From a875ab96cd5167586236b969d2454ce77930c767 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 19 Apr 2023 16:59:19 -0300 Subject: [PATCH 1/5] bump 4.3.11 version --- CHANGELOG.md | 6 ++++++ README.md | 1 + VERSION | 2 +- molecule/default/tests/test_default.py | 2 +- molecule/distributed-wazuh/group_vars/all.yml | 8 ++++---- molecule/distributed-wazuh/tests/test_default.py | 2 +- pyproject.toml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++-- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- roles/wazuh/check-packages/defaults/main.yml | 2 +- roles/wazuh/wazuh-dashboard/defaults/main.yml | 4 ++-- roles/wazuh/wazuh-dashboard/vars/debian.yml | 2 +- roles/wazuh/wazuh-indexer/defaults/main.yml | 2 +- 13 files changed, 24 insertions(+), 17 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 88c1ebf3..e5d0e8c4 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.3.11] + +### Added + +- Update to [Wazuh v4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4311) + ## [v4.3.10] ### Added diff --git a/README.md b/README.md index 2dab5138..ad98c014 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.3.11 | | | | v4.3.10 | | | | v4.3.9 | | | | v4.3.8 | | | diff --git a/VERSION b/VERSION index 32dbbde6..fdee1943 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-ANSIBLE_VERSION="v4.3.10" +WAZUH-ANSIBLE_VERSION="v4.3.11" REVISION="40323" \ No newline at end of file diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index 3c364b7c..54f81b7e 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.3.10" + return "4.3.11" diff --git a/molecule/distributed-wazuh/group_vars/all.yml b/molecule/distributed-wazuh/group_vars/all.yml index 9940eae5..ec11ba43 100644 --- a/molecule/distributed-wazuh/group_vars/all.yml +++ b/molecule/distributed-wazuh/group_vars/all.yml @@ -30,10 +30,10 @@ indexer_node_name: '{{ ansible_facts.hostname }}' dashboard_node_name: '{{ ansible_facts.hostname }}' filebeat_node_name: '{{ ansible_facts.hostname }}' -indexer_version: 4.3.10 +indexer_version: 4.3.11 filebeat_version: 7.10.2 -wazuh_version: 4.3.10 +wazuh_version: 4.3.11 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.3.10 -wazuh_agent_version: 4.3.10 +wazuh_manager_version: 4.3.11 +wazuh_agent_version: 4.3.11 diff --git a/molecule/distributed-wazuh/tests/test_default.py b/molecule/distributed-wazuh/tests/test_default.py index a160dcc1..adf16704 100644 --- a/molecule/distributed-wazuh/tests/test_default.py +++ b/molecule/distributed-wazuh/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.3.10" + return "4.3.11" def test_wazuh_packages_are_installed(host): diff --git a/pyproject.toml b/pyproject.toml index f15094ef..b8f019c9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "wazuh-ansible" -version = "4.3.10" +version = "4.3.11" description = "" authors = ["neonmei "] diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index d778cbc4..ac0b0fc7 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,6 +1,6 @@ --- -wazuh_agent_version: 4.3.10 +wazuh_agent_version: 4.3.11 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.3.10" + branch: "v4.3.11" user_language: "y" user_no_stop: "y" user_install_type: "agent" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 3f946db2..6cd14295 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,6 +1,6 @@ --- -wazuh_manager_version: 4.3.10 +wazuh_manager_version: 4.3.11 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -13,7 +13,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.3.10" + branch: "v4.3.11" user_language: "en" user_no_stop: "y" user_install_type: "server" diff --git a/roles/wazuh/check-packages/defaults/main.yml b/roles/wazuh/check-packages/defaults/main.yml index c2d1e902..72e693a8 100644 --- a/roles/wazuh/check-packages/defaults/main.yml +++ b/roles/wazuh/check-packages/defaults/main.yml @@ -1,2 +1,2 @@ --- -wazuh_version: 4.3.10 \ No newline at end of file +wazuh_version: 4.3.11 \ No newline at end of file diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index 5a710889..c6dd0577 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -8,12 +8,12 @@ dashboard_node_name: node-1 dashboard_server_host: "0.0.0.0" dashboard_server_port: "443" dashboard_server_name: "dashboard" -wazuh_version: 4.3.10 +wazuh_version: 4.3.11 indexer_cluster_nodes: - 127.0.0.1 # The Wazuh dashboard package repository -dashboard_version: "4.3.10" +dashboard_version: "4.3.11" # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-dashboard/vars/debian.yml b/roles/wazuh/wazuh-dashboard/vars/debian.yml index 6ebfce69..ee0196c9 100644 --- a/roles/wazuh/wazuh-dashboard/vars/debian.yml +++ b/roles/wazuh/wazuh-dashboard/vars/debian.yml @@ -1,3 +1,3 @@ --- -dashboard_version: 4.3.10 \ No newline at end of file +dashboard_version: 4.3.11 \ No newline at end of file diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index db67d388..b0a6fc14 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -1,6 +1,6 @@ --- # Cluster Settings -indexer_version: 4.3.10 +indexer_version: 4.3.11 single_node: false indexer_node_name: node-1 From 625b6a4ae48a269668b236a2a964024a36a89439 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 24 Apr 2023 09:25:04 -0300 Subject: [PATCH 2/5] change revision number --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index fdee1943..f0cc5a78 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4.3.11" -REVISION="40323" \ No newline at end of file +REVISION="40324" \ No newline at end of file From fb76b8fe6a4d72466e4b8c32c221be1f69af7542 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 24 Apr 2023 10:27:59 -0300 Subject: [PATCH 3/5] update md5sum for Wazuh agent package --- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index ac0b0fc7..37c079a3 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -54,7 +54,7 @@ wazuh_winagent_config: # Adding quotes to auth_path_x86 since win_shell outputs error otherwise auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True - md5: eee54087d25a42ceb27ecf8ad562143f + md5: 34d087f81961413a0a7a04aa716a4409 wazuh_dir: "/var/ossec" From 6d1594e576dfe01c507d0efd1f362f231b5e5cf1 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 28 Apr 2023 14:57:08 -0300 Subject: [PATCH 4/5] resolving conflicts --- molecule/default/tests/test_default.py | 65 ------------------- molecule/distributed-wazuh/group_vars/all.yml | 39 ----------- .../distributed-wazuh/tests/test_default.py | 64 ------------------ pyproject.toml | 28 -------- 4 files changed, 196 deletions(-) delete mode 100644 molecule/default/tests/test_default.py delete mode 100644 molecule/distributed-wazuh/group_vars/all.yml delete mode 100644 molecule/distributed-wazuh/tests/test_default.py delete mode 100644 pyproject.toml diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py deleted file mode 100644 index 54f81b7e..00000000 --- a/molecule/default/tests/test_default.py +++ /dev/null @@ -1,65 +0,0 @@ -import os -import pytest -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def get_wazuh_version(): - """This return the version of Wazuh.""" - return "4.3.11" - - - -def test_wazuh_packages_are_installed(host): - """Test the main packages are installed.""" - manager = host.package("wazuh-manager") - assert manager.is_installed - assert manager.version.startswith(get_wazuh_version()) - - -def test_wazuh_services_are_running(host): - """Test the services are enabled and running. - - When assert commands are commented, this means that the service command has - a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 - """ - # This currently doesn't work with out current Docker base images - # manager = host.service("wazuh-manager") - # api = host.service("wazuh-api") - # assert manager.is_running - # assert api.is_running - output = host.check_output( - 'ps aux | grep ossec | tr -s " " | cut -d" " -f11' - ) - assert 'ossec-authd' in output - assert 'wazuh-modulesd' in output - assert 'wazuh-db' in output - assert 'ossec-execd' in output - assert 'ossec-monitord' in output - assert 'ossec-remoted' in output - assert 'ossec-logcollector' in output - assert 'ossec-analysisd' in output - assert 'ossec-syscheckd' in output - - -@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ - ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), - ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), - ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), - ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), -]) -def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): - """Test Wazuh related files exist and have proper owners and mode.""" - wazuh_file_host = host.file(wazuh_file) - assert wazuh_file_host.user == wazuh_owner - assert wazuh_file_host.group == wazuh_group - assert wazuh_file_host.mode == wazuh_mode - - -def test_filebeat_is_installed(host): - """Test the elasticsearch package is installed.""" - filebeat = host.package("filebeat") - assert filebeat.is_installed - assert filebeat.version.startswith('7.10.2') diff --git a/molecule/distributed-wazuh/group_vars/all.yml b/molecule/distributed-wazuh/group_vars/all.yml deleted file mode 100644 index ec11ba43..00000000 --- a/molecule/distributed-wazuh/group_vars/all.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- - -######################################################## -# Helper variables -private_ip: '{{ ansible_default_ipv4.address }}' - -managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" -indexer_hostvars: "{{ groups['indexer'] | map('extract', hostvars) | list }}" -dashboard_hostvars: "{{ groups['dashboard'] | map('extract', hostvars) | list }}" - -manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" -indexer_addresses: "{{ indexer_hostvars | map(attribute='private_ip') | list }}" -dashboard_addresses: "{{ dashboard_hostvars | map(attribute='private_ip') | list }}" - -######################################################## -# General Wazuh stack variables - -# Wazuh indexer/dashboard -dashboard_security: true - -dashboard_user: kibanaserver -indexer_security_user: admin - -dashboard_password: changeme -indexer_security_password: changeme -indexer_admin_password: changeme - -# All nodes are called by IP name -indexer_node_name: '{{ ansible_facts.hostname }}' -dashboard_node_name: '{{ ansible_facts.hostname }}' -filebeat_node_name: '{{ ansible_facts.hostname }}' - -indexer_version: 4.3.11 -filebeat_version: 7.10.2 -wazuh_version: 4.3.11 - -# Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.3.11 -wazuh_agent_version: 4.3.11 diff --git a/molecule/distributed-wazuh/tests/test_default.py b/molecule/distributed-wazuh/tests/test_default.py deleted file mode 100644 index adf16704..00000000 --- a/molecule/distributed-wazuh/tests/test_default.py +++ /dev/null @@ -1,64 +0,0 @@ -import os -import pytest -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def get_wazuh_version(): - """This return the version of Wazuh.""" - return "4.3.11" - - -def test_wazuh_packages_are_installed(host): - """Test the main packages are installed.""" - manager = host.package("wazuh-manager") - assert manager.is_installed - assert manager.version.startswith(get_wazuh_version()) - - -def test_wazuh_services_are_running(host): - """Test the services are enabled and running. - - When assert commands are commented, this means that the service command has - a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 - """ - # This currently doesn't work with out current Docker base images - # manager = host.service("wazuh-manager") - # api = host.service("wazuh-api") - # assert manager.is_running - # assert api.is_running - output = host.check_output( - 'ps aux | grep ossec | tr -s " " | cut -d" " -f11' - ) - assert 'ossec-authd' in output - assert 'wazuh-modulesd' in output - assert 'wazuh-db' in output - assert 'ossec-execd' in output - assert 'ossec-monitord' in output - assert 'ossec-remoted' in output - assert 'ossec-logcollector' in output - assert 'ossec-analysisd' in output - assert 'ossec-syscheckd' in output - - -@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ - ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), - ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), - ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), - ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), -]) -def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): - """Test Wazuh related files exist and have proper owners and mode.""" - wazuh_file_host = host.file(wazuh_file) - assert wazuh_file_host.user == wazuh_owner - assert wazuh_file_host.group == wazuh_group - assert wazuh_file_host.mode == wazuh_mode - - -def test_filebeat_is_installed(host): - """Test the elasticsearch package is installed.""" - filebeat = host.package("filebeat") - assert filebeat.is_installed - assert filebeat.version.startswith('7.10.2') diff --git a/pyproject.toml b/pyproject.toml deleted file mode 100644 index 3074f669..00000000 --- a/pyproject.toml +++ /dev/null @@ -1,28 +0,0 @@ -[tool.poetry] -name = "wazuh-ansible" -version = "4.4.1" -description = "" -authors = ["neonmei "] - -[tool.poetry.dependencies] -python = "^3.6" - -# Pin ansible version to that currently present on awx -ansible = "==4.10.0" -jinja2 = "^3.0.3" - -[tool.poetry.dev-dependencies] -pytest = "^7.0" -ansible-lint = "^5.4.0" -flake8 = "^4.0.1" -selinux = "^0.2.1" -yamllint = "^1.26.3" - -# minimum version is 3.0.3, because we need docker memory limitation -# https://github.com/ansible-community/molecule/pull/2615 -molecule = {extras = ["docker"], version = "==3.3.4"} -testinfra = "^6.0.0" - -[build-system] -requires = ["poetry>=1.1.8"] -build-backend = "poetry.masonry.api" From 09fa42b80a2ade8335d2df3cdde1fdf61cfdd01e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 16 May 2023 09:47:43 -0300 Subject: [PATCH 5/5] Deprecated files deleted --- .../ansible-kibana/defaults/main.yml | 53 ---------------- .../opendistro-kibana/defaults/main.yml | 60 ------------------- .../wazuh/ansible-filebeat/defaults/main.yml | 36 ----------- 3 files changed, 149 deletions(-) delete mode 100644 roles/elastic-stack/ansible-kibana/defaults/main.yml delete mode 100644 roles/opendistro/opendistro-kibana/defaults/main.yml delete mode 100644 roles/wazuh/ansible-filebeat/defaults/main.yml diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml deleted file mode 100644 index 63c8d866..00000000 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -kibana_node_name: node-1 - -elasticsearch_http_port: "9200" -elasticsearch_network_host: "127.0.0.1" -kibana_server_host: "0.0.0.0" -kibana_server_port: "5601" -kibana_conf_path: /etc/kibana -elastic_stack_version: 7.10.2 -wazuh_version: 4.5.0 -wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana - -elasticrepo: - apt: 'https://artifacts.elastic.co/packages/7.x/apt' - yum: 'https://artifacts.elastic.co/packages/7.x/yum' - gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' - key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4' - -# API credentials -wazuh_api_credentials: - - id: "default" - url: "https://localhost" - port: 55000 - username: "wazuh" - password: "wazuh" - -# Xpack Security -kibana_xpack_security: false -kibana_ssl_verification_mode: "full" - -elasticsearch_xpack_security_user: elastic -elasticsearch_xpack_security_password: elastic_pass - -node_certs_destination: /etc/kibana/certs - -# CA Generation -master_certs_path: "{{ playbook_dir }}/es_certs" -generate_CA: true -ca_cert_name: "" - -# Nodejs -nodejs: - repo_dict: - debian: "deb" - redhat: "rpm" - repo_url_ext: "nodesource.com/setup_10.x" - -# Build from sources -build_from_sources: false -wazuh_plugin_branch: 4.1-7.10 - -#Nodejs NODE_OPTIONS -node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536 diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml deleted file mode 100644 index a9af0a91..00000000 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- - -# Kibana configuration -elasticsearch_http_port: 9200 -elastic_api_protocol: https -kibana_conf_path: /etc/kibana -kibana_node_name: node-1 -kibana_server_host: "0.0.0.0" -kibana_server_port: "5601" -kibana_server_name: "kibana" -kibana_max_payload_bytes: 1048576 -elastic_stack_version: 7.10.2 -wazuh_version: 4.5.0 -wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana - -# The OpenDistro package repository -kibana_opendistro_version: 1.13.2-1 # Version includes the - for RedHat family compatibility, replace with = for Debian hosts - -package_repos: - yum: - opendistro: - baseurl: 'https://packages.wazuh.com/4.x/yum/' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' - apt: - opendistro: - baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' - -# API credentials -wazuh_api_credentials: - - id: "default" - url: "https://localhost" - port: 55000 - username: "wazuh" - password: "wazuh" - -# opendistro Security -kibana_opendistro_security: true -kibana_newsfeed_enabled: "false" -kibana_telemetry_optin: "false" -kibana_telemetry_enabled: "false" - -opendistro_admin_password: changeme -opendistro_kibana_user: kibanaserver -opendistro_kibana_password: changeme -local_certs_path: "{{ playbook_dir }}/opendistro/certificates" - -# Nodejs -nodejs: - repo_dict: - debian: "deb" - redhat: "rpm" - repo_url_ext: "nodesource.com/setup_10.x" - -# Build from sources -build_from_sources: false -wazuh_plugin_branch: 4.1-7.10 - -#Nodejs NODE_OPTIONS -node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536 diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml deleted file mode 100644 index 0a04b2b5..00000000 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -filebeat_version: 7.10.2 - -wazuh_template_branch: v4.5.0 - -filebeat_create_config: true - -filebeat_node_name: node-1 - -filebeat_output_elasticsearch_hosts: - - "localhost:9200" - -filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat -filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz -filebeat_module_package_path: /tmp/ -filebeat_module_destination: /usr/share/filebeat/module -filebeat_module_folder: /usr/share/filebeat/module/wazuh - -# Xpack Security -filebeat_xpack_security: false - -elasticsearch_xpack_security_user: elastic -elasticsearch_xpack_security_password: elastic_pass - -node_certs_destination: /etc/filebeat/certs - -# CA Generation -master_certs_path: "{{ playbook_dir }}/es_certs" -generate_CA: true -ca_cert_name: "" - -elasticrepo: - apt: 'https://artifacts.elastic.co/packages/7.x/apt' - yum: 'https://artifacts.elastic.co/packages/7.x/yum' - gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' - key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'