic
-
-opendistro_kibana_password: changeme
-opendistro_security_password: admin
-opendistro_admin_password: changeme
-
-# All nodes are called by IP name
-elasticsearch_node_name: '{{ ansible_hostname }}'
-kibana_node_name: '{{ ansible_hostname }}'
-filebeat_node_name: '{{ ansible_hostname }}'
-
-########################################################
-# Versions
-# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/
-
-elastic_stack_version: 7.10.2
-opendistro_version: 1.13.2
-filebeat_version: 7.10.2
-kibana_opendistro_version: 1.13.2-1
-
-# Debian packages need the ${VERSION}-1
-wazuh_manager_version: 4.5.0-1
-wazuh_agent_version: 4.5.0-1
-
-# Kibana role appends it automatically.
-wazuh_version: 4.5.0
diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py
deleted file mode 100644
index 3368c15f..00000000
--- a/molecule/distributed-wazuh-odfe/tests/test_default.py
+++ /dev/null
@@ -1,64 +0,0 @@
-import os
-import pytest
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
- os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def get_wazuh_version():
- """This return the version of Wazuh."""
- return "4.5.0"
-
-
-def test_wazuh_packages_are_installed(host):
- """Test the main packages are installed."""
- manager = host.package("wazuh-manager")
- assert manager.is_installed
- assert manager.version.startswith(get_wazuh_version())
-
-
-def test_wazuh_services_are_running(host):
- """Test the services are enabled and running.
-
- When assert commands are commented, this means that the service command has
- a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
- """
- # This currently doesn't work with out current Docker base images
- # manager = host.service("wazuh-manager")
- # api = host.service("wazuh-api")
- # assert manager.is_running
- # assert api.is_running
- output = host.check_output(
- 'ps aux | grep ossec | tr -s " " | cut -d" " -f11'
- )
- assert 'ossec-authd' in output
- assert 'wazuh-modulesd' in output
- assert 'wazuh-db' in output
- assert 'ossec-execd' in output
- assert 'ossec-monitord' in output
- assert 'ossec-remoted' in output
- assert 'ossec-logcollector' in output
- assert 'ossec-analysisd' in output
- assert 'ossec-syscheckd' in output
-
-
-@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
- ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
- ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
- ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640),
- ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660),
-])
-def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
- """Test Wazuh related files exist and have proper owners and mode."""
- wazuh_file_host = host.file(wazuh_file)
- assert wazuh_file_host.user == wazuh_owner
- assert wazuh_file_host.group == wazuh_group
- assert wazuh_file_host.mode == wazuh_mode
-
-
-def test_filebeat_is_installed(host):
- """Test the elasticsearch package is installed."""
- filebeat = host.package("filebeat")
- assert filebeat.is_installed
- assert filebeat.version.startswith('7.10.2')
diff --git a/molecule/distributed-wazuh/group_vars/all.yml b/molecule/distributed-wazuh/group_vars/all.yml
index 0e563e82..e722ae8c 100644
--- a/molecule/distributed-wazuh/group_vars/all.yml
+++ b/molecule/distributed-wazuh/group_vars/all.yml
@@ -34,6 +34,6 @@ indexer_version: 4.5.0
filebeat_version: 7.10.2
wazuh_version: 4.5.0
-# Debian packages need the ${VERSION}-1
-wazuh_manager_version: 4.5.0-1
-wazuh_agent_version: 4.5.0-1
+# Debian packages need the ${VERSION}
+wazuh_manager_version: 4.5.0
+wazuh_agent_version: 4.5.0
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
deleted file mode 100644
index 63c8d866..00000000
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ /dev/null
@@ -1,53 +0,0 @@
----
-kibana_node_name: node-1
-
-elasticsearch_http_port: "9200"
-elasticsearch_network_host: "127.0.0.1"
-kibana_server_host: "0.0.0.0"
-kibana_server_port: "5601"
-kibana_conf_path: /etc/kibana
-elastic_stack_version: 7.10.2
-wazuh_version: 4.5.0
-wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
-
-elasticrepo:
- apt: 'https://artifacts.elastic.co/packages/7.x/apt'
- yum: 'https://artifacts.elastic.co/packages/7.x/yum'
- gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
- key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
-
-# API credentials
-wazuh_api_credentials:
- - id: "default"
- url: "https://localhost"
- port: 55000
- username: "wazuh"
- password: "wazuh"
-
-# Xpack Security
-kibana_xpack_security: false
-kibana_ssl_verification_mode: "full"
-
-elasticsearch_xpack_security_user: elastic
-elasticsearch_xpack_security_password: elastic_pass
-
-node_certs_destination: /etc/kibana/certs
-
-# CA Generation
-master_certs_path: "{{ playbook_dir }}/es_certs"
-generate_CA: true
-ca_cert_name: ""
-
-# Nodejs
-nodejs:
- repo_dict:
- debian: "deb"
- redhat: "rpm"
- repo_url_ext: "nodesource.com/setup_10.x"
-
-# Build from sources
-build_from_sources: false
-wazuh_plugin_branch: 4.1-7.10
-
-#Nodejs NODE_OPTIONS
-node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml
deleted file mode 100644
index 5b490844..00000000
--- a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-
----
-
-- name: Update cache
- apt:
- update_cache: yes
-
-- name: Debian 9 (Stretch)
- when: (ansible_facts['distribution'] == "Debian" and ansible_facts['distribution_major_version'] == "9")
- block:
-
- - name: Install OpenDistro dependencies
- apt:
- name: [
- 'unzip', 'wget', 'curl', 'apt-transport-https', software-properties-common
- ]
- state: present
-
- - name: Add the repository key for Debian's Stretch Backports repository
- ansible.builtin.apt_key:
- keyserver: keyserver.ubuntu.com
- id: 648ACFD622F3D138
-
- - name: Add openjdk repository
- apt_repository:
- repo: "{{ package_repos.apt.openjdk.baseurl }}"
- state: present
- update_cache: yes
- filename: 'wazuh-openjdk'
-
-- name: Install openjdk-11-jdk
- apt:
- name: openjdk-11-jdk
- state: present
- environment:
- JAVA_HOME: /usr
-
-- name: Add Opendistro repository
- block:
- - name: Add apt repository signing key
- apt_key:
- url: "{{ package_repos.apt.opendistro.gpg }}"
- state: present
-
- - name: Add Opendistro repository
- apt_repository:
- repo: "{{ package_repos.apt.opendistro.baseurl }}"
- state: present
- filename: 'wazuh-opendistro'
- update_cache: yes
-
-- name: Install OpenDistro
- apt:
- name: opendistroforelasticsearch={{ opendistro_version }}-1
- state: present
- register: install
- tags: install
\ No newline at end of file
diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml
deleted file mode 100644
index a9af0a91..00000000
--- a/roles/opendistro/opendistro-kibana/defaults/main.yml
+++ /dev/null
@@ -1,60 +0,0 @@
----
-
-# Kibana configuration
-elasticsearch_http_port: 9200
-elastic_api_protocol: https
-kibana_conf_path: /etc/kibana
-kibana_node_name: node-1
-kibana_server_host: "0.0.0.0"
-kibana_server_port: "5601"
-kibana_server_name: "kibana"
-kibana_max_payload_bytes: 1048576
-elastic_stack_version: 7.10.2
-wazuh_version: 4.5.0
-wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
-
-# The OpenDistro package repository
-kibana_opendistro_version: 1.13.2-1 # Version includes the - for RedHat family compatibility, replace with = for Debian hosts
-
-package_repos:
- yum:
- opendistro:
- baseurl: 'https://packages.wazuh.com/4.x/yum/'
- gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
- apt:
- opendistro:
- baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
- gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
-
-# API credentials
-wazuh_api_credentials:
- - id: "default"
- url: "https://localhost"
- port: 55000
- username: "wazuh"
- password: "wazuh"
-
-# opendistro Security
-kibana_opendistro_security: true
-kibana_newsfeed_enabled: "false"
-kibana_telemetry_optin: "false"
-kibana_telemetry_enabled: "false"
-
-opendistro_admin_password: changeme
-opendistro_kibana_user: kibanaserver
-opendistro_kibana_password: changeme
-local_certs_path: "{{ playbook_dir }}/opendistro/certificates"
-
-# Nodejs
-nodejs:
- repo_dict:
- debian: "deb"
- redhat: "rpm"
- repo_url_ext: "nodesource.com/setup_10.x"
-
-# Build from sources
-build_from_sources: false
-wazuh_plugin_branch: 4.1-7.10
-
-#Nodejs NODE_OPTIONS
-node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536
diff --git a/roles/opendistro/opendistro-kibana/tasks/main.yml b/roles/opendistro/opendistro-kibana/tasks/main.yml
deleted file mode 100755
index acfd1f90..00000000
--- a/roles/opendistro/opendistro-kibana/tasks/main.yml
+++ /dev/null
@@ -1,124 +0,0 @@
----
-
-- name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible
- fail:
- msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924"
- when:
- - build_from_sources
- - ansible_distribution == "Debian"
- - ansible_distribution_major_version == "10"
-
-- import_tasks: RedHat.yml
- when: ansible_os_family == 'RedHat'
-
-- import_tasks: Debian.yml
- when: ansible_os_family == 'Debian'
-
-- name: Remove Kibana configuration file
- file:
- # noqa 503
- path: "{{ kibana_conf_path }}/kibana.yml"
- state: absent
- tags: install
-
-- import_tasks: security_actions.yml
-
-- name: Copy Configuration File
- blockinfile:
- block: "{{ lookup('template', 'opendistro_kibana.yml.j2') }}"
- dest: "{{ kibana_conf_path }}/kibana.yml"
- create: true
- group: kibana
- owner: kibana
- mode: 0640
- marker: "## {mark} Kibana general settings ##"
- notify: restart kibana
- tags:
- - install
- - configure
-
-- name: Ensuring Kibana directory owner
- file:
- # noqa 208
- path: "/usr/share/kibana"
- state: directory
- owner: kibana
- group: kibana
- recurse: yes
-
-- name: Build and Install Wazuh Kibana Plugin from sources
- import_tasks: build_wazuh_plugin.yml
- when:
- - build_from_sources is defined
- - build_from_sources
-
-- name: Install Wazuh Plugin (can take a while)
- shell: >-
- NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install
- {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}-1.zip
- args:
- executable: /bin/bash
- creates: /usr/share/kibana/plugins/wazuh/package.json
- chdir: /usr/share/kibana
- become: yes
- become_user: kibana
- notify: restart kibana
- tags:
- - install
- - skip_ansible_lint
- when:
- - not build_from_sources
-
-- name: Kibana optimization (can take a while)
- shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli/cli.js --optimize -c {{ kibana_conf_path }}/kibana.yml
- args:
- executable: /bin/bash
- become: yes
- become_user: kibana
- changed_when: false
- tags:
- - skip_ansible_lint
-
-- name: Wait for Elasticsearch port
- wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}
-
-- name: Select correct API protocol
- set_fact:
- elastic_api_protocol: "{% if kibana_opendistro_security is defined and kibana_opendistro_security %}https{% else %}http{% endif %}"
-
-- name: Attempting to delete legacy Wazuh index if exists
- uri:
- url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
- method: DELETE
- user: "admin"
- password: "{{ opendistro_admin_password }}"
- validate_certs: no
- status_code: 200, 404
-
-- name: Create wazuh plugin config directory
- file:
- path: /usr/share/kibana/data/wazuh/config/
- state: directory
- recurse: yes
- owner: kibana
- group: kibana
- mode: 0751
- changed_when: False
-
-- name: Configure Wazuh Kibana Plugin
- template:
- src: wazuh.yml.j2
- dest: /usr/share/kibana/data/wazuh/config/wazuh.yml
- owner: kibana
- group: kibana
- mode: 0751
- changed_when: False
-
-- name: Ensure Kibana started and enabled
- service:
- name: kibana
- enabled: true
- state: started
-
-- import_tasks: RMRedHat.yml
- when: ansible_os_family == 'RedHat'
diff --git a/roles/opendistro/opendistro-kibana/tasks/security_actions.yml b/roles/opendistro/opendistro-kibana/tasks/security_actions.yml
deleted file mode 100644
index ee21f1c1..00000000
--- a/roles/opendistro/opendistro-kibana/tasks/security_actions.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-- block:
-
- - name: Copy the certificates from local to the Kibana instance
- copy:
- src: "{{ local_certs_path }}/certs/{{ item }}"
- dest: /usr/share/kibana
- mode: 0644
- with_items:
- - "root-ca.pem"
- - "{{ kibana_node_name }}_http.key"
- - "{{ kibana_node_name }}_http.pem"
- tags:
- - security
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
deleted file mode 100644
index 0a04b2b5..00000000
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-filebeat_version: 7.10.2
-
-wazuh_template_branch: v4.5.0
-
-filebeat_create_config: true
-
-filebeat_node_name: node-1
-
-filebeat_output_elasticsearch_hosts:
- - "localhost:9200"
-
-filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat
-filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
-filebeat_module_package_path: /tmp/
-filebeat_module_destination: /usr/share/filebeat/module
-filebeat_module_folder: /usr/share/filebeat/module/wazuh
-
-# Xpack Security
-filebeat_xpack_security: false
-
-elasticsearch_xpack_security_user: elastic
-elasticsearch_xpack_security_password: elastic_pass
-
-node_certs_destination: /etc/filebeat/certs
-
-# CA Generation
-master_certs_path: "{{ playbook_dir }}/es_certs"
-generate_CA: true
-ca_cert_name: ""
-
-elasticrepo:
- apt: 'https://artifacts.elastic.co/packages/7.x/apt'
- yum: 'https://artifacts.elastic.co/packages/7.x/yum'
- gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
- key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index a824c080..401b1c43 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
---
-wazuh_agent_version: 4.5.0-1
+wazuh_agent_version: 4.5.0
# Custom packages installation
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index ad381eac..1348f3e1 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -27,7 +27,7 @@
- name: Linux Debian | Install wazuh-agent
apt:
- name: "wazuh-agent={{ wazuh_agent_version }}"
+ name: "wazuh-agent={{ wazuh_agent_version }}-*"
state: present
cache_valid_time: 3600
when:
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 57fba2a4..cfc09f1e 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
---
-wazuh_manager_version: 4.5.0-1
+wazuh_manager_version: 4.5.0
wazuh_manager_fqdn: "wazuh-server"
wazuh_manager_package_state: present
@@ -173,7 +173,6 @@ wazuh_manager_sca:
wazuh_manager_vulnerability_detector:
enabled: 'no'
interval: '5m'
- ignore_time: '6h'
run_on_start: 'yes'
providers:
- enabled: 'no'
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index ee903eb9..1079f8d2 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -107,7 +107,7 @@
- name: Debian/Ubuntu | Install wazuh-manager
apt:
name:
- - "wazuh-manager={{ wazuh_manager_version }}"
+ - "wazuh-manager={{ wazuh_manager_version }}-*"
state: present
tags: init
when:
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 7fafc465..cf87a44c 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -265,9 +265,6 @@
{% if wazuh_manager_config.vulnerability_detector.interval is defined %}
{{ wazuh_manager_config.vulnerability_detector.interval }}
{% endif %}
- {% if wazuh_manager_config.vulnerability_detector.ignore_time is defined %}
- {{ wazuh_manager_config.vulnerability_detector.ignore_time }}
- {% endif %}
{% if wazuh_manager_config.vulnerability_detector.run_on_start is defined %}
{{ wazuh_manager_config.vulnerability_detector.run_on_start }}
{% endif %}
diff --git a/roles/wazuh/vars/repo.yml b/roles/wazuh/vars/repo.yml
index 9e685f1e..f97becfe 100644
--- a/roles/wazuh/vars/repo.yml
+++ b/roles/wazuh/vars/repo.yml
@@ -3,7 +3,8 @@ wazuh_repo:
yum: 'https://packages.wazuh.com/4.x/yum/'
gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
-wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.5.0-1.msi
+wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
+wazuh_winagent_package_name: wazuh-agent-{{ wazuh_agent_version }}-1.msi
certs_gen_tool_version: 4.5
diff --git a/roles/wazuh/vars/repo_dev.yml b/roles/wazuh/vars/repo_dev.yml
index bd1e6515..c878d755 100644
--- a/roles/wazuh/vars/repo_dev.yml
+++ b/roles/wazuh/vars/repo_dev.yml
@@ -3,7 +3,8 @@ wazuh_repo:
yum: 'https://packages-dev.wazuh.com/pre-release/yum/'
gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
-wazuh_winagent_config_url: https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-4.5.0-1.msi
+wazuh_winagent_config_url: https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi
+wazuh_winagent_package_name: wazuh-agent-{{ wazuh_agent_version }}-1.msi
certs_gen_tool_version: 4.5
diff --git a/roles/wazuh/wazuh-dashboard/tasks/Debian.yml b/roles/wazuh/wazuh-dashboard/tasks/Debian.yml
index 7525a10c..e80b605f 100644
--- a/roles/wazuh/wazuh-dashboard/tasks/Debian.yml
+++ b/roles/wazuh/wazuh-dashboard/tasks/Debian.yml
@@ -13,6 +13,13 @@
state: present
update_cache: yes
+ - name: Install Wazuh dashboard dependencies
+ apt:
+ name: [
+ 'libnss3-dev', 'fonts-liberation', 'libfontconfig1'
+ ]
+ state: present
+
- name: Install Wazuh dashboard
apt:
name: "wazuh-dashboard={{ dashboard_version }}-*"
diff --git a/roles/wazuh/wazuh-dashboard/tasks/RedHat.yml b/roles/wazuh/wazuh-dashboard/tasks/RedHat.yml
index 39900d43..7ba36704 100644
--- a/roles/wazuh/wazuh-dashboard/tasks/RedHat.yml
+++ b/roles/wazuh/wazuh-dashboard/tasks/RedHat.yml
@@ -10,6 +10,14 @@
gpgkey: "{{ wazuh_repo.gpg }}"
gpgcheck: true
+ - name: Install Wazuh dashboard dependencies
+ yum:
+ name: [
+ 'libnss3.so', 'xorg-x11-fonts-100dpi', 'xorg-x11-fonts-75dpi', 'xorg-x11-utils', 'xorg-x11-fonts-cyrillic', 'xorg-x11-fonts-Type1', 'xorg-x11-fonts-misc', 'fontconfig', 'freetype'
+ ]
+ state: present
+ ignore_errors: yes
+
- name: Install Wazuh dashboard
package:
name: "wazuh-dashboard-{{ dashboard_version }}"
diff --git a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml
index 4a215bef..6688cbe8 100644
--- a/roles/wazuh/wazuh-indexer/tasks/local_actions.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/local_actions.yml
@@ -30,8 +30,8 @@
- name: Local action | Prepare the certificates generation template file
template:
- src: "templates/config.yml.j2"
- dest: "{{ local_certs_path }}/config.yml"
+ src: "templates/wazuh-config.yml.j2"
+ dest: "{{ local_certs_path }}/wazuh-config.yml"
mode: 0644
register: tlsconfig_template