From f591e37104b4f0f980dc670259fddfa74d643a0d Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 30 Nov 2023 05:58:24 -0300 Subject: [PATCH 01/14] bump revision number --- CHANGELOG.md | 6 ++++++ README.md | 1 + VERSION | 4 ++-- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++-- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- roles/wazuh/check-packages/defaults/main.yml | 2 +- roles/wazuh/wazuh-dashboard/defaults/main.yml | 4 ++-- roles/wazuh/wazuh-dashboard/vars/debian.yml | 2 +- roles/wazuh/wazuh-indexer/defaults/main.yml | 2 +- 10 files changed, 19 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ca31eab2..ac2f0c10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.7.2] + +### Added + +- Update to [Wazuh v4.7.2](https://github.com/wazuh/wazuh/blob/v4.7.2/CHANGELOG.md#v472) + ## [v4.7.1] ### Added diff --git a/README.md b/README.md index 1742161a..4ac19bcd 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.7.2 | | | | v4.7.1 | | | | v4.7.0 | | | | v4.6.0 | | | diff --git a/VERSION b/VERSION index 91a967af..f7c490f3 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-ANSIBLE_VERSION="v4.7.1" -REVISION="40706" +WAZUH-ANSIBLE_VERSION="v4.7.2" +REVISION="40710" diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 3b4da325..79d0ff57 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.7.1 +wazuh_template_branch: v4.7.2 filebeat_node_name: node-1 diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 3e2fb01a..da90982b 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.7.1 +wazuh_agent_version: 4.7.2 # Custom packages installation @@ -11,7 +11,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.7.1" + branch: "v4.7.2" user_language: "y" user_no_stop: "y" user_install_type: "agent" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 72bb3989..310520ca 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.7.1 +wazuh_manager_version: 4.7.2 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.7.1" + branch: "v4.7.2" user_language: "en" user_no_stop: "y" user_install_type: "server" diff --git a/roles/wazuh/check-packages/defaults/main.yml b/roles/wazuh/check-packages/defaults/main.yml index d32a289e..b7019f72 100644 --- a/roles/wazuh/check-packages/defaults/main.yml +++ b/roles/wazuh/check-packages/defaults/main.yml @@ -1,2 +1,2 @@ --- -wazuh_version: 4.7.1 +wazuh_version: 4.7.2 diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index be6c0dd3..33c158b8 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -8,12 +8,12 @@ dashboard_node_name: node-1 dashboard_server_host: "0.0.0.0" dashboard_server_port: "443" dashboard_server_name: "dashboard" -wazuh_version: 4.7.1 +wazuh_version: 4.7.2 indexer_cluster_nodes: - 127.0.0.1 # The Wazuh dashboard package repository -dashboard_version: "4.7.1" +dashboard_version: "4.7.2" # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-dashboard/vars/debian.yml b/roles/wazuh/wazuh-dashboard/vars/debian.yml index 898cc251..a49cfc96 100644 --- a/roles/wazuh/wazuh-dashboard/vars/debian.yml +++ b/roles/wazuh/wazuh-dashboard/vars/debian.yml @@ -1,2 +1,2 @@ --- -dashboard_version: 4.7.1 +dashboard_version: 4.7.2 diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index c035776e..6a0201e0 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -1,6 +1,6 @@ --- # Cluster Settings -indexer_version: 4.7.1 +indexer_version: 4.7.2 single_node: false indexer_node_name: node-1 From 6d027e895c8cb404afd9f4888ce541be74ed4653 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 30 Nov 2023 06:07:31 -0300 Subject: [PATCH 02/14] bump revision number --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index f7c490f3..32b80e59 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4.7.2" -REVISION="40710" +REVISION="40708" From c7ccfa361ab3bb0f117968010ac5a6fa3ebae2b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 7 Dec 2023 13:26:38 -0300 Subject: [PATCH 03/14] Endif added --- .../templates/var-ossec-etc-ossec-agent.conf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 index 1ae07862..a042a71e 100644 --- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 +++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 @@ -116,11 +116,13 @@ {{ wazuh_dir }}/etc/shared/rootkit_trojans.txt {% endif %} yes + {% endif %} {% if ansible_os_family == "Windows" %} ./shared/win_applications_rcl.txt ./shared/win_malware_rcl.txt {% endif %} + {% endif %} From 58c2734362777cce7bd23b31a2af3470b3840292 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 7 Dec 2023 18:32:43 +0100 Subject: [PATCH 04/14] Removed endif tag --- .../templates/var-ossec-etc-ossec-agent.conf.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 index a042a71e..b1a28249 100644 --- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 +++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 @@ -275,7 +275,6 @@ {% endfor %} {% endif %} {% endif %} - {% endif %} {% if wazuh_agent_config.syscheck.win_directories is defined and ansible_os_family == "Windows" %} From 1fea1df3013620651400757ba8f0cf2d803380ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 7 Dec 2023 15:24:08 -0300 Subject: [PATCH 05/14] Bump 4.7.1 RC2 revision --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 91a967af..5f9d1c33 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4.7.1" -REVISION="40706" +REVISION="40707" From cffba0df19fb2bfc396ad41cb08b00cdb0dc1e07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 15 Dec 2023 16:38:58 +0100 Subject: [PATCH 06/14] Changed configuration to new VD and indexer --- .../ansible-filebeat-oss/defaults/main.yml | 2 +- .../ansible-wazuh-manager/defaults/main.yml | 80 ++++--------------- .../var-ossec-etc-ossec-server.conf.j2 | 55 ++++++------- 3 files changed, 42 insertions(+), 95 deletions(-) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index ab43f383..2fb39ab6 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -6,7 +6,7 @@ wazuh_template_branch: v4.8.0 filebeat_node_name: node-1 filebeat_output_indexer_hosts: - - "localhost:9200" + - "localhost" filebeat_module_package_name: wazuh-filebeat-0.3.tar.gz filebeat_module_package_path: /tmp/ diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 43c3958d..7ffcd970 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -144,69 +144,23 @@ wazuh_manager_sca: time: '' ## Vulnerability Detector -wazuh_manager_vulnerability_detector: - enabled: 'no' - interval: '5m' - min_full_scan_interval: '6h' - run_on_start: 'yes' - providers: - - enabled: 'no' - os: - - 'trusty' - - 'xenial' - - 'bionic' - - 'focal' - - 'jammy' - update_interval: '1h' - name: '"canonical"' - - enabled: 'no' - os: - - 'buster' - - 'bullseye' - - 'bookworm' - update_interval: '1h' - name: '"debian"' - - enabled: 'no' - os: - - '5' - - '6' - - '7' - - '8' - - '9' - update_interval: '1h' - name: '"redhat"' - - enabled: 'no' - os: - - '8' - - '9' - update_interval: '1h' - name: '"almalinux"' - - enabled: 'no' - os: - - 'amazon-linux' - - 'amazon-linux-2' - - 'amazon-linux-2023' - update_interval: '1h' - name: '"alas"' - - enabled: 'no' - os: - - '11-server' - - '11-desktop' - - '12-server' - - '12-desktop' - - '15-server' - - '15-desktop' - update_interval: '1h' - name: '"suse"' - - enabled: 'no' - update_interval: '1h' - name: '"arch"' - - enabled: 'no' - update_interval: '1h' - name: '"msu"' - - enabled: 'no' - update_interval: '1h' - name: '"nvd"' +filebeat_node_name: node-1 +filebeat_output_indexer_hosts: + - "localhost" +filebeat_output_indexer_port: 9200 +indexer_security_user: admin +indexer_security_password: changeme +filebeat_ssl_dir: /etc/pki/filebeat + +wazuh_manager_vulnerability_detection: + enabled: 'yes' + indexer_status: 'yes' + feed_update_interval: '60m' + +wazuh_manager_indexer: + enabled: 'yes' + hosts: + - "{{ filebeat_output_indexer_hosts }}" ## Syscheck wazuh_manager_syscheck: diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 index c83dd4fd..d951c80f 100644 --- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 +++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 @@ -258,37 +258,30 @@ {% endif %} - - {% if wazuh_manager_config.vulnerability_detector.enabled is defined %} - {{ wazuh_manager_config.vulnerability_detector.enabled }} - {% endif %} - {% if wazuh_manager_config.vulnerability_detector.interval is defined %} - {{ wazuh_manager_config.vulnerability_detector.interval }} - {% endif %} - {% if wazuh_manager_config.vulnerability_detector.min_full_scan_interval is defined %} - {{ wazuh_manager_config.vulnerability_detector.min_full_scan_interval }} - {% endif %} - {% if wazuh_manager_config.vulnerability_detector.run_on_start is defined %} - {{ wazuh_manager_config.vulnerability_detector.run_on_start }} - {% endif %} - {% if wazuh_manager_config.vulnerability_detector.providers is defined %} - {% for provider_ in wazuh_manager_config.vulnerability_detector.providers %} - - {% if provider_.enabled is defined %} - {{ provider_.enabled }} - {% endif %} - {% if provider_.os is defined %} - {% for os_ in provider_.os %} - {{ os_ }} - {% endfor %} - {% endif %} - {% if provider_.update_interval is defined %} - {{ provider_.update_interval }} - {% endif %} - - {% endfor %} - {% endif %} - + + {{ wazuh_manager_config.vulnerability_detection.enabled }} + {{ wazuh_manager_config.vulnerability_detection.indexer_status }} + {{ wazuh_manager_config.vulnerability_detection.feed_update_interval }} + + + + {{ wazuh_manager_config.wazuh_manager_indexer.enabled }} + + {% for item in wazuh_manager_indexer.hosts %} + https://{{ item }}:{{filebeat_output_indexer_port}} + {% endfor %} + + + {{ indexer_security_user }} + "{{ indexer_security_password }}" + + + {{ filebeat_ssl_dir }}/root-ca.pem + + {{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem + {{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem + + From 008abe956863bf4af16c76a84b05bdb18af5df82 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Fri, 15 Dec 2023 13:42:37 -0300 Subject: [PATCH 07/14] Bump 4.7.1 to RC3 revision --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 5f9d1c33..efe28cd2 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4.7.1" -REVISION="40707" +REVISION="40709" From 56d627aacfba6b8230b3d3d489d02bc3feae90ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 18 Dec 2023 11:28:00 +0100 Subject: [PATCH 08/14] Indexer and VD must coincide in config --- .../templates/var-ossec-etc-ossec-server.conf.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 index d951c80f..42283cf1 100644 --- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 +++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 @@ -259,13 +259,13 @@ - {{ wazuh_manager_config.vulnerability_detection.enabled }} + {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.wazuh_manager_indexer.enabled == 'yes' %}yes{% else %}no{% endif %} {{ wazuh_manager_config.vulnerability_detection.indexer_status }} {{ wazuh_manager_config.vulnerability_detection.feed_update_interval }} - {{ wazuh_manager_config.wazuh_manager_indexer.enabled }} + {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.wazuh_manager_indexer.enabled == 'yes' %}yes{% else %}no{% endif %} {% for item in wazuh_manager_indexer.hosts %} https://{{ item }}:{{filebeat_output_indexer_port}} From 29b78076e5a4ce75785975bf7033c0bf1496ce9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 18 Dec 2023 12:47:20 +0100 Subject: [PATCH 09/14] Modify indexer variables --- .../templates/var-ossec-etc-ossec-server.conf.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 index 42283cf1..cef65c8d 100644 --- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 +++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 @@ -259,21 +259,21 @@ - {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.wazuh_manager_indexer.enabled == 'yes' %}yes{% else %}no{% endif %} + {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %} {{ wazuh_manager_config.vulnerability_detection.indexer_status }} {{ wazuh_manager_config.vulnerability_detection.feed_update_interval }} - {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.wazuh_manager_indexer.enabled == 'yes' %}yes{% else %}no{% endif %} + {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %} - {% for item in wazuh_manager_indexer.hosts %} + {% for item in wazuh_manager_config.indexer.hosts %} https://{{ item }}:{{filebeat_output_indexer_port}} {% endfor %} {{ indexer_security_user }} - "{{ indexer_security_password }}" + {{ indexer_security_password }} {{ filebeat_ssl_dir }}/root-ca.pem From 57c70de47f08b9ec249926cd7227d4997ac5ea5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 18 Dec 2023 14:55:13 +0100 Subject: [PATCH 10/14] Added spaces between variable --- .../templates/var-ossec-etc-ossec-server.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 index cef65c8d..77305ee6 100644 --- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 +++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 @@ -268,7 +268,7 @@ {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %} {% for item in wazuh_manager_config.indexer.hosts %} - https://{{ item }}:{{filebeat_output_indexer_port}} + https://{{ item }}:{{ filebeat_output_indexer_port }} {% endfor %} From b47c14033325e780288912e39823fbe61c45aa35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 18 Dec 2023 15:20:09 +0100 Subject: [PATCH 11/14] Updated Filebeat module version to 0.4 --- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index ab43f383..3b39063a 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -8,7 +8,7 @@ filebeat_node_name: node-1 filebeat_output_indexer_hosts: - "localhost:9200" -filebeat_module_package_name: wazuh-filebeat-0.3.tar.gz +filebeat_module_package_name: wazuh-filebeat-0.4.tar.gz filebeat_module_package_path: /tmp/ filebeat_module_destination: /usr/share/filebeat/module filebeat_module_folder: /usr/share/filebeat/module/wazuh From 4193cb0850a9365db5c72ee13a6f5363314af1aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 18 Dec 2023 18:28:09 +0100 Subject: [PATCH 12/14] Changed names in the default configuration --- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 7ffcd970..517fc455 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -402,7 +402,8 @@ wazuh_manager_config_defaults: osquery: '{{ wazuh_manager_osquery }}' syscollector: '{{ wazuh_manager_syscollector }}' sca: '{{ wazuh_manager_sca }}' - vulnerability_detector: '{{ wazuh_manager_vulnerability_detector }}' + vulnerability_detection: '{{ wazuh_manager_vulnerability_detection }}' + indexer: '{{ wazuh_manager_indexer }}' log_level: '{{ wazuh_manager_log_level }}' email_level: '{{ wazuh_manager_email_level }}' localfiles: '{{ wazuh_manager_localfiles }}' From bac757cb69aefe1efd4f3896e7cb2dc77365cd88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 18 Dec 2023 19:07:07 +0100 Subject: [PATCH 13/14] Fixed Filebeat node list --- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 517fc455..1e650233 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -159,8 +159,7 @@ wazuh_manager_vulnerability_detection: wazuh_manager_indexer: enabled: 'yes' - hosts: - - "{{ filebeat_output_indexer_hosts }}" + hosts: "{{ filebeat_output_indexer_hosts }}" ## Syscheck wazuh_manager_syscheck: From f08c8930de6b34f6ebdbe9be02ebb769e4188d7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 19 Dec 2023 15:00:35 +0100 Subject: [PATCH 14/14] Fixed manager template in VD config --- .../templates/var-ossec-etc-ossec-server.conf.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 index 77305ee6..d14a7bf6 100644 --- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 +++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 @@ -259,13 +259,13 @@ - {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %} + {{ wazuh_manager_config.vulnerability_detection.enabled }} {{ wazuh_manager_config.vulnerability_detection.indexer_status }} {{ wazuh_manager_config.vulnerability_detection.feed_update_interval }} - {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' and wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %} + {% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' or wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %} {% for item in wazuh_manager_config.indexer.hosts %} https://{{ item }}:{{ filebeat_output_indexer_port }}