diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..5dcc0e82 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "pip" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "daily" + target-branch: "4.4" diff --git a/CHANGELOG.md b/CHANGELOG.md index 110f7c2f..2850d828 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.4.0] + +### Added + +- Update to [Wazuh v4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440) + ## [v4.3.1] ### Added @@ -13,6 +19,12 @@ All notable changes to this project will be documented in this file. - Update to [Wazuh v4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430) +## [v4.2.6] + +### Added + +- Update to [Wazuh v4.2.6](https://github.com/wazuh/wazuh/blob/v4.2.6/CHANGELOG.md#v426) + ## [v4.2.5] ### Added diff --git a/README.md b/README.md index 64f6910a..23c868d2 100644 --- a/README.md +++ b/README.md @@ -15,8 +15,10 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.4.0 | | | | v4.3.1 | | | | v4.3.0 | | | +| v4.2.6 | 7.10.2 | 1.13.2 | | v4.2.5 | 7.10.2 | 1.13.2 | | v4.2.4 | 7.10.2 | 1.13.2 | | v4.2.3 | 7.10.2 | 1.13.2 | diff --git a/VERSION b/VERSION index 22510756..50f0ba7f 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-ANSIBLE_VERSION="v4.3.1" -REVISION="40311" +WAZUH-ANSIBLE_VERSION="v4.4.0" +REVISION="40400" diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index fe9ab923..2769e498 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.3.1" + return "4.4.0" diff --git a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml new file mode 100644 index 00000000..dd856b90 --- /dev/null +++ b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml @@ -0,0 +1,36 @@ +--- + +######################################################## +# Helper variables +private_ip: '{{ ansible_default_ipv4.address }}' + +managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" +elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" +kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}" + +manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" +elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" +kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}" + +######################################################## +# Versions +elastic_stack_version: 7.10.2 +filebeat_version: 7.10.2 + +# Debian packages need the ${VERSION}-1 +wazuh_manager_version: 4.4.0-1 +wazuh_agent_version: 4.4.0-1 + +# Kibana role appends it automatically. +wazuh_version: 4.4.0 + +######################################################## +# General ELK stack variables + +# Xpack Security: autogenerate CA +generate_CA: true +filebeat_xpack_security: true +kibana_xpack_security: true +elasticsearch_xpack_security: true +elasticsearch_xpack_security_user: elastic +elasticsearch_xpack_security_password: elastic_pass diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py new file mode 100644 index 00000000..d70bd1ea --- /dev/null +++ b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py @@ -0,0 +1,64 @@ +import os +import pytest +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def get_wazuh_version(): + """This return the version of Wazuh.""" + return "4.4.0" + + +def test_wazuh_packages_are_installed(host): + """Test the main packages are installed.""" + manager = host.package("wazuh-manager") + assert manager.is_installed + assert manager.version.startswith(get_wazuh_version()) + + +def test_wazuh_services_are_running(host): + """Test the services are enabled and running. + + When assert commands are commented, this means that the service command has + a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 + """ + # This currently doesn't work with out current Docker base images + # manager = host.service("wazuh-manager") + # api = host.service("wazuh-api") + # assert manager.is_running + # assert api.is_running + output = host.check_output( + 'ps aux | grep ossec | tr -s " " | cut -d" " -f11' + ) + assert 'ossec-authd' in output + assert 'wazuh-modulesd' in output + assert 'wazuh-db' in output + assert 'ossec-execd' in output + assert 'ossec-monitord' in output + assert 'ossec-remoted' in output + assert 'ossec-logcollector' in output + assert 'ossec-analysisd' in output + assert 'ossec-syscheckd' in output + + +@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ + ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), + ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), + ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), + ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), +]) +def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): + """Test Wazuh related files exist and have proper owners and mode.""" + wazuh_file_host = host.file(wazuh_file) + assert wazuh_file_host.user == wazuh_owner + assert wazuh_file_host.group == wazuh_group + assert wazuh_file_host.mode == wazuh_mode + + +def test_filebeat_is_installed(host): + """Test the elasticsearch package is installed.""" + filebeat = host.package("filebeat") + assert filebeat.is_installed + assert filebeat.version.startswith('7.10.2') diff --git a/molecule/distributed-wazuh-elk/group_vars/all.yml b/molecule/distributed-wazuh-elk/group_vars/all.yml new file mode 100644 index 00000000..6fdbc224 --- /dev/null +++ b/molecule/distributed-wazuh-elk/group_vars/all.yml @@ -0,0 +1,23 @@ +--- + +######################################################## +# Helper variables +private_ip: '{{ ansible_default_ipv4.address }}' + +managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" +elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" + +manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" +elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" + +######################################################## +# Versions +elastic_stack_version: 7.10.2 +filebeat_version: 7.10.2 + +# Debian packages need the ${VERSION}-1 +wazuh_manager_version: 4.4.0-1 +wazuh_agent_version: 4.4.0-1 + +# Kibana role appends it automatically. +wazuh_version: 4.4.0 diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml new file mode 100644 index 00000000..36080bf0 --- /dev/null +++ b/molecule/distributed-wazuh-odfe/group_vars/all.yml @@ -0,0 +1,47 @@ +--- + +######################################################## +# Helper variables +private_ip: '{{ ansible_default_ipv4.address }}' + +managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" +elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" +kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}" + +manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" +elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" +kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}" + +######################################################## +# General ELK stack variables + +# OpenDistro +kibana_opendistro_security: true + +opendistro_kibana_user: kibanaserver +opendistro_security_user: elastic + +opendistro_kibana_password: changeme +opendistro_security_password: admin +opendistro_admin_password: changeme + +# All nodes are called by IP name +elasticsearch_node_name: '{{ ansible_hostname }}' +kibana_node_name: '{{ ansible_hostname }}' +filebeat_node_name: '{{ ansible_hostname }}' + +######################################################## +# Versions +# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/ + +elastic_stack_version: 7.10.2 +opendistro_version: 1.13.2 +filebeat_version: 7.10.2 +kibana_opendistro_version: 1.13.2-1 + +# Debian packages need the ${VERSION}-1 +wazuh_manager_version: 4.4.0-1 +wazuh_agent_version: 4.4.0-1 + +# Kibana role appends it automatically. +wazuh_version: 4.4.0 diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py new file mode 100644 index 00000000..d70bd1ea --- /dev/null +++ b/molecule/distributed-wazuh-odfe/tests/test_default.py @@ -0,0 +1,64 @@ +import os +import pytest +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def get_wazuh_version(): + """This return the version of Wazuh.""" + return "4.4.0" + + +def test_wazuh_packages_are_installed(host): + """Test the main packages are installed.""" + manager = host.package("wazuh-manager") + assert manager.is_installed + assert manager.version.startswith(get_wazuh_version()) + + +def test_wazuh_services_are_running(host): + """Test the services are enabled and running. + + When assert commands are commented, this means that the service command has + a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 + """ + # This currently doesn't work with out current Docker base images + # manager = host.service("wazuh-manager") + # api = host.service("wazuh-api") + # assert manager.is_running + # assert api.is_running + output = host.check_output( + 'ps aux | grep ossec | tr -s " " | cut -d" " -f11' + ) + assert 'ossec-authd' in output + assert 'wazuh-modulesd' in output + assert 'wazuh-db' in output + assert 'ossec-execd' in output + assert 'ossec-monitord' in output + assert 'ossec-remoted' in output + assert 'ossec-logcollector' in output + assert 'ossec-analysisd' in output + assert 'ossec-syscheckd' in output + + +@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ + ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), + ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), + ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), + ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), +]) +def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): + """Test Wazuh related files exist and have proper owners and mode.""" + wazuh_file_host = host.file(wazuh_file) + assert wazuh_file_host.user == wazuh_owner + assert wazuh_file_host.group == wazuh_group + assert wazuh_file_host.mode == wazuh_mode + + +def test_filebeat_is_installed(host): + """Test the elasticsearch package is installed.""" + filebeat = host.package("filebeat") + assert filebeat.is_installed + assert filebeat.version.startswith('7.10.2') diff --git a/molecule/distributed-wazuh/group_vars/all.yml b/molecule/distributed-wazuh/group_vars/all.yml index 8bac41a5..ffad38bb 100644 --- a/molecule/distributed-wazuh/group_vars/all.yml +++ b/molecule/distributed-wazuh/group_vars/all.yml @@ -30,10 +30,10 @@ indexer_node_name: '{{ ansible_facts.hostname }}' dashboard_node_name: '{{ ansible_facts.hostname }}' filebeat_node_name: '{{ ansible_facts.hostname }}' -indexer_version: 4.3.1 +indexer_version: 4.4.0 filebeat_version: 7.10.2 -wazuh_version: 4.3.1 +wazuh_version: 4.4.0 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.3.1-1 -wazuh_agent_version: 4.3.1-1 +wazuh_manager_version: 4.4.0-1 +wazuh_agent_version: 4.4.0-1 diff --git a/molecule/distributed-wazuh/tests/test_default.py b/molecule/distributed-wazuh/tests/test_default.py index 5685c926..d70bd1ea 100644 --- a/molecule/distributed-wazuh/tests/test_default.py +++ b/molecule/distributed-wazuh/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.3.1" + return "4.4.0" def test_wazuh_packages_are_installed(host): diff --git a/poetry.lock b/poetry.lock index 403a69df..b1b72e74 100644 --- a/poetry.lock +++ b/poetry.lock @@ -50,6 +50,7 @@ community = ["ansible (>=2.10)"] core = ["ansible-core (>=2.11.4)"] test = ["coverage (>=6.2,<6.3)", "tomli (>=1.2.3,<2.0.0)", "flaky (>=3.7.0)", "pytest (>=6.0.1)", "pytest-cov (>=2.10.1)", "pytest-xdist (>=2.1.0)", "psutil"] yamllint = ["yamllint (>=1.25.0)"] +typing-extensions = {version = "*", markers = "python_version < \"3.8\""} [[package]] name = "arrow" @@ -172,6 +173,19 @@ description = "Composable command line interface toolkit" category = "dev" optional = false python-versions = ">=3.6" +optional = false +python-versions = ">=3.5.0" + +[package.extras] +unicode_backport = ["unicodedata2"] + +[[package]] +name = "click-completion" +version = "0.5.2" +description = "Fish, Bash, Zsh and PowerShell completion for Click" +category = "dev" +optional = false +python-versions = "*" [package.dependencies] colorama = {version = "*", markers = "platform_system == \"Windows\""} @@ -221,8 +235,9 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [package.dependencies] binaryornot = ">=0.4.4" click = ">=7.0" -Jinja2 = ">=2.7,<4.0.0" +Jinja2 = "<3.0.0" jinja2-time = ">=0.2.0" +MarkupSafe = "<2.0.0" poyo = ">=0.5.0" python-slugify = ">=4.0.0" requests = ">=2.23.0" @@ -230,14 +245,14 @@ six = ">=1.10" [[package]] name = "cryptography" -version = "3.2.1" +version = "3.3.2" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false -python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*" +python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*" [package.dependencies] -cffi = ">=1.8,<1.11.3 || >1.11.3" +cffi = ">=1.12" six = ">=1.4.1" [package.extras] @@ -450,7 +465,7 @@ six = "*" [[package]] name = "paramiko" -version = "2.7.2" +version = "2.10.1" description = "SSH2 protocol library" category = "dev" optional = false @@ -460,6 +475,7 @@ python-versions = "*" bcrypt = ">=3.1.3" cryptography = ">=2.5" pynacl = ">=1.0.1" +six = "*" [package.extras] all = ["pyasn1 (>=0.1.7)", "pynacl (>=1.0.1)", "bcrypt (>=3.1.3)", "invoke (>=1.3)", "gssapi (>=1.4.1)", "pywin32 (>=2.1.8)"] @@ -475,6 +491,17 @@ category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" +[[package]] +name = "pexpect" +version = "4.8.0" +description = "Pexpect allows easy control of interactive console applications." +category = "dev" +optional = false +python-versions = "*" + +[package.dependencies] +ptyprocess = ">=0.5" + [[package]] name = "pluggy" version = "0.13.1" @@ -496,6 +523,16 @@ description = "A lightweight YAML Parser for Python. 🐓" category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" + +[[package]] +name = "ptyprocess" +version = "0.6.0" +description = "Run a subprocess in a pseudo terminal" +category = "dev" +optional = false +python-versions = "*" [[package]] name = "py" @@ -611,6 +648,24 @@ python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" [package.dependencies] six = ">=1.5" +[[package]] +name = "python-gilt" +version = "1.2.3" +description = "gilt - A GIT layering tool." +category = "dev" +optional = false +python-versions = ">=3.6" + +[package.dependencies] +click = "*" +colorama = "*" +fasteners = "*" +PyYAML = "*" +sh = "*" + +[package.extras] +test = ["black (==19.10b0)", "flake8", "hacking", "pep517", "pytest", "pytest-cov", "pytest-helpers-namespace", "pytest-mock", "twine"] + [[package]] name = "python-slugify" version = "4.0.1" @@ -752,6 +807,30 @@ category = "dev" optional = false python-versions = ">=3.6" +[[package]] +name = "sh" +version = "1.13.1" +description = "Python subprocess replacement" +category = "dev" +optional = false +python-versions = "*" + +[[package]] +name = "shellingham" +version = "1.3.2" +description = "Tool to Detect Surrounding Shell" +category = "dev" +optional = false +python-versions = "!=3.0,!=3.1,!=3.2,!=3.3,>=2.6" + +[[package]] +name = "tabulate" +version = "0.8.9" +description = "Pretty-print tabular data" +category = "dev" +optional = false +python-versions = "*" + [package.extras] doc = ["reno", "sphinx", "tornado (>=4.5)"] @@ -788,6 +867,17 @@ category = "dev" optional = false python-versions = ">=3.6" +[[package]] +name = "tree-format" +version = "0.1.2" +description = "" +category = "dev" +optional = false +python-versions = "*" + +[package.extras] +dev = ["pytest (>=2.7.1)", "testtools (>=1.8.0)"] + [[package]] name = "typing-extensions" version = "3.7.4.3" @@ -820,6 +910,14 @@ python-versions = ">=3.6" [package.dependencies] bracex = ">=2.1.1" +[[package]] +name = "wcwidth" +version = "0.2.5" +description = "Measures the displayed width of unicode strings in a terminal" +category = "dev" +optional = false +python-versions = "*" + [[package]] name = "websocket-client" version = "0.57.0" @@ -977,28 +1075,20 @@ cookiecutter = [ {file = "cookiecutter-1.7.3.tar.gz", hash = "sha256:6b9a4d72882e243be077a7397d0f1f76fe66cf3df91f3115dbb5330e214fa457"}, ] cryptography = [ - {file = "cryptography-3.2.1-cp27-cp27m-macosx_10_10_x86_64.whl", hash = "sha256:6dc59630ecce8c1f558277ceb212c751d6730bd12c80ea96b4ac65637c4f55e7"}, - {file = "cryptography-3.2.1-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:75e8e6684cf0034f6bf2a97095cb95f81537b12b36a8fedf06e73050bb171c2d"}, - {file = "cryptography-3.2.1-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:4e7268a0ca14536fecfdf2b00297d4e407da904718658c1ff1961c713f90fd33"}, - {file = "cryptography-3.2.1-cp27-cp27m-win32.whl", hash = "sha256:7117319b44ed1842c617d0a452383a5a052ec6aa726dfbaffa8b94c910444297"}, - {file = "cryptography-3.2.1-cp27-cp27m-win_amd64.whl", hash = "sha256:a733671100cd26d816eed39507e585c156e4498293a907029969234e5e634bc4"}, - {file = "cryptography-3.2.1-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:a75f306a16d9f9afebfbedc41c8c2351d8e61e818ba6b4c40815e2b5740bb6b8"}, - {file = "cryptography-3.2.1-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:5849d59358547bf789ee7e0d7a9036b2d29e9a4ddf1ce5e06bb45634f995c53e"}, - {file = "cryptography-3.2.1-cp35-abi3-macosx_10_10_x86_64.whl", hash = "sha256:bd717aa029217b8ef94a7d21632a3bb5a4e7218a4513d2521c2a2fd63011e98b"}, - {file = "cryptography-3.2.1-cp35-abi3-manylinux1_x86_64.whl", hash = "sha256:efe15aca4f64f3a7ea0c09c87826490e50ed166ce67368a68f315ea0807a20df"}, - {file = "cryptography-3.2.1-cp35-abi3-manylinux2010_x86_64.whl", hash = "sha256:32434673d8505b42c0de4de86da8c1620651abd24afe91ae0335597683ed1b77"}, - {file = "cryptography-3.2.1-cp35-abi3-manylinux2014_aarch64.whl", hash = "sha256:7b8d9d8d3a9bd240f453342981f765346c87ade811519f98664519696f8e6ab7"}, - {file = "cryptography-3.2.1-cp35-cp35m-win32.whl", hash = "sha256:d3545829ab42a66b84a9aaabf216a4dce7f16dbc76eb69be5c302ed6b8f4a29b"}, - {file = "cryptography-3.2.1-cp35-cp35m-win_amd64.whl", hash = "sha256:a4e27ed0b2504195f855b52052eadcc9795c59909c9d84314c5408687f933fc7"}, - {file = "cryptography-3.2.1-cp36-abi3-win32.whl", hash = "sha256:13b88a0bd044b4eae1ef40e265d006e34dbcde0c2f1e15eb9896501b2d8f6c6f"}, - {file = "cryptography-3.2.1-cp36-abi3-win_amd64.whl", hash = "sha256:07ca431b788249af92764e3be9a488aa1d39a0bc3be313d826bbec690417e538"}, - {file = "cryptography-3.2.1-cp36-cp36m-win32.whl", hash = "sha256:a035a10686532b0587d58a606004aa20ad895c60c4d029afa245802347fab57b"}, - {file = "cryptography-3.2.1-cp36-cp36m-win_amd64.whl", hash = "sha256:d26a2557d8f9122f9bf445fc7034242f4375bd4e95ecda007667540270965b13"}, - {file = "cryptography-3.2.1-cp37-cp37m-win32.whl", hash = "sha256:545a8550782dda68f8cdc75a6e3bf252017aa8f75f19f5a9ca940772fc0cb56e"}, - {file = "cryptography-3.2.1-cp37-cp37m-win_amd64.whl", hash = "sha256:55d0b896631412b6f0c7de56e12eb3e261ac347fbaa5d5e705291a9016e5f8cb"}, - {file = "cryptography-3.2.1-cp38-cp38-win32.whl", hash = "sha256:3cd75a683b15576cfc822c7c5742b3276e50b21a06672dc3a800a2d5da4ecd1b"}, - {file = "cryptography-3.2.1-cp38-cp38-win_amd64.whl", hash = "sha256:d25cecbac20713a7c3bc544372d42d8eafa89799f492a43b79e1dfd650484851"}, - {file = "cryptography-3.2.1.tar.gz", hash = "sha256:d3d5e10be0cf2a12214ddee45c6bd203dab435e3d83b4560c03066eda600bfe3"}, + {file = "cryptography-3.3.2-cp27-cp27m-macosx_10_10_x86_64.whl", hash = "sha256:541dd758ad49b45920dda3b5b48c968f8b2533d8981bcdb43002798d8f7a89ed"}, + {file = "cryptography-3.3.2-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:49570438e60f19243e7e0d504527dd5fe9b4b967b5a1ff21cc12b57602dd85d3"}, + {file = "cryptography-3.3.2-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:a9a4ac9648d39ce71c2f63fe7dc6db144b9fa567ddfc48b9fde1b54483d26042"}, + {file = "cryptography-3.3.2-cp27-cp27m-win32.whl", hash = "sha256:aa4969f24d536ae2268c902b2c3d62ab464b5a66bcb247630d208a79a8098e9b"}, + {file = "cryptography-3.3.2-cp27-cp27m-win_amd64.whl", hash = "sha256:1bd0ccb0a1ed775cd7e2144fe46df9dc03eefd722bbcf587b3e0616ea4a81eff"}, + {file = "cryptography-3.3.2-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:e18e6ab84dfb0ab997faf8cca25a86ff15dfea4027b986322026cc99e0a892da"}, + {file = "cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:c7390f9b2119b2b43160abb34f63277a638504ef8df99f11cb52c1fda66a2e6f"}, + {file = "cryptography-3.3.2-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:0d7b69674b738068fa6ffade5c962ecd14969690585aaca0a1b1fc9058938a72"}, + {file = "cryptography-3.3.2-cp36-abi3-manylinux1_x86_64.whl", hash = "sha256:922f9602d67c15ade470c11d616f2b2364950602e370c76f0c94c94ae672742e"}, + {file = "cryptography-3.3.2-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:a0f0b96c572fc9f25c3f4ddbf4688b9b38c69836713fb255f4a2715d93cbaf44"}, + {file = "cryptography-3.3.2-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:a777c096a49d80f9d2979695b835b0f9c9edab73b59e4ceb51f19724dda887ed"}, + {file = "cryptography-3.3.2-cp36-abi3-win32.whl", hash = "sha256:3c284fc1e504e88e51c428db9c9274f2da9f73fdf5d7e13a36b8ecb039af6e6c"}, + {file = "cryptography-3.3.2-cp36-abi3-win_amd64.whl", hash = "sha256:7951a966613c4211b6612b0352f5bf29989955ee592c4a885d8c7d0f830d0433"}, + {file = "cryptography-3.3.2.tar.gz", hash = "sha256:5a60d3780149e13b7a6ff7ad6526b38846354d11a15e21068e57073e29e19bed"}, ] dataclasses = [ {file = "dataclasses-0.7-py3-none-any.whl", hash = "sha256:3459118f7ede7c8bea0fe795bff7c6c2ce287d01dd226202f7c9ebc0610a7836"}, @@ -1128,8 +1218,8 @@ packaging = [ {file = "packaging-20.4.tar.gz", hash = "sha256:4357f74f47b9c12db93624a82154e9b120fa8293699949152b22065d556079f8"}, ] paramiko = [ - {file = "paramiko-2.7.2-py2.py3-none-any.whl", hash = "sha256:4f3e316fef2ac628b05097a637af35685183111d4bc1b5979bd397c2ab7b5898"}, - {file = "paramiko-2.7.2.tar.gz", hash = "sha256:7f36f4ba2c0d81d219f4595e35f70d56cc94f9ac40a6acdf51d6ca210ce65035"}, + {file = "paramiko-2.10.1-py2.py3-none-any.whl", hash = "sha256:f6cbd3e1204abfdbcd40b3ecbc9d32f04027cd3080fe666245e21e7540ccfc1b"}, + {file = "paramiko-2.10.1.tar.gz", hash = "sha256:443f4da23ec24e9a9c0ea54017829c282abdda1d57110bf229360775ccd27a31"}, ] pathspec = [ {file = "pathspec-0.8.0-py2.py3-none-any.whl", hash = "sha256:7d91249d21749788d07a2d0f94147accd8f845507400749ea19c1ec9054a12b0"}, @@ -1303,6 +1393,9 @@ subprocess-tee = [ tenacity = [ {file = "tenacity-8.0.1-py3-none-any.whl", hash = "sha256:f78f4ea81b0fabc06728c11dc2a8c01277bfc5181b321a4770471902e3eb844a"}, {file = "tenacity-8.0.1.tar.gz", hash = "sha256:43242a20e3e73291a28bcbcacfd6e000b02d3857a9a9fff56b297a27afdc932f"}, +tabulate = [ + {file = "tabulate-0.8.9-py3-none-any.whl", hash = "sha256:d7c013fe7abbc5e491394e10fa845f8f32fe54f8dc60c6622c6cf482d25d47e4"}, + {file = "tabulate-0.8.9.tar.gz", hash = "sha256:eb1d13f25760052e8931f2ef80aaf6045a6cceb47514db8beab24cded16f13a7"}, ] testinfra = [ {file = "testinfra-6.0.0-py3-none-any.whl", hash = "sha256:1a75b5025dbe82ffedec50afeaf9a7f96a8cd1e294f0d40de3a089a369ceae0e"}, diff --git a/pyproject.toml b/pyproject.toml index ed528552..9046d7ef 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "wazuh-ansible" -version = "4.3.1" +version = "4.4.0" description = "" authors = ["neonmei "] diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml new file mode 100644 index 00000000..9edcf5d4 --- /dev/null +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -0,0 +1,53 @@ +--- +kibana_node_name: node-1 + +elasticsearch_http_port: "9200" +elasticsearch_network_host: "127.0.0.1" +kibana_server_host: "0.0.0.0" +kibana_server_port: "5601" +kibana_conf_path: /etc/kibana +elastic_stack_version: 7.10.2 +wazuh_version: 4.4.0 +wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana + +elasticrepo: + apt: 'https://artifacts.elastic.co/packages/7.x/apt' + yum: 'https://artifacts.elastic.co/packages/7.x/yum' + gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' + key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4' + +# API credentials +wazuh_api_credentials: + - id: "default" + url: "https://localhost" + port: 55000 + username: "wazuh" + password: "wazuh" + +# Xpack Security +kibana_xpack_security: false +kibana_ssl_verification_mode: "full" + +elasticsearch_xpack_security_user: elastic +elasticsearch_xpack_security_password: elastic_pass + +node_certs_destination: /etc/kibana/certs + +# CA Generation +master_certs_path: "{{ playbook_dir }}/es_certs" +generate_CA: true +ca_cert_name: "" + +# Nodejs +nodejs: + repo_dict: + debian: "deb" + redhat: "rpm" + repo_url_ext: "nodesource.com/setup_10.x" + +# Build from sources +build_from_sources: false +wazuh_plugin_branch: 4.1-7.10 + +#Nodejs NODE_OPTIONS +node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536 diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml new file mode 100644 index 00000000..5b490844 --- /dev/null +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -0,0 +1,57 @@ + +--- + +- name: Update cache + apt: + update_cache: yes + +- name: Debian 9 (Stretch) + when: (ansible_facts['distribution'] == "Debian" and ansible_facts['distribution_major_version'] == "9") + block: + + - name: Install OpenDistro dependencies + apt: + name: [ + 'unzip', 'wget', 'curl', 'apt-transport-https', software-properties-common + ] + state: present + + - name: Add the repository key for Debian's Stretch Backports repository + ansible.builtin.apt_key: + keyserver: keyserver.ubuntu.com + id: 648ACFD622F3D138 + + - name: Add openjdk repository + apt_repository: + repo: "{{ package_repos.apt.openjdk.baseurl }}" + state: present + update_cache: yes + filename: 'wazuh-openjdk' + +- name: Install openjdk-11-jdk + apt: + name: openjdk-11-jdk + state: present + environment: + JAVA_HOME: /usr + +- name: Add Opendistro repository + block: + - name: Add apt repository signing key + apt_key: + url: "{{ package_repos.apt.opendistro.gpg }}" + state: present + + - name: Add Opendistro repository + apt_repository: + repo: "{{ package_repos.apt.opendistro.baseurl }}" + state: present + filename: 'wazuh-opendistro' + update_cache: yes + +- name: Install OpenDistro + apt: + name: opendistroforelasticsearch={{ opendistro_version }}-1 + state: present + register: install + tags: install \ No newline at end of file diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml new file mode 100644 index 00000000..ce5eb14b --- /dev/null +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -0,0 +1,60 @@ +--- + +# Kibana configuration +elasticsearch_http_port: 9200 +elastic_api_protocol: https +kibana_conf_path: /etc/kibana +kibana_node_name: node-1 +kibana_server_host: "0.0.0.0" +kibana_server_port: "5601" +kibana_server_name: "kibana" +kibana_max_payload_bytes: 1048576 +elastic_stack_version: 7.10.2 +wazuh_version: 4.4.0 +wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana + +# The OpenDistro package repository +kibana_opendistro_version: 1.13.2-1 # Version includes the - for RedHat family compatibility, replace with = for Debian hosts + +package_repos: + yum: + opendistro: + baseurl: 'https://packages.wazuh.com/4.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + apt: + opendistro: + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + +# API credentials +wazuh_api_credentials: + - id: "default" + url: "https://localhost" + port: 55000 + username: "wazuh" + password: "wazuh" + +# opendistro Security +kibana_opendistro_security: true +kibana_newsfeed_enabled: "false" +kibana_telemetry_optin: "false" +kibana_telemetry_enabled: "false" + +opendistro_admin_password: changeme +opendistro_kibana_user: kibanaserver +opendistro_kibana_password: changeme +local_certs_path: "{{ playbook_dir }}/opendistro/certificates" + +# Nodejs +nodejs: + repo_dict: + debian: "deb" + redhat: "rpm" + repo_url_ext: "nodesource.com/setup_10.x" + +# Build from sources +build_from_sources: false +wazuh_plugin_branch: 4.1-7.10 + +#Nodejs NODE_OPTIONS +node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536 diff --git a/roles/opendistro/opendistro-kibana/tasks/main.yml b/roles/opendistro/opendistro-kibana/tasks/main.yml new file mode 100755 index 00000000..acfd1f90 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/tasks/main.yml @@ -0,0 +1,124 @@ +--- + +- name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible + fail: + msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924" + when: + - build_from_sources + - ansible_distribution == "Debian" + - ansible_distribution_major_version == "10" + +- import_tasks: RedHat.yml + when: ansible_os_family == 'RedHat' + +- import_tasks: Debian.yml + when: ansible_os_family == 'Debian' + +- name: Remove Kibana configuration file + file: + # noqa 503 + path: "{{ kibana_conf_path }}/kibana.yml" + state: absent + tags: install + +- import_tasks: security_actions.yml + +- name: Copy Configuration File + blockinfile: + block: "{{ lookup('template', 'opendistro_kibana.yml.j2') }}" + dest: "{{ kibana_conf_path }}/kibana.yml" + create: true + group: kibana + owner: kibana + mode: 0640 + marker: "## {mark} Kibana general settings ##" + notify: restart kibana + tags: + - install + - configure + +- name: Ensuring Kibana directory owner + file: + # noqa 208 + path: "/usr/share/kibana" + state: directory + owner: kibana + group: kibana + recurse: yes + +- name: Build and Install Wazuh Kibana Plugin from sources + import_tasks: build_wazuh_plugin.yml + when: + - build_from_sources is defined + - build_from_sources + +- name: Install Wazuh Plugin (can take a while) + shell: >- + NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install + {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}-1.zip + args: + executable: /bin/bash + creates: /usr/share/kibana/plugins/wazuh/package.json + chdir: /usr/share/kibana + become: yes + become_user: kibana + notify: restart kibana + tags: + - install + - skip_ansible_lint + when: + - not build_from_sources + +- name: Kibana optimization (can take a while) + shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli/cli.js --optimize -c {{ kibana_conf_path }}/kibana.yml + args: + executable: /bin/bash + become: yes + become_user: kibana + changed_when: false + tags: + - skip_ansible_lint + +- name: Wait for Elasticsearch port + wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} + +- name: Select correct API protocol + set_fact: + elastic_api_protocol: "{% if kibana_opendistro_security is defined and kibana_opendistro_security %}https{% else %}http{% endif %}" + +- name: Attempting to delete legacy Wazuh index if exists + uri: + url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh" + method: DELETE + user: "admin" + password: "{{ opendistro_admin_password }}" + validate_certs: no + status_code: 200, 404 + +- name: Create wazuh plugin config directory + file: + path: /usr/share/kibana/data/wazuh/config/ + state: directory + recurse: yes + owner: kibana + group: kibana + mode: 0751 + changed_when: False + +- name: Configure Wazuh Kibana Plugin + template: + src: wazuh.yml.j2 + dest: /usr/share/kibana/data/wazuh/config/wazuh.yml + owner: kibana + group: kibana + mode: 0751 + changed_when: False + +- name: Ensure Kibana started and enabled + service: + name: kibana + enabled: true + state: started + +- import_tasks: RMRedHat.yml + when: ansible_os_family == 'RedHat' diff --git a/roles/opendistro/opendistro-kibana/tasks/security_actions.yml b/roles/opendistro/opendistro-kibana/tasks/security_actions.yml new file mode 100644 index 00000000..ee21f1c1 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/tasks/security_actions.yml @@ -0,0 +1,13 @@ +- block: + + - name: Copy the certificates from local to the Kibana instance + copy: + src: "{{ local_certs_path }}/certs/{{ item }}" + dest: /usr/share/kibana + mode: 0644 + with_items: + - "root-ca.pem" + - "{{ kibana_node_name }}_http.key" + - "{{ kibana_node_name }}_http.pem" + tags: + - security diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 241e5026..1ec450a2 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: 4.3 +wazuh_template_branch: 4.4 filebeat_node_name: node-1 diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml new file mode 100644 index 00000000..6c048fbf --- /dev/null +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -0,0 +1,36 @@ +--- +filebeat_version: 7.10.2 + +wazuh_template_branch: v4.4.0 + +filebeat_create_config: true + +filebeat_node_name: node-1 + +filebeat_output_elasticsearch_hosts: + - "localhost:9200" + +filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat +filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz +filebeat_module_package_path: /tmp/ +filebeat_module_destination: /usr/share/filebeat/module +filebeat_module_folder: /usr/share/filebeat/module/wazuh + +# Xpack Security +filebeat_xpack_security: false + +elasticsearch_xpack_security_user: elastic +elasticsearch_xpack_security_password: elastic_pass + +node_certs_destination: /etc/filebeat/certs + +# CA Generation +master_certs_path: "{{ playbook_dir }}/es_certs" +generate_CA: true +ca_cert_name: "" + +elasticrepo: + apt: 'https://artifacts.elastic.co/packages/7.x/apt' + yum: 'https://artifacts.elastic.co/packages/7.x/yum' + gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' + key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4' diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 283339e7..efd6f66a 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,6 +1,5 @@ --- - -wazuh_agent_version: 4.3.1-1 +wazuh_agent_version: 4.4.0-1 # Custom packages installation @@ -12,7 +11,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.3.1" + branch: "v4.4.0" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -54,8 +53,9 @@ wazuh_winagent_config: # Adding quotes to auth_path_x86 since win_shell outputs error otherwise auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True - md5: 337ab33c31e3bc1d688cd903be3691fc -wazuh_winagent_package_name: wazuh-agent-4.3.1-1.msi + md5: 8ffa75d13280f1aa6ffca54f4273df4d +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.4.0-1.msi +wazuh_winagent_package_name: wazuh-agent-4.4.0-1.msi wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 292bc887..52a8b7ec 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,6 +1,5 @@ --- - -wazuh_manager_version: 4.3.1-1 +wazuh_manager_version: 4.4.0-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -13,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.3.1" + branch: "v4.4.0" user_language: "en" user_no_stop: "y" user_install_type: "server" diff --git a/roles/wazuh/vars/repo.yml b/roles/wazuh/vars/repo.yml index 392fd391..c88ad60c 100644 --- a/roles/wazuh/vars/repo.yml +++ b/roles/wazuh/vars/repo.yml @@ -3,9 +3,9 @@ wazuh_repo: yum: 'https://packages.wazuh.com/4.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' -wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.3.1-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.4.0-1.msi -certs_gen_tool_version: 4.3 +certs_gen_tool_version: 4.4 # Url of certificates generator tool certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" \ No newline at end of file diff --git a/roles/wazuh/vars/repo_dev.yml b/roles/wazuh/vars/repo_dev.yml index a83a1303..00ff1f35 100644 --- a/roles/wazuh/vars/repo_dev.yml +++ b/roles/wazuh/vars/repo_dev.yml @@ -3,9 +3,9 @@ wazuh_repo: yum: 'https://packages-dev.wazuh.com/pre-release/yum/' gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' -wazuh_winagent_config_url: https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-4.3.1-1.msi +wazuh_winagent_config_url: https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-4.4.0-1.msi -certs_gen_tool_version: 4.3 +certs_gen_tool_version: 4.4 # Url of certificates generator tool certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" \ No newline at end of file diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index cdac138e..2a1892a3 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -8,12 +8,12 @@ dashboard_node_name: node-1 dashboard_server_host: "0.0.0.0" dashboard_server_port: "443" dashboard_server_name: "dashboard" -wazuh_version: 4.3.1 +wazuh_version: 4.4.0 indexer_cluster_nodes: - 127.0.0.1 # The Wazuh dashboard package repository -dashboard_version: "4.3.1" +dashboard_version: "4.4.0" # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-dashboard/vars/debian.yml b/roles/wazuh/wazuh-dashboard/vars/debian.yml index 09306ac5..3f3c142a 100644 --- a/roles/wazuh/wazuh-dashboard/vars/debian.yml +++ b/roles/wazuh/wazuh-dashboard/vars/debian.yml @@ -1,3 +1,3 @@ --- -dashboard_version: 4.3.1 \ No newline at end of file +dashboard_version: 4.4.0 \ No newline at end of file diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index 2f38f199..fe3e2973 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -1,6 +1,6 @@ --- # Cluster Settings -indexer_version: 4.3.1 +indexer_version: 4.4.0 single_node: false indexer_node_name: node-1