From 96390a2d465976ea7679f30512fd51d83f01d814 Mon Sep 17 00:00:00 2001
From: manuasir <manu.asi2@gmail.com>
Date: Wed, 19 Dec 2018 10:22:40 +0100
Subject: [PATCH 001/714] Installing apt packages concurrently, related #109

---
 .../ansible-elasticsearch/tasks/Debian.yml    |  8 +++----
 .../ansible-kibana/tasks/Debian.yml           |  8 +++----
 .../ansible-logstash/tasks/Debian.yml         |  8 +++----
 roles/wazuh/ansible-filebeat/tasks/Debian.yml |  9 ++++----
 .../ansible-wazuh-agent/tasks/Debian.yml      | 22 ++++++++-----------
 .../ansible-wazuh-manager/tasks/Debian.yml    |  8 +++----
 6 files changed, 25 insertions(+), 38 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index ae4e717f..2cfcc77b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -1,12 +1,10 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: "{{ item }}"
+    pkg:
+      - apt-transport-https
+      - ca-certificates
     state: present
-    cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
 
 - when: elasticsearch_install_java
   block:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 9cb809d2..733b222c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -1,12 +1,10 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: "{{ item }}"
+    pkg:
+        - apt-transport-https
+        - ca-certificates
     state: present
-    cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 628fd8e4..9d0cd4b5 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -1,12 +1,10 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: "{{ item }}"
+    pkg:
+      - apt-transport-https
+      - ca-certificates
     state: present
-    cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
 
 - when: logstash_install_java
   block:
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 45494c26..32fab13e 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -1,12 +1,11 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: "{{ item }}"
+    pkg:
+        - apt-transport-https
+        - ca-certificates
     state: present
-    cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
+
 
 - name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index d8affe84..b11b846a 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,12 +1,10 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: "{{ item }}"
+    pkg:
+        - apt-transport-https
+        - ca-certificates
     state: present
-    cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
 
 - name: Debian/Ubuntu | Installing repository key
   apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
@@ -49,15 +47,13 @@
 
 - name: Debian/Ubuntu | Install OpenScap
   apt:
-    name: "{{ item }}"
     state: present
-    cache_valid_time: 3600
-  when: wazuh_agent_config.openscap.disable == 'no'
-  with_items:
-    - libopenscap8
-    - xsltproc
-  tags:
-    - init
+    when: wazuh_agent_config.openscap.disable == 'no'
+    pkg:
+        - libopenscap8
+        - xsltproc
+    tags:
+        - init
 
 - name: Debian/Ubuntu | Get OpenScap installed version
   shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index f2885345..9905b238 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,12 +1,10 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: "{{ item }}"
+    pkg:
+        - apt-transport-https
+        - ca-certificates
     state: present
-    cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH

From b5dd470c2c2caeff2e794d37bc6af57906761488 Mon Sep 17 00:00:00 2001
From: cadoming <root@ansible>
Date: Thu, 27 Dec 2018 10:49:34 +0000
Subject: [PATCH 002/714] custom name for single agent registration

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 2d17fb16..8cd5eaea 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -45,6 +45,7 @@
     - name: Linux | Register agent (via authd)
       shell: >
         /var/ossec/bin/agent-auth
+        -A {{ agent_name }}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
         {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
@@ -55,6 +56,8 @@
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %}-a{% endif %}
       register: agent_auth_output
+      vars:
+        agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
       when:
         - check_keys.stat.exists == false or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
@@ -87,7 +90,7 @@
         url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/"
         validate_certs: no
         method: POST
-        body: {"name":"{{ inventory_hostname }}"}
+        body: {"name":"{{ agent_name }}"}
         body_format: json
         status_code: 200
         headers:
@@ -96,6 +99,8 @@
         password: "{{ api_pass }}"
       register: newagent_api
       changed_when: newagent_api.json.error == 0
+      vars:
+        agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"      
       when:
         - check_keys.stat.exists == false or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none

From e94a0cf4733d2ed8a1bf663b53e68a60d94577d3 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 27 Dec 2018 12:52:27 +0100
Subject: [PATCH 003/714] change installation directory (#116)

---
 .../ansible-wazuh-agent/defaults/main.yml     |  5 +++-
 .../ansible-wazuh-agent/tasks/Windows.yml     | 25 ++++++++++++-------
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 56580b75..0b9aa567 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -19,7 +19,10 @@ wazuh_notify_time: '10'
 wazuh_time_reconnect: '60'
 wazuh_crypto_method: 'aes'
 wazuh_winagent_config:
-  install_dir: 'C:\wazuh-agent\'
+  install_dir: 'C:\Program Files\ossec-agent\'
+  install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
+  auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
+  auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   version: '3.7.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 914ef78b..913f2453 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -1,8 +1,15 @@
 ---
+- name: Windows | Check if Program Files (x86) exists
+  win_stat: 
+    path: C:\Program Files (x86)
+  register: check_path
+
 - name: Windows | Get current installed version
-  win_shell: "{{ wazuh_winagent_config.install_dir }}ossec-agent.exe -h"
+  win_shell: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
+  {{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe -h"
   args:
-    removes: "{{ wazuh_winagent_config.install_dir }}ossec-agent.exe"
+    removes: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
+    {{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe"
   register: agent_version
   failed_when: False
   changed_when: False
@@ -34,12 +41,11 @@
 - name: Windows | Install Wazuh agent
   win_package:
     path: C:\wazuh-agent-installer.msi
-    arguments: APPLICATIONFOLDER={{ wazuh_winagent_config.install_dir }}
   when:
     - correct_version is not defined
 
 - name: Windows | Check if client.keys exists
-  win_stat: path="{{ wazuh_winagent_config.install_dir }}client.keys"
+  win_stat: path="{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}client.keys"
   register: check_windows_key
   notify: restart wazuh-agent windows
   tags:
@@ -52,12 +58,13 @@
 
 - name: Windows | Register agent
   win_shell: >
-    {{ wazuh_winagent_config.install_dir }}agent-auth.exe
+    {% if check_path.stat.exists == true %}{{ wazuh_winagent_config.auth_path_x86 }}{% else %}
+    {{ wazuh_winagent_config.auth_path }}{% endif %}
     -m {{ wazuh_managers.0.address }}
     -p {{ wazuh_agent_authd.port }}
-    {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
+    {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
   args:
-    chdir: "{{ wazuh_winagent_config.install_dir }}"
+    chdir: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}"
   register: agent_auth_output
   notify: restart wazuh-agent windows
   when:
@@ -70,7 +77,7 @@
 - name: Windows | Installing agent configuration (ossec.conf)
   win_template:
     src: var-ossec-etc-ossec-agent.conf.j2
-    dest: "{{ wazuh_winagent_config.install_dir }}ossec.conf"
+    dest: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}ossec.conf"
   notify: restart wazuh-agent windows
   tags:
     - config
@@ -78,7 +85,7 @@
 - name: Windows | Installing local_internal_options.conf
   win_template:
     src: var-ossec-etc-local-internal-options.conf.j2
-    dest: "{{ wazuh_winagent_config.install_dir }}local_internal_options.conf"
+    dest: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}local_internal_options.conf"
   notify: restart wazuh-agent windows
   tags:
     - config

From 204ad3c6ff318f48acdeb2e1c4df9de697459aee Mon Sep 17 00:00:00 2001
From: Paul Calabro <paulcalabro@users.noreply.github.com>
Date: Thu, 27 Dec 2018 04:57:24 -0700
Subject: [PATCH 004/714] Fixed a couple linting issues with yamllint and
 ansible-review (#111)

- yamllint: "truthy value should be true or false"
   (Docs: https://github.com/adrienverge/yamllint/blob/master/yamllint/rules/truthy.py)
- ansible-review: "WARN: Best practice "Use YAML format for tasks and handlers rather than key=value" not met:"
  (Docs: https://github.com/willthames/ansible-review/blob/2aacd7462f6a8a96165d9218122171b74de54b13/lib/ansiblereview/tasks.py)
---
 .../ansible-wazuh-manager/handlers/main.yml      | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
index 924ee738..70f7b506 100644
--- a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
@@ -1,13 +1,15 @@
 ---
 - name: rebuild cdb_lists
-  shell: /var/ossec/bin/ossec-makelists
+  command: /var/ossec/bin/ossec-makelists
 
 - name: restart wazuh-manager
-  service: name=wazuh-manager
-           state=restarted
-           enabled=yes
+  service:
+    name: wazuh-manager
+    state: restarted
+    enabled: true
 
 - name: restart wazuh-api
-  service: name=wazuh-api
-           state=restarted
-           enabled=yes
+  service:
+    name: wazuh-api
+    state: restarted
+    enabled: true

From 0c987edd41a766002437748988bc6b9f41a91242 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 27 Dec 2018 13:29:19 +0100
Subject: [PATCH 005/714] Update CHANGELOG.md

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 15b0ec7c..a86e6152 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.7.x]
+
+### Changed 
+
+- Changed Windows installation directory ([#116](https://github.com/wazuh/wazuh-ansible/pull/116))
+
 ## [v3.7.2]
 
 ### Changed

From f99083fb50b783ae94f106aea3006d794d6e1315 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 27 Dec 2018 13:30:20 +0100
Subject: [PATCH 006/714] Bump version 3713

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 2de65983..a51bbeb1 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3712"
+REVISION="3713"

From e4c17ba7899726e02fafb9ec953a27a1a9658e67 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 27 Dec 2018 13:34:05 +0100
Subject: [PATCH 007/714] Update CHANGELOG.md

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a86e6152..04a30e8d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ All notable changes to this project will be documented in this file.
 
 - Changed Windows installation directory ([#116](https://github.com/wazuh/wazuh-ansible/pull/116))
 
+### Fixed
+
+- Fixed a couple linting issues with yamllint and ansible-review ([#111](https://github.com/wazuh/wazuh-ansible/pull/111))
+
 ## [v3.7.2]
 
 ### Changed

From cc74b7fafea9713c05b7e2764fc999b340deccf3 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 27 Dec 2018 13:35:00 +0100
Subject: [PATCH 008/714] Bump version 3714

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index a51bbeb1..9cbf6d67 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3713"
+REVISION="3714"

From 620bf04835b98468020d5fdd564e8b3af5afe899 Mon Sep 17 00:00:00 2001
From: cadoming <carlos.dominguez@wazuh.com>
Date: Thu, 3 Jan 2019 09:35:40 +0000
Subject: [PATCH 009/714] ossec.conf for windows agents

---
 .../ansible-wazuh-agent/defaults/main.yml     | 155 +++++++++++++++++-
 .../var-ossec-etc-ossec-agent.conf.j2         |  99 ++++++++---
 2 files changed, 230 insertions(+), 24 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 0b9aa567..c3e1f650 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -31,6 +31,7 @@ wazuh_agent_config:
   active_response:
      ar_disabled: 'no'
      ca_store: '/var/ossec/etc/wpk_root.pem'
+     ca_store_win: 'wpk_root.pem'
      ca_verification: 'yes'
   log_format: 'plain'
   client_buffer:
@@ -44,6 +45,7 @@ wazuh_agent_config:
     alert_new_files: 'yes'
     remove_old_diff: 'yes'
     restart_audit: 'yes'
+    win_audit_interval: 300
     skip_nfs: 'yes'
     ignore:
       - /etc/mtab
@@ -61,6 +63,8 @@ wazuh_agent_config:
       - /etc/svc/volatile
       - /sys/kernel/security
       - /sys/kernel/debug
+    ignore_win:
+      - '.log$|.htm$|.jpg$|.png$|.chm$|.pnf$|.evtx$'
     no_diff:
       - /etc/ssl/private.key
     directories:
@@ -68,10 +72,142 @@ wazuh_agent_config:
         checks: 'check_all="yes"'
       - dirs: /bin,/sbin
         checks: 'check_all="yes"'
+    win_directories:
+      - dirs: '%WINDIR%\regedit.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\system.ini'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\win.ini'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\at.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\attrib.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\cacls.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\cmd.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\drivers\etc'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\eventcreate.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\ftp.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\lsass.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\net.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\net1.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\netsh.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\reg.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\regedt32.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\regsvr32.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\runas.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\sc.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\schtasks.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\sethc.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\subst.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\wbem\WMIC.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\WindowsPowerShell\v1.0\powershell.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\SysNative\winrm.vbs'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\at.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\attrib.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\cacls.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\cmd.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\drivers\etc'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\eventcreate.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\ftp.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\net.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\net1.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\netsh.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\reg.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\regedit.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\regedt32.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\regsvr32.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\runas.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\sc.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\schtasks.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\sethc.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\subst.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\wbem\WMIC.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\WindowsPowerShell\v1.0\powershell.exe'
+        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%\System32\winrm.vbs'
+        checks: 'check_all="yes"'
+      - dirs: '%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\Startup'
+        checks: 'check_all="yes" realtime="yes"'
     windows_registry:
       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
-        arch: 'both'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\cmdfile'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\comfile'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\exefile'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\piffile'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\Directory'
       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\Folder'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Classes\Protocols'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Policies'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Security'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services'
+      - key: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\KnownDLLs'
+      - key: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\winreg'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx'
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\URL'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon'
+        arch: "both"
+      - key: 'HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components'
+        arch: "both"
+    windows_registry_ignore:
+      - key: 'HKEY_LOCAL_MACHINE\Security\Policy\Secrets'
+      - key: 'HKEY_LOCAL_MACHINE\Security\SAM\Domains\Account\Users'
+      - key: '\Enum$'
+        type: "sregex"
   rootcheck:
     frequency: 43200
   openscap:
@@ -82,8 +218,11 @@ wazuh_agent_config:
   osquery:
     disable: 'yes'
     run_daemon: 'yes'
+    bin_path_win: 'C:\ProgramData\osquery\osqueryd'
     log_path: '/var/log/osquery/osqueryd.results.log'
+    log_path_win: 'C:\ProgramData\osquery\log\osqueryd.results.log'
     config_path: '/etc/osquery/osquery.conf'
+    config_path_win: 'C:\ProgramData\osquery\osquery.conf'
     ad_labels: 'yes'
   syscollector:
     disable: 'no'
@@ -102,7 +241,9 @@ wazuh_agent_config:
     interval: '1d'
     scan_on_start: 'yes'
     java_path: '/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/bin'
+    java_path_win: '\\server\jre\bin\java.exe'
     ciscat_path: '/var/ossec/wodles/ciscat'
+    ciscat_path_win: 'C:\cis-cat'
     content:
       - type: 'xccdf'
         path: 'benchmarks/CIS_Ubuntu_Linux_16.04_LTS_Benchmark_v1.0.0-xccdf.xml'
@@ -136,7 +277,7 @@ wazuh_agent_config:
         location: '/var/log/maillog'
       - format: 'audit'
         location: '/var/log/audit/audit.log'
-    common:
+    linux:
       - format: 'syslog'
         location: '/var/ossec/logs/active-responses.log'
       - format: 'command'
@@ -149,3 +290,13 @@ wazuh_agent_config:
       - format: 'full_command'
         command: 'last -n 20'
         frequency: '360'
+    windows:
+      - format: 'eventlog' 
+        location: 'Application'
+      - format: 'eventchannel'
+        location: 'Security'
+        query: 'Event/System[EventID != 5145 and EventID != 5156 and EventID != 5447 and EventID != 4656 and EventID != 4658 and EventID != 4663 and EventID != 4660 and EventID != 4670 and EventID != 4690 and EventID != 4703 and EventID != 4907]'  
+      - format: 'eventlog'
+        location: 'System'
+      - format: 'syslog'
+        location: 'active-response\active-responses.log'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 14d34fe3..3cc6ba1b 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -43,13 +43,14 @@
 
   <active-response>
     <disabled>{{ wazuh_agent_config.active_response.ar|default('no') }}</disabled>
-    <ca_store>{{ wazuh_agent_config.active_response.ca_store }}</ca_store>
+    <ca_store>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}{% else %}{{ wazuh_agent_config.active_response.ca_store }}{% endif %}</ca_store>
     <ca_verification>{{ wazuh_agent_config.active_response.ca_verification }}</ca_verification>
   </active-response>
 
   {% if wazuh_agent_config.rootcheck is defined %}
   <rootcheck>
     <disabled>no</disabled>
+    {% if ansible_system == "Linux" %}
     <check_unixaudit>yes</check_unixaudit>
     <check_files>yes</check_files>
     <check_trojans>yes</check_trojans>
@@ -62,13 +63,6 @@
     <!-- Frequency that rootcheck is executed - every 12 hours -->
     <frequency>{{ wazuh_agent_config.rootcheck.frequency }}</frequency>
 
-    {% if ansible_os_family == "Windows" %}
-    <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
-    <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
-    <windows_malware>./shared/win_malware_rcl.txt</windows_malware>
-    {% endif %}
-
-    {% if ansible_system == "Linux" %}
     <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
     <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
     <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit>
@@ -76,9 +70,15 @@
     {% if cis_distribution_filename is defined %}
     <system_audit>/var/ossec/etc/shared/{{ cis_distribution_filename }}</system_audit>
     {% endif %}
+    <skip_nfs>yes</skip_nfs>
+    {% endif %}
+
+    {% if ansible_os_family == "Windows" %}
+    <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
+    <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
+    <windows_malware>./shared/win_malware_rcl.txt</windows_malware>
     {% endif %}
 
-    <skip_nfs>yes</skip_nfs>
   </rootcheck>
   {% endif %}
 
@@ -86,44 +86,61 @@
   {% if wazuh_agent_config.syscheck is defined %}
   <syscheck>
     <disabled>no</disabled>
+<!--    #<alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
+    <!-- Frequency that syscheck is executed -- default every 20 hours -->
+    <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
     {% if ansible_system == "Linux" %}
 <!--    #<directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> -->
     <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
     <directories check_all="yes">/bin,/sbin,/boot</directories>
-    {% endif %}
 
     <auto_ignore>{{ wazuh_agent_config.syscheck.auto_ignore }}</auto_ignore>
-<!--    #<alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
-    <!-- Frequency that syscheck is executed -- default every 20 hours -->
-    <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
+    {% endif %}
 
     <!-- Directories to check  (perform all possible verifications) -->
-    {% if wazuh_agent_config.syscheck.directories is defined %}
+    {% if wazuh_agent_config.syscheck.directories is defined and ansible_os_family == "Linux" %}
     {% for directory in wazuh_agent_config.syscheck.directories %}
     <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
     {% endfor %}
     {% endif %}
 
+    <!-- Directories to check  (perform all possible verifications) -->
+    {% if wazuh_agent_config.syscheck.win_directories is defined and ansible_os_family == "Windows" %}
+    {% for directory in wazuh_agent_config.syscheck.win_directories %}
+    <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
+    {% endfor %}
+    {% endif %}
+
     <!-- Files/directories to ignore -->
-    {% if wazuh_agent_config.syscheck.ignore is defined %}
+    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Linux" %}
     {% for ignore in wazuh_agent_config.syscheck.ignore %}
     <ignore>{{ ignore }}</ignore>
     {% endfor %}
     {% endif %}
 
+    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Windows" %}
+    {% for ignore in wazuh_agent_config.syscheck.ignore_win %}
+    <ignore type="sregex">{{ ignore }}</ignore>
+    {% endfor %}
+    {% endif %}
+
+    {% if ansible_system == "Linux" %}
     <!-- Files no diff -->
     {% for no_diff in wazuh_agent_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
     {% endfor %}
-    
+
     <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
+    {% endif %}
     <!-- Remove not monitored files -->
     <remove_old_diff>{{ wazuh_agent_config.syscheck.remove_old_diff }}</remove_old_diff>
 
+    {% if ansible_system == "Linux"%}
     <!-- Allow the system to restart Auditd after installing the plugin -->
     <restart_audit>{{ wazuh_agent_config.syscheck.restart_audit }}</restart_audit>
- 
+    {% endif %} 
+
     {% if ansible_os_family == "Windows" %}
     {% for registry_key in wazuh_agent_config.syscheck.windows_registry %}
     {% if registry_key.arch is defined %}
@@ -133,6 +150,21 @@
     {% endif %}
     {% endfor %}
     {% endif %}
+
+    {% if ansible_os_family == "Windows" %}
+    {% for registry_key in wazuh_agent_config.syscheck.windows_registry_ignore %}
+    {% if registry_key.type is defined %}
+    <registry_ignore type="{{ registry_key.type }}">{{ registry_key.key }}</registry_ignore>
+    {% else %}
+    <registry_ignore>{{ registry_key.key }}</registry_ignore>
+    {% endif %}
+    {% endfor %}
+    {% endif %}
+
+    {% if ansible_os_family == "Windows" %}
+    <!-- Frequency for ACL checking (seconds) -->
+    <windows_audit_interval>{{ wazuh_agent_config.syscheck.win_audit_interval }}</windows_audit_interval>
+    {% endif %}
   </syscheck>
   {% endif %}
 
@@ -189,7 +221,7 @@
   </wodle>
   {% endif %}
 
-  {% if ansible_system == "Linux" and wazuh_agent_config.cis_cat.disable == 'no' %}
+  {% if wazuh_agent_config.cis_cat.disable == 'no' %}
   <wodle name="cis-cat">
     <disabled>no</disabled>
     <timeout>{{ wazuh_agent_config.cis_cat.timeout }}</timeout>
@@ -197,15 +229,19 @@
     <scan-on-start>{{ wazuh_agent_config.cis_cat.scan_on_start }}</scan-on-start>
     {% if wazuh_agent_config.cis_cat.install_java == 'yes' and ansible_system == "Linux" %}
     <java_path>/usr/bin</java_path>
+    {% elif ansible_os_family == "Windows" %}
+    <java_path>{{ wazuh_agent_config.cis_cat.java_path_win }}</java_path>
     {% else %}
     <java_path>{{ wazuh_agent_config.cis_cat.java_path }}</java_path>
     {% endif %}
-    <ciscat_path>{{ wazuh_agent_config.cis_cat.ciscat_path }}</ciscat_path>
+    <ciscat_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.cis_cat.ciscat_path_win }}{% else %}{{ wazuh_agent_config.cis_cat.ciscat_path }}{% endif %}</ciscat_path>
+    {% if ansible_system == "Linux" %}
     {% for benchmark in wazuh_agent_config.cis_cat.content %}
     <content type="{{ benchmark.type }}" path="{{ benchmark.path }}">
       <profile>{{ benchmark.profile }}</profile>
     </content>
     {% endfor %}
+    {% endif %}
   </wodle>
   {% endif %}
 
@@ -213,8 +249,11 @@
   <wodle name="osquery">
     <disabled>{{ wazuh_agent_config.osquery.disable }}</disabled>
     <run_daemon>{{ wazuh_agent_config.osquery.run_daemon }}</run_daemon>
-    <log_path>{{ wazuh_agent_config.osquery.log_path }}</log_path>
-    <config_path>{{ wazuh_agent_config.osquery.config_path }}</config_path>
+    {% if ansible_os_family == "Windows" %}
+    <bin_path>{{ wazuh_agent_config.osquery.bin_path_win }}</bin_path>
+    {% endif %}
+    <log_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.osquery.log_path_win }}{% else %}{{ wazuh_agent_config.osquery.log_path }}{% endif %}</log_path>
+    <config_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.osquery.config_path_win }}{% else %}{{ wazuh_agent_config.osquery.config_path }}{% endif %}</config_path>
     <add_labels>{{ wazuh_agent_config.osquery.ad_labels }}</add_labels>
   </wodle>
 
@@ -245,7 +284,8 @@
   {% endif %}
 
   <!-- Files to monitor (localfiles) -->
-    {% for localfile in wazuh_agent_config.localfiles.common %}
+    {% if ansible_system == "Linux" %}
+    {% for localfile in wazuh_agent_config.localfiles.linux %}
     <localfile>
         <log_format>{{ localfile.format }}</log_format>
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@@ -256,6 +296,7 @@
     {% endif %}
     </localfile>
   {% endfor %}
+  {% endif %}
 
     {% if ansible_os_family == "Debian" %}
     {% for localfile in wazuh_agent_config.localfiles.debian %}
@@ -284,4 +325,18 @@
     </localfile>
   {% endfor %}
   {% endif %}
+
+   {% if ansible_os_family == "Windows" %}
+   {% for localfile in wazuh_agent_config.localfiles.windows %}
+    <localfile>
+        <log_format>{{ localfile.format }}</log_format>
+    {% if localfile.format == 'eventchannel' %}
+        <location>{{ localfile.location }}</location>
+        <query>{{ localfile.query}}</query>
+    {% else %}
+        <location>{{ localfile.location }}</location>
+    {% endif %}
+    </localfile>
+  {% endfor %}
+  {% endif %}
 </ossec_config>

From 1e2e1f1f30c622cb8d8ebb4ac1b2dcd4fa94d695 Mon Sep 17 00:00:00 2001
From: Jean Prat <jean@lgo.exchange>
Date: Fri, 4 Jan 2019 16:26:26 +0100
Subject: [PATCH 010/714] FIX multiple remote connection

---
 .../templates/var-ossec-etc-ossec-server.conf.j2            | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 6f6a3615..7bc92ece 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -66,8 +66,8 @@
     <log_format>{{ wazuh_manager_config.log_format }}</log_format>
   </logging>
 
-   <remote>
   {% for connection in wazuh_manager_config.connection %}
+   <remote>
     <connection>{{ connection.type }}</connection>
     {% if connection.port is defined %}<port>{{ connection.port }}</port>{% endif %}
     {% if connection.protocol is defined %}<protocol>{{ connection.protocol }}</protocol>{% endif %}
@@ -83,9 +83,9 @@
     {% endif %}
     {% if connection.local_ip is defined %}<local_ip>{{ connection.local_ip }}</local_ip>{% endif %}
     {% if connection.ipv6 is defined %}<ipv6>{{ connection.ipv6 }}</ipv6>{% endif %}
-        {% if connection.queue_size is defined %}<queue_size>{{connection.queue_size}}</queue_size>{% endif %}
-  {% endfor %}
+    {% if connection.queue_size is defined %}<queue_size>{{connection.queue_size}}</queue_size>{% endif %}
   </remote>
+  {% endfor %}
 
 {% if wazuh_manager_config.reports is defined %}
 {% for report in wazuh_manager_config.reports %}

From 0bac60cd470e91c161a11c767c0fdc2863a0a86a Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Wed, 9 Jan 2019 14:34:26 +0100
Subject: [PATCH 011/714] Update CHANGELOG.md

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 04a30e8d..97fb77cd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,9 @@ All notable changes to this project will be documented in this file.
 - Fixed a couple linting issues with yamllint and ansible-review ([#111](https://github.com/wazuh/wazuh-ansible/pull/111))
 
 ## [v3.7.2]
+### Added
+
+- Adapt ossec.conf file for windows agents ([#118]https://github.com/wazuh/wazuh-ansible/pull/118) 
 
 ### Changed
 

From c56908bc8925fcf3dcce6d0a18be3c3029b78dbc Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Wed, 9 Jan 2019 14:35:10 +0100
Subject: [PATCH 012/714] Update CHANGELOG.md

---
 CHANGELOG.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 97fb77cd..4da6c6ca 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.7.x]
 
+### Added
+
+- Adapt ossec.conf file for windows agents ([#118]https://github.com/wazuh/wazuh-ansible/pull/118) 
+
 ### Changed 
 
 - Changed Windows installation directory ([#116](https://github.com/wazuh/wazuh-ansible/pull/116))
@@ -12,9 +16,6 @@ All notable changes to this project will be documented in this file.
 - Fixed a couple linting issues with yamllint and ansible-review ([#111](https://github.com/wazuh/wazuh-ansible/pull/111))
 
 ## [v3.7.2]
-### Added
-
-- Adapt ossec.conf file for windows agents ([#118]https://github.com/wazuh/wazuh-ansible/pull/118) 
 
 ### Changed
 

From feda8bd0c4c3c9940020f5226135235d9b098f88 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Wed, 9 Jan 2019 14:36:07 +0100
Subject: [PATCH 013/714] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4da6c6ca..482fda2b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 
 ### Added
 
-- Adapt ossec.conf file for windows agents ([#118]https://github.com/wazuh/wazuh-ansible/pull/118) 
+- Adapt ossec.conf file for windows agents ([#118](https://github.com/wazuh/wazuh-ansible/pull/118)) 
 
 ### Changed 
 

From 1c7f60bb88e2d18eab027978936c41442e1b69a0 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Wed, 9 Jan 2019 14:42:04 +0100
Subject: [PATCH 014/714] Update CHANGELOG.md

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 15b0ec7c..9e9f7358 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.7.2]
 
+### Added
+
+- Added custom name for single agent registration ([#117](https://github.com/wazuh/wazuh-ansible/pull/117))
+
 ### Changed
 
 - Adapt configuration to current release ([#106](https://github.com/wazuh/wazuh-ansible/pull/106))

From 0565486e6df1a21b106404aeee1659f428f5e75a Mon Sep 17 00:00:00 2001
From: Paul Calabro <paulcalabro@users.noreply.github.com>
Date: Wed, 9 Jan 2019 20:51:48 -0700
Subject: [PATCH 015/714] wazuh_manager_fqdn is a sequence not a scalar

Updated to `~` to reflect a null string, similar to [] for an empty sequence.
---
 roles/wazuh/ansible-wazuh-manager/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/README.md b/roles/wazuh/ansible-wazuh-manager/README.md
index 125287b6..271c9851 100644
--- a/roles/wazuh/ansible-wazuh-manager/README.md
+++ b/roles/wazuh/ansible-wazuh-manager/README.md
@@ -18,7 +18,7 @@ Role Variables
 
 This role has some variables which you can or need to override.
 ```
-wazuh_manager_fqdn: []
+wazuh_manager_fqdn: ~
 wazuh_manager_config: []
 wazuh_agent_configs: []
 ```

From d33b5c90c39ed3336d74558c4fe6d5a60375a703 Mon Sep 17 00:00:00 2001
From: singuliere <singuliere@autistici.org>
Date: Thu, 10 Jan 2019 10:01:06 +0100
Subject: [PATCH 016/714] cleanup: move redundant tags to the outer block

---
 .../wazuh/ansible-wazuh-agent/tasks/Linux.yml | 30 ++++---------------
 1 file changed, 6 insertions(+), 24 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 2d17fb16..e5bc394a 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -23,9 +23,6 @@
 
     - name: Retrieving authd Credentials
       include_vars: authd_pass.yml
-      tags:
-        - config
-        - authd
 
     - name: Copy CA, SSL key and cert for authd
       copy:
@@ -36,9 +33,6 @@
         - "{{ wazuh_agent_authd.ssl_agent_ca }}"
         - "{{ wazuh_agent_authd.ssl_agent_cert }}"
         - "{{ wazuh_agent_authd.ssl_agent_key }}"
-      tags:
-        - config
-        - authd
       when:
         - wazuh_agent_authd.ssl_agent_ca is not none
 
@@ -58,29 +52,23 @@
       when:
         - check_keys.stat.exists == false or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
-      tags:
-        - config
-        - authd
 
     - name: Linux | Verify agent registration
       shell: echo {{ agent_auth_output }} | grep "Valid key created"
       when:
         - check_keys.stat.exists == false or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
-      tags:
-        - config
-        - authd
 
   when: wazuh_agent_authd.enable == true
+  tags:
+    - config
+    - authd
 
 - name: Linux | Agent registration via rest-API
   block:
 
     - name: Retrieving rest-API Credentials
       include_vars: api_pass.yml
-      tags:
-        - config
-        - api
 
     - name: Linux | Create the agent key via rest-API
       uri:
@@ -100,9 +88,6 @@
         - check_keys.stat.exists == false or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
       become: no
-      tags:
-        - config
-        - api
 
     - name: Linux | Retieve new agent data via rest-API
       uri:
@@ -119,9 +104,6 @@
       register: newagentdata_api
       delegate_to: localhost
       become: no
-      tags:
-        - config
-        - api
 
     - name: Linux | Register agent (via rest-API)
       command: /var/ossec/bin/manage_agents
@@ -137,12 +119,12 @@
         - check_keys.stat.exists == false or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
         - newagent_api.changed
-      tags:
-        - config
-        - api
       notify: restart wazuh-agent
 
   when: wazuh_agent_authd.enable == false
+  tags:
+    - config
+    - api
 
 - name: Linux | Vuls integration deploy (runs in background, can take a while)
   command: /var/ossec/wodles/vuls/deploy_vuls.sh {{ ansible_distribution|lower }} {{ ansible_distribution_major_version|int }}

From 37f57b2511949eb15521c72a1629c51779895e08 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 10 Jan 2019 12:10:46 +0100
Subject: [PATCH 017/714] Bump version 3715

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 9cbf6d67..cdede417 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3714"
+REVISION="3715"

From 25cda523724b707d956c6bda922df9c86e14569d Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 10 Jan 2019 13:02:34 +0100
Subject: [PATCH 018/714] Update CHANGELOG.md

---
 CHANGELOG.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c8dbaa6e..fd10dbeb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.7.x]
 
+### Added
+
+- Added custom name for single agent registration ([#117](https://github.com/wazuh/wazuh-ansible/pull/117))
+
 ### Changed 
 
 - Changed Windows installation directory ([#116](https://github.com/wazuh/wazuh-ansible/pull/116))
@@ -13,10 +17,6 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.7.2]
 
-### Added
-
-- Added custom name for single agent registration ([#117](https://github.com/wazuh/wazuh-ansible/pull/117))
-
 ### Changed
 
 - Adapt configuration to current release ([#106](https://github.com/wazuh/wazuh-ansible/pull/106))

From 57472034007006ccd5cf24764a0cbd6a60dc5b43 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 10 Jan 2019 13:13:10 +0100
Subject: [PATCH 019/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fd10dbeb..b08c77bc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file.
 ### Added
 
 - Added custom name for single agent registration ([#117](https://github.com/wazuh/wazuh-ansible/pull/117))
+- Adapt ossec.conf file for windows agents ([#118](https://github.com/wazuh/wazuh-ansible/pull/118)) 
 
 ### Changed 
 

From c762b666955a5270c3dc007345bb82b434efe50a Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 10 Jan 2019 13:14:38 +0100
Subject: [PATCH 020/714] Bump version 3716

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index cdede417..4287517f 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3715"
+REVISION="3716"

From d32c818a3938357f7e999ede83445ec217b451ea Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 10 Jan 2019 13:20:35 +0100
Subject: [PATCH 021/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b08c77bc..cd4546a5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@ All notable changes to this project will be documented in this file.
 ### Fixed
 
 - Fixed a couple linting issues with yamllint and ansible-review ([#111](https://github.com/wazuh/wazuh-ansible/pull/111))
+- Fixed multiple remote connection ([#120](https://github.com/wazuh/wazuh-ansible/pull/120))
 
 ## [v3.7.2]
 

From af20ea242867fd5eee3023693c6da2f7ab629c54 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 10 Jan 2019 13:21:02 +0100
Subject: [PATCH 022/714] Bump version 3717

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 4287517f..861565b0 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3716"
+REVISION="3717"

From 259cd8357dadf45a4f9fdfcad4d3c9b23a15bbc0 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Fri, 11 Jan 2019 15:18:39 +0100
Subject: [PATCH 023/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cd4546a5..b8a091fd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,6 +16,7 @@ All notable changes to this project will be documented in this file.
 
 - Fixed a couple linting issues with yamllint and ansible-review ([#111](https://github.com/wazuh/wazuh-ansible/pull/111))
 - Fixed multiple remote connection ([#120](https://github.com/wazuh/wazuh-ansible/pull/120))
+- Fixed null value for wazuh_manager_fqdn ([#132](https://github.com/wazuh/wazuh-ansible/pull/132))
 
 ## [v3.7.2]
 

From 32ba74077775a8f83c95432768a13583225e5ce0 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Fri, 11 Jan 2019 15:19:20 +0100
Subject: [PATCH 024/714] Bump version 3718

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 861565b0..2930e40d 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3717"
+REVISION="3718"

From 57a94dbc140dbccffccc0123314aa84e3fb0847e Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Fri, 11 Jan 2019 15:21:23 +0100
Subject: [PATCH 025/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b8a091fd..31c820e2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ All notable changes to this project will be documented in this file.
 ### Changed 
 
 - Changed Windows installation directory ([#116](https://github.com/wazuh/wazuh-ansible/pull/116))
+- move redundant tags to the outer block ([#133](https://github.com/wazuh/wazuh-ansible/pull/133))
 
 ### Fixed
 

From ce7c852785df4c86c4e00d3548129b742e80de3b Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Fri, 11 Jan 2019 15:22:04 +0100
Subject: [PATCH 026/714] Bump version 3719

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 2930e40d..b17912ec 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3718"
+REVISION="3719"

From 59008bda4d34fa0f8e29bb34cdcc9635d9c5b376 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 09:07:47 +0100
Subject: [PATCH 027/714] delete useless files (#137)

---
 roles/wazuh/ansible-wazuh-manager/.gitignore  |  1 -
 .../wazuh/ansible-wazuh-manager/CHANGELOG.md  | 31 -------------------
 .../wazuh/ansible-wazuh-manager/playbook.yml  |  3 --
 3 files changed, 35 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/.gitignore
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/CHANGELOG.md
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/playbook.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/.gitignore b/roles/wazuh/ansible-wazuh-manager/.gitignore
deleted file mode 100644
index a8a9013c..00000000
--- a/roles/wazuh/ansible-wazuh-manager/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-./.kitchen
diff --git a/roles/wazuh/ansible-wazuh-manager/CHANGELOG.md b/roles/wazuh/ansible-wazuh-manager/CHANGELOG.md
deleted file mode 100644
index 897c05b4..00000000
--- a/roles/wazuh/ansible-wazuh-manager/CHANGELOG.md
+++ /dev/null
@@ -1,31 +0,0 @@
-#ansible-ossec-server Release
-
-Below an overview of all changes in the releases.
-
-Version (Release date)
-
-0.2.0   (2017-02-14)
-
-  * Added molecule testing
-  * do not look for specific key ID. It appears that OSSEC released a new… #3 (By pull request: recunius (Thanks!))
-  * Updates #4 (By pull request: recunius (Thanks!))
-  * allow providing own local_rules.xml template with var ossec_server_… #5  (By pull request: recunius (Thanks!))
-  * Update CIS filename to CentOS & Redhat 7 #6 (By pull request: jlruizmlg (Thanks!))
-  * add ossec authd as service #7 (By pull request: jlruizmlg (Thanks!))
-  * Fix the permissions in the wazuh-authd in upstart system. #8  (By pull request: jlruizmlg (Thanks!))
-  * Remove ssl files and add task to generate them + Fix script init task #10 (By pull request: aarnaud (Thanks!))
-
-0.1.0   (2015-11-16)
-
-  * Fixes for CentOS/EL7 #1 (By pull request: andskli (Thanks!))
-  * Updates to support Ubuntu and also adds more configuration options #2 (By pull request: recunius (Thanks!))
-  * Added kitchen test and serverspec tests
-
-0.0.2   (2014-12-11)
-
-  * Added possibilty to use other mail settings
-  * Reworked module for better setup. Updated readme
-
-0.0.1   (2014-12-04)
-
-  * Initial creation
diff --git a/roles/wazuh/ansible-wazuh-manager/playbook.yml b/roles/wazuh/ansible-wazuh-manager/playbook.yml
deleted file mode 100644
index 8ad964ec..00000000
--- a/roles/wazuh/ansible-wazuh-manager/playbook.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- hosts: wazuh-server.example.com
-  roles:
-     - { role: ansible-wazuh-server }

From e97a0ff7a35c9023602defba245abcbf2929ba93 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 09:12:09 +0100
Subject: [PATCH 028/714] Labels configuration (#135)

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml        | 5 +++++
 .../templates/var-ossec-etc-ossec-agent.conf.j2          | 9 +++++++++
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml      | 5 +++++
 .../templates/var-ossec-etc-ossec-server.conf.j2         | 8 ++++++++
 4 files changed, 27 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index c3e1f650..42e13eec 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -300,3 +300,8 @@ wazuh_agent_config:
         location: 'System'
       - format: 'syslog'
         location: 'active-response\active-responses.log'
+  labels:
+    enable: false
+    list:
+      - key: Env
+        value: Production
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 3cc6ba1b..6327441a 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -339,4 +339,13 @@
     </localfile>
   {% endfor %}
   {% endif %}
+
+{% if wazuh_agent_config.labels.enable == true %}
+  <labels>
+  {% for label in wazuh_agent_config.labels.list %}
+    <label key="{{ label.key }}"{% if label.hidden is defined %} hidden="{{ label.hidden }}"{% endif %}>{{ label.value }}</label>
+  {% endfor %}
+  </labels>
+{% endif %}
+
 </ossec_config>
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 9f42df5e..b9817a3a 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -271,6 +271,11 @@ wazuh_manager_config:
     - server: null
       port: null
       format: null
+  labels:
+    enable: false
+    list:
+      - key: Env
+        value: Production
 
 wazuh_agent_configs:
   - type: os
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 7bc92ece..6f389a71 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -539,4 +539,12 @@
 {% endfor %}
 {% endif %}
 
+{% if wazuh_manager_config.labels.enable == true %}
+  <labels>
+  {% for label in wazuh_manager_config.labels.list %}
+    <label key="{{ label.key }}"{% if label.hidden is defined %} hidden="{{ label.hidden }}"{% endif %}>{{ label.value }}</label>
+  {% endfor %}
+  </labels>
+{% endif %}
+
 </ossec_config>

From 694ecd8106ed7b0a46d85eadf28b3d603fadb5b6 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 09:16:10 +0100
Subject: [PATCH 029/714] fixing extra spaces (#131)

---
 playbooks/wazuh-elastic.yml                   | 2 +-
 playbooks/wazuh-elastic_stack-distributed.yml | 8 ++++----
 playbooks/wazuh-elastic_stack-single.yml      | 4 ++--
 playbooks/wazuh-kibana.yml                    | 2 +-
 playbooks/wazuh-logstash.yml                  | 2 +-
 playbooks/wazuh-manager.yml                   | 2 +-
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
index b61a22e2..57b78a49 100644
--- a/playbooks/wazuh-elastic.yml
+++ b/playbooks/wazuh-elastic.yml
@@ -1,3 +1,3 @@
 - hosts: <your elasticsearch host>
   roles:
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'your elasticsearch IP' }
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'your elasticsearch IP'}
diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 850b1e61..3be6a35f 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -1,9 +1,9 @@
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_logstash_hosts: 'your elastic stack server IP' }
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_logstash_hosts: 'your elastic stack server IP'}
 - hosts: <your elastic stack server host>
   roles:
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost' }
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost' }
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index b1808d13..37be4d9c 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -1,6 +1,6 @@
 - hosts: <your single server host>
   roles:
-      - { role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager }
-      - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost' }
+      - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager}
+      - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
       - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: 'localhost' }
       - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }
diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml
index 02e14a47..7c0a0d3c 100644
--- a/playbooks/wazuh-kibana.yml
+++ b/playbooks/wazuh-kibana.yml
@@ -1,3 +1,3 @@
 - hosts: <your kibana host>
   roles:
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'your elasticsearch IP' }
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'your elasticsearch IP'}
diff --git a/playbooks/wazuh-logstash.yml b/playbooks/wazuh-logstash.yml
index 5c13bd88..2ff2fa4e 100644
--- a/playbooks/wazuh-logstash.yml
+++ b/playbooks/wazuh-logstash.yml
@@ -1,3 +1,3 @@
 - hosts: <your logstash host>
   roles:
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"] }
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"]}
diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index d224ee34..f852fcf8 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -1,4 +1,4 @@
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
-    - { role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_logstash_hosts: 'your logstash IP' }
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_logstash_hosts: 'your logstash IP'}

From 236e76f73d5e0840dde5fdd3491456f7f751e84e Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 09:19:02 +0100
Subject: [PATCH 030/714] Fixes typos (#130)

---
 CHANGELOG.md                                              | 1 +
 roles/wazuh/ansible-wazuh-manager/README.md               | 4 ++--
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml          | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/templates/agentless.j2  | 2 +-
 .../templates/var-ossec-etc-ossec-server.conf.j2          | 4 ++--
 .../vars/{agentless_creeds.yml => agentless_creds.yml}    | 2 +-
 6 files changed, 11 insertions(+), 10 deletions(-)
 rename roles/wazuh/ansible-wazuh-manager/vars/{agentless_creeds.yml => agentless_creds.yml} (88%)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 31c820e2..7aa2db9f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,6 +16,7 @@ All notable changes to this project will be documented in this file.
 ### Fixed
 
 - Fixed a couple linting issues with yamllint and ansible-review ([#111](https://github.com/wazuh/wazuh-ansible/pull/111))
+- Fixes typos: The word credentials doesn't have two consecutive e's ([#130](https://github.com/wazuh/wazuh-ansible/pull/130))
 - Fixed multiple remote connection ([#120](https://github.com/wazuh/wazuh-ansible/pull/120))
 - Fixed null value for wazuh_manager_fqdn ([#132](https://github.com/wazuh/wazuh-ansible/pull/132))
 
diff --git a/roles/wazuh/ansible-wazuh-manager/README.md b/roles/wazuh/ansible-wazuh-manager/README.md
index 271c9851..19b1eae9 100644
--- a/roles/wazuh/ansible-wazuh-manager/README.md
+++ b/roles/wazuh/ansible-wazuh-manager/README.md
@@ -26,11 +26,11 @@ wazuh_agent_configs: []
 Vault variables
 ----------------
 
-### vars/agentless_creeds.yml
+### vars/agentless_creds.yml
 This file has the agenless credentials.
 ```
 ---
- agentless_creeds:
+ agentless_creds:
  - type: ssh_integrity_check_linux
    frequency: 3600
    host: root@example.net
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index ad7f8cfa..b1c6fcf2 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -168,7 +168,7 @@
     - config
 
 - name: Retrieving Agentless Credentials
-  include_vars: agentless_creeds.yml
+  include_vars: agentless_creds.yml
   tags:
     - config
 
@@ -231,7 +231,7 @@
   notify: restart wazuh-manager
   when:
     - agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout
-    - agentless_creeds is defined
+    - agentless_creds is defined
   tags:
     - config
 
@@ -324,13 +324,13 @@
     group: root
     mode: 0644
   no_log: true
-  when: agentless_creeds is defined
+  when: agentless_creds is defined
   tags:
     - config
 
 - name: Encode the secret
   shell: /usr/bin/base64 /var/ossec/agentless/.passlist_tmp > /var/ossec/agentless/.passlist && rm /var/ossec/agentless/.passlist_tmp
-  when: agentless_creeds is defined
+  when: agentless_creds is defined
   tags:
     - config
 
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2 b/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
index 2fa90bd7..99b20909 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
@@ -1,3 +1,3 @@
-{% for agentless in agentless_creeds %}
+{% for agentless in agentless_creds %}
 {{ agentless.host }}|{{ agentless.passwd }}
 {% endfor %}
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 6f389a71..71201e92 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -382,8 +382,8 @@
   </wodle>
   {% endif %}
 
-{% if agentless_creeds is defined %}
-{% for agentless in agentless_creeds %}
+{% if agentless_creds is defined %}
+{% for agentless in agentless_creds %}
   <agentless>
     <type>{{ agentless.type }}</type>
     <frequency>{{ agentless.frequency }}</frequency>
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/agentless_creeds.yml b/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
similarity index 88%
rename from roles/wazuh/ansible-wazuh-manager/vars/agentless_creeds.yml
rename to roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
index 0a25988d..2704fee1 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/agentless_creeds.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
@@ -1,5 +1,5 @@
 ---
-# agentless_creeds:
+# agentless_creds:
 # - type: ssh_integrity_check_linux
 #   frequency: 3600
 #   host: root@example.net

From 9aedbb0d54039c1dbab58d82a5693acf1361c874 Mon Sep 17 00:00:00 2001
From: Jesus Linares <jesuslinares90@gmail.com>
Date: Mon, 14 Jan 2019 03:31:54 -0500
Subject: [PATCH 031/714] Bump version: v3.8.0 - 3800

---
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index b17912ec..bc0a1b1c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.7.2"
-REVISION="3719"
+WAZUH-ANSIBLE_VERSION="v3.8.0"
+REVISION="3800"

From ec556ca2a2d607070f5b8ebde2fe22a7f5432cf8 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:41:43 +0100
Subject: [PATCH 032/714] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7aa2db9f..e16ca84b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,7 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
-## [v3.7.x]
+## [v3.8.0]
 
 ### Added
 

From 6a215bbde6bf0a9fe75dea22215df5d1c0907845 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:42:16 +0100
Subject: [PATCH 033/714] Bump version 3801

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index bc0a1b1c..5d2adcde 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.8.0"
-REVISION="3800"
+REVISION="3801"

From c0c1f479b8436efdd4039bef6b09239ca312c24e Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:47:08 +0100
Subject: [PATCH 034/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e16ca84b..4a252077 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,7 @@ All notable changes to this project will be documented in this file.
 - Fixes typos: The word credentials doesn't have two consecutive e's ([#130](https://github.com/wazuh/wazuh-ansible/pull/130))
 - Fixed multiple remote connection ([#120](https://github.com/wazuh/wazuh-ansible/pull/120))
 - Fixed null value for wazuh_manager_fqdn ([#132](https://github.com/wazuh/wazuh-ansible/pull/132))
+- Erasing extra spaces in playbooks ([#131](https://github.com/wazuh/wazuh-ansible/pull/131))
 
 ## [v3.7.2]
 

From 36f2b4fe04aafe813989d92ba4ea23a900b145a8 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:47:42 +0100
Subject: [PATCH 035/714] Bump version 3802

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 5d2adcde..99767f24 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.8.0"
-REVISION="3801"
+REVISION="3802"

From 5a4b2ba5f5011549646dc71046176865d7c30a26 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:50:52 +0100
Subject: [PATCH 036/714] Update CHANGELOG.md

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4a252077..688e99bb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,7 +6,8 @@ All notable changes to this project will be documented in this file.
 ### Added
 
 - Added custom name for single agent registration ([#117](https://github.com/wazuh/wazuh-ansible/pull/117))
-- Adapt ossec.conf file for windows agents ([#118](https://github.com/wazuh/wazuh-ansible/pull/118)) 
+- Adapt ossec.conf file for windows agents ([#118](https://github.com/wazuh/wazuh-ansible/pull/118))
+- Added labels to ossec.conf ([#135](https://github.com/wazuh/wazuh-ansible/pull/135))
 
 ### Changed 
 

From cff25aae5104639662207ebc431c7f5427d1cb9b Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:51:38 +0100
Subject: [PATCH 037/714] Bump version 3803

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 99767f24..38e38a9c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.8.0"
-REVISION="3802"
+REVISION="3803"

From 5ef887c0bf665902555fb8aed4a4c03579d025f7 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:54:39 +0100
Subject: [PATCH 038/714] Update CHANGELOG.md

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 688e99bb..7abe1a71 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,10 @@ All notable changes to this project will be documented in this file.
 - Fixed null value for wazuh_manager_fqdn ([#132](https://github.com/wazuh/wazuh-ansible/pull/132))
 - Erasing extra spaces in playbooks ([#131](https://github.com/wazuh/wazuh-ansible/pull/131))
 
+### Removed
+
+- delete useless files from wazuh-manager role ([#137](https://github.com/wazuh/wazuh-ansible/pull/137))
+
 ## [v3.7.2]
 
 ### Changed

From 43adee9c04f57e5022699b17828de916b8020f5f Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Mon, 14 Jan 2019 10:55:27 +0100
Subject: [PATCH 039/714] Bump version 3804

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 38e38a9c..b70c5861 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.8.0"
-REVISION="3803"
+REVISION="3804"

From 0e43b681bb9d2892a19b03734f46591bdd13b95c Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <sitoruizbravo@hotmail.com>
Date: Mon, 14 Jan 2019 17:35:36 +0100
Subject: [PATCH 040/714] Update Slack link

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a9e0d8f5..28f3d28b 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Wazuh-Ansible 
 
-[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://goo.gl/forms/M2AoZC4b2R9A9Zy12)
+[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://wazuh.com/community/join-us-on-slack/)
 [![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/wazuh)
 [![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com)
 [![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com)

From 3e1fcda11b882c3ccbe46f84ca1a665d9a9b3073 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <sitoruizbravo@hotmail.com>
Date: Mon, 14 Jan 2019 17:35:58 +0100
Subject: [PATCH 041/714] Update Slack link

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a9e0d8f5..28f3d28b 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Wazuh-Ansible 
 
-[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://goo.gl/forms/M2AoZC4b2R9A9Zy12)
+[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://wazuh.com/community/join-us-on-slack/)
 [![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/wazuh)
 [![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com)
 [![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com)

From 61260986c0316cec8631b5831175f48924b8b354 Mon Sep 17 00:00:00 2001
From: cadoming <carlos.dominguez@wazuh.com>
Date: Wed, 16 Jan 2019 16:16:06 +0000
Subject: [PATCH 042/714] fixed java path

---
 roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml | 2 +-
 roles/elastic-stack/ansible-logstash/tasks/RedHat.yml      | 2 +-
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml           | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 13d5ffbb..f4da0303 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -3,7 +3,7 @@
   block:
     - name: RedHat/CentOS/Fedora | download Oracle Java RPM
       get_url:
-        url: https://download.oracle.com/otn-pub/java/jdk/8u191-b12/2787e4a523244c269598db4e85c51e0c/jre-8u191-linux-x64.rpm
+        url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
         dest: /tmp/jre-8-linux-x64.rpm
         headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
       register: oracle_java_task_rpm_download
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
index 09e68d87..a5ad2cb3 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
@@ -3,7 +3,7 @@
   block:
     - name: RedHat/CentOS/Fedora | download Oracle Java RPM
       get_url:
-        url: https://download.oracle.com/otn-pub/java/jdk/8u191-b12/2787e4a523244c269598db4e85c51e0c/jre-8u191-linux-x64.rpm
+        url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
         dest: /tmp/jre-8-linux-x64.rpm
         headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
       register: oracle_java_task_rpm_download
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 8aebbda8..4ec27997 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -31,7 +31,7 @@
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
-    url: http://download.oracle.com/otn-pub/java/jdk/8u171-b11/512cd62ec5174c3487ac17c61aaa89e8/jre-8u171-linux-x64.rpm
+    url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
     dest: /tmp/jre-8-linux-x64.rpm
     headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
   register: oracle_java_task_rpm_download
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 27eea91b..e603508a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -96,7 +96,7 @@
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
-    url: http://download.oracle.com/otn-pub/java/jdk/8u172-b11/a58eab1ec242421181065cdc37240b08/jre-8u172-linux-x64.rpm
+    url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
     dest: /tmp/jre-8-linux-x64.rpm
     headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
   register: oracle_java_task_rpm_download

From 949aa7f043c8e9f72c3ceaf8f23f972abadd6b74 Mon Sep 17 00:00:00 2001
From: cadoming <carlos.dominguez@wazuh.com>
Date: Thu, 17 Jan 2019 15:42:11 +0000
Subject: [PATCH 043/714] adapt new version (3.8.0-6.5.4)

---
 .../ansible-kibana/defaults/main.yml          |   2 +-
 .../ansible-kibana/tasks/main.yml             |   3 +-
 .../ansible-wazuh-agent/defaults/main.yml     |   2 +-
 .../ansible-wazuh-agent/tasks/Debian.yml      |   4 +-
 .../ansible-wazuh-agent/tasks/RedHat.yml      |  12 +-
 .../ansible-wazuh-agent/tasks/Windows.yml     |   3 +-
 .../ansible-wazuh-manager/tasks/Debian.yml    |   4 +-
 .../ansible-wazuh-manager/tasks/RedHat.yml    |   8 +-
 .../ansible-wazuh-manager/tasks/main.yml      |  19 -
 .../ansible-wazuh-manager/tasks/main.yml.save | 383 ++++++++++++++++++
 10 files changed, 403 insertions(+), 37 deletions(-)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 5ccbdbab..e4a61c07 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -4,5 +4,5 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
-wazuh_version: 3.7.2
+wazuh_version: 3.8.0
 
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index db85a112..c0dc824b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -46,7 +46,8 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  #shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: "/usr/share/kibana/bin/kibana-plugin install  https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/app/kibana/wazuhapp-3.8.0_6.5.4.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 42e13eec..52521a7d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -23,7 +23,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.7.0'
+  version: '3.8.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 43936e7bc7eb51bd186f47dac4a6f477
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index d8affe84..22a4210d 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -9,11 +9,11 @@
     - ca-certificates
 
 - name: Debian/Ubuntu | Installing repository key
-  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key: url=https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
+    repo: 'deb https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/ unstable main'
     state: present
     update_cache: yes
 
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 8aebbda8..29b0b632 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -3,8 +3,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/
+    gpgkey: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution_major_version|int > 5
@@ -13,8 +13,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/5/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH-5
+    baseurl: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/5/
+    gpgkey: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution_major_version|int == 5
@@ -23,8 +23,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/
+    gpgkey: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 913f2453..08bf1f14 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -23,7 +23,8 @@
 - name: Windows | Downloading windows Wazuh agent installer
   win_get_url:
     dest: C:\wazuh-agent-installer.msi
-    url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    #url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    url: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.8/windows/wazuh-agent-3.8.0-0.3802.20190114T114149.branch38.commit04f4687.msi
   when:
     - correct_version is not defined
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index f2885345..6d8de4f0 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -9,11 +9,11 @@
     - ca-certificates
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
-  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key: url=https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
+    repo: 'deb https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/ unstable main'
     state: present
     update_cache: yes
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 27eea91b..c83d3388 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -36,8 +36,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/
+    gpgkey: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
@@ -46,8 +46,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/5/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/5/
+    gpgkey: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution_major_version|int == 5
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index b1c6fcf2..f5c8ba3d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -235,25 +235,6 @@
   tags:
     - config
 
-- name: Check if ossec-authd is enabled
-  shell: "grep -c 'ossec-authd' /var/ossec/bin/.process_list | xargs echo"
-  args:
-    removes: /var/ossec/bin/.process_list
-  changed_when: False
-  check_mode: no
-  register: authd_enabled
-  tags:
-    - config
-
-- name: Enable ossec-authd
-  command: /var/ossec/bin/ossec-control enable auth
-  notify: restart wazuh-manager
-  when:
-    - authd_enabled.stdout == '0' or "skipped" in authd_enabled.stdout
-    - wazuh_manager_config.authd.enable == true
-  tags:
-    - config
-
 - name: Checking alert log output settings
   fail: msg="Please enable json_output or alerts_log options."
   when:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save
new file mode 100644
index 00000000..26b5f5ac
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save
@@ -0,0 +1,383 @@
+---
+- import_tasks: "RedHat.yml"
+  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
+
+- import_tasks: "Debian.yml"
+  when: ansible_os_family == "Debian"
+
+- name: Install wazuh-manager, wazuh-api and expect
+  package: pkg={{ item }} state=latest
+  with_items:
+    - wazuh-manager
+    - wazuh-api
+    - expect
+  when:
+    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+  tags:
+    - init
+
+- name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
+  replace:
+    path: /etc/init.d/wazuh-manager
+    regexp: 'echo -n "Starting Wazuh-manager: "'
+    replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
+  when:
+    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
+    - wazuh_manager_config.cluster.disable != 'yes'
+
+- name: Install wazuh-manager and expect (EL5)
+  package: pkg={{ item }} state=latest
+  with_items:
+    - wazuh-manager
+    - expect
+  when:
+    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and  ansible_distribution_major_version|int < 6
+  tags:
+    - init
+
+- name: Generate SSL files for authd
+  command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{wazuh_manager_fqdn}}/"
+  args:
+    creates: sslmanager.cert
+    chdir: /var/ossec/etc/
+  tags:
+      - config
+  when: not wazuh_manager_config.authd.ssl_agent_ca is not none
+
+- name: Copy CA, SSL key and cert for authd
+  copy:
+    src: "{{ item }}"
+    dest: "/var/ossec/etc/{{ item | basename }}"
+    mode: 0644
+  with_items:
+    - "{{ wazuh_manager_config.authd.ssl_agent_ca }}"
+    - "{{ wazuh_manager_config.authd.ssl_manager_cert }}"
+    - "{{ wazuh_manager_config.authd.ssl_manager_key }}"
+  tags:
+    - config
+  when: wazuh_manager_config.authd.ssl_agent_ca is not none
+
+- name: Verifying for old init authd service
+  stat: path=/etc/init.d/ossec-authd
+  register: old_authd_service
+  tags:
+    - config
+
+- name: Verifying for old systemd authd service
+  stat: path=/lib/systemd/system/ossec-authd.service
+  register: old_authd_service
+  tags:
+    - config
+
+- name: Ensure ossec-authd service is disabled
+  service: name=ossec-authd enabled=no state=stopped
+  when: old_authd_service.stat.exists == True
+  tags:
+    - config
+
+- name: Removing old init authd services
+  file: path="{{ item }}" state=absent
+  with_items:
+    - "/etc/init.d/ossec-authd"
+    - "/lib/systemd/system/ossec-authd.service"
+  when: old_authd_service.stat.exists == True
+  tags:
+    - config
+
+- name: Installing the local_rules.xml (default local_rules.xml)
+  template: src=var-ossec-rules-local_rules.xml.j2
+            dest=/var/ossec/etc/rules/local_rules.xml
+            owner=root
+            group=ossec
+            mode=0640
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+    - rules
+
+- name: Adding local rules files
+  copy: src="{{ wazuh_manager_config.ruleset.rules_path }}"
+        dest=/var/ossec/etc/rules/
+        owner=root
+        group=ossec
+        mode=0640
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+    - rules
+
+- name: Installing the local_decoder.xml
+  template: src=var-ossec-rules-local_decoder.xml.j2
+            dest=/var/ossec/etc/decoders/local_decoder.xml
+            owner=root
+            group=ossec
+            mode=0640
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+    - rules
+
+- name: Adding local decoders files
+  copy: src="{{ wazuh_manager_config.ruleset.decoders_path }}"
+        dest=/var/ossec/etc/decoders/
+        owner=root
+        group=ossec
+        mode=0640
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+    - rules
+
+- name: Configure the shared-agent.conf
+  template:
+    src: var-ossec-etc-shared-agent.conf.j2
+    dest: /var/ossec/etc/shared/default/agent.conf
+    owner: ossec
+    group: ossec
+    mode: 0640
+    validate: '/var/ossec/bin/verify-agent-conf -f %s'
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+
+- name: Installing the config.js (api configuration)
+  template: src=var-ossec-api-configuration-config.js.j2
+            dest=/var/ossec/api/configuration/config.js
+            owner=root
+            group=ossec
+            mode=0740
+  notify: restart wazuh-api
+  tags:
+    - init
+    - config
+
+- name: Installing the local_internal_options.conf
+  template: src=var-ossec-etc-local-internal-options.conf.j2
+            dest=/var/ossec/etc/local_internal_options.conf
+            owner=root
+            group=ossec
+            mode=0640
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+
+- name: Retrieving Agentless Credentials
+  include_vars: agentless_creds.yml
+  tags:
+    - config
+
+- name: Retrieving authd Credentials
+  include_vars: authd_pass.yml
+  tags:
+    - config
+
+- name: Retrieving Wazuh-API User Credentials
+  include_vars: wazuh_api_creds.yml
+  when:
+    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+  tags:
+    - config
+
+- name: Retrieving CDB lists
+  include_vars: cdb_lists.yml
+  tags:
+    - config
+
+- name: Check if syslog output is enabled
+  set_fact: syslog_output=true
+  when: item.server is not none
+  with_items:
+    - "{{ wazuh_manager_config.syslog_outputs }}"
+  tags:
+    - config
+
+- name: Check if client-syslog is enabled
+  shell: "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo"
+  args:
+    removes: /var/ossec/bin/.process_list
+  changed_when: False
+  check_mode: no
+  register: csyslog_enabled
+  tags:
+    - config
+
+- name: Enable client-syslog
+  command: /var/ossec/bin/ossec-control enable client-syslog
+  notify: restart wazuh-manager
+  when:
+    - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout
+    - syslog_output is defined and syslog_output == true
+  tags:
+    - config
+
+- name: Check if ossec-agentlessd is enabled
+  shell: "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo"
+  args:
+    removes: /var/ossec/bin/.process_list
+  changed_when: False
+  check_mode: no
+  register: agentlessd_enabled
+  tags:
+    - config
+
+- name: Enable ossec-agentlessd
+  command: /var/ossec/bin/ossec-control enable agentless
+  notify: restart wazuh-manager
+  when:
+    - agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout
+    - agentless_creds is defined
+  tags:
+    - config
+
+#- name: Check if ossec-authd is enabled
+#  shell: "grep -c 'ossec-authd' /var/ossec/bin/.process_list | xargs echo"
+  args:
+ @#   removes: /var/ossec/bin/.process_list
+  changed_when: False
+  check_mode: no
+  register: authd_enabled
+  tags:
+    - config
+
+#- name: Enable ossec-authd
+#  command: /var/ossec/bin/ossec-control enable auth
+#  notify: restart wazuh-manager
+#  when:
+#    - authd_enabled.stdout == '0' or "skipped" in authd_enabled.stdout
+#    - wazuh_manager_config.authd.enable == true
+#  tags:
+#    - config
+
+- name: Checking alert log output settings
+  fail: msg="Please enable json_output or alerts_log options."
+  when:
+    - wazuh_manager_config.json_output == 'no'
+    - wazuh_manager_config.alerts_log == 'no'
+  tags:
+    - init
+    - config
+
+- name: Linux | Vuls integration deploy (runs in background, can take a while)
+  command: /var/ossec/wodles/vuls/deploy_vuls.sh {{ ansible_distribution|lower }} {{ ansible_distribution_major_version|int }}
+  args:
+    creates: /var/ossec/wodles/vuls/config.toml
+  async: 3600
+  poll: 0
+  when:
+    - wazuh_manager_config.vuls.disable != 'yes'
+    - ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
+  tags:
+    - init
+
+- name: Configure ossec.conf
+  template: src=var-ossec-etc-ossec-server.conf.j2
+            dest=/var/ossec/etc/ossec.conf
+            owner=root
+            group=ossec
+            mode=0644
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+
+- name: Ossec-authd password
+  template:
+    src: authd_pass.j2
+    dest: "/var/ossec/etc/authd.pass"
+    owner: ossec
+    group: ossec
+    mode: 0640
+  no_log: true
+  notify: restart wazuh-manager
+  when:
+    - wazuh_manager_config.authd.use_password is defined
+    - wazuh_manager_config.authd.use_password == 'yes'
+  tags:
+    - config
+
+- name: Wazuh-API User
+  template:
+    src: api_user.j2
+    dest: "/var/ossec/api/configuration/auth/user"
+    owner: root
+    group: root
+    mode: 0750
+  no_log: true
+  notify: restart wazuh-api
+  when:
+    - wazuh_api_user is defined
+    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+  tags:
+    - config
+
+- name: Agentless Hosts & Passwd
+  template:
+    src: agentless.j2
+    dest: "/var/ossec/agentless/.passlist_tmp"
+    owner: root
+    group: root
+    mode: 0644
+  no_log: true
+  when: agentless_creds is defined
+  tags:
+    - config
+
+- name: Encode the secret
+  shell: /usr/bin/base64 /var/ossec/agentless/.passlist_tmp > /var/ossec/agentless/.passlist && rm /var/ossec/agentless/.passlist_tmp
+  when: agentless_creds is defined
+  tags:
+    - config
+
+- name: CDB Lists
+  template:
+    src: cdb_lists.j2
+    dest: "/var/ossec/etc/lists/{{ item.name }}"
+    owner: root
+    group: ossec
+    mode: 0640
+  no_log: true
+  notify:
+    - rebuild cdb_lists
+    - restart wazuh-manager
+  with_items:
+    - "{{ cdb_lists }}"
+  when: cdb_lists is defined
+  tags:
+    - config
+
+- name: Ensure Wazuh Manager, wazuh API service is started and enabled
+  service:
+    name: "{{ item }}"
+    enabled: yes
+    state: started
+  with_items:
+    - wazuh-manager
+    - wazuh-api
+  tags:
+    - config
+  environment:
+    LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
+  when:
+    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+
+- name: Ensure Wazuh Manager is started and enabled (EL5)
+  service:
+    name: wazuh-manager
+    enabled: yes
+    state: started
+  tags:
+    - config
+  when:
+    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6
+
+- import_tasks: "RMRedHat.yml"
+  when: ansible_os_family == "RedHat"
+
+- import_tasks: "RMDebian.yml"
+  when: ansible_os_family == "Debian"

From d4b2de38de35a6cecd396b6f899f11ba77be1eb1 Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 17 Jan 2019 17:03:17 +0100
Subject: [PATCH 044/714] delete save file

---
 .../ansible-wazuh-manager/tasks/main.yml.save | 383 ------------------
 1 file changed, 383 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save
deleted file mode 100644
index 26b5f5ac..00000000
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml.save
+++ /dev/null
@@ -1,383 +0,0 @@
----
-- import_tasks: "RedHat.yml"
-  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
-
-- import_tasks: "Debian.yml"
-  when: ansible_os_family == "Debian"
-
-- name: Install wazuh-manager, wazuh-api and expect
-  package: pkg={{ item }} state=latest
-  with_items:
-    - wazuh-manager
-    - wazuh-api
-    - expect
-  when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
-  tags:
-    - init
-
-- name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
-  replace:
-    path: /etc/init.d/wazuh-manager
-    regexp: 'echo -n "Starting Wazuh-manager: "'
-    replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
-  when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
-    - wazuh_manager_config.cluster.disable != 'yes'
-
-- name: Install wazuh-manager and expect (EL5)
-  package: pkg={{ item }} state=latest
-  with_items:
-    - wazuh-manager
-    - expect
-  when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and  ansible_distribution_major_version|int < 6
-  tags:
-    - init
-
-- name: Generate SSL files for authd
-  command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{wazuh_manager_fqdn}}/"
-  args:
-    creates: sslmanager.cert
-    chdir: /var/ossec/etc/
-  tags:
-      - config
-  when: not wazuh_manager_config.authd.ssl_agent_ca is not none
-
-- name: Copy CA, SSL key and cert for authd
-  copy:
-    src: "{{ item }}"
-    dest: "/var/ossec/etc/{{ item | basename }}"
-    mode: 0644
-  with_items:
-    - "{{ wazuh_manager_config.authd.ssl_agent_ca }}"
-    - "{{ wazuh_manager_config.authd.ssl_manager_cert }}"
-    - "{{ wazuh_manager_config.authd.ssl_manager_key }}"
-  tags:
-    - config
-  when: wazuh_manager_config.authd.ssl_agent_ca is not none
-
-- name: Verifying for old init authd service
-  stat: path=/etc/init.d/ossec-authd
-  register: old_authd_service
-  tags:
-    - config
-
-- name: Verifying for old systemd authd service
-  stat: path=/lib/systemd/system/ossec-authd.service
-  register: old_authd_service
-  tags:
-    - config
-
-- name: Ensure ossec-authd service is disabled
-  service: name=ossec-authd enabled=no state=stopped
-  when: old_authd_service.stat.exists == True
-  tags:
-    - config
-
-- name: Removing old init authd services
-  file: path="{{ item }}" state=absent
-  with_items:
-    - "/etc/init.d/ossec-authd"
-    - "/lib/systemd/system/ossec-authd.service"
-  when: old_authd_service.stat.exists == True
-  tags:
-    - config
-
-- name: Installing the local_rules.xml (default local_rules.xml)
-  template: src=var-ossec-rules-local_rules.xml.j2
-            dest=/var/ossec/etc/rules/local_rules.xml
-            owner=root
-            group=ossec
-            mode=0640
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-    - rules
-
-- name: Adding local rules files
-  copy: src="{{ wazuh_manager_config.ruleset.rules_path }}"
-        dest=/var/ossec/etc/rules/
-        owner=root
-        group=ossec
-        mode=0640
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-    - rules
-
-- name: Installing the local_decoder.xml
-  template: src=var-ossec-rules-local_decoder.xml.j2
-            dest=/var/ossec/etc/decoders/local_decoder.xml
-            owner=root
-            group=ossec
-            mode=0640
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-    - rules
-
-- name: Adding local decoders files
-  copy: src="{{ wazuh_manager_config.ruleset.decoders_path }}"
-        dest=/var/ossec/etc/decoders/
-        owner=root
-        group=ossec
-        mode=0640
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-    - rules
-
-- name: Configure the shared-agent.conf
-  template:
-    src: var-ossec-etc-shared-agent.conf.j2
-    dest: /var/ossec/etc/shared/default/agent.conf
-    owner: ossec
-    group: ossec
-    mode: 0640
-    validate: '/var/ossec/bin/verify-agent-conf -f %s'
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-
-- name: Installing the config.js (api configuration)
-  template: src=var-ossec-api-configuration-config.js.j2
-            dest=/var/ossec/api/configuration/config.js
-            owner=root
-            group=ossec
-            mode=0740
-  notify: restart wazuh-api
-  tags:
-    - init
-    - config
-
-- name: Installing the local_internal_options.conf
-  template: src=var-ossec-etc-local-internal-options.conf.j2
-            dest=/var/ossec/etc/local_internal_options.conf
-            owner=root
-            group=ossec
-            mode=0640
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-
-- name: Retrieving Agentless Credentials
-  include_vars: agentless_creds.yml
-  tags:
-    - config
-
-- name: Retrieving authd Credentials
-  include_vars: authd_pass.yml
-  tags:
-    - config
-
-- name: Retrieving Wazuh-API User Credentials
-  include_vars: wazuh_api_creds.yml
-  when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
-  tags:
-    - config
-
-- name: Retrieving CDB lists
-  include_vars: cdb_lists.yml
-  tags:
-    - config
-
-- name: Check if syslog output is enabled
-  set_fact: syslog_output=true
-  when: item.server is not none
-  with_items:
-    - "{{ wazuh_manager_config.syslog_outputs }}"
-  tags:
-    - config
-
-- name: Check if client-syslog is enabled
-  shell: "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo"
-  args:
-    removes: /var/ossec/bin/.process_list
-  changed_when: False
-  check_mode: no
-  register: csyslog_enabled
-  tags:
-    - config
-
-- name: Enable client-syslog
-  command: /var/ossec/bin/ossec-control enable client-syslog
-  notify: restart wazuh-manager
-  when:
-    - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout
-    - syslog_output is defined and syslog_output == true
-  tags:
-    - config
-
-- name: Check if ossec-agentlessd is enabled
-  shell: "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo"
-  args:
-    removes: /var/ossec/bin/.process_list
-  changed_when: False
-  check_mode: no
-  register: agentlessd_enabled
-  tags:
-    - config
-
-- name: Enable ossec-agentlessd
-  command: /var/ossec/bin/ossec-control enable agentless
-  notify: restart wazuh-manager
-  when:
-    - agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout
-    - agentless_creds is defined
-  tags:
-    - config
-
-#- name: Check if ossec-authd is enabled
-#  shell: "grep -c 'ossec-authd' /var/ossec/bin/.process_list | xargs echo"
-  args:
- @#   removes: /var/ossec/bin/.process_list
-  changed_when: False
-  check_mode: no
-  register: authd_enabled
-  tags:
-    - config
-
-#- name: Enable ossec-authd
-#  command: /var/ossec/bin/ossec-control enable auth
-#  notify: restart wazuh-manager
-#  when:
-#    - authd_enabled.stdout == '0' or "skipped" in authd_enabled.stdout
-#    - wazuh_manager_config.authd.enable == true
-#  tags:
-#    - config
-
-- name: Checking alert log output settings
-  fail: msg="Please enable json_output or alerts_log options."
-  when:
-    - wazuh_manager_config.json_output == 'no'
-    - wazuh_manager_config.alerts_log == 'no'
-  tags:
-    - init
-    - config
-
-- name: Linux | Vuls integration deploy (runs in background, can take a while)
-  command: /var/ossec/wodles/vuls/deploy_vuls.sh {{ ansible_distribution|lower }} {{ ansible_distribution_major_version|int }}
-  args:
-    creates: /var/ossec/wodles/vuls/config.toml
-  async: 3600
-  poll: 0
-  when:
-    - wazuh_manager_config.vuls.disable != 'yes'
-    - ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
-  tags:
-    - init
-
-- name: Configure ossec.conf
-  template: src=var-ossec-etc-ossec-server.conf.j2
-            dest=/var/ossec/etc/ossec.conf
-            owner=root
-            group=ossec
-            mode=0644
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-
-- name: Ossec-authd password
-  template:
-    src: authd_pass.j2
-    dest: "/var/ossec/etc/authd.pass"
-    owner: ossec
-    group: ossec
-    mode: 0640
-  no_log: true
-  notify: restart wazuh-manager
-  when:
-    - wazuh_manager_config.authd.use_password is defined
-    - wazuh_manager_config.authd.use_password == 'yes'
-  tags:
-    - config
-
-- name: Wazuh-API User
-  template:
-    src: api_user.j2
-    dest: "/var/ossec/api/configuration/auth/user"
-    owner: root
-    group: root
-    mode: 0750
-  no_log: true
-  notify: restart wazuh-api
-  when:
-    - wazuh_api_user is defined
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
-  tags:
-    - config
-
-- name: Agentless Hosts & Passwd
-  template:
-    src: agentless.j2
-    dest: "/var/ossec/agentless/.passlist_tmp"
-    owner: root
-    group: root
-    mode: 0644
-  no_log: true
-  when: agentless_creds is defined
-  tags:
-    - config
-
-- name: Encode the secret
-  shell: /usr/bin/base64 /var/ossec/agentless/.passlist_tmp > /var/ossec/agentless/.passlist && rm /var/ossec/agentless/.passlist_tmp
-  when: agentless_creds is defined
-  tags:
-    - config
-
-- name: CDB Lists
-  template:
-    src: cdb_lists.j2
-    dest: "/var/ossec/etc/lists/{{ item.name }}"
-    owner: root
-    group: ossec
-    mode: 0640
-  no_log: true
-  notify:
-    - rebuild cdb_lists
-    - restart wazuh-manager
-  with_items:
-    - "{{ cdb_lists }}"
-  when: cdb_lists is defined
-  tags:
-    - config
-
-- name: Ensure Wazuh Manager, wazuh API service is started and enabled
-  service:
-    name: "{{ item }}"
-    enabled: yes
-    state: started
-  with_items:
-    - wazuh-manager
-    - wazuh-api
-  tags:
-    - config
-  environment:
-    LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
-  when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
-
-- name: Ensure Wazuh Manager is started and enabled (EL5)
-  service:
-    name: wazuh-manager
-    enabled: yes
-    state: started
-  tags:
-    - config
-  when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6
-
-- import_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
-
-- import_tasks: "RMDebian.yml"
-  when: ansible_os_family == "Debian"

From c20c6952072fdb8771b21abecb82c77a8da819ac Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Thu, 17 Jan 2019 17:19:37 +0100
Subject: [PATCH 045/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7abe1a71..8b262e06 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,7 @@ All notable changes to this project will be documented in this file.
 
 - Changed Windows installation directory ([#116](https://github.com/wazuh/wazuh-ansible/pull/116))
 - move redundant tags to the outer block ([#133](https://github.com/wazuh/wazuh-ansible/pull/133))
+- Adapt new version (3.8.0-6.5.4) ([#144](https://github.com/wazuh/wazuh-ansible/pull/144))
 
 ### Fixed
 

From 37bfa5be179b45d611c29b86b94f593ea62e526c Mon Sep 17 00:00:00 2001
From: cadoming <carlos.dominguez@wazuh.com>
Date: Fri, 18 Jan 2019 15:11:40 +0000
Subject: [PATCH 046/714] 3.8 release

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml  |  3 +--
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml   |  4 ++--
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml   | 12 ++++++------
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml  |  3 +--
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml |  4 ++--
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml |  8 ++++----
 6 files changed, 16 insertions(+), 18 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c0dc824b..db85a112 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -46,8 +46,7 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  #shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
-  shell: "/usr/share/kibana/bin/kibana-plugin install  https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/app/kibana/wazuhapp-3.8.0_6.5.4.zip"
+  shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 22a4210d..d8affe84 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -9,11 +9,11 @@
     - ca-certificates
 
 - name: Debian/Ubuntu | Installing repository key
-  apt_key: url=https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/ unstable main'
+    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     state: present
     update_cache: yes
 
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 29b0b632..8aebbda8 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -3,8 +3,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/
-    gpgkey: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://packages.wazuh.com/3.x/yum/
+    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution_major_version|int > 5
@@ -13,8 +13,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/5/
-    gpgkey: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://packages.wazuh.com/3.x/yum/5/
+    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH-5
     gpgcheck: yes
   when:
     - ansible_distribution_major_version|int == 5
@@ -23,8 +23,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/
-    gpgkey: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://packages.wazuh.com/3.x/yum/
+    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 08bf1f14..913f2453 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -23,8 +23,7 @@
 - name: Windows | Downloading windows Wazuh agent installer
   win_get_url:
     dest: C:\wazuh-agent-installer.msi
-    #url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
-    url: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.8/windows/wazuh-agent-3.8.0-0.3802.20190114T114149.branch38.commit04f4687.msi
+    url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
   when:
     - correct_version is not defined
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 6d8de4f0..f2885345 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -9,11 +9,11 @@
     - ca-certificates
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
-  apt_key: url=https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/ unstable main'
+    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     state: present
     update_cache: yes
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index c83d3388..27eea91b 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -36,8 +36,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/
-    gpgkey: https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://packages.wazuh.com/3.x/yum/
+    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
@@ -46,8 +46,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/5/
-    gpgkey: http://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: https://packages.wazuh.com/3.x/yum/5/
+    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
   when:
     - ansible_distribution_major_version|int == 5

From 492d7ad288ba1b74f9d2e6b48201cd12c5512ecb Mon Sep 17 00:00:00 2001
From: Carlos Dominguez <43823505+cadoming@users.noreply.github.com>
Date: Fri, 18 Jan 2019 16:33:33 +0100
Subject: [PATCH 047/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7abe1a71..89711ea0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,7 @@ All notable changes to this project will be documented in this file.
 - Fixed multiple remote connection ([#120](https://github.com/wazuh/wazuh-ansible/pull/120))
 - Fixed null value for wazuh_manager_fqdn ([#132](https://github.com/wazuh/wazuh-ansible/pull/132))
 - Erasing extra spaces in playbooks ([#131](https://github.com/wazuh/wazuh-ansible/pull/131))
+- Fixed oracle java cookies ([#143](https://github.com/wazuh/wazuh-ansible/pull/143))
 
 ### Removed
 

From 72b0f672d63380ef58605772602ac783258cc202 Mon Sep 17 00:00:00 2001
From: Perry Kollmorgen <p.kollmorgen@uq.edu.au>
Date: Mon, 21 Jan 2019 09:10:45 +1000
Subject: [PATCH 048/714] Fix warning from cluster interval option in defaults
 #145

The interval option in the cluster section in the defaults has been
depreciated and no longer requires to be set.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/cluster.html#interval
---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b9817a3a..d7af37ea 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -29,7 +29,6 @@ wazuh_manager_config:
     node_name: 'manager_01'
     node_type: 'master'
     key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
-    interval: '2m'
     port: '1516'
     bind_addr: '0.0.0.0'
     nodes:

From 1b51b2dc11112e4b082eaf34020f99c4376dcd3f Mon Sep 17 00:00:00 2001
From: Perry Kollmorgen <p.kollmorgen@uq.edu.au>
Date: Mon, 21 Jan 2019 09:12:35 +1000
Subject: [PATCH 049/714] Fix warning from vul_detector config for Redhat Feed
 Name #145

The value for the Redhat Feed Name in the ossec.conf template no longer
requires a version. i.e the value should be "redhat" rather "redhat-7"
or similar.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/wodle-vuln-detector.html#feed
https://github.com/wazuh/wazuh/pull/2137
---
 .../templates/var-ossec-etc-ossec-server.conf.j2                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 71201e92..f3c43dcc 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -235,7 +235,7 @@
       <disabled>{{ wazuh_manager_config.vul_detector.ubuntu.disable }}</disabled>
       <update_interval>{{ wazuh_manager_config.vul_detector.ubuntu.update_interval }}</update_interval>
     </feed>
-    <feed name="redhat-7">
+    <feed name="redhat">
       <disabled>{{ wazuh_manager_config.vul_detector.redhat.disable }}</disabled>
       <update_interval>{{ wazuh_manager_config.vul_detector.redhat.update_interval }}</update_interval>
     </feed>

From f26ba7fd243e919086d565796d6b92e7d0ef9443 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <alfonso.ruiz-bravo@wazuh.com>
Date: Tue, 22 Jan 2019 16:46:04 +0100
Subject: [PATCH 050/714] Update CHANGELOG.md

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index db70ddde..803c45fd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,8 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.9.0]
+
 ## [v3.8.0]
 
 ### Added

From aaef9cd1fac8e3c4f53402e29e1d61e880aa4422 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <alfonso.ruiz-bravo@wazuh.com>
Date: Tue, 22 Jan 2019 16:46:39 +0100
Subject: [PATCH 051/714] Update VERSION

---
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index b70c5861..53f0359c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.8.0"
-REVISION="3804"
+WAZUH-ANSIBLE_VERSION="v3.9.0"
+REVISION="3900"

From 82693e34f1e1475fdb9213d92c33fedd580b8b8f Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Thu, 24 Jan 2019 08:42:57 +0100
Subject: [PATCH 052/714] debian repo keys with pgp keyserver

---
 .../elastic-stack/ansible-elasticsearch/defaults/main.yml | 1 +
 .../elastic-stack/ansible-elasticsearch/tasks/Debian.yml  | 4 ++--
 roles/elastic-stack/ansible-kibana/defaults/main.yml      | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml       | 4 ++--
 roles/elastic-stack/ansible-logstash/defaults/main.yml    | 2 ++
 roles/elastic-stack/ansible-logstash/tasks/Debian.yml     | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml            | 2 ++
 roles/wazuh/ansible-filebeat/tasks/Debian.yml             | 4 ++--
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml         | 2 ++
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml          | 6 ++++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml       | 3 +++
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml        | 8 ++++++--
 12 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 677517a9..078fcca1 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -8,3 +8,4 @@ elastic_stack_version: 6.5.4
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: yes
+elasticrepo_gpg_keyserver: pgp.mit.edu
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index ae4e717f..cb6156d1 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -32,8 +32,8 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
-    state: present
+    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index e4a61c07..54165327 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,4 +5,4 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
 wazuh_version: 3.8.0
-
+elasticrepo_gpg_keyserver: pgp.mit.edu
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 9cb809d2..6e3f1f16 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -10,8 +10,8 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
-    state: present
+    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 955fcf6f..51a3e9ad 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -17,3 +17,5 @@ logstash_ssl_certificate_file: ""
 logstash_ssl_key_file: ""
 
 logstash_install_java: yes
+
+elasticrepo_gpg_keyserver: pgp.mit.edu
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 628fd8e4..1e9fceb4 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -31,8 +31,8 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
-    state: present
+    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
 
 - name: Debian/Ubuntu | Install Elasticsearch repo
   apt_repository:
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 0f9b5c5a..e7ebe216 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -27,3 +27,5 @@ filebeat_ssl_dir: /etc/pki/logstash
 filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
+
+elasticrepo_gpg_keyserver: pgp.mit.edu
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 45494c26..afa76227 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -10,8 +10,8 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
-    url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
-    state: present
+    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
 
 - name: Debian/Ubuntu | Add Filebeat repository.
   apt_repository:
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 52521a7d..7e20b6ce 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -305,3 +305,5 @@ wazuh_agent_config:
     list:
       - key: Env
         value: Production
+
+wauzhrepo_gpg_keyserver: pgp.mit.edu
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index d8affe84..bbd6f8fe 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -8,8 +8,10 @@
     - apt-transport-https
     - ca-certificates
 
-- name: Debian/Ubuntu | Installing repository key
-  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+- name: Debian/Ubuntu | Installing Wazuh repository key
+  apt_key:
+    keyserver: "{{ wauzhrepo_gpg_keyserver }}"
+    id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b9817a3a..9d69fe0d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -329,3 +329,6 @@ wazuh_agent_configs:
         format: 'eventchannel'
       - location: 'System'
         format: 'eventlog'
+
+wauzhrepo_gpg_keyserver: pgp.mit.edu
+nodejsrepo_gpg_keyserver: pgp.mit.edu
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index f2885345..539ad4e1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -9,7 +9,9 @@
     - ca-certificates
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
-  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key:
+    keyserver: "{{ wauzhrepo_gpg_keyserver }}"
+    id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -18,7 +20,9 @@
     update_cache: yes
 
 - name: Debian/Ubuntu | Installing NodeJS repository key
-  apt_key: url=https://deb.nodesource.com/gpgkey/nodesource.gpg.key
+  apt_key:
+    keyserver: "{{ nodejsrepo_gpg_keyserver }}"
+    id: 9FD3B784BC1C6FC31A8A0A1C1655A0AB68576280
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:

From 59c3fe0e4bf2c4844a5a4a647675d5dd0a9d78dd Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Thu, 24 Jan 2019 09:01:16 +0100
Subject: [PATCH 053/714] make debian repos customizable

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 1 +
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml  | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 1 +
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml         | 2 +-
 roles/elastic-stack/ansible-logstash/defaults/main.yml      | 1 +
 roles/elastic-stack/ansible-logstash/tasks/Debian.yml       | 2 +-
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 1 +
 roles/wazuh/ansible-filebeat/tasks/Debian.yml               | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml            | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 2 ++
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml          | 4 ++--
 12 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 078fcca1..82a2b0ce 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -9,3 +9,4 @@ elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: yes
 elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index cb6156d1..895a2897 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -37,7 +37,7 @@
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: "deb {{ elasticrepo_server }} stable main"
     state: present
     filename: 'elastic_repo'
     update_cache: yes
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 54165327..1d41a025 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,3 +6,4 @@ kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
 wazuh_version: 3.8.0
 elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 6e3f1f16..bb773faf 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -15,7 +15,7 @@
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: "deb {{ elasticrepo_server }} stable main"
     state: present
     filename: 'elastic_repo'
     update_cache: yes
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 51a3e9ad..662aa80a 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -19,3 +19,4 @@ logstash_ssl_key_file: ""
 logstash_install_java: yes
 
 elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 1e9fceb4..0814ed77 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -36,7 +36,7 @@
 
 - name: Debian/Ubuntu | Install Elasticsearch repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: "deb {{ elasticrepo_server }} stable main"
     state: present
     filename: 'elastic_repo'
 
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index e7ebe216..d71dd489 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -29,3 +29,4 @@ filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
 elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index afa76227..c1566aeb 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -15,6 +15,6 @@
 
 - name: Debian/Ubuntu | Add Filebeat repository.
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: "deb {{ elasticrepo_server }} stable main"
     state: present
     update_cache: yes
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 7e20b6ce..3677d48b 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -307,3 +307,4 @@ wazuh_agent_config:
         value: Production
 
 wauzhrepo_gpg_keyserver: pgp.mit.edu
+wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index bbd6f8fe..220ea98a 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -15,7 +15,7 @@
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
+    repo: "deb {{ wazuhrepo_server }} stable main"
     state: present
     update_cache: yes
 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 9d69fe0d..104aa971 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -332,3 +332,5 @@ wazuh_agent_configs:
 
 wauzhrepo_gpg_keyserver: pgp.mit.edu
 nodejsrepo_gpg_keyserver: pgp.mit.edu
+wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
+nodejsrepo_server: https://deb.nodesource.com/node_6.x
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 539ad4e1..23e1c08f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -15,7 +15,7 @@
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
+    repo: "deb {{ wazuhrepo_server }} stable main"
     state: present
     update_cache: yes
 
@@ -26,7 +26,7 @@
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
-    repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
+    repo: "deb {{ nodejsrepo_server }} {{ ansible_distribution_release }} main"
     state: present
     update_cache: yes
 

From 9a7814213754448ff8de1cc5d2423b262fbb8d12 Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Thu, 24 Jan 2019 09:08:44 +0100
Subject: [PATCH 054/714] changed keyserver for better performance

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/elastic-stack/ansible-logstash/defaults/main.yml      | 2 +-
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 4 ++--
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 82a2b0ce..ef5e02cd 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -8,5 +8,5 @@ elastic_stack_version: 6.5.4
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: yes
-elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 1d41a025..3796a67f 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,5 +5,5 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
 wazuh_version: 3.8.0
-elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 662aa80a..0be1cc56 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -18,5 +18,5 @@ logstash_ssl_key_file: ""
 
 logstash_install_java: yes
 
-elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index d71dd489..5f3023c1 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -28,5 +28,5 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
-elasticrepo_gpg_keyserver: pgp.mit.edu
+elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 3677d48b..b043d1a4 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -306,5 +306,5 @@ wazuh_agent_config:
       - key: Env
         value: Production
 
-wauzhrepo_gpg_keyserver: pgp.mit.edu
+wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
 wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 104aa971..66f46837 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -330,7 +330,7 @@ wazuh_agent_configs:
       - location: 'System'
         format: 'eventlog'
 
-wauzhrepo_gpg_keyserver: pgp.mit.edu
-nodejsrepo_gpg_keyserver: pgp.mit.edu
+wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
+nodejsrepo_gpg_keyserver: pool.sks-keyservers.net
 wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
 nodejsrepo_server: https://deb.nodesource.com/node_6.x

From 09ed90b74fc19a5861fa89bb5946315997e1e453 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <sitoruizbravo@hotmail.com>
Date: Thu, 24 Jan 2019 12:50:06 +0100
Subject: [PATCH 055/714] Bump version 3.8.1

---
 CHANGELOG.md | 2 ++
 VERSION      | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index db70ddde..48ec6fac 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,8 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.8.1]
+
 ## [v3.8.0]
 
 ### Added
diff --git a/VERSION b/VERSION
index b70c5861..7d501c8d 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.8.0"
-REVISION="3804"
+WAZUH-ANSIBLE_VERSION="v3.8.1"
+REVISION="3800"

From a0b3fae9d214b30d32bdf27c456f2bad71393993 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <alfonso.ruiz-bravo@wazuh.com>
Date: Thu, 24 Jan 2019 15:09:45 +0100
Subject: [PATCH 056/714] Update to Wazuh version 3.8.1 (#148)

---
 CHANGELOG.md                                         | 3 +++
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 48ec6fac..54ee6666 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,9 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.8.1]
 
+### Changed 
+- Update to Wazuh version v3.8.1. ([#148](https://github.com/wazuh/wazuh-ansible/pull/148))
+
 ## [v3.8.0]
 
 ### Added
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index e4a61c07..149a162c 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -4,5 +4,5 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
-wazuh_version: 3.8.0
+wazuh_version: 3.8.1
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 52521a7d..e08b891d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -23,7 +23,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.8.0'
+  version: '3.8.1'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 43936e7bc7eb51bd186f47dac4a6f477

From fe109526b6cfc5e6faddf692d9af82c9364b090d Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Fri, 25 Jan 2019 08:35:41 +0100
Subject: [PATCH 057/714] custom wazuh app location

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 1 +
 roles/elastic-stack/ansible-kibana/tasks/main.yml    | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 3796a67f..bdf8d314 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -7,3 +7,4 @@ elastic_stack_version: 6.5.4
 wazuh_version: 3.8.0
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
+wazuhapp_location: https://packages.wazuh.com/wazuhapp
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index db85a112..fa105045 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -46,7 +46,7 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: "/usr/share/kibana/bin/kibana-plugin install {{wazuhapp_location}}/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:

From b3f4046a837c8dbe74d96b6e2e83c41238548554 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <sitoruizbravo@hotmail.com>
Date: Wed, 30 Jan 2019 16:55:35 +0100
Subject: [PATCH 058/714] Bump version 3.8.2

---
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index 7d501c8d..63d5e48d 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.8.1"
-REVISION="3800"
+WAZUH-ANSIBLE_VERSION="v3.8.2"
+REVISION="3801"

From 2030751eac9aa747daf6326fdca43cd295a63c46 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <sitoruizbravo@hotmail.com>
Date: Wed, 30 Jan 2019 17:02:33 +0100
Subject: [PATCH 059/714] Update to Wazuh version v3.8.2

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 149a162c..d8d60107 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -4,5 +4,5 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
-wazuh_version: 3.8.1
+wazuh_version: 3.8.2
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index e08b891d..150daeba 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -23,7 +23,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.8.1'
+  version: '3.8.2'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 43936e7bc7eb51bd186f47dac4a6f477

From 272d1c623a1482b92c7d73112463a4fb61cc8186 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <sitoruizbravo@hotmail.com>
Date: Wed, 30 Jan 2019 17:07:10 +0100
Subject: [PATCH 060/714] Update CHANGELOG.md

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 54ee6666..6621de13 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.8.2]
+
+### Changed 
+
+- Update to Wazuh version v3.8.2. ([#150](https://github.com/wazuh/wazuh-ansible/pull/150))
+
 ## [v3.8.1]
 
 ### Changed 

From 9ecfd7aeacba289b0146dd1878b3e1eb1ad129d7 Mon Sep 17 00:00:00 2001
From: AlfonsoRBJ <alfonso.ruiz-bravo@wazuh.com>
Date: Thu, 31 Jan 2019 10:21:04 +0100
Subject: [PATCH 061/714] Bump version 3.8.3

---
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/VERSION b/VERSION
index 63d5e48d..a85b3d76 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.8.2"
-REVISION="3801"
+WAZUH-ANSIBLE_VERSION="v3.8.3"
+REVISION="3802"

From 6e880f7dabbb398e26ffd9a5dc8d15feeab593f5 Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Thu, 7 Feb 2019 15:21:33 +0100
Subject: [PATCH 062/714] wrong fact for possible syscheck directories

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 6327441a..c62318b9 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -99,7 +99,7 @@
     {% endif %}
 
     <!-- Directories to check  (perform all possible verifications) -->
-    {% if wazuh_agent_config.syscheck.directories is defined and ansible_os_family == "Linux" %}
+    {% if wazuh_agent_config.syscheck.directories is defined and ansible_system == "Linux" %}
     {% for directory in wazuh_agent_config.syscheck.directories %}
     <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
     {% endfor %}

From 451792356c31293d7629d6f21a2e87ed156be978 Mon Sep 17 00:00:00 2001
From: jjediny <john.jediny@gsa.gov>
Date: Sun, 10 Feb 2019 13:19:45 -0500
Subject: [PATCH 063/714] initial minimal working molecule testing suite with
 circleci WIP for https://github.com/wazuh/wazuh-ansible/issues/138

---
 .circleci/config.yml                          |  25 +
 .vscode/settings.json                         |   3 +
 Pipfile                                       |  17 +
 Pipfile.lock                                  | 638 ++++++++++++++++++
 README.md                                     |   7 +
 molecule/default/Dockerfile.j2                |  14 +
 molecule/default/INSTALL.rst                  |  16 +
 molecule/default/create.yml                   |  81 +++
 molecule/default/destroy.yml                  |  32 +
 molecule/default/molecule.yml                 |  33 +
 molecule/default/playbook.yml                 |  10 +
 molecule/default/prepare.yml                  |   5 +
 molecule/default/tests/test_default.py        |  30 +
 molecule/default/tests/test_default.pyc       | Bin 0 -> 1129 bytes
 .../ansible-elasticsearch/tasks/main.yml      |   3 +-
 .../ansible-kibana/tasks/main.yml             |   2 +
 16 files changed, 915 insertions(+), 1 deletion(-)
 create mode 100644 .circleci/config.yml
 create mode 100644 .vscode/settings.json
 create mode 100644 Pipfile
 create mode 100644 Pipfile.lock
 create mode 100644 molecule/default/Dockerfile.j2
 create mode 100644 molecule/default/INSTALL.rst
 create mode 100644 molecule/default/create.yml
 create mode 100644 molecule/default/destroy.yml
 create mode 100644 molecule/default/molecule.yml
 create mode 100644 molecule/default/playbook.yml
 create mode 100644 molecule/default/prepare.yml
 create mode 100644 molecule/default/tests/test_default.py
 create mode 100644 molecule/default/tests/test_default.pyc

diff --git a/.circleci/config.yml b/.circleci/config.yml
new file mode 100644
index 00000000..08b3ff16
--- /dev/null
+++ b/.circleci/config.yml
@@ -0,0 +1,25 @@
+version: 2
+jobs:
+  test:
+    machine:
+      python:
+        version: 2.7
+      services:
+        - docker
+    working_directory: ~/wazuh-ansible  
+    steps:
+      - checkout
+      - run:
+          name: Install pipenv
+          command: pip install pipenv
+      - run:
+          name: Install molecule
+          command: pipenv install --dev --system
+      - run:
+          name: Run molecule
+          command: pipenv run test
+workflows:
+  version: 2
+  test_molecule:
+    jobs:
+      - test
\ No newline at end of file
diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 00000000..07127794
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+    "python.pythonPath": "/home/john/.local/share/virtualenvs/wazuh-ansible-b1QgYjuV/bin/python"
+}
\ No newline at end of file
diff --git a/Pipfile b/Pipfile
new file mode 100644
index 00000000..2c25c24e
--- /dev/null
+++ b/Pipfile
@@ -0,0 +1,17 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+molecule = "*"
+docker-py = "*"
+ansible = "*"
+
+[dev-packages]
+
+[requires]
+python_version = "2.7"
+
+[scripts]
+test ="molecule test"
diff --git a/Pipfile.lock b/Pipfile.lock
new file mode 100644
index 00000000..f555b014
--- /dev/null
+++ b/Pipfile.lock
@@ -0,0 +1,638 @@
+{
+    "_meta": {
+        "hash": {
+            "sha256": "2d9ee042a6e26f8aee145bcef372b8817aed4bcfa95fc5b518ae0b7b4e8a2a8d"
+        },
+        "pipfile-spec": 6,
+        "requires": {
+            "python_version": "2.7"
+        },
+        "sources": [
+            {
+                "name": "pypi",
+                "url": "https://pypi.org/simple",
+                "verify_ssl": true
+            }
+        ]
+    },
+    "default": {
+        "ansible": {
+            "hashes": [
+                "sha256:040cc936f959b947800ffaa5f940d2508aaa41f899efe56b47a7442c89689150"
+            ],
+            "index": "pypi",
+            "version": "==2.7.7"
+        },
+        "ansible-lint": {
+            "hashes": [
+                "sha256:7686dad54aab9281562a5788415af1488b9af8a5acc99c042ecb9959b6ab7a57"
+            ],
+            "version": "==3.4.23"
+        },
+        "anyconfig": {
+            "hashes": [
+                "sha256:4d6016ae6eecc5e502bc7e99ae0639c5710c5c67bde5f21b06b9eaafd9ce0e7e"
+            ],
+            "version": "==0.9.7"
+        },
+        "arrow": {
+            "hashes": [
+                "sha256:9cb4a910256ed536751cd5728673bfb53e6f0026e240466f90c2a92c0b79c895"
+            ],
+            "version": "==0.13.0"
+        },
+        "asn1crypto": {
+            "hashes": [
+                "sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87",
+                "sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49"
+            ],
+            "version": "==0.24.0"
+        },
+        "atomicwrites": {
+            "hashes": [
+                "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4",
+                "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6"
+            ],
+            "version": "==1.3.0"
+        },
+        "attrs": {
+            "hashes": [
+                "sha256:10cbf6e27dbce8c30807caf056c8eb50917e0eaafe86347671b57254006c3e69",
+                "sha256:ca4be454458f9dec299268d472aaa5a11f67a4ff70093396e1ceae9c76cf4bbb"
+            ],
+            "version": "==18.2.0"
+        },
+        "backports.functools-lru-cache": {
+            "hashes": [
+                "sha256:9d98697f088eb1b0fa451391f91afb5e3ebde16bbdb272819fd091151fda4f1a",
+                "sha256:f0b0e4eba956de51238e17573b7087e852dfe9854afd2e9c873f73fc0ca0a6dd"
+            ],
+            "version": "==1.5"
+        },
+        "backports.ssl-match-hostname": {
+            "hashes": [
+                "sha256:bb82e60f9fbf4c080eabd957c39f0641f0fc247d9a16e31e26d594d8f42b9fd2"
+            ],
+            "markers": "python_version < '3.5'",
+            "version": "==3.7.0.1"
+        },
+        "bcrypt": {
+            "hashes": [
+                "sha256:0ba875eb67b011add6d8c5b76afbd92166e98b1f1efab9433d5dc0fafc76e203",
+                "sha256:21ed446054c93e209434148ef0b362432bb82bbdaf7beef70a32c221f3e33d1c",
+                "sha256:28a0459381a8021f57230954b9e9a65bb5e3d569d2c253c5cac6cb181d71cf23",
+                "sha256:2aed3091eb6f51c26b7c2fad08d6620d1c35839e7a362f706015b41bd991125e",
+                "sha256:2fa5d1e438958ea90eaedbf8082c2ceb1a684b4f6c75a3800c6ec1e18ebef96f",
+                "sha256:3a73f45484e9874252002793518da060fb11eaa76c30713faa12115db17d1430",
+                "sha256:3e489787638a36bb466cd66780e15715494b6d6905ffdbaede94440d6d8e7dba",
+                "sha256:44636759d222baa62806bbceb20e96f75a015a6381690d1bc2eda91c01ec02ea",
+                "sha256:678c21b2fecaa72a1eded0cf12351b153615520637efcadc09ecf81b871f1596",
+                "sha256:75460c2c3786977ea9768d6c9d8957ba31b5fbeb0aae67a5c0e96aab4155f18c",
+                "sha256:8ac06fb3e6aacb0a95b56eba735c0b64df49651c6ceb1ad1cf01ba75070d567f",
+                "sha256:8fdced50a8b646fff8fa0e4b1c5fd940ecc844b43d1da5a980cb07f2d1b1132f",
+                "sha256:9b2c5b640a2da533b0ab5f148d87fb9989bf9bcb2e61eea6a729102a6d36aef9",
+                "sha256:a9083e7fa9adb1a4de5ac15f9097eb15b04e2c8f97618f1b881af40abce382e1",
+                "sha256:b7e3948b8b1a81c5a99d41da5fb2dc03ddb93b5f96fcd3fd27e643f91efa33e1",
+                "sha256:b998b8ca979d906085f6a5d84f7b5459e5e94a13fc27c28a3514437013b6c2f6",
+                "sha256:dd08c50bc6f7be69cd7ba0769acca28c846ec46b7a8ddc2acf4b9ac6f8a7457e",
+                "sha256:de5badee458544ab8125e63e39afeedfcf3aef6a6e2282ac159c95ae7472d773",
+                "sha256:ede2a87333d24f55a4a7338a6ccdccf3eaa9bed081d1737e0db4dbd1a4f7e6b6"
+            ],
+            "version": "==3.1.6"
+        },
+        "binaryornot": {
+            "hashes": [
+                "sha256:359501dfc9d40632edc9fac890e19542db1a287bbcfa58175b66658392018061",
+                "sha256:b8b71173c917bddcd2c16070412e369c3ed7f0528926f70cac18a6c97fd563e4"
+            ],
+            "version": "==0.4.4"
+        },
+        "cerberus": {
+            "hashes": [
+                "sha256:f5c2e048fb15ecb3c088d192164316093fcfa602a74b3386eefb2983aa7e800a"
+            ],
+            "version": "==1.2"
+        },
+        "certifi": {
+            "hashes": [
+                "sha256:47f9c83ef4c0c621eaef743f133f09fa8a74a9b75f037e8624f83bd1b6626cb7",
+                "sha256:993f830721089fef441cdfeb4b2c8c9df86f0c63239f06bd025a76a7daddb033"
+            ],
+            "version": "==2018.11.29"
+        },
+        "cffi": {
+            "hashes": [
+                "sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743",
+                "sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef",
+                "sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50",
+                "sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f",
+                "sha256:3bb6bd7266598f318063e584378b8e27c67de998a43362e8fce664c54ee52d30",
+                "sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93",
+                "sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257",
+                "sha256:495c5c2d43bf6cebe0178eb3e88f9c4aa48d8934aa6e3cddb865c058da76756b",
+                "sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3",
+                "sha256:57b2533356cb2d8fac1555815929f7f5f14d68ac77b085d2326b571310f34f6e",
+                "sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc",
+                "sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04",
+                "sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6",
+                "sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359",
+                "sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596",
+                "sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b",
+                "sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd",
+                "sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95",
+                "sha256:a6a5cb8809091ec9ac03edde9304b3ad82ad4466333432b16d78ef40e0cce0d5",
+                "sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e",
+                "sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6",
+                "sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca",
+                "sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31",
+                "sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1",
+                "sha256:ca1bd81f40adc59011f58159e4aa6445fc585a32bb8ac9badf7a2c1aa23822f2",
+                "sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085",
+                "sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801",
+                "sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4",
+                "sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184",
+                "sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917",
+                "sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f",
+                "sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb"
+            ],
+            "version": "==1.11.5"
+        },
+        "chardet": {
+            "hashes": [
+                "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae",
+                "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"
+            ],
+            "version": "==3.0.4"
+        },
+        "click": {
+            "hashes": [
+                "sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
+                "sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b"
+            ],
+            "version": "==6.7"
+        },
+        "click-completion": {
+            "hashes": [
+                "sha256:7ca12978493a7450486cef155845af4fae48744c3f97b7250a254de65c9e5e5a"
+            ],
+            "version": "==0.3.1"
+        },
+        "colorama": {
+            "hashes": [
+                "sha256:463f8483208e921368c9f306094eb6f725c6ca42b0f97e313cb5d5512459feda",
+                "sha256:48eb22f4f8461b1df5734a074b57042430fb06e1d61bd1e11b078c0fe6d7a1f1"
+            ],
+            "version": "==0.3.9"
+        },
+        "configparser": {
+            "hashes": [
+                "sha256:5bd5fa2a491dc3cfe920a3f2a107510d65eceae10e9c6e547b90261a4710df32",
+                "sha256:c114ff90ee2e762db972fa205f02491b1f5cf3ff950decd8542c62970c9bedac",
+                "sha256:df28e045fbff307a28795b18df6ac8662be3219435560ddb068c283afab1ea7a"
+            ],
+            "markers": "python_version < '3.2'",
+            "version": "==3.7.1"
+        },
+        "cookiecutter": {
+            "hashes": [
+                "sha256:1316a52e1c1f08db0c9efbf7d876dbc01463a74b155a0d83e722be88beda9a3e",
+                "sha256:ed8f54a8fc79b6864020d773ce11539b5f08e4617f353de1f22d23226f6a0d36"
+            ],
+            "version": "==1.6.0"
+        },
+        "cryptography": {
+            "hashes": [
+                "sha256:05b3ded5e88747d28ee3ef493f2b92cbb947c1e45cf98cfef22e6d38bb67d4af",
+                "sha256:06826e7f72d1770e186e9c90e76b4f84d90cdb917b47ff88d8dc59a7b10e2b1e",
+                "sha256:08b753df3672b7066e74376f42ce8fc4683e4fd1358d34c80f502e939ee944d2",
+                "sha256:2cd29bd1911782baaee890544c653bb03ec7d95ebeb144d714b0f5c33deb55c7",
+                "sha256:31e5637e9036d966824edaa91bf0aa39dc6f525a1c599f39fd5c50340264e079",
+                "sha256:42fad67d7072216a49e34f923d8cbda9edacbf6633b19a79655e88a1b4857063",
+                "sha256:4946b67235b9d2ea7d31307be9d5ad5959d6c4a8f98f900157b47abddf698401",
+                "sha256:522fdb2809603ee97a4d0ef2f8d617bc791eb483313ba307cb9c0a773e5e5695",
+                "sha256:6f841c7272645dd7c65b07b7108adfa8af0aaea57f27b7f59e01d41f75444c85",
+                "sha256:7d335e35306af5b9bc0560ca39f740dfc8def72749645e193dd35be11fb323b3",
+                "sha256:8504661ffe324837f5c4607347eeee4cf0fcad689163c6e9c8d3b18cf1f4a4ad",
+                "sha256:9260b201ce584d7825d900c88700aa0bd6b40d4ebac7b213857bd2babee9dbca",
+                "sha256:9a30384cc402eac099210ab9b8801b2ae21e591831253883decdb4513b77a3cd",
+                "sha256:9e29af877c29338f0cab5f049ccc8bd3ead289a557f144376c4fbc7d1b98914f",
+                "sha256:ab50da871bc109b2d9389259aac269dd1b7c7413ee02d06fe4e486ed26882159",
+                "sha256:b13c80b877e73bcb6f012813c6f4a9334fcf4b0e96681c5a15dac578f2eedfa0",
+                "sha256:bfe66b577a7118e05b04141f0f1ed0959552d45672aa7ecb3d91e319d846001e",
+                "sha256:e091bd424567efa4b9d94287a952597c05d22155a13716bf5f9f746b9dc906d3",
+                "sha256:fa2b38c8519c5a3aa6e2b4e1cf1a549b54acda6adb25397ff542068e73d1ed00"
+            ],
+            "version": "==2.5"
+        },
+        "docker-py": {
+            "hashes": [
+                "sha256:35b506e95861914fa5ad57a6707e3217b4082843b883be246190f57013948aba",
+                "sha256:4c2a75875764d38d67f87bc7d03f7443a3895704efc57962bdf6500b8d4bc415"
+            ],
+            "index": "pypi",
+            "version": "==1.10.6"
+        },
+        "docker-pycreds": {
+            "hashes": [
+                "sha256:6ce3270bcaf404cc4c3e27e4b6c70d3521deae82fb508767870fdbf772d584d4",
+                "sha256:7266112468627868005106ec19cd0d722702d2b7d5912a28e19b826c3d37af49"
+            ],
+            "version": "==0.4.0"
+        },
+        "enum34": {
+            "hashes": [
+                "sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850",
+                "sha256:644837f692e5f550741432dd3f223bbb9852018674981b1664e5dc339387588a",
+                "sha256:6bd0f6ad48ec2aa117d3d141940d484deccda84d4fcd884f5c3d93c23ecd8c79",
+                "sha256:8ad8c4783bf61ded74527bffb48ed9b54166685e4230386a9ed9b1279e2df5b1"
+            ],
+            "markers": "python_version < '3.4'",
+            "version": "==1.1.6"
+        },
+        "fasteners": {
+            "hashes": [
+                "sha256:427c76773fe036ddfa41e57d89086ea03111bbac57c55fc55f3006d027107e18",
+                "sha256:564a115ff9698767df401efca29620cbb1a1c2146b7095ebd304b79cc5807a7c"
+            ],
+            "version": "==0.14.1"
+        },
+        "flake8": {
+            "hashes": [
+                "sha256:7253265f7abd8b313e3892944044a365e3f4ac3fcdcfb4298f55ee9ddf188ba0",
+                "sha256:c7841163e2b576d435799169b78703ad6ac1bbb0f199994fc05f700b2a90ea37"
+            ],
+            "version": "==3.5.0"
+        },
+        "funcsigs": {
+            "hashes": [
+                "sha256:330cc27ccbf7f1e992e69fef78261dc7c6569012cf397db8d3de0234e6c937ca",
+                "sha256:a7bb0f2cf3a3fd1ab2732cb49eba4252c2af4240442415b4abce3b87022a8f50"
+            ],
+            "markers": "python_version < '3.0'",
+            "version": "==1.0.2"
+        },
+        "future": {
+            "hashes": [
+                "sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8"
+            ],
+            "version": "==0.17.1"
+        },
+        "git-url-parse": {
+            "hashes": [
+                "sha256:0ae889a7fd7718c6409c3da5c8166efc2e41ea135c9667f2d762e76f39fc84bc",
+                "sha256:5817358173e9c41200da5750ca5cf9d1d3283d93d804f7e55613c1277e188060",
+                "sha256:8ed5a1ed3b19f9536a2f341882226beda359bc91f8b1ce3459ab9026afb637df"
+            ],
+            "version": "==1.2.0"
+        },
+        "idna": {
+            "hashes": [
+                "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407",
+                "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c"
+            ],
+            "version": "==2.8"
+        },
+        "ipaddress": {
+            "hashes": [
+                "sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794",
+                "sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c"
+            ],
+            "markers": "python_version < '3.3'",
+            "version": "==1.0.22"
+        },
+        "jinja2": {
+            "hashes": [
+                "sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd",
+                "sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4"
+            ],
+            "version": "==2.10"
+        },
+        "jinja2-time": {
+            "hashes": [
+                "sha256:d14eaa4d315e7688daa4969f616f226614350c48730bfa1692d2caebd8c90d40",
+                "sha256:d3eab6605e3ec8b7a0863df09cc1d23714908fa61aa6986a845c20ba488b4efa"
+            ],
+            "version": "==0.2.0"
+        },
+        "markupsafe": {
+            "hashes": [
+                "sha256:048ef924c1623740e70204aa7143ec592504045ae4429b59c30054cb31e3c432",
+                "sha256:130f844e7f5bdd8e9f3f42e7102ef1d49b2e6fdf0d7526df3f87281a532d8c8b",
+                "sha256:19f637c2ac5ae9da8bfd98cef74d64b7e1bb8a63038a3505cd182c3fac5eb4d9",
+                "sha256:1b8a7a87ad1b92bd887568ce54b23565f3fd7018c4180136e1cf412b405a47af",
+                "sha256:1c25694ca680b6919de53a4bb3bdd0602beafc63ff001fea2f2fc16ec3a11834",
+                "sha256:1f19ef5d3908110e1e891deefb5586aae1b49a7440db952454b4e281b41620cd",
+                "sha256:1fa6058938190ebe8290e5cae6c351e14e7bb44505c4a7624555ce57fbbeba0d",
+                "sha256:31cbb1359e8c25f9f48e156e59e2eaad51cd5242c05ed18a8de6dbe85184e4b7",
+                "sha256:3e835d8841ae7863f64e40e19477f7eb398674da6a47f09871673742531e6f4b",
+                "sha256:4e97332c9ce444b0c2c38dd22ddc61c743eb208d916e4265a2a3b575bdccb1d3",
+                "sha256:525396ee324ee2da82919f2ee9c9e73b012f23e7640131dd1b53a90206a0f09c",
+                "sha256:52b07fbc32032c21ad4ab060fec137b76eb804c4b9a1c7c7dc562549306afad2",
+                "sha256:52ccb45e77a1085ec5461cde794e1aa037df79f473cbc69b974e73940655c8d7",
+                "sha256:5c3fbebd7de20ce93103cb3183b47671f2885307df4a17a0ad56a1dd51273d36",
+                "sha256:5e5851969aea17660e55f6a3be00037a25b96a9b44d2083651812c99d53b14d1",
+                "sha256:5edfa27b2d3eefa2210fb2f5d539fbed81722b49f083b2c6566455eb7422fd7e",
+                "sha256:7d263e5770efddf465a9e31b78362d84d015cc894ca2c131901a4445eaa61ee1",
+                "sha256:83381342bfc22b3c8c06f2dd93a505413888694302de25add756254beee8449c",
+                "sha256:857eebb2c1dc60e4219ec8e98dfa19553dae33608237e107db9c6078b1167856",
+                "sha256:98e439297f78fca3a6169fd330fbe88d78b3bb72f967ad9961bcac0d7fdd1550",
+                "sha256:bf54103892a83c64db58125b3f2a43df6d2cb2d28889f14c78519394feb41492",
+                "sha256:d9ac82be533394d341b41d78aca7ed0e0f4ba5a2231602e2f05aa87f25c51672",
+                "sha256:e982fe07ede9fada6ff6705af70514a52beb1b2c3d25d4e873e82114cf3c5401",
+                "sha256:edce2ea7f3dfc981c4ddc97add8a61381d9642dc3273737e756517cc03e84dd6",
+                "sha256:efdc45ef1afc238db84cb4963aa689c0408912a0239b0721cb172b4016eb31d6",
+                "sha256:f137c02498f8b935892d5c0172560d7ab54bc45039de8805075e19079c639a9c",
+                "sha256:f82e347a72f955b7017a39708a3667f106e6ad4d10b25f237396a7115d8ed5fd",
+                "sha256:fb7c206e01ad85ce57feeaaa0bf784b97fa3cad0d4a5737bc5295785f5c613a1"
+            ],
+            "version": "==1.1.0"
+        },
+        "mccabe": {
+            "hashes": [
+                "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42",
+                "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
+            ],
+            "version": "==0.6.1"
+        },
+        "molecule": {
+            "hashes": [
+                "sha256:23b1b30b37998f0eb747dc06a602df59157fe78d3f6a9882dea9271d8d37cdee",
+                "sha256:59734fa4487e1d4b9be6f5a3c1192ac76445670bc44ee172f23ac122d90412e3",
+                "sha256:9be671194019476dae73970ff92946595e7a2b7cc9c10afb0395a020b9f0fcde"
+            ],
+            "index": "pypi",
+            "version": "==2.19.0"
+        },
+        "monotonic": {
+            "hashes": [
+                "sha256:23953d55076df038541e648a53676fb24980f7a1be290cdda21300b3bc21dfb0",
+                "sha256:552a91f381532e33cbd07c6a2655a21908088962bb8fa7239ecbcc6ad1140cc7"
+            ],
+            "version": "==1.5"
+        },
+        "more-itertools": {
+            "hashes": [
+                "sha256:38a936c0a6d98a38bcc2d03fdaaedaba9f412879461dd2ceff8d37564d6522e4",
+                "sha256:c0a5785b1109a6bd7fac76d6837fd1feca158e54e521ccd2ae8bfe393cc9d4fc",
+                "sha256:fe7a7cae1ccb57d33952113ff4fa1bc5f879963600ed74918f1236e212ee50b9"
+            ],
+            "version": "==5.0.0"
+        },
+        "paramiko": {
+            "hashes": [
+                "sha256:3c16b2bfb4c0d810b24c40155dbfd113c0521e7e6ee593d704e84b4c658a1f3b",
+                "sha256:a8975a7df3560c9f1e2b43dc54ebd40fd00a7017392ca5445ce7df409f900fcb"
+            ],
+            "version": "==2.4.2"
+        },
+        "pathlib2": {
+            "hashes": [
+                "sha256:25199318e8cc3c25dcb45cbe084cc061051336d5a9ea2a12448d3d8cb748f742",
+                "sha256:5887121d7f7df3603bca2f710e7219f3eca0eb69e0b7cc6e0a022e155ac931a7"
+            ],
+            "markers": "python_version < '3.6'",
+            "version": "==2.3.3"
+        },
+        "pathspec": {
+            "hashes": [
+                "sha256:54a5eab895d89f342b52ba2bffe70930ef9f8d96e398cccf530d21fa0516a873"
+            ],
+            "version": "==0.5.9"
+        },
+        "pbr": {
+            "hashes": [
+                "sha256:4f2b11d95917af76e936811be8361b2b19616e5ef3b55956a429ec7864378e0c",
+                "sha256:e0f23b61ec42473723b2fec2f33fb12558ff221ee551962f01dd4de9053c2055"
+            ],
+            "version": "==4.1.0"
+        },
+        "pexpect": {
+            "hashes": [
+                "sha256:2a8e88259839571d1251d278476f3eec5db26deb73a70be5ed5dc5435e418aba",
+                "sha256:3fbd41d4caf27fa4a377bfd16fef87271099463e6fa73e92a52f92dfee5d425b"
+            ],
+            "version": "==4.6.0"
+        },
+        "pluggy": {
+            "hashes": [
+                "sha256:8ddc32f03971bfdf900a81961a48ccf2fb677cf7715108f85295c67405798616",
+                "sha256:980710797ff6a041e9a73a5787804f848996ecaa6f8a1b1e08224a5894f2074a"
+            ],
+            "version": "==0.8.1"
+        },
+        "poyo": {
+            "hashes": [
+                "sha256:c34a5413191210ed564640510e9c4a4ba3b698746d6b454d46eb5bfb30edcd1d",
+                "sha256:d1c317054145a6b1ca0608b5e676b943ddc3bfd671f886a2fe09288b98221edb"
+            ],
+            "version": "==0.4.2"
+        },
+        "psutil": {
+            "hashes": [
+                "sha256:0ff2b16e9045d01edb1dd10d7fbcc184012e37f6cd38029e959f2be9c6223f50",
+                "sha256:254adb6a27c888f141d2a6032ae231d8ed4fc5f7583b4c825e5f7d7c78d26d2e",
+                "sha256:319e12f6bae4d4d988fbff3bed792953fa3b44c791f085b0a1a230f755671ef7",
+                "sha256:529ae235896efb99a6f77653a7138273ab701ec9f0343a1f5030945108dee3c4",
+                "sha256:686e5a35fe4c0acc25f3466c32e716f2d498aaae7b7edc03e2305b682226bcf6",
+                "sha256:6d981b4d863b20c8ceed98b8ac3d1ca7f96d28707a80845d360fa69c8fc2c44b",
+                "sha256:7789885a72aa3075d28d028236eb3f2b84d908f81d38ad41769a6ddc2fd81b7c",
+                "sha256:7f4616bcb44a6afda930cfc40215e5e9fa7c6896e683b287c771c937712fbe2f",
+                "sha256:7fdb3d02bfd68f508e6745021311a4a4dbfec53fca03721474e985f310e249ba",
+                "sha256:a9b85b335b40a528a8e2a6b549592138de8429c6296e7361892958956e6a73cf",
+                "sha256:dc85fad15ef98103ecc047a0d81b55bbf5fe1b03313b96e883acc2e2fa87ed5c"
+            ],
+            "markers": "sys_platform != 'win32' and sys_platform != 'cygwin'",
+            "version": "==5.4.6"
+        },
+        "ptyprocess": {
+            "hashes": [
+                "sha256:923f299cc5ad920c68f2bc0bc98b75b9f838b93b599941a6b63ddbc2476394c0",
+                "sha256:d7cc528d76e76342423ca640335bd3633420dc1366f258cb31d05e865ef5ca1f"
+            ],
+            "version": "==0.6.0"
+        },
+        "py": {
+            "hashes": [
+                "sha256:bf92637198836372b520efcba9e020c330123be8ce527e535d185ed4b6f45694",
+                "sha256:e76826342cefe3c3d5f7e8ee4316b80d1dd8a300781612ddbc765c17ba25a6c6"
+            ],
+            "version": "==1.7.0"
+        },
+        "pyasn1": {
+            "hashes": [
+                "sha256:da2420fe13a9452d8ae97a0e478adde1dee153b11ba832a95b223a2ba01c10f7",
+                "sha256:da6b43a8c9ae93bc80e2739efb38cc776ba74a886e3e9318d65fe81a8b8a2c6e"
+            ],
+            "version": "==0.4.5"
+        },
+        "pycodestyle": {
+            "hashes": [
+                "sha256:682256a5b318149ca0d2a9185d365d8864a768a28db66a84a2ea946bcc426766",
+                "sha256:6c4245ade1edfad79c3446fadfc96b0de2759662dc29d07d80a6f27ad1ca6ba9"
+            ],
+            "version": "==2.3.1"
+        },
+        "pycparser": {
+            "hashes": [
+                "sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3"
+            ],
+            "version": "==2.19"
+        },
+        "pyflakes": {
+            "hashes": [
+                "sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f",
+                "sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805"
+            ],
+            "version": "==1.6.0"
+        },
+        "pynacl": {
+            "hashes": [
+                "sha256:05c26f93964373fc0abe332676cb6735f0ecad27711035b9472751faa8521255",
+                "sha256:0c6100edd16fefd1557da078c7a31e7b7d7a52ce39fdca2bec29d4f7b6e7600c",
+                "sha256:0d0a8171a68edf51add1e73d2159c4bc19fc0718e79dec51166e940856c2f28e",
+                "sha256:1c780712b206317a746ace34c209b8c29dbfd841dfbc02aa27f2084dd3db77ae",
+                "sha256:2424c8b9f41aa65bbdbd7a64e73a7450ebb4aa9ddedc6a081e7afcc4c97f7621",
+                "sha256:2d23c04e8d709444220557ae48ed01f3f1086439f12dbf11976e849a4926db56",
+                "sha256:30f36a9c70450c7878053fa1344aca0145fd47d845270b43a7ee9192a051bf39",
+                "sha256:37aa336a317209f1bb099ad177fef0da45be36a2aa664507c5d72015f956c310",
+                "sha256:4943decfc5b905748f0756fdd99d4f9498d7064815c4cf3643820c9028b711d1",
+                "sha256:57ef38a65056e7800859e5ba9e6091053cd06e1038983016effaffe0efcd594a",
+                "sha256:5bd61e9b44c543016ce1f6aef48606280e45f892a928ca7068fba30021e9b786",
+                "sha256:6482d3017a0c0327a49dddc8bd1074cc730d45db2ccb09c3bac1f8f32d1eb61b",
+                "sha256:7d3ce02c0784b7cbcc771a2da6ea51f87e8716004512493a2b69016326301c3b",
+                "sha256:a14e499c0f5955dcc3991f785f3f8e2130ed504fa3a7f44009ff458ad6bdd17f",
+                "sha256:a39f54ccbcd2757d1d63b0ec00a00980c0b382c62865b61a505163943624ab20",
+                "sha256:aabb0c5232910a20eec8563503c153a8e78bbf5459490c49ab31f6adf3f3a415",
+                "sha256:bd4ecb473a96ad0f90c20acba4f0bf0df91a4e03a1f4dd6a4bdc9ca75aa3a715",
+                "sha256:e2da3c13307eac601f3de04887624939aca8ee3c9488a0bb0eca4fb9401fc6b1",
+                "sha256:f67814c38162f4deb31f68d590771a29d5ae3b1bd64b75cf232308e5c74777e0"
+            ],
+            "version": "==1.3.0"
+        },
+        "pytest": {
+            "hashes": [
+                "sha256:65aeaa77ae87c7fc95de56285282546cfa9c886dc8e5dc78313db1c25e21bc07",
+                "sha256:6ac6d467d9f053e95aaacd79f831dbecfe730f419c6c7022cb316b365cd9199d"
+            ],
+            "version": "==4.2.0"
+        },
+        "python-dateutil": {
+            "hashes": [
+                "sha256:7e6584c74aeed623791615e26efd690f29817a27c73085b78e4bad02493df2fb",
+                "sha256:c89805f6f4d64db21ed966fda138f8a5ed7a4fdbc1a8ee329ce1b74e3c74da9e"
+            ],
+            "version": "==2.8.0"
+        },
+        "python-gilt": {
+            "hashes": [
+                "sha256:4fd58c128635d1f4a8c93305e648f23379ce56e23624e4c5479427fcd2d5656e",
+                "sha256:c7321ef1a8efddbdef657b4fd21c3eaf1b4cb24a9656d97b73a444b1feb2067a",
+                "sha256:e23a45a6905e6bb7aec3ff7652b48309933a6991fad4546d9e793ac7e0513f8a"
+            ],
+            "version": "==1.2.1"
+        },
+        "pyyaml": {
+            "hashes": [
+                "sha256:3d7da3009c0f3e783b2c873687652d83b1bbfd5c88e9813fb7e5b03c0dd3108b",
+                "sha256:3ef3092145e9b70e3ddd2c7ad59bdd0252a94dfe3949721633e41344de00a6bf",
+                "sha256:40c71b8e076d0550b2e6380bada1f1cd1017b882f7e16f09a65be98e017f211a",
+                "sha256:558dd60b890ba8fd982e05941927a3911dc409a63dcb8b634feaa0cda69330d3",
+                "sha256:a7c28b45d9f99102fa092bb213aa12e0aaf9a6a1f5e395d36166639c1f96c3a1",
+                "sha256:aa7dd4a6a427aed7df6fb7f08a580d68d9b118d90310374716ae90b710280af1",
+                "sha256:bc558586e6045763782014934bfaf39d48b8ae85a2713117d16c39864085c613",
+                "sha256:d46d7982b62e0729ad0175a9bc7e10a566fc07b224d2c79fafb5e032727eaa04",
+                "sha256:d5eef459e30b09f5a098b9cea68bebfeb268697f78d647bd255a085371ac7f3f",
+                "sha256:e01d3203230e1786cd91ccfdc8f8454c8069c91bee3962ad93b87a4b2860f537",
+                "sha256:e170a9e6fcfd19021dd29845af83bb79236068bf5fd4df3327c1be18182b2531"
+            ],
+            "version": "==3.13"
+        },
+        "requests": {
+            "hashes": [
+                "sha256:502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e",
+                "sha256:7bf2a778576d825600030a110f3c0e3e8edc51dfaafe1c146e39a2027784957b"
+            ],
+            "version": "==2.21.0"
+        },
+        "scandir": {
+            "hashes": [
+                "sha256:04b8adb105f2ed313a7c2ef0f1cf7aff4871aa7a1883fa4d8c44b5551ab052d6",
+                "sha256:1444134990356c81d12f30e4b311379acfbbcd03e0bab591de2696a3b126d58e",
+                "sha256:1b5c314e39f596875e5a95dd81af03730b338c277c54a454226978d5ba95dbb6",
+                "sha256:346619f72eb0ddc4cf355ceffd225fa52506c92a2ff05318cfabd02a144e7c4e",
+                "sha256:44975e209c4827fc18a3486f257154d34ec6eaec0f90fef0cca1caa482db7064",
+                "sha256:61859fd7e40b8c71e609c202db5b0c1dbec0d5c7f1449dec2245575bdc866792",
+                "sha256:a5e232a0bf188362fa00123cc0bb842d363a292de7126126df5527b6a369586a",
+                "sha256:c14701409f311e7a9b7ec8e337f0815baf7ac95776cc78b419a1e6d49889a383",
+                "sha256:c7708f29d843fc2764310732e41f0ce27feadde453261859ec0fca7865dfc41b",
+                "sha256:c9009c527929f6e25604aec39b0a43c3f831d2947d89d6caaab22f057b7055c8",
+                "sha256:f5c71e29b4e2af7ccdc03a020c626ede51da471173b4a6ad1e904f2b2e04b4bd"
+            ],
+            "markers": "python_version < '3.5'",
+            "version": "==1.9.0"
+        },
+        "sh": {
+            "hashes": [
+                "sha256:ae3258c5249493cebe73cb4e18253a41ed69262484bad36fdb3efcb8ad8870bb",
+                "sha256:b52bf5833ed01c7b5c5fb73a7f71b3d98d48e9b9b8764236237bdc7ecae850fc"
+            ],
+            "version": "==1.12.14"
+        },
+        "six": {
+            "hashes": [
+                "sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
+                "sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb"
+            ],
+            "version": "==1.11.0"
+        },
+        "tabulate": {
+            "hashes": [
+                "sha256:e4ca13f26d0a6be2a2915428dc21e732f1e44dad7f76d7030b2ef1ec251cf7f2"
+            ],
+            "version": "==0.8.2"
+        },
+        "testinfra": {
+            "hashes": [
+                "sha256:499ba7201d1a0f418fa0318bf2ae28142893c4f9d49ab24af21441fdb529292f",
+                "sha256:da1d0d1ffd68935b950b7b83833d863436ea75398a5cbdc0d0ab9e61132e2088"
+            ],
+            "version": "==1.16.0"
+        },
+        "tree-format": {
+            "hashes": [
+                "sha256:a538523aa78ae7a4b10003b04f3e1b37708e0e089d99c9d3b9e1c71384c9a7f9",
+                "sha256:b5056228dbedde1fb81b79f71fb0c23c98e9d365230df9b29af76e8d8003de11"
+            ],
+            "version": "==0.1.2"
+        },
+        "urllib3": {
+            "hashes": [
+                "sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39",
+                "sha256:de9529817c93f27c8ccbfead6985011db27bd0ddfcdb2d86f3f663385c6a9c22"
+            ],
+            "version": "==1.24.1"
+        },
+        "websocket-client": {
+            "hashes": [
+                "sha256:8c8bf2d4f800c3ed952df206b18c28f7070d9e3dcbd6ca6291127574f57ee786",
+                "sha256:e51562c91ddb8148e791f0155fdb01325d99bb52c4cdbb291aee7a3563fd0849"
+            ],
+            "version": "==0.54.0"
+        },
+        "whichcraft": {
+            "hashes": [
+                "sha256:7533870f751901a0ce43c93cc9850186e9eba7fe58c924dfb435968ba9c9fa4e",
+                "sha256:fecddd531f237ffc5db8b215409afb18fa30300699064cca4817521b4fc81815"
+            ],
+            "version": "==0.5.2"
+        },
+        "yamllint": {
+            "hashes": [
+                "sha256:93e255e4bd96c7c0850bf182b09f6b35625130f15b37a0e03d8bf378d747081c",
+                "sha256:e9b7dec24921ef13180902e5dbcaae9157c773e3e3e2780ef77d3a4dd67d799f"
+            ],
+            "version": "==1.11.1"
+        }
+    },
+    "develop": {}
+}
diff --git a/README.md b/README.md
index 28f3d28b..0b11749f 100644
--- a/README.md
+++ b/README.md
@@ -48,6 +48,13 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 * `stable` branch on correspond to the last Wazuh-Ansible stable version.
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
 
+## Testing
+```
+pip install pipenv
+sudo pipenv install
+pipenv run test
+```
+
 ## Contribute
 
 If you want to contribute to our repository, please fork our Github repository and submit a pull request.
diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
new file mode 100644
index 00000000..19692c20
--- /dev/null
+++ b/molecule/default/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/default/INSTALL.rst b/molecule/default/INSTALL.rst
new file mode 100644
index 00000000..e26493b8
--- /dev/null
+++ b/molecule/default/INSTALL.rst
@@ -0,0 +1,16 @@
+*******
+Install
+*******
+
+Requirements
+============
+
+* Docker Engine
+* docker-py
+
+Install
+=======
+
+.. code-block:: bash
+
+  $ sudo pip install docker-py
diff --git a/molecule/default/create.yml b/molecule/default/create.yml
new file mode 100644
index 00000000..25932aee
--- /dev/null
+++ b/molecule/default/create.yml
@@ -0,0 +1,81 @@
+---
+- name: Create
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: false
+  tasks:
+    - name: Log into a Docker registry
+      docker_login:
+        username: "{{ item.registry.credentials.username }}"
+        password: "{{ item.registry.credentials.password }}"
+        email: "{{ item.registry.credentials.email | default(omit) }}"
+        registry: "{{ item.registry.url }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+      with_items: "{{ molecule_yml.platforms }}"
+      when:
+        - item.registry is defined
+        - item.registry.credentials is defined
+        - item.registry.credentials.username is defined
+
+    - name: Create Dockerfiles from image names
+      template:
+        src: "{{ molecule_scenario_directory }}/Dockerfile.j2"
+        dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
+      with_items: "{{ molecule_yml.platforms }}"
+      register: platforms
+
+    - name: Discover local Docker images
+      docker_image_facts:
+        name: "molecule_local/{{ item.item.name }}"
+        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
+      with_items: "{{ platforms.results }}"
+      register: docker_images
+
+    - name: Build an Ansible compatible image
+      docker_image:
+        path: "{{ molecule_ephemeral_directory }}"
+        name: "molecule_local/{{ item.item.image }}"
+        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
+        dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}"
+        force: "{{ item.item.force | default(true) }}"
+      with_items: "{{ platforms.results }}"
+      when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
+
+    - name: Create docker network(s)
+      docker_network:
+        name: "{{ item }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        state: present
+      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
+
+    - name: Create molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        hostname: "{{ item.name }}"
+        image: "molecule_local/{{ item.image }}"
+        state: started
+        recreate: false
+        log_driver: json-file
+        command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}"
+        privileged: "{{ item.privileged | default(omit) }}"
+        volumes: "{{ item.volumes | default(omit) }}"
+        capabilities: "{{ item.capabilities | default(omit) }}"
+        exposed_ports: "{{ item.exposed_ports | default(omit) }}"
+        published_ports: "{{ item.published_ports | default(omit) }}"
+        ulimits: "{{ item.ulimits | default(omit) }}"
+        networks: "{{ item.networks | default(omit) }}"
+        dns_servers: "{{ item.dns_servers | default(omit) }}"
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) creation to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: docker_jobs
+      until: docker_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"
diff --git a/molecule/default/destroy.yml b/molecule/default/destroy.yml
new file mode 100644
index 00000000..ddf7062b
--- /dev/null
+++ b/molecule/default/destroy.yml
@@ -0,0 +1,32 @@
+---
+- name: Destroy
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: false
+  tasks:
+    - name: Destroy molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        state: absent
+        force_kill: "{{ item.force_kill | default(true) }}"
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) deletion to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: docker_jobs
+      until: docker_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"
+
+    - name: Delete docker network(s)
+      docker_network:
+        name: "{{ item }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        state: absent
+      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
new file mode 100644
index 00000000..f060755d
--- /dev/null
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,33 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  enabled: false # fix in seperate PR
+platforms:
+  - name: bionic
+    image: ubuntu:bionic
+  - name: xenial
+    image: ubuntu:xenial
+  - name: trusty
+    image: ubuntu:trusty
+  - name: centos6
+    image: centos:6
+  - name: centos7
+    image: centos:7      
+provisioner:
+  name: ansible
+  env:
+    ANSIBLE_ROLES_PATH: $HOME/wazuh-ansible/roles
+  lint:
+    name: ansible-lint
+    enabled: false # fix in seperate PR
+scenario:
+  name: default
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
+    enabled: true
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
new file mode 100644
index 00000000..f8b8debf
--- /dev/null
+++ b/molecule/default/playbook.yml
@@ -0,0 +1,10 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - {role: wazuh/ansible-wazuh-manager}
+    - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
+    # Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
+    #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+    #- {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
+    #- {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
\ No newline at end of file
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
new file mode 100644
index 00000000..5358b3bd
--- /dev/null
+++ b/molecule/default/prepare.yml
@@ -0,0 +1,5 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: false
+  tasks: []
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
new file mode 100644
index 00000000..c47beceb
--- /dev/null
+++ b/molecule/default/tests/test_default.py
@@ -0,0 +1,30 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_hosts_file(host):
+    f = host.file('/etc/hosts')
+
+    assert f.exists
+    assert f.user == 'root'
+    assert f.group == 'root'
+
+
+def test_filebeat_is_installed(host):
+    package = host.package("filebeat")
+    assert package.is_installed
+    assert package.version.startswith("6")
+
+
+def test_filebeat_service_enabled(host):
+    service = host.service('filebeat')
+    assert service.is_enabled
+
+
+def test_filebeat_config_file_present(host):
+    config_file = host.file('/etc/filebeat/filebeat.yml')
+    assert config_file.is_file
diff --git a/molecule/default/tests/test_default.pyc b/molecule/default/tests/test_default.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..26a7961dd7504411d3b1779b1d086d6e5f9827fd
GIT binary patch
literal 1129
zcmeHFO;6k~5S=8;r%Lx!Ra`jlg*Av$38_LwXi=%Qi?l!`wudN9oW;RwNA_e3g1xjo
z_s{lRwPR-kl>UV}$$0!Selwou=;zw%kL>7E3iA=s{FXlZo=iq>01{wy?*}jnfrn5;
zP_&>}01i+rLKedMw*ZPI$RZ$Tv<z7bzSGVXM{(L&AUg4z#sFWE`{AVDJ3R0A;^V=`
z-r($Hco82R_j~BlCsL*X&Efnzq}le#+)*lD5ha)fa7Xz9up59Oe65#}E95E!yYmQa
zHQ>8BNXI(uxJ(1PN|td<*`>B<u|-RxHTrV>Di@ODBEkGxxQOTE9$3o_3axs^Xyd~w
zhqyD2jjqa$E8XLc7Tsa;4jJ&q{vwZ+MobgrY?>IBYngFl+2t#?Yp1WT$98u+m)pf;
zYqC?yy)S!dx<zBG*cmHDxha%I>e8mZ(C7Uzn`p_?O7aIM)%r>hhR6-GDOZURnoYS8
zxgZ3&MWJ$&u-n_mq1}cl&V=D9YI8H2J&kGTVwFtzzrUL#e^I!EamMqclGrV8uuUEC
zm~VURn!G}gT_yuTJ8TCpf{xRMqy?ZJZaBZGx?7=;wwov`K1&{(N-65TBe)OoTKF)p
z*ptvT3O%TI59`fKgm5(#Mk`M=<`~ykqAAt)tHy?|vIjl?i&~57#CtQ*8QsKvcjdjB
K&q8{F_2>`A%SmAX

literal 0
HcmV?d00001

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index fb566741..59401884 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -70,13 +70,14 @@
 
 - name: Reload systemd
   systemd: daemon_reload=yes
-  ignore_errors: yes
+  ignore_errors: yes #fix in new PR
   when: 
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
 
 - name: Ensure Elasticsearch started and enabled
+  ignore_errors: yes
   service:
     name: elasticsearch
     enabled: yes
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index db85a112..b64d0a6b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -8,6 +8,8 @@
 - name: Make sure Elasticsearch is running before proceeding.
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
   tags: configure
+  ignore_errors: yes # fix
+  wait_for: 50
 
 - name: Reload systemd
   systemd: daemon_reload=yes

From e1aeff0fd60bb143d3c8b7cd40157ff5cf74cf23 Mon Sep 17 00:00:00 2001
From: jjediny <john.jediny@gsa.gov>
Date: Mon, 11 Feb 2019 23:31:38 -0500
Subject: [PATCH 064/714] adding back .yamllint pretask and results

---
 .yamllint                                        | 16 ++++++++++++++++
 molecule/default/molecule.yml                    |  4 ++--
 .../wazuh/ansible-wazuh-manager/tasks/Debian.yml |  1 +
 3 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 .yamllint

diff --git a/.yamllint b/.yamllint
new file mode 100644
index 00000000..a74c7d25
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,16 @@
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  line-length: disable
+  # NOTE(retr0h): Templates no longer fail this lint rule.
+  #               Uncomment if running old Molecule templates.
+  # truthy: disable
+ignore: |
+  .travis.yml
+  config.yml
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index f060755d..debc5a0d 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -5,7 +5,7 @@ driver:
   name: docker
 lint:
   name: yamllint
-  enabled: false # fix in seperate PR
+  enabled: true # fix in seperate PR
 platforms:
   - name: bionic
     image: ubuntu:bionic
@@ -23,7 +23,7 @@ provisioner:
     ANSIBLE_ROLES_PATH: $HOME/wazuh-ansible/roles
   lint:
     name: ansible-lint
-    enabled: false # fix in seperate PR
+    enabled: true # fix in seperate PR
 scenario:
   name: default
 verifier:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index f2885345..671d39c1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -7,6 +7,7 @@
   with_items:
     - apt-transport-https
     - ca-certificates
+    - urllib3
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH

From f635c056387c063ce1794964395f89ba8d9333fd Mon Sep 17 00:00:00 2001
From: jjediny <john.jediny@gsa.gov>
Date: Mon, 11 Feb 2019 23:50:42 -0500
Subject: [PATCH 065/714] adding travis ci example

---
 .travis.yml                   | 7 +++++++
 molecule/default/molecule.yml | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 00000000..aac58527
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,7 @@
+language: python
+services: docker
+before_script:
+  - pip install pipenv
+  - pipenv install --dev --system
+script:
+  - pipenv run test
\ No newline at end of file
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index debc5a0d..19fba1ff 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -5,7 +5,7 @@ driver:
   name: docker
 lint:
   name: yamllint
-  enabled: true # fix in seperate PR
+  enabled: false # fix in seperate PR
 platforms:
   - name: bionic
     image: ubuntu:bionic

From 58a76a8c0868eecef7e8b13d632e4c648d344500 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Sun, 17 Feb 2019 00:16:31 +0000
Subject: [PATCH 066/714] Enable active-response section

As of now the whole active-response section was commented out and
inactive
---
 .../templates/var-ossec-etc-ossec-server.conf.j2          | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 71201e92..a8f9ca5d 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -308,12 +308,6 @@
     </command>
   {% endfor %}
 
-  <!--
-  <active-response>
-    active-response options here
-  </active-response>
-  -->
-
    <ruleset>
     <!-- Default ruleset -->
     <decoder_dir>ruleset/decoders</decoder_dir>
@@ -398,7 +392,6 @@
 {% endif %}
 
 
-  <!-- Active Response Config 
 {% for response in wazuh_manager_config.active_responses %}
   <active-response>
     <disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled>
@@ -412,7 +405,6 @@
     {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
   </active-response>
 {% endfor %}
--->
 
   <!-- Files to monitor (localfiles) -->
 {% for localfile in wazuh_manager_config.localfiles.common %}

From a94038201a79fffa9a8f8791a4f8d4800937ea65 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Sun, 17 Feb 2019 20:03:30 +0000
Subject: [PATCH 067/714] typo

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index e08b891d..309a3f00 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -223,7 +223,7 @@ wazuh_agent_config:
     log_path_win: 'C:\ProgramData\osquery\log\osqueryd.results.log'
     config_path: '/etc/osquery/osquery.conf'
     config_path_win: 'C:\ProgramData\osquery\osquery.conf'
-    ad_labels: 'yes'
+    add_labels: 'yes'
   syscollector:
     disable: 'no'
     interval: '1h'

From 68cd434466d69688b5d889321b3775004216ce39 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Sun, 17 Feb 2019 20:03:40 +0000
Subject: [PATCH 068/714] do no include syscheck section if not defined

---
 .../templates/var-ossec-etc-shared-agent.conf.j2                | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index 6b40451d..4ae5a145 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -2,6 +2,7 @@
 {% if wazuh_agent_configs is defined %}
 {% for agent_config in wazuh_agent_configs %}
 <agent_config {{ agent_config.type }}="{{ agent_config.type_value }}">
+  {% if agent_config.syscheck is defined %}
   <syscheck>
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
     <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
@@ -40,6 +41,7 @@
     {% endfor %}
     {% endif %}
   </syscheck>
+  {% endif %}
 
   {% for localfile in agent_config.localfiles %}
     <localfile>

From 81058daf1b3baa517203417a2283eadf59831cf9 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Mon, 18 Feb 2019 12:59:48 +0000
Subject: [PATCH 069/714] Replace netstat with ss

The `ss` program is now the official replacement for `netstat` which
is deprecated in most Linux distributions. Also replace the messy sed
rules which do not work on all versions with a clean command-line that
just displays the key information that does **not** change on every
command run (e.g. PID) resulting in false positives.
---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index e08b891d..8ef9764e 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -284,7 +284,7 @@ wazuh_agent_config:
         command: 'df -P'
         frequency: '360'
       - format: 'full_command'
-        command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d         
+        command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
         alias: 'netstat listening ports'      
         frequency: '360'
       - format: 'full_command'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b9817a3a..96e6346d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -186,7 +186,7 @@ wazuh_manager_config:
          command: 'df -P'
          frequency: '360'
        - format: 'full_command'
-         command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
+         command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
          alias: 'netstat listening ports'
          frequency: '360'
        - format: 'full_command'

From bcd327280ed6a19f29ee03cb3507be1749676bee Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Mon, 18 Feb 2019 13:01:42 +0000
Subject: [PATCH 070/714] Do not report virtual filesystems in df

Tell `df` not to report on virtual filesystems such as `squashfs` (used
by `snapd` and always at 100%), `tmpfs` (memory-only) and `devtmpfs`
(used by `udev`)
---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 8ef9764e..32c8bdcc 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -281,7 +281,7 @@ wazuh_agent_config:
       - format: 'syslog'
         location: '/var/ossec/logs/active-responses.log'
       - format: 'command'
-        command: 'df -P'
+        command: df -P -x squashfs -x tmpfs -x devtmpfs
         frequency: '360'
       - format: 'full_command'
         command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 96e6346d..71796d9d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -183,7 +183,7 @@ wazuh_manager_config:
   localfiles:
     common:
        - format: 'command'
-         command: 'df -P'
+         command: df -P -x squashfs -x tmpfs -x devtmpfs
          frequency: '360'
        - format: 'full_command'
          command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t

From f96ab0a317e3c8bac60d50c83465c61527fe2775 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Wed, 20 Feb 2019 13:31:24 +0000
Subject: [PATCH 071/714] Add flag to accept remote commands from manager

Without this flag the agent will not accept any system check
commands (`command` and `full_command`) configured in the Wazuh
Manager settings to cascade down to agents.
---
 .../templates/var-ossec-etc-local-internal-options.conf.j2    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
index 6e3c86a8..81979e59 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
@@ -10,3 +10,7 @@
 
 # This is the template of Ansible for the file local_internal_options.conf
 # In this file you could include the configuration settings for your agents
+
+# Logcollector - If it should accept remote commands from the manager
+logcollector.remote_commands=1
+

From 6f1632690551da7118d4856389c0c033c7d15ce0 Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Thu, 24 Jan 2019 08:42:57 +0100
Subject: [PATCH 072/714] debian repo keys with pgp keyserver

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 4 ++++
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ++++
 roles/elastic-stack/ansible-logstash/defaults/main.yml      | 4 ++++
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 4 ++++
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 4 ++++
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 5 +++++
 6 files changed, 25 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index ef5e02cd..c36a9ef1 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -8,5 +8,9 @@ elastic_stack_version: 6.5.4
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: yes
+<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
+=======
+elasticrepo_gpg_keyserver: pgp.mit.edu
+>>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 2b02b8b4..88893f0c 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,7 +5,11 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
 wazuh_version: 3.8.2
+<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
 wazuhapp_location: https://packages.wazuh.com/wazuhapp
 
+=======
+elasticrepo_gpg_keyserver: pgp.mit.edu
+>>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 0be1cc56..fdc11b82 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -18,5 +18,9 @@ logstash_ssl_key_file: ""
 
 logstash_install_java: yes
 
+<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
+=======
+elasticrepo_gpg_keyserver: pgp.mit.edu
+>>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 5f3023c1..c41838a1 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -28,5 +28,9 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
+<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
+=======
+elasticrepo_gpg_keyserver: pgp.mit.edu
+>>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 069d1905..77b38746 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -306,5 +306,9 @@ wazuh_agent_config:
       - key: Env
         value: Production
 
+<<<<<<< HEAD
 wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
 wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
+=======
+wauzhrepo_gpg_keyserver: pgp.mit.edu
+>>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 66f46837..9f05f727 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -330,7 +330,12 @@ wazuh_agent_configs:
       - location: 'System'
         format: 'eventlog'
 
+<<<<<<< HEAD
 wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
 nodejsrepo_gpg_keyserver: pool.sks-keyservers.net
 wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
 nodejsrepo_server: https://deb.nodesource.com/node_6.x
+=======
+wauzhrepo_gpg_keyserver: pgp.mit.edu
+nodejsrepo_gpg_keyserver: pgp.mit.edu
+>>>>>>> debian repo keys with pgp keyserver

From 0256b529f13179e81acfbe3e30f183f7dbead135 Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Thu, 24 Jan 2019 09:01:16 +0100
Subject: [PATCH 073/714] make debian repos customizable

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 4 ----
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ----
 roles/elastic-stack/ansible-logstash/defaults/main.yml      | 4 ----
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 4 ----
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 4 ----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 5 -----
 6 files changed, 25 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index c36a9ef1..ef5e02cd 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -8,9 +8,5 @@ elastic_stack_version: 6.5.4
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: yes
-<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
-=======
-elasticrepo_gpg_keyserver: pgp.mit.edu
->>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 88893f0c..2b02b8b4 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,11 +5,7 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.5.4
 wazuh_version: 3.8.2
-<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
 wazuhapp_location: https://packages.wazuh.com/wazuhapp
 
-=======
-elasticrepo_gpg_keyserver: pgp.mit.edu
->>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index fdc11b82..0be1cc56 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -18,9 +18,5 @@ logstash_ssl_key_file: ""
 
 logstash_install_java: yes
 
-<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
-=======
-elasticrepo_gpg_keyserver: pgp.mit.edu
->>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index c41838a1..5f3023c1 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -28,9 +28,5 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
-<<<<<<< HEAD
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
-=======
-elasticrepo_gpg_keyserver: pgp.mit.edu
->>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 77b38746..069d1905 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -306,9 +306,5 @@ wazuh_agent_config:
       - key: Env
         value: Production
 
-<<<<<<< HEAD
 wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
 wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
-=======
-wauzhrepo_gpg_keyserver: pgp.mit.edu
->>>>>>> debian repo keys with pgp keyserver
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 9f05f727..66f46837 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -330,12 +330,7 @@ wazuh_agent_configs:
       - location: 'System'
         format: 'eventlog'
 
-<<<<<<< HEAD
 wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
 nodejsrepo_gpg_keyserver: pool.sks-keyservers.net
 wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
 nodejsrepo_server: https://deb.nodesource.com/node_6.x
-=======
-wauzhrepo_gpg_keyserver: pgp.mit.edu
-nodejsrepo_gpg_keyserver: pgp.mit.edu
->>>>>>> debian repo keys with pgp keyserver

From 1a73b8e8a1a9ffca879bced081c97a6073662b22 Mon Sep 17 00:00:00 2001
From: joschneid <jott.ess@web.de>
Date: Fri, 25 Jan 2019 08:35:41 +0100
Subject: [PATCH 074/714] custom wazuh app location

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 2b02b8b4..c14b41bd 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -8,4 +8,3 @@ wazuh_version: 3.8.2
 elasticrepo_gpg_keyserver: pool.sks-keyservers.net
 elasticrepo_server: https://artifacts.elastic.co/packages/6.x/apt
 wazuhapp_location: https://packages.wazuh.com/wazuhapp
-

From 7381dc8b2bcaa7f8481e35813c5a8586d399b03e Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Fri, 22 Mar 2019 00:03:42 +0000
Subject: [PATCH 075/714] Fix wazuh_manager_config.email_notification

There's no need for a complicated if..then condition here since the
value is expected to be yes/no only
---
 .../templates/var-ossec-etc-ossec-server.conf.j2            | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 71201e92..7fa9dad4 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -11,11 +11,7 @@
     <alerts_log>{{ wazuh_manager_config.alerts_log }}</alerts_log>
     <logall>{{ wazuh_manager_config.logall }}</logall>
     <logall_json>{{ wazuh_manager_config.logall_json }}</logall_json>
-    {% if wazuh_manager_config.email_notification | lower == "yes" %}
-    <email_notification>yes</email_notification>
-    {% else %}
-    <email_notification>no</email_notification>
-    {% endif %}
+    <email_notification>{{ wazuh_manager_config.email_notification }}</email_notification>
     {% for to in wazuh_manager_config.mail_to %}
     <email_to>{{ to }}</email_to>
     {% endfor %}

From a9344cf18180d91da8b3c86e5843f34ddd6e088a Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Mon, 1 Apr 2019 12:23:48 +0200
Subject: [PATCH 076/714] Using list instead of iterating over one to install
 packages

---
 .../elastic-stack/ansible-elasticsearch/tasks/Debian.yml  | 4 +---
 roles/elastic-stack/ansible-logstash/tasks/Debian.yml     | 4 +---
 roles/wazuh/ansible-filebeat/tasks/Debian.yml             | 4 +---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml          | 8 ++------
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml        | 4 +---
 5 files changed, 6 insertions(+), 18 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 2cfcc77b..162ed42f 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -1,9 +1,7 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    pkg:
-      - apt-transport-https
-      - ca-certificates
+    name: ['apt-transport-https', 'ca-certificates']
     state: present
 
 - when: elasticsearch_install_java
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 9d0cd4b5..1fc5a1f8 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -1,9 +1,7 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    pkg:
-      - apt-transport-https
-      - ca-certificates
+    name: ['apt-transport-https', 'ca-certificates']
     state: present
 
 - when: logstash_install_java
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 32fab13e..226f145e 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -1,9 +1,7 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    pkg:
-        - apt-transport-https
-        - ca-certificates
+    name: ['apt-transport-https', 'ca-certificates']
     state: present
 
 
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index b11b846a..5fef8bad 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,9 +1,7 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    pkg:
-        - apt-transport-https
-        - ca-certificates
+    name: ['apt-transport-https', 'ca-certificates']
     state: present
 
 - name: Debian/Ubuntu | Installing repository key
@@ -47,11 +45,9 @@
 
 - name: Debian/Ubuntu | Install OpenScap
   apt:
+    name: ['libopenscap8', 'xsltproc']
     state: present
     when: wazuh_agent_config.openscap.disable == 'no'
-    pkg:
-        - libopenscap8
-        - xsltproc
     tags:
         - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 9905b238..94849f96 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,9 +1,7 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    pkg:
-        - apt-transport-https
-        - ca-certificates
+    name: ['apt-transport-https', 'ca-certificates']
     state: present
 
 - name: Debian/Ubuntu | Installing Wazuh repository key

From 7e284b8dd498b7d97b5d07f86999a3e2b44c2787 Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Mon, 1 Apr 2019 12:59:39 +0200
Subject: [PATCH 077/714] Using apt list at kibana

---
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 733b222c..a7db7dee 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -1,9 +1,7 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    pkg:
-        - apt-transport-https
-        - ca-certificates
+    name: ['apt-transport-https', 'ca-certificates']
     state: present
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key

From 29301b0044b4b7d7d1f158f90c0fa53925827c38 Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Wed, 3 Apr 2019 12:20:59 +0200
Subject: [PATCH 078/714] Adding alias to agent config file template

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2          | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 6327441a..bfcf86e4 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -291,6 +291,9 @@
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
         <command>{{ localfile.command }}</command>
         <frequency>{{ localfile.frequency }}</frequency>
+        {% if localfile.alias is defined %}
+          <alias>{{ localfile.alias }}</alias>
+        {% endif %}
     {% else %}
         <location>{{ localfile.location }}</location>
     {% endif %}
@@ -305,6 +308,9 @@
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
         <command>{{ localfile.command }}</command>
         <frequency>{{ localfile.frequency }}</frequency>
+        {% if localfile.alias is defined %}
+          <alias>{{ localfile.alias }}</alias>
+        {% endif %}
     {% else %}
         <location>{{ localfile.location }}</location>
     {% endif %}
@@ -319,6 +325,9 @@
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
         <command>{{ localfile.command }}</command>
         <frequency>{{ localfile.frequency }}</frequency>
+        {% if localfile.alias is defined %}
+          <alias>{{ localfile.alias }}</alias>
+        {% endif %}
     {% else %}
         <location>{{ localfile.location }}</location>
     {% endif %}

From db638ade4d9cf0105f224f8b2d008862dd2b19e6 Mon Sep 17 00:00:00 2001
From: John Jediny <JJediny@users.noreply.github.com>
Date: Wed, 3 Apr 2019 09:05:35 -0400
Subject: [PATCH 079/714] Delete settings.json

---
 .vscode/settings.json | 3 ---
 1 file changed, 3 deletions(-)
 delete mode 100644 .vscode/settings.json

diff --git a/.vscode/settings.json b/.vscode/settings.json
deleted file mode 100644
index 07127794..00000000
--- a/.vscode/settings.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
-    "python.pythonPath": "/home/john/.local/share/virtualenvs/wazuh-ansible-b1QgYjuV/bin/python"
-}
\ No newline at end of file

From ce4665ef3e11fa1a10de33ec6c6a0cda88232232 Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Thu, 4 Apr 2019 10:22:33 +0200
Subject: [PATCH 080/714] Fixing default active response

---
 .../ansible-wazuh-manager/defaults/main.yml   | 11 --------
 .../var-ossec-etc-ossec-server.conf.j2        | 28 ++++++++++---------
 2 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index e55f4848..80b39c06 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -255,17 +255,6 @@ wazuh_manager_config:
       decoders_path: 'custom_ruleset/decoders/'
   rule_exclude:
     - '0215-policy_rules.xml'
-  active_responses:
-    - command: 'restart-ossec'
-      location: 'local'
-      rules_id: '100002'
-    - command: 'win_restart-ossec'
-      location: 'local'
-      rules_id: '100003'
-    - command: 'host-deny'
-      location: 'local'
-      level: 6
-      timeout: 600
   syslog_outputs:
     - server: null
       port: null
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 595279c1..873588cc 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -395,19 +395,21 @@
 
 
   <!-- Active Response Config 
-{% for response in wazuh_manager_config.active_responses %}
-  <active-response>
-    <disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled>
-    {%if response.command is defined %}<command>{{ response.command }}</command>{% endif %}
-    {%if response.location is defined %}<location>{{ response.location }}</location>{% endif %}
-    {%if response.agent_id is defined %}<agent_id>{{ response.agent_id }}</agent_id>{% endif %}
-    {%if response.level is defined %}<level>{{ response.level }}</level>{% endif %}
-    {%if response.rules_group is defined %}<rules_group>{{ response.rules_group }}</rules_group>{% endif %}
-    {%if response.rules_id is defined %}<rules_id>{{ response.rules_id }}</rules_id>{% endif %}
-    {%if response.timeout is defined %}<timeout>{{ response.timeout }}</timeout>{% endif %}
-    {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
-  </active-response>
-{% endfor %}
+{% if wazuh_manager_config.active_responses is defined %}
+  {% for response in wazuh_manager_config.active_responses %}
+    <active-response>
+      <disabled>{% if response.disabled is defined %}{{ response.disabled }}{% else %}no{% endif %}</disabled>
+      {%if response.command is defined %}<command>{{ response.command }}</command>{% endif %}
+      {%if response.location is defined %}<location>{{ response.location }}</location>{% endif %}
+      {%if response.agent_id is defined %}<agent_id>{{ response.agent_id }}</agent_id>{% endif %}
+      {%if response.level is defined %}<level>{{ response.level }}</level>{% endif %}
+      {%if response.rules_group is defined %}<rules_group>{{ response.rules_group }}</rules_group>{% endif %}
+      {%if response.rules_id is defined %}<rules_id>{{ response.rules_id }}</rules_id>{% endif %}
+      {%if response.timeout is defined %}<timeout>{{ response.timeout }}</timeout>{% endif %}
+      {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
+    </active-response>
+  {% endfor %}
+{% endif %}
 -->
 
   <!-- Files to monitor (localfiles) -->

From 78de851347e0d505d43dfe58fdaea09b54e0a72f Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Thu, 11 Apr 2019 19:36:01 +0200
Subject: [PATCH 081/714] Updating elastic stack version to 6.7.1

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/elastic-stack/ansible-logstash/defaults/main.yml      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 677517a9..9e397d4a 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 6.5.4
+elastic_stack_version: 6.7.1
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: yes
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index d8d60107..5853f636 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -3,6 +3,6 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 6.5.4
+elastic_stack_version: 6.7.1
 wazuh_version: 3.8.2
 
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 955fcf6f..208301be 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -9,7 +9,7 @@ elasticsearch_network_host: ["Localhost"]
 elasticsearch_http_port: "9200"
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
-elastic_stack_version: 6.5.4
+elastic_stack_version: 6.7.1
 
 logstash_ssl: false
 logstash_ssl_dir: /etc/pki/logstash

From 85dbeca966e17ab333a4ff43397e7b4d7135bf52 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 15 Apr 2019 18:07:04 +0200
Subject: [PATCH 082/714] Ignoring binary files.

---
 .gitignore                              |   1 +
 molecule/default/tests/test_default.pyc | Bin 1129 -> 0 bytes
 2 files changed, 1 insertion(+)
 delete mode 100644 molecule/default/tests/test_default.pyc

diff --git a/.gitignore b/.gitignore
index 8cf3ebb6..148b831f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ wazuh-elastic.yml
 wazuh-kibana.yml
 wazuh-logstash.yml
 wazuh-manager.yml
+*.pyc
\ No newline at end of file
diff --git a/molecule/default/tests/test_default.pyc b/molecule/default/tests/test_default.pyc
deleted file mode 100644
index 26a7961dd7504411d3b1779b1d086d6e5f9827fd..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1129
zcmeHFO;6k~5S=8;r%Lx!Ra`jlg*Av$38_LwXi=%Qi?l!`wudN9oW;RwNA_e3g1xjo
z_s{lRwPR-kl>UV}$$0!Selwou=;zw%kL>7E3iA=s{FXlZo=iq>01{wy?*}jnfrn5;
zP_&>}01i+rLKedMw*ZPI$RZ$Tv<z7bzSGVXM{(L&AUg4z#sFWE`{AVDJ3R0A;^V=`
z-r($Hco82R_j~BlCsL*X&Efnzq}le#+)*lD5ha)fa7Xz9up59Oe65#}E95E!yYmQa
zHQ>8BNXI(uxJ(1PN|td<*`>B<u|-RxHTrV>Di@ODBEkGxxQOTE9$3o_3axs^Xyd~w
zhqyD2jjqa$E8XLc7Tsa;4jJ&q{vwZ+MobgrY?>IBYngFl+2t#?Yp1WT$98u+m)pf;
zYqC?yy)S!dx<zBG*cmHDxha%I>e8mZ(C7Uzn`p_?O7aIM)%r>hhR6-GDOZURnoYS8
zxgZ3&MWJ$&u-n_mq1}cl&V=D9YI8H2J&kGTVwFtzzrUL#e^I!EamMqclGrV8uuUEC
zm~VURn!G}gT_yuTJ8TCpf{xRMqy?ZJZaBZGx?7=;wwov`K1&{(N-65TBe)OoTKF)p
z*ptvT3O%TI59`fKgm5(#Mk`M=<`~ykqAAt)tHy?|vIjl?i&~57#CtQ*8QsKvcjdjB
K&q8{F_2>`A%SmAX


From 8291e4ab9fa0317090bc5f0f636d8b40580d640b Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Mon, 15 Apr 2019 21:52:08 +0200
Subject: [PATCH 083/714] Added a successful installation on provided Docker
 containers with Molecule

---
 molecule/default/molecule.yml                 | 25 ++++++++----
 molecule/default/playbook.yml                 |  8 ++--
 molecule/default/prepare.yml                  | 20 +++++++++-
 .../ansible-wazuh-manager/defaults/main.yml   |  1 +
 .../ansible-wazuh-manager/handlers/main.yml   |  2 +
 .../wazuh/ansible-wazuh-manager/meta/main.yml | 28 +++++++-------
 .../ansible-wazuh-manager/tasks/Debian.yml    | 38 ++++++++++++++++---
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 23 ++++++++---
 .../ansible-wazuh-manager/tasks/main.yml      | 38 +++++++++++--------
 9 files changed, 131 insertions(+), 52 deletions(-)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 19fba1ff..e18bd1f9 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -7,20 +7,31 @@ lint:
   name: yamllint
   enabled: false # fix in seperate PR
 platforms:
-  - name: bionic
+  - name: wazuh_manager_bionic
     image: ubuntu:bionic
-  - name: xenial
+    groups:
+      - wazuh_manager
+  - name: wazuh_manager_xenial
     image: ubuntu:xenial
-  - name: trusty
+    groups:
+      - wazuh_manager
+  - name: wazuh_manager_trusty
     image: ubuntu:trusty
-  - name: centos6
+    groups:
+      - wazuh_manager
+  - name: wazuh_manager_centos6
     image: centos:6
-  - name: centos7
-    image: centos:7      
+    groups:
+      - wazuh_manager
+  - name: wazuh_manager_centos7
+    image: milcom/centos7-systemd
+    privileged: True
+    groups:
+      - wazuh_manager
 provisioner:
   name: ansible
   env:
-    ANSIBLE_ROLES_PATH: $HOME/wazuh-ansible/roles
+    ANSIBLE_ROLES_PATH: ../../roles
   lint:
     name: ansible-lint
     enabled: true # fix in seperate PR
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index f8b8debf..d74f3e66 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -1,9 +1,11 @@
 ---
 - name: Converge
-  hosts: all
+  hosts: wazuh_manager
   roles:
-    - {role: wazuh/ansible-wazuh-manager}
-    - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
+    - role: wazuh/ansible-wazuh-manager
+
+
+    # - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
     # Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
     #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
     #- {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
index 5358b3bd..2ef19d18 100644
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
@@ -1,5 +1,21 @@
 ---
 - name: Prepare
   hosts: all
-  gather_facts: false
-  tasks: []
+  gather_facts: True
+  tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+        state: latest
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 80b39c06..b550b0f8 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,6 @@
 ---
 wazuh_manager_fqdn: "wazuh-server"
+wazuh_manager_package_state: latest
 
 wazuh_manager_config:
   json_output: 'yes'
diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
index 70f7b506..0fac45a1 100644
--- a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
@@ -13,3 +13,5 @@
     name: wazuh-api
     state: restarted
     enabled: true
+  when:
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
diff --git a/roles/wazuh/ansible-wazuh-manager/meta/main.yml b/roles/wazuh/ansible-wazuh-manager/meta/main.yml
index 69b6ebec..1275d232 100644
--- a/roles/wazuh/ansible-wazuh-manager/meta/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/meta/main.yml
@@ -6,18 +6,18 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
-  categories:
-  - monitoring
+    - name: EL
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+  galaxy_tags:
+    - monitoring
 dependencies: []
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 05b6a5a7..8123e4c9 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,17 +1,30 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: ['apt-transport-https', 'ca-certificates']
+    name:
+      - apt-transport-https
+      - ca-certificates
+      - gnupg
     state: present
     cache_valid_time: 3600
-  with_items:
-    - apt-transport-https
-    - ca-certificates
-    - urllib3
 
+- name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
+  become: yes
+  shell: |
+    set -o pipefail
+    curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
+  args:
+    warn: False
+    executable: /bin/bash
+  changed_when: False
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  when:
+    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -19,8 +32,23 @@
     state: present
     update_cache: yes
 
+- name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
+  become: yes
+  shell: |
+    set -o pipefail
+    curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
+  args:
+    warn: False
+    executable: /bin/bash
+  changed_when: False
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+
 - name: Debian/Ubuntu | Installing NodeJS repository key
   apt_key: url=https://deb.nodesource.com/gpgkey/nodesource.gpg.key
+  when:
+    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index e603508a..93118e83 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -3,7 +3,7 @@
   yum_repository:
     name: NodeJS
     description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ansible_distribution_major_version}}/x86_64
+    baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
     gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
     gpgcheck: yes
   when:
@@ -19,9 +19,12 @@
   when: ansible_distribution == 'Fedora'
 
 - name: AmazonLinux | Get Nodejs
-  shell: curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
+  shell: |
+    set -o pipefail
+    curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
   args:
     warn: no
+    executable: /bin/bash
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
@@ -53,7 +56,10 @@
     - ansible_distribution_major_version|int == 5
 
 - name: RedHat/CentOS/Fedora | Install openscap
-  package: name=openscap-scanner state=present
+  package: name={{ item }} state=present
+  with_items:
+    - openscap-scanner
+    - openssl
   tags:
     - init
   when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
@@ -80,7 +86,7 @@
     - wazuh_manager_config.cluster.disable != 'yes'
 
 - name: CentOS/RedHat 6 | Install python-cryptography module
-  shell: pip2.7 install cryptography
+  pip: name=cryptography state=present
   environment:
     PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}"
     LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib"
@@ -128,4 +134,11 @@
 - name: Set Distribution CIS filename for RHEL7/CentOS-7
   set_fact:
     cis_distribution_filename: cis_rhel7_linux_rcl.txt
-    when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == '7') or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
+  when:
+    - ansible_os_family == "RedHat" and ansible_distribution_major_version == '7'
+
+- name: Set Distribution CIS filename for RHEL7/CentOS-7 (Amazon)
+  set_fact:
+    cis_distribution_filename: cis_rhel7_linux_rcl.txt
+  when:
+    - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index f5c8ba3d..5ccc4057 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -6,13 +6,13 @@
   when: ansible_os_family == "Debian"
 
 - name: Install wazuh-manager, wazuh-api and expect
-  package: pkg={{ item }} state=latest
+  package: pkg={{ item }} state={{ wazuh_manager_package_state }}
   with_items:
     - wazuh-manager
     - wazuh-api
     - expect
   when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+    - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
   tags:
     - init
 
@@ -22,21 +22,21 @@
     regexp: 'echo -n "Starting Wazuh-manager: "'
     replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
   when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
+    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int == 6
     - wazuh_manager_config.cluster.disable != 'yes'
 
 - name: Install wazuh-manager and expect (EL5)
-  package: pkg={{ item }} state=latest
+  package: pkg={{ item }} state={{ wazuh_manager_package_state }}
   with_items:
     - wazuh-manager
     - expect
   when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and  ansible_distribution_major_version|int < 6
+    - ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6
   tags:
     - init
 
 - name: Generate SSL files for authd
-  command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{wazuh_manager_fqdn}}/"
+  command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{ wazuh_manager_fqdn }}/"
   args:
     creates: sslmanager.cert
     chdir: /var/ossec/etc/
@@ -71,7 +71,7 @@
 
 - name: Ensure ossec-authd service is disabled
   service: name=ossec-authd enabled=no state=stopped
-  when: old_authd_service.stat.exists == True
+  when: old_authd_service.stat.exists
   tags:
     - config
 
@@ -80,7 +80,7 @@
   with_items:
     - "/etc/init.d/ossec-authd"
     - "/lib/systemd/system/ossec-authd.service"
-  when: old_authd_service.stat.exists == True
+  when: old_authd_service.stat.exists
   tags:
     - config
 
@@ -180,7 +180,7 @@
 - name: Retrieving Wazuh-API User Credentials
   include_vars: wazuh_api_creds.yml
   when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+    - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
   tags:
     - config
 
@@ -198,9 +198,12 @@
     - config
 
 - name: Check if client-syslog is enabled
-  shell: "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo"
+  shell: |
+    set -o pipefail
+    "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo"
   args:
     removes: /var/ossec/bin/.process_list
+    executable: /bin/bash
   changed_when: False
   check_mode: no
   register: csyslog_enabled
@@ -212,14 +215,17 @@
   notify: restart wazuh-manager
   when:
     - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout
-    - syslog_output is defined and syslog_output == true
+    - syslog_output is defined and syslog_output
   tags:
     - config
 
 - name: Check if ossec-agentlessd is enabled
-  shell: "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo"
+  shell: |
+    set -o pipefail
+    "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo"
   args:
     removes: /var/ossec/bin/.process_list
+    executable: /bin/bash
   changed_when: False
   check_mode: no
   register: agentlessd_enabled
@@ -252,7 +258,7 @@
   poll: 0
   when:
     - wazuh_manager_config.vuls.disable != 'yes'
-    - ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
+    - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle']
   tags:
     - init
 
@@ -293,7 +299,7 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
   tags:
     - config
 
@@ -345,7 +351,7 @@
   environment:
     LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
   when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 )
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
 
 - name: Ensure Wazuh Manager is started and enabled (EL5)
   service:
@@ -355,7 +361,7 @@
   tags:
     - config
   when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6
+    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 6
 
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"

From dc8438401fb2e9737d05b53a3095e5c7b3906f10 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 16 Apr 2019 19:09:36 +0200
Subject: [PATCH 084/714] Added where possible the wazuh-manager role
 idempotent. Have to disable this because of issue #107

---
 molecule/default/molecule.yml                      | 14 ++++++++++++++
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml |  6 ++++--
 .../wazuh/ansible-wazuh-manager/tasks/RMDebian.yml |  2 ++
 .../wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml |  2 ++
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml |  2 ++
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml   |  6 +++++-
 6 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index e18bd1f9..e8fa0c77 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -37,6 +37,20 @@ provisioner:
     enabled: true # fix in seperate PR
 scenario:
   name: default
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    # - idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
 verifier:
   name: testinfra
   lint:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 8123e4c9..e9be63db 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -31,6 +31,7 @@
     repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     state: present
     update_cache: yes
+  changed_when: False
 
 - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
   become: yes
@@ -55,6 +56,7 @@
     repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
     state: present
     update_cache: yes
+  changed_when: False
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
@@ -101,7 +103,7 @@
   shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
   when: wazuh_manager_config.openscap.disable == 'no'
   register: openscap_version
-  changed_when: true
+  changed_when: False
   tags:
     - config
 
@@ -109,6 +111,6 @@
   shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
   when: wazuh_manager_config.openscap.disable == 'no'
   register: openscap_version_valid
-  changed_when: true
+  changed_when: False
   tags:
     - config
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
index 1fb9b04d..c0f1f797 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
@@ -3,8 +3,10 @@
   apt_repository:
     repo: deb https://packages.wazuh.com/apt {{ ansible_distribution_release }} main
     state: absent
+  changed_when: False
 
 - name: Debian/Ubuntu | Remove Nodejs repository.
   apt_repository:
     repo: deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main
     state: absent
+  changed_when: False
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
index 6349dc6a..2b30cf5c 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
@@ -3,8 +3,10 @@
   yum_repository:
     name: NodeJS
     state: absent
+  changed_when: False
 
 - name: RedHat/CentOS/Fedora | Remove Wazuh repository (and clean up left-over metadata)
   yum_repository:
     name: wazuh_repo
     state: absent
+  changed_when: False
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 93118e83..0bf5aca2 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -6,6 +6,7 @@
     baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
     gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
     gpgcheck: yes
+  changed_when: False
   when:
     - ansible_distribution_major_version|int > 5
 
@@ -42,6 +43,7 @@
     baseurl: https://packages.wazuh.com/3.x/yum/
     gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
     gpgcheck: yes
+  changed_when: False
   when:
     - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 5ccc4057..02c2a440 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -329,12 +329,16 @@
     group: ossec
     mode: 0640
   no_log: true
+  register: wazuh_manager_cdb_lists
+  until: wazuh_manager_cdb_lists is succeeded
   notify:
     - rebuild cdb_lists
     - restart wazuh-manager
   with_items:
     - "{{ cdb_lists }}"
-  when: cdb_lists is defined
+  when:
+    - cdb_lists is defined
+    - cdb_lists is iterable
   tags:
     - config
 

From 41f7be184ef4718e4c157703b73f3da8fa8c494b Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 16 Apr 2019 19:16:54 +0200
Subject: [PATCH 085/714] Added retries for tasks that work with "3rd" party
 services

---
 .../wazuh/ansible-wazuh-manager/tasks/Debian.yml  |  6 ++++++
 .../wazuh/ansible-wazuh-manager/tasks/RedHat.yml  | 15 +++++++++++++++
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml  |  4 ++++
 3 files changed, 25 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index e9be63db..beb764b2 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -6,6 +6,8 @@
       - ca-certificates
       - gnupg
     state: present
+    register: wazuh_manager_https_packages_installed
+    until: wazuh_manager_https_packages_installed is succeeded
     cache_valid_time: 3600
 
 - name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
@@ -84,6 +86,8 @@
       name: oracle-java8-installer
       state: present
       cache_valid_time: 3600
+    register: wazuh_manager_oracle_java_8_installed
+    until: wazuh_manager_oracle_java_8_installed is succeeded
   tags:
     - init
 
@@ -92,6 +96,8 @@
     name: "{{ item }}"
     state: present
     cache_valid_time: 3600
+  register: wazuh_manager_openscap_installed
+  until: wazuh_manager_openscap_installed is succeeded
   when: wazuh_manager_config.openscap.disable == 'no'
   with_items:
     - libopenscap8
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 0bf5aca2..3f498b67 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -33,6 +33,8 @@
   yum:
     name: nodejs
     state: present
+  register: wazuh_manager_amz_node_packages_installed
+  until: wazuh_manager_amz_node_packages_installed is succeeded
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
@@ -62,12 +64,16 @@
   with_items:
     - openscap-scanner
     - openssl
+  register: wazuh_manager_openscp_packages_installed
+  until: wazuh_manager_openscp_packages_installed is succeeded
   tags:
     - init
   when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
 
 - name: CentOS 6 | Install Software Collections (SCL) Repository
   package: name=centos-release-scl state=present
+  register: wazuh_manager_scl_packages_installed
+  until: wazuh_manager_scl_packages_installed is succeeded
   when:
     - ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6'
     - wazuh_manager_config.cluster.disable != 'yes'
@@ -83,12 +89,16 @@
 
 - name: CentOS/RedHat 6 | Install Python 2.7
   package: name=python27 state=present
+  register: wazuh_manager_python_package_installed
+  until: wazuh_manager_python_package_installed is succeeded
   when:
     - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
     - wazuh_manager_config.cluster.disable != 'yes'
 
 - name: CentOS/RedHat 6 | Install python-cryptography module
   pip: name=cryptography state=present
+  register: wazuh_manager_cryptography_package_installed
+  until: wazuh_manager_cryptography_package_installed is succeeded
   environment:
     PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}"
     LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib"
@@ -98,6 +108,8 @@
 
 - name: RedHat/CentOS/Fedora | Install python-cryptography module
   package: name=python-cryptography state=present
+  register: wazuh_manager_cryptography_package_installed
+  until: wazuh_manager_cryptography_package_installed is succeeded
   when:
     - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' )
     - wazuh_manager_config.cluster.disable != 'yes'
@@ -108,6 +120,7 @@
     dest: /tmp/jre-8-linux-x64.rpm
     headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
   register: oracle_java_task_rpm_download
+  until: oracle_java_task_rpm_download is succeeded
   when:
     - wazuh_manager_config.cis_cat.disable == 'no'
     - wazuh_manager_config.cis_cat.install_java == 'yes'
@@ -116,6 +129,8 @@
 
 - name: RedHat/CentOS/Fedora | Install Oracle Java RPM
   package: name=/tmp/jre-8-linux-x64.rpm state=present
+  register: wazuh_manager_oracle_java_installed
+  until: wazuh_manager_oracle_java_installed is succeeded
   when:
     - wazuh_manager_config.cis_cat.disable == 'no'
     - wazuh_manager_config.cis_cat.install_java == 'yes'
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 02c2a440..9e538e09 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -11,6 +11,8 @@
     - wazuh-manager
     - wazuh-api
     - expect
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
   when:
     - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
   tags:
@@ -30,6 +32,8 @@
   with_items:
     - wazuh-manager
     - expect
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
   when:
     - ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6
   tags:

From d20608b770b5d7f5e3404c95844d27d04ae29a68 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 16 Apr 2019 19:19:50 +0200
Subject: [PATCH 086/714] Added retries for the prepare playbook

---
 molecule/default/prepare.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
index 2ef19d18..ac788955 100644
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
@@ -10,6 +10,8 @@
           - python-setuptools
           - python-pip
         state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
       when:
         - ansible_distribution == "Ubuntu"
         - ansible_distribution_major_version | int == 14
@@ -19,3 +21,5 @@
         name:
           - curl
         state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded

From fa7a5e6b91552bf372d2b0ca1a9d22583c13e244 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 16 Apr 2019 20:36:31 +0200
Subject: [PATCH 087/714] Added some tests with Testinfra

---
 molecule/default/molecule.yml                 | 14 +---
 molecule/default/playbook.yml                 |  2 +-
 molecule/default/tests/test_default.py        | 70 ++++++++++++++-----
 .../ansible-wazuh-manager/tasks/Debian.yml    |  4 +-
 4 files changed, 60 insertions(+), 30 deletions(-)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index e8fa0c77..785a525c 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -9,25 +9,17 @@ lint:
 platforms:
   - name: wazuh_manager_bionic
     image: ubuntu:bionic
-    groups:
-      - wazuh_manager
   - name: wazuh_manager_xenial
-    image: ubuntu:xenial
-    groups:
-      - wazuh_manager
+    image: solita/ubuntu-systemd:xenial
+    privileged: True
+    command: /sbin/init
   - name: wazuh_manager_trusty
     image: ubuntu:trusty
-    groups:
-      - wazuh_manager
   - name: wazuh_manager_centos6
     image: centos:6
-    groups:
-      - wazuh_manager
   - name: wazuh_manager_centos7
     image: milcom/centos7-systemd
     privileged: True
-    groups:
-      - wazuh_manager
 provisioner:
   name: ansible
   env:
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index d74f3e66..a1865ee8 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -1,6 +1,6 @@
 ---
 - name: Converge
-  hosts: wazuh_manager
+  hosts: all
   roles:
     - role: wazuh/ansible-wazuh-manager
 
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index c47beceb..0ae01a92 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -1,4 +1,5 @@
 import os
+import pytest
 
 import testinfra.utils.ansible_runner
 
@@ -6,25 +7,62 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
 
 
-def test_hosts_file(host):
-    f = host.file('/etc/hosts')
-
-    assert f.exists
-    assert f.user == 'root'
-    assert f.group == 'root'
+def get_wazuh_version():
+    """This return the version of Wazuh."""
+    return "3.8"
 
 
-def test_filebeat_is_installed(host):
-    package = host.package("filebeat")
-    assert package.is_installed
-    assert package.version.startswith("6")
+def test_wazuh_packages_are_installed(host):
+    """Test if the main packages are installed."""
+    manager = host.package("wazuh-manager")
+    api = host.package("wazuh-api")
+
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'centos':
+        if host.system_info.release == "7":
+            assert manager.is_installed
+            assert manager.version.startswith(get_wazuh_version())
+            assert api.is_installed
+            assert api.version.startswith(get_wazuh_version())
+        elif host.system_info.release.startswith("6"):
+            assert manager.is_installed
+            assert manager.version.startswith(get_wazuh_version())
+    elif distribution == 'ubuntu':
+        assert manager.is_installed
+        assert manager.version.startswith(get_wazuh_version())
 
 
-def test_filebeat_service_enabled(host):
-    service = host.service('filebeat')
-    assert service.is_enabled
+def test_wazuh_services_are_running(host):
+    """Test if the services are enabled and running.
 
+    When assert commands are commented, this means that the service command has a
+    wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
+    """
+    manager = host.service("wazuh-manager")
+    api = host.service("wazuh-api")
 
-def test_filebeat_config_file_present(host):
-    config_file = host.file('/etc/filebeat/filebeat.yml')
-    assert config_file.is_file
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'centos':
+        # assert manager.is_running
+        assert manager.is_enabled
+        # assert not api.is_running
+        assert not api.is_enabled
+    elif distribution == 'ubuntu':
+        # assert manager.is_running
+        assert manager.is_enabled
+        # assert api.is_running
+        assert api.is_enabled
+
+@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
+    ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
+    ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
+    ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
+    ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
+])
+def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
+    """Test if Wazuh related files exist and have proper owners and mode."""
+    wazuh_file_host = host.file(wazuh_file)
+
+    assert wazuh_file_host.user == wazuh_owner
+    assert wazuh_file_host.group == wazuh_group
+    assert wazuh_file_host.mode == wazuh_mode
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index beb764b2..3fc54e84 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -6,9 +6,9 @@
       - ca-certificates
       - gnupg
     state: present
-    register: wazuh_manager_https_packages_installed
-    until: wazuh_manager_https_packages_installed is succeeded
     cache_valid_time: 3600
+  register: wazuh_manager_https_packages_installed
+  until: wazuh_manager_https_packages_installed is succeeded
 
 - name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
   become: yes

From ad256682b08f82badfb6bb84a73dfdd0bad302a9 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 16 Apr 2019 20:38:50 +0200
Subject: [PATCH 088/714] Rename the platforms

---
 molecule/default/molecule.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 785a525c..cb20e33f 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -7,17 +7,17 @@ lint:
   name: yamllint
   enabled: false # fix in seperate PR
 platforms:
-  - name: wazuh_manager_bionic
+  - name: bionic
     image: ubuntu:bionic
-  - name: wazuh_manager_xenial
+  - name: xenial
     image: solita/ubuntu-systemd:xenial
     privileged: True
     command: /sbin/init
-  - name: wazuh_manager_trusty
+  - name: trusty
     image: ubuntu:trusty
-  - name: wazuh_manager_centos6
+  - name: centos6
     image: centos:6
-  - name: wazuh_manager_centos7
+  - name: centos7
     image: milcom/centos7-systemd
     privileged: True
 provisioner:

From 25dc5ddd930d5ab08478c8f8b85e05aea7abcffd Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 16 Apr 2019 20:57:58 +0200
Subject: [PATCH 089/714] Fixed lint issue on tests

---
 molecule/default/tests/test_default.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 0ae01a92..f2ee6ead 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -35,8 +35,8 @@ def test_wazuh_packages_are_installed(host):
 def test_wazuh_services_are_running(host):
     """Test if the services are enabled and running.
 
-    When assert commands are commented, this means that the service command has a
-    wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
+    When assert commands are commented, this means that the service command has
+    a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
     """
     manager = host.service("wazuh-manager")
     api = host.service("wazuh-api")
@@ -53,6 +53,7 @@ def test_wazuh_services_are_running(host):
         # assert api.is_running
         assert api.is_enabled
 
+
 @pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
     ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
     ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),

From 509f87aa708192d5a6df13efa18333ae41628fdd Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Wed, 17 Apr 2019 19:05:17 +0200
Subject: [PATCH 090/714] Updated versions of the required modules like
 Molecule

---
 Pipfile.lock | 366 ++++++++++++++++++++++++++++++---------------------
 1 file changed, 213 insertions(+), 153 deletions(-)

diff --git a/Pipfile.lock b/Pipfile.lock
index f555b014..1df7c847 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -18,16 +18,17 @@
     "default": {
         "ansible": {
             "hashes": [
-                "sha256:040cc936f959b947800ffaa5f940d2508aaa41f899efe56b47a7442c89689150"
+                "sha256:84a42d1e371c4222c82e575cb6961fafd3afe920d84e4b6d87affabe400be294"
             ],
             "index": "pypi",
-            "version": "==2.7.7"
+            "version": "==2.7.10"
         },
         "ansible-lint": {
             "hashes": [
-                "sha256:7686dad54aab9281562a5788415af1488b9af8a5acc99c042ecb9959b6ab7a57"
+                "sha256:9430ea6e654ba4bf5b9c6921efc040f46cda9c4fd2896a99ff71d21037bcb123",
+                "sha256:c1b442b01091eca13ef11d98c3376e9489ba5b69a8467828ca86044f384bc0a1"
             ],
-            "version": "==3.4.23"
+            "version": "==4.1.0"
         },
         "anyconfig": {
             "hashes": [
@@ -37,9 +38,10 @@
         },
         "arrow": {
             "hashes": [
-                "sha256:9cb4a910256ed536751cd5728673bfb53e6f0026e240466f90c2a92c0b79c895"
+                "sha256:3397e5448952e18e1295bf047014659effa5ae8da6a5371d37ff0ddc46fa6872",
+                "sha256:6f54d9f016c0b7811fac9fb8c2c7fa7421d80c54dbdd75ffb12913c55db60b8a"
             ],
-            "version": "==0.13.0"
+            "version": "==0.13.1"
         },
         "asn1crypto": {
             "hashes": [
@@ -57,16 +59,17 @@
         },
         "attrs": {
             "hashes": [
-                "sha256:10cbf6e27dbce8c30807caf056c8eb50917e0eaafe86347671b57254006c3e69",
-                "sha256:ca4be454458f9dec299268d472aaa5a11f67a4ff70093396e1ceae9c76cf4bbb"
+                "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79",
+                "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399"
             ],
-            "version": "==18.2.0"
+            "version": "==19.1.0"
         },
         "backports.functools-lru-cache": {
             "hashes": [
                 "sha256:9d98697f088eb1b0fa451391f91afb5e3ebde16bbdb272819fd091151fda4f1a",
                 "sha256:f0b0e4eba956de51238e17573b7087e852dfe9854afd2e9c873f73fc0ca0a6dd"
             ],
+            "markers": "python_version == '2.7'",
             "version": "==1.5"
         },
         "backports.ssl-match-hostname": {
@@ -115,47 +118,43 @@
         },
         "certifi": {
             "hashes": [
-                "sha256:47f9c83ef4c0c621eaef743f133f09fa8a74a9b75f037e8624f83bd1b6626cb7",
-                "sha256:993f830721089fef441cdfeb4b2c8c9df86f0c63239f06bd025a76a7daddb033"
+                "sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5",
+                "sha256:b26104d6835d1f5e49452a26eb2ff87fe7090b89dfcaee5ea2212697e1e1d7ae"
             ],
-            "version": "==2018.11.29"
+            "version": "==2019.3.9"
         },
         "cffi": {
             "hashes": [
-                "sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743",
-                "sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef",
-                "sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50",
-                "sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f",
-                "sha256:3bb6bd7266598f318063e584378b8e27c67de998a43362e8fce664c54ee52d30",
-                "sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93",
-                "sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257",
-                "sha256:495c5c2d43bf6cebe0178eb3e88f9c4aa48d8934aa6e3cddb865c058da76756b",
-                "sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3",
-                "sha256:57b2533356cb2d8fac1555815929f7f5f14d68ac77b085d2326b571310f34f6e",
-                "sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc",
-                "sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04",
-                "sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6",
-                "sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359",
-                "sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596",
-                "sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b",
-                "sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd",
-                "sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95",
-                "sha256:a6a5cb8809091ec9ac03edde9304b3ad82ad4466333432b16d78ef40e0cce0d5",
-                "sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e",
-                "sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6",
-                "sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca",
-                "sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31",
-                "sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1",
-                "sha256:ca1bd81f40adc59011f58159e4aa6445fc585a32bb8ac9badf7a2c1aa23822f2",
-                "sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085",
-                "sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801",
-                "sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4",
-                "sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184",
-                "sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917",
-                "sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f",
-                "sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb"
+                "sha256:00b97afa72c233495560a0793cdc86c2571721b4271c0667addc83c417f3d90f",
+                "sha256:0ba1b0c90f2124459f6966a10c03794082a2f3985cd699d7d63c4a8dae113e11",
+                "sha256:0bffb69da295a4fc3349f2ec7cbe16b8ba057b0a593a92cbe8396e535244ee9d",
+                "sha256:21469a2b1082088d11ccd79dd84157ba42d940064abbfa59cf5f024c19cf4891",
+                "sha256:2e4812f7fa984bf1ab253a40f1f4391b604f7fc424a3e21f7de542a7f8f7aedf",
+                "sha256:2eac2cdd07b9049dd4e68449b90d3ef1adc7c759463af5beb53a84f1db62e36c",
+                "sha256:2f9089979d7456c74d21303c7851f158833d48fb265876923edcb2d0194104ed",
+                "sha256:3dd13feff00bddb0bd2d650cdb7338f815c1789a91a6f68fdc00e5c5ed40329b",
+                "sha256:4065c32b52f4b142f417af6f33a5024edc1336aa845b9d5a8d86071f6fcaac5a",
+                "sha256:51a4ba1256e9003a3acf508e3b4f4661bebd015b8180cc31849da222426ef585",
+                "sha256:59888faac06403767c0cf8cfb3f4a777b2939b1fbd9f729299b5384f097f05ea",
+                "sha256:59c87886640574d8b14910840327f5cd15954e26ed0bbd4e7cef95fa5aef218f",
+                "sha256:610fc7d6db6c56a244c2701575f6851461753c60f73f2de89c79bbf1cc807f33",
+                "sha256:70aeadeecb281ea901bf4230c6222af0248c41044d6f57401a614ea59d96d145",
+                "sha256:71e1296d5e66c59cd2c0f2d72dc476d42afe02aeddc833d8e05630a0551dad7a",
+                "sha256:8fc7a49b440ea752cfdf1d51a586fd08d395ff7a5d555dc69e84b1939f7ddee3",
+                "sha256:9b5c2afd2d6e3771d516045a6cfa11a8da9a60e3d128746a7fe9ab36dfe7221f",
+                "sha256:9c759051ebcb244d9d55ee791259ddd158188d15adee3c152502d3b69005e6bd",
+                "sha256:b4d1011fec5ec12aa7cc10c05a2f2f12dfa0adfe958e56ae38dc140614035804",
+                "sha256:b4f1d6332339ecc61275bebd1f7b674098a66fea11a00c84d1c58851e618dc0d",
+                "sha256:c030cda3dc8e62b814831faa4eb93dd9a46498af8cd1d5c178c2de856972fd92",
+                "sha256:c2e1f2012e56d61390c0e668c20c4fb0ae667c44d6f6a2eeea5d7148dcd3df9f",
+                "sha256:c37c77d6562074452120fc6c02ad86ec928f5710fbc435a181d69334b4de1d84",
+                "sha256:c8149780c60f8fd02752d0429246088c6c04e234b895c4a42e1ea9b4de8d27fb",
+                "sha256:cbeeef1dc3c4299bd746b774f019de9e4672f7cc666c777cd5b409f0b746dac7",
+                "sha256:e113878a446c6228669144ae8a56e268c91b7f1fafae927adc4879d9849e0ea7",
+                "sha256:e21162bf941b85c0cda08224dade5def9360f53b09f9f259adb85fc7dd0e7b35",
+                "sha256:fb6934ef4744becbda3143d30c6604718871495a5e36c408431bf33d9c146889"
             ],
-            "version": "==1.11.5"
+            "version": "==1.12.2"
         },
         "chardet": {
             "hashes": [
@@ -186,12 +185,11 @@
         },
         "configparser": {
             "hashes": [
-                "sha256:5bd5fa2a491dc3cfe920a3f2a107510d65eceae10e9c6e547b90261a4710df32",
-                "sha256:c114ff90ee2e762db972fa205f02491b1f5cf3ff950decd8542c62970c9bedac",
-                "sha256:df28e045fbff307a28795b18df6ac8662be3219435560ddb068c283afab1ea7a"
+                "sha256:8be81d89d6e7b4c0d4e44bcc525845f6da25821de80cb5e06e7e0238a2899e32",
+                "sha256:da60d0014fd8c55eb48c1c5354352e363e2d30bbf7057e5e171a468390184c75"
             ],
             "markers": "python_version < '3.2'",
-            "version": "==3.7.1"
+            "version": "==3.7.4"
         },
         "cookiecutter": {
             "hashes": [
@@ -202,27 +200,27 @@
         },
         "cryptography": {
             "hashes": [
-                "sha256:05b3ded5e88747d28ee3ef493f2b92cbb947c1e45cf98cfef22e6d38bb67d4af",
-                "sha256:06826e7f72d1770e186e9c90e76b4f84d90cdb917b47ff88d8dc59a7b10e2b1e",
-                "sha256:08b753df3672b7066e74376f42ce8fc4683e4fd1358d34c80f502e939ee944d2",
-                "sha256:2cd29bd1911782baaee890544c653bb03ec7d95ebeb144d714b0f5c33deb55c7",
-                "sha256:31e5637e9036d966824edaa91bf0aa39dc6f525a1c599f39fd5c50340264e079",
-                "sha256:42fad67d7072216a49e34f923d8cbda9edacbf6633b19a79655e88a1b4857063",
-                "sha256:4946b67235b9d2ea7d31307be9d5ad5959d6c4a8f98f900157b47abddf698401",
-                "sha256:522fdb2809603ee97a4d0ef2f8d617bc791eb483313ba307cb9c0a773e5e5695",
-                "sha256:6f841c7272645dd7c65b07b7108adfa8af0aaea57f27b7f59e01d41f75444c85",
-                "sha256:7d335e35306af5b9bc0560ca39f740dfc8def72749645e193dd35be11fb323b3",
-                "sha256:8504661ffe324837f5c4607347eeee4cf0fcad689163c6e9c8d3b18cf1f4a4ad",
-                "sha256:9260b201ce584d7825d900c88700aa0bd6b40d4ebac7b213857bd2babee9dbca",
-                "sha256:9a30384cc402eac099210ab9b8801b2ae21e591831253883decdb4513b77a3cd",
-                "sha256:9e29af877c29338f0cab5f049ccc8bd3ead289a557f144376c4fbc7d1b98914f",
-                "sha256:ab50da871bc109b2d9389259aac269dd1b7c7413ee02d06fe4e486ed26882159",
-                "sha256:b13c80b877e73bcb6f012813c6f4a9334fcf4b0e96681c5a15dac578f2eedfa0",
-                "sha256:bfe66b577a7118e05b04141f0f1ed0959552d45672aa7ecb3d91e319d846001e",
-                "sha256:e091bd424567efa4b9d94287a952597c05d22155a13716bf5f9f746b9dc906d3",
-                "sha256:fa2b38c8519c5a3aa6e2b4e1cf1a549b54acda6adb25397ff542068e73d1ed00"
+                "sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1",
+                "sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705",
+                "sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6",
+                "sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1",
+                "sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8",
+                "sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151",
+                "sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d",
+                "sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659",
+                "sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537",
+                "sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e",
+                "sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb",
+                "sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c",
+                "sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9",
+                "sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5",
+                "sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad",
+                "sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a",
+                "sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460",
+                "sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd",
+                "sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6"
             ],
-            "version": "==2.5"
+            "version": "==2.6.1"
         },
         "docker-py": {
             "hashes": [
@@ -239,6 +237,13 @@
             ],
             "version": "==0.4.0"
         },
+        "entrypoints": {
+            "hashes": [
+                "sha256:589f874b313739ad35be6e0cd7efde2a4e9b6fea91edcc34e58ecbb8dbe56d19",
+                "sha256:c70dd71abe5a8c85e55e12c19bd91ccfeec11a6e99044204511f9ed547d48451"
+            ],
+            "version": "==0.3"
+        },
         "enum34": {
             "hashes": [
                 "sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850",
@@ -258,10 +263,10 @@
         },
         "flake8": {
             "hashes": [
-                "sha256:7253265f7abd8b313e3892944044a365e3f4ac3fcdcfb4298f55ee9ddf188ba0",
-                "sha256:c7841163e2b576d435799169b78703ad6ac1bbb0f199994fc05f700b2a90ea37"
+                "sha256:859996073f341f2670741b51ec1e67a01da142831aa1fdc6242dbf88dffbe661",
+                "sha256:a796a115208f5c03b18f332f7c11729812c8c3ded6c46319c59b53efd3819da8"
             ],
-            "version": "==3.5.0"
+            "version": "==3.7.7"
         },
         "funcsigs": {
             "hashes": [
@@ -271,6 +276,14 @@
             "markers": "python_version < '3.0'",
             "version": "==1.0.2"
         },
+        "functools32": {
+            "hashes": [
+                "sha256:89d824aa6c358c421a234d7f9ee0bd75933a67c29588ce50aaa3acdf4d403fa0",
+                "sha256:f6253dfbe0538ad2e387bd8fdfd9293c925d63553f5813c4e587745416501e6d"
+            ],
+            "markers": "python_version < '3.2'",
+            "version": "==3.2.3.post2"
+        },
         "future": {
             "hashes": [
                 "sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8"
@@ -279,25 +292,25 @@
         },
         "git-url-parse": {
             "hashes": [
-                "sha256:0ae889a7fd7718c6409c3da5c8166efc2e41ea135c9667f2d762e76f39fc84bc",
-                "sha256:5817358173e9c41200da5750ca5cf9d1d3283d93d804f7e55613c1277e188060",
-                "sha256:8ed5a1ed3b19f9536a2f341882226beda359bc91f8b1ce3459ab9026afb637df"
+                "sha256:4655ee22f1d8bf7a1eb1066c1da16529b186966c6d8331f7f55686a76a9f7aef",
+                "sha256:7b5f4e3aeb1d693afeee67a3bd4ac063f7206c2e8e46e559f0da0da98445f117",
+                "sha256:9353ff40d69488ff2299b27f40e0350ad87bd5348ea6ea09a1895eda9e5733de"
             ],
-            "version": "==1.2.0"
+            "version": "==1.2.2"
         },
         "idna": {
             "hashes": [
-                "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407",
-                "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c"
+                "sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e",
+                "sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16"
             ],
-            "version": "==2.8"
+            "version": "==2.7"
         },
         "ipaddress": {
             "hashes": [
                 "sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794",
                 "sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c"
             ],
-            "markers": "python_version < '3.3'",
+            "markers": "python_version < '3'",
             "version": "==1.0.22"
         },
         "jinja2": {
@@ -316,36 +329,36 @@
         },
         "markupsafe": {
             "hashes": [
-                "sha256:048ef924c1623740e70204aa7143ec592504045ae4429b59c30054cb31e3c432",
-                "sha256:130f844e7f5bdd8e9f3f42e7102ef1d49b2e6fdf0d7526df3f87281a532d8c8b",
-                "sha256:19f637c2ac5ae9da8bfd98cef74d64b7e1bb8a63038a3505cd182c3fac5eb4d9",
-                "sha256:1b8a7a87ad1b92bd887568ce54b23565f3fd7018c4180136e1cf412b405a47af",
-                "sha256:1c25694ca680b6919de53a4bb3bdd0602beafc63ff001fea2f2fc16ec3a11834",
-                "sha256:1f19ef5d3908110e1e891deefb5586aae1b49a7440db952454b4e281b41620cd",
-                "sha256:1fa6058938190ebe8290e5cae6c351e14e7bb44505c4a7624555ce57fbbeba0d",
-                "sha256:31cbb1359e8c25f9f48e156e59e2eaad51cd5242c05ed18a8de6dbe85184e4b7",
-                "sha256:3e835d8841ae7863f64e40e19477f7eb398674da6a47f09871673742531e6f4b",
-                "sha256:4e97332c9ce444b0c2c38dd22ddc61c743eb208d916e4265a2a3b575bdccb1d3",
-                "sha256:525396ee324ee2da82919f2ee9c9e73b012f23e7640131dd1b53a90206a0f09c",
-                "sha256:52b07fbc32032c21ad4ab060fec137b76eb804c4b9a1c7c7dc562549306afad2",
-                "sha256:52ccb45e77a1085ec5461cde794e1aa037df79f473cbc69b974e73940655c8d7",
-                "sha256:5c3fbebd7de20ce93103cb3183b47671f2885307df4a17a0ad56a1dd51273d36",
-                "sha256:5e5851969aea17660e55f6a3be00037a25b96a9b44d2083651812c99d53b14d1",
-                "sha256:5edfa27b2d3eefa2210fb2f5d539fbed81722b49f083b2c6566455eb7422fd7e",
-                "sha256:7d263e5770efddf465a9e31b78362d84d015cc894ca2c131901a4445eaa61ee1",
-                "sha256:83381342bfc22b3c8c06f2dd93a505413888694302de25add756254beee8449c",
-                "sha256:857eebb2c1dc60e4219ec8e98dfa19553dae33608237e107db9c6078b1167856",
-                "sha256:98e439297f78fca3a6169fd330fbe88d78b3bb72f967ad9961bcac0d7fdd1550",
-                "sha256:bf54103892a83c64db58125b3f2a43df6d2cb2d28889f14c78519394feb41492",
-                "sha256:d9ac82be533394d341b41d78aca7ed0e0f4ba5a2231602e2f05aa87f25c51672",
-                "sha256:e982fe07ede9fada6ff6705af70514a52beb1b2c3d25d4e873e82114cf3c5401",
-                "sha256:edce2ea7f3dfc981c4ddc97add8a61381d9642dc3273737e756517cc03e84dd6",
-                "sha256:efdc45ef1afc238db84cb4963aa689c0408912a0239b0721cb172b4016eb31d6",
-                "sha256:f137c02498f8b935892d5c0172560d7ab54bc45039de8805075e19079c639a9c",
-                "sha256:f82e347a72f955b7017a39708a3667f106e6ad4d10b25f237396a7115d8ed5fd",
-                "sha256:fb7c206e01ad85ce57feeaaa0bf784b97fa3cad0d4a5737bc5295785f5c613a1"
+                "sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473",
+                "sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161",
+                "sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235",
+                "sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5",
+                "sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff",
+                "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b",
+                "sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1",
+                "sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e",
+                "sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183",
+                "sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66",
+                "sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1",
+                "sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1",
+                "sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e",
+                "sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b",
+                "sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905",
+                "sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735",
+                "sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d",
+                "sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e",
+                "sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d",
+                "sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c",
+                "sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21",
+                "sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2",
+                "sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5",
+                "sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b",
+                "sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6",
+                "sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f",
+                "sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f",
+                "sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7"
             ],
-            "version": "==1.1.0"
+            "version": "==1.1.1"
         },
         "mccabe": {
             "hashes": [
@@ -356,12 +369,11 @@
         },
         "molecule": {
             "hashes": [
-                "sha256:23b1b30b37998f0eb747dc06a602df59157fe78d3f6a9882dea9271d8d37cdee",
-                "sha256:59734fa4487e1d4b9be6f5a3c1192ac76445670bc44ee172f23ac122d90412e3",
-                "sha256:9be671194019476dae73970ff92946595e7a2b7cc9c10afb0395a020b9f0fcde"
+                "sha256:0e9ef6845cdf2a01f6c386445e4e54add3f515a033ee16b7b658e6122c8f0d76",
+                "sha256:621797c54299775f284bbb010d5bb9be485500eecaaa14a476cbc0df285d0da7"
             ],
             "index": "pypi",
-            "version": "==2.19.0"
+            "version": "==2.20.1"
         },
         "monotonic": {
             "hashes": [
@@ -376,6 +388,7 @@
                 "sha256:c0a5785b1109a6bd7fac76d6837fd1feca158e54e521ccd2ae8bfe393cc9d4fc",
                 "sha256:fe7a7cae1ccb57d33952113ff4fa1bc5f879963600ed74918f1236e212ee50b9"
             ],
+            "markers": "python_version <= '2.7'",
             "version": "==5.0.0"
         },
         "paramiko": {
@@ -401,10 +414,10 @@
         },
         "pbr": {
             "hashes": [
-                "sha256:4f2b11d95917af76e936811be8361b2b19616e5ef3b55956a429ec7864378e0c",
-                "sha256:e0f23b61ec42473723b2fec2f33fb12558ff221ee551962f01dd4de9053c2055"
+                "sha256:f59d71442f9ece3dffc17bc36575768e1ee9967756e6b6535f0ee1f0054c3d68",
+                "sha256:f6d5b23f226a2ba58e14e49aa3b1bfaf814d0199144b95d78458212444de1387"
             ],
-            "version": "==4.1.0"
+            "version": "==5.1.1"
         },
         "pexpect": {
             "hashes": [
@@ -415,10 +428,10 @@
         },
         "pluggy": {
             "hashes": [
-                "sha256:8ddc32f03971bfdf900a81961a48ccf2fb677cf7715108f85295c67405798616",
-                "sha256:980710797ff6a041e9a73a5787804f848996ecaa6f8a1b1e08224a5894f2074a"
+                "sha256:19ecf9ce9db2fce065a7a0586e07cfb4ac8614fe96edf628a264b1c70116cf8f",
+                "sha256:84d306a647cc805219916e62aab89caa97a33a1dd8c342e87a37f91073cd4746"
             ],
-            "version": "==0.8.1"
+            "version": "==0.9.0"
         },
         "poyo": {
             "hashes": [
@@ -441,7 +454,6 @@
                 "sha256:a9b85b335b40a528a8e2a6b549592138de8429c6296e7361892958956e6a73cf",
                 "sha256:dc85fad15ef98103ecc047a0d81b55bbf5fe1b03313b96e883acc2e2fa87ed5c"
             ],
-            "markers": "sys_platform != 'win32' and sys_platform != 'cygwin'",
             "version": "==5.4.6"
         },
         "ptyprocess": {
@@ -453,10 +465,10 @@
         },
         "py": {
             "hashes": [
-                "sha256:bf92637198836372b520efcba9e020c330123be8ce527e535d185ed4b6f45694",
-                "sha256:e76826342cefe3c3d5f7e8ee4316b80d1dd8a300781612ddbc765c17ba25a6c6"
+                "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa",
+                "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53"
             ],
-            "version": "==1.7.0"
+            "version": "==1.8.0"
         },
         "pyasn1": {
             "hashes": [
@@ -467,10 +479,10 @@
         },
         "pycodestyle": {
             "hashes": [
-                "sha256:682256a5b318149ca0d2a9185d365d8864a768a28db66a84a2ea946bcc426766",
-                "sha256:6c4245ade1edfad79c3446fadfc96b0de2759662dc29d07d80a6f27ad1ca6ba9"
+                "sha256:95a2219d12372f05704562a14ec30bc76b05a5b297b21a5dfe3f6fac3491ae56",
+                "sha256:e40a936c9a450ad81df37f549d676d127b1b66000a6c500caa2b085bc0ca976c"
             ],
-            "version": "==2.3.1"
+            "version": "==2.5.0"
         },
         "pycparser": {
             "hashes": [
@@ -480,10 +492,10 @@
         },
         "pyflakes": {
             "hashes": [
-                "sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f",
-                "sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805"
+                "sha256:17dbeb2e3f4d772725c777fabc446d5634d1038f234e77343108ce445ea69ce0",
+                "sha256:d976835886f8c5b31d47970ed689944a0262b5f3afa00a5a7b4dc81e5449f8a2"
             ],
-            "version": "==1.6.0"
+            "version": "==2.1.1"
         },
         "pynacl": {
             "hashes": [
@@ -511,10 +523,10 @@
         },
         "pytest": {
             "hashes": [
-                "sha256:65aeaa77ae87c7fc95de56285282546cfa9c886dc8e5dc78313db1c25e21bc07",
-                "sha256:6ac6d467d9f053e95aaacd79f831dbecfe730f419c6c7022cb316b365cd9199d"
+                "sha256:3773f4c235918987d51daf1db66d51c99fac654c81d6f2f709a046ab446d5e5d",
+                "sha256:b7802283b70ca24d7119b32915efa7c409982f59913c1a6c0640aacf118b95f5"
             ],
-            "version": "==4.2.0"
+            "version": "==4.4.1"
         },
         "python-dateutil": {
             "hashes": [
@@ -554,22 +566,61 @@
             ],
             "version": "==2.21.0"
         },
+        "ruamel.ordereddict": {
+            "hashes": [
+                "sha256:08b4b19fe518d32251a5338e039c4dc9eb0876f2919f94c9b8d2f9446ea80806",
+                "sha256:150ce8e6c514a2a2b62753622a75874962561f8e5eeec81a3172ab952807bf0b",
+                "sha256:45541836cbfdde630033cae7bbbe35acbac87a0ceec79f944b7a3bedd940fe78",
+                "sha256:854dd4a524811b16111b1107d8a751e4ca064d2bb103d3d91deab75de36b6620",
+                "sha256:aee2fa23e884249b4284b728888c553d551e5bfd4de2731f10153fd7813ec55f",
+                "sha256:bf0a198c8ce5d973c24e5dba12d3abc254996788ca6ad8448eabc6aa710db149"
+            ],
+            "markers": "platform_python_implementation == 'CPython' and python_version <= '2.7'",
+            "version": "==0.4.13"
+        },
+        "ruamel.yaml": {
+            "hashes": [
+                "sha256:09ed5b07bfd09592dd265dc0f645b3e96e6c69de59ac1cd5b6dbcb8a243a28ee",
+                "sha256:10c194ef72f7419dd2fde7b35746c1e4bdaf80911e07c33eff3aedc1a89d574a",
+                "sha256:10e49c1b9ba35a9682fb3afffe52c2a1383e442bf05938dd87d30db252ce2e0b",
+                "sha256:1ca24a5ce2d2e61e6c504cbbbb24ece78127c79af87e8fe3175bb58c048f986d",
+                "sha256:272ade6dd5c27fdf2b917a497ee2bad1b11f41ad6f3f646a16a21b3ad78c2626",
+                "sha256:4be750a41289528e446d075b048e8cd06ea6a6779c2ef77f7b87ad3c567117d7",
+                "sha256:4d5c331e8a0e4423535e9dfecc6ea8f0ec4360b524b103f46432021cb9698d2e",
+                "sha256:69af34d4034659774e45d9f077e6f930d2c41c38ac721d5e7cb88b7629be446d",
+                "sha256:70229ffbd67a5171fc6aef24c32caa65042834bf6e8d0b3116d4046920a20be9",
+                "sha256:70a88e6ae131789e2fbe3816450a10c057b21ae93c875f717435fe2cea5fdcf3",
+                "sha256:89609fd5696cc82265877cdde3505242ebd2b262fb87a86e46d370fad5ff4111",
+                "sha256:92ff5ed79f5a98e3a57c741d238afa2846f2cae87d6385eebb93d0dcd6caf5b4",
+                "sha256:9f1323e7f6d25c8fba5fee5809a22f31805976978c7316a7d08ecdda0c22d6f0",
+                "sha256:af76d3350062124d8488b31c8dff9664a6a4934a71efb8af35d5c346632a765c",
+                "sha256:bf6931ac24676189ce061485a42e4ad36d158672dfde2bf7ba953b0edc8ee40b",
+                "sha256:c6d05e38a141922eca7902135e7a40b605763d6da8ec6624517370631ce9fb6d",
+                "sha256:dc4237c27602ceb8ff060e0172da2f6a7e759008dba592f58b8fae0003cf0a57",
+                "sha256:dfa4948d1a2ea577e53f05e9de7396db7cddba286f2827e7177d249fc7303681",
+                "sha256:e287e894dde92fc8555ad767e240d3e604a9e25afc02eeee35e21f0d25e152b8",
+                "sha256:e56b6f687a5361bcdab3dbc776cbdeff623a976760afeadc725129e53cf13092",
+                "sha256:ecaf924ab269c8ea4006792710d93ff5d900f99a81fb74a8040b0eeff3571baf",
+                "sha256:f624dd645ed2f342015a8b9149691feaac532f26b77fd206df2d724ebf82bd14"
+            ],
+            "version": "==0.15.92"
+        },
         "scandir": {
             "hashes": [
-                "sha256:04b8adb105f2ed313a7c2ef0f1cf7aff4871aa7a1883fa4d8c44b5551ab052d6",
-                "sha256:1444134990356c81d12f30e4b311379acfbbcd03e0bab591de2696a3b126d58e",
-                "sha256:1b5c314e39f596875e5a95dd81af03730b338c277c54a454226978d5ba95dbb6",
-                "sha256:346619f72eb0ddc4cf355ceffd225fa52506c92a2ff05318cfabd02a144e7c4e",
-                "sha256:44975e209c4827fc18a3486f257154d34ec6eaec0f90fef0cca1caa482db7064",
-                "sha256:61859fd7e40b8c71e609c202db5b0c1dbec0d5c7f1449dec2245575bdc866792",
-                "sha256:a5e232a0bf188362fa00123cc0bb842d363a292de7126126df5527b6a369586a",
-                "sha256:c14701409f311e7a9b7ec8e337f0815baf7ac95776cc78b419a1e6d49889a383",
-                "sha256:c7708f29d843fc2764310732e41f0ce27feadde453261859ec0fca7865dfc41b",
-                "sha256:c9009c527929f6e25604aec39b0a43c3f831d2947d89d6caaab22f057b7055c8",
-                "sha256:f5c71e29b4e2af7ccdc03a020c626ede51da471173b4a6ad1e904f2b2e04b4bd"
+                "sha256:2586c94e907d99617887daed6c1d102b5ca28f1085f90446554abf1faf73123e",
+                "sha256:2ae41f43797ca0c11591c0c35f2f5875fa99f8797cb1a1fd440497ec0ae4b022",
+                "sha256:2b8e3888b11abb2217a32af0766bc06b65cc4a928d8727828ee68af5a967fa6f",
+                "sha256:2c712840c2e2ee8dfaf36034080108d30060d759c7b73a01a52251cc8989f11f",
+                "sha256:4d4631f6062e658e9007ab3149a9b914f3548cb38bfb021c64f39a025ce578ae",
+                "sha256:67f15b6f83e6507fdc6fca22fedf6ef8b334b399ca27c6b568cbfaa82a364173",
+                "sha256:7d2d7a06a252764061a020407b997dd036f7bd6a175a5ba2b345f0a357f0b3f4",
+                "sha256:8c5922863e44ffc00c5c693190648daa6d15e7c1207ed02d6f46a8dcc2869d32",
+                "sha256:92c85ac42f41ffdc35b6da57ed991575bdbe69db895507af88b9f499b701c188",
+                "sha256:b24086f2375c4a094a6b51e78b4cf7ca16c721dcee2eddd7aa6494b42d6d519d",
+                "sha256:cb925555f43060a1745d0a321cca94bcea927c50114b623d73179189a4e100ac"
             ],
             "markers": "python_version < '3.5'",
-            "version": "==1.9.0"
+            "version": "==1.10.0"
         },
         "sh": {
             "hashes": [
@@ -593,10 +644,10 @@
         },
         "testinfra": {
             "hashes": [
-                "sha256:499ba7201d1a0f418fa0318bf2ae28142893c4f9d49ab24af21441fdb529292f",
-                "sha256:da1d0d1ffd68935b950b7b83833d863436ea75398a5cbdc0d0ab9e61132e2088"
+                "sha256:8dbbf25039674d419598f576c5652947cebdf7cbbea8f23acacc80271009c6cb",
+                "sha256:d13dda899d5a051465f041a821363e2ebdd079391fbeae04089a2df7d35e3d54"
             ],
-            "version": "==1.16.0"
+            "version": "==1.19.0"
         },
         "tree-format": {
             "hashes": [
@@ -605,6 +656,15 @@
             ],
             "version": "==0.1.2"
         },
+        "typing": {
+            "hashes": [
+                "sha256:4027c5f6127a6267a435201981ba156de91ad0d1d98e9ddc2aa173453453492d",
+                "sha256:57dcf675a99b74d64dacf6fba08fb17cf7e3d5fdff53d4a30ea2a5e7e52543d4",
+                "sha256:a4c8473ce11a65999c8f59cb093e70686b6c84c98df58c1dae9b3b196089858a"
+            ],
+            "markers": "python_version < '3.5'",
+            "version": "==3.6.6"
+        },
         "urllib3": {
             "hashes": [
                 "sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39",
@@ -614,10 +674,10 @@
         },
         "websocket-client": {
             "hashes": [
-                "sha256:8c8bf2d4f800c3ed952df206b18c28f7070d9e3dcbd6ca6291127574f57ee786",
-                "sha256:e51562c91ddb8148e791f0155fdb01325d99bb52c4cdbb291aee7a3563fd0849"
+                "sha256:1151d5fb3a62dc129164292e1227655e4bbc5dd5340a5165dfae61128ec50aa9",
+                "sha256:1fd5520878b68b84b5748bb30e592b10d0a91529d5383f74f4964e72b297fd3a"
             ],
-            "version": "==0.54.0"
+            "version": "==0.56.0"
         },
         "whichcraft": {
             "hashes": [
@@ -628,10 +688,10 @@
         },
         "yamllint": {
             "hashes": [
-                "sha256:93e255e4bd96c7c0850bf182b09f6b35625130f15b37a0e03d8bf378d747081c",
-                "sha256:e9b7dec24921ef13180902e5dbcaae9157c773e3e3e2780ef77d3a4dd67d799f"
+                "sha256:5a53b6ebea563f944420d2964233173532af00a9579ab2c48c4cf8c56b704050",
+                "sha256:8f25759997acb42e52b96bf3af0b4b942e6516b51198bebd3402640102006af7"
             ],
-            "version": "==1.11.1"
+            "version": "==1.15.0"
         }
     },
     "develop": {}

From 54c7859894f28d7086241bebb7af2223a71c2d19 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Wed, 17 Apr 2019 19:40:37 +0200
Subject: [PATCH 091/714] Added ports check and added dependency that needs to
 be installed

---
 molecule/default/prepare.yml           |  1 +
 molecule/default/tests/test_default.py | 11 +++++++++++
 2 files changed, 12 insertions(+)

diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
index ac788955..0eb22111 100644
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
@@ -20,6 +20,7 @@
       package:
         name:
           - curl
+          - net-tools
         state: latest
       register: wazuh_manager_dependencies_packages_installed
       until: wazuh_manager_dependencies_packages_installed is succeeded
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index f2ee6ead..36711b0f 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -67,3 +67,14 @@ def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
     assert wazuh_file_host.user == wazuh_owner
     assert wazuh_file_host.group == wazuh_group
     assert wazuh_file_host.mode == wazuh_mode
+
+
+def test_open_ports(host):
+    """Test if the main port is open and the agent-auth is not open."""
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'ubuntu':
+        assert host.socket("tcp://0.0.0.0:1515").is_listening
+        assert not host.socket("tcp://0.0.0.0:1514").is_listening
+    elif distribution == 'centos':
+        assert host.socket("tcp://:::1515").is_listening
+        assert not host.socket("tcp://:::1514").is_listening

From 32e3d45ced5a0bc2ec65958e009655862399a1cb Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Wed, 24 Apr 2019 13:35:29 +0200
Subject: [PATCH 092/714] Changing CentOS install from Oracle JDK to OpenJDK

---
 .../ansible-elasticsearch/tasks/RedHat.yml           | 12 ++----------
 .../elastic-stack/ansible-logstash/tasks/RedHat.yml  | 12 ++----------
 2 files changed, 4 insertions(+), 20 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index f4da0303..a7dd1146 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -1,16 +1,8 @@
 ---
 - when: elasticsearch_install_java
   block:
-    - name: RedHat/CentOS/Fedora | download Oracle Java RPM
-      get_url:
-        url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
-        dest: /tmp/jre-8-linux-x64.rpm
-        headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
-      register: oracle_java_task_rpm_download
-
-    - name: RedHat/CentOS/Fedora | Install Oracle Java RPM
-      package: name=/tmp/jre-8-linux-x64.rpm state=present
-      when: oracle_java_task_rpm_download is defined
+    - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
+      yum: name=java-1.8.0-openjdk state=present    
       register: oracle_java_task_rpm_installed
       tags: install
 
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
index a5ad2cb3..04c79d55 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
@@ -1,16 +1,8 @@
 ---
 - when: logstash_install_java
   block:
-    - name: RedHat/CentOS/Fedora | download Oracle Java RPM
-      get_url:
-        url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
-        dest: /tmp/jre-8-linux-x64.rpm
-        headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
-      register: oracle_java_task_rpm_download
-
-    - name: RedHat/CentOS/Fedora | Install Oracle Java RPM
-      package: name=/tmp/jre-8-linux-x64.rpm state=present
-      when: oracle_java_task_rpm_download is defined
+    - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
+      yum: name=java-1.8.0-openjdk state=present    
       register: oracle_java_task_rpm_installed
       tags: install
 

From a29eb8faf47c0554cba655747798279ec0329b36 Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Wed, 24 Apr 2019 16:45:29 +0200
Subject: [PATCH 093/714] Using OpenJDK for cis-cat and for elastic at Debian
 based distros

---
 .../ansible-elasticsearch/tasks/Debian.yml    | 20 ++-----------------
 .../ansible-logstash/tasks/Debian.yml         | 19 ++----------------
 .../ansible-wazuh-agent/tasks/Debian.yml      | 20 ++-----------------
 .../ansible-wazuh-manager/tasks/Debian.yml    | 20 ++-----------------
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 17 ++--------------
 5 files changed, 10 insertions(+), 86 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 162ed42f..1957fe01 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -6,24 +6,8 @@
 
 - when: elasticsearch_install_java
   block:
-    - name: Debian/Ubuntu | Setting webupd8 repository
-      apt_repository:
-        repo: 'ppa:webupd8team/java'
-        codename: 'xenial'
-        update_cache: yes
-
-    - name: Debian/Ubuntu | Accept Oracle Java 8 license
-      debconf:
-        name: oracle-java8-installer
-        question: shared/accepted-oracle-license-v1-1
-        value: true
-        vtype: boolean
-
-    - name: Debian/Ubuntu | Oracle Java 8 installer
-      apt:
-        name: oracle-java8-installer
-        state: present
-        cache_valid_time: 3600
+    - name: Debian/Ubuntu | Install OpenJDK 1.8
+      apt: name: openjdk-8-jre state: present cache_valid_time: 3600    
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 1fc5a1f8..2966b225 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -6,23 +6,8 @@
 
 - when: logstash_install_java
   block:
-    - name: Debian/Ubuntu | Setting webupd8 repository
-      apt_repository:
-        repo: 'ppa:webupd8team/java'
-        codename: 'xenial'
-
-    - name: Debian/Ubuntu | Accept Oracle Java 8 license
-      debconf:
-        name: oracle-java8-installer
-        question: shared/accepted-oracle-license-v1-1
-        value: true
-        vtype: boolean
-
-    - name: Debian/Ubuntu | Oracle Java 8 installer
-      apt:
-        name: oracle-java8-installer
-        state: present
-        cache_valid_time: 3600
+    - name: Debian/Ubuntu | Install OpenJDK 1.8
+      apt: name: openjdk-8-jre state: present cache_valid_time: 3600    
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 5fef8bad..99ccfad7 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -22,24 +22,8 @@
   - wazuh_agent_config.cis_cat.disable == 'no'
   - wazuh_agent_config.cis_cat.install_java == 'yes'
   block:
-  - name: Debian/Ubuntu | Setting webupd8 repository
-    apt_repository:
-      repo: 'ppa:webupd8team/java'
-      codename: 'xenial'
-      update_cache: yes
-
-  - name: Debian/Ubuntu | Accept Oracle Java 8 license
-    debconf:
-      name: oracle-java8-installer
-      question: shared/accepted-oracle-license-v1-1
-      value: true
-      vtype: boolean
-
-  - name: Debian/Ubuntu | Oracle Java 8 installer
-    apt:
-      name: oracle-java8-installer
-      state: present
-      cache_valid_time: 3600
+  - name: Debian/Ubuntu | Install OpenJDK 1.8
+    apt: name: openjdk-8-jre state: present cache_valid_time: 3600       
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 05b6a5a7..95cda804 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -36,24 +36,8 @@
    - wazuh_manager_config.cis_cat.disable == 'no'
    - wazuh_manager_config.cis_cat.install_java == 'yes'
   block:
-  - name: Debian/Ubuntu | Setting webupd8 repository
-    apt_repository:
-      repo: 'ppa:webupd8team/java'
-      codename: 'xenial'
-      update_cache: yes
-
-  - name: Debian/Ubuntu | Accept Oracle Java 8 license
-    debconf:
-      name: oracle-java8-installer
-      question: shared/accepted-oracle-license-v1-1
-      value: true
-      vtype: boolean
-
-  - name: Debian/Ubuntu | Oracle Java 8 installer
-    apt:
-      name: oracle-java8-installer
-      state: present
-      cache_valid_time: 3600
+    - name: Debian/Ubuntu | Install OpenJDK 1.8
+      apt: name: openjdk-8-jre state: present cache_valid_time: 3600       
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index e603508a..cbaf45e7 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -94,27 +94,14 @@
     - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' )
     - wazuh_manager_config.cluster.disable != 'yes'
 
-- name: RedHat/CentOS/Fedora | download Oracle Java RPM
-  get_url:
-    url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
-    dest: /tmp/jre-8-linux-x64.rpm
-    headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
-  register: oracle_java_task_rpm_download
+- name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
+  yum: name=java-1.8.0-openjdk state=present    
   when:
     - wazuh_manager_config.cis_cat.disable == 'no'
     - wazuh_manager_config.cis_cat.install_java == 'yes'
   tags:
     - init
 
-- name: RedHat/CentOS/Fedora | Install Oracle Java RPM
-  package: name=/tmp/jre-8-linux-x64.rpm state=present
-  when:
-    - wazuh_manager_config.cis_cat.disable == 'no'
-    - wazuh_manager_config.cis_cat.install_java == 'yes'
-    - oracle_java_task_rpm_download is defined
-  tags:
-    - init
-
 - name: Set Distribution CIS filename for RHEL5/CentOS-5
   set_fact:
     cis_distribution_filename: cis_rhel5_linux_rcl.txt

From b84aecfa673bf4a50927603d757878d6603cdd6f Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Wed, 24 Apr 2019 17:30:40 +0200
Subject: [PATCH 094/714] Fixing syntax error at Debian tasks

---
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml | 2 +-
 roles/elastic-stack/ansible-logstash/tasks/Debian.yml      | 2 +-
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml           | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 1957fe01..4c458583 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -7,7 +7,7 @@
 - when: elasticsearch_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name: openjdk-8-jre state: present cache_valid_time: 3600    
+      apt: name= openjdk-8-jre state= present cache_valid_time= 3600    
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 2966b225..2323e8ea 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -7,7 +7,7 @@
 - when: logstash_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name: openjdk-8-jre state: present cache_valid_time: 3600    
+      apt: name= openjdk-8-jre state= present cache_valid_time= 3600    
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 99ccfad7..7f9cebe8 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -23,7 +23,7 @@
   - wazuh_agent_config.cis_cat.install_java == 'yes'
   block:
   - name: Debian/Ubuntu | Install OpenJDK 1.8
-    apt: name: openjdk-8-jre state: present cache_valid_time: 3600       
+    apt: name= openjdk-8-jre state= present cache_valid_time= 3600       
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 95cda804..05482f76 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -37,7 +37,7 @@
    - wazuh_manager_config.cis_cat.install_java == 'yes'
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name: openjdk-8-jre state: present cache_valid_time: 3600       
+      apt: name= openjdk-8-jre state= present cache_valid_time= 3600       
   tags:
     - init
 

From 9e2276091143859785469e45f1c6dc29a59aa3ab Mon Sep 17 00:00:00 2001
From: l <luisgguijarro9@gmail.com>
Date: Wed, 24 Apr 2019 17:41:27 +0200
Subject: [PATCH 095/714] Fixing whitespaces

---
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml | 2 +-
 roles/elastic-stack/ansible-logstash/tasks/Debian.yml      | 2 +-
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml           | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 4c458583..7f4602f2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -7,7 +7,7 @@
 - when: elasticsearch_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name= openjdk-8-jre state= present cache_valid_time= 3600    
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600    
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 2323e8ea..18d1c9ea 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -7,7 +7,7 @@
 - when: logstash_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name= openjdk-8-jre state= present cache_valid_time= 3600    
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600    
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 7f9cebe8..540bc4ec 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -23,7 +23,7 @@
   - wazuh_agent_config.cis_cat.install_java == 'yes'
   block:
   - name: Debian/Ubuntu | Install OpenJDK 1.8
-    apt: name= openjdk-8-jre state= present cache_valid_time= 3600       
+    apt: name=openjdk-8-jre state=present cache_valid_time=3600       
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 05482f76..b90bb188 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -37,7 +37,7 @@
    - wazuh_manager_config.cis_cat.install_java == 'yes'
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name= openjdk-8-jre state= present cache_valid_time= 3600       
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600       
   tags:
     - init
 

From af758690a16b0847b845bcaf57a43ee5598621d4 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Sat, 27 Apr 2019 15:26:18 +0200
Subject: [PATCH 096/714] Added molecule test for the Wazuh Agent

---
 .travis.yml                                   |  3 +-
 .vscode/settings.json                         |  3 +
 Pipfile                                       |  1 +
 README.md                                     |  1 +
 molecule/default/molecule.yml                 |  8 +-
 molecule/default/playbook.yml                 | 11 ++-
 molecule/default/prepare.yml                  |  2 +-
 molecule/wazuh-agent/Dockerfile.j2            | 14 ++++
 molecule/wazuh-agent/INSTALL.rst              | 22 +++++
 molecule/wazuh-agent/molecule.yml             | 82 +++++++++++++++++++
 molecule/wazuh-agent/playbook.yml             | 20 +++++
 molecule/wazuh-agent/prepare.yml              | 43 ++++++++++
 molecule/wazuh-agent/tests/test_agents.py     | 23 ++++++
 molecule/wazuh-agent/tests/test_manager.py    | 15 ++++
 playbooks/wazuh-agent.yml                     |  1 +
 playbooks/wazuh-elastic.yml                   |  1 +
 playbooks/wazuh-elastic_stack-distributed.yml |  1 +
 playbooks/wazuh-elastic_stack-single.yml      |  1 +
 playbooks/wazuh-kibana.yml                    |  1 +
 playbooks/wazuh-logstash.yml                  |  1 +
 playbooks/wazuh-manager.yml                   |  1 +
 roles/ansible-galaxy/meta/main.yml            | 26 +++---
 .../ansible-elasticsearch/defaults/main.yml   |  2 +-
 .../ansible-elasticsearch/meta/main.yml       | 24 +++---
 .../ansible-elasticsearch/tasks/Debian.yml    |  4 +-
 .../ansible-elasticsearch/tasks/RedHat.yml    |  2 +-
 .../ansible-elasticsearch/tasks/main.yml      | 11 +--
 .../ansible-kibana/defaults/main.yml          |  1 -
 .../ansible-kibana/meta/main.yml              | 24 +++---
 .../ansible-kibana/tasks/Debian.yml           |  2 +-
 .../ansible-kibana/tasks/RedHat.yml           |  2 +-
 .../ansible-kibana/tasks/main.yml             | 11 ++-
 .../ansible-logstash/defaults/main.yml        |  4 +-
 .../ansible-logstash/meta/main.yml            | 24 +++---
 .../ansible-logstash/tasks/Debian.yml         |  6 +-
 .../ansible-logstash/tasks/RedHat.yml         |  6 +-
 .../ansible-logstash/tasks/main.yml           |  6 +-
 roles/wazuh/ansible-filebeat/meta/main.yml    | 30 +++----
 roles/wazuh/ansible-filebeat/tasks/Debian.yml |  2 +-
 roles/wazuh/ansible-filebeat/tasks/RedHat.yml |  2 +-
 roles/wazuh/ansible-filebeat/tasks/main.yml   |  4 +-
 .../ansible-wazuh-agent/defaults/main.yml     | 19 ++---
 roles/wazuh/ansible-wazuh-agent/meta/main.yml | 28 +++----
 .../ansible-wazuh-agent/tasks/Debian.yml      | 81 +++++++++++-------
 .../wazuh/ansible-wazuh-agent/tasks/Linux.yml | 36 ++++----
 .../ansible-wazuh-agent/tasks/RMDebian.yml    |  1 +
 .../ansible-wazuh-agent/tasks/RMRedHat.yml    |  1 +
 .../ansible-wazuh-agent/tasks/RedHat.yml      | 25 +++++-
 .../ansible-wazuh-agent/tasks/Windows.yml     | 30 ++++---
 .../var-ossec-etc-ossec-agent.conf.j2         |  2 +-
 .../ansible-wazuh-agent/vars/api_pass.yml     |  2 +-
 .../ansible-wazuh-agent/vars/authd_pass.yml   |  2 +-
 .../ansible-wazuh-manager/defaults/main.yml   | 80 +++++++++---------
 .../ansible-wazuh-manager/tasks/Debian.yml    | 68 +++++++--------
 .../ansible-wazuh-manager/tasks/RMDebian.yml  |  4 +-
 .../ansible-wazuh-manager/tasks/RMRedHat.yml  |  4 +-
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 14 ++--
 .../ansible-wazuh-manager/tasks/main.yml      | 14 ++--
 .../ansible-wazuh-manager/vars/authd_pass.yml |  2 +-
 59 files changed, 567 insertions(+), 294 deletions(-)
 create mode 100644 .vscode/settings.json
 create mode 100644 molecule/wazuh-agent/Dockerfile.j2
 create mode 100644 molecule/wazuh-agent/INSTALL.rst
 create mode 100644 molecule/wazuh-agent/molecule.yml
 create mode 100644 molecule/wazuh-agent/playbook.yml
 create mode 100644 molecule/wazuh-agent/prepare.yml
 create mode 100644 molecule/wazuh-agent/tests/test_agents.py
 create mode 100644 molecule/wazuh-agent/tests/test_manager.py

diff --git a/.travis.yml b/.travis.yml
index aac58527..97c0427b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,4 +4,5 @@ before_script:
   - pip install pipenv
   - pipenv install --dev --system
 script:
-  - pipenv run test
\ No newline at end of file
+  - pipenv run test
+  - pipenv run agent
diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 00000000..f4dff794
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+    "python.pythonPath": "/Users/wdijkerman/.venv3/bin/python"
+}
\ No newline at end of file
diff --git a/Pipfile b/Pipfile
index 2c25c24e..2bc7a896 100644
--- a/Pipfile
+++ b/Pipfile
@@ -15,3 +15,4 @@ python_version = "2.7"
 
 [scripts]
 test ="molecule test"
+agent ="molecule test -s wazuh-agent"
diff --git a/README.md b/README.md
index 0b11749f..e91018c8 100644
--- a/README.md
+++ b/README.md
@@ -53,6 +53,7 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 pip install pipenv
 sudo pipenv install
 pipenv run test
+pipenv run agent
 ```
 
 ## Contribute
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index cb20e33f..f37858bc 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -5,13 +5,13 @@ driver:
   name: docker
 lint:
   name: yamllint
-  enabled: false # fix in seperate PR
+  enabled: false
 platforms:
   - name: bionic
     image: ubuntu:bionic
   - name: xenial
     image: solita/ubuntu-systemd:xenial
-    privileged: True
+    privileged: true
     command: /sbin/init
   - name: trusty
     image: ubuntu:trusty
@@ -19,14 +19,14 @@ platforms:
     image: centos:6
   - name: centos7
     image: milcom/centos7-systemd
-    privileged: True
+    privileged: true
 provisioner:
   name: ansible
   env:
     ANSIBLE_ROLES_PATH: ../../roles
   lint:
     name: ansible-lint
-    enabled: true # fix in seperate PR
+    enabled: true
 scenario:
   name: default
   test_sequence:
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index a1865ee8..ba33c758 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -4,9 +4,8 @@
   roles:
     - role: wazuh/ansible-wazuh-manager
 
-
-    # - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
-    # Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
-    #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-    #- {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
-    #- {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
\ No newline at end of file
+# - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
+# Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
+# - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+# - {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
+# - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
index 0eb22111..1aa45e29 100644
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
@@ -1,7 +1,7 @@
 ---
 - name: Prepare
   hosts: all
-  gather_facts: True
+  gather_facts: true
   tasks:
 
     - name: "Install Python packages for Trusty to solve trust issues"
diff --git a/molecule/wazuh-agent/Dockerfile.j2 b/molecule/wazuh-agent/Dockerfile.j2
new file mode 100644
index 00000000..e6aa95d3
--- /dev/null
+++ b/molecule/wazuh-agent/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/wazuh-agent/INSTALL.rst b/molecule/wazuh-agent/INSTALL.rst
new file mode 100644
index 00000000..6a44bde9
--- /dev/null
+++ b/molecule/wazuh-agent/INSTALL.rst
@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[docker]'
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
new file mode 100644
index 00000000..f64bc114
--- /dev/null
+++ b/molecule/wazuh-agent/molecule.yml
@@ -0,0 +1,82 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: wazuh_server_centos7
+    image: milcom/centos7-systemd
+    networks:
+      - name: wazuh
+    privileged: true
+    groups:
+      - manager
+  - name: wazuh_agent_bionic
+    image: ubuntu:bionic
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    command: /sbin/init
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_trusty
+    image: ubuntu:trusty
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_centos6
+    image: centos:6
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  - name: wazuh_agent_centos7
+    image: milcom/centos7-systemd
+    privileged: true
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  inventory:
+    group_vars:
+      agent:
+        api_pass: password
+        wazuh_managers:
+          - address: "{{ wazuh_manager_ip }}"
+            port: 1514
+            protocol: tcp
+            api_port: 55000
+            api_proto: 'http'
+            api_user: null
+        wazuh_agent_authd:
+          enable: true
+          port: 1515
+          ssl_agent_ca: null
+          ssl_agent_cert: null
+          ssl_agent_key: null
+          ssl_auto_negotiate: 'no'
+
+  lint:
+    name: ansible-lint
+    enabled: true
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml
new file mode 100644
index 00000000..5b869569
--- /dev/null
+++ b/molecule/wazuh-agent/playbook.yml
@@ -0,0 +1,20 @@
+---
+- name: Converge
+  hosts: agent
+  pre_tasks:
+    - name: "Get ip Wazuh Manager"
+      shell: |
+        set -o pipefail
+        grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 2 | tail -n 1
+      register: wazuh_manager_ip_stdout
+      changed_when: false
+      delegate_to: wazuh_server_centos7
+      args:
+        executable: /bin/bash
+
+    - name: "Set fact for ip address"
+      set_fact:
+        wazuh_manager_ip: "{{ wazuh_manager_ip_stdout.stdout }}"
+
+  roles:
+    - role: wazuh/ansible-wazuh-agent
diff --git a/molecule/wazuh-agent/prepare.yml b/molecule/wazuh-agent/prepare.yml
new file mode 100644
index 00000000..ddb1bbe1
--- /dev/null
+++ b/molecule/wazuh-agent/prepare.yml
@@ -0,0 +1,43 @@
+---
+- name: Prepare
+  hosts: manager
+  gather_facts: true
+  tasks:
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+
+- name: Prepare
+  hosts: agent
+  gather_facts: true
+  tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_agent_dependencies_packages_installed
+      until: wazuh_agent_dependencies_packages_installed is succeeded
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
new file mode 100644
index 00000000..5867dc2f
--- /dev/null
+++ b/molecule/wazuh-agent/tests/test_agents.py
@@ -0,0 +1,23 @@
+import os
+import pytest
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent')
+
+
+def test_ossec_package_installed(Package):
+    ossec = Package('wazuh-agent')
+    assert ossec.is_installed
+
+
+@pytest.mark.parametrize("wazuh_service, wazuh_owner", (
+        ("ossec-agentd", "ossec"),
+        ("ossec-execd", "root"),
+        ("ossec-syscheckd", "root"),
+        ("wazuh-modulesd", "root"),
+))
+def test_wazuh_processes_running(host, wazuh_service, wazuh_owner):
+    master = host.process.get(user=wazuh_owner, comm=wazuh_service)
+    assert master.args == "/var/ossec/bin/" + wazuh_service
diff --git a/molecule/wazuh-agent/tests/test_manager.py b/molecule/wazuh-agent/tests/test_manager.py
new file mode 100644
index 00000000..9b085b2b
--- /dev/null
+++ b/molecule/wazuh-agent/tests/test_manager.py
@@ -0,0 +1,15 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('manager')
+
+
+def test_agents_registered_on_manager(host):
+    cmd = host.run("/var/ossec/bin/manage_agents -l")
+    assert 'wazuh_agent_bionic' in cmd.stdout
+    assert 'wazuh_agent_xenial' in cmd.stdout
+    assert 'wazuh_agent_trusty' in cmd.stdout
+    assert 'wazuh_agent_centos6' in cmd.stdout
+    assert 'wazuh_agent_centos7' in cmd.stdout
diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
index ff957834..8c7eaa69 100644
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your wazuh agents hosts>
   roles:
     - /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-agent
diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
index 57b78a49..0c3b0a61 100644
--- a/playbooks/wazuh-elastic.yml
+++ b/playbooks/wazuh-elastic.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your elasticsearch host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'your elasticsearch IP'}
diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 3be6a35f..6bdf4857 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index 37be4d9c..9d3d761a 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your single server host>
   roles:
       - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager}
diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml
index 7c0a0d3c..e2418200 100644
--- a/playbooks/wazuh-kibana.yml
+++ b/playbooks/wazuh-kibana.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your kibana host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'your elasticsearch IP'}
diff --git a/playbooks/wazuh-logstash.yml b/playbooks/wazuh-logstash.yml
index 2ff2fa4e..e3d44687 100644
--- a/playbooks/wazuh-logstash.yml
+++ b/playbooks/wazuh-logstash.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your logstash host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"]}
diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index f852fcf8..dc2ad637 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -1,3 +1,4 @@
+---
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
diff --git a/roles/ansible-galaxy/meta/main.yml b/roles/ansible-galaxy/meta/main.yml
index 69536782..ba759c5c 100644
--- a/roles/ansible-galaxy/meta/main.yml
+++ b/roles/ansible-galaxy/meta/main.yml
@@ -5,7 +5,7 @@ dependencies: []
 galaxy_info:
   author: Wazuh
   categories:
-  - monitoring
+    - monitoring
   company: wazuh.com
   description: Installing, deploying and configuring Wazuh Manager.
   galaxy_tags:
@@ -15,15 +15,15 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: Debian
-    versions:
-    - all
-  - name: EL
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
+    - name: Debian
+      versions:
+        - all
+    - name: EL
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 9e397d4a..4103bca6 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -7,4 +7,4 @@ elasticsearch_jvm_xms: null
 elastic_stack_version: 6.7.1
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
-elasticsearch_install_java: yes
+elasticsearch_install_java: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/meta/main.yml b/roles/elastic-stack/ansible-elasticsearch/meta/main.yml
index d71fbd62..10cd1a2c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/meta/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/meta/main.yml
@@ -6,18 +6,18 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
+    - name: EL
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
   galaxy_tags:
     - web
     - system
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 162ed42f..b513f04e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -10,7 +10,7 @@
       apt_repository:
         repo: 'ppa:webupd8team/java'
         codename: 'xenial'
-        update_cache: yes
+        update_cache: true
 
     - name: Debian/Ubuntu | Accept Oracle Java 8 license
       debconf:
@@ -36,7 +36,7 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     filename: 'elastic_repo'
-    update_cache: yes
+    update_cache: true
 
 - name: Debian/Ubuntu | Install Elasticsarch
   apt:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index f4da0303..e86a6172 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -20,7 +20,7 @@
     description: Elastic repository for 6.x packages
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
-    gpgcheck: yes
+    gpgcheck: true
 
 - name: RedHat/CentOS/Fedora | Install Elasticsarch
   package: name=elasticsearch-{{ elastic_stack_version }} state=present
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 59401884..a1f44f88 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -68,19 +68,20 @@
   notify: restart elasticsearch
   tags: configure
 
+# fix in new PR (ignore_errors)
 - name: Reload systemd
-  systemd: daemon_reload=yes
-  ignore_errors: yes #fix in new PR
-  when: 
+  systemd: daemon_reload=true
+  ignore_errors: true
+  when:
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
 
 - name: Ensure Elasticsearch started and enabled
-  ignore_errors: yes
+  ignore_errors: true
   service:
     name: elasticsearch
-    enabled: yes
+    enabled: true
     state: started
 
 - name: Make sure Elasticsearch is running before proceeding
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 5853f636..4d02fb77 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,4 +5,3 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.7.1
 wazuh_version: 3.8.2
-
diff --git a/roles/elastic-stack/ansible-kibana/meta/main.yml b/roles/elastic-stack/ansible-kibana/meta/main.yml
index bf9b17ce..90234871 100644
--- a/roles/elastic-stack/ansible-kibana/meta/main.yml
+++ b/roles/elastic-stack/ansible-kibana/meta/main.yml
@@ -6,18 +6,18 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
+    - name: EL
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
   galaxy_tags:
     - web
     - system
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index a7db7dee..097b19db 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -14,7 +14,7 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     filename: 'elastic_repo'
-    update_cache: yes
+    update_cache: true
 
 - name: Debian/Ubuntu | Install Kibana
   apt:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
index daf72af4..f5fe2935 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
@@ -5,7 +5,7 @@
     description: Elastic repository for 6.x packages
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
-    gpgcheck: yes
+    gpgcheck: true
 
 - name: RedHat/CentOS/Fedora | Install Kibana
   package: name=kibana-{{ elastic_stack_version }} state=present
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index b64d0a6b..43e369c8 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -8,12 +8,11 @@
 - name: Make sure Elasticsearch is running before proceeding.
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
   tags: configure
-  ignore_errors: yes # fix
-  wait_for: 50
+  ignore_errors: true
 
 - name: Reload systemd
-  systemd: daemon_reload=yes
-  ignore_errors: yes
+  systemd: daemon_reload=true
+  ignore_errors: true
   when:
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
@@ -34,7 +33,7 @@
   args:
     removes: /usr/share/kibana/plugins/wazuh/package.json
   register: wazuh_app_verify
-  changed_when: False
+  changed_when: false
   tags: install
 
 - name: Removing old Wazuh-APP
@@ -59,7 +58,7 @@
 - name: Ensure Kibana started and enabled
   service:
     name: kibana
-    enabled: yes
+    enabled: true
     state: started
 
 - import_tasks: RMRedHat.yml
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 208301be..a83f68cc 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -2,7 +2,7 @@
 logstash_create_config: true
 logstash_input_beats: false
 
-#You can introduce Multiples IPs
+# You can introduce Multiples IPs
 # elasticseacrh_network_host: ["Localhost1", "Localhost2", "Localhost3", ...]
 elasticsearch_network_host: ["Localhost"]
 
@@ -16,4 +16,4 @@ logstash_ssl_dir: /etc/pki/logstash
 logstash_ssl_certificate_file: ""
 logstash_ssl_key_file: ""
 
-logstash_install_java: yes
+logstash_install_java: true
diff --git a/roles/elastic-stack/ansible-logstash/meta/main.yml b/roles/elastic-stack/ansible-logstash/meta/main.yml
index bf9b17ce..90234871 100644
--- a/roles/elastic-stack/ansible-logstash/meta/main.yml
+++ b/roles/elastic-stack/ansible-logstash/meta/main.yml
@@ -6,18 +6,18 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
+    - name: EL
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
   galaxy_tags:
     - web
     - system
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 1fc5a1f8..7d286853 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -40,7 +40,7 @@
   apt:
     name: "logstash=1:{{ elastic_stack_version }}-1"
     state: present
-    update_cache: yes
+    update_cache: true
   tags: install
 
 - name: Debian/Ubuntu | Checking if wazuh-manager is installed
@@ -48,13 +48,13 @@
   register: wazuh_manager_check_deb
   when: logstash_input_beats == false
   args:
-    warn: no
+    warn: false
 
 - name: Debian/Ubuntu | Add user logstash to group ossec
   user:
     name: logstash
     groups: ossec
-    append: yes
+    append: true
   when:
     - logstash_input_beats == false
     - wazuh_manager_check_deb.rc == 0
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
index a5ad2cb3..ad861bb5 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
@@ -20,7 +20,7 @@
     description: Elastic repository for 6.x packages
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
-    gpgcheck: yes
+    gpgcheck: true
 
 - name: RedHat/CentOS/Fedora | Install Logstash
   package: name=logstash-{{ elastic_stack_version }} state=present
@@ -32,13 +32,13 @@
   register: wazuh_manager_check_rpm
   when: logstash_input_beats == false
   args:
-    warn: no
+    warn: false
 
 - name: RedHat/CentOS/Fedora | Add user logstash to group ossec
   user:
     name: logstash
     groups: ossec
-    append: yes
+    append: true
   when:
     - logstash_input_beats == false
     - wazuh_manager_check_rpm.rc == 0
diff --git a/roles/elastic-stack/ansible-logstash/tasks/main.yml b/roles/elastic-stack/ansible-logstash/tasks/main.yml
index a53ab166..e114a82f 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/main.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/main.yml
@@ -10,7 +10,7 @@
 
 - name: Reload systemd
   systemd: daemon_reload=yes
-  ignore_errors: yes
+  ignore_errors: true
   when:
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
@@ -23,13 +23,13 @@
 - name: Ensure Logstash started and enabled
   service:
     name: logstash
-    enabled: yes
+    enabled: true
     state: started
 
 - name: Amazon Linux start Logstash
   service:
     name: logstash
-    enabled: yes
+    enabled: true
     state: started
   when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
diff --git a/roles/wazuh/ansible-filebeat/meta/main.yml b/roles/wazuh/ansible-filebeat/meta/main.yml
index e010fea4..240b2d08 100644
--- a/roles/wazuh/ansible-filebeat/meta/main.yml
+++ b/roles/wazuh/ansible-filebeat/meta/main.yml
@@ -8,21 +8,21 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: EL
-    versions:
-    - 6
-    - 7
-  - name: Fedora
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - jessie
-  - name: Ubuntu
-    versions:
-    - precise
-    - trusty
-    - xenial
+    - name: EL
+      versions:
+        - 6
+        - 7
+    - name: Fedora
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - jessie
+    - name: Ubuntu
+      versions:
+        - precise
+        - trusty
+        - xenial
   galaxy_tags:
     - web
     - system
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 226f145e..455034d6 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -14,4 +14,4 @@
   apt_repository:
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
-    update_cache: yes
+    update_cache: true
diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
index cb2ab772..80798897 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
@@ -5,4 +5,4 @@
     description: Elastic repository for 6.x packages
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
-    gpgcheck: yes
+    gpgcheck: true
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 5138e2d8..94cd5765 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -15,7 +15,7 @@
 
 - name: Reload systemd
   systemd: daemon_reload=yes
-  ignore_errors: yes
+  ignore_errors: true
   when:
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
@@ -25,7 +25,7 @@
   service:
     name: filebeat
     state: started
-    enabled: yes
+    enabled: true
 
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index d35983c6..0aea8e4f 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -29,10 +29,10 @@ wazuh_winagent_config:
   md5: 43936e7bc7eb51bd186f47dac4a6f477
 wazuh_agent_config:
   active_response:
-     ar_disabled: 'no'
-     ca_store: '/var/ossec/etc/wpk_root.pem'
-     ca_store_win: 'wpk_root.pem'
-     ca_verification: 'yes'
+    ar_disabled: 'no'
+    ca_store: '/var/ossec/etc/wpk_root.pem'
+    ca_store_win: 'wpk_root.pem'
+    ca_verification: 'yes'
   log_format: 'plain'
   client_buffer:
     disable: 'no'
@@ -49,7 +49,6 @@ wazuh_agent_config:
     skip_nfs: 'yes'
     ignore:
       - /etc/mtab
-      #- /etc/mnttab
       - /etc/hosts.deny
       - /etc/mail/statistics
       - /etc/random-seed
@@ -247,7 +246,7 @@ wazuh_agent_config:
     content:
       - type: 'xccdf'
         path: 'benchmarks/CIS_Ubuntu_Linux_16.04_LTS_Benchmark_v1.0.0-xccdf.xml'
-        profile: 'xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Server' 
+        profile: 'xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Server'
   vuls:
     disable: 'yes'
     interval: '1d'
@@ -273,7 +272,7 @@ wazuh_agent_config:
         location: '/var/log/messages'
       - format: 'syslog'
         location: '/var/log/secure'
-      - format: 'syslog' 
+      - format: 'syslog'
         location: '/var/log/maillog'
       - format: 'audit'
         location: '/var/log/audit/audit.log'
@@ -285,17 +284,17 @@ wazuh_agent_config:
         frequency: '360'
       - format: 'full_command'
         command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
-        alias: 'netstat listening ports'      
+        alias: 'netstat listening ports'
         frequency: '360'
       - format: 'full_command'
         command: 'last -n 20'
         frequency: '360'
     windows:
-      - format: 'eventlog' 
+      - format: 'eventlog'
         location: 'Application'
       - format: 'eventchannel'
         location: 'Security'
-        query: 'Event/System[EventID != 5145 and EventID != 5156 and EventID != 5447 and EventID != 4656 and EventID != 4658 and EventID != 4663 and EventID != 4660 and EventID != 4670 and EventID != 4690 and EventID != 4703 and EventID != 4907]'  
+        query: 'Event/System[EventID != 5145 and EventID != 5156 and EventID != 5447 and EventID != 4656 and EventID != 4658 and EventID != 4663 and EventID != 4660 and EventID != 4670 and EventID != 4690 and EventID != 4703 and EventID != 4907]'
       - format: 'eventlog'
         location: 'System'
       - format: 'syslog'
diff --git a/roles/wazuh/ansible-wazuh-agent/meta/main.yml b/roles/wazuh/ansible-wazuh-agent/meta/main.yml
index 0b2e0a98..7cd460c4 100644
--- a/roles/wazuh/ansible-wazuh-agent/meta/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/meta/main.yml
@@ -6,18 +6,18 @@ galaxy_info:
   license: license (GPLv3)
   min_ansible_version: 2.0
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
-  - name: Debian
-    versions:
-    - all
-  - name: Fedora
-    versions:
-    - all
-  categories:
-  - monitoring
+    - name: EL
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+  galaxy_tags:
+    - monitoring
 dependencies: []
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 5fef8bad..b00c8ffe 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,60 +1,83 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: ['apt-transport-https', 'ca-certificates']
+    name:
+      - apt-transport-https
+      - ca-certificates
     state: present
+  register: wazuh_agent_ca_package_install
+  until: wazuh_agent_ca_package_install is succeeded
 
-- name: Debian/Ubuntu | Installing repository key
+- name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
+  become: true
+  shell: |
+    set -o pipefail
+    curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
+  args:
+    warn: false
+    executable: /bin/bash
+  changed_when: false
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+
+- name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  when:
+    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
     repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     state: present
-    update_cache: yes
+    update_cache: true
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
   set_fact:
     cis_distribution_filename: cis_debian_linux_rcl.txt
   when: ansible_os_family == "Debian"
 
-- when:
-  - wazuh_agent_config.cis_cat.disable == 'no'
-  - wazuh_agent_config.cis_cat.install_java == 'yes'
-  block:
-  - name: Debian/Ubuntu | Setting webupd8 repository
-    apt_repository:
-      repo: 'ppa:webupd8team/java'
-      codename: 'xenial'
-      update_cache: yes
+- block:
+    - name: Debian/Ubuntu | Setting webupd8 repository
+      apt_repository:
+        repo: 'ppa:webupd8team/java'
+        codename: 'xenial'
+        update_cache: true
 
-  - name: Debian/Ubuntu | Accept Oracle Java 8 license
-    debconf:
-      name: oracle-java8-installer
-      question: shared/accepted-oracle-license-v1-1
-      value: true
-      vtype: boolean
+    - name: Debian/Ubuntu | Accept Oracle Java 8 license
+      debconf:
+        name: oracle-java8-installer
+        question: shared/accepted-oracle-license-v1-1
+        value: true
+        vtype: boolean
 
-  - name: Debian/Ubuntu | Oracle Java 8 installer
-    apt:
-      name: oracle-java8-installer
-      state: present
-      cache_valid_time: 3600
+    - name: Debian/Ubuntu | Oracle Java 8 installer
+      apt:
+        name: oracle-java8-installer
+        state: present
+        cache_valid_time: 3600
+  when:
+    - wazuh_agent_config.cis_cat.disable == 'no'
+    - wazuh_agent_config.cis_cat.install_java == 'yes'
   tags:
     - init
 
 - name: Debian/Ubuntu | Install OpenScap
   apt:
-    name: ['libopenscap8', 'xsltproc']
+    name:
+      - libopenscap8
+      - xsltproc
     state: present
-    when: wazuh_agent_config.openscap.disable == 'no'
-    tags:
-        - init
+  when: wazuh_agent_config.openscap.disable == 'no'
+  tags:
+    - init
+  register: wazuh_agent_OpenScap_package_install
+  until: wazuh_agent_OpenScap_package_install is succeeded
 
 - name: Debian/Ubuntu | Get OpenScap installed version
   shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
   register: openscap_version
-  changed_when: true
+  changed_when: false
   when: wazuh_agent_config.openscap.disable == 'no'
   tags:
     - config
@@ -62,7 +85,7 @@
 - name: Debian/Ubuntu | Check OpenScap version
   shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
   register: openscap_version_valid
-  changed_when: true
+  changed_when: false
   when: wazuh_agent_config.openscap.disable == 'no'
   tags:
     - config
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 2578ce19..76721362 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -53,16 +53,16 @@
       vars:
         agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
       when:
-        - check_keys.stat.exists == false or check_keys.stat.size == 0
+        - not check_keys.stat.exists or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
 
     - name: Linux | Verify agent registration
       shell: echo {{ agent_auth_output }} | grep "Valid key created"
       when:
-        - check_keys.stat.exists == false or check_keys.stat.size == 0
+        - not check_keys.stat.exists or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
 
-  when: wazuh_agent_authd.enable == true
+  when: wazuh_agent_authd.enable
   tags:
     - config
     - authd
@@ -76,9 +76,9 @@
     - name: Linux | Create the agent key via rest-API
       uri:
         url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/"
-        validate_certs: no
+        validate_certs: false
         method: POST
-        body: {"name":"{{ agent_name }}"}
+        body: '{"name":"{{ agent_name }}"}'
         body_format: json
         status_code: 200
         headers:
@@ -86,29 +86,30 @@
         user: "{{ wazuh_managers.0.api_user }}"
         password: "{{ api_pass }}"
       register: newagent_api
-      changed_when: newagent_api.json.error == 0
+      # changed_when: newagent_api.json.error == 0
       vars:
-        agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"      
+        agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
       when:
-        - check_keys.stat.exists == false or check_keys.stat.size == 0
+        - not check_keys.stat.exists or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
-      become: no
+      become: false
+      ignore_errors: true
 
     - name: Linux | Retieve new agent data via rest-API
       uri:
         url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
-        validate_certs: no
+        validate_certs: false
         method: GET
-        return_content: yes
+        return_content: true
         user: "{{ wazuh_managers.0.api_user }}"
         password: "{{ api_pass }}"
       when:
-        - check_keys.stat.exists == false or check_keys.stat.size == 0
+        - not check_keys.stat.exists or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
         - newagent_api.json.error == 0
       register: newagentdata_api
       delegate_to: localhost
-      become: no
+      become: false
 
     - name: Linux | Register agent (via rest-API)
       command: /var/ossec/bin/manage_agents
@@ -121,12 +122,13 @@
         OSSEC_ACTION_CONFIRMED: y
       register: manage_agents_output
       when:
-        - check_keys.stat.exists == false or check_keys.stat.size == 0
+        - not check_keys.stat.exists or check_keys.stat.size == 0
         - wazuh_managers.0.address is not none
         - newagent_api.changed
       notify: restart wazuh-agent
 
-  when: wazuh_agent_authd.enable == false
+  when:
+    - not wazuh_agent_authd.enable
   tags:
     - config
     - api
@@ -139,7 +141,7 @@
   poll: 0
   when:
     - wazuh_agent_config.vuls.disable != 'yes'
-    - ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
+    - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle']
   tags:
     - init
 
@@ -168,7 +170,7 @@
 - name: Linux | Ensure Wazuh Agent service is started and enabled
   service:
     name: wazuh-agent
-    enabled: yes
+    enabled: true
     state: started
 
 - import_tasks: "RMRedHat.yml"
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
index a392c44d..76ed22e2 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
@@ -3,3 +3,4 @@
   apt_repository:
     repo: deb https://packages.wazuh.com/apt {{ ansible_distribution_release }} main
     state: absent
+  changed_when: false
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
index 0d131cca..32bc6fce 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
@@ -3,3 +3,4 @@
   yum_repository:
     name: wazuh_repo
     state: absent
+  changed_when: false
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 4ec27997..33382e28 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -5,7 +5,8 @@
     description: Wazuh repository
     baseurl: https://packages.wazuh.com/3.x/yum/
     gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
-    gpgcheck: yes
+    gpgcheck: true
+  changed_when: false
   when:
     - ansible_distribution_major_version|int > 5
 
@@ -15,7 +16,8 @@
     description: Wazuh repository
     baseurl: https://packages.wazuh.com/3.x/yum/5/
     gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH-5
-    gpgcheck: yes
+    gpgcheck: true
+  changed_when: false
   when:
     - ansible_distribution_major_version|int == 5
 
@@ -25,7 +27,8 @@
     description: Wazuh repository
     baseurl: https://packages.wazuh.com/3.x/yum/
     gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
-    gpgcheck: yes
+    gpgcheck: true
+  changed_when: false
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
@@ -35,6 +38,7 @@
     dest: /tmp/jre-8-linux-x64.rpm
     headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
   register: oracle_java_task_rpm_download
+  until: oracle_java_task_rpm_download is succeeded
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
     - wazuh_agent_config.cis_cat.install_java == 'yes'
@@ -43,6 +47,8 @@
 
 - name: RedHat/CentOS/Fedora | Install Oracle Java RPM
   package: name=/tmp/jre-8-linux-x64.rpm state=present
+  register: wazuh_agent_java_package_install
+  until: wazuh_agent_java_package_install is succeeded
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
     - wazuh_agent_config.cis_cat.install_java == 'yes'
@@ -63,10 +69,21 @@
 - name: Set Distribution CIS filename for RHEL7
   set_fact:
     cis_distribution_filename: cis_rhel7_linux_rcl.txt
-  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == "7") or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
+  when:
+    - ansible_os_family == "RedHat"
+    - ansible_distribution_major_version == "7"
+
+- name: Set Distribution CIS filename for RHEL7 (Amazon)
+  set_fact:
+    cis_distribution_filename: cis_rhel7_linux_rcl.txt
+  when:
+    - ansible_distribution == "Amazon"
+    - ansible_distribution_major_version == "NA"
 
 - name: RedHat/CentOS/RedHat | Install openscap
   package: name=openscap-scanner state=present
+  register: wazuh_agent_openscap_package_install
+  until: wazuh_agent_openscap_package_install is succeeded
   when: wazuh_agent_config.openscap.disable == 'no'
   tags:
     - init
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 913f2453..6a8a93ac 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -1,18 +1,22 @@
 ---
 - name: Windows | Check if Program Files (x86) exists
-  win_stat: 
+  win_stat:
     path: C:\Program Files (x86)
   register: check_path
 
+- name: "Set Win Path"
+  set_fact:
+    wazuh_agent_win_path: "{% wazuh_winagent_config.install_dir_x86 if check_path.stat.exists else wazuh_winagent_config.install_dir %}"
+
 - name: Windows | Get current installed version
-  win_shell: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
+  win_shell: "{% if check_path.stat.exists %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
   {{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe -h"
   args:
-    removes: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
+    removes: "{% if check_path.stat.exists %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
     {{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe"
   register: agent_version
-  failed_when: False
-  changed_when: False
+  failed_when: false
+  changed_when: false
 
 - name: Windows | Check Wazuh agent version installed
   set_fact: correct_version=true
@@ -30,7 +34,7 @@
 - name: Windows | Verify the downloaded Wazuh agent installer
   win_stat:
     path: C:\wazuh-agent-installer.msi
-    get_checksum: yes
+    get_checksum: true
     checksum_algorithm: md5
   register: installer_md5
   when:
@@ -45,7 +49,7 @@
     - correct_version is not defined
 
 - name: Windows | Check if client.keys exists
-  win_stat: path="{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}client.keys"
+  win_stat: path="{{ wazuh_agent_win_path }}"
   register: check_windows_key
   notify: restart wazuh-agent windows
   tags:
@@ -58,18 +62,18 @@
 
 - name: Windows | Register agent
   win_shell: >
-    {% if check_path.stat.exists == true %}{{ wazuh_winagent_config.auth_path_x86 }}{% else %}
+    {% if check_path.stat.exists %}{{ wazuh_winagent_config.auth_path_x86 }}{% else %}
     {{ wazuh_winagent_config.auth_path }}{% endif %}
     -m {{ wazuh_managers.0.address }}
     -p {{ wazuh_agent_authd.port }}
     {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
   args:
-    chdir: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}"
+    chdir: "{{ wazuh_agent_win_path }}"
   register: agent_auth_output
   notify: restart wazuh-agent windows
   when:
-    - wazuh_agent_authd.enable == true
-    - check_windows_key.stat.exists == false or check_windows_key.stat.size == 0
+    - wazuh_agent_authd.enable
+    - not check_windows_key.stat.exists or check_windows_key.stat.size == 0
     - wazuh_managers.0.address is not none
   tags:
     - config
@@ -77,7 +81,7 @@
 - name: Windows | Installing agent configuration (ossec.conf)
   win_template:
     src: var-ossec-etc-ossec-agent.conf.j2
-    dest: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}ossec.conf"
+    dest: "{{ wazuh_agent_win_path }}ossec.conf"
   notify: restart wazuh-agent windows
   tags:
     - config
@@ -85,7 +89,7 @@
 - name: Windows | Installing local_internal_options.conf
   win_template:
     src: var-ossec-etc-local-internal-options.conf.j2
-    dest: "{% if check_path.stat.exists == true %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}{{ wazuh_winagent_config.install_dir }}{% endif %}local_internal_options.conf"
+    dest: "{{ wazuh_agent_win_path }}local_internal_options.conf"
   notify: restart wazuh-agent windows
   tags:
     - config
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index bfcf86e4..7d7e139d 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -254,7 +254,7 @@
     {% endif %}
     <log_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.osquery.log_path_win }}{% else %}{{ wazuh_agent_config.osquery.log_path }}{% endif %}</log_path>
     <config_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.osquery.config_path_win }}{% else %}{{ wazuh_agent_config.osquery.config_path }}{% endif %}</config_path>
-    <add_labels>{{ wazuh_agent_config.osquery.ad_labels }}</add_labels>
+    <add_labels>{{ wazuh_agent_config.osquery.add_labels }}</add_labels>
   </wodle>
 
   <!-- System inventory -->
diff --git a/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
index a85676d2..ad6e1164 100644
--- a/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
+++ b/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
@@ -1,3 +1,3 @@
 ---
 # We recommend the use of Ansible Vault to protect Wazuh, api, agentless and authd credentials.
-#api_pass: 'changeme'
+# api_pass: 'changeme'
diff --git a/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
index e25b12aa..bc8113e3 100644
--- a/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
+++ b/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
@@ -1,3 +1,3 @@
 ---
 # We recommend the use of Ansible Vault to protect Wazuh, api, agentless and authd credentials.
-#authd_pass: 'foobar'
+# authd_pass: 'foobar'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b550b0f8..8cf7ef58 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -182,35 +182,35 @@ wazuh_manager_config:
   email_level: 12
   localfiles:
     common:
-       - format: 'command'
-         command: df -P -x squashfs -x tmpfs -x devtmpfs
-         frequency: '360'
-       - format: 'full_command'
-         command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
-         alias: 'netstat listening ports'
-         frequency: '360'
-       - format: 'full_command'
-         command: 'last -n 20'
-       - format: 'syslog'
-         location: '/var/ossec/logs/active-responses.log'
+      - format: 'command'
+        command: df -P -x squashfs -x tmpfs -x devtmpfs
+        frequency: '360'
+      - format: 'full_command'
+        command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
+        alias: 'netstat listening ports'
+        frequency: '360'
+      - format: 'full_command'
+        command: 'last -n 20'
+      - format: 'syslog'
+        location: '/var/ossec/logs/active-responses.log'
     debian:
-       - format: 'syslog'
-         location: '/var/log/auth.log'
-       - format: 'syslog'
-         location: '/var/log/syslog'
-       - format: 'syslog'
-         location: '/var/log/dpkg.log'
-       - format: 'syslog'
-         location: '/var/log/kern.log'
+      - format: 'syslog'
+        location: '/var/log/auth.log'
+      - format: 'syslog'
+        location: '/var/log/syslog'
+      - format: 'syslog'
+        location: '/var/log/dpkg.log'
+      - format: 'syslog'
+        location: '/var/log/kern.log'
     centos:
-       - format: 'syslog'
-         location: '/var/log/messages'
-       - format: 'syslog'
-         location: '/var/log/secure'
-       - format: 'syslog'
-         location: '/var/log/maillog'
-       - format: 'audit'
-         location: '/var/log/audit/audit.log'
+      - format: 'syslog'
+        location: '/var/log/messages'
+      - format: 'syslog'
+        location: '/var/log/secure'
+      - format: 'syslog'
+        location: '/var/log/maillog'
+      - format: 'audit'
+        location: '/var/log/audit/audit.log'
   globals:
     - '127.0.0.1'
     - '192.168.2.1'
@@ -219,10 +219,10 @@ wazuh_manager_config:
       executable: 'disable-account.sh'
       expect: 'user'
       timeout_allowed: 'yes'
-    #- name: 'restart-ossec'
-    #  executable: 'restart-ossec.sh'
-    #  expect: ''
-    #  timeout_allowed: 'no'
+    # - name: 'restart-ossec'
+    #   executable: 'restart-ossec.sh'
+    #   expect: ''
+    #   timeout_allowed: 'no'
     - name: 'win_restart-ossec'
       executable: 'restart-ossec.cmd'
       expect: ''
@@ -252,8 +252,8 @@ wazuh_manager_config:
       expect: 'srcip'
       timeout_allowed: 'yes'
   ruleset:
-      rules_path: 'custom_ruleset/rules/'
-      decoders_path: 'custom_ruleset/decoders/'
+    rules_path: 'custom_ruleset/rules/'
+    decoders_path: 'custom_ruleset/decoders/'
   rule_exclude:
     - '0215-policy_rules.xml'
   syslog_outputs:
@@ -275,17 +275,13 @@ wazuh_agent_configs:
       auto_ignore: 'no'
       alert_new_files: 'yes'
       ignore:
-      - /etc/mtab
-      - /etc/mnttab
-      - /etc/hosts.deny
-      - /etc/mail/statistics
-      - /etc/svc/volatile
+        - /etc/mtab
+        - /etc/mnttab
+        - /etc/hosts.deny
+        - /etc/mail/statistics
+        - /etc/svc/volatile
       no_diff:
         - /etc/ssl/private.key
-      # Example
-      #directories:
-        #- dirs: /etc,/usr/bin,/usr/sbin
-        #  checks: 'check_all="yes"'
     rootcheck:
       frequency: 43200
       cis_distribution_filename: null
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 3fc54e84..333e94b4 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -11,14 +11,14 @@
   until: wazuh_manager_https_packages_installed is succeeded
 
 - name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)
-  become: yes
+  become: true
   shell: |
     set -o pipefail
     curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
   args:
-    warn: False
+    warn: false
     executable: /bin/bash
-  changed_when: False
+  changed_when: false
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
@@ -32,18 +32,18 @@
   apt_repository:
     repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     state: present
-    update_cache: yes
-  changed_when: False
+    update_cache: true
+  changed_when: false
 
 - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
-  become: yes
+  become: true
   shell: |
     set -o pipefail
     curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
   args:
-    warn: False
+    warn: false
     executable: /bin/bash
-  changed_when: False
+  changed_when: false
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
@@ -57,37 +57,37 @@
   apt_repository:
     repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
     state: present
-    update_cache: yes
-  changed_when: False
+    update_cache: true
+  changed_when: false
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
     cis_distribution_filename: cis_debian_linux_rcl.txt
 
-- when:
-   - wazuh_manager_config.cis_cat.disable == 'no'
-   - wazuh_manager_config.cis_cat.install_java == 'yes'
-  block:
-  - name: Debian/Ubuntu | Setting webupd8 repository
-    apt_repository:
-      repo: 'ppa:webupd8team/java'
-      codename: 'xenial'
-      update_cache: yes
+- block:
+    - name: Debian/Ubuntu | Setting webupd8 repository
+      apt_repository:
+        repo: 'ppa:webupd8team/java'
+        codename: 'xenial'
+        update_cache: true
 
-  - name: Debian/Ubuntu | Accept Oracle Java 8 license
-    debconf:
-      name: oracle-java8-installer
-      question: shared/accepted-oracle-license-v1-1
-      value: true
-      vtype: boolean
+    - name: Debian/Ubuntu | Accept Oracle Java 8 license
+      debconf:
+        name: oracle-java8-installer
+        question: shared/accepted-oracle-license-v1-1
+        value: true
+        vtype: boolean
 
-  - name: Debian/Ubuntu | Oracle Java 8 installer
-    apt:
-      name: oracle-java8-installer
-      state: present
-      cache_valid_time: 3600
-    register: wazuh_manager_oracle_java_8_installed
-    until: wazuh_manager_oracle_java_8_installed is succeeded
+    - name: Debian/Ubuntu | Oracle Java 8 installer
+      apt:
+        name: oracle-java8-installer
+        state: present
+        cache_valid_time: 3600
+      register: wazuh_manager_oracle_java_8_installed
+      until: wazuh_manager_oracle_java_8_installed is succeeded
+  when:
+    - wazuh_manager_config.cis_cat.disable == 'no'
+    - wazuh_manager_config.cis_cat.install_java == 'yes'
   tags:
     - init
 
@@ -109,7 +109,7 @@
   shell: "dpkg-query --showformat='${Version}' --show libopenscap8"
   when: wazuh_manager_config.openscap.disable == 'no'
   register: openscap_version
-  changed_when: False
+  changed_when: false
   tags:
     - config
 
@@ -117,6 +117,6 @@
   shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?"
   when: wazuh_manager_config.openscap.disable == 'no'
   register: openscap_version_valid
-  changed_when: False
+  changed_when: false
   tags:
     - config
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
index c0f1f797..05094cfd 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
@@ -3,10 +3,10 @@
   apt_repository:
     repo: deb https://packages.wazuh.com/apt {{ ansible_distribution_release }} main
     state: absent
-  changed_when: False
+  changed_when: false
 
 - name: Debian/Ubuntu | Remove Nodejs repository.
   apt_repository:
     repo: deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main
     state: absent
-  changed_when: False
+  changed_when: false
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
index 2b30cf5c..76b7f29f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
@@ -3,10 +3,10 @@
   yum_repository:
     name: NodeJS
     state: absent
-  changed_when: False
+  changed_when: false
 
 - name: RedHat/CentOS/Fedora | Remove Wazuh repository (and clean up left-over metadata)
   yum_repository:
     name: wazuh_repo
     state: absent
-  changed_when: False
+  changed_when: false
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 3f498b67..cce14064 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -5,8 +5,8 @@
     description: NodeJS-$releasever
     baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
     gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: yes
-  changed_when: False
+    gpgcheck: true
+  changed_when: false
   when:
     - ansible_distribution_major_version|int > 5
 
@@ -16,7 +16,7 @@
     description: NodeJS-$releasever
     baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
     gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: yes
+    gpgcheck: true
   when: ansible_distribution == 'Fedora'
 
 - name: AmazonLinux | Get Nodejs
@@ -24,7 +24,7 @@
     set -o pipefail
     curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
   args:
-    warn: no
+    warn: fakse
     executable: /bin/bash
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
@@ -44,8 +44,8 @@
     description: Wazuh repository
     baseurl: https://packages.wazuh.com/3.x/yum/
     gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
-    gpgcheck: yes
-  changed_when: False
+    gpgcheck: true
+  changed_when: false
   when:
     - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
 
@@ -55,7 +55,7 @@
     description: Wazuh repository
     baseurl: https://packages.wazuh.com/3.x/yum/5/
     gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
-    gpgcheck: yes
+    gpgcheck: true
   when:
     - ansible_distribution_major_version|int == 5
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 9e538e09..2715bba0 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -45,7 +45,7 @@
     creates: sslmanager.cert
     chdir: /var/ossec/etc/
   tags:
-      - config
+    - config
   when: not wazuh_manager_config.authd.ssl_agent_ca is not none
 
 - name: Copy CA, SSL key and cert for authd
@@ -208,8 +208,8 @@
   args:
     removes: /var/ossec/bin/.process_list
     executable: /bin/bash
-  changed_when: False
-  check_mode: no
+  changed_when: false
+  check_mode: false
   register: csyslog_enabled
   tags:
     - config
@@ -230,8 +230,8 @@
   args:
     removes: /var/ossec/bin/.process_list
     executable: /bin/bash
-  changed_when: False
-  check_mode: no
+  changed_when: false
+  check_mode: false
   register: agentlessd_enabled
   tags:
     - config
@@ -349,7 +349,7 @@
 - name: Ensure Wazuh Manager, wazuh API service is started and enabled
   service:
     name: "{{ item }}"
-    enabled: yes
+    enabled: true
     state: started
   with_items:
     - wazuh-manager
@@ -364,7 +364,7 @@
 - name: Ensure Wazuh Manager is started and enabled (EL5)
   service:
     name: wazuh-manager
-    enabled: yes
+    enabled: true
     state: started
   tags:
     - config
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
index 9d945bb8..b23855a5 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
@@ -1,2 +1,2 @@
 ---
-#authd_pass: foobar
+# authd_pass: foobar

From 97a881d3d35bd72ad5168605856217745cab2a1e Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Sat, 27 Apr 2019 15:28:01 +0200
Subject: [PATCH 097/714] Deleted vscode file

---
 .vscode/settings.json | 3 ---
 1 file changed, 3 deletions(-)
 delete mode 100644 .vscode/settings.json

diff --git a/.vscode/settings.json b/.vscode/settings.json
deleted file mode 100644
index f4dff794..00000000
--- a/.vscode/settings.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
-    "python.pythonPath": "/Users/wdijkerman/.venv3/bin/python"
-}
\ No newline at end of file

From 06589471f0c95e8491e3cdd28beb08c4a4e6f3cd Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Mon, 29 Apr 2019 15:57:22 +0200
Subject: [PATCH 098/714] Fixed typo

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index cce14064..f079b3b1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -24,7 +24,7 @@
     set -o pipefail
     curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
   args:
-    warn: fakse
+    warn: false
     executable: /bin/bash
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"

From bcd535351b7f947141fdac812c609d236f8dc9fe Mon Sep 17 00:00:00 2001
From: jm404 <josemiguel409@gmail.com>
Date: Tue, 30 Apr 2019 16:59:29 +0200
Subject: [PATCH 099/714]  Adding openjdk repository for Ubuntu 14.04.

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 16 ++++++++++++----
 .../wazuh/ansible-wazuh-manager/tasks/Debian.yml | 14 +++++++++++---
 2 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 7584d714..48e45685 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -37,12 +37,20 @@
     cis_distribution_filename: cis_debian_linux_rcl.txt
   when: ansible_os_family == "Debian"
 
+- name: Debian/Ubuntu | Install OpenJDK-8 repo
+  apt_repository:
+    repo: 'ppa:openjdk-r/ppa'
+    state: present
+    update_cache: true
+  when:
+    - (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
+
 - when:
-  - wazuh_agent_config.cis_cat.disable == 'no'
-  - wazuh_agent_config.cis_cat.install_java == 'yes'
+    - wazuh_agent_config.cis_cat.disable == 'no'
+    - wazuh_agent_config.cis_cat.install_java == 'yes'
   block:
-  - name: Debian/Ubuntu | Install OpenJDK 1.8
-    apt: name=openjdk-8-jre state=present cache_valid_time=3600       
+    - name: Debian/Ubuntu | Install OpenJDK 1.8
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index b960b20d..9e9a94d7 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -64,12 +64,20 @@
   set_fact:
     cis_distribution_filename: cis_debian_linux_rcl.txt
 
+- name: Debian/Ubuntu | Install OpenJDK-8 repo
+  apt_repository:
+    repo: 'ppa:openjdk-r/ppa'
+    state: present
+    update_cache: true
+  when:
+    - (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
+
 - when:
-   - wazuh_manager_config.cis_cat.disable == 'no'
-   - wazuh_manager_config.cis_cat.install_java == 'yes'
+    - wazuh_manager_config.cis_cat.disable == 'no'
+    - wazuh_manager_config.cis_cat.install_java == 'yes'
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name=openjdk-8-jre state=present cache_valid_time=3600       
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600
   tags:
     - init
 

From cd3fcc78573b2099089e3eb67b52cce0576a8f2c Mon Sep 17 00:00:00 2001
From: jm404 <josemiguel409@gmail.com>
Date: Tue, 30 Apr 2019 17:00:44 +0200
Subject: [PATCH 100/714] Fixed linting problems for molecule tests.

---
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml | 2 +-
 roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml | 2 +-
 roles/elastic-stack/ansible-logstash/tasks/Debian.yml      | 2 +-
 roles/elastic-stack/ansible-logstash/tasks/RedHat.yml      | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml         | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 715cd9ef..f786d2a3 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -7,7 +7,7 @@
 - when: elasticsearch_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name=openjdk-8-jre state=present cache_valid_time=3600    
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 396df728..79632b31 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -2,7 +2,7 @@
 - when: elasticsearch_install_java
   block:
     - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
-      yum: name=java-1.8.0-openjdk state=present    
+      yum: name=java-1.8.0-openjdk state=present
       register: oracle_java_task_rpm_installed
       tags: install
 
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index f81427e3..403ee88f 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -7,7 +7,7 @@
 - when: logstash_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name=openjdk-8-jre state=present cache_valid_time=3600    
+      apt: name=openjdk-8-jre state=present cache_valid_time=3600
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
index 5c0a96d8..ed16fbc5 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
@@ -2,7 +2,7 @@
 - when: logstash_install_java
   block:
     - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
-      yum: name=java-1.8.0-openjdk state=present    
+      yum: name=java-1.8.0-openjdk state=present
       register: oracle_java_task_rpm_installed
       tags: install
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index b45591eb..7540e142 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -115,7 +115,7 @@
     - wazuh_manager_config.cluster.disable != 'yes'
 
 - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
-  yum: name=java-1.8.0-openjdk state=present    
+  yum: name=java-1.8.0-openjdk state=present
   when:
     - wazuh_manager_config.cis_cat.disable == 'no'
     - wazuh_manager_config.cis_cat.install_java == 'yes'

From 3c56b74d1ebf486a742effdf955f3994bd311001 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Tue, 30 Apr 2019 18:07:30 +0200
Subject: [PATCH 101/714] Bump version.

---
 CHANGELOG.md                                   | 18 ++++++++++++++++++
 .../ansible-kibana/defaults/main.yml           |  2 +-
 .../ansible-wazuh-agent/defaults/main.yml      |  2 +-
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7b892715..f8fae5c3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.9.0]
 
+### Added
+
+- Update to Wazuh Wazuh v3.9.0 ([manuasir](https://github.com/manuasir) [#177](https://github.com/wazuh/wazuh-ansible/pull/177)).
+- Support for Elasticsearch v6.7.1 ([LuisGi91](https://github.com/LuisGi91) [#168](https://github.com/wazuh/wazuh-ansible/pull/168)).
+- Added Molecule testing suit ([JJediny](https://github.com/JJediny) [#151](https://github.com/wazuh/wazuh-ansible/pull/151)).
+- Added Molecule tests for Wazuh Manager ([dj-wasabi](https://github.com/dj-wasabi) [#169](https://github.com/wazuh/wazuh-ansible/pull/169)).
+- Added Molecule tests for Wazuh Agent ([dj-wasabi](https://github.com/dj-wasabi) [#174](https://github.com/wazuh/wazuh-ansible/pull/174)).
+
+### Changed
+
+- Updated network commands ([kravietz](https://github.com/kravietz) [#159](https://github.com/wazuh/wazuh-ansible/pull/159)).
+- Enable active response section ([kravietz](https://github.com/kravietz) [#155](https://github.com/wazuh/wazuh-ansible/pull/155)).
+
+### Fixed
+
+- Fix default active response ([LuisGi93](https://github.com/LuisGi93) [#164](https://github.com/wazuh/wazuh-ansible/pull/164)).
+- Changing from Oracle Java to OpenJDK ([LuisGi93](https://github.com/LuisGi93) [#173](https://github.com/wazuh/wazuh-ansible/pull/173)).
+- Adding alias to agent config file template ([LuisGi93](https://github.com/LuisGi93) [#163](https://github.com/wazuh/wazuh-ansible/pull/163)).
 
 ## [v3.8.2]
 
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 4d02fb77..c2779fe8 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -4,4 +4,4 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.7.1
-wazuh_version: 3.8.2
+wazuh_version: 3.9.0
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 0aea8e4f..baeb6f25 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -23,7 +23,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.8.2'
+  version: '3.9.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 43936e7bc7eb51bd186f47dac4a6f477

From 6e3b92bcc4f955348d92b902e5e860c9ee9e1428 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Tue, 30 Apr 2019 19:17:56 +0200
Subject: [PATCH 102/714] Added Molecule test for the Elasticsearch role

---
 .circleci/config.yml                          |  5 +-
 .travis.yml                                   |  2 +
 Pipfile                                       |  1 +
 molecule/default/prepare.yml                  | 10 ++++
 molecule/elasticsearch/Dockerfile.j2          | 14 +++++
 molecule/elasticsearch/INSTALL.rst            | 22 +++++++
 molecule/elasticsearch/molecule.yml           | 59 +++++++++++++++++++
 molecule/elasticsearch/playbook.yml           |  6 ++
 molecule/elasticsearch/tests/test_default.py  | 19 ++++++
 .../ansible-elasticsearch/tasks/Debian.yml    | 16 ++++-
 .../ansible-elasticsearch/tasks/RMDebian.yml  |  1 +
 .../ansible-elasticsearch/tasks/RMRedHat.yml  |  1 +
 .../ansible-elasticsearch/tasks/RedHat.yml    |  4 ++
 .../ansible-elasticsearch/tasks/main.yml      |  9 ++-
 14 files changed, 163 insertions(+), 6 deletions(-)
 create mode 100644 molecule/elasticsearch/Dockerfile.j2
 create mode 100644 molecule/elasticsearch/INSTALL.rst
 create mode 100644 molecule/elasticsearch/molecule.yml
 create mode 100644 molecule/elasticsearch/playbook.yml
 create mode 100644 molecule/elasticsearch/tests/test_default.py

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 08b3ff16..d665e8e6 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,3 +1,4 @@
+---
 version: 2
 jobs:
   test:
@@ -6,7 +7,7 @@ jobs:
         version: 2.7
       services:
         - docker
-    working_directory: ~/wazuh-ansible  
+    working_directory: ~/wazuh-ansible
     steps:
       - checkout
       - run:
@@ -22,4 +23,4 @@ workflows:
   version: 2
   test_molecule:
     jobs:
-      - test
\ No newline at end of file
+      - test
diff --git a/.travis.yml b/.travis.yml
index 97c0427b..937de0ab 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,3 +1,4 @@
+---
 language: python
 services: docker
 before_script:
@@ -6,3 +7,4 @@ before_script:
 script:
   - pipenv run test
   - pipenv run agent
+  - pipenv run elasticsearch
diff --git a/Pipfile b/Pipfile
index 2bc7a896..bf6931c6 100644
--- a/Pipfile
+++ b/Pipfile
@@ -16,3 +16,4 @@ python_version = "2.7"
 [scripts]
 test ="molecule test"
 agent ="molecule test -s wazuh-agent"
+elasticsearch ="molecule test -s elasticsearch"
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
index 1aa45e29..f3dc9aac 100644
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
@@ -24,3 +24,13 @@
         state: latest
       register: wazuh_manager_dependencies_packages_installed
       until: wazuh_manager_dependencies_packages_installed is succeeded
+
+    - name: "Install (RedHat) dependencies"
+      package:
+        name:
+          - initscripts
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+      when:
+        - ansible_os_family == 'RedHat'
diff --git a/molecule/elasticsearch/Dockerfile.j2 b/molecule/elasticsearch/Dockerfile.j2
new file mode 100644
index 00000000..e6aa95d3
--- /dev/null
+++ b/molecule/elasticsearch/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/elasticsearch/INSTALL.rst b/molecule/elasticsearch/INSTALL.rst
new file mode 100644
index 00000000..6a44bde9
--- /dev/null
+++ b/molecule/elasticsearch/INSTALL.rst
@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[docker]'
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
new file mode 100644
index 00000000..f673f502
--- /dev/null
+++ b/molecule/elasticsearch/molecule.yml
@@ -0,0 +1,59 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: True
+    memory_reservation: 1024m
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+  - name: trusty
+    image: ubuntu:trusty
+    memory_reservation: 1024m
+    ulimits:
+      - nofile:262144:262144
+  - name: centos6
+    image: centos:6
+    privileged: true
+    memory_reservation: 1024m
+    ulimits:
+      - nofile:262144:262144
+  - name: centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 1024m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+      prepare: ../default/prepare.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+  inventory:
+    group_vars:
+      all:
+        elasticsearch_jvm_xms: 512
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
new file mode 100644
index 00000000..f6bf45f9
--- /dev/null
+++ b/molecule/elasticsearch/playbook.yml
@@ -0,0 +1,6 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 'localhost'
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
new file mode 100644
index 00000000..f25c299d
--- /dev/null
+++ b/molecule/elasticsearch/tests/test_default.py
@@ -0,0 +1,19 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_elasticsearch_is_installed(host):
+    elasticsearch = host.package("elasticsearch")
+    assert elasticsearch.is_installed
+    assert elasticsearch.version.startswith('6.7.1')
+
+
+def test_elasticsearch_is_running(host):
+    """Test if the services are enabled and running."""
+    elasticsearch = host.service("elasticsearch")
+    assert elasticsearch.is_enabled
+    assert elasticsearch.is_running
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index f786d2a3..f8baac55 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -1,13 +1,25 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: ['apt-transport-https', 'ca-certificates']
+    name:
+      - apt-transport-https
+      - ca-certificates
     state: present
+  register: elasticsearch_ca_packages_installed
+  until: elasticsearch_ca_packages_installed is succeeded
+
+- name: "Install Java Repo for Trusty"
+  apt_repository: repo='ppa:openjdk-r/ppa'
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
 
 - when: elasticsearch_install_java
   block:
     - name: Debian/Ubuntu | Install OpenJDK 1.8
       apt: name=openjdk-8-jre state=present cache_valid_time=3600
+      register: elasticsearch_jre_packages_installed
+      until: elasticsearch_jre_packages_installed is succeeded
       tags: install
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
@@ -27,4 +39,6 @@
     name: "elasticsearch={{ elastic_stack_version }}"
     state: present
     cache_valid_time: 3600
+  register: elasticsearch_main_packages_installed
+  until: elasticsearch_main_packages_installed is succeeded
   tags: install
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
index 74c59c37..cf229655 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
@@ -3,3 +3,4 @@
   apt_repository:
     repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
     state: absent
+  changed_when: false
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
index 8f99b1e5..bdf667bc 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
@@ -3,3 +3,4 @@
   yum_repository:
     name: elastic_repo
     state: absent
+  changed_when: false
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 79632b31..4c25c31b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -4,6 +4,7 @@
     - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
       yum: name=java-1.8.0-openjdk state=present
       register: oracle_java_task_rpm_installed
+      until: oracle_java_task_rpm_installed is succeeded
       tags: install
 
 - name: RedHat/CentOS/Fedora | Install Elastic repo
@@ -13,8 +14,11 @@
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
+  changed_when: false
 
 - name: RedHat/CentOS/Fedora | Install Elasticsarch
   package: name=elasticsearch-{{ elastic_stack_version }} state=present
+  register: elasticsearch_main_packages_installed
+  until: elasticsearch_main_packages_installed is succeeded
   when: not elasticsearch_install_java or oracle_java_task_rpm_installed is defined
   tags: install
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index a1f44f88..f0d88581 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -76,9 +76,9 @@
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
+    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
 - name: Ensure Elasticsearch started and enabled
-  ignore_errors: true
   service:
     name: elasticsearch
     enabled: true
@@ -92,19 +92,22 @@
 
 - name: Check for Wazuh Alerts template
   uri:
-    url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
+    url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/_template/wazuh"
     method: GET
     status_code: 200, 404
   register: wazuh_alerts_template_exits
+  until: wazuh_alerts_template_exits is succeeded
   tags: init
 
 - name: Installing Wazuh Alerts template
   uri:
-    url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
+    url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/_template/wazuh"
     method: PUT
     status_code: 200
     body_format: json
     body: "{{ lookup('template','wazuh-elastic6-template-alerts.json.j2') }}"
+  register: installing_wazuh_template
+  until: installing_wazuh_template is succeeded
   when: wazuh_alerts_template_exits.status != 200
   tags: init
 

From e27a4e0459864b79b076f8aeea97745987814c26 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 3 May 2019 16:33:07 +0200
Subject: [PATCH 103/714] Bump version

---
 VERSION                                | 4 ++--
 molecule/default/tests/test_default.py | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/VERSION b/VERSION
index a85b3d76..53f0359c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.8.3"
-REVISION="3802"
+WAZUH-ANSIBLE_VERSION="v3.9.0"
+REVISION="3900"
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 36711b0f..9cfab500 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.8"
+    return "3.9"
 
 
 def test_wazuh_packages_are_installed(host):

From e5b0e2b40e85136d18ded312067f11d10510ee31 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Fri, 3 May 2019 16:34:09 +0200
Subject: [PATCH 104/714] Added tests for Logstash

---
 molecule/logstash/Dockerfile.j2               | 14 +++++
 molecule/logstash/INSTALL.rst                 | 22 ++++++++
 molecule/logstash/molecule.yml                | 56 +++++++++++++++++++
 molecule/logstash/playbook.yml                |  5 ++
 molecule/logstash/prepare.yml                 | 41 ++++++++++++++
 molecule/logstash/tests/test_default.py       | 30 ++++++++++
 .../ansible-logstash/tasks/Debian.yml         | 10 +++-
 .../ansible-logstash/tasks/RMDebian.yml       |  1 +
 .../ansible-logstash/tasks/RMRedHat.yml       |  1 +
 .../ansible-logstash/tasks/RedHat.yml         | 10 +++-
 .../ansible-logstash/tasks/main.yml           | 13 +++++
 11 files changed, 197 insertions(+), 6 deletions(-)
 create mode 100644 molecule/logstash/Dockerfile.j2
 create mode 100644 molecule/logstash/INSTALL.rst
 create mode 100644 molecule/logstash/molecule.yml
 create mode 100644 molecule/logstash/playbook.yml
 create mode 100644 molecule/logstash/prepare.yml
 create mode 100644 molecule/logstash/tests/test_default.py

diff --git a/molecule/logstash/Dockerfile.j2 b/molecule/logstash/Dockerfile.j2
new file mode 100644
index 00000000..e6aa95d3
--- /dev/null
+++ b/molecule/logstash/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/logstash/INSTALL.rst b/molecule/logstash/INSTALL.rst
new file mode 100644
index 00000000..6a44bde9
--- /dev/null
+++ b/molecule/logstash/INSTALL.rst
@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[docker]'
diff --git a/molecule/logstash/molecule.yml b/molecule/logstash/molecule.yml
new file mode 100644
index 00000000..6246d33c
--- /dev/null
+++ b/molecule/logstash/molecule.yml
@@ -0,0 +1,56 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: True
+    memory_reservation: 1024m
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+  - name: centos6
+    image: geerlingguy/docker-centos6-ansible
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    ulimits:
+      - nofile:262144:262144
+  - name: centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 1024m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+  inventory:
+    group_vars:
+      all:
+        elasticsearch_jvm_xms: 256
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/logstash/playbook.yml b/molecule/logstash/playbook.yml
new file mode 100644
index 00000000..d077bd8e
--- /dev/null
+++ b/molecule/logstash/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: elastic-stack/ansible-logstash
diff --git a/molecule/logstash/prepare.yml b/molecule/logstash/prepare.yml
new file mode 100644
index 00000000..7e5ca29d
--- /dev/null
+++ b/molecule/logstash/prepare.yml
@@ -0,0 +1,41 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  pre_tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+
+    - name: "Install (RedHat) dependencies"
+      package:
+        name:
+          - initscripts
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+      when:
+        - ansible_os_family == 'RedHat'
+
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+    - role: elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 'localhost'
diff --git a/molecule/logstash/tests/test_default.py b/molecule/logstash/tests/test_default.py
new file mode 100644
index 00000000..36e948e0
--- /dev/null
+++ b/molecule/logstash/tests/test_default.py
@@ -0,0 +1,30 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_logstash_is_installed(host):
+    logstash = host.package("logstash")
+    assert logstash.is_installed
+
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'ubuntu':
+        assert logstash.version.startswith('1:6.7.1')
+    else:
+        assert logstash.version.startswith('6.7.1')
+
+
+def test_logstash_is_running(host):
+    """Test if the services are enabled and running."""
+    logstash = host.service("logstash")
+    assert logstash.is_enabled
+    assert logstash.is_running
+
+
+def test_find_correct_logentry(host):
+    logfile = host.file("//var/log/logstash/logstash-plain.log")
+    assert logfile.contains("Successfully started Logstash API endpoint")
+    assert logfile.contains("Restored connection to ES instance")
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 403ee88f..621b02d1 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -1,7 +1,9 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: ['apt-transport-https', 'ca-certificates']
+    name:
+      - apt-transport-https
+      - ca-certificates
     state: present
 
 - when: logstash_install_java
@@ -20,6 +22,7 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     filename: 'elastic_repo'
+  changed_when: false
 
 - name: Debian/Ubuntu | Install Logstash
   apt:
@@ -31,7 +34,8 @@
 - name: Debian/Ubuntu | Checking if wazuh-manager is installed
   command: dpkg -l wazuh-manager
   register: wazuh_manager_check_deb
-  when: logstash_input_beats == false
+  when: not logstash_input_beats
+  changed_when: false
   args:
     warn: false
 
@@ -41,5 +45,5 @@
     groups: ossec
     append: true
   when:
-    - logstash_input_beats == false
+    - not logstash_input_beats
     - wazuh_manager_check_deb.rc == 0
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml b/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml
index 74c59c37..cf229655 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml
@@ -3,3 +3,4 @@
   apt_repository:
     repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
     state: absent
+  changed_when: false
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml
index 78538fe9..e770b4e6 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml
@@ -3,3 +3,4 @@
   yum_repository:
     name: elastic_repo
     state: absent
+  changed_when: false
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
index ed16fbc5..1c11926c 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
@@ -13,6 +13,7 @@
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
+  changed_when: false
 
 - name: RedHat/CentOS/Fedora | Install Logstash
   package: name=logstash-{{ elastic_stack_version }} state=present
@@ -22,7 +23,8 @@
 - name: RedHat/CentOS/Fedora | Checking if wazuh-manager is installed
   command: rpm -q wazuh-manager
   register: wazuh_manager_check_rpm
-  when: logstash_input_beats == false
+  when: not logstash_input_beats
+  changed_when: false
   args:
     warn: false
 
@@ -32,12 +34,14 @@
     groups: ossec
     append: true
   when:
-    - logstash_input_beats == false
+    - not logstash_input_beats
     - wazuh_manager_check_rpm.rc == 0
 
 - name: Amazon Linux change startup group
   shell: sed -i 's/.*LS_GROUP=logstash.*/LS_GROUP=ossec/' /etc/logstash/startup.options
+  tags:
+    - skip_ansible_lint
   when:
-    - logstash_input_beats == false
+    - not logstash_input_beats
     - wazuh_manager_check_rpm.rc == 0
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
diff --git a/roles/elastic-stack/ansible-logstash/tasks/main.yml b/roles/elastic-stack/ansible-logstash/tasks/main.yml
index e114a82f..d1f07d70 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/main.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/main.yml
@@ -15,10 +15,23 @@
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
+    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
 - name: Amazon Linux create service
   shell: /usr/share/logstash/bin/system-install /etc/logstash/startup.options
   when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
+  args:
+    creates: /etc/default/logstash
+  tags:
+    - skip_ansible_lint
+
+- name: Amazon Linux create service
+  shell: /usr/share/logstash/bin/system-install /etc/logstash/startup.options
+  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "6"
+  args:
+    creates: /etc/default/logstash
+  tags:
+    - skip_ansible_lint
 
 - name: Ensure Logstash started and enabled
   service:

From 35c9ef3fe89ac077e7e988e1e7535f38c4012596 Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Fri, 3 May 2019 16:36:36 +0200
Subject: [PATCH 105/714] Added command for pipenv

---
 .travis.yml | 1 +
 Pipfile     | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index 937de0ab..d93ba6ac 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -8,3 +8,4 @@ script:
   - pipenv run test
   - pipenv run agent
   - pipenv run elasticsearch
+  - pipenv run logstash
diff --git a/Pipfile b/Pipfile
index bf6931c6..0f2d931d 100644
--- a/Pipfile
+++ b/Pipfile
@@ -17,3 +17,4 @@ python_version = "2.7"
 test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
+logstash ="molecule test -s logstash"

From c0e60a1a5a1f0713e89feeaed19dfe5507cdbebc Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Mon, 6 May 2019 18:55:48 +0200
Subject: [PATCH 106/714] Added tests for Kibana

---
 molecule/kibana/Dockerfile.j2         | 14 +++++++
 molecule/kibana/INSTALL.rst           | 22 ++++++++++
 molecule/kibana/molecule.yml          | 59 +++++++++++++++++++++++++++
 molecule/kibana/playbook.yml          |  5 +++
 molecule/kibana/prepare.yml           | 41 +++++++++++++++++++
 molecule/kibana/tests/test_default.py | 31 ++++++++++++++
 6 files changed, 172 insertions(+)
 create mode 100644 molecule/kibana/Dockerfile.j2
 create mode 100644 molecule/kibana/INSTALL.rst
 create mode 100644 molecule/kibana/molecule.yml
 create mode 100644 molecule/kibana/playbook.yml
 create mode 100644 molecule/kibana/prepare.yml
 create mode 100644 molecule/kibana/tests/test_default.py

diff --git a/molecule/kibana/Dockerfile.j2 b/molecule/kibana/Dockerfile.j2
new file mode 100644
index 00000000..e6aa95d3
--- /dev/null
+++ b/molecule/kibana/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/kibana/INSTALL.rst b/molecule/kibana/INSTALL.rst
new file mode 100644
index 00000000..6a44bde9
--- /dev/null
+++ b/molecule/kibana/INSTALL.rst
@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[docker]'
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
new file mode 100644
index 00000000..a1e0e3f9
--- /dev/null
+++ b/molecule/kibana/molecule.yml
@@ -0,0 +1,59 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 1024m
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+  - name: trusty
+    image: ubuntu:trusty
+    memory_reservation: 1024m
+    ulimits:
+      - nofile:262144:262144
+  - name: centos6
+    image: centos:6
+    privileged: true
+    memory_reservation: 1024m
+    ulimits:
+      - nofile:262144:262144
+  - name: centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 1024m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+  inventory:
+    group_vars:
+      all:
+        elasticsearch_jvm_xms: 256
+        kibana_plugin_install_ignore_error: true
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
new file mode 100644
index 00000000..74fc1038
--- /dev/null
+++ b/molecule/kibana/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: elastic-stack/ansible-kibana
diff --git a/molecule/kibana/prepare.yml b/molecule/kibana/prepare.yml
new file mode 100644
index 00000000..7e5ca29d
--- /dev/null
+++ b/molecule/kibana/prepare.yml
@@ -0,0 +1,41 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  pre_tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+
+    - name: "Install (RedHat) dependencies"
+      package:
+        name:
+          - initscripts
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+      when:
+        - ansible_os_family == 'RedHat'
+
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+    - role: elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 'localhost'
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
new file mode 100644
index 00000000..dfcf8ad0
--- /dev/null
+++ b/molecule/kibana/tests/test_default.py
@@ -0,0 +1,31 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_logstash_is_running(host):
+    """Test if the services are enabled and running."""
+    kibana = host.service("kibana")
+    assert kibana.is_enabled
+    assert kibana.is_running
+
+
+def test_port_kibana_is_open(host):
+    """Test if the port 5601 is open and listening to connections."""
+    host.socket("tcp://0.0.0.0:5601").is_listening
+
+
+def test_find_correct_elasticsearch_version(host):
+    """Test if we find the kibana/elasticsearch version in package.json"""
+    kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
+    assert kibana.contains("6.7.1")
+
+
+def test_wazuh_plugin_installed(host):
+    """Make sure there is a plugin wazuh directory."""
+    kibana = host.file("/usr/share/kibana/plugins/wazuh/")
+
+    assert kibana.is_directory

From a3425d04acbde9f2927ad363454ff827f08c32ad Mon Sep 17 00:00:00 2001
From: Werner Dijkerman <werner@dj-wasabi.nl>
Date: Mon, 6 May 2019 18:56:14 +0200
Subject: [PATCH 107/714] Added comments in tests;Added some skip tasks

---
 .travis.yml                                   |  2 +
 Pipfile                                       |  2 +
 molecule/elasticsearch/molecule.yml           |  2 +-
 molecule/elasticsearch/tests/test_default.py  |  1 +
 molecule/filebeat/Dockerfile.j2               | 14 +++++++
 molecule/filebeat/INSTALL.rst                 | 22 ++++++++++
 molecule/filebeat/molecule.yml                | 42 +++++++++++++++++++
 molecule/filebeat/playbook.yml                |  5 +++
 molecule/filebeat/prepare.yml                 | 36 ++++++++++++++++
 molecule/filebeat/tests/test_default.py       | 19 +++++++++
 molecule/logstash/molecule.yml                |  2 +-
 molecule/logstash/tests/test_default.py       |  4 +-
 .../ansible-kibana/defaults/main.yml          |  1 +
 .../ansible-kibana/tasks/Debian.yml           |  9 +++-
 .../ansible-kibana/tasks/RMDebian.yml         |  1 +
 .../ansible-kibana/tasks/RMRedHat.yml         |  1 +
 .../ansible-kibana/tasks/RedHat.yml           |  3 ++
 .../ansible-kibana/tasks/main.yml             | 12 +++++-
 .../ansible-kibana/templates/kibana.yml.j2    |  2 +-
 roles/wazuh/ansible-filebeat/tasks/Debian.yml |  8 +++-
 .../wazuh/ansible-filebeat/tasks/RMDebian.yml |  1 +
 .../wazuh/ansible-filebeat/tasks/RMRedHat.yml |  1 +
 roles/wazuh/ansible-filebeat/tasks/RedHat.yml |  1 +
 roles/wazuh/ansible-filebeat/tasks/main.yml   |  3 ++
 24 files changed, 185 insertions(+), 9 deletions(-)
 create mode 100644 molecule/filebeat/Dockerfile.j2
 create mode 100644 molecule/filebeat/INSTALL.rst
 create mode 100644 molecule/filebeat/molecule.yml
 create mode 100644 molecule/filebeat/playbook.yml
 create mode 100644 molecule/filebeat/prepare.yml
 create mode 100644 molecule/filebeat/tests/test_default.py

diff --git a/.travis.yml b/.travis.yml
index d93ba6ac..c8e8ca95 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -9,3 +9,5 @@ script:
   - pipenv run agent
   - pipenv run elasticsearch
   - pipenv run logstash
+  - pipenv run filebeat
+  - pipenv run kibana
diff --git a/Pipfile b/Pipfile
index 0f2d931d..2d1d13e0 100644
--- a/Pipfile
+++ b/Pipfile
@@ -18,3 +18,5 @@ test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 logstash ="molecule test -s logstash"
+filebeat ="molecule test -s filebeat"
+kibana ="molecule test -s kibana"
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index f673f502..9897fe56 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -11,7 +11,7 @@ platforms:
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
-    privileged: True
+    privileged: true
     memory_reservation: 1024m
   - name: xenial
     image: solita/ubuntu-systemd:xenial
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
index f25c299d..8b453255 100644
--- a/molecule/elasticsearch/tests/test_default.py
+++ b/molecule/elasticsearch/tests/test_default.py
@@ -7,6 +7,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 
 def test_elasticsearch_is_installed(host):
+    """Test if the elasticsearch package is installed."""
     elasticsearch = host.package("elasticsearch")
     assert elasticsearch.is_installed
     assert elasticsearch.version.startswith('6.7.1')
diff --git a/molecule/filebeat/Dockerfile.j2 b/molecule/filebeat/Dockerfile.j2
new file mode 100644
index 00000000..e6aa95d3
--- /dev/null
+++ b/molecule/filebeat/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/filebeat/INSTALL.rst b/molecule/filebeat/INSTALL.rst
new file mode 100644
index 00000000..6a44bde9
--- /dev/null
+++ b/molecule/filebeat/INSTALL.rst
@@ -0,0 +1,22 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* Docker Engine
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[docker]'
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
new file mode 100644
index 00000000..4f0bffb6
--- /dev/null
+++ b/molecule/filebeat/molecule.yml
@@ -0,0 +1,42 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: trusty
+    image: ubuntu:trusty
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    privileged: true
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    command: /sbin/init
+  - name: centos6
+    image: geerlingguy/docker-centos6-ansible
+    privileged: true
+    command: /sbin/init
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+  - name: centos7
+    image: milcom/centos7-systemd
+    privileged: true
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/filebeat/playbook.yml b/molecule/filebeat/playbook.yml
new file mode 100644
index 00000000..3ff917f6
--- /dev/null
+++ b/molecule/filebeat/playbook.yml
@@ -0,0 +1,5 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: wazuh/ansible-filebeat
diff --git a/molecule/filebeat/prepare.yml b/molecule/filebeat/prepare.yml
new file mode 100644
index 00000000..f3dc9aac
--- /dev/null
+++ b/molecule/filebeat/prepare.yml
@@ -0,0 +1,36 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+
+    - name: "Install (RedHat) dependencies"
+      package:
+        name:
+          - initscripts
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+      when:
+        - ansible_os_family == 'RedHat'
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
new file mode 100644
index 00000000..8c4fd609
--- /dev/null
+++ b/molecule/filebeat/tests/test_default.py
@@ -0,0 +1,19 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_logstash_is_installed(host):
+    """Test if the filebeat package is installed."""
+    filebeat = host.package("filebeat")
+    assert filebeat.is_installed
+
+
+def test_logstash_is_running(host):
+    """Test if the services are enabled and running."""
+    filebeat = host.service("filebeat")
+    assert filebeat.is_enabled
+    assert filebeat.is_running
diff --git a/molecule/logstash/molecule.yml b/molecule/logstash/molecule.yml
index 6246d33c..12103767 100644
--- a/molecule/logstash/molecule.yml
+++ b/molecule/logstash/molecule.yml
@@ -11,7 +11,7 @@ platforms:
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
-    privileged: True
+    privileged: true
     memory_reservation: 1024m
   - name: xenial
     image: solita/ubuntu-systemd:xenial
diff --git a/molecule/logstash/tests/test_default.py b/molecule/logstash/tests/test_default.py
index 36e948e0..bc5fe999 100644
--- a/molecule/logstash/tests/test_default.py
+++ b/molecule/logstash/tests/test_default.py
@@ -7,6 +7,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 
 def test_logstash_is_installed(host):
+    """Test if logstash is installed with correct version."""
     logstash = host.package("logstash")
     assert logstash.is_installed
 
@@ -25,6 +26,7 @@ def test_logstash_is_running(host):
 
 
 def test_find_correct_logentry(host):
-    logfile = host.file("//var/log/logstash/logstash-plain.log")
+    """See if logstash is started and is connected to Elasticsearch."""
+    logfile = host.file("/var/log/logstash/logstash-plain.log")
     assert logfile.contains("Successfully started Logstash API endpoint")
     assert logfile.contains("Restored connection to ES instance")
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 4d02fb77..4d4848ad 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,3 +5,4 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 6.7.1
 wazuh_version: 3.8.2
+kibana_plugin_install_ignore_error: false
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 097b19db..90e52a8b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -1,8 +1,12 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: ['apt-transport-https', 'ca-certificates']
+    name:
+      - apt-transport-https
+      - ca-certificates
     state: present
+  register: kibana_installing_ca_package
+  until: kibana_installing_ca_package is succeeded
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
@@ -15,10 +19,13 @@
     state: present
     filename: 'elastic_repo'
     update_cache: true
+  changed_when: false
 
 - name: Debian/Ubuntu | Install Kibana
   apt:
     name: "kibana={{ elastic_stack_version }}"
     state: present
     cache_valid_time: 3600
+  register: installing_kibana_package
+  until: installing_kibana_package is succeeded
   tags: install
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
index 74c59c37..cf229655 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
@@ -3,3 +3,4 @@
   apt_repository:
     repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
     state: absent
+  changed_when: false
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
index 8f66f9a7..1ae7df57 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
@@ -3,3 +3,4 @@
   yum_repository:
     name: elastic_repo
     state: absent
+  changed_when: false
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
index f5fe2935..760e841b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
@@ -6,7 +6,10 @@
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
+  changed_when: false
 
 - name: RedHat/CentOS/Fedora | Install Kibana
   package: name=kibana-{{ elastic_stack_version }} state=present
+  register: installing_kibana_package
+  until: installing_kibana_package is succeeded
   tags: install
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 43e369c8..e87b87b0 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -17,6 +17,7 @@
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
+    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
 - name: Kibana configuration
   template:
@@ -29,8 +30,11 @@
   tags: configure
 
 - name: Checking Wazuh-APP version
-  shell: "grep -c -E 'version.*{{ elastic_stack_version }}' /usr/share/kibana/plugins/wazuh/package.json | xargs echo"
+  shell: |
+    set -o pipefail
+    grep -c -E 'version.*{{ elastic_stack_version }}' /usr/share/kibana/plugins/wazuh/package.json | xargs echo
   args:
+    executable: /bin/bash
     removes: /usr/share/kibana/plugins/wazuh/package.json
   register: wazuh_app_verify
   changed_when: false
@@ -51,9 +55,13 @@
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
+    executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
   notify: restart kibana
-  tags: install
+  ignore_errors: "{{ kibana_plugin_install_ignore_error }}"
+  tags:
+    - install
+    - skip_ansible_lint
 
 - name: Ensure Kibana started and enabled
   service:
diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
index 9b29f17a..edd1b4b4 100644
--- a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
@@ -19,7 +19,7 @@ server.host: {{ kibana_server_host }}
 #server.name: "your-hostname"
 
 # The URL of the Elasticsearch instance to use for all your queries.
-elasticsearch.url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
+elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
 
 # When this setting's value is true Kibana uses the hostname specified in the server.host
 # setting. When the value of this setting is false, Kibana uses the hostname of the host
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 455034d6..23b685eb 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -1,9 +1,12 @@
 ---
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
-    name: ['apt-transport-https', 'ca-certificates']
+    name:
+      - apt-transport-https
+      - ca-certificates
     state: present
-
+  register: filebeat_ca_packages_install
+  until: filebeat_ca_packages_install is succeeded
 
 - name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
@@ -15,3 +18,4 @@
     repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
     state: present
     update_cache: true
+  changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
index 580e6d86..c2727ee1 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
@@ -3,3 +3,4 @@
   apt_repository:
     repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
     state: absent
+  changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
index c9bceab0..519121b3 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
@@ -3,3 +3,4 @@
   yum_repository:
     name: elastic_repo
     state: absent
+  changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
index 80798897..8745ea7e 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
@@ -6,3 +6,4 @@
     baseurl: https://artifacts.elastic.co/packages/6.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
+  changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 94cd5765..da6d7178 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -7,6 +7,8 @@
 
 - name: Install Filebeat.
   package: name=filebeat state=present
+  register: filebeat_installing_package
+  until: filebeat_installing_package is succeeded
   tags:
     - install
 
@@ -20,6 +22,7 @@
     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
+    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
 - name: Ensure Filebeat is started and enabled at boot.
   service:

From bfc3d4e4e1ef7aa831cf9dbe0f98c9b75503af80 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Tue, 21 May 2019 21:05:44 +0200
Subject: [PATCH 108/714] Bump version

---
 CHANGELOG.md                                                | 6 ++++++
 VERSION                                                     | 4 ++--
 molecule/default/tests/test_default.py                      | 2 +-
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ++--
 roles/elastic-stack/ansible-logstash/defaults/main.yml      | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 2 +-
 7 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f8fae5c3..d63d2782 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.9.1]
+
+### Added 
+
+- Update to Wazuh v3.8.1
+- Support for ELK v6.8.0
 
 ## [v3.9.0]
 
diff --git a/VERSION b/VERSION
index 53f0359c..36af7bee 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.9.0"
-REVISION="3900"
+WAZUH-ANSIBLE_VERSION="v3.9.1"
+REVISION="3901"
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 9cfab500..27ee3238 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9"
+    return "3.9.1"
 
 
 def test_wazuh_packages_are_installed(host):
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 4103bca6..e03f7557 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 6.7.1
+elastic_stack_version: 6.8.0
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: true
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index c2779fe8..c9842e7f 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -3,5 +3,5 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 6.7.1
-wazuh_version: 3.9.0
+elastic_stack_version: 6.8.0
+wazuh_version: 3.9.1
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index a83f68cc..31012c04 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -9,7 +9,7 @@ elasticsearch_network_host: ["Localhost"]
 elasticsearch_http_port: "9200"
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
-elastic_stack_version: 6.7.1
+elastic_stack_version: 6.8.0
 
 logstash_ssl: false
 logstash_ssl_dir: /etc/pki/logstash
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index baeb6f25..28ab6d7c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -23,7 +23,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.9.0'
+  version: '3.9.1'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 43936e7bc7eb51bd186f47dac4a6f477

From faea27f7a1aaf2ee4c0470658a9cac4fc17ea065 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Tue, 21 May 2019 21:18:55 +0200
Subject: [PATCH 109/714] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d63d2782..b99b1000 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 
 ### Added 
 
-- Update to Wazuh v3.8.1
+- Update to Wazuh v3.9.1
 - Support for ELK v6.8.0
 
 ## [v3.9.0]

From 227ccd0398f6a034b5c4acdc68d4e050c5154c3a Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manuel.jimenez@wazuh.com>
Date: Tue, 28 May 2019 12:05:59 +0200
Subject: [PATCH 110/714] Delete Pipfile.lock

Due to vulnerabilities in several dependencies
---
 Pipfile.lock | 698 ---------------------------------------------------
 1 file changed, 698 deletions(-)
 delete mode 100644 Pipfile.lock

diff --git a/Pipfile.lock b/Pipfile.lock
deleted file mode 100644
index 1df7c847..00000000
--- a/Pipfile.lock
+++ /dev/null
@@ -1,698 +0,0 @@
-{
-    "_meta": {
-        "hash": {
-            "sha256": "2d9ee042a6e26f8aee145bcef372b8817aed4bcfa95fc5b518ae0b7b4e8a2a8d"
-        },
-        "pipfile-spec": 6,
-        "requires": {
-            "python_version": "2.7"
-        },
-        "sources": [
-            {
-                "name": "pypi",
-                "url": "https://pypi.org/simple",
-                "verify_ssl": true
-            }
-        ]
-    },
-    "default": {
-        "ansible": {
-            "hashes": [
-                "sha256:84a42d1e371c4222c82e575cb6961fafd3afe920d84e4b6d87affabe400be294"
-            ],
-            "index": "pypi",
-            "version": "==2.7.10"
-        },
-        "ansible-lint": {
-            "hashes": [
-                "sha256:9430ea6e654ba4bf5b9c6921efc040f46cda9c4fd2896a99ff71d21037bcb123",
-                "sha256:c1b442b01091eca13ef11d98c3376e9489ba5b69a8467828ca86044f384bc0a1"
-            ],
-            "version": "==4.1.0"
-        },
-        "anyconfig": {
-            "hashes": [
-                "sha256:4d6016ae6eecc5e502bc7e99ae0639c5710c5c67bde5f21b06b9eaafd9ce0e7e"
-            ],
-            "version": "==0.9.7"
-        },
-        "arrow": {
-            "hashes": [
-                "sha256:3397e5448952e18e1295bf047014659effa5ae8da6a5371d37ff0ddc46fa6872",
-                "sha256:6f54d9f016c0b7811fac9fb8c2c7fa7421d80c54dbdd75ffb12913c55db60b8a"
-            ],
-            "version": "==0.13.1"
-        },
-        "asn1crypto": {
-            "hashes": [
-                "sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87",
-                "sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49"
-            ],
-            "version": "==0.24.0"
-        },
-        "atomicwrites": {
-            "hashes": [
-                "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4",
-                "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6"
-            ],
-            "version": "==1.3.0"
-        },
-        "attrs": {
-            "hashes": [
-                "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79",
-                "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399"
-            ],
-            "version": "==19.1.0"
-        },
-        "backports.functools-lru-cache": {
-            "hashes": [
-                "sha256:9d98697f088eb1b0fa451391f91afb5e3ebde16bbdb272819fd091151fda4f1a",
-                "sha256:f0b0e4eba956de51238e17573b7087e852dfe9854afd2e9c873f73fc0ca0a6dd"
-            ],
-            "markers": "python_version == '2.7'",
-            "version": "==1.5"
-        },
-        "backports.ssl-match-hostname": {
-            "hashes": [
-                "sha256:bb82e60f9fbf4c080eabd957c39f0641f0fc247d9a16e31e26d594d8f42b9fd2"
-            ],
-            "markers": "python_version < '3.5'",
-            "version": "==3.7.0.1"
-        },
-        "bcrypt": {
-            "hashes": [
-                "sha256:0ba875eb67b011add6d8c5b76afbd92166e98b1f1efab9433d5dc0fafc76e203",
-                "sha256:21ed446054c93e209434148ef0b362432bb82bbdaf7beef70a32c221f3e33d1c",
-                "sha256:28a0459381a8021f57230954b9e9a65bb5e3d569d2c253c5cac6cb181d71cf23",
-                "sha256:2aed3091eb6f51c26b7c2fad08d6620d1c35839e7a362f706015b41bd991125e",
-                "sha256:2fa5d1e438958ea90eaedbf8082c2ceb1a684b4f6c75a3800c6ec1e18ebef96f",
-                "sha256:3a73f45484e9874252002793518da060fb11eaa76c30713faa12115db17d1430",
-                "sha256:3e489787638a36bb466cd66780e15715494b6d6905ffdbaede94440d6d8e7dba",
-                "sha256:44636759d222baa62806bbceb20e96f75a015a6381690d1bc2eda91c01ec02ea",
-                "sha256:678c21b2fecaa72a1eded0cf12351b153615520637efcadc09ecf81b871f1596",
-                "sha256:75460c2c3786977ea9768d6c9d8957ba31b5fbeb0aae67a5c0e96aab4155f18c",
-                "sha256:8ac06fb3e6aacb0a95b56eba735c0b64df49651c6ceb1ad1cf01ba75070d567f",
-                "sha256:8fdced50a8b646fff8fa0e4b1c5fd940ecc844b43d1da5a980cb07f2d1b1132f",
-                "sha256:9b2c5b640a2da533b0ab5f148d87fb9989bf9bcb2e61eea6a729102a6d36aef9",
-                "sha256:a9083e7fa9adb1a4de5ac15f9097eb15b04e2c8f97618f1b881af40abce382e1",
-                "sha256:b7e3948b8b1a81c5a99d41da5fb2dc03ddb93b5f96fcd3fd27e643f91efa33e1",
-                "sha256:b998b8ca979d906085f6a5d84f7b5459e5e94a13fc27c28a3514437013b6c2f6",
-                "sha256:dd08c50bc6f7be69cd7ba0769acca28c846ec46b7a8ddc2acf4b9ac6f8a7457e",
-                "sha256:de5badee458544ab8125e63e39afeedfcf3aef6a6e2282ac159c95ae7472d773",
-                "sha256:ede2a87333d24f55a4a7338a6ccdccf3eaa9bed081d1737e0db4dbd1a4f7e6b6"
-            ],
-            "version": "==3.1.6"
-        },
-        "binaryornot": {
-            "hashes": [
-                "sha256:359501dfc9d40632edc9fac890e19542db1a287bbcfa58175b66658392018061",
-                "sha256:b8b71173c917bddcd2c16070412e369c3ed7f0528926f70cac18a6c97fd563e4"
-            ],
-            "version": "==0.4.4"
-        },
-        "cerberus": {
-            "hashes": [
-                "sha256:f5c2e048fb15ecb3c088d192164316093fcfa602a74b3386eefb2983aa7e800a"
-            ],
-            "version": "==1.2"
-        },
-        "certifi": {
-            "hashes": [
-                "sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5",
-                "sha256:b26104d6835d1f5e49452a26eb2ff87fe7090b89dfcaee5ea2212697e1e1d7ae"
-            ],
-            "version": "==2019.3.9"
-        },
-        "cffi": {
-            "hashes": [
-                "sha256:00b97afa72c233495560a0793cdc86c2571721b4271c0667addc83c417f3d90f",
-                "sha256:0ba1b0c90f2124459f6966a10c03794082a2f3985cd699d7d63c4a8dae113e11",
-                "sha256:0bffb69da295a4fc3349f2ec7cbe16b8ba057b0a593a92cbe8396e535244ee9d",
-                "sha256:21469a2b1082088d11ccd79dd84157ba42d940064abbfa59cf5f024c19cf4891",
-                "sha256:2e4812f7fa984bf1ab253a40f1f4391b604f7fc424a3e21f7de542a7f8f7aedf",
-                "sha256:2eac2cdd07b9049dd4e68449b90d3ef1adc7c759463af5beb53a84f1db62e36c",
-                "sha256:2f9089979d7456c74d21303c7851f158833d48fb265876923edcb2d0194104ed",
-                "sha256:3dd13feff00bddb0bd2d650cdb7338f815c1789a91a6f68fdc00e5c5ed40329b",
-                "sha256:4065c32b52f4b142f417af6f33a5024edc1336aa845b9d5a8d86071f6fcaac5a",
-                "sha256:51a4ba1256e9003a3acf508e3b4f4661bebd015b8180cc31849da222426ef585",
-                "sha256:59888faac06403767c0cf8cfb3f4a777b2939b1fbd9f729299b5384f097f05ea",
-                "sha256:59c87886640574d8b14910840327f5cd15954e26ed0bbd4e7cef95fa5aef218f",
-                "sha256:610fc7d6db6c56a244c2701575f6851461753c60f73f2de89c79bbf1cc807f33",
-                "sha256:70aeadeecb281ea901bf4230c6222af0248c41044d6f57401a614ea59d96d145",
-                "sha256:71e1296d5e66c59cd2c0f2d72dc476d42afe02aeddc833d8e05630a0551dad7a",
-                "sha256:8fc7a49b440ea752cfdf1d51a586fd08d395ff7a5d555dc69e84b1939f7ddee3",
-                "sha256:9b5c2afd2d6e3771d516045a6cfa11a8da9a60e3d128746a7fe9ab36dfe7221f",
-                "sha256:9c759051ebcb244d9d55ee791259ddd158188d15adee3c152502d3b69005e6bd",
-                "sha256:b4d1011fec5ec12aa7cc10c05a2f2f12dfa0adfe958e56ae38dc140614035804",
-                "sha256:b4f1d6332339ecc61275bebd1f7b674098a66fea11a00c84d1c58851e618dc0d",
-                "sha256:c030cda3dc8e62b814831faa4eb93dd9a46498af8cd1d5c178c2de856972fd92",
-                "sha256:c2e1f2012e56d61390c0e668c20c4fb0ae667c44d6f6a2eeea5d7148dcd3df9f",
-                "sha256:c37c77d6562074452120fc6c02ad86ec928f5710fbc435a181d69334b4de1d84",
-                "sha256:c8149780c60f8fd02752d0429246088c6c04e234b895c4a42e1ea9b4de8d27fb",
-                "sha256:cbeeef1dc3c4299bd746b774f019de9e4672f7cc666c777cd5b409f0b746dac7",
-                "sha256:e113878a446c6228669144ae8a56e268c91b7f1fafae927adc4879d9849e0ea7",
-                "sha256:e21162bf941b85c0cda08224dade5def9360f53b09f9f259adb85fc7dd0e7b35",
-                "sha256:fb6934ef4744becbda3143d30c6604718871495a5e36c408431bf33d9c146889"
-            ],
-            "version": "==1.12.2"
-        },
-        "chardet": {
-            "hashes": [
-                "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae",
-                "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"
-            ],
-            "version": "==3.0.4"
-        },
-        "click": {
-            "hashes": [
-                "sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
-                "sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b"
-            ],
-            "version": "==6.7"
-        },
-        "click-completion": {
-            "hashes": [
-                "sha256:7ca12978493a7450486cef155845af4fae48744c3f97b7250a254de65c9e5e5a"
-            ],
-            "version": "==0.3.1"
-        },
-        "colorama": {
-            "hashes": [
-                "sha256:463f8483208e921368c9f306094eb6f725c6ca42b0f97e313cb5d5512459feda",
-                "sha256:48eb22f4f8461b1df5734a074b57042430fb06e1d61bd1e11b078c0fe6d7a1f1"
-            ],
-            "version": "==0.3.9"
-        },
-        "configparser": {
-            "hashes": [
-                "sha256:8be81d89d6e7b4c0d4e44bcc525845f6da25821de80cb5e06e7e0238a2899e32",
-                "sha256:da60d0014fd8c55eb48c1c5354352e363e2d30bbf7057e5e171a468390184c75"
-            ],
-            "markers": "python_version < '3.2'",
-            "version": "==3.7.4"
-        },
-        "cookiecutter": {
-            "hashes": [
-                "sha256:1316a52e1c1f08db0c9efbf7d876dbc01463a74b155a0d83e722be88beda9a3e",
-                "sha256:ed8f54a8fc79b6864020d773ce11539b5f08e4617f353de1f22d23226f6a0d36"
-            ],
-            "version": "==1.6.0"
-        },
-        "cryptography": {
-            "hashes": [
-                "sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1",
-                "sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705",
-                "sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6",
-                "sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1",
-                "sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8",
-                "sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151",
-                "sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d",
-                "sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659",
-                "sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537",
-                "sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e",
-                "sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb",
-                "sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c",
-                "sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9",
-                "sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5",
-                "sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad",
-                "sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a",
-                "sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460",
-                "sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd",
-                "sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6"
-            ],
-            "version": "==2.6.1"
-        },
-        "docker-py": {
-            "hashes": [
-                "sha256:35b506e95861914fa5ad57a6707e3217b4082843b883be246190f57013948aba",
-                "sha256:4c2a75875764d38d67f87bc7d03f7443a3895704efc57962bdf6500b8d4bc415"
-            ],
-            "index": "pypi",
-            "version": "==1.10.6"
-        },
-        "docker-pycreds": {
-            "hashes": [
-                "sha256:6ce3270bcaf404cc4c3e27e4b6c70d3521deae82fb508767870fdbf772d584d4",
-                "sha256:7266112468627868005106ec19cd0d722702d2b7d5912a28e19b826c3d37af49"
-            ],
-            "version": "==0.4.0"
-        },
-        "entrypoints": {
-            "hashes": [
-                "sha256:589f874b313739ad35be6e0cd7efde2a4e9b6fea91edcc34e58ecbb8dbe56d19",
-                "sha256:c70dd71abe5a8c85e55e12c19bd91ccfeec11a6e99044204511f9ed547d48451"
-            ],
-            "version": "==0.3"
-        },
-        "enum34": {
-            "hashes": [
-                "sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850",
-                "sha256:644837f692e5f550741432dd3f223bbb9852018674981b1664e5dc339387588a",
-                "sha256:6bd0f6ad48ec2aa117d3d141940d484deccda84d4fcd884f5c3d93c23ecd8c79",
-                "sha256:8ad8c4783bf61ded74527bffb48ed9b54166685e4230386a9ed9b1279e2df5b1"
-            ],
-            "markers": "python_version < '3.4'",
-            "version": "==1.1.6"
-        },
-        "fasteners": {
-            "hashes": [
-                "sha256:427c76773fe036ddfa41e57d89086ea03111bbac57c55fc55f3006d027107e18",
-                "sha256:564a115ff9698767df401efca29620cbb1a1c2146b7095ebd304b79cc5807a7c"
-            ],
-            "version": "==0.14.1"
-        },
-        "flake8": {
-            "hashes": [
-                "sha256:859996073f341f2670741b51ec1e67a01da142831aa1fdc6242dbf88dffbe661",
-                "sha256:a796a115208f5c03b18f332f7c11729812c8c3ded6c46319c59b53efd3819da8"
-            ],
-            "version": "==3.7.7"
-        },
-        "funcsigs": {
-            "hashes": [
-                "sha256:330cc27ccbf7f1e992e69fef78261dc7c6569012cf397db8d3de0234e6c937ca",
-                "sha256:a7bb0f2cf3a3fd1ab2732cb49eba4252c2af4240442415b4abce3b87022a8f50"
-            ],
-            "markers": "python_version < '3.0'",
-            "version": "==1.0.2"
-        },
-        "functools32": {
-            "hashes": [
-                "sha256:89d824aa6c358c421a234d7f9ee0bd75933a67c29588ce50aaa3acdf4d403fa0",
-                "sha256:f6253dfbe0538ad2e387bd8fdfd9293c925d63553f5813c4e587745416501e6d"
-            ],
-            "markers": "python_version < '3.2'",
-            "version": "==3.2.3.post2"
-        },
-        "future": {
-            "hashes": [
-                "sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8"
-            ],
-            "version": "==0.17.1"
-        },
-        "git-url-parse": {
-            "hashes": [
-                "sha256:4655ee22f1d8bf7a1eb1066c1da16529b186966c6d8331f7f55686a76a9f7aef",
-                "sha256:7b5f4e3aeb1d693afeee67a3bd4ac063f7206c2e8e46e559f0da0da98445f117",
-                "sha256:9353ff40d69488ff2299b27f40e0350ad87bd5348ea6ea09a1895eda9e5733de"
-            ],
-            "version": "==1.2.2"
-        },
-        "idna": {
-            "hashes": [
-                "sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e",
-                "sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16"
-            ],
-            "version": "==2.7"
-        },
-        "ipaddress": {
-            "hashes": [
-                "sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794",
-                "sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c"
-            ],
-            "markers": "python_version < '3'",
-            "version": "==1.0.22"
-        },
-        "jinja2": {
-            "hashes": [
-                "sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd",
-                "sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4"
-            ],
-            "version": "==2.10"
-        },
-        "jinja2-time": {
-            "hashes": [
-                "sha256:d14eaa4d315e7688daa4969f616f226614350c48730bfa1692d2caebd8c90d40",
-                "sha256:d3eab6605e3ec8b7a0863df09cc1d23714908fa61aa6986a845c20ba488b4efa"
-            ],
-            "version": "==0.2.0"
-        },
-        "markupsafe": {
-            "hashes": [
-                "sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473",
-                "sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161",
-                "sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235",
-                "sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5",
-                "sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff",
-                "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b",
-                "sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1",
-                "sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e",
-                "sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183",
-                "sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66",
-                "sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1",
-                "sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1",
-                "sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e",
-                "sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b",
-                "sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905",
-                "sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735",
-                "sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d",
-                "sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e",
-                "sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d",
-                "sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c",
-                "sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21",
-                "sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2",
-                "sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5",
-                "sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b",
-                "sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6",
-                "sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f",
-                "sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f",
-                "sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7"
-            ],
-            "version": "==1.1.1"
-        },
-        "mccabe": {
-            "hashes": [
-                "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42",
-                "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
-            ],
-            "version": "==0.6.1"
-        },
-        "molecule": {
-            "hashes": [
-                "sha256:0e9ef6845cdf2a01f6c386445e4e54add3f515a033ee16b7b658e6122c8f0d76",
-                "sha256:621797c54299775f284bbb010d5bb9be485500eecaaa14a476cbc0df285d0da7"
-            ],
-            "index": "pypi",
-            "version": "==2.20.1"
-        },
-        "monotonic": {
-            "hashes": [
-                "sha256:23953d55076df038541e648a53676fb24980f7a1be290cdda21300b3bc21dfb0",
-                "sha256:552a91f381532e33cbd07c6a2655a21908088962bb8fa7239ecbcc6ad1140cc7"
-            ],
-            "version": "==1.5"
-        },
-        "more-itertools": {
-            "hashes": [
-                "sha256:38a936c0a6d98a38bcc2d03fdaaedaba9f412879461dd2ceff8d37564d6522e4",
-                "sha256:c0a5785b1109a6bd7fac76d6837fd1feca158e54e521ccd2ae8bfe393cc9d4fc",
-                "sha256:fe7a7cae1ccb57d33952113ff4fa1bc5f879963600ed74918f1236e212ee50b9"
-            ],
-            "markers": "python_version <= '2.7'",
-            "version": "==5.0.0"
-        },
-        "paramiko": {
-            "hashes": [
-                "sha256:3c16b2bfb4c0d810b24c40155dbfd113c0521e7e6ee593d704e84b4c658a1f3b",
-                "sha256:a8975a7df3560c9f1e2b43dc54ebd40fd00a7017392ca5445ce7df409f900fcb"
-            ],
-            "version": "==2.4.2"
-        },
-        "pathlib2": {
-            "hashes": [
-                "sha256:25199318e8cc3c25dcb45cbe084cc061051336d5a9ea2a12448d3d8cb748f742",
-                "sha256:5887121d7f7df3603bca2f710e7219f3eca0eb69e0b7cc6e0a022e155ac931a7"
-            ],
-            "markers": "python_version < '3.6'",
-            "version": "==2.3.3"
-        },
-        "pathspec": {
-            "hashes": [
-                "sha256:54a5eab895d89f342b52ba2bffe70930ef9f8d96e398cccf530d21fa0516a873"
-            ],
-            "version": "==0.5.9"
-        },
-        "pbr": {
-            "hashes": [
-                "sha256:f59d71442f9ece3dffc17bc36575768e1ee9967756e6b6535f0ee1f0054c3d68",
-                "sha256:f6d5b23f226a2ba58e14e49aa3b1bfaf814d0199144b95d78458212444de1387"
-            ],
-            "version": "==5.1.1"
-        },
-        "pexpect": {
-            "hashes": [
-                "sha256:2a8e88259839571d1251d278476f3eec5db26deb73a70be5ed5dc5435e418aba",
-                "sha256:3fbd41d4caf27fa4a377bfd16fef87271099463e6fa73e92a52f92dfee5d425b"
-            ],
-            "version": "==4.6.0"
-        },
-        "pluggy": {
-            "hashes": [
-                "sha256:19ecf9ce9db2fce065a7a0586e07cfb4ac8614fe96edf628a264b1c70116cf8f",
-                "sha256:84d306a647cc805219916e62aab89caa97a33a1dd8c342e87a37f91073cd4746"
-            ],
-            "version": "==0.9.0"
-        },
-        "poyo": {
-            "hashes": [
-                "sha256:c34a5413191210ed564640510e9c4a4ba3b698746d6b454d46eb5bfb30edcd1d",
-                "sha256:d1c317054145a6b1ca0608b5e676b943ddc3bfd671f886a2fe09288b98221edb"
-            ],
-            "version": "==0.4.2"
-        },
-        "psutil": {
-            "hashes": [
-                "sha256:0ff2b16e9045d01edb1dd10d7fbcc184012e37f6cd38029e959f2be9c6223f50",
-                "sha256:254adb6a27c888f141d2a6032ae231d8ed4fc5f7583b4c825e5f7d7c78d26d2e",
-                "sha256:319e12f6bae4d4d988fbff3bed792953fa3b44c791f085b0a1a230f755671ef7",
-                "sha256:529ae235896efb99a6f77653a7138273ab701ec9f0343a1f5030945108dee3c4",
-                "sha256:686e5a35fe4c0acc25f3466c32e716f2d498aaae7b7edc03e2305b682226bcf6",
-                "sha256:6d981b4d863b20c8ceed98b8ac3d1ca7f96d28707a80845d360fa69c8fc2c44b",
-                "sha256:7789885a72aa3075d28d028236eb3f2b84d908f81d38ad41769a6ddc2fd81b7c",
-                "sha256:7f4616bcb44a6afda930cfc40215e5e9fa7c6896e683b287c771c937712fbe2f",
-                "sha256:7fdb3d02bfd68f508e6745021311a4a4dbfec53fca03721474e985f310e249ba",
-                "sha256:a9b85b335b40a528a8e2a6b549592138de8429c6296e7361892958956e6a73cf",
-                "sha256:dc85fad15ef98103ecc047a0d81b55bbf5fe1b03313b96e883acc2e2fa87ed5c"
-            ],
-            "version": "==5.4.6"
-        },
-        "ptyprocess": {
-            "hashes": [
-                "sha256:923f299cc5ad920c68f2bc0bc98b75b9f838b93b599941a6b63ddbc2476394c0",
-                "sha256:d7cc528d76e76342423ca640335bd3633420dc1366f258cb31d05e865ef5ca1f"
-            ],
-            "version": "==0.6.0"
-        },
-        "py": {
-            "hashes": [
-                "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa",
-                "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53"
-            ],
-            "version": "==1.8.0"
-        },
-        "pyasn1": {
-            "hashes": [
-                "sha256:da2420fe13a9452d8ae97a0e478adde1dee153b11ba832a95b223a2ba01c10f7",
-                "sha256:da6b43a8c9ae93bc80e2739efb38cc776ba74a886e3e9318d65fe81a8b8a2c6e"
-            ],
-            "version": "==0.4.5"
-        },
-        "pycodestyle": {
-            "hashes": [
-                "sha256:95a2219d12372f05704562a14ec30bc76b05a5b297b21a5dfe3f6fac3491ae56",
-                "sha256:e40a936c9a450ad81df37f549d676d127b1b66000a6c500caa2b085bc0ca976c"
-            ],
-            "version": "==2.5.0"
-        },
-        "pycparser": {
-            "hashes": [
-                "sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3"
-            ],
-            "version": "==2.19"
-        },
-        "pyflakes": {
-            "hashes": [
-                "sha256:17dbeb2e3f4d772725c777fabc446d5634d1038f234e77343108ce445ea69ce0",
-                "sha256:d976835886f8c5b31d47970ed689944a0262b5f3afa00a5a7b4dc81e5449f8a2"
-            ],
-            "version": "==2.1.1"
-        },
-        "pynacl": {
-            "hashes": [
-                "sha256:05c26f93964373fc0abe332676cb6735f0ecad27711035b9472751faa8521255",
-                "sha256:0c6100edd16fefd1557da078c7a31e7b7d7a52ce39fdca2bec29d4f7b6e7600c",
-                "sha256:0d0a8171a68edf51add1e73d2159c4bc19fc0718e79dec51166e940856c2f28e",
-                "sha256:1c780712b206317a746ace34c209b8c29dbfd841dfbc02aa27f2084dd3db77ae",
-                "sha256:2424c8b9f41aa65bbdbd7a64e73a7450ebb4aa9ddedc6a081e7afcc4c97f7621",
-                "sha256:2d23c04e8d709444220557ae48ed01f3f1086439f12dbf11976e849a4926db56",
-                "sha256:30f36a9c70450c7878053fa1344aca0145fd47d845270b43a7ee9192a051bf39",
-                "sha256:37aa336a317209f1bb099ad177fef0da45be36a2aa664507c5d72015f956c310",
-                "sha256:4943decfc5b905748f0756fdd99d4f9498d7064815c4cf3643820c9028b711d1",
-                "sha256:57ef38a65056e7800859e5ba9e6091053cd06e1038983016effaffe0efcd594a",
-                "sha256:5bd61e9b44c543016ce1f6aef48606280e45f892a928ca7068fba30021e9b786",
-                "sha256:6482d3017a0c0327a49dddc8bd1074cc730d45db2ccb09c3bac1f8f32d1eb61b",
-                "sha256:7d3ce02c0784b7cbcc771a2da6ea51f87e8716004512493a2b69016326301c3b",
-                "sha256:a14e499c0f5955dcc3991f785f3f8e2130ed504fa3a7f44009ff458ad6bdd17f",
-                "sha256:a39f54ccbcd2757d1d63b0ec00a00980c0b382c62865b61a505163943624ab20",
-                "sha256:aabb0c5232910a20eec8563503c153a8e78bbf5459490c49ab31f6adf3f3a415",
-                "sha256:bd4ecb473a96ad0f90c20acba4f0bf0df91a4e03a1f4dd6a4bdc9ca75aa3a715",
-                "sha256:e2da3c13307eac601f3de04887624939aca8ee3c9488a0bb0eca4fb9401fc6b1",
-                "sha256:f67814c38162f4deb31f68d590771a29d5ae3b1bd64b75cf232308e5c74777e0"
-            ],
-            "version": "==1.3.0"
-        },
-        "pytest": {
-            "hashes": [
-                "sha256:3773f4c235918987d51daf1db66d51c99fac654c81d6f2f709a046ab446d5e5d",
-                "sha256:b7802283b70ca24d7119b32915efa7c409982f59913c1a6c0640aacf118b95f5"
-            ],
-            "version": "==4.4.1"
-        },
-        "python-dateutil": {
-            "hashes": [
-                "sha256:7e6584c74aeed623791615e26efd690f29817a27c73085b78e4bad02493df2fb",
-                "sha256:c89805f6f4d64db21ed966fda138f8a5ed7a4fdbc1a8ee329ce1b74e3c74da9e"
-            ],
-            "version": "==2.8.0"
-        },
-        "python-gilt": {
-            "hashes": [
-                "sha256:4fd58c128635d1f4a8c93305e648f23379ce56e23624e4c5479427fcd2d5656e",
-                "sha256:c7321ef1a8efddbdef657b4fd21c3eaf1b4cb24a9656d97b73a444b1feb2067a",
-                "sha256:e23a45a6905e6bb7aec3ff7652b48309933a6991fad4546d9e793ac7e0513f8a"
-            ],
-            "version": "==1.2.1"
-        },
-        "pyyaml": {
-            "hashes": [
-                "sha256:3d7da3009c0f3e783b2c873687652d83b1bbfd5c88e9813fb7e5b03c0dd3108b",
-                "sha256:3ef3092145e9b70e3ddd2c7ad59bdd0252a94dfe3949721633e41344de00a6bf",
-                "sha256:40c71b8e076d0550b2e6380bada1f1cd1017b882f7e16f09a65be98e017f211a",
-                "sha256:558dd60b890ba8fd982e05941927a3911dc409a63dcb8b634feaa0cda69330d3",
-                "sha256:a7c28b45d9f99102fa092bb213aa12e0aaf9a6a1f5e395d36166639c1f96c3a1",
-                "sha256:aa7dd4a6a427aed7df6fb7f08a580d68d9b118d90310374716ae90b710280af1",
-                "sha256:bc558586e6045763782014934bfaf39d48b8ae85a2713117d16c39864085c613",
-                "sha256:d46d7982b62e0729ad0175a9bc7e10a566fc07b224d2c79fafb5e032727eaa04",
-                "sha256:d5eef459e30b09f5a098b9cea68bebfeb268697f78d647bd255a085371ac7f3f",
-                "sha256:e01d3203230e1786cd91ccfdc8f8454c8069c91bee3962ad93b87a4b2860f537",
-                "sha256:e170a9e6fcfd19021dd29845af83bb79236068bf5fd4df3327c1be18182b2531"
-            ],
-            "version": "==3.13"
-        },
-        "requests": {
-            "hashes": [
-                "sha256:502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e",
-                "sha256:7bf2a778576d825600030a110f3c0e3e8edc51dfaafe1c146e39a2027784957b"
-            ],
-            "version": "==2.21.0"
-        },
-        "ruamel.ordereddict": {
-            "hashes": [
-                "sha256:08b4b19fe518d32251a5338e039c4dc9eb0876f2919f94c9b8d2f9446ea80806",
-                "sha256:150ce8e6c514a2a2b62753622a75874962561f8e5eeec81a3172ab952807bf0b",
-                "sha256:45541836cbfdde630033cae7bbbe35acbac87a0ceec79f944b7a3bedd940fe78",
-                "sha256:854dd4a524811b16111b1107d8a751e4ca064d2bb103d3d91deab75de36b6620",
-                "sha256:aee2fa23e884249b4284b728888c553d551e5bfd4de2731f10153fd7813ec55f",
-                "sha256:bf0a198c8ce5d973c24e5dba12d3abc254996788ca6ad8448eabc6aa710db149"
-            ],
-            "markers": "platform_python_implementation == 'CPython' and python_version <= '2.7'",
-            "version": "==0.4.13"
-        },
-        "ruamel.yaml": {
-            "hashes": [
-                "sha256:09ed5b07bfd09592dd265dc0f645b3e96e6c69de59ac1cd5b6dbcb8a243a28ee",
-                "sha256:10c194ef72f7419dd2fde7b35746c1e4bdaf80911e07c33eff3aedc1a89d574a",
-                "sha256:10e49c1b9ba35a9682fb3afffe52c2a1383e442bf05938dd87d30db252ce2e0b",
-                "sha256:1ca24a5ce2d2e61e6c504cbbbb24ece78127c79af87e8fe3175bb58c048f986d",
-                "sha256:272ade6dd5c27fdf2b917a497ee2bad1b11f41ad6f3f646a16a21b3ad78c2626",
-                "sha256:4be750a41289528e446d075b048e8cd06ea6a6779c2ef77f7b87ad3c567117d7",
-                "sha256:4d5c331e8a0e4423535e9dfecc6ea8f0ec4360b524b103f46432021cb9698d2e",
-                "sha256:69af34d4034659774e45d9f077e6f930d2c41c38ac721d5e7cb88b7629be446d",
-                "sha256:70229ffbd67a5171fc6aef24c32caa65042834bf6e8d0b3116d4046920a20be9",
-                "sha256:70a88e6ae131789e2fbe3816450a10c057b21ae93c875f717435fe2cea5fdcf3",
-                "sha256:89609fd5696cc82265877cdde3505242ebd2b262fb87a86e46d370fad5ff4111",
-                "sha256:92ff5ed79f5a98e3a57c741d238afa2846f2cae87d6385eebb93d0dcd6caf5b4",
-                "sha256:9f1323e7f6d25c8fba5fee5809a22f31805976978c7316a7d08ecdda0c22d6f0",
-                "sha256:af76d3350062124d8488b31c8dff9664a6a4934a71efb8af35d5c346632a765c",
-                "sha256:bf6931ac24676189ce061485a42e4ad36d158672dfde2bf7ba953b0edc8ee40b",
-                "sha256:c6d05e38a141922eca7902135e7a40b605763d6da8ec6624517370631ce9fb6d",
-                "sha256:dc4237c27602ceb8ff060e0172da2f6a7e759008dba592f58b8fae0003cf0a57",
-                "sha256:dfa4948d1a2ea577e53f05e9de7396db7cddba286f2827e7177d249fc7303681",
-                "sha256:e287e894dde92fc8555ad767e240d3e604a9e25afc02eeee35e21f0d25e152b8",
-                "sha256:e56b6f687a5361bcdab3dbc776cbdeff623a976760afeadc725129e53cf13092",
-                "sha256:ecaf924ab269c8ea4006792710d93ff5d900f99a81fb74a8040b0eeff3571baf",
-                "sha256:f624dd645ed2f342015a8b9149691feaac532f26b77fd206df2d724ebf82bd14"
-            ],
-            "version": "==0.15.92"
-        },
-        "scandir": {
-            "hashes": [
-                "sha256:2586c94e907d99617887daed6c1d102b5ca28f1085f90446554abf1faf73123e",
-                "sha256:2ae41f43797ca0c11591c0c35f2f5875fa99f8797cb1a1fd440497ec0ae4b022",
-                "sha256:2b8e3888b11abb2217a32af0766bc06b65cc4a928d8727828ee68af5a967fa6f",
-                "sha256:2c712840c2e2ee8dfaf36034080108d30060d759c7b73a01a52251cc8989f11f",
-                "sha256:4d4631f6062e658e9007ab3149a9b914f3548cb38bfb021c64f39a025ce578ae",
-                "sha256:67f15b6f83e6507fdc6fca22fedf6ef8b334b399ca27c6b568cbfaa82a364173",
-                "sha256:7d2d7a06a252764061a020407b997dd036f7bd6a175a5ba2b345f0a357f0b3f4",
-                "sha256:8c5922863e44ffc00c5c693190648daa6d15e7c1207ed02d6f46a8dcc2869d32",
-                "sha256:92c85ac42f41ffdc35b6da57ed991575bdbe69db895507af88b9f499b701c188",
-                "sha256:b24086f2375c4a094a6b51e78b4cf7ca16c721dcee2eddd7aa6494b42d6d519d",
-                "sha256:cb925555f43060a1745d0a321cca94bcea927c50114b623d73179189a4e100ac"
-            ],
-            "markers": "python_version < '3.5'",
-            "version": "==1.10.0"
-        },
-        "sh": {
-            "hashes": [
-                "sha256:ae3258c5249493cebe73cb4e18253a41ed69262484bad36fdb3efcb8ad8870bb",
-                "sha256:b52bf5833ed01c7b5c5fb73a7f71b3d98d48e9b9b8764236237bdc7ecae850fc"
-            ],
-            "version": "==1.12.14"
-        },
-        "six": {
-            "hashes": [
-                "sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
-                "sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb"
-            ],
-            "version": "==1.11.0"
-        },
-        "tabulate": {
-            "hashes": [
-                "sha256:e4ca13f26d0a6be2a2915428dc21e732f1e44dad7f76d7030b2ef1ec251cf7f2"
-            ],
-            "version": "==0.8.2"
-        },
-        "testinfra": {
-            "hashes": [
-                "sha256:8dbbf25039674d419598f576c5652947cebdf7cbbea8f23acacc80271009c6cb",
-                "sha256:d13dda899d5a051465f041a821363e2ebdd079391fbeae04089a2df7d35e3d54"
-            ],
-            "version": "==1.19.0"
-        },
-        "tree-format": {
-            "hashes": [
-                "sha256:a538523aa78ae7a4b10003b04f3e1b37708e0e089d99c9d3b9e1c71384c9a7f9",
-                "sha256:b5056228dbedde1fb81b79f71fb0c23c98e9d365230df9b29af76e8d8003de11"
-            ],
-            "version": "==0.1.2"
-        },
-        "typing": {
-            "hashes": [
-                "sha256:4027c5f6127a6267a435201981ba156de91ad0d1d98e9ddc2aa173453453492d",
-                "sha256:57dcf675a99b74d64dacf6fba08fb17cf7e3d5fdff53d4a30ea2a5e7e52543d4",
-                "sha256:a4c8473ce11a65999c8f59cb093e70686b6c84c98df58c1dae9b3b196089858a"
-            ],
-            "markers": "python_version < '3.5'",
-            "version": "==3.6.6"
-        },
-        "urllib3": {
-            "hashes": [
-                "sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39",
-                "sha256:de9529817c93f27c8ccbfead6985011db27bd0ddfcdb2d86f3f663385c6a9c22"
-            ],
-            "version": "==1.24.1"
-        },
-        "websocket-client": {
-            "hashes": [
-                "sha256:1151d5fb3a62dc129164292e1227655e4bbc5dd5340a5165dfae61128ec50aa9",
-                "sha256:1fd5520878b68b84b5748bb30e592b10d0a91529d5383f74f4964e72b297fd3a"
-            ],
-            "version": "==0.56.0"
-        },
-        "whichcraft": {
-            "hashes": [
-                "sha256:7533870f751901a0ce43c93cc9850186e9eba7fe58c924dfb435968ba9c9fa4e",
-                "sha256:fecddd531f237ffc5db8b215409afb18fa30300699064cca4817521b4fc81815"
-            ],
-            "version": "==0.5.2"
-        },
-        "yamllint": {
-            "hashes": [
-                "sha256:5a53b6ebea563f944420d2964233173532af00a9579ab2c48c4cf8c56b704050",
-                "sha256:8f25759997acb42e52b96bf3af0b4b942e6516b51198bebd3402640102006af7"
-            ],
-            "version": "==1.15.0"
-        }
-    },
-    "develop": {}
-}

From 874a05b3ca14403bf7ad3cb7e60471dd8cf4f979 Mon Sep 17 00:00:00 2001
From: Okynos <pylott@gmail.com>
Date: Mon, 3 Jun 2019 18:53:25 -0700
Subject: [PATCH 111/714] Added a testing purposes workaround

---
 .../ansible-elasticsearch/defaults/main.yml   |    2 +-
 .../ansible-elasticsearch/tasks/Debian.yml    |    2 +-
 .../ansible-elasticsearch/tasks/RedHat.yml    |    4 +-
 .../ansible-elasticsearch/tasks/main.yml      |    2 +-
 .../wazuh-elastic7-template-alerts.json.j2    | 1456 +++++++++++++++++
 .../ansible-kibana/defaults/main.yml          |    2 +-
 .../ansible-kibana/tasks/Debian.yml           |    2 +-
 .../ansible-kibana/tasks/RedHat.yml           |    4 +-
 .../ansible-kibana/templates/kibana.yml.j2    |    2 +-
 .../ansible-logstash/defaults/main.yml        |    2 +-
 .../ansible-logstash/tasks/Debian.yml         |    2 +-
 .../ansible-logstash/tasks/RedHat.yml         |    4 +-
 12 files changed, 1470 insertions(+), 14 deletions(-)
 create mode 100644 roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index e03f7557..3328165a 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 6.8.0
+elastic_stack_version: 7.1.1
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
 elasticsearch_install_java: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index f786d2a3..d5315805 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -17,7 +17,7 @@
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
     filename: 'elastic_repo'
     update_cache: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 79632b31..64cc0820 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -9,8 +9,8 @@
 - name: RedHat/CentOS/Fedora | Install Elastic repo
   yum_repository:
     name: elastic_repo
-    description: Elastic repository for 6.x packages
-    baseurl: https://artifacts.elastic.co/packages/6.x/yum
+    description: Elastic repository for 7.x packages
+    baseurl: https://artifacts.elastic.co/packages/7.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
 
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index a1f44f88..8d48441e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -104,7 +104,7 @@
     method: PUT
     status_code: 200
     body_format: json
-    body: "{{ lookup('template','wazuh-elastic6-template-alerts.json.j2') }}"
+    body: "{{ lookup('template','wazuh-elastic7-template-alerts.json.j2') }}"
   when: wazuh_alerts_template_exits.status != 200
   tags: init
 
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
new file mode 100644
index 00000000..836b2cb2
--- /dev/null
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
@@ -0,0 +1,1456 @@
+{
+  "order": 0,
+  "index_patterns": ["wazuh-alerts-3.x-*"],
+  "settings": {
+    "index.refresh_interval": "5s",
+    "index.number_of_shards": "3",
+    "index.number_of_replicas": "0",
+    "index.auto_expand_replicas": "0-1",
+    "index.mapping.total_fields.limit": 2000
+  },
+  "mappings": {
+    "dynamic_templates": [
+      {
+        "string_as_keyword": {
+          "match_mapping_type": "string",
+          "mapping": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      }
+    ],
+    "properties": {
+      "@timestamp": {
+        "type": "date"
+      },
+      "timestamp": {
+        "type": "date",
+        "format": "date_optional_time||epoch_millis"
+      },
+      "@version": {
+        "type": "text"
+      },
+      "agent": {
+        "properties": {
+          "ip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "id": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "manager": {
+        "properties": {
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "cluster": {
+        "properties": {
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "AlertsFile": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "full_log": {
+        "enabled": false,
+        "type": "object"
+      },
+      "previous_log": {
+        "type": "text"
+      },
+      "GeoLocation": {
+        "properties": {
+          "area_code": {
+            "type": "long"
+          },
+          "city_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "continent_code": {
+            "type": "text"
+          },
+          "coordinates": {
+            "type": "double"
+          },
+          "country_code2": {
+            "type": "text"
+          },
+          "country_code3": {
+            "type": "text"
+          },
+          "country_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dma_code": {
+            "type": "long"
+          },
+          "ip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "latitude": {
+            "type": "double"
+          },
+          "location": {
+            "type": "geo_point"
+          },
+          "longitude": {
+            "type": "double"
+          },
+          "postal_code": {
+            "type": "keyword"
+          },
+          "real_region_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "region_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "timezone": {
+            "type": "text"
+          }
+        }
+      },
+      "host": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "syscheck": {
+        "properties": {
+          "path": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "sha1_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "sha1_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "uid_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "uid_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gid_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gid_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "perm_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "perm_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "md5_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "md5_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gname_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gname_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "inode_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "inode_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "mtime_after": {
+            "type": "date",
+            "format": "dateOptionalTime",
+            "doc_values": "true"
+          },
+          "mtime_before": {
+            "type": "date",
+            "format": "dateOptionalTime",
+            "doc_values": "true"
+          },
+          "uname_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "uname_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "size_before": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "size_after": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "diff": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "event": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "location": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "message": {
+        "type": "text"
+      },
+      "offset": {
+        "type": "keyword"
+      },
+      "rule": {
+        "properties": {
+          "description": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "groups": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "level": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "id": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "cve": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "info": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "frequency": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "firedtimes": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "cis": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "pci_dss": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gdpr": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gpg13": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "predecoder": {
+        "properties": {
+          "program_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "timestamp": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "decoder": {
+        "properties": {
+          "parent": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "ftscomment": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "fts": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "accumulate": {
+            "type": "long",
+            "doc_values": "true"
+          }
+        }
+      },
+      "data": {
+        "properties": {
+          "protocol": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "action": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "srcip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dstip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "srcport": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dstport": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "srcuser": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dstuser": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "id": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "status": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "data": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "system_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "url": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "oscap": {
+            "properties": {
+              "check.title": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.result": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.severity": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.description": {
+                "type": "text"
+              },
+              "check.rationale": {
+                "type": "text"
+              },
+              "check.references": {
+                "type": "text"
+              },
+              "check.identifiers": {
+                "type": "text"
+              },
+              "check.oval.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.content": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.benchmark.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.profile.title": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.profile.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.score": {
+                "type": "double",
+                "doc_values": "true"
+              },
+              "scan.return_code": {
+                "type": "long",
+                "doc_values": "true"
+              }
+            }
+          },
+          "audit": {
+            "properties": {
+              "type": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "syscall": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "exit": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "ppid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "pid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "auid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "uid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "gid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "euid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "suid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "fsuid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "egid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "sgid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "fsgid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "tty": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "session": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "command": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "exe": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "key": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "cwd": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "directory.name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "directory.inode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "directory.mode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file.name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file.inode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file.mode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "acct": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "dev": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "enforcing": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "list": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old-auid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old-ses": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old_enforcing": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old_prom": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "op": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "prom": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "res": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "srcip": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "subj": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "success": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "aws": {
+            "properties": {
+              "bytes": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "dstaddr": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "srcaddr": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "end": {
+                "type": "date",
+                "doc_values": "true"
+              },
+              "start": {
+                "type": "date",
+                "doc_values": "true"
+              },
+              "source_ip_address": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "resource.instanceDetails.networkInterfaces": {
+                "properties": {
+                  "privateIpAddress": {
+                    "type": "ip",
+                    "doc_values": "true"
+                  },
+                  "publicIp": {
+                    "type": "ip",
+                    "doc_values": "true"
+                  }
+                }
+              },
+              "service": {
+                "properties": {
+                  "count": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "action.networkConnectionAction.remoteIpDetails": {
+                    "properties": {
+                      "ipAddressV4": {
+                        "type": "ip",
+                        "doc_values": "true"
+                      },
+                      "geoLocation": {
+                        "type": "geo_point",
+                        "doc_values": "true"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "type": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "netinfo": {
+            "properties": {
+              "iface": {
+                "properties": {
+                  "name": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "mac": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "adapter": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "type": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "state": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "mtu": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_bytes": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_bytes": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_errors": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_errors": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_dropped": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_dropped": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_packets": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_packets": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "ipv4": {
+                    "properties": {
+                      "gateway": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "dhcp": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "address": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "netmask": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "broadcast": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "metric": {
+                        "type": "long",
+                        "doc_values": "true"
+                      }
+                    }
+                  },
+                  "ipv6": {
+                    "properties": {
+                      "gateway": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "dhcp": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "address": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "netmask": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "broadcast": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "metric": {
+                        "type": "long",
+                        "doc_values": "true"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "os": {
+            "properties": {
+              "hostname": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "architecture": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "version": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "codename": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "major": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "minor": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "build": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "platform": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "sysname": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "release": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "release_version": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "port": {
+            "properties": {
+              "protocol": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "local_ip": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "local_port": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "remote_ip": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "remote_port": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "tx_queue": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "rx_queue": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "inode": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "state": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "pid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "process": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "hardware": {
+            "properties": {
+              "serial": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "cpu_name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "cpu_cores": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "cpu_mhz": {
+                "type": "double",
+                "doc_values": "true"
+              },
+              "ram_total": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "ram_free": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "ram_usage": {
+                "type": "long",
+                "doc_values": "true"
+              }
+            }
+          },
+          "program": {
+            "properties": {
+              "format": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "priority": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "section": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "size": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "vendor": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "install_time": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "version": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "architecture": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "multiarch": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "source": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "description": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "location": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "process": {
+            "properties": {
+              "pid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "state": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "ppid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "utime": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "stime": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "cmd": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "args": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "euser": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "ruser": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "suser": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "egroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "sgroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "fgroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "rgroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "priority": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "nice": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "size": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "vm_size": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "resident": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "share": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "start_time": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "pgrp": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "session": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "nlwp": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "tgid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "tty": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "processor": {
+                "type": "long",
+                "doc_values": "true"
+              }
+            }
+          },
+          "sca": {
+            "properties": {
+              "type": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan_id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "policy": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "description": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "passed": {
+                "type": "integer",
+                "doc_values": "true"
+              },
+              "failed": {
+                "type": "integer",
+                "doc_values": "true"
+              },
+              "score": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "check": {
+                "properties": {
+                  "id": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "title": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "description": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "rationale": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "remediation": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "compliance": {
+                    "properties": {
+                      "cis": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "cis_csc": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "pci_dss": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      }
+                    }
+                  },
+                  "references": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "file": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "directory": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "registry": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "process": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "result": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "previous_result": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              }
+            }
+          },
+          "win": {
+            "properties": {
+              "system": {
+                "properties": {
+                  "providerName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "providerGuid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "eventSourceName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "securityUserID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "userID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "eventID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "version": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "level": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "task": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "opcode": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "keywords": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "systemTime": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "eventRecordID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "processID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "threadID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "channel": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "computer": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "severityValue": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "message": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              },
+              "eventdata": {
+                "properties": {
+                  "subjectUserSid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subjectUserName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subjectDomainName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subjectLogonId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetUserSid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetUserName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetDomainName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetLogonId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "logonType": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "logonProcessName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "authenticationPackageName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "logonGuid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "keyLength": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "impersonationLevel": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "transactionId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "newState": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "resourceManager": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "processId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "processName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "data": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "image": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "binary": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "parentImage": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "categoryId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subcategoryId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subcategoryGuid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "auditPolicyChangesId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "category": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subcategory": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "auditPolicyChanges": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              },
+              "rmSessionEvent": {
+                "properties": {
+                  "rmSessionId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "uTCStartTime": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              }
+            }
+          }
+        }
+      },
+      "program_name": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "command": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "type": {
+        "type": "text"
+      },
+      "title": {
+        "type": "keyword",
+        "doc_values": "true"
+      }
+    }
+  }
+}
+
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index c9842e7f..921cd436 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -3,5 +3,5 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 6.8.0
+elastic_stack_version: 7.1.1
 wazuh_version: 3.9.1
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 097b19db..67081b86 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -11,7 +11,7 @@
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
     filename: 'elastic_repo'
     update_cache: true
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
index f5fe2935..1d35d139 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
@@ -2,8 +2,8 @@
 - name: RedHat/CentOS/Fedora | Install Elastic repo
   yum_repository:
     name: elastic_repo
-    description: Elastic repository for 6.x packages
-    baseurl: https://artifacts.elastic.co/packages/6.x/yum
+    description: Elastic repository for 7.x packages
+    baseurl: https://artifacts.elastic.co/packages/7.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
 
diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
index 9b29f17a..edd1b4b4 100644
--- a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
@@ -19,7 +19,7 @@ server.host: {{ kibana_server_host }}
 #server.name: "your-hostname"
 
 # The URL of the Elasticsearch instance to use for all your queries.
-elasticsearch.url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
+elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
 
 # When this setting's value is true Kibana uses the hostname specified in the server.host
 # setting. When the value of this setting is false, Kibana uses the hostname of the host
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
index 31012c04..403a6127 100644
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ b/roles/elastic-stack/ansible-logstash/defaults/main.yml
@@ -9,7 +9,7 @@ elasticsearch_network_host: ["Localhost"]
 elasticsearch_http_port: "9200"
 elasticsearch_shards: 5
 elasticsearch_replicas: 1
-elastic_stack_version: 6.8.0
+elastic_stack_version: 7.1.1
 
 logstash_ssl: false
 logstash_ssl_dir: /etc/pki/logstash
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
index 403ee88f..bf8f7a7a 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
@@ -17,7 +17,7 @@
 
 - name: Debian/Ubuntu | Install Elasticsearch repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
     filename: 'elastic_repo'
 
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
index ed16fbc5..289f3a0c 100644
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
@@ -9,8 +9,8 @@
 - name: RedHat/CentOS/Fedora | Install Logstash repo
   yum_repository:
     name: elastic_repo
-    description: Elastic repository for 6.x packages
-    baseurl: https://artifacts.elastic.co/packages/6.x/yum
+    description: Elastic repository for 7.x packages
+    baseurl: https://artifacts.elastic.co/packages/7.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
 

From 3ac36b05f8e8ca592de3a8ab8c70d7bdd6c7888c Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Thu, 6 Jun 2019 17:24:18 +0200
Subject: [PATCH 112/714] Deleted Logstash and added new Filebeat.yml template

---
 .circleci/config.yml                          |  25 ---
 .gitignore                                    |   1 -
 .travis.yml                                   |   8 -
 CHANGELOG.md                                  |   1 -
 README.md                                     |   2 -
 molecule/default/playbook.yml                 |   3 +-
 playbooks/wazuh-logstash.yml                  |   4 -
 playbooks/wazuh-manager.yml                   |   2 +-
 .../elastic-stack/ansible-logstash/README.md  |  53 -----
 .../ansible-logstash/defaults/main.yml        |  19 --
 .../ansible-logstash/handlers/main.yml        |   3 -
 .../ansible-logstash/meta/main.yml            |  24 ---
 .../ansible-logstash/tasks/Debian.yml         |  45 ----
 .../ansible-logstash/tasks/RMDebian.yml       |   5 -
 .../ansible-logstash/tasks/RMRedHat.yml       |   5 -
 .../ansible-logstash/tasks/RedHat.yml         |  43 ----
 .../ansible-logstash/tasks/config.yml         |  27 ---
 .../ansible-logstash/tasks/main.yml           |  40 ----
 .../templates/01-wazuh.conf.j2                |  73 -------
 roles/wazuh/ansible-filebeat/README.md        |  24 ---
 .../wazuh/ansible-filebeat/defaults/main.yml  |   6 +-
 .../templates/filebeat.yml.j2                 | 198 +++++-------------
 .../ansible-filebeat/tests/requirements.yml   |   1 -
 roles/wazuh/ansible-filebeat/tests/test.yml   |   1 -
 24 files changed, 56 insertions(+), 557 deletions(-)
 delete mode 100644 .circleci/config.yml
 delete mode 100644 .travis.yml
 delete mode 100644 playbooks/wazuh-logstash.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/README.md
 delete mode 100644 roles/elastic-stack/ansible-logstash/defaults/main.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/handlers/main.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/meta/main.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/tasks/Debian.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/tasks/config.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/tasks/main.yml
 delete mode 100644 roles/elastic-stack/ansible-logstash/templates/01-wazuh.conf.j2

diff --git a/.circleci/config.yml b/.circleci/config.yml
deleted file mode 100644
index 08b3ff16..00000000
--- a/.circleci/config.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-version: 2
-jobs:
-  test:
-    machine:
-      python:
-        version: 2.7
-      services:
-        - docker
-    working_directory: ~/wazuh-ansible  
-    steps:
-      - checkout
-      - run:
-          name: Install pipenv
-          command: pip install pipenv
-      - run:
-          name: Install molecule
-          command: pipenv install --dev --system
-      - run:
-          name: Run molecule
-          command: pipenv run test
-workflows:
-  version: 2
-  test_molecule:
-    jobs:
-      - test
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 148b831f..04c7b54b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,5 @@ wazuh-elastic_stack-distributed.yml
 wazuh-elastic_stack-single.yml
 wazuh-elastic.yml
 wazuh-kibana.yml
-wazuh-logstash.yml
 wazuh-manager.yml
 *.pyc
\ No newline at end of file
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 97c0427b..00000000
--- a/.travis.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-language: python
-services: docker
-before_script:
-  - pip install pipenv
-  - pipenv install --dev --system
-script:
-  - pipenv run test
-  - pipenv run agent
diff --git a/CHANGELOG.md b/CHANGELOG.md
index b99b1000..fad82137 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -126,7 +126,6 @@ Ansible starting point.
 Roles:
  - Elastic Stack:
    - ansible-elasticsearch: This role is prepared to install elasticsearch on the host that runs it.
-   - ansible-logstash: This role involves the installation of logstash on the host that runs it.
    - ansible-kibana: Using this role we will install Kibana on the host that runs it.
  - Wazuh:
    - ansible-filebeat: This role is prepared to install filebeat on the host that runs it.
diff --git a/README.md b/README.md
index e91018c8..f684d1a8 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,6 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
     │ ├── roles
     │ │ ├── elastic-stack 
     │ │ │ ├── ansible-elasticsearch        
-    │ │ │ ├── ansible-logstash
     │ │ │ ├── ansible-kibana
     │ │
     │ │ ├── wazuh                
@@ -35,7 +34,6 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
     │ │ ├── wazuh-elastic_stack-distributed.yml
     │ │ ├── wazuh-elastic_stack-single.yml
     │ │ ├── wazuh-kibana.yml
-    │ │ ├── wazuh-logstash.yml
     │ │ ├── wazuh-manager.yml
     │
     │ ├── README.md
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index ba33c758..639e6320 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -4,8 +4,7 @@
   roles:
     - role: wazuh/ansible-wazuh-manager
 
-# - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP'
+# - {role: wazuh/ansible-filebeat} #, filebeat_output_elasticsearch_hosts: 'your elastic stack server IP'
 # Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
 # - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-# - {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
 # - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
diff --git a/playbooks/wazuh-logstash.yml b/playbooks/wazuh-logstash.yml
deleted file mode 100644
index e3d44687..00000000
--- a/playbooks/wazuh-logstash.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-- hosts: <your logstash host>
-  roles:
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: ["localhost"]}
diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index dc2ad637..d9cc667d 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -2,4 +2,4 @@
 - hosts: <your wazuh server host>
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_logstash_hosts: 'your logstash IP'}
+    - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'your elasticsearch IP'}
diff --git a/roles/elastic-stack/ansible-logstash/README.md b/roles/elastic-stack/ansible-logstash/README.md
deleted file mode 100644
index 7be8951d..00000000
--- a/roles/elastic-stack/ansible-logstash/README.md
+++ /dev/null
@@ -1,53 +0,0 @@
-Ansible Role: Logstash
-----------------------
-
-An Ansible Role that installs [Logstash](https://www.elastic.co/products/logstash)
-
-Requirements
-------------
-
-This role will work on:
- * Red Hat
- * CentOS
- * Fedora
- * Debian
- * Ubuntu
-
-Role Variables
---------------
-```
-  ---
-  logstash_create_config: true
-  logstash_input_beats: false
-
-  elasticsearch_network_host: "127.0.0.1"
-  elasticsearch_http_port: "9200"
-  elastic_stack_version: 5.5.0
-
-  logstash_ssl: false
-  logstash_ssl_dir: /etc/pki/logstash
-  logstash_ssl_certificate_file: ""
-  logstash_ssl_key_file: ""
-```
-
-Example Playbook
-----------------
-
-```
-  - hosts: logstash
-    roles:
-      - { role: ansible-role-logstash, elasticsearch_network_host: '192.168.33.182' }
-```
-
-License and copyright
----------------------
-
-WAZUH Copyright (C) 2017 Wazuh Inc. (License GPLv3)
-
-### Based on previous work from geerlingguy
-
- - https://github.com/geerlingguy/ansible-role-elasticsearch
-
-### Modified by Wazuh
-
-The playbooks have been modified by Wazuh, including some specific requirements, templates and configuration to improve integration with Wazuh ecosystem.
diff --git a/roles/elastic-stack/ansible-logstash/defaults/main.yml b/roles/elastic-stack/ansible-logstash/defaults/main.yml
deleted file mode 100644
index 403a6127..00000000
--- a/roles/elastic-stack/ansible-logstash/defaults/main.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-logstash_create_config: true
-logstash_input_beats: false
-
-# You can introduce Multiples IPs
-# elasticseacrh_network_host: ["Localhost1", "Localhost2", "Localhost3", ...]
-elasticsearch_network_host: ["Localhost"]
-
-elasticsearch_http_port: "9200"
-elasticsearch_shards: 5
-elasticsearch_replicas: 1
-elastic_stack_version: 7.1.1
-
-logstash_ssl: false
-logstash_ssl_dir: /etc/pki/logstash
-logstash_ssl_certificate_file: ""
-logstash_ssl_key_file: ""
-
-logstash_install_java: true
diff --git a/roles/elastic-stack/ansible-logstash/handlers/main.yml b/roles/elastic-stack/ansible-logstash/handlers/main.yml
deleted file mode 100644
index 56f376c8..00000000
--- a/roles/elastic-stack/ansible-logstash/handlers/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-- name: restart logstash
-  service: name=logstash state=restarted
diff --git a/roles/elastic-stack/ansible-logstash/meta/main.yml b/roles/elastic-stack/ansible-logstash/meta/main.yml
deleted file mode 100644
index 90234871..00000000
--- a/roles/elastic-stack/ansible-logstash/meta/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-galaxy_info:
-  author: Wazuh
-  description: Installing and maintaining Elasticsearch server.
-  company: wazuh.com
-  license: license (GPLv3)
-  min_ansible_version: 2.0
-  platforms:
-    - name: EL
-      versions:
-        - all
-    - name: Fedora
-      versions:
-        - all
-    - name: Debian
-      versions:
-        - all
-    - name: Ubuntu
-      versions:
-        - all
-  galaxy_tags:
-    - web
-    - system
-    - monitoring
diff --git a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml b/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
deleted file mode 100644
index bf8f7a7a..00000000
--- a/roles/elastic-stack/ansible-logstash/tasks/Debian.yml
+++ /dev/null
@@ -1,45 +0,0 @@
----
-- name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
-  apt:
-    name: ['apt-transport-https', 'ca-certificates']
-    state: present
-
-- when: logstash_install_java
-  block:
-    - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name=openjdk-8-jre state=present cache_valid_time=3600
-      tags: install
-
-- name: Debian/Ubuntu | Add Elasticsearch GPG key
-  apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
-    state: present
-
-- name: Debian/Ubuntu | Install Elasticsearch repo
-  apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
-    state: present
-    filename: 'elastic_repo'
-
-- name: Debian/Ubuntu | Install Logstash
-  apt:
-    name: "logstash=1:{{ elastic_stack_version }}-1"
-    state: present
-    update_cache: true
-  tags: install
-
-- name: Debian/Ubuntu | Checking if wazuh-manager is installed
-  command: dpkg -l wazuh-manager
-  register: wazuh_manager_check_deb
-  when: logstash_input_beats == false
-  args:
-    warn: false
-
-- name: Debian/Ubuntu | Add user logstash to group ossec
-  user:
-    name: logstash
-    groups: ossec
-    append: true
-  when:
-    - logstash_input_beats == false
-    - wazuh_manager_check_deb.rc == 0
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml b/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml
deleted file mode 100644
index 74c59c37..00000000
--- a/roles/elastic-stack/ansible-logstash/tasks/RMDebian.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: Debian/Ubuntu | Removing Elasticsearch repository
-  apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
-    state: absent
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml
deleted file mode 100644
index 78538fe9..00000000
--- a/roles/elastic-stack/ansible-logstash/tasks/RMRedHat.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: RedHat/CentOS/Fedora | Remove logstash repository (and clean up left-over metadata)
-  yum_repository:
-    name: elastic_repo
-    state: absent
diff --git a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml b/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
deleted file mode 100644
index 289f3a0c..00000000
--- a/roles/elastic-stack/ansible-logstash/tasks/RedHat.yml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-- when: logstash_install_java
-  block:
-    - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
-      yum: name=java-1.8.0-openjdk state=present
-      register: oracle_java_task_rpm_installed
-      tags: install
-
-- name: RedHat/CentOS/Fedora | Install Logstash repo
-  yum_repository:
-    name: elastic_repo
-    description: Elastic repository for 7.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
-    gpgcheck: true
-
-- name: RedHat/CentOS/Fedora | Install Logstash
-  package: name=logstash-{{ elastic_stack_version }} state=present
-  when: not logstash_install_java or oracle_java_task_rpm_installed is defined
-  tags: install
-
-- name: RedHat/CentOS/Fedora | Checking if wazuh-manager is installed
-  command: rpm -q wazuh-manager
-  register: wazuh_manager_check_rpm
-  when: logstash_input_beats == false
-  args:
-    warn: false
-
-- name: RedHat/CentOS/Fedora | Add user logstash to group ossec
-  user:
-    name: logstash
-    groups: ossec
-    append: true
-  when:
-    - logstash_input_beats == false
-    - wazuh_manager_check_rpm.rc == 0
-
-- name: Amazon Linux change startup group
-  shell: sed -i 's/.*LS_GROUP=logstash.*/LS_GROUP=ossec/' /etc/logstash/startup.options
-  when:
-    - logstash_input_beats == false
-    - wazuh_manager_check_rpm.rc == 0
-    - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
diff --git a/roles/elastic-stack/ansible-logstash/tasks/config.yml b/roles/elastic-stack/ansible-logstash/tasks/config.yml
deleted file mode 100644
index 037f0d85..00000000
--- a/roles/elastic-stack/ansible-logstash/tasks/config.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Ensure Logstash SSL key pair directory exists.
-  file:
-    path: "{{ logstash_ssl_dir }}"
-    state: directory
-  when: logstash_ssl
-  tags: configure
-
-- name: Copy SSL key and cert for logstash.
-  copy:
-    src: "{{ item }}"
-    dest: "{{ logstash_ssl_dir }}/{{ item | basename }}"
-    mode: 0644
-  with_items:
-    - "{{ logstash_ssl_key_file }}"
-    - "{{ logstash_ssl_certificate_file }}"
-  when: logstash_ssl
-  tags: configure
-
-- name: Logstash configuration
-  template:
-    src: 01-wazuh.conf.j2
-    dest: /etc/logstash/conf.d/01-wazuh.conf
-    owner: root
-    group: root
-  notify: restart logstash
-  tags: configure
diff --git a/roles/elastic-stack/ansible-logstash/tasks/main.yml b/roles/elastic-stack/ansible-logstash/tasks/main.yml
deleted file mode 100644
index e114a82f..00000000
--- a/roles/elastic-stack/ansible-logstash/tasks/main.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-- import_tasks: RedHat.yml
-  when: ansible_os_family == 'RedHat'
-
-- import_tasks: Debian.yml
-  when: ansible_os_family == "Debian"
-
-- import_tasks: config.yml
-  when: logstash_create_config
-
-- name: Reload systemd
-  systemd: daemon_reload=yes
-  ignore_errors: true
-  when:
-    - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
-    - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
-    - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
-
-- name: Amazon Linux create service
-  shell: /usr/share/logstash/bin/system-install /etc/logstash/startup.options
-  when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
-
-- name: Ensure Logstash started and enabled
-  service:
-    name: logstash
-    enabled: true
-    state: started
-
-- name: Amazon Linux start Logstash
-  service:
-    name: logstash
-    enabled: true
-    state: started
-  when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
-
-- import_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
-
-- import_tasks: "RMDebian.yml"
-  when: ansible_os_family == "Debian"
diff --git a/roles/elastic-stack/ansible-logstash/templates/01-wazuh.conf.j2 b/roles/elastic-stack/ansible-logstash/templates/01-wazuh.conf.j2
deleted file mode 100644
index 6ef868e1..00000000
--- a/roles/elastic-stack/ansible-logstash/templates/01-wazuh.conf.j2
+++ /dev/null
@@ -1,73 +0,0 @@
-#jinja2: trim_blocks:False
-# {{ ansible_managed }}
-# Wazuh - Logstash configuration file
-
-{% if logstash_input_beats == true %}
-## Remote Wazuh Manager - Filebeat input
-input {
-    beats {
-        port => 5000
-        codec => "json_lines"
-{% if logstash_ssl == true %}
-        ssl => true
-        ssl_certificate => "{{ logstash_ssl_dir }}/{{ logstash_ssl_certificate_file | basename }}"
-        ssl_key => "{{ logstash_ssl_dir }}/{{ logstash_ssl_key_file | basename }}"
-{% endif %}
-    }
-}
-{% else %}
-## Local Wazuh Manager - JSON file input
-input {
-   file {
-       type => "wazuh-alerts"
-       path => "/var/ossec/logs/alerts/alerts.json"
-       codec => "json"
-   }
-}
-{% endif %}
-filter {
-    if [data][srcip] {
-        mutate {
-            add_field => [ "@src_ip", "%{[data][srcip]}" ]
-        }
-    }
-    if [data][aws][sourceIPAddress] {
-        mutate {
-            add_field => [ "@src_ip", "%{[data][aws][sourceIPAddress]}" ]
-        }
-    }
-}
-filter {
-    if [data][srcip] {
-        mutate {
-            add_field => [ "@src_ip", "%{[data][srcip]}" ]
-        }
-    }
-    if [data][aws][sourceIPAddress] {
-        mutate {
-            add_field => [ "@src_ip", "%{[data][aws][sourceIPAddress]}" ]
-        }
-    }
-}
-filter {
-    geoip {
-        source => "@src_ip"
-        target => "GeoLocation"
-        fields => ["city_name", "country_name", "region_name", "location"]
-    }
-    date {
-        match => ["timestamp", "ISO8601"]
-        target => "@timestamp"
-    }
-    mutate {
-        remove_field => [ "timestamp", "beat", "input_type", "tags", "count", "@version", "log", "offset", "type", "@src_ip", "host"]
-    }
-}
-output {
-    #stdout { codec => rubydebug }
-    elasticsearch {
-        hosts => {{ elasticsearch_network_host | to_json}}
-        index => "wazuh-alerts-3.x-%{+YYYY.MM.dd}"
-        document_type => "wazuh"
-    }
-}
diff --git a/roles/wazuh/ansible-filebeat/README.md b/roles/wazuh/ansible-filebeat/README.md
index 6801e373..ad588e64 100644
--- a/roles/wazuh/ansible-filebeat/README.md
+++ b/roles/wazuh/ansible-filebeat/README.md
@@ -19,34 +19,10 @@ Role Variables
 Available variables are listed below, along with default values (see `defaults/main.yml`):
 
 ```
-  filebeat_create_config: true
-
-  filebeat_prospectors:
-    - input_type: log
-      paths:
-        - "/var/ossec/logs/alerts/alerts.json"
-      document_type: json
-      json.message_key: log
-      json.keys_under_root: true
-      json.overwrite_keys: true
-
   filebeat_output_elasticsearch_enabled: false
   filebeat_output_elasticsearch_hosts:
     - "localhost:9200"
 
-  filebeat_output_logstash_enabled: true
-  filebeat_output_logstash_hosts:
-    - "192.168.212.158:5000"
-
-  filebeat_enable_logging: true
-  filebeat_log_level: debug
-  filebeat_log_dir: /var/log/mybeat
-  filebeat_log_filename: mybeat.log
-
-  filebeat_ssl_dir: /etc/pki/logstash
-  filebeat_ssl_certificate_file: ""
-  filebeat_ssl_key_file: ""
-  filebeat_ssl_insecure: "false"
 ```
 
 License and copyright
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 0f9b5c5a..a00cbbb4 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -14,16 +14,12 @@ filebeat_output_elasticsearch_enabled: false
 filebeat_output_elasticsearch_hosts:
   - "localhost:9200"
 
-filebeat_output_logstash_enabled: true
-filebeat_output_logstash_hosts:
-  - "192.168.212.158:5000"
-
 filebeat_enable_logging: true
 filebeat_log_level: debug
 filebeat_log_dir: /var/log/mybeat
 filebeat_log_filename: mybeat.log
 
-filebeat_ssl_dir: /etc/pki/logstash
+filebeat_ssl_dir: /etc/pki/filebeat
 filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
index dc4cac82..8e6287ec 100644
--- a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
@@ -1,150 +1,58 @@
-filebeat:
-  # List of prospectors to fetch data.
-  prospectors:
-    {{ filebeat_prospectors | to_json }}
+# Wazuh - Filebeat configuration file
 
-# Configure what outputs to use when sending the data collected by the beat.
-# Multiple outputs may be used.
-output:
+filebeat.inputs:
+  - type: log
+    paths:
+      - '/var/ossec/logs/alerts/alerts.json'
 
-{% if filebeat_output_elasticsearch_enabled %}
-  ### Elasticsearch as output
-  elasticsearch:
-    # Array of hosts to connect to.
-    hosts: {{ filebeat_output_elasticsearch_hosts | to_json }}
+setup.template.json.enabled: true
+setup.template.json.path: "/etc/filebeat/wazuh-template.json"
+setup.template.json.name: "wazuh"
+setup.template.overwrite: true
 
-    # Optional protocol and basic auth credentials. These are deprecated.
-    #protocol: "https"
-    #username: "admin"
-    #password: "s3cr3t"
+processors:
+  - decode_json_fields:
+      fields: ['message']
+      process_array: true
+      max_depth: 200
+      target: ''
+      overwrite_keys: true
+  - drop_fields:
+      fields: ['message', 'ecs', 'beat', 'input_type', 'tags', 'count', '@version', 'log', 'offset', 'type', 'host']
+  - rename:
+      fields:
+        - from: "data.aws.sourceIPAddress"
+          to: "@src_ip"
+      ignore_missing: true
+      fail_on_error: false
+      when:
+        regexp:
+          data.aws.sourceIPAddress: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
+  - rename:
+      fields:
+        - from: "data.srcip"
+          to: "@src_ip"
+      ignore_missing: true
+      fail_on_error: false
+      when:
+        regexp:
+          data.srcip: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
+  - rename:
+      fields:
+        - from: "data.win.eventdata.ipAddress"
+          to: "@src_ip"
+      ignore_missing: true
+      fail_on_error: false
+      when:
+        regexp:
+          data.win.eventdata.ipAddress: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
 
-    # Number of workers per Elasticsearch host.
-    #worker: 1
+# Send events directly to Elasticsearch
+output.elasticsearch:
+  hosts: {{ filebeat_output_elasticsearch_hosts | to_json }}
+  #pipeline: geoip
+  indices:
+    - index: 'wazuh-alerts-3.x-%{+yyyy.MM.dd}'
 
-    # Optional index name. The default is "filebeat" and generates
-    # [filebeat-]YYYY.MM.DD keys.
-    #index: "filebeat"
-
-    # Optional HTTP Path
-    #path: "/elasticsearch"
-
-    # Proxy server URL
-    # proxy_url: http://proxy:3128
-
-    # The number of times a particular Elasticsearch index operation is attempted. If
-    # the indexing operation doesn't succeed after this many retries, the events are
-    # dropped. The default is 3.
-    #max_retries: 3
-
-    # The maximum number of events to bulk in a single Elasticsearch bulk API index request.
-    # The default is 50.
-    #bulk_max_size: 50
-
-    # Configure http request timeout before failing an request to Elasticsearch.
-    #timeout: 90
-
-    # The number of seconds to wait for new events between two bulk API index requests.
-    # If `bulk_max_size` is reached before this interval expires, addition bulk index
-    # requests are made.
-    #flush_interval: 1
-
-    # Boolean that sets if the topology is kept in Elasticsearch. The default is
-    # false. This option makes sense only for Packetbeat.
-    #save_topology: false
-
-    # The time to live in seconds for the topology information that is stored in
-    # Elasticsearch. The default is 15 seconds.
-    #topology_expire: 15
-
-{% if filebeat_ssl_certificate_file and filebeat_ssl_key_file %}
-    # tls configuration. By default is off.
-    tls:
-      # List of root certificates for HTTPS server verifications
-      #certificate_authorities: ["/etc/pki/root/ca.pem"]
-
-      # Certificate for TLS client authentication
-      certificate: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_certificate_file | basename }}"
-
-      # Client Certificate Key
-      certificate_key: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_key_file | basename}}"
-
-      # Controls whether the client verifies server certificates and host name.
-      # If insecure is set to true, all server host names and certificates will be
-      # accepted. In this mode TLS based connections are susceptible to
-      # man-in-the-middle attacks. Use only for testing.
-      insecure: {{ filebeat_ssl_insecure }}
-
-      # Configure cipher suites to be used for TLS connections
-      #cipher_suites: []
-
-      # Configure curve types for ECDHE based cipher suites
-      #curve_types: []
-
-      # Configure minimum TLS version allowed for connection to logstash
-      #min_version: 1.0
-
-      # Configure maximum TLS version allowed for connection to logstash
-      #max_version: 1.2
-{% endif %}
-{% endif %}
-
-{% if filebeat_output_logstash_enabled %}
-  ### Logstash as output
-  logstash:
-    # The Logstash hosts
-    hosts: {{ filebeat_output_logstash_hosts | to_json }}
-
-    # Number of workers per Logstash host.
-    #worker: 1
-
-    # Optional load balance the events between the Logstash hosts
-    #loadbalance: true
-
-    # Optional index name. The default index name depends on the each beat.
-    # For Packetbeat, the default is set to packetbeat, for Topbeat
-    # top topbeat and for Filebeat to filebeat.
-    #index: filebeat
-
-{% if filebeat_ssl_certificate_file and filebeat_ssl_key_file %}
-    # Optional TLS. By default is off.
-    tls:
-      # List of root certificates for HTTPS server verifications
-      #certificate_authorities: ["/etc/pki/root/ca.pem"]
-
-      # Certificate for TLS client authentication
-      certificate: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_certificate_file | basename }}"
-
-      # Client Certificate Key
-      certificate_key: "{{ filebeat_ssl_dir }}/{{ filebeat_ssl_key_file | basename}}"
-
-      # Controls whether the client verifies server certificates and host name.
-      # If insecure is set to true, all server host names and certificates will be
-      # accepted. In this mode TLS based connections are susceptible to
-      # man-in-the-middle attacks. Use only for testing.
-      #insecure: true
-      insecure: {{ filebeat_ssl_insecure }}
-
-      # Configure cipher suites to be used for TLS connections
-      #cipher_suites: []
-
-      # Configure curve types for ECDHE based cipher suites
-      #curve_types: []
-{% endif %}
-
-{% if filebeat_enable_logging %}
-logging:
-  ### Filebeat log
-  level: {{ filebeat_log_level }}
-
-  # Enable file rotation with default configuration
-  to_files: true
-
-  # Do not log to syslog
-  to_syslog: false
-
-  files:
-    path: {{ filebeat_log_dir }}
-    name: {{ filebeat_log_filename }}
-    keepfiles: 7
-{% endif %}
-{% endif %}
+# Optional. Send events to Logstash instead of Elasticsearch
+#output.logstash.hosts: ["YOUR_LOGSTASH_SERVER_IP:5000"]
\ No newline at end of file
diff --git a/roles/wazuh/ansible-filebeat/tests/requirements.yml b/roles/wazuh/ansible-filebeat/tests/requirements.yml
index 141fecdb..63d857e2 100644
--- a/roles/wazuh/ansible-filebeat/tests/requirements.yml
+++ b/roles/wazuh/ansible-filebeat/tests/requirements.yml
@@ -1,4 +1,3 @@
 ---
 - src: geerlingguy.java
 - src: geerlingguy.elasticsearch
-- src: geerlingguy.logstash
diff --git a/roles/wazuh/ansible-filebeat/tests/test.yml b/roles/wazuh/ansible-filebeat/tests/test.yml
index 5e71b672..3a4c8f21 100644
--- a/roles/wazuh/ansible-filebeat/tests/test.yml
+++ b/roles/wazuh/ansible-filebeat/tests/test.yml
@@ -17,5 +17,4 @@
   roles:
     - geerlingguy.java
     - geerlingguy.elasticsearch
-    - geerlingguy.logstash
     - role_under_test

From a92b7ad284888853a5d60b0fff21326306dd4d58 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 12 Jun 2019 21:03:55 +0200
Subject: [PATCH 113/714] Supporting cluster node types

---
 .../templates/elasticsearch.yml.j2            | 97 +++----------------
 1 file changed, 15 insertions(+), 82 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 69f666fc..f0d08cff 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -1,89 +1,22 @@
 # {{ ansible_managed }}
-# ======================== Elasticsearch Configuration =========================
-#
-# NOTE: Elasticsearch comes with reasonable defaults for most settings.
-#       Before you set out to tweak and tune the configuration, make sure you
-#       understand what are you trying to accomplish and the consequences.
-#
-# The primary way of configuring a node is via this file. This template lists
-# the most important settings you may want to configure for a production cluster.
-#
-# Please consult the documentation for further information on configuration options:
-# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
-#
-# ---------------------------------- Cluster -----------------------------------
-#
-# Use a descriptive name for your cluster:
-#
+
 cluster.name: {{ elasticsearch_cluster_name }}
-#
-# ------------------------------------ Node ------------------------------------
-#
-# Use a descriptive name for the node:
-#
 node.name: {{ elasticsearch_node_name }}
-#
-# Add custom attributes to the node:
-#
-#node.attr.rack: r1
-#
-# ----------------------------------- Paths ------------------------------------
-#
-# Path to directory where to store the data (separate multiple locations by comma):
-#
 path.data: /var/lib/elasticsearch
-#
-# Path to log files:
-#
 path.logs: /var/log/elasticsearch
-#
-# ----------------------------------- Memory -----------------------------------
-#
-# Lock the memory on startup:
-#
 bootstrap.memory_lock: true
-#
-# Make sure that the heap size is set to about half the memory available
-# on the system and that the owner of the process is allowed to use this
-# limit.
-#
-# Elasticsearch performs poorly when the system is swapping the memory.
-#
-# ---------------------------------- Network -----------------------------------
-#
-# Set the bind address to a specific IP (IPv4 or IPv6):
-#
 network.host: {{ elasticsearch_network_host }}
-#
-# Set a custom port for HTTP:
-#
-#http.port: 9200
-#
-# For more information, consult the network module documentation.
-#
-# --------------------------------- Discovery ----------------------------------
-#
-# Pass an initial list of hosts to perform discovery when new node is started:
-# The default list of hosts is ["127.0.0.1", "[::1]"]
-#
-#discovery.zen.ping.unicast.hosts: ["host1", "host2"]
-#
-# Prevent the "split brain" by configuring the majority of nodes (total number of master-eligible nodes / 2 + 1):
-#
-#discovery.zen.minimum_master_nodes: 3
-#
-# For more information, consult the zen discovery module documentation.
-#
-# ---------------------------------- Gateway -----------------------------------
-#
-# Block initial recovery after a full cluster restart until N nodes are started:
-#
-#gateway.recover_after_nodes: 3
-#
-# For more information, consult the gateway module documentation.
-#
-# ---------------------------------- Various -----------------------------------
-#
-# Require explicit names when deleting indices:
-#
-#action.destructive_requires_name: true
+
+{% if single_node %}
+discovery.type: single-node
+{% elif elasticsearch_bootstrap_node %}
+cluster.initial_master_nodes: 
+{% for item in elasticsearch_cluster_nodes %}
+  - {{ item }}
+{% endfor %}
+{% elif elasticsearch_master_candidate %}
+discovery.seed_hosts:
+{% for item in elasticsearch_cluster_nodes %}
+  - {{ item }}
+{% endfor %}
+{% endif %}

From 7619b44426a0d248bcebdae33d309e6886d72802 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 12 Jun 2019 21:11:12 +0200
Subject: [PATCH 114/714] Added changes for ELK 7

---
 playbooks/wazuh-elastic_stack-single.yml      |    9 +-
 .../ansible-elasticsearch/defaults/main.yml   |    8 +-
 .../ansible-elasticsearch/tasks/Debian.yml    |    6 -
 .../ansible-elasticsearch/tasks/RMDebian.yml  |    2 +-
 .../ansible-elasticsearch/tasks/RedHat.yml    |    7 -
 .../ansible-kibana/defaults/main.yml          |    2 +-
 .../ansible-kibana/tasks/RMDebian.yml         |    2 +-
 roles/wazuh/ansible-filebeat/tasks/Debian.yml |    2 +-
 .../wazuh/ansible-filebeat/tasks/RMDebian.yml |    2 +-
 roles/wazuh/ansible-filebeat/tasks/RedHat.yml |    2 +-
 roles/wazuh/ansible-filebeat/tasks/config.yml |   10 +
 .../templates/elasticsearch.yml.j2            | 1455 +++++++++++++++++
 .../var-ossec-rules-local_rules.xml.j2        |   20 +-
 13 files changed, 1482 insertions(+), 45 deletions(-)
 create mode 100644 roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2

diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index 9d3d761a..ac5efaf1 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -1,7 +1,6 @@
 ---
-- hosts: <your single server host>
+- hosts: <your server host>
   roles:
-      - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager}
-      - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-      - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, elasticsearch_network_host: 'localhost' }
-      - { role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }
+      - {role: ../roles/wazuh/ansible-wazuh-manager}
+      - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
+      - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 3328165a..5d380b6b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -5,6 +5,8 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.1.1
-elasticsearch_shards: 5
-elasticsearch_replicas: 1
-elasticsearch_install_java: true
+single_node: false
+elasticsearch_bootstrap_node: false
+elasticsearch_master_candidate: false
+elasticsearch_cluster_nodes:
+  - 127.0.0.1
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index d5315805..844da315 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -4,12 +4,6 @@
     name: ['apt-transport-https', 'ca-certificates']
     state: present
 
-- when: elasticsearch_install_java
-  block:
-    - name: Debian/Ubuntu | Install OpenJDK 1.8
-      apt: name=openjdk-8-jre state=present cache_valid_time=3600
-      tags: install
-
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
     url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
index 74c59c37..b11eec45 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
@@ -1,5 +1,5 @@
 ---
 - name: Debian/Ubuntu | Removing Elasticsearch repository
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
+    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
     state: absent
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 64cc0820..54728b0c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -1,10 +1,4 @@
 ---
-- when: elasticsearch_install_java
-  block:
-    - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
-      yum: name=java-1.8.0-openjdk state=present
-      register: oracle_java_task_rpm_installed
-      tags: install
 
 - name: RedHat/CentOS/Fedora | Install Elastic repo
   yum_repository:
@@ -16,5 +10,4 @@
 
 - name: RedHat/CentOS/Fedora | Install Elasticsarch
   package: name=elasticsearch-{{ elastic_stack_version }} state=present
-  when: not elasticsearch_install_java or oracle_java_task_rpm_installed is defined
   tags: install
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 921cd436..cf33aeff 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -4,4 +4,4 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.1.1
-wazuh_version: 3.9.1
+wazuh_version: 3.9.1
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
index 74c59c37..b11eec45 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
@@ -1,5 +1,5 @@
 ---
 - name: Debian/Ubuntu | Removing Elasticsearch repository
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
+    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
     state: absent
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 455034d6..95b31e0e 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -12,6 +12,6 @@
 
 - name: Debian/Ubuntu | Add Filebeat repository.
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/6.x/apt stable main'
+    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
     update_cache: true
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
index 580e6d86..f027d4f9 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
@@ -1,5 +1,5 @@
 ---
 - name: Debian/Ubuntu | Remove Filebeat repository (and clean up left-over metadata)
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/5.x/apt stable main
+    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
     state: absent
diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
index 80798897..e4ddd652 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
@@ -3,6 +3,6 @@
   yum_repository:
     name: elastic_repo
     description: Elastic repository for 6.x packages
-    baseurl: https://artifacts.elastic.co/packages/6.x/yum
+    baseurl: https://artifacts.elastic.co/packages/7.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     gpgcheck: true
diff --git a/roles/wazuh/ansible-filebeat/tasks/config.yml b/roles/wazuh/ansible-filebeat/tasks/config.yml
index a21e32ac..ce63503d 100644
--- a/roles/wazuh/ansible-filebeat/tasks/config.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/config.yml
@@ -9,6 +9,16 @@
   notify: restart filebeat
   tags: configure
 
+- name: Copy Elasticsearch template.
+  template:
+    src: elasticsearch.yml.j2
+    dest: "/etc/filebeat/wazuh-template.json"
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart filebeat
+  tags: configure
+
 - name: Ensure Filebeat SSL key pair directory exists.
   file:
     path: "{{ filebeat_ssl_dir }}"
diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
new file mode 100644
index 00000000..11ef6176
--- /dev/null
+++ b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
@@ -0,0 +1,1455 @@
+{
+  "order": 0,
+  "index_patterns": ["wazuh-alerts-3.x-*"],
+  "settings": {
+    "index.refresh_interval": "5s",
+    "index.number_of_shards": "3",
+    "index.number_of_replicas": "0",
+    "index.auto_expand_replicas": "0-1",
+    "index.mapping.total_fields.limit": 2000
+  },
+  "mappings": {
+    "dynamic_templates": [
+      {
+        "string_as_keyword": {
+          "match_mapping_type": "string",
+          "mapping": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      }
+    ],
+    "properties": {
+      "@timestamp": {
+        "type": "date"
+      },
+      "timestamp": {
+        "type": "date",
+        "format": "date_optional_time||epoch_millis"
+      },
+      "@version": {
+        "type": "text"
+      },
+      "agent": {
+        "properties": {
+          "ip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "id": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "manager": {
+        "properties": {
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "cluster": {
+        "properties": {
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "AlertsFile": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "full_log": {
+        "enabled": false,
+        "type": "object"
+      },
+      "previous_log": {
+        "type": "text"
+      },
+      "GeoLocation": {
+        "properties": {
+          "area_code": {
+            "type": "long"
+          },
+          "city_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "continent_code": {
+            "type": "text"
+          },
+          "coordinates": {
+            "type": "double"
+          },
+          "country_code2": {
+            "type": "text"
+          },
+          "country_code3": {
+            "type": "text"
+          },
+          "country_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dma_code": {
+            "type": "long"
+          },
+          "ip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "latitude": {
+            "type": "double"
+          },
+          "location": {
+            "type": "geo_point"
+          },
+          "longitude": {
+            "type": "double"
+          },
+          "postal_code": {
+            "type": "keyword"
+          },
+          "real_region_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "region_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "timezone": {
+            "type": "text"
+          }
+        }
+      },
+      "host": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "syscheck": {
+        "properties": {
+          "path": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "sha1_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "sha1_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "uid_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "uid_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gid_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gid_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "perm_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "perm_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "md5_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "md5_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gname_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gname_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "inode_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "inode_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "mtime_after": {
+            "type": "date",
+            "format": "dateOptionalTime",
+            "doc_values": "true"
+          },
+          "mtime_before": {
+            "type": "date",
+            "format": "dateOptionalTime",
+            "doc_values": "true"
+          },
+          "uname_after": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "uname_before": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "size_before": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "size_after": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "diff": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "event": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "location": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "message": {
+        "type": "text"
+      },
+      "offset": {
+        "type": "keyword"
+      },
+      "rule": {
+        "properties": {
+          "description": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "groups": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "level": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "id": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "cve": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "info": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "frequency": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "firedtimes": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "cis": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "pci_dss": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gdpr": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "gpg13": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "predecoder": {
+        "properties": {
+          "program_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "timestamp": {
+            "type": "keyword",
+            "doc_values": "true"
+          }
+        }
+      },
+      "decoder": {
+        "properties": {
+          "parent": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "ftscomment": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "fts": {
+            "type": "long",
+            "doc_values": "true"
+          },
+          "accumulate": {
+            "type": "long",
+            "doc_values": "true"
+          }
+        }
+      },
+      "data": {
+        "properties": {
+          "protocol": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "action": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "srcip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dstip": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "srcport": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dstport": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "srcuser": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "dstuser": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "id": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "status": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "data": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "system_name": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "url": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "oscap": {
+            "properties": {
+              "check.title": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.result": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.severity": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "check.description": {
+                "type": "text"
+              },
+              "check.rationale": {
+                "type": "text"
+              },
+              "check.references": {
+                "type": "text"
+              },
+              "check.identifiers": {
+                "type": "text"
+              },
+              "check.oval.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.content": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.benchmark.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.profile.title": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.profile.id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan.score": {
+                "type": "double",
+                "doc_values": "true"
+              },
+              "scan.return_code": {
+                "type": "long",
+                "doc_values": "true"
+              }
+            }
+          },
+          "audit": {
+            "properties": {
+              "type": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "syscall": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "exit": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "ppid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "pid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "auid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "uid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "gid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "euid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "suid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "fsuid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "egid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "sgid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "fsgid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "tty": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "session": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "command": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "exe": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "key": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "cwd": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "directory.name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "directory.inode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "directory.mode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file.name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file.inode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file.mode": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "acct": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "dev": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "enforcing": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "list": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old-auid": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old-ses": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old_enforcing": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "old_prom": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "op": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "prom": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "res": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "srcip": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "subj": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "success": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "aws": {
+            "properties": {
+              "bytes": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "dstaddr": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "srcaddr": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "end": {
+                "type": "date",
+                "doc_values": "true"
+              },
+              "start": {
+                "type": "date",
+                "doc_values": "true"
+              },
+              "source_ip_address": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "resource.instanceDetails.networkInterfaces": {
+                "properties": {
+                  "privateIpAddress": {
+                    "type": "ip",
+                    "doc_values": "true"
+                  },
+                  "publicIp": {
+                    "type": "ip",
+                    "doc_values": "true"
+                  }
+                }
+              },
+              "service": {
+                "properties": {
+                  "count": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "action.networkConnectionAction.remoteIpDetails": {
+                    "properties": {
+                      "ipAddressV4": {
+                        "type": "ip",
+                        "doc_values": "true"
+                      },
+                      "geoLocation": {
+                        "type": "geo_point",
+                        "doc_values": "true"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "type": {
+            "type": "keyword",
+            "doc_values": "true"
+          },
+          "netinfo": {
+            "properties": {
+              "iface": {
+                "properties": {
+                  "name": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "mac": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "adapter": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "type": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "state": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "mtu": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_bytes": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_bytes": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_errors": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_errors": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_dropped": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_dropped": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "tx_packets": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "rx_packets": {
+                    "type": "long",
+                    "doc_values": "true"
+                  },
+                  "ipv4": {
+                    "properties": {
+                      "gateway": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "dhcp": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "address": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "netmask": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "broadcast": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "metric": {
+                        "type": "long",
+                        "doc_values": "true"
+                      }
+                    }
+                  },
+                  "ipv6": {
+                    "properties": {
+                      "gateway": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "dhcp": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "address": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "netmask": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "broadcast": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "metric": {
+                        "type": "long",
+                        "doc_values": "true"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "os": {
+            "properties": {
+              "hostname": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "architecture": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "version": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "codename": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "major": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "minor": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "build": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "platform": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "sysname": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "release": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "release_version": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "port": {
+            "properties": {
+              "protocol": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "local_ip": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "local_port": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "remote_ip": {
+                "type": "ip",
+                "doc_values": "true"
+              },
+              "remote_port": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "tx_queue": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "rx_queue": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "inode": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "state": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "pid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "process": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "hardware": {
+            "properties": {
+              "serial": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "cpu_name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "cpu_cores": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "cpu_mhz": {
+                "type": "double",
+                "doc_values": "true"
+              },
+              "ram_total": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "ram_free": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "ram_usage": {
+                "type": "long",
+                "doc_values": "true"
+              }
+            }
+          },
+          "program": {
+            "properties": {
+              "format": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "priority": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "section": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "size": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "vendor": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "install_time": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "version": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "architecture": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "multiarch": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "source": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "description": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "location": {
+                "type": "keyword",
+                "doc_values": "true"
+              }
+            }
+          },
+          "process": {
+            "properties": {
+              "pid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "state": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "ppid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "utime": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "stime": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "cmd": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "args": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "euser": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "ruser": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "suser": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "egroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "sgroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "fgroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "rgroup": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "priority": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "nice": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "size": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "vm_size": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "resident": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "share": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "start_time": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "pgrp": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "session": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "nlwp": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "tgid": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "tty": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "processor": {
+                "type": "long",
+                "doc_values": "true"
+              }
+            }
+          },
+          "sca": {
+            "properties": {
+              "type": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "scan_id": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "policy": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "name": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "file": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "description": {
+                "type": "keyword",
+                "doc_values": "true"
+              },
+              "passed": {
+                "type": "integer",
+                "doc_values": "true"
+              },
+              "failed": {
+                "type": "integer",
+                "doc_values": "true"
+              },
+              "score": {
+                "type": "long",
+                "doc_values": "true"
+              },
+              "check": {
+                "properties": {
+                  "id": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "title": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "description": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "rationale": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "remediation": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "compliance": {
+                    "properties": {
+                      "cis": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "cis_csc": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      },
+                      "pci_dss": {
+                        "type": "keyword",
+                        "doc_values": "true"
+                      }
+                    }
+                  },
+                  "references": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "file": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "directory": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "registry": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "process": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "result": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "previous_result": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              }
+            }
+          },
+          "win": {
+            "properties": {
+              "system": {
+                "properties": {
+                  "providerName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "providerGuid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "eventSourceName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "securityUserID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "userID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "eventID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "version": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "level": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "task": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "opcode": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "keywords": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "systemTime": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "eventRecordID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "processID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "threadID": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "channel": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "computer": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "severityValue": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "message": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              },
+              "eventdata": {
+                "properties": {
+                  "subjectUserSid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subjectUserName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subjectDomainName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subjectLogonId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetUserSid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetUserName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetDomainName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "targetLogonId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "logonType": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "logonProcessName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "authenticationPackageName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "logonGuid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "keyLength": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "impersonationLevel": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "transactionId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "newState": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "resourceManager": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "processId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "processName": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "data": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "image": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "binary": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "parentImage": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "categoryId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subcategoryId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subcategoryGuid": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "auditPolicyChangesId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "category": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "subcategory": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "auditPolicyChanges": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              },
+              "rmSessionEvent": {
+                "properties": {
+                  "rmSessionId": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  },
+                  "uTCStartTime": {
+                    "type": "keyword",
+                    "doc_values": "true"
+                  }
+                }
+              }
+            }
+          }
+        }
+      },
+      "program_name": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "command": {
+        "type": "keyword",
+        "doc_values": "true"
+      },
+      "type": {
+        "type": "text"
+      },
+      "title": {
+        "type": "keyword",
+        "doc_values": "true"
+      }
+    }
+  }
+}
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
index 5cbe7670..39eb6a94 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
@@ -1,6 +1,7 @@
 <!-- Local rules -->
 
 <!-- Modify it at your will. -->
+<!-- Copyright (C) 2015-2019, Wazuh Inc. -->
 
 <!-- Example -->
 <group name="local,syslog,sshd,">
@@ -15,21 +16,4 @@
     <group>authentication_failed,pci_dss_10.2.4,pci_dss_10.2.5,</group>
   </rule>
 
-</group>
-
-<!--
-Used with active-response to restart an agent when agent.conf file
-is successfully retrieved.
--->
-<group name="local,ossec,">
-  <rule id="100002" level="1">
-    <if_group>syscheck</if_group>
-    <match>/var/ossec/etc/shared/agent.conf</match>
-    <description>Linux | agent.conf was modified</description>
-  </rule>
-  <rule id="100003" level="1">
-    <if_group>syscheck</if_group>
-    <match>C:\wazuh-agent/shared/agent.conf</match>
-    <description>Windows | agent.conf was modified</description>
-  </rule>
-</group>
+</group>
\ No newline at end of file

From 6b95e304b6ac4dfec08df5cd0fe29be9cc7dc22c Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 13 Jun 2019 17:49:05 +0200
Subject: [PATCH 115/714] Supporting ELK 7 cluster

---
 playbooks/wazuh-elastic_stack-distributed.yml               | 1 -
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml    | 6 +++++-
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2    | 2 ++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 6bdf4857..887cafbd 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -6,5 +6,4 @@
 - hosts: <your elastic stack server host>
   roles:
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'}
     - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 8d48441e..bd7bc0d4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -95,6 +95,8 @@
     url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
     method: GET
     status_code: 200, 404
+  when: not elasticsearch_bootstrap_node or single_node
+  poll: 30
   register: wazuh_alerts_template_exits
   tags: init
 
@@ -105,7 +107,9 @@
     status_code: 200
     body_format: json
     body: "{{ lookup('template','wazuh-elastic7-template-alerts.json.j2') }}"
-  when: wazuh_alerts_template_exits.status != 200
+  when: 
+    - wazuh_alerts_template_exits.status is defined
+    - wazuh_alerts_template_exits.status != 200
   tags: init
 
 - import_tasks: "RMRedHat.yml"
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index f0d08cff..595dd58a 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -10,11 +10,13 @@ network.host: {{ elasticsearch_network_host }}
 {% if single_node %}
 discovery.type: single-node
 {% elif elasticsearch_bootstrap_node %}
+node.master: true
 cluster.initial_master_nodes: 
 {% for item in elasticsearch_cluster_nodes %}
   - {{ item }}
 {% endfor %}
 {% elif elasticsearch_master_candidate %}
+node.master: true
 discovery.seed_hosts:
 {% for item in elasticsearch_cluster_nodes %}
   - {{ item }}

From 42a7f0604ec916adbe333f5f6c9c3981d5d71f4d Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 13 Jun 2019 17:53:45 +0200
Subject: [PATCH 116/714] Changed README

---
 .../ansible-elasticsearch/README.md           | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index 3dd45b08..f3089e7e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -30,10 +30,27 @@ Defaults variables are listed below, along with its values (see `defaults/main.y
 Example Playbook
 ----------------
 
+- Single-node
 ```
   - hosts: elasticsearch
     roles:
-      - { role: ansible-role-elasticsearch, elasticsearch_network_host: '192.168.33.182' }
+      - { role: ansible-role-elasticsearch, elasticsearch_network_host: '192.168.33.182', single_host: true }
+```
+
+- Three nodes Elasticsearch cluster
+```
+---
+- hosts: 172.16.0.161
+  roles:
+    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.161', elasticsearch_bootstrap_node: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
+
+- hosts: 172.16.0.162
+  roles:
+    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.162', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
+
+- hosts: 172.16.0.163
+  roles:
+    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
 ```
 
 License and copyright

From 91e88aae50221339223934688c01609634cf4758 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 13 Jun 2019 18:01:31 +0200
Subject: [PATCH 117/714] Removed Pipfile.lock

---
 Pipfile.lock | 698 ---------------------------------------------------
 1 file changed, 698 deletions(-)
 delete mode 100644 Pipfile.lock

diff --git a/Pipfile.lock b/Pipfile.lock
deleted file mode 100644
index 1df7c847..00000000
--- a/Pipfile.lock
+++ /dev/null
@@ -1,698 +0,0 @@
-{
-    "_meta": {
-        "hash": {
-            "sha256": "2d9ee042a6e26f8aee145bcef372b8817aed4bcfa95fc5b518ae0b7b4e8a2a8d"
-        },
-        "pipfile-spec": 6,
-        "requires": {
-            "python_version": "2.7"
-        },
-        "sources": [
-            {
-                "name": "pypi",
-                "url": "https://pypi.org/simple",
-                "verify_ssl": true
-            }
-        ]
-    },
-    "default": {
-        "ansible": {
-            "hashes": [
-                "sha256:84a42d1e371c4222c82e575cb6961fafd3afe920d84e4b6d87affabe400be294"
-            ],
-            "index": "pypi",
-            "version": "==2.7.10"
-        },
-        "ansible-lint": {
-            "hashes": [
-                "sha256:9430ea6e654ba4bf5b9c6921efc040f46cda9c4fd2896a99ff71d21037bcb123",
-                "sha256:c1b442b01091eca13ef11d98c3376e9489ba5b69a8467828ca86044f384bc0a1"
-            ],
-            "version": "==4.1.0"
-        },
-        "anyconfig": {
-            "hashes": [
-                "sha256:4d6016ae6eecc5e502bc7e99ae0639c5710c5c67bde5f21b06b9eaafd9ce0e7e"
-            ],
-            "version": "==0.9.7"
-        },
-        "arrow": {
-            "hashes": [
-                "sha256:3397e5448952e18e1295bf047014659effa5ae8da6a5371d37ff0ddc46fa6872",
-                "sha256:6f54d9f016c0b7811fac9fb8c2c7fa7421d80c54dbdd75ffb12913c55db60b8a"
-            ],
-            "version": "==0.13.1"
-        },
-        "asn1crypto": {
-            "hashes": [
-                "sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87",
-                "sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49"
-            ],
-            "version": "==0.24.0"
-        },
-        "atomicwrites": {
-            "hashes": [
-                "sha256:03472c30eb2c5d1ba9227e4c2ca66ab8287fbfbbda3888aa93dc2e28fc6811b4",
-                "sha256:75a9445bac02d8d058d5e1fe689654ba5a6556a1dfd8ce6ec55a0ed79866cfa6"
-            ],
-            "version": "==1.3.0"
-        },
-        "attrs": {
-            "hashes": [
-                "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79",
-                "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399"
-            ],
-            "version": "==19.1.0"
-        },
-        "backports.functools-lru-cache": {
-            "hashes": [
-                "sha256:9d98697f088eb1b0fa451391f91afb5e3ebde16bbdb272819fd091151fda4f1a",
-                "sha256:f0b0e4eba956de51238e17573b7087e852dfe9854afd2e9c873f73fc0ca0a6dd"
-            ],
-            "markers": "python_version == '2.7'",
-            "version": "==1.5"
-        },
-        "backports.ssl-match-hostname": {
-            "hashes": [
-                "sha256:bb82e60f9fbf4c080eabd957c39f0641f0fc247d9a16e31e26d594d8f42b9fd2"
-            ],
-            "markers": "python_version < '3.5'",
-            "version": "==3.7.0.1"
-        },
-        "bcrypt": {
-            "hashes": [
-                "sha256:0ba875eb67b011add6d8c5b76afbd92166e98b1f1efab9433d5dc0fafc76e203",
-                "sha256:21ed446054c93e209434148ef0b362432bb82bbdaf7beef70a32c221f3e33d1c",
-                "sha256:28a0459381a8021f57230954b9e9a65bb5e3d569d2c253c5cac6cb181d71cf23",
-                "sha256:2aed3091eb6f51c26b7c2fad08d6620d1c35839e7a362f706015b41bd991125e",
-                "sha256:2fa5d1e438958ea90eaedbf8082c2ceb1a684b4f6c75a3800c6ec1e18ebef96f",
-                "sha256:3a73f45484e9874252002793518da060fb11eaa76c30713faa12115db17d1430",
-                "sha256:3e489787638a36bb466cd66780e15715494b6d6905ffdbaede94440d6d8e7dba",
-                "sha256:44636759d222baa62806bbceb20e96f75a015a6381690d1bc2eda91c01ec02ea",
-                "sha256:678c21b2fecaa72a1eded0cf12351b153615520637efcadc09ecf81b871f1596",
-                "sha256:75460c2c3786977ea9768d6c9d8957ba31b5fbeb0aae67a5c0e96aab4155f18c",
-                "sha256:8ac06fb3e6aacb0a95b56eba735c0b64df49651c6ceb1ad1cf01ba75070d567f",
-                "sha256:8fdced50a8b646fff8fa0e4b1c5fd940ecc844b43d1da5a980cb07f2d1b1132f",
-                "sha256:9b2c5b640a2da533b0ab5f148d87fb9989bf9bcb2e61eea6a729102a6d36aef9",
-                "sha256:a9083e7fa9adb1a4de5ac15f9097eb15b04e2c8f97618f1b881af40abce382e1",
-                "sha256:b7e3948b8b1a81c5a99d41da5fb2dc03ddb93b5f96fcd3fd27e643f91efa33e1",
-                "sha256:b998b8ca979d906085f6a5d84f7b5459e5e94a13fc27c28a3514437013b6c2f6",
-                "sha256:dd08c50bc6f7be69cd7ba0769acca28c846ec46b7a8ddc2acf4b9ac6f8a7457e",
-                "sha256:de5badee458544ab8125e63e39afeedfcf3aef6a6e2282ac159c95ae7472d773",
-                "sha256:ede2a87333d24f55a4a7338a6ccdccf3eaa9bed081d1737e0db4dbd1a4f7e6b6"
-            ],
-            "version": "==3.1.6"
-        },
-        "binaryornot": {
-            "hashes": [
-                "sha256:359501dfc9d40632edc9fac890e19542db1a287bbcfa58175b66658392018061",
-                "sha256:b8b71173c917bddcd2c16070412e369c3ed7f0528926f70cac18a6c97fd563e4"
-            ],
-            "version": "==0.4.4"
-        },
-        "cerberus": {
-            "hashes": [
-                "sha256:f5c2e048fb15ecb3c088d192164316093fcfa602a74b3386eefb2983aa7e800a"
-            ],
-            "version": "==1.2"
-        },
-        "certifi": {
-            "hashes": [
-                "sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5",
-                "sha256:b26104d6835d1f5e49452a26eb2ff87fe7090b89dfcaee5ea2212697e1e1d7ae"
-            ],
-            "version": "==2019.3.9"
-        },
-        "cffi": {
-            "hashes": [
-                "sha256:00b97afa72c233495560a0793cdc86c2571721b4271c0667addc83c417f3d90f",
-                "sha256:0ba1b0c90f2124459f6966a10c03794082a2f3985cd699d7d63c4a8dae113e11",
-                "sha256:0bffb69da295a4fc3349f2ec7cbe16b8ba057b0a593a92cbe8396e535244ee9d",
-                "sha256:21469a2b1082088d11ccd79dd84157ba42d940064abbfa59cf5f024c19cf4891",
-                "sha256:2e4812f7fa984bf1ab253a40f1f4391b604f7fc424a3e21f7de542a7f8f7aedf",
-                "sha256:2eac2cdd07b9049dd4e68449b90d3ef1adc7c759463af5beb53a84f1db62e36c",
-                "sha256:2f9089979d7456c74d21303c7851f158833d48fb265876923edcb2d0194104ed",
-                "sha256:3dd13feff00bddb0bd2d650cdb7338f815c1789a91a6f68fdc00e5c5ed40329b",
-                "sha256:4065c32b52f4b142f417af6f33a5024edc1336aa845b9d5a8d86071f6fcaac5a",
-                "sha256:51a4ba1256e9003a3acf508e3b4f4661bebd015b8180cc31849da222426ef585",
-                "sha256:59888faac06403767c0cf8cfb3f4a777b2939b1fbd9f729299b5384f097f05ea",
-                "sha256:59c87886640574d8b14910840327f5cd15954e26ed0bbd4e7cef95fa5aef218f",
-                "sha256:610fc7d6db6c56a244c2701575f6851461753c60f73f2de89c79bbf1cc807f33",
-                "sha256:70aeadeecb281ea901bf4230c6222af0248c41044d6f57401a614ea59d96d145",
-                "sha256:71e1296d5e66c59cd2c0f2d72dc476d42afe02aeddc833d8e05630a0551dad7a",
-                "sha256:8fc7a49b440ea752cfdf1d51a586fd08d395ff7a5d555dc69e84b1939f7ddee3",
-                "sha256:9b5c2afd2d6e3771d516045a6cfa11a8da9a60e3d128746a7fe9ab36dfe7221f",
-                "sha256:9c759051ebcb244d9d55ee791259ddd158188d15adee3c152502d3b69005e6bd",
-                "sha256:b4d1011fec5ec12aa7cc10c05a2f2f12dfa0adfe958e56ae38dc140614035804",
-                "sha256:b4f1d6332339ecc61275bebd1f7b674098a66fea11a00c84d1c58851e618dc0d",
-                "sha256:c030cda3dc8e62b814831faa4eb93dd9a46498af8cd1d5c178c2de856972fd92",
-                "sha256:c2e1f2012e56d61390c0e668c20c4fb0ae667c44d6f6a2eeea5d7148dcd3df9f",
-                "sha256:c37c77d6562074452120fc6c02ad86ec928f5710fbc435a181d69334b4de1d84",
-                "sha256:c8149780c60f8fd02752d0429246088c6c04e234b895c4a42e1ea9b4de8d27fb",
-                "sha256:cbeeef1dc3c4299bd746b774f019de9e4672f7cc666c777cd5b409f0b746dac7",
-                "sha256:e113878a446c6228669144ae8a56e268c91b7f1fafae927adc4879d9849e0ea7",
-                "sha256:e21162bf941b85c0cda08224dade5def9360f53b09f9f259adb85fc7dd0e7b35",
-                "sha256:fb6934ef4744becbda3143d30c6604718871495a5e36c408431bf33d9c146889"
-            ],
-            "version": "==1.12.2"
-        },
-        "chardet": {
-            "hashes": [
-                "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae",
-                "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"
-            ],
-            "version": "==3.0.4"
-        },
-        "click": {
-            "hashes": [
-                "sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
-                "sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b"
-            ],
-            "version": "==6.7"
-        },
-        "click-completion": {
-            "hashes": [
-                "sha256:7ca12978493a7450486cef155845af4fae48744c3f97b7250a254de65c9e5e5a"
-            ],
-            "version": "==0.3.1"
-        },
-        "colorama": {
-            "hashes": [
-                "sha256:463f8483208e921368c9f306094eb6f725c6ca42b0f97e313cb5d5512459feda",
-                "sha256:48eb22f4f8461b1df5734a074b57042430fb06e1d61bd1e11b078c0fe6d7a1f1"
-            ],
-            "version": "==0.3.9"
-        },
-        "configparser": {
-            "hashes": [
-                "sha256:8be81d89d6e7b4c0d4e44bcc525845f6da25821de80cb5e06e7e0238a2899e32",
-                "sha256:da60d0014fd8c55eb48c1c5354352e363e2d30bbf7057e5e171a468390184c75"
-            ],
-            "markers": "python_version < '3.2'",
-            "version": "==3.7.4"
-        },
-        "cookiecutter": {
-            "hashes": [
-                "sha256:1316a52e1c1f08db0c9efbf7d876dbc01463a74b155a0d83e722be88beda9a3e",
-                "sha256:ed8f54a8fc79b6864020d773ce11539b5f08e4617f353de1f22d23226f6a0d36"
-            ],
-            "version": "==1.6.0"
-        },
-        "cryptography": {
-            "hashes": [
-                "sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1",
-                "sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705",
-                "sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6",
-                "sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1",
-                "sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8",
-                "sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151",
-                "sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d",
-                "sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659",
-                "sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537",
-                "sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e",
-                "sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb",
-                "sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c",
-                "sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9",
-                "sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5",
-                "sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad",
-                "sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a",
-                "sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460",
-                "sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd",
-                "sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6"
-            ],
-            "version": "==2.6.1"
-        },
-        "docker-py": {
-            "hashes": [
-                "sha256:35b506e95861914fa5ad57a6707e3217b4082843b883be246190f57013948aba",
-                "sha256:4c2a75875764d38d67f87bc7d03f7443a3895704efc57962bdf6500b8d4bc415"
-            ],
-            "index": "pypi",
-            "version": "==1.10.6"
-        },
-        "docker-pycreds": {
-            "hashes": [
-                "sha256:6ce3270bcaf404cc4c3e27e4b6c70d3521deae82fb508767870fdbf772d584d4",
-                "sha256:7266112468627868005106ec19cd0d722702d2b7d5912a28e19b826c3d37af49"
-            ],
-            "version": "==0.4.0"
-        },
-        "entrypoints": {
-            "hashes": [
-                "sha256:589f874b313739ad35be6e0cd7efde2a4e9b6fea91edcc34e58ecbb8dbe56d19",
-                "sha256:c70dd71abe5a8c85e55e12c19bd91ccfeec11a6e99044204511f9ed547d48451"
-            ],
-            "version": "==0.3"
-        },
-        "enum34": {
-            "hashes": [
-                "sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850",
-                "sha256:644837f692e5f550741432dd3f223bbb9852018674981b1664e5dc339387588a",
-                "sha256:6bd0f6ad48ec2aa117d3d141940d484deccda84d4fcd884f5c3d93c23ecd8c79",
-                "sha256:8ad8c4783bf61ded74527bffb48ed9b54166685e4230386a9ed9b1279e2df5b1"
-            ],
-            "markers": "python_version < '3.4'",
-            "version": "==1.1.6"
-        },
-        "fasteners": {
-            "hashes": [
-                "sha256:427c76773fe036ddfa41e57d89086ea03111bbac57c55fc55f3006d027107e18",
-                "sha256:564a115ff9698767df401efca29620cbb1a1c2146b7095ebd304b79cc5807a7c"
-            ],
-            "version": "==0.14.1"
-        },
-        "flake8": {
-            "hashes": [
-                "sha256:859996073f341f2670741b51ec1e67a01da142831aa1fdc6242dbf88dffbe661",
-                "sha256:a796a115208f5c03b18f332f7c11729812c8c3ded6c46319c59b53efd3819da8"
-            ],
-            "version": "==3.7.7"
-        },
-        "funcsigs": {
-            "hashes": [
-                "sha256:330cc27ccbf7f1e992e69fef78261dc7c6569012cf397db8d3de0234e6c937ca",
-                "sha256:a7bb0f2cf3a3fd1ab2732cb49eba4252c2af4240442415b4abce3b87022a8f50"
-            ],
-            "markers": "python_version < '3.0'",
-            "version": "==1.0.2"
-        },
-        "functools32": {
-            "hashes": [
-                "sha256:89d824aa6c358c421a234d7f9ee0bd75933a67c29588ce50aaa3acdf4d403fa0",
-                "sha256:f6253dfbe0538ad2e387bd8fdfd9293c925d63553f5813c4e587745416501e6d"
-            ],
-            "markers": "python_version < '3.2'",
-            "version": "==3.2.3.post2"
-        },
-        "future": {
-            "hashes": [
-                "sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8"
-            ],
-            "version": "==0.17.1"
-        },
-        "git-url-parse": {
-            "hashes": [
-                "sha256:4655ee22f1d8bf7a1eb1066c1da16529b186966c6d8331f7f55686a76a9f7aef",
-                "sha256:7b5f4e3aeb1d693afeee67a3bd4ac063f7206c2e8e46e559f0da0da98445f117",
-                "sha256:9353ff40d69488ff2299b27f40e0350ad87bd5348ea6ea09a1895eda9e5733de"
-            ],
-            "version": "==1.2.2"
-        },
-        "idna": {
-            "hashes": [
-                "sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e",
-                "sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16"
-            ],
-            "version": "==2.7"
-        },
-        "ipaddress": {
-            "hashes": [
-                "sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794",
-                "sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c"
-            ],
-            "markers": "python_version < '3'",
-            "version": "==1.0.22"
-        },
-        "jinja2": {
-            "hashes": [
-                "sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd",
-                "sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4"
-            ],
-            "version": "==2.10"
-        },
-        "jinja2-time": {
-            "hashes": [
-                "sha256:d14eaa4d315e7688daa4969f616f226614350c48730bfa1692d2caebd8c90d40",
-                "sha256:d3eab6605e3ec8b7a0863df09cc1d23714908fa61aa6986a845c20ba488b4efa"
-            ],
-            "version": "==0.2.0"
-        },
-        "markupsafe": {
-            "hashes": [
-                "sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473",
-                "sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161",
-                "sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235",
-                "sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5",
-                "sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff",
-                "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b",
-                "sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1",
-                "sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e",
-                "sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183",
-                "sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66",
-                "sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1",
-                "sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1",
-                "sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e",
-                "sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b",
-                "sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905",
-                "sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735",
-                "sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d",
-                "sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e",
-                "sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d",
-                "sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c",
-                "sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21",
-                "sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2",
-                "sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5",
-                "sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b",
-                "sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6",
-                "sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f",
-                "sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f",
-                "sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7"
-            ],
-            "version": "==1.1.1"
-        },
-        "mccabe": {
-            "hashes": [
-                "sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42",
-                "sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
-            ],
-            "version": "==0.6.1"
-        },
-        "molecule": {
-            "hashes": [
-                "sha256:0e9ef6845cdf2a01f6c386445e4e54add3f515a033ee16b7b658e6122c8f0d76",
-                "sha256:621797c54299775f284bbb010d5bb9be485500eecaaa14a476cbc0df285d0da7"
-            ],
-            "index": "pypi",
-            "version": "==2.20.1"
-        },
-        "monotonic": {
-            "hashes": [
-                "sha256:23953d55076df038541e648a53676fb24980f7a1be290cdda21300b3bc21dfb0",
-                "sha256:552a91f381532e33cbd07c6a2655a21908088962bb8fa7239ecbcc6ad1140cc7"
-            ],
-            "version": "==1.5"
-        },
-        "more-itertools": {
-            "hashes": [
-                "sha256:38a936c0a6d98a38bcc2d03fdaaedaba9f412879461dd2ceff8d37564d6522e4",
-                "sha256:c0a5785b1109a6bd7fac76d6837fd1feca158e54e521ccd2ae8bfe393cc9d4fc",
-                "sha256:fe7a7cae1ccb57d33952113ff4fa1bc5f879963600ed74918f1236e212ee50b9"
-            ],
-            "markers": "python_version <= '2.7'",
-            "version": "==5.0.0"
-        },
-        "paramiko": {
-            "hashes": [
-                "sha256:3c16b2bfb4c0d810b24c40155dbfd113c0521e7e6ee593d704e84b4c658a1f3b",
-                "sha256:a8975a7df3560c9f1e2b43dc54ebd40fd00a7017392ca5445ce7df409f900fcb"
-            ],
-            "version": "==2.4.2"
-        },
-        "pathlib2": {
-            "hashes": [
-                "sha256:25199318e8cc3c25dcb45cbe084cc061051336d5a9ea2a12448d3d8cb748f742",
-                "sha256:5887121d7f7df3603bca2f710e7219f3eca0eb69e0b7cc6e0a022e155ac931a7"
-            ],
-            "markers": "python_version < '3.6'",
-            "version": "==2.3.3"
-        },
-        "pathspec": {
-            "hashes": [
-                "sha256:54a5eab895d89f342b52ba2bffe70930ef9f8d96e398cccf530d21fa0516a873"
-            ],
-            "version": "==0.5.9"
-        },
-        "pbr": {
-            "hashes": [
-                "sha256:f59d71442f9ece3dffc17bc36575768e1ee9967756e6b6535f0ee1f0054c3d68",
-                "sha256:f6d5b23f226a2ba58e14e49aa3b1bfaf814d0199144b95d78458212444de1387"
-            ],
-            "version": "==5.1.1"
-        },
-        "pexpect": {
-            "hashes": [
-                "sha256:2a8e88259839571d1251d278476f3eec5db26deb73a70be5ed5dc5435e418aba",
-                "sha256:3fbd41d4caf27fa4a377bfd16fef87271099463e6fa73e92a52f92dfee5d425b"
-            ],
-            "version": "==4.6.0"
-        },
-        "pluggy": {
-            "hashes": [
-                "sha256:19ecf9ce9db2fce065a7a0586e07cfb4ac8614fe96edf628a264b1c70116cf8f",
-                "sha256:84d306a647cc805219916e62aab89caa97a33a1dd8c342e87a37f91073cd4746"
-            ],
-            "version": "==0.9.0"
-        },
-        "poyo": {
-            "hashes": [
-                "sha256:c34a5413191210ed564640510e9c4a4ba3b698746d6b454d46eb5bfb30edcd1d",
-                "sha256:d1c317054145a6b1ca0608b5e676b943ddc3bfd671f886a2fe09288b98221edb"
-            ],
-            "version": "==0.4.2"
-        },
-        "psutil": {
-            "hashes": [
-                "sha256:0ff2b16e9045d01edb1dd10d7fbcc184012e37f6cd38029e959f2be9c6223f50",
-                "sha256:254adb6a27c888f141d2a6032ae231d8ed4fc5f7583b4c825e5f7d7c78d26d2e",
-                "sha256:319e12f6bae4d4d988fbff3bed792953fa3b44c791f085b0a1a230f755671ef7",
-                "sha256:529ae235896efb99a6f77653a7138273ab701ec9f0343a1f5030945108dee3c4",
-                "sha256:686e5a35fe4c0acc25f3466c32e716f2d498aaae7b7edc03e2305b682226bcf6",
-                "sha256:6d981b4d863b20c8ceed98b8ac3d1ca7f96d28707a80845d360fa69c8fc2c44b",
-                "sha256:7789885a72aa3075d28d028236eb3f2b84d908f81d38ad41769a6ddc2fd81b7c",
-                "sha256:7f4616bcb44a6afda930cfc40215e5e9fa7c6896e683b287c771c937712fbe2f",
-                "sha256:7fdb3d02bfd68f508e6745021311a4a4dbfec53fca03721474e985f310e249ba",
-                "sha256:a9b85b335b40a528a8e2a6b549592138de8429c6296e7361892958956e6a73cf",
-                "sha256:dc85fad15ef98103ecc047a0d81b55bbf5fe1b03313b96e883acc2e2fa87ed5c"
-            ],
-            "version": "==5.4.6"
-        },
-        "ptyprocess": {
-            "hashes": [
-                "sha256:923f299cc5ad920c68f2bc0bc98b75b9f838b93b599941a6b63ddbc2476394c0",
-                "sha256:d7cc528d76e76342423ca640335bd3633420dc1366f258cb31d05e865ef5ca1f"
-            ],
-            "version": "==0.6.0"
-        },
-        "py": {
-            "hashes": [
-                "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa",
-                "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53"
-            ],
-            "version": "==1.8.0"
-        },
-        "pyasn1": {
-            "hashes": [
-                "sha256:da2420fe13a9452d8ae97a0e478adde1dee153b11ba832a95b223a2ba01c10f7",
-                "sha256:da6b43a8c9ae93bc80e2739efb38cc776ba74a886e3e9318d65fe81a8b8a2c6e"
-            ],
-            "version": "==0.4.5"
-        },
-        "pycodestyle": {
-            "hashes": [
-                "sha256:95a2219d12372f05704562a14ec30bc76b05a5b297b21a5dfe3f6fac3491ae56",
-                "sha256:e40a936c9a450ad81df37f549d676d127b1b66000a6c500caa2b085bc0ca976c"
-            ],
-            "version": "==2.5.0"
-        },
-        "pycparser": {
-            "hashes": [
-                "sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3"
-            ],
-            "version": "==2.19"
-        },
-        "pyflakes": {
-            "hashes": [
-                "sha256:17dbeb2e3f4d772725c777fabc446d5634d1038f234e77343108ce445ea69ce0",
-                "sha256:d976835886f8c5b31d47970ed689944a0262b5f3afa00a5a7b4dc81e5449f8a2"
-            ],
-            "version": "==2.1.1"
-        },
-        "pynacl": {
-            "hashes": [
-                "sha256:05c26f93964373fc0abe332676cb6735f0ecad27711035b9472751faa8521255",
-                "sha256:0c6100edd16fefd1557da078c7a31e7b7d7a52ce39fdca2bec29d4f7b6e7600c",
-                "sha256:0d0a8171a68edf51add1e73d2159c4bc19fc0718e79dec51166e940856c2f28e",
-                "sha256:1c780712b206317a746ace34c209b8c29dbfd841dfbc02aa27f2084dd3db77ae",
-                "sha256:2424c8b9f41aa65bbdbd7a64e73a7450ebb4aa9ddedc6a081e7afcc4c97f7621",
-                "sha256:2d23c04e8d709444220557ae48ed01f3f1086439f12dbf11976e849a4926db56",
-                "sha256:30f36a9c70450c7878053fa1344aca0145fd47d845270b43a7ee9192a051bf39",
-                "sha256:37aa336a317209f1bb099ad177fef0da45be36a2aa664507c5d72015f956c310",
-                "sha256:4943decfc5b905748f0756fdd99d4f9498d7064815c4cf3643820c9028b711d1",
-                "sha256:57ef38a65056e7800859e5ba9e6091053cd06e1038983016effaffe0efcd594a",
-                "sha256:5bd61e9b44c543016ce1f6aef48606280e45f892a928ca7068fba30021e9b786",
-                "sha256:6482d3017a0c0327a49dddc8bd1074cc730d45db2ccb09c3bac1f8f32d1eb61b",
-                "sha256:7d3ce02c0784b7cbcc771a2da6ea51f87e8716004512493a2b69016326301c3b",
-                "sha256:a14e499c0f5955dcc3991f785f3f8e2130ed504fa3a7f44009ff458ad6bdd17f",
-                "sha256:a39f54ccbcd2757d1d63b0ec00a00980c0b382c62865b61a505163943624ab20",
-                "sha256:aabb0c5232910a20eec8563503c153a8e78bbf5459490c49ab31f6adf3f3a415",
-                "sha256:bd4ecb473a96ad0f90c20acba4f0bf0df91a4e03a1f4dd6a4bdc9ca75aa3a715",
-                "sha256:e2da3c13307eac601f3de04887624939aca8ee3c9488a0bb0eca4fb9401fc6b1",
-                "sha256:f67814c38162f4deb31f68d590771a29d5ae3b1bd64b75cf232308e5c74777e0"
-            ],
-            "version": "==1.3.0"
-        },
-        "pytest": {
-            "hashes": [
-                "sha256:3773f4c235918987d51daf1db66d51c99fac654c81d6f2f709a046ab446d5e5d",
-                "sha256:b7802283b70ca24d7119b32915efa7c409982f59913c1a6c0640aacf118b95f5"
-            ],
-            "version": "==4.4.1"
-        },
-        "python-dateutil": {
-            "hashes": [
-                "sha256:7e6584c74aeed623791615e26efd690f29817a27c73085b78e4bad02493df2fb",
-                "sha256:c89805f6f4d64db21ed966fda138f8a5ed7a4fdbc1a8ee329ce1b74e3c74da9e"
-            ],
-            "version": "==2.8.0"
-        },
-        "python-gilt": {
-            "hashes": [
-                "sha256:4fd58c128635d1f4a8c93305e648f23379ce56e23624e4c5479427fcd2d5656e",
-                "sha256:c7321ef1a8efddbdef657b4fd21c3eaf1b4cb24a9656d97b73a444b1feb2067a",
-                "sha256:e23a45a6905e6bb7aec3ff7652b48309933a6991fad4546d9e793ac7e0513f8a"
-            ],
-            "version": "==1.2.1"
-        },
-        "pyyaml": {
-            "hashes": [
-                "sha256:3d7da3009c0f3e783b2c873687652d83b1bbfd5c88e9813fb7e5b03c0dd3108b",
-                "sha256:3ef3092145e9b70e3ddd2c7ad59bdd0252a94dfe3949721633e41344de00a6bf",
-                "sha256:40c71b8e076d0550b2e6380bada1f1cd1017b882f7e16f09a65be98e017f211a",
-                "sha256:558dd60b890ba8fd982e05941927a3911dc409a63dcb8b634feaa0cda69330d3",
-                "sha256:a7c28b45d9f99102fa092bb213aa12e0aaf9a6a1f5e395d36166639c1f96c3a1",
-                "sha256:aa7dd4a6a427aed7df6fb7f08a580d68d9b118d90310374716ae90b710280af1",
-                "sha256:bc558586e6045763782014934bfaf39d48b8ae85a2713117d16c39864085c613",
-                "sha256:d46d7982b62e0729ad0175a9bc7e10a566fc07b224d2c79fafb5e032727eaa04",
-                "sha256:d5eef459e30b09f5a098b9cea68bebfeb268697f78d647bd255a085371ac7f3f",
-                "sha256:e01d3203230e1786cd91ccfdc8f8454c8069c91bee3962ad93b87a4b2860f537",
-                "sha256:e170a9e6fcfd19021dd29845af83bb79236068bf5fd4df3327c1be18182b2531"
-            ],
-            "version": "==3.13"
-        },
-        "requests": {
-            "hashes": [
-                "sha256:502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e",
-                "sha256:7bf2a778576d825600030a110f3c0e3e8edc51dfaafe1c146e39a2027784957b"
-            ],
-            "version": "==2.21.0"
-        },
-        "ruamel.ordereddict": {
-            "hashes": [
-                "sha256:08b4b19fe518d32251a5338e039c4dc9eb0876f2919f94c9b8d2f9446ea80806",
-                "sha256:150ce8e6c514a2a2b62753622a75874962561f8e5eeec81a3172ab952807bf0b",
-                "sha256:45541836cbfdde630033cae7bbbe35acbac87a0ceec79f944b7a3bedd940fe78",
-                "sha256:854dd4a524811b16111b1107d8a751e4ca064d2bb103d3d91deab75de36b6620",
-                "sha256:aee2fa23e884249b4284b728888c553d551e5bfd4de2731f10153fd7813ec55f",
-                "sha256:bf0a198c8ce5d973c24e5dba12d3abc254996788ca6ad8448eabc6aa710db149"
-            ],
-            "markers": "platform_python_implementation == 'CPython' and python_version <= '2.7'",
-            "version": "==0.4.13"
-        },
-        "ruamel.yaml": {
-            "hashes": [
-                "sha256:09ed5b07bfd09592dd265dc0f645b3e96e6c69de59ac1cd5b6dbcb8a243a28ee",
-                "sha256:10c194ef72f7419dd2fde7b35746c1e4bdaf80911e07c33eff3aedc1a89d574a",
-                "sha256:10e49c1b9ba35a9682fb3afffe52c2a1383e442bf05938dd87d30db252ce2e0b",
-                "sha256:1ca24a5ce2d2e61e6c504cbbbb24ece78127c79af87e8fe3175bb58c048f986d",
-                "sha256:272ade6dd5c27fdf2b917a497ee2bad1b11f41ad6f3f646a16a21b3ad78c2626",
-                "sha256:4be750a41289528e446d075b048e8cd06ea6a6779c2ef77f7b87ad3c567117d7",
-                "sha256:4d5c331e8a0e4423535e9dfecc6ea8f0ec4360b524b103f46432021cb9698d2e",
-                "sha256:69af34d4034659774e45d9f077e6f930d2c41c38ac721d5e7cb88b7629be446d",
-                "sha256:70229ffbd67a5171fc6aef24c32caa65042834bf6e8d0b3116d4046920a20be9",
-                "sha256:70a88e6ae131789e2fbe3816450a10c057b21ae93c875f717435fe2cea5fdcf3",
-                "sha256:89609fd5696cc82265877cdde3505242ebd2b262fb87a86e46d370fad5ff4111",
-                "sha256:92ff5ed79f5a98e3a57c741d238afa2846f2cae87d6385eebb93d0dcd6caf5b4",
-                "sha256:9f1323e7f6d25c8fba5fee5809a22f31805976978c7316a7d08ecdda0c22d6f0",
-                "sha256:af76d3350062124d8488b31c8dff9664a6a4934a71efb8af35d5c346632a765c",
-                "sha256:bf6931ac24676189ce061485a42e4ad36d158672dfde2bf7ba953b0edc8ee40b",
-                "sha256:c6d05e38a141922eca7902135e7a40b605763d6da8ec6624517370631ce9fb6d",
-                "sha256:dc4237c27602ceb8ff060e0172da2f6a7e759008dba592f58b8fae0003cf0a57",
-                "sha256:dfa4948d1a2ea577e53f05e9de7396db7cddba286f2827e7177d249fc7303681",
-                "sha256:e287e894dde92fc8555ad767e240d3e604a9e25afc02eeee35e21f0d25e152b8",
-                "sha256:e56b6f687a5361bcdab3dbc776cbdeff623a976760afeadc725129e53cf13092",
-                "sha256:ecaf924ab269c8ea4006792710d93ff5d900f99a81fb74a8040b0eeff3571baf",
-                "sha256:f624dd645ed2f342015a8b9149691feaac532f26b77fd206df2d724ebf82bd14"
-            ],
-            "version": "==0.15.92"
-        },
-        "scandir": {
-            "hashes": [
-                "sha256:2586c94e907d99617887daed6c1d102b5ca28f1085f90446554abf1faf73123e",
-                "sha256:2ae41f43797ca0c11591c0c35f2f5875fa99f8797cb1a1fd440497ec0ae4b022",
-                "sha256:2b8e3888b11abb2217a32af0766bc06b65cc4a928d8727828ee68af5a967fa6f",
-                "sha256:2c712840c2e2ee8dfaf36034080108d30060d759c7b73a01a52251cc8989f11f",
-                "sha256:4d4631f6062e658e9007ab3149a9b914f3548cb38bfb021c64f39a025ce578ae",
-                "sha256:67f15b6f83e6507fdc6fca22fedf6ef8b334b399ca27c6b568cbfaa82a364173",
-                "sha256:7d2d7a06a252764061a020407b997dd036f7bd6a175a5ba2b345f0a357f0b3f4",
-                "sha256:8c5922863e44ffc00c5c693190648daa6d15e7c1207ed02d6f46a8dcc2869d32",
-                "sha256:92c85ac42f41ffdc35b6da57ed991575bdbe69db895507af88b9f499b701c188",
-                "sha256:b24086f2375c4a094a6b51e78b4cf7ca16c721dcee2eddd7aa6494b42d6d519d",
-                "sha256:cb925555f43060a1745d0a321cca94bcea927c50114b623d73179189a4e100ac"
-            ],
-            "markers": "python_version < '3.5'",
-            "version": "==1.10.0"
-        },
-        "sh": {
-            "hashes": [
-                "sha256:ae3258c5249493cebe73cb4e18253a41ed69262484bad36fdb3efcb8ad8870bb",
-                "sha256:b52bf5833ed01c7b5c5fb73a7f71b3d98d48e9b9b8764236237bdc7ecae850fc"
-            ],
-            "version": "==1.12.14"
-        },
-        "six": {
-            "hashes": [
-                "sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9",
-                "sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb"
-            ],
-            "version": "==1.11.0"
-        },
-        "tabulate": {
-            "hashes": [
-                "sha256:e4ca13f26d0a6be2a2915428dc21e732f1e44dad7f76d7030b2ef1ec251cf7f2"
-            ],
-            "version": "==0.8.2"
-        },
-        "testinfra": {
-            "hashes": [
-                "sha256:8dbbf25039674d419598f576c5652947cebdf7cbbea8f23acacc80271009c6cb",
-                "sha256:d13dda899d5a051465f041a821363e2ebdd079391fbeae04089a2df7d35e3d54"
-            ],
-            "version": "==1.19.0"
-        },
-        "tree-format": {
-            "hashes": [
-                "sha256:a538523aa78ae7a4b10003b04f3e1b37708e0e089d99c9d3b9e1c71384c9a7f9",
-                "sha256:b5056228dbedde1fb81b79f71fb0c23c98e9d365230df9b29af76e8d8003de11"
-            ],
-            "version": "==0.1.2"
-        },
-        "typing": {
-            "hashes": [
-                "sha256:4027c5f6127a6267a435201981ba156de91ad0d1d98e9ddc2aa173453453492d",
-                "sha256:57dcf675a99b74d64dacf6fba08fb17cf7e3d5fdff53d4a30ea2a5e7e52543d4",
-                "sha256:a4c8473ce11a65999c8f59cb093e70686b6c84c98df58c1dae9b3b196089858a"
-            ],
-            "markers": "python_version < '3.5'",
-            "version": "==3.6.6"
-        },
-        "urllib3": {
-            "hashes": [
-                "sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39",
-                "sha256:de9529817c93f27c8ccbfead6985011db27bd0ddfcdb2d86f3f663385c6a9c22"
-            ],
-            "version": "==1.24.1"
-        },
-        "websocket-client": {
-            "hashes": [
-                "sha256:1151d5fb3a62dc129164292e1227655e4bbc5dd5340a5165dfae61128ec50aa9",
-                "sha256:1fd5520878b68b84b5748bb30e592b10d0a91529d5383f74f4964e72b297fd3a"
-            ],
-            "version": "==0.56.0"
-        },
-        "whichcraft": {
-            "hashes": [
-                "sha256:7533870f751901a0ce43c93cc9850186e9eba7fe58c924dfb435968ba9c9fa4e",
-                "sha256:fecddd531f237ffc5db8b215409afb18fa30300699064cca4817521b4fc81815"
-            ],
-            "version": "==0.5.2"
-        },
-        "yamllint": {
-            "hashes": [
-                "sha256:5a53b6ebea563f944420d2964233173532af00a9579ab2c48c4cf8c56b704050",
-                "sha256:8f25759997acb42e52b96bf3af0b4b942e6516b51198bebd3402640102006af7"
-            ],
-            "version": "==1.15.0"
-        }
-    },
-    "develop": {}
-}

From fbaa88127f6222f55c4a2e3432b54d1f8834a2f7 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Thu, 13 Jun 2019 18:07:23 +0200
Subject: [PATCH 118/714] Updated CHANGELOG

---
 CHANGELOG.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fad82137..af79a017 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,20 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.9.2_7.1.1]
+
+### Added 
+
+- Update to Wazuh v3.9.2
+- Support for Elastic 7
+- Ability to deploy an Elasticsearch cluster [#6b95e3](https://github.com/wazuh/wazuh-ansible/commit/6b95e304b6ac4dfec08df5cd0fe29be9cc7dc22c)
+
+## [v3.9.2_6.8.0]
+
+### Added 
+
+- Update to Wazuh v3.9.2
+
 ## [v3.9.1]
 
 ### Added 

From eb66e7d4cb252b26ca4a1c9651a4154775c6e2bd Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Fri, 14 Jun 2019 17:12:49 +0200
Subject: [PATCH 119/714] Passing tests

---
 molecule/default/tests/test_default.py               | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 27ee3238..16a32b85 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.1"
+    return "3.9.2"
 
 
 def test_wazuh_packages_are_installed(host):
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index cf33aeff..298e6bd7 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -4,4 +4,4 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.1.1
-wazuh_version: 3.9.1
\ No newline at end of file
+wazuh_version: 3.9.2
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 28ab6d7c..e95707e6 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -23,7 +23,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.9.1'
+  version: '3.9.2'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 43936e7bc7eb51bd186f47dac4a6f477

From 11721ebe147f27ce33b921ce52f2a950ea375a94 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 17:00:40 +0200
Subject: [PATCH 120/714] Added new tasks for xpack security

---
 .../elastic-stack/ansible-elasticsearch/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index bd7bc0d4..35c30aa9 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -112,6 +112,16 @@
     - wazuh_alerts_template_exits.status != 200
   tags: init
 
+- name: Check that the instances.yml file exists
+  stat:
+    path: /usr/share/elasticsearch/instances.yml
+  register: instances_exists
+  
+- name: Generating certificates for Elasticsearch security
+  shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/instances.yml --out /usr/share/elasticsearch/certs.zip"
+  when: instances_exists
+  tags: xpack-security
+
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 

From a18a235b139df92433cf10887d9da081ff4dfea9 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 17:00:54 +0200
Subject: [PATCH 121/714] Modifying template for allowing xpack.security

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2    | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 595dd58a..02b1872d 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -22,3 +22,9 @@ discovery.seed_hosts:
   - {{ item }}
 {% endfor %}
 {% endif %}
+
+# XPACK Security
+
+{% if elasticsearch_xpack_security %}
+xpack.security.enabled: true
+{% endif %}
\ No newline at end of file

From 0e9996b47285cc2e70eeec1a310ec3b328b262af Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 17:01:06 +0200
Subject: [PATCH 122/714] Added new variable for enabling xpack security

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 5d380b6b..fc0e9551 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -9,4 +9,5 @@ single_node: false
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
 elasticsearch_cluster_nodes:
-  - 127.0.0.1
\ No newline at end of file
+  - 127.0.0.1
+elasticsearch_xpack_security: false
\ No newline at end of file

From dda93ebd15ff017115d1347445960e0c12dd90d4 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 18:52:58 +0200
Subject: [PATCH 123/714] Added new conditions and variables to tasks

---
 .../ansible-elasticsearch/defaults/main.yml              | 3 ++-
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 9 +++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index fc0e9551..5d04e5ee 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -10,4 +10,5 @@ elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
 elasticsearch_cluster_nodes:
   - 127.0.0.1
-elasticsearch_xpack_security: false
\ No newline at end of file
+elasticsearch_xpack_security: false
+node_generate_certs: false
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 35c30aa9..84271d15 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -115,11 +115,16 @@
 - name: Check that the instances.yml file exists
   stat:
     path: /usr/share/elasticsearch/instances.yml
-  register: instances_exists
+  register: instances_file_exists
+  when: 
+    - node_generate_certs
+    - elasticsearch_xpack_security
   
 - name: Generating certificates for Elasticsearch security
   shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/instances.yml --out /usr/share/elasticsearch/certs.zip"
-  when: instances_exists
+  when: 
+    - instances_file_exists
+    - elasticsearch_xpack_security
   tags: xpack-security
 
 - import_tasks: "RMRedHat.yml"

From 7194675f028edfb235e95abc45b5511c645efb18 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 19:05:17 +0200
Subject: [PATCH 124/714] Added new template for instances.yml file

---
 .../ansible-elasticsearch/templates/instances.yml.j2  | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
new file mode 100644
index 00000000..ce4c287b
--- /dev/null
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -0,0 +1,11 @@
+
+# {{ ansible_managed }}
+# TO-DO
+
+{% if node_generate_certs %}
+instances:
+{% for item in elasticsearch_cluster_nodes %}
+    ip: {{ item.ip }}
+    - "{{ item.name }}"
+{% endfor %}
+{% endif %}
\ No newline at end of file

From 090514b9c5e2c3b6cc6873ed627f4adb04afa938 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 19:05:46 +0200
Subject: [PATCH 125/714] New tasks for checking instances.yml file

---
 .../elastic-stack/ansible-elasticsearch/tasks/main.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 84271d15..55ef924d 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -119,7 +119,15 @@
   when: 
     - node_generate_certs
     - elasticsearch_xpack_security
-  
+
+- name: Check that the instances.yml file exists
+  stat:
+    path: /usr/share/elasticsearch/instances.yml
+  register: instances_file_exists
+  when: 
+    - node_generate_certs
+    - elasticsearch_xpack_security
+
 - name: Generating certificates for Elasticsearch security
   shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/instances.yml --out /usr/share/elasticsearch/certs.zip"
   when: 

From 48746b9f5a7e689e54506fefb099aa47cdfe247e Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Jun 2019 19:37:02 +0200
Subject: [PATCH 126/714] New task for generating instances.yml file

---
 .../elastic-stack/ansible-elasticsearch/tasks/main.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 55ef924d..f9cb07c4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -120,10 +120,12 @@
     - node_generate_certs
     - elasticsearch_xpack_security
 
-- name: Check that the instances.yml file exists
-  stat:
-    path: /usr/share/elasticsearch/instances.yml
-  register: instances_file_exists
+- name: Write the instances.yml file in the selected node
+  instances_file:
+    src: instances.yml.j2
+    dest: "/usr/share/elasticsearch/instances.yml"
+  tags:
+    - config
   when: 
     - node_generate_certs
     - elasticsearch_xpack_security

From f0c6d0fcac2e3958daf42ae222e44c2c0c43af4e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:09:39 +0200
Subject: [PATCH 127/714] Add elasticsearch_discover_nodes parameter

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 5d04e5ee..95dd2737 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -10,5 +10,7 @@ elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
 elasticsearch_cluster_nodes:
   - 127.0.0.1
+elasticsearch_discovery_nodes:
+  - 127.0.0.1
 elasticsearch_xpack_security: false
 node_generate_certs: false
\ No newline at end of file

From 4b1c7d76e8a4174b543957b49eab49265e181bb6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:09:51 +0200
Subject: [PATCH 128/714] Customize playbook.

---
 playbooks/wazuh-elastic_stack-distributed.yml | 45 ++++++++++++++++---
 1 file changed, 39 insertions(+), 6 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 887cafbd..5348c876 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -1,9 +1,42 @@
 ---
-- hosts: <your wazuh server host>
+
+- hosts: 172.16.0.161
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_logstash_hosts: 'your elastic stack server IP'}
-- hosts: <your elastic stack server host>
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 172.16.0.161
+      elasticsearch_bootstrap_node: true
+      elasticsearch_cluster_nodes:
+      - 172.16.0.161
+      node_generate_certs: true
+      node_name: node-1
+
+  vars:
+    instances:
+      node_1:
+        name: node-1
+        ip: 172.16.0.161
+      node_2:
+        name: node-2
+        ip: 172.16.0.162
+      node_3:
+        name: node-3
+        ip: 172.16.0.163
+
+- hosts: 172.16.0.162
   roles:
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 172.16.0.162
+      elasticsearch_discovery_nodes:
+        - 172.16.0.161
+        - 172.16.0.162
+        - 172.16.0.163
+  
+- hosts: 172.16.0.163
+  roles:
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
+      elasticsearch_network_host: 172.16.0.163
+      elasticsearch_discovery_nodes:
+        - 172.16.0.161
+        - 172.16.0.162
+        - 172.16.0.163
+

From ed9b411b63f4277495dc42cfb1927cfc0bdfba79 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:10:22 +0200
Subject: [PATCH 129/714] Add 'node_generate_certs' condition to shell block

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index f9cb07c4..90201893 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -121,7 +121,7 @@
     - elasticsearch_xpack_security
 
 - name: Write the instances.yml file in the selected node
-  instances_file:
+  template:
     src: instances.yml.j2
     dest: "/usr/share/elasticsearch/instances.yml"
   tags:
@@ -133,6 +133,7 @@
 - name: Generating certificates for Elasticsearch security
   shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/instances.yml --out /usr/share/elasticsearch/certs.zip"
   when: 
+    - node_generate_certs
     - instances_file_exists
     - elasticsearch_xpack_security
   tags: xpack-security

From 42fb6bf937e78b937f648d439195f1cd0acbf57c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:11:16 +0200
Subject: [PATCH 130/714] Get node master value for template. Rename cluster to
 discovery block.

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 02b1872d..cf2b0121 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -15,10 +15,10 @@ cluster.initial_master_nodes:
 {% for item in elasticsearch_cluster_nodes %}
   - {{ item }}
 {% endfor %}
-{% elif elasticsearch_master_candidate %}
-node.master: true
+{% else %}
+node.master: {{ elasticsearch_master_candidate }}
 discovery.seed_hosts:
-{% for item in elasticsearch_cluster_nodes %}
+{% for item in elasticsearch_discovery_nodes %}
   - {{ item }}
 {% endfor %}
 {% endif %}

From 4473c01032155ad9b1c2cf6e4207577287ec80ea Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:11:36 +0200
Subject: [PATCH 131/714] Changed format of instances template. Name is
 required

---
 .../ansible-elasticsearch/templates/instances.yml.j2     | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index ce4c287b..365da8c4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -4,8 +4,11 @@
 
 {% if node_generate_certs %}
 instances:
-{% for item in elasticsearch_cluster_nodes %}
-    ip: {{ item.ip }}
-    - "{{ item.name }}"
+
+{% for node in instances %}
+- name: "{{node.value.name}}"
+    ip:
+        - "{{ node.value.ip }}"
 {% endfor %}
+
 {% endif %}
\ No newline at end of file

From 2f8b3a3a4df4b8cfae3fdd1e2f7e2ac3535534c0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:40:15 +0200
Subject: [PATCH 132/714] Modify nodes list format.

---
 playbooks/wazuh-elastic_stack-distributed.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 5348c876..b94840b9 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -9,17 +9,17 @@
       - 172.16.0.161
       node_generate_certs: true
       node_name: node-1
+      elasticsearch_xpack_security: true
 
   vars:
     instances:
-      node_1:
-        name: node-1
+      - name: node1
         ip: 172.16.0.161
-      node_2:
-        name: node-2
+
+      - name: node2
         ip: 172.16.0.162
-      node_3:
-        name: node-3
+
+      - name: node3
         ip: 172.16.0.163
 
 - hosts: 172.16.0.162

From 071e354fbdc6bd433dd8f724f1515eb389ae9cd2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 10:40:30 +0200
Subject: [PATCH 133/714] Adapted template to render nodes.

---
 .../ansible-elasticsearch/templates/instances.yml.j2       | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index 365da8c4..85cb2b14 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -4,11 +4,10 @@
 
 {% if node_generate_certs %}
 instances:
-
 {% for node in instances %}
-- name: "{{node.value.name}}"
-    ip:
-        - "{{ node.value.ip }}"
+- name: "{{ node.name }}"
+  ip:
+   - "{{ node.ip }}"
 {% endfor %}
 
 {% endif %}
\ No newline at end of file

From e76dc5dcab606a256cccad39ac08e0b89d463ef7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 12:50:19 +0200
Subject: [PATCH 134/714] Update main.yml to add rsync

---
 .../ansible-elasticsearch/tasks/main.yml      | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 90201893..b67687c9 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -126,6 +126,7 @@
     dest: "/usr/share/elasticsearch/instances.yml"
   tags:
     - config
+    - xpack-security
   when: 
     - node_generate_certs
     - elasticsearch_xpack_security
@@ -138,6 +139,27 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
+# - name: Importing certificates generated previously
+#   synchronize:
+#     mode: push
+#     src: /usr/share/elasticsearch/certs.zip
+#     dest: /usr/share/elasticsearch/certs.zip
+#     rsync_opts:
+#         - "--rsync-path='sudo rsync'"
+#         - "-v"
+#   delegate_to: "{{groups['elk'][0]}}"
+#   when: 
+#     - not node_generate_certs
+#     - elasticsearch_xpack_security
+#   tags: xpack-security
+
+- name: Importing certificate generated previously
+  shell: "/usr/bin/rsync -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync' vagrant@172.16.0.161:/usr/share/elasticsearch/{{elasticsearch_node_name}}/ /home/es_certificates/"
+  when: 
+    - not node_generate_certs
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 

From 7580b547c9c67d3fc66412dc92e640a3ef2d1f76 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 12:50:44 +0200
Subject: [PATCH 135/714] Update playbook

---
 playbooks/wazuh-elastic_stack-distributed.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index b94840b9..c0695c9b 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -13,19 +13,21 @@
 
   vars:
     instances:
-      - name: node1
-        ip: 172.16.0.161
+      - name: node-1       # Important: must be equal to node name.                    
+        ip: 172.16.0.161   # When unzipping, node will search for his node name folder to get the cert.
 
-      - name: node2
+      - name: node-2
         ip: 172.16.0.162
 
-      - name: node3
+      - name: node-3
         ip: 172.16.0.163
 
 - hosts: 172.16.0.162
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.162
+      elasticsearch_xpack_security: true
+      elasticsearch_node_name: node-2
       elasticsearch_discovery_nodes:
         - 172.16.0.161
         - 172.16.0.162
@@ -35,8 +37,9 @@
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
       elasticsearch_network_host: 172.16.0.163
+      elasticsearch_xpack_security: true
+      elasticsearch_node_name: node-3
       elasticsearch_discovery_nodes:
         - 172.16.0.161
         - 172.16.0.162
-        - 172.16.0.163
-
+        - 172.16.0.163
\ No newline at end of file

From d3170139a0df4d8fa8cbcdee1446fab197a0bb48 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 12:51:01 +0200
Subject: [PATCH 136/714] Add xpack parameters to elasticsearch.yml

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2 | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index cf2b0121..e8cefff1 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -16,7 +16,7 @@ cluster.initial_master_nodes:
   - {{ item }}
 {% endfor %}
 {% else %}
-node.master: {{ elasticsearch_master_candidate }}
+node.master: "{{ elasticsearch_master_candidate }}"
 discovery.seed_hosts:
 {% for item in elasticsearch_discovery_nodes %}
   - {{ item }}
@@ -26,5 +26,10 @@ discovery.seed_hosts:
 # XPACK Security
 
 {% if elasticsearch_xpack_security %}
-xpack.security.enabled: true
+#xpack.security.enabled: false
+#xpack.security.transport.ssl.enabled: true
+#xpack.security.transport.ssl.verification_mode: certificate 
+#xpack.security.transport.ssl.key: /home/es_certificates/{{ elasticsearch_node_name }}.key 
+#xpack.security.transport.ssl.certificate: /home/es_certificates/{{ elasticsearch_node_name }}.crt 
+#xpack.security.transport.ssl.certificate_authorities: [ "/home/es/config/ca.crt" ] 
 {% endif %}
\ No newline at end of file

From 19622360b16b48fdfab0d1f8c810371fe6922661 Mon Sep 17 00:00:00 2001
From: mohamed-aziz <medazizknani@gmail.com>
Date: Fri, 28 Jun 2019 12:51:02 +0100
Subject: [PATCH 137/714] Fix elasticsearch config bug requiring lowercase
 boolean value

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index e8cefff1..6ca12c6f 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -16,7 +16,7 @@ cluster.initial_master_nodes:
   - {{ item }}
 {% endfor %}
 {% else %}
-node.master: "{{ elasticsearch_master_candidate }}"
+node.master: "{{ elasticsearch_master_candidate|lower }}"
 discovery.seed_hosts:
 {% for item in elasticsearch_discovery_nodes %}
   - {{ item }}

From 7fe831d6eeccd74abfe821b98ee5de4aa39d918e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 14:56:43 +0200
Subject: [PATCH 138/714] Remove quotes from node master option.

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 6ca12c6f..e4bd4b16 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -16,7 +16,7 @@ cluster.initial_master_nodes:
   - {{ item }}
 {% endfor %}
 {% else %}
-node.master: "{{ elasticsearch_master_candidate|lower }}"
+node.master: {{ elasticsearch_master_candidate|lower }}
 discovery.seed_hosts:
 {% for item in elasticsearch_discovery_nodes %}
   - {{ item }}

From 868cf75ca754e28d73bf56fec626a0f7632f3d1e Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Fri, 28 Jun 2019 15:20:06 +0200
Subject: [PATCH 139/714] Develop mode playbook

---
 playbooks/wazuh-elastic_stack-distributed.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index c0695c9b..494d55a9 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -2,7 +2,7 @@
 
 - hosts: 172.16.0.161
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+    - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.161
       elasticsearch_bootstrap_node: true
       elasticsearch_cluster_nodes:
@@ -10,7 +10,6 @@
       node_generate_certs: true
       node_name: node-1
       elasticsearch_xpack_security: true
-
   vars:
     instances:
       - name: node-1       # Important: must be equal to node name.                    
@@ -24,7 +23,7 @@
 
 - hosts: 172.16.0.162
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+    - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.162
       elasticsearch_xpack_security: true
       elasticsearch_node_name: node-2
@@ -35,7 +34,7 @@
   
 - hosts: 172.16.0.163
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
+    - role: ../roles/elastic-stack/ansible-elasticsearch 
       elasticsearch_network_host: 172.16.0.163
       elasticsearch_xpack_security: true
       elasticsearch_node_name: node-3

From 02e4bd951bcbfff012a1618d9858d087046670df Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Fri, 28 Jun 2019 15:20:14 +0200
Subject: [PATCH 140/714] Check if the certificates exist or not

---
 .../ansible-elasticsearch/tasks/main.yml         | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index b67687c9..3d540fac 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -131,12 +131,21 @@
     - node_generate_certs
     - elasticsearch_xpack_security
 
+- name: Check that the certificates ZIP file exists
+  stat:
+    path: /usr/share/elasticsearch/certs.zip
+  register: xpack_certs_zip
+  when: 
+    - node_generate_certs
+    - elasticsearch_xpack_security
+
 - name: Generating certificates for Elasticsearch security
   shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/instances.yml --out /usr/share/elasticsearch/certs.zip"
   when: 
     - node_generate_certs
     - instances_file_exists
     - elasticsearch_xpack_security
+    - not xpack_certs_zip
   tags: xpack-security
 
 # - name: Importing certificates generated previously
@@ -153,13 +162,6 @@
 #     - elasticsearch_xpack_security
 #   tags: xpack-security
 
-- name: Importing certificate generated previously
-  shell: "/usr/bin/rsync -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync' vagrant@172.16.0.161:/usr/share/elasticsearch/{{elasticsearch_node_name}}/ /home/es_certificates/"
-  when: 
-    - not node_generate_certs
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 

From 3a5f06e0adb31e275306c733250b999f2f5ef460 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 18:13:49 +0200
Subject: [PATCH 141/714] Rename node_generate_certs to node_certs_generator

---
 playbooks/wazuh-elastic_stack-distributed.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 494d55a9..4057096e 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -7,7 +7,7 @@
       elasticsearch_bootstrap_node: true
       elasticsearch_cluster_nodes:
       - 172.16.0.161
-      node_generate_certs: true
+      node_certs_generator: true
       node_name: node-1
       elasticsearch_xpack_security: true
   vars:

From 1d718f55d32cbd9956067c22245e14ec3ee03f64 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 18:14:01 +0200
Subject: [PATCH 142/714] Add default variables for Xpack and Rsync

---
 .../ansible-elasticsearch/defaults/main.yml     | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 95dd2737..9578895a 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -12,5 +12,20 @@ elasticsearch_cluster_nodes:
   - 127.0.0.1
 elasticsearch_discovery_nodes:
   - 127.0.0.1
+
+# X-Pack Security 
 elasticsearch_xpack_security: false
-node_generate_certs: false
\ No newline at end of file
+node_certs_generator: false
+node_certs_generator_ip: 172.16.0.161
+node_certs_source: /usr/share/elasticsearch
+node_certs_destination: /etc/elasticsearch/certs
+
+# Rsync
+rsync_path: /usr/bin/rsync
+rsync_user: vagrant
+rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
+
+
+
+
+

From 40b6979a29533af53c630f4d0ec4782b8dad7744 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 18:14:36 +0200
Subject: [PATCH 143/714] Reorganized main.yml. Acded task to copy certs
 locally.

---
 .../ansible-elasticsearch/tasks/main.yml      | 121 ++++++++++--------
 1 file changed, 68 insertions(+), 53 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 3d540fac..c0abc731 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -69,6 +69,70 @@
   tags: configure
 
 # fix in new PR (ignore_errors)
+
+- name: Check that the instances.yml file exists
+  stat:
+    path: "{{node_certs_source}}/instances.yml"
+  register: instances_file_exists
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+
+- name: Write the instances.yml file in the selected node
+  template:
+    src: instances.yml.j2
+    dest: "{{node_certs_source}}/instances.yml"
+  tags:
+    - config
+    - xpack-security
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+
+- name: Check that the certificates ZIP file exists
+  stat:
+    path: "{{node_certs_source}}/certs.zip"
+  register: xpack_certs_zip
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+
+- name: Generating certificates for Elasticsearch security
+  shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in {{node_certs_source}}/instances.yml --out {{node_certs_source}}/certs.zip"
+  when: 
+    - node_certs_generator
+    - instances_file_exists.stat.exists
+    - elasticsearch_xpack_security
+    - not xpack_certs_zip.stat.exists
+  tags: xpack-security
+
+- name: Unzip generated certs.zip
+  unarchive:
+    src: "{{node_certs_source}}/certs.zip"
+    dest: "{{node_certs_source}}"
+    remote_src: yes
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
+- name: Copy local certificate for generator node
+  synchronize:
+    src: "{{node_certs_source}}/{{elasticsearch_node_name}}/"
+    dest: "{{node_certs_destination}}/"
+  delegate_to: "{{ node_certs_generator_ip }}"
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
+- name: Importing certificate generated previously
+  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/"
+  when:
+    - not node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
 - name: Reload systemd
   systemd: daemon_reload=true
   ignore_errors: true
@@ -112,58 +176,9 @@
     - wazuh_alerts_template_exits.status != 200
   tags: init
 
-- name: Check that the instances.yml file exists
-  stat:
-    path: /usr/share/elasticsearch/instances.yml
-  register: instances_file_exists
-  when: 
-    - node_generate_certs
-    - elasticsearch_xpack_security
+# - import_tasks: "RMRedHat.yml"
+#   when: ansible_os_family == "RedHat"
 
-- name: Write the instances.yml file in the selected node
-  template:
-    src: instances.yml.j2
-    dest: "/usr/share/elasticsearch/instances.yml"
-  tags:
-    - config
-    - xpack-security
-  when: 
-    - node_generate_certs
-    - elasticsearch_xpack_security
 
-- name: Check that the certificates ZIP file exists
-  stat:
-    path: /usr/share/elasticsearch/certs.zip
-  register: xpack_certs_zip
-  when: 
-    - node_generate_certs
-    - elasticsearch_xpack_security
-
-- name: Generating certificates for Elasticsearch security
-  shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in /usr/share/elasticsearch/instances.yml --out /usr/share/elasticsearch/certs.zip"
-  when: 
-    - node_generate_certs
-    - instances_file_exists
-    - elasticsearch_xpack_security
-    - not xpack_certs_zip
-  tags: xpack-security
-
-# - name: Importing certificates generated previously
-#   synchronize:
-#     mode: push
-#     src: /usr/share/elasticsearch/certs.zip
-#     dest: /usr/share/elasticsearch/certs.zip
-#     rsync_opts:
-#         - "--rsync-path='sudo rsync'"
-#         - "-v"
-#   delegate_to: "{{groups['elk'][0]}}"
-#   when: 
-#     - not node_generate_certs
-#     - elasticsearch_xpack_security
-#   tags: xpack-security
-
-- import_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
-
-- import_tasks: "RMDebian.yml"
-  when: ansible_os_family == "Debian"
+# - import_tasks: "RMDebian.yml"
+#   when: ansible_os_family == "Debian"

From c27c3c16abaa29c8d4683acc2b1202c912c4f56e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 18:14:48 +0200
Subject: [PATCH 144/714] Enabled xpack security fields

---
 .../templates/elasticsearch.yml.j2                   | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index e4bd4b16..8f60c368 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -26,10 +26,10 @@ discovery.seed_hosts:
 # XPACK Security
 
 {% if elasticsearch_xpack_security %}
-#xpack.security.enabled: false
-#xpack.security.transport.ssl.enabled: true
-#xpack.security.transport.ssl.verification_mode: certificate 
-#xpack.security.transport.ssl.key: /home/es_certificates/{{ elasticsearch_node_name }}.key 
-#xpack.security.transport.ssl.certificate: /home/es_certificates/{{ elasticsearch_node_name }}.crt 
-#xpack.security.transport.ssl.certificate_authorities: [ "/home/es/config/ca.crt" ] 
+xpack.security.enabled: false
+xpack.security.transport.ssl.enabled: true
+xpack.security.transport.ssl.verification_mode: certificate 
+xpack.security.transport.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
+xpack.security.transport.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
+#xpack.security.transport.ssl.certificate_authorities: [ "{{node_certs_destination}}/ca.crt" ] 
 {% endif %}
\ No newline at end of file

From a1e6dec7b4a445d90c7365bb78f644247aad57a9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 28 Jun 2019 18:15:00 +0200
Subject: [PATCH 145/714] Rename node_generate_certs in instances template.

---
 .../ansible-elasticsearch/templates/instances.yml.j2            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index 85cb2b14..6279c380 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -2,7 +2,7 @@
 # {{ ansible_managed }}
 # TO-DO
 
-{% if node_generate_certs %}
+{% if node_certs_generator %}
 instances:
 {% for node in instances %}
 - name: "{{ node.name }}"

From 2525dbd2af0db4831090e4c62eb161b55891f92b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 11:52:25 +0200
Subject: [PATCH 146/714] Copy .key and .crt in generator node (locally)

---
 .../ansible-elasticsearch/tasks/main.yml      | 24 +++++++++++++------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index c0abc731..82572055 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -109,14 +109,14 @@
 - name: Unzip generated certs.zip
   unarchive:
     src: "{{node_certs_source}}/certs.zip"
-    dest: "{{node_certs_source}}"
+    dest: "{{node_certs_source}}/"
     remote_src: yes
   when: 
     - node_certs_generator
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Copy local certificate for generator node
+- name: Copy .key & .crt files in generator node
   synchronize:
     src: "{{node_certs_source}}/{{elasticsearch_node_name}}/"
     dest: "{{node_certs_destination}}/"
@@ -126,7 +126,17 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Importing certificate generated previously
+- name: Copy ca .crt file in generator node
+  synchronize:
+    src: "{{node_certs_source}}/ca/"
+    dest: "{{node_certs_destination}}/"
+  delegate_to: "{{ node_certs_generator_ip }}"
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
+- name: Importing node .key & .crt files
   shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/"
   when:
     - not node_certs_generator
@@ -176,9 +186,9 @@
     - wazuh_alerts_template_exits.status != 200
   tags: init
 
-# - import_tasks: "RMRedHat.yml"
-#   when: ansible_os_family == "RedHat"
+- import_tasks: "RMRedHat.yml"
+  when: ansible_os_family == "RedHat"
 
 
-# - import_tasks: "RMDebian.yml"
-#   when: ansible_os_family == "Debian"
+- import_tasks: "RMDebian.yml"
+  when: ansible_os_family == "Debian"

From 5d8286f0deb525baa29673db1c0a7e9c95578bb3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 11:53:19 +0200
Subject: [PATCH 147/714] Import ca certificate in remote nodes.

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 82572055..d9925969 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -143,6 +143,14 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
+- name: Importing node ca .crt file
+  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
+  when:
+    - not node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
+
 - name: Reload systemd
   systemd: daemon_reload=true
   ignore_errors: true

From 54885a9e0d122bf4bc573540f83c656b77145a1c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 11:57:15 +0200
Subject: [PATCH 148/714] Remove deprecated import of wazuh template.

---
 .../ansible-elasticsearch/tasks/main.yml      | 22 -------------------
 1 file changed, 22 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index d9925969..52e7babc 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -172,28 +172,6 @@
     - configure
     - init
 
-- name: Check for Wazuh Alerts template
-  uri:
-    url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
-    method: GET
-    status_code: 200, 404
-  when: not elasticsearch_bootstrap_node or single_node
-  poll: 30
-  register: wazuh_alerts_template_exits
-  tags: init
-
-- name: Installing Wazuh Alerts template
-  uri:
-    url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
-    method: PUT
-    status_code: 200
-    body_format: json
-    body: "{{ lookup('template','wazuh-elastic7-template-alerts.json.j2') }}"
-  when: 
-    - wazuh_alerts_template_exits.status is defined
-    - wazuh_alerts_template_exits.status != 200
-  tags: init
-
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 

From bd32839f27db43749bc3473a552db3b5828137fa Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 12:00:48 +0200
Subject: [PATCH 149/714] Add Xpack http security to elasticsearch template.

---
 .../templates/elasticsearch.yml.j2                     | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 8f60c368..2d62f025 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -26,10 +26,16 @@ discovery.seed_hosts:
 # XPACK Security
 
 {% if elasticsearch_xpack_security %}
-xpack.security.enabled: false
+xpack.security.enabled: true
 xpack.security.transport.ssl.enabled: true
 xpack.security.transport.ssl.verification_mode: certificate 
 xpack.security.transport.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
 xpack.security.transport.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
-#xpack.security.transport.ssl.certificate_authorities: [ "{{node_certs_destination}}/ca.crt" ] 
+xpack.security.transport.ssl.certificate_authorities: [ "{{ node_certs_destination }}/ca.crt" ]
+
+xpack.security.http.ssl.enabled: true
+xpack.security.http.ssl.verification_mode: certificate
+xpack.security.http.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
+xpack.security.http.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
+xpack.security.http.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca.crt" ]
 {% endif %}
\ No newline at end of file

From db6f69cfb8dfe990500f62de987b501413594b5c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 12:31:03 +0200
Subject: [PATCH 150/714] Rename importing blocks

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 52e7babc..385b860c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -116,7 +116,7 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Copy .key & .crt files in generator node
+- name: Copy key & certificate files in generator node (locally)
   synchronize:
     src: "{{node_certs_source}}/{{elasticsearch_node_name}}/"
     dest: "{{node_certs_destination}}/"
@@ -126,7 +126,7 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Copy ca .crt file in generator node
+- name: Copy ca certificate file in generator node (locally)
   synchronize:
     src: "{{node_certs_source}}/ca/"
     dest: "{{node_certs_destination}}/"
@@ -136,14 +136,14 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Importing node .key & .crt files
+- name: Importing key & certificate files from generator node
   shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/"
   when:
     - not node_certs_generator
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Importing node ca .crt file
+- name: Importing ca certificate file from generator node 
   shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
   when:
     - not node_certs_generator

From f6efcc017117290bc28974482acc2d332538085f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 15:48:46 +0200
Subject: [PATCH 151/714] Make comment about nodes name clearer

---
 playbooks/wazuh-elastic_stack-distributed.yml | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 4057096e..9c0d667a 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -2,17 +2,18 @@
 
 - hosts: 172.16.0.161
   roles:
-    - role: ../roles/elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 172.16.0.161
-      elasticsearch_bootstrap_node: true
-      elasticsearch_cluster_nodes:
-      - 172.16.0.161
-      node_certs_generator: true
-      node_name: node-1
-      elasticsearch_xpack_security: true
+    - ../roles/elastic-stack/ansible-elasticsearch
+  elasticsearch_network_host: 172.16.0.161
+  elasticsearch_bootstrap_node: true
+  elasticsearch_cluster_nodes:
+    - 172.16.0.161
+  node_certs_generator: true
+  node_name: node-1
+  elasticsearch_xpack_security: true
+
   vars:
     instances:
-      - name: node-1       # Important: must be equal to node name.                    
+      - name: node-1       # Important: must be equal to elasticsearch_node_name.                    
         ip: 172.16.0.161   # When unzipping, node will search for his node name folder to get the cert.
 
       - name: node-2

From d78393115fd84c6f5893a13f294e89f3661dd027 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 15:49:38 +0200
Subject: [PATCH 152/714] Add default ' elasticsearch_xpack_security_password'
 variable

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 9578895a..36b8aefb 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -15,6 +15,8 @@ elasticsearch_discovery_nodes:
 
 # X-Pack Security 
 elasticsearch_xpack_security: false
+elasticsearch_xpack_security_password: elastic_pass
+
 node_certs_generator: false
 node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch

From fdb1113a193c34a1537175e6ed92924f7a9385d6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 15:50:06 +0200
Subject: [PATCH 153/714] Add task to configure ES bootstrap password.

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 385b860c..5689394c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -150,6 +150,11 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
+- name: Set elasticsearch bootstrap password
+  shell: "echo '{{elasticsearch_xpack_security_password}}' | {{node_certs_source}}/bin/elasticsearch-keystore add -xf 'bootstrap.password'"
+  when:
+    - node_certs_generator
+    - elasticsearch_xpack_security
 
 - name: Reload systemd
   systemd: daemon_reload=true

From 6cffed9218b78721edcb0e95bce1944b0227e09e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 15:50:48 +0200
Subject: [PATCH 154/714] Add required default attributes XPack in Filebeat.

---
 roles/wazuh/ansible-filebeat/defaults/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index a00cbbb4..b01dfad7 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -10,6 +10,8 @@ filebeat_prospectors:
     json.keys_under_root: true
     json.overwrite_keys: true
 
+filebeat_node_name: node-1
+
 filebeat_output_elasticsearch_enabled: false
 filebeat_output_elasticsearch_hosts:
   - "localhost:9200"
@@ -23,3 +25,10 @@ filebeat_ssl_dir: /etc/pki/filebeat
 filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
+
+# Xpack Security
+filebeat_xpack_security: false
+
+elasticsearch_user: elastic
+elasticsearch_password: elastic_pass
+node_certs_destination: /etc/elasticsearch/certs

From 3ff5a194df017f6153b3fa3c1f47f863f16a5432 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 15:51:23 +0200
Subject: [PATCH 155/714] Update Filebeat for XPack Security

---
 roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
index 8e6287ec..202af578 100644
--- a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
@@ -53,6 +53,15 @@ output.elasticsearch:
   #pipeline: geoip
   indices:
     - index: 'wazuh-alerts-3.x-%{+yyyy.MM.dd}'
+{% if filebeat_xpack_security %}
+  username: {{ elasticsearch_user }}
+  password: {{ elasticsearch_password }}
+  protocol: https
+  ssl.certificate_authorities: 
+    - {{node_certs_destination}}/ca.crt
+  ssl.certificate: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt" 
+  ssl.key: "{{node_certs_destination}}/{{ filebeat_node_name }}.key"
+{% endif %}
 
 # Optional. Send events to Logstash instead of Elasticsearch
 #output.logstash.hosts: ["YOUR_LOGSTASH_SERVER_IP:5000"]
\ No newline at end of file

From ab8cdd13c63500a369f25139fe377b41f41a68a8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 16:07:10 +0200
Subject: [PATCH 156/714] Added task to remove certs file after propagation.

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 5689394c..dac73d85 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -136,6 +136,13 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
+- name: Remove generated certs file
+  shell: /bin/rm -f {{node_certs_source}}/certs.zip*
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
 - name: Importing key & certificate files from generator node
   shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/"
   when:
@@ -153,7 +160,6 @@
 - name: Set elasticsearch bootstrap password
   shell: "echo '{{elasticsearch_xpack_security_password}}' | {{node_certs_source}}/bin/elasticsearch-keystore add -xf 'bootstrap.password'"
   when:
-    - node_certs_generator
     - elasticsearch_xpack_security
 
 - name: Reload systemd

From ddc01dcc238acf138de9839618e5434860e7e8e7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 18:04:03 +0200
Subject: [PATCH 157/714] Add 'elasticsearch_xpack_security_user'  to
 elasticsearth defaults

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 36b8aefb..df1f9ad4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -15,6 +15,7 @@ elasticsearch_discovery_nodes:
 
 # X-Pack Security 
 elasticsearch_xpack_security: false
+elasticsearch_xpack_security_user: elastic
 elasticsearch_xpack_security_password: elastic_pass
 
 node_certs_generator: false

From 2656d89933d398e577fa30d3a9675e59eb4aa333 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 18:04:26 +0200
Subject: [PATCH 158/714] Add XPack default variables for Kibana

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 298e6bd7..e0f00141 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -1,7 +1,16 @@
 ---
+kibana_node_name: node-1
+
 elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.1.1
-wazuh_version: 3.9.2
\ No newline at end of file
+wazuh_version: 3.9.2
+
+# Xpack Security
+kibana_xpack_security: false
+
+kibana_user: kibana
+kibana_password: elastic_pass
+node_certs_destination: /etc/kibana/certs
\ No newline at end of file

From 2b18745cd0f32d457aa3ed8d535e40ecfa922bd4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 18:04:40 +0200
Subject: [PATCH 159/714] Add XPack settings to Kibana template

---
 .../ansible-kibana/templates/kibana.yml.j2         | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
index edd1b4b4..bb630933 100644
--- a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
@@ -19,7 +19,11 @@ server.host: {{ kibana_server_host }}
 #server.name: "your-hostname"
 
 # The URL of the Elasticsearch instance to use for all your queries.
+{% if kibana_xpack_security %}
+elasticsearch.hosts: "https://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
+{% else %}
 elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
+{% endif %}
 
 # When this setting's value is true Kibana uses the hostname specified in the server.host
 # setting. When the value of this setting is false, Kibana uses the hostname of the host
@@ -98,3 +102,13 @@ elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_h
 # Set the interval in milliseconds to sample system and process performance
 # metrics. Minimum is 100ms. Defaults to 5000.
 #ops.interval: 5000
+
+# Xpack Security
+{% if kibana_xpack_security %}
+elasticsearch.username: "{{ kibana_user }}"
+elasticsearch.password: "{{ kibana_password }}"
+server.ssl.enabled: true
+server.ssl.key: "{{node_certs_destination}}/{{ kibana_node_name }}.key"
+server.ssl.certificate: "{{node_certs_destination}}/{{ kibana_node_name }}.crt" 
+elasticsearch.ssl.certificateAuthorities: ["{{ node_certs_destination }}/ca.crt"]
+{% endif %}
\ No newline at end of file

From e3cd8731f35d07a0ecfbba82dd2ff3e53fddf0e7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 10:47:32 +0200
Subject: [PATCH 160/714] Fix instances and certs.zip checks and generation.

---
 .../ansible-elasticsearch/tasks/main.yml      | 27 ++++++++++---------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index dac73d85..5a60e6d8 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -70,7 +70,19 @@
 
 # fix in new PR (ignore_errors)
 
-- name: Check that the instances.yml file exists
+- name: Write the instances.yml file in the selected node (force = no)
+  template:
+    src: instances.yml.j2
+    dest: "{{node_certs_source}}/instances.yml"
+    force: no
+  tags:
+    - config
+    - xpack-security
+  when:
+    - node_certs_generator
+    - elasticsearch_xpack_security
+
+- name: Update instances.yml status after generation
   stat:
     path: "{{node_certs_source}}/instances.yml"
   register: instances_file_exists
@@ -78,18 +90,7 @@
     - node_certs_generator
     - elasticsearch_xpack_security
 
-- name: Write the instances.yml file in the selected node
-  template:
-    src: instances.yml.j2
-    dest: "{{node_certs_source}}/instances.yml"
-  tags:
-    - config
-    - xpack-security
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-
-- name: Check that the certificates ZIP file exists
+- name: Check if the certificates ZIP file exists
   stat:
     path: "{{node_certs_source}}/certs.zip"
   register: xpack_certs_zip

From 1ddcf3a60c7a1dfc3f6c6f77f3253bbe21a6ace9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:05:35 +0200
Subject: [PATCH 161/714] Update elastic distributed playbook

---
 playbooks/wazuh-elastic_stack-distributed.yml | 64 +++++++++++++++----
 1 file changed, 53 insertions(+), 11 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 9c0d667a..c0853a11 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -2,14 +2,20 @@
 
 - hosts: 172.16.0.161
   roles:
-    - ../roles/elastic-stack/ansible-elasticsearch
-  elasticsearch_network_host: 172.16.0.161
-  elasticsearch_bootstrap_node: true
-  elasticsearch_cluster_nodes:
-    - 172.16.0.161
-  node_certs_generator: true
-  node_name: node-1
-  elasticsearch_xpack_security: true
+    - role: ../roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 172.16.0.161
+      node_name: node-1
+      elasticsearch_bootstrap_node: true
+      elasticsearch_cluster_nodes: 
+        - 172.16.0.161
+        - 172.16.0.162
+        - 172.16.0.163
+      elasticsearch_discovery_nodes:
+        - 172.16.0.161
+        - 172.16.0.162
+        - 172.16.0.163
+      elasticsearch_xpack_security: true
+      node_certs_generator: true
 
   vars:
     instances:
@@ -26,8 +32,9 @@
   roles:
     - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.162
-      elasticsearch_xpack_security: true
       elasticsearch_node_name: node-2
+      elasticsearch_xpack_security: true
+      elasticsearch_master_candidate: true
       elasticsearch_discovery_nodes:
         - 172.16.0.161
         - 172.16.0.162
@@ -37,9 +44,44 @@
   roles:
     - role: ../roles/elastic-stack/ansible-elasticsearch 
       elasticsearch_network_host: 172.16.0.163
-      elasticsearch_xpack_security: true
       elasticsearch_node_name: node-3
+      elasticsearch_xpack_security: true
+      elasticsearch_master_candidate: true
       elasticsearch_discovery_nodes:
         - 172.16.0.161
         - 172.16.0.162
-        - 172.16.0.163
\ No newline at end of file
+        - 172.16.0.163
+
+
+# - hosts: 172.16.0.162
+#   roles:
+#     - role: ../roles/wazuh/ansible-wazuh-manager
+
+#     - role: ../roles/wazuh/ansible-filebeat
+#       filebeat_output_elasticsearch_hosts: 172.16.0.161:9200
+#       filebeat_xpack_security: true
+#       filebeat_node_name: node-2
+#       node_certs_generator: false
+
+#     - role: ../roles/elastic-stack/ansible-elasticsearch
+#       elasticsearch_network_host: 172.16.0.162
+#       node_name: node-2
+#       elasticsearch_bootstrap_node: false
+#       elasticsearch_master_candidate: true
+#       elasticsearch_discovery_nodes: 
+#         - 172.16.0.161
+#         - 172.16.0.162
+#       elasticsearch_xpack_security: true
+#       node_certs_generator: false
+
+
+# - hosts: 172.16.0.163
+#   roles:
+#     - role: ../roles/elastic-stack/ansible-kibana
+#       kibana_xpack_security: true
+#       kibana_user: elastic
+#       kibana_password: elastic_pass
+#       kibana_node_name: node-3
+#       elasticsearch_network_host: 172.16.0.161
+#       node_certs_generator: false
+

From 5787b348fe5c57bc77e658a49824af590043a557 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:07:37 +0200
Subject: [PATCH 162/714] Upgrade elasticsearch tasks. Fix permissions.

---
 .../ansible-elasticsearch/tasks/main.yml      | 94 +++++++++++++++----
 1 file changed, 76 insertions(+), 18 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 5a60e6d8..8ed1c926 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -48,16 +48,6 @@
     - ansible_service_mgr != "systemd"
     - ansible_os_family == "RedHat"
 
-- name: Configure Elasticsearch.
-  template:
-    src: elasticsearch.yml.j2
-    dest: /etc/elasticsearch/elasticsearch.yml
-    owner: root
-    group: elasticsearch
-    mode: 0660
-  notify: restart elasticsearch
-  tags: configure
-
 - name: Configure Elasticsearch JVM memmory.
   template:
     src: jvm.options.j2
@@ -70,17 +60,29 @@
 
 # fix in new PR (ignore_errors)
 
+- import_tasks: "RMRedHat.yml"
+  when: ansible_os_family == "RedHat"
+
+- name: Check if certificate exists locally
+  stat:
+    path: "{{node_certs_destination}}/{{ elasticsearch_node_name }}.crt"
+  register: certificate_file_exists
+  when:
+    - elasticsearch_xpack_security
+
 - name: Write the instances.yml file in the selected node (force = no)
   template:
     src: instances.yml.j2
     dest: "{{node_certs_source}}/instances.yml"
     force: no
+  register: instances_file_exists
   tags:
     - config
     - xpack-security
   when:
     - node_certs_generator
     - elasticsearch_xpack_security
+    - not certificate_file_exists.stat.exists
 
 - name: Update instances.yml status after generation
   stat:
@@ -105,6 +107,8 @@
     - instances_file_exists.stat.exists
     - elasticsearch_xpack_security
     - not xpack_certs_zip.stat.exists
+    - not certificate_file_exists.stat.exists
+  register: certs_file_generated
   tags: xpack-security
 
 - name: Unzip generated certs.zip
@@ -115,6 +119,8 @@
   when: 
     - node_certs_generator
     - elasticsearch_xpack_security
+    - certs_file_generated is defined
+    - not certificate_file_exists.stat.exists
   tags: xpack-security
 
 - name: Copy key & certificate files in generator node (locally)
@@ -132,13 +138,7 @@
     src: "{{node_certs_source}}/ca/"
     dest: "{{node_certs_destination}}/"
   delegate_to: "{{ node_certs_generator_ip }}"
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
-- name: Remove generated certs file
-  shell: /bin/rm -f {{node_certs_source}}/certs.zip*
+  register: check_certs_permissions
   when: 
     - node_certs_generator
     - elasticsearch_xpack_security
@@ -149,6 +149,7 @@
   when:
     - not node_certs_generator
     - elasticsearch_xpack_security
+    - not certificate_file_exists.stat.exists
   tags: xpack-security
 
 - name: Importing ca certificate file from generator node 
@@ -156,13 +157,45 @@
   when:
     - not node_certs_generator
     - elasticsearch_xpack_security
+    - not certificate_file_exists.stat.exists
+  register: check_certs_permissions
   tags: xpack-security
 
+- name: Ensuring certificates folder owner
+  shell: "chown -R elasticsearch: {{node_certs_destination}}/"
+  when:
+    - check_certs_permissions is defined
+  tags: xpack-security
+
+- name: Ensuring certificates folder owner
+  shell: "chmod -R 770 {{node_certs_destination}}/"
+  when:
+    - check_certs_permissions is defined
+  tags: xpack-security
+  
+
+- name: Remove generated certs file
+  shell: /bin/rm -f {{node_certs_source}}/certs.zip*
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
+- name: Configure Elasticsearch.
+  template:
+    src: elasticsearch.yml.j2
+    dest: /etc/elasticsearch/elasticsearch.yml
+    owner: root
+    group: elasticsearch
+    mode: 0660
+  notify: restart elasticsearch
+  tags: configure
+
 - name: Set elasticsearch bootstrap password
   shell: "echo '{{elasticsearch_xpack_security_password}}' | {{node_certs_source}}/bin/elasticsearch-keystore add -xf 'bootstrap.password'"
   when:
     - elasticsearch_xpack_security
-
+  
 - name: Reload systemd
   systemd: daemon_reload=true
   ignore_errors: true
@@ -184,6 +217,31 @@
     - configure
     - init
 
+- name: Check for Wazuh Alerts template (http)
+  uri:
+    url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
+    method: GET
+    status_code: 200, 404
+  when: 
+    - elasticsearch_bootstrap_node or single_node
+    - not elasticsearch_xpack_security
+  poll: 30
+  register: wazuh_alerts_template_exits
+  tags: init
+
+- name: Installing Wazuh Alerts template (http)
+  uri:
+    url: "http://{{elasticsearch_network_host}}:{{elasticsearch_http_port}}/_template/wazuh"
+    method: PUT
+    status_code: 200
+    body_format: json
+    body: "{{ lookup('template','wazuh-elastic7-template-alerts.json.j2') }}"
+  when: 
+    - wazuh_alerts_template_exits.status is defined
+    - wazuh_alerts_template_exits.status != 200
+    - not elasticsearch_xpack_security
+  tags: init
+
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 

From 7998f034b8165fdb79172629588d76cfdcabd08b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:08:09 +0200
Subject: [PATCH 163/714] Include discovery seed hosts on boostraper node.

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 2d62f025..f851e900 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -15,6 +15,10 @@ cluster.initial_master_nodes:
 {% for item in elasticsearch_cluster_nodes %}
   - {{ item }}
 {% endfor %}
+discovery.seed_hosts:
+{% for item in elasticsearch_discovery_nodes %}
+  - {{ item }}
+{% endfor %}
 {% else %}
 node.master: {{ elasticsearch_master_candidate|lower }}
 discovery.seed_hosts:
@@ -37,5 +41,5 @@ xpack.security.http.ssl.enabled: true
 xpack.security.http.ssl.verification_mode: certificate
 xpack.security.http.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
 xpack.security.http.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
-xpack.security.http.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca.crt" ]
+xpack.security.http.ssl.certificate_authorities: [ "{{ node_certs_destination }}/ca.crt" ]
 {% endif %}
\ No newline at end of file

From f52fb8cb9aef7d3b00c3fcb741965be4f24cf936 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:08:31 +0200
Subject: [PATCH 164/714] Add kibana default variables

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index e0f00141..ae274da0 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -13,4 +13,13 @@ kibana_xpack_security: false
 
 kibana_user: kibana
 kibana_password: elastic_pass
-node_certs_destination: /etc/kibana/certs
\ No newline at end of file
+
+node_certs_generator: false
+node_certs_generator_ip: 172.16.0.161
+node_certs_source: /usr/share/elasticsearch
+node_certs_destination: /etc/kibana/certs
+
+# Rsync
+rsync_path: /usr/bin/rsync
+rsync_user: vagrant
+rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
\ No newline at end of file

From 3f6226297b5fbfb4c34c2e81e0f47384bc2112dd Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:09:01 +0200
Subject: [PATCH 165/714] Add  copy of certificates and folder permissions fix
 to Kibana.

---
 .../ansible-kibana/tasks/main.yml             | 63 +++++++++++++++++--
 1 file changed, 58 insertions(+), 5 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 43e369c8..d82d9176 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -5,11 +5,6 @@
 - import_tasks: Debian.yml
   when: ansible_os_family == 'Debian'
 
-- name: Make sure Elasticsearch is running before proceeding.
-  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
-  tags: configure
-  ignore_errors: true
-
 - name: Reload systemd
   systemd: daemon_reload=true
   ignore_errors: true
@@ -18,6 +13,64 @@
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
 
+- name: Check if certificate exists locally
+  stat:
+    path: "{{node_certs_destination}}/{{ kibana_node_name }}.crt"
+  register: certificate_file_exists
+  when:
+    - kibana_xpack_security 
+
+- name: Copy key & certificate files in generator node (locally)
+  synchronize:
+    src: "{{node_certs_source}}/{{kibana_node_name}}/"
+    dest: "{{node_certs_destination}}/"
+  delegate_to: "{{ node_certs_generator_ip }}"
+  when: 
+    - node_certs_generator
+    - kibana_xpack_security
+    - not certificate_file_exists.stat.exists
+  tags: xpack-security
+
+- name: Copy ca certificate file in generator node (locally)
+  synchronize:
+    src: "{{node_certs_source}}/ca/"
+    dest: "{{node_certs_destination}}/"
+  delegate_to: "{{ node_certs_generator_ip }}"
+  when: 
+    - node_certs_generator
+    - kibana_xpack_security
+    - not certificate_file_exists.stat.exists
+  tags: xpack-security
+  
+- name: Importing key & certificate files from generator node
+  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{kibana_node_name}}/ {{node_certs_destination}}/"
+  when:
+    - not node_certs_generator
+    - kibana_xpack_security
+    - not certificate_file_exists.stat.exists
+  tags: xpack-security
+
+- name: Importing ca certificate file from generator node 
+  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
+  when:
+    - not node_certs_generator
+    - kibana_xpack_security
+    - not certificate_file_exists.stat.exists
+  register: check_certs_permissions
+  tags: xpack-security
+
+- name: Ensuring certificates folder owner
+  shell: "chown -R kibana: {{node_certs_destination}}/"
+  when:
+    - check_certs_permissions is defined
+  tags: xpack-security
+
+- name: Ensuring certificates folder owner
+  shell: "chmod -R 770 {{node_certs_destination}}/"
+  when:
+    - check_certs_permissions is defined
+  tags: xpack-security
+
 - name: Kibana configuration
   template:
     src: kibana.yml.j2

From 7924f89dc297b6e4f59592e7fd6c82796db1b0bd Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:09:17 +0200
Subject: [PATCH 166/714] Update filebeat default variables

---
 roles/wazuh/ansible-filebeat/defaults/main.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index b01dfad7..69220a0d 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -31,4 +31,13 @@ filebeat_xpack_security: false
 
 elasticsearch_user: elastic
 elasticsearch_password: elastic_pass
-node_certs_destination: /etc/elasticsearch/certs
+
+node_certs_generator : false
+node_certs_generator_ip: 172.16.0.161
+node_certs_source: /usr/share/elasticsearch
+node_certs_destination: /etc/filebeat/certs
+
+# Rsync
+rsync_path: /usr/bin/rsync
+rsync_user: vagrant
+rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'

From 4539f368b6c445831d1e72f54e839003cf860ccb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:09:36 +0200
Subject: [PATCH 167/714] Add certificate imports and fix folder permissions to
 filebeat

---
 roles/wazuh/ansible-filebeat/tasks/main.yml | 54 +++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 94cd5765..23022589 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -10,8 +10,62 @@
   tags:
     - install
 
+- name: Check if certificate exists locally
+  stat:
+    path: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt"
+  register: certificate_file_exists
+  when:
+    - filebeat_xpack_security
+
+- name: Copy key & certificate files in generator node (locally)
+  synchronize:
+    src: "{{node_certs_source}}/{{filebeat_node_name}}/"
+    dest: "{{node_certs_destination}}/"
+  delegate_to: "{{ node_certs_generator_ip }}"
+  when: 
+    - node_certs_generator
+    - filebeat_xpack_security
+    - not certificate_file_exists.stat.exists
+  tags: xpack-security
+
+- name: Copy ca certificate file in generator node (locally)
+  synchronize:
+    src: "{{node_certs_source}}/ca/"
+    dest: "{{node_certs_destination}}/"
+  delegate_to: "{{ node_certs_generator_ip }}"
+  when: 
+    - node_certs_generator
+    - filebeat_xpack_security
+    - not certificate_file_exists.stat.exists
+  register: check_certs_permissions
+  tags: xpack-security
+  
+- name: Importing key & certificate files from generator node
+  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{filebeat_node_name}}/ {{node_certs_destination}}/"
+  when:
+    - not node_certs_generator
+    - filebeat_xpack_security
+    - not certificate_file_exists.stat.exists
+  tags: xpack-security
+
+- name: Importing ca certificate file from generator node 
+  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
+  when:
+    - not node_certs_generator
+    - filebeat_xpack_security
+    - not certificate_file_exists.stat.exists
+  register: check_certs_permissions
+  tags: xpack-security
+
+- name: Ensuring certificates folder owner
+  shell: "chmod -R 770 {{node_certs_destination}}/"
+  when:
+    - check_certs_permissions is defined
+  tags: xpack-security
+
 - import_tasks: config.yml
   when: filebeat_create_config
+  notify: restart filebeat
 
 - name: Reload systemd
   systemd: daemon_reload=yes

From 5c8febd38431f0b031dd59218effa71c60c77869 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:11:02 +0200
Subject: [PATCH 168/714] Kibana playbook update to show an example of
 parameters.

---
 playbooks/wazuh-kibana.yml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml
index e2418200..2fc5cc1d 100644
--- a/playbooks/wazuh-kibana.yml
+++ b/playbooks/wazuh-kibana.yml
@@ -1,4 +1,10 @@
 ---
-- hosts: <your kibana host>
+- hosts: 172.16.0.162
   roles:
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'your elasticsearch IP'}
+    - role: ../roles/elastic-stack/ansible-kibana
+      kibana_xpack_security: true
+      kibana_user: elastic
+      kibana_password: elastic_pass
+      kibana_node_name: node-2
+      elasticsearch_network_host: 172.16.0.161
+      node_certs_generator: false

From 2c14392e74cb3b1b85d5c3c1a7cf69e5ea36c69d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 2 Jul 2019 19:11:17 +0200
Subject: [PATCH 169/714] Wazuh-Manager playbook update to show an example of
 parameters.

---
 playbooks/wazuh-manager.yml | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index d9cc667d..93fb9e9d 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -1,5 +1,10 @@
 ---
-- hosts: <your wazuh server host>
+- hosts: 172.16.0.161
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'your elasticsearch IP'}
+    - role: ../roles/wazuh/ansible-wazuh-manager
+    - role: ../roles/wazuh/ansible-filebeat
+      filebeat_output_elasticsearch_hosts: 172.16.0.161:9200
+      filebeat_xpack_security: true
+      filebeat_node_name: node-1
+      node_certs_generator: true
+

From 72894d4a25b80d2e4be9c06a71909789dc023db1 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 3 Jul 2019 14:09:46 +0200
Subject: [PATCH 170/714] Fix conditions error on ES, Kibana and Filebeat

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 3 ++-
 roles/elastic-stack/ansible-kibana/tasks/main.yml        | 2 ++
 roles/wazuh/ansible-filebeat/tasks/main.yml              | 1 +
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 8ed1c926..f53fab61 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -104,7 +104,6 @@
   shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in {{node_certs_source}}/instances.yml --out {{node_certs_source}}/certs.zip"
   when: 
     - node_certs_generator
-    - instances_file_exists.stat.exists
     - elasticsearch_xpack_security
     - not xpack_certs_zip.stat.exists
     - not certificate_file_exists.stat.exists
@@ -165,12 +164,14 @@
   shell: "chown -R elasticsearch: {{node_certs_destination}}/"
   when:
     - check_certs_permissions is defined
+    - elasticsearch_xpack_security
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
   shell: "chmod -R 770 {{node_certs_destination}}/"
   when:
     - check_certs_permissions is defined
+    - elasticsearch_xpack_security
   tags: xpack-security
   
 
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index d82d9176..338eabcd 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -63,12 +63,14 @@
   shell: "chown -R kibana: {{node_certs_destination}}/"
   when:
     - check_certs_permissions is defined
+    - kibana_xpack_security
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
   shell: "chmod -R 770 {{node_certs_destination}}/"
   when:
     - check_certs_permissions is defined
+    - kibana_xpack_security
   tags: xpack-security
 
 - name: Kibana configuration
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 23022589..80d7cd61 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -61,6 +61,7 @@
   shell: "chmod -R 770 {{node_certs_destination}}/"
   when:
     - check_certs_permissions is defined
+    - filebeat_xpack_security
   tags: xpack-security
 
 - import_tasks: config.yml

From 70f04803c9e3e8d0f719723acd82a1b48290859a Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Thu, 4 Jul 2019 11:10:45 +0200
Subject: [PATCH 171/714] Updated playbook

---
 playbooks/wazuh-elastic_stack-distributed.yml | 56 +++++++++----------
 1 file changed, 28 insertions(+), 28 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index c0853a11..848cea4e 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -1,69 +1,69 @@
 ---
 
-- hosts: 172.16.0.161
+- hosts: <node-1 IP>
   roles:
-    - role: ../roles/elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 172.16.0.161
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: <node-1 IP>
       node_name: node-1
       elasticsearch_bootstrap_node: true
       elasticsearch_cluster_nodes: 
-        - 172.16.0.161
-        - 172.16.0.162
-        - 172.16.0.163
+        - <node-1 IP>
+        - <node-2 IP>
+        - <node-3 IP>
       elasticsearch_discovery_nodes:
-        - 172.16.0.161
-        - 172.16.0.162
-        - 172.16.0.163
+        - <node-1 IP>
+        - <node-2 IP>
+        - <node-3 IP>
       elasticsearch_xpack_security: true
       node_certs_generator: true
 
   vars:
     instances:
       - name: node-1       # Important: must be equal to elasticsearch_node_name.                    
-        ip: 172.16.0.161   # When unzipping, node will search for his node name folder to get the cert.
+        ip: <node-1 IP>   # When unzipping, node will search for his node name folder to get the cert.
 
       - name: node-2
-        ip: 172.16.0.162
+        ip: <node-2 IP>
 
       - name: node-3
-        ip: 172.16.0.163
+        ip: <node-3 IP>
 
-- hosts: 172.16.0.162
+- hosts: <node-2 IP>
   roles:
-    - role: ../roles/elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 172.16.0.162
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: <node-2 IP>
       elasticsearch_node_name: node-2
       elasticsearch_xpack_security: true
       elasticsearch_master_candidate: true
       elasticsearch_discovery_nodes:
-        - 172.16.0.161
-        - 172.16.0.162
-        - 172.16.0.163
+        - <node-1 IP>
+        - <node-2 IP>
+        - <node-3 IP>
   
-- hosts: 172.16.0.163
+- hosts: <node-3 IP>
   roles:
-    - role: ../roles/elastic-stack/ansible-elasticsearch 
-      elasticsearch_network_host: 172.16.0.163
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
+      elasticsearch_network_host: <node-3 IP>
       elasticsearch_node_name: node-3
       elasticsearch_xpack_security: true
       elasticsearch_master_candidate: true
       elasticsearch_discovery_nodes:
-        - 172.16.0.161
-        - 172.16.0.162
-        - 172.16.0.163
+        - <node-1 IP>
+        - <node-2 IP>
+        - <node-3 IP>
 
 
 # - hosts: 172.16.0.162
 #   roles:
-#     - role: ../roles/wazuh/ansible-wazuh-manager
+#     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
 
-#     - role: ../roles/wazuh/ansible-filebeat
+#     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat
 #       filebeat_output_elasticsearch_hosts: 172.16.0.161:9200
 #       filebeat_xpack_security: true
 #       filebeat_node_name: node-2
 #       node_certs_generator: false
 
-#     - role: ../roles/elastic-stack/ansible-elasticsearch
+#     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
 #       elasticsearch_network_host: 172.16.0.162
 #       node_name: node-2
 #       elasticsearch_bootstrap_node: false
@@ -77,7 +77,7 @@
 
 # - hosts: 172.16.0.163
 #   roles:
-#     - role: ../roles/elastic-stack/ansible-kibana
+#     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana
 #       kibana_xpack_security: true
 #       kibana_user: elastic
 #       kibana_password: elastic_pass

From 6609cc9aa70ac168f6c3e1ebd2b20ca8d16aa0cd Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Thu, 4 Jul 2019 12:05:37 +0200
Subject: [PATCH 172/714] Modifying variable names

---
 playbooks/wazuh-elastic_stack-distributed.yml             | 8 ++++----
 roles/elastic-stack/ansible-kibana/defaults/main.yml      | 4 ++--
 .../elastic-stack/ansible-kibana/templates/kibana.yml.j2  | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml            | 4 ++--
 roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2    | 4 ++--
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 848cea4e..a422e50b 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -16,11 +16,12 @@
         - <node-3 IP>
       elasticsearch_xpack_security: true
       node_certs_generator: true
+      elasticsearch_xpack_security_password: elastic_pass
 
   vars:
     instances:
       - name: node-1       # Important: must be equal to elasticsearch_node_name.                    
-        ip: <node-1 IP>   # When unzipping, node will search for his node name folder to get the cert.
+        ip: <node-1 IP>   # When unzipping, the node will search for its node name folder to get the cert.
 
       - name: node-2
         ip: <node-2 IP>
@@ -62,6 +63,7 @@
 #       filebeat_xpack_security: true
 #       filebeat_node_name: node-2
 #       node_certs_generator: false
+#       elasticsearch_xpack_security_password: elastic_pass
 
 #     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
 #       elasticsearch_network_host: 172.16.0.162
@@ -79,9 +81,7 @@
 #   roles:
 #     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana
 #       kibana_xpack_security: true
-#       kibana_user: elastic
-#       kibana_password: elastic_pass
 #       kibana_node_name: node-3
 #       elasticsearch_network_host: 172.16.0.161
 #       node_certs_generator: false
-
+#       elasticsearch_xpack_security_password: elastic_pass
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index ae274da0..77da5a9c 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -11,8 +11,8 @@ wazuh_version: 3.9.2
 # Xpack Security
 kibana_xpack_security: false
 
-kibana_user: kibana
-kibana_password: elastic_pass
+elasticsearch_xpack_security_user: elastic
+elasticsearch_xpack_security_password: elastic_pass
 
 node_certs_generator: false
 node_certs_generator_ip: 172.16.0.161
diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
index bb630933..76a3c2c4 100644
--- a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
@@ -105,8 +105,8 @@ elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_h
 
 # Xpack Security
 {% if kibana_xpack_security %}
-elasticsearch.username: "{{ kibana_user }}"
-elasticsearch.password: "{{ kibana_password }}"
+elasticsearch.username: "{{ elasticsearch_xpack_security_user }}"
+elasticsearch.password: "{{ elasticsearch_xpack_security_password }}"
 server.ssl.enabled: true
 server.ssl.key: "{{node_certs_destination}}/{{ kibana_node_name }}.key"
 server.ssl.certificate: "{{node_certs_destination}}/{{ kibana_node_name }}.crt" 
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 69220a0d..cfb892bd 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -29,8 +29,8 @@ filebeat_ssl_insecure: "false"
 # Xpack Security
 filebeat_xpack_security: false
 
-elasticsearch_user: elastic
-elasticsearch_password: elastic_pass
+elasticsearch_xpack_security_user: elastic
+elasticsearch_xpack_security_password: elastic_pass
 
 node_certs_generator : false
 node_certs_generator_ip: 172.16.0.161
diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
index 202af578..0a47af9d 100644
--- a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
@@ -54,8 +54,8 @@ output.elasticsearch:
   indices:
     - index: 'wazuh-alerts-3.x-%{+yyyy.MM.dd}'
 {% if filebeat_xpack_security %}
-  username: {{ elasticsearch_user }}
-  password: {{ elasticsearch_password }}
+  username: {{ elasticsearch_xpack_security_user }}
+  password: {{ elasticsearch_xpack_security_password }}
   protocol: https
   ssl.certificate_authorities: 
     - {{node_certs_destination}}/ca.crt

From 148e94459ea28b9fcd42106fa15496c92a4a2d34 Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Fri, 5 Jul 2019 14:36:37 +0000
Subject: [PATCH 173/714] fixed testinfra error which was related to the
 incompatibility between ansible and molecule packages' versions

---
 .gitignore | 3 ++-
 Pipfile    | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index 04c7b54b..5b26bcf3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,4 +5,5 @@ wazuh-elastic_stack-single.yml
 wazuh-elastic.yml
 wazuh-kibana.yml
 wazuh-manager.yml
-*.pyc
\ No newline at end of file
+*.pyc
+Pipfile.lock
diff --git a/Pipfile b/Pipfile
index 2d1d13e0..4658d513 100644
--- a/Pipfile
+++ b/Pipfile
@@ -4,9 +4,9 @@ verify_ssl = true
 name = "pypi"
 
 [packages]
-molecule = "*"
 docker-py = "*"
-ansible = "*"
+ansible = "==2.7.11"
+molecule = "*"
 
 [dev-packages]
 

From 4fd696bb9a4952c8cfb6768139541d1eee55fbf4 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Mon, 8 Jul 2019 11:20:32 +0200
Subject: [PATCH 174/714] Updated tests

---
 Pipfile                                 |  1 -
 molecule/filebeat/tests/test_default.py | 13 ------
 molecule/kibana/tests/test_default.py   |  7 ----
 molecule/logstash/Dockerfile.j2         | 14 -------
 molecule/logstash/INSTALL.rst           | 22 ----------
 molecule/logstash/molecule.yml          | 56 -------------------------
 molecule/logstash/playbook.yml          |  5 ---
 molecule/logstash/prepare.yml           | 41 ------------------
 molecule/logstash/tests/test_default.py | 32 --------------
 9 files changed, 191 deletions(-)
 delete mode 100644 molecule/logstash/Dockerfile.j2
 delete mode 100644 molecule/logstash/INSTALL.rst
 delete mode 100644 molecule/logstash/molecule.yml
 delete mode 100644 molecule/logstash/playbook.yml
 delete mode 100644 molecule/logstash/prepare.yml
 delete mode 100644 molecule/logstash/tests/test_default.py

diff --git a/Pipfile b/Pipfile
index 2d1d13e0..90998f2e 100644
--- a/Pipfile
+++ b/Pipfile
@@ -17,6 +17,5 @@ python_version = "2.7"
 test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
-logstash ="molecule test -s logstash"
 filebeat ="molecule test -s filebeat"
 kibana ="molecule test -s kibana"
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
index 8c4fd609..72ac55d4 100644
--- a/molecule/filebeat/tests/test_default.py
+++ b/molecule/filebeat/tests/test_default.py
@@ -4,16 +4,3 @@ import testinfra.utils.ansible_runner
 
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_logstash_is_installed(host):
-    """Test if the filebeat package is installed."""
-    filebeat = host.package("filebeat")
-    assert filebeat.is_installed
-
-
-def test_logstash_is_running(host):
-    """Test if the services are enabled and running."""
-    filebeat = host.service("filebeat")
-    assert filebeat.is_enabled
-    assert filebeat.is_running
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
index dfcf8ad0..936f6cfc 100644
--- a/molecule/kibana/tests/test_default.py
+++ b/molecule/kibana/tests/test_default.py
@@ -6,13 +6,6 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
 
 
-def test_logstash_is_running(host):
-    """Test if the services are enabled and running."""
-    kibana = host.service("kibana")
-    assert kibana.is_enabled
-    assert kibana.is_running
-
-
 def test_port_kibana_is_open(host):
     """Test if the port 5601 is open and listening to connections."""
     host.socket("tcp://0.0.0.0:5601").is_listening
diff --git a/molecule/logstash/Dockerfile.j2 b/molecule/logstash/Dockerfile.j2
deleted file mode 100644
index e6aa95d3..00000000
--- a/molecule/logstash/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/logstash/INSTALL.rst b/molecule/logstash/INSTALL.rst
deleted file mode 100644
index 6a44bde9..00000000
--- a/molecule/logstash/INSTALL.rst
+++ /dev/null
@@ -1,22 +0,0 @@
-*******
-Docker driver installation guide
-*******
-
-Requirements
-============
-
-* Docker Engine
-
-Install
-=======
-
-Please refer to the `Virtual environment`_ documentation for installation best
-practices. If not using a virtual environment, please consider passing the
-widely recommended `'--user' flag`_ when invoking ``pip``.
-
-.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
-.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
-
-.. code-block:: bash
-
-    $ pip install 'molecule[docker]'
diff --git a/molecule/logstash/molecule.yml b/molecule/logstash/molecule.yml
deleted file mode 100644
index 12103767..00000000
--- a/molecule/logstash/molecule.yml
+++ /dev/null
@@ -1,56 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-platforms:
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 1024m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-  - name: centos6
-    image: geerlingguy/docker-centos6-ansible
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
-    ulimits:
-      - nofile:262144:262144
-  - name: centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 1024m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
-provisioner:
-  name: ansible
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-  inventory:
-    group_vars:
-      all:
-        elasticsearch_jvm_xms: 256
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/logstash/playbook.yml b/molecule/logstash/playbook.yml
deleted file mode 100644
index d077bd8e..00000000
--- a/molecule/logstash/playbook.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: elastic-stack/ansible-logstash
diff --git a/molecule/logstash/prepare.yml b/molecule/logstash/prepare.yml
deleted file mode 100644
index 7e5ca29d..00000000
--- a/molecule/logstash/prepare.yml
+++ /dev/null
@@ -1,41 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  gather_facts: true
-  pre_tasks:
-
-    - name: "Install Python packages for Trusty to solve trust issues"
-      package:
-        name:
-          - python-setuptools
-          - python-pip
-        state: latest
-      register: wazuh_manager_trusty_packages_installed
-      until: wazuh_manager_trusty_packages_installed is succeeded
-      when:
-        - ansible_distribution == "Ubuntu"
-        - ansible_distribution_major_version | int == 14
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-
-    - name: "Install (RedHat) dependencies"
-      package:
-        name:
-          - initscripts
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-      when:
-        - ansible_os_family == 'RedHat'
-
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-    - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'localhost'
diff --git a/molecule/logstash/tests/test_default.py b/molecule/logstash/tests/test_default.py
deleted file mode 100644
index bc5fe999..00000000
--- a/molecule/logstash/tests/test_default.py
+++ /dev/null
@@ -1,32 +0,0 @@
-import os
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_logstash_is_installed(host):
-    """Test if logstash is installed with correct version."""
-    logstash = host.package("logstash")
-    assert logstash.is_installed
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'ubuntu':
-        assert logstash.version.startswith('1:6.7.1')
-    else:
-        assert logstash.version.startswith('6.7.1')
-
-
-def test_logstash_is_running(host):
-    """Test if the services are enabled and running."""
-    logstash = host.service("logstash")
-    assert logstash.is_enabled
-    assert logstash.is_running
-
-
-def test_find_correct_logentry(host):
-    """See if logstash is started and is connected to Elasticsearch."""
-    logfile = host.file("/var/log/logstash/logstash-plain.log")
-    assert logfile.contains("Successfully started Logstash API endpoint")
-    assert logfile.contains("Restored connection to ES instance")

From a48169d53f76794160c32c01efc6292952f1db48 Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Mon, 8 Jul 2019 09:27:01 +0000
Subject: [PATCH 175/714] modified molecule.yml for wazuh-agent and
 elasticsearch - Lint

---
 .swp                                            | Bin 0 -> 12288 bytes
 molecule/elasticsearch/molecule.yml             |   7 ++++++-
 molecule/wazuh-agent/molecule.yml               |   6 +++++-
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml |   2 +-
 4 files changed, 12 insertions(+), 3 deletions(-)
 create mode 100644 .swp

diff --git a/.swp b/.swp
new file mode 100644
index 0000000000000000000000000000000000000000..3cc197e09a7cc13ae44c3cb176cce131024a3112
GIT binary patch
literal 12288
zcmeI%Jqp4w6u|LU!NEz<3sl{u>LP*%aB!@nl9C`oKctO<lc)12-ov)qv13bze;|1z
zfxO2LGK2))aer_(3s3SkDu!P>^+g`)lB(ENOSMtO*)<4F?LHd_AkYPYfxliY%d0-0
zP2I`Z??O@3fB*srAb<b@2q1s}0xb#Hn<KA0SMQ(CsfjI>LmC7SKmY**5I_I{1Q0*~
z0R#|eKtO4c_fX`M_u~J*djFU62J&$v0tg_000IagfB*srAb<b@2s9+{%&dv@*44^H
PNqkOCm?*uo>D|Z|jm{a*

literal 0
HcmV?d00001

diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 9897fe56..6d6e962a 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -3,8 +3,13 @@ dependency:
   name: galaxy
 driver:
   name: docker
+#lint:
+#  name: yamllint
 lint:
   name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
 platforms:
   - name: bionic
     image: solita/ubuntu-systemd:bionic
@@ -48,7 +53,7 @@ provisioner:
     ANSIBLE_ROLES_PATH: ../../roles
   lint:
     name: ansible-lint
-    enabled: true
+    enabled: false
   inventory:
     group_vars:
       all:
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
index f64bc114..47c0012f 100644
--- a/molecule/wazuh-agent/molecule.yml
+++ b/molecule/wazuh-agent/molecule.yml
@@ -3,8 +3,13 @@ dependency:
   name: galaxy
 driver:
   name: docker
+  #lint:
+  #  name: yamllint
 lint:
   name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
 platforms:
   - name: wazuh_server_centos7
     image: milcom/centos7-systemd
@@ -72,7 +77,6 @@ provisioner:
           ssl_agent_cert: null
           ssl_agent_key: null
           ssl_auto_negotiate: 'no'
-
   lint:
     name: ansible-lint
     enabled: true
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 76721362..2b644bde 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -8,7 +8,7 @@
 - name: Linux | Install wazuh-agent
   package: name=wazuh-agent state=present
   async: 90
-  poll: 15
+  poll: 30
   tags:
     - init
 

From 5d006cbc3a5300fb8c42c9efa4e8eb75f7100ca9 Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Tue, 9 Jul 2019 15:31:38 +0000
Subject: [PATCH 176/714] adapted wazuh-manager installation so it takes into
 account the package version - Differentiating between CentOS/RedHat and
 Debian

---
 .gitignore                                    |   0
 .swp                                          | Bin
 .yamllint                                     |   0
 CHANGELOG.md                                  |   0
 LICENSE                                       |   0
 Pipfile                                       |   0
 README.md                                     |   0
 VERSION                                       |   0
 molecule/default/Dockerfile.j2                |   0
 molecule/default/INSTALL.rst                  |   0
 molecule/default/create.yml                   |   0
 molecule/default/destroy.yml                  |   0
 molecule/default/molecule.yml                 |   0
 molecule/default/playbook.yml                 |   0
 molecule/default/prepare.yml                  |   0
 molecule/default/tests/test_default.py        |   2 +-
 molecule/elasticsearch/Dockerfile.j2          |   0
 molecule/elasticsearch/INSTALL.rst            |   0
 molecule/elasticsearch/molecule.yml           |  48 +++----
 molecule/elasticsearch/playbook.yml           |   0
 molecule/elasticsearch/tests/test_default.py  |   0
 .../external_packages/jdk-8u211-linux-x64.rpm | 117 ++++++++++++++++++
 molecule/filebeat/Dockerfile.j2               |   0
 molecule/filebeat/INSTALL.rst                 |   0
 molecule/filebeat/molecule.yml                |   0
 molecule/filebeat/playbook.yml                |   0
 molecule/filebeat/prepare.yml                 |   0
 molecule/filebeat/tests/test_default.py       |   0
 molecule/kibana/Dockerfile.j2                 |   0
 molecule/kibana/INSTALL.rst                   |   0
 molecule/kibana/molecule.yml                  |   0
 molecule/kibana/playbook.yml                  |   0
 molecule/kibana/prepare.yml                   |   0
 molecule/kibana/tests/test_default.py         |   0
 molecule/wazuh-agent/Dockerfile.j2            |   0
 molecule/wazuh-agent/INSTALL.rst              |   0
 molecule/wazuh-agent/molecule.yml             |   0
 molecule/wazuh-agent/playbook.yml             |   0
 molecule/wazuh-agent/prepare.yml              |   0
 molecule/wazuh-agent/tests/test_agents.py     |   0
 molecule/wazuh-agent/tests/test_manager.py    |   0
 playbooks/wazuh-agent.yml                     |   0
 playbooks/wazuh-elastic.yml                   |   0
 playbooks/wazuh-elastic_stack-distributed.yml |   0
 playbooks/wazuh-elastic_stack-single.yml      |   0
 playbooks/wazuh-kibana.yml                    |   0
 playbooks/wazuh-manager.yml                   |   0
 roles/ansible-galaxy/meta/main.yml            |   0
 .../ansible-elasticsearch/README.md           |   0
 .../ansible-elasticsearch/defaults/main.yml   |   0
 .../ansible-elasticsearch/handlers/main.yml   |   0
 .../ansible-elasticsearch/meta/main.yml       |   0
 .../ansible-elasticsearch/tasks/Debian.yml    |   0
 .../ansible-elasticsearch/tasks/RMDebian.yml  |   0
 .../ansible-elasticsearch/tasks/RMRedHat.yml  |   0
 .../ansible-elasticsearch/tasks/RedHat.yml    |   0
 .../ansible-elasticsearch/tasks/main.yml      |  27 +++-
 .../templates/elasticsearch.yml.j2            |   0
 .../templates/elasticsearch_nonsystemd.j2     |   0
 .../templates/elasticsearch_systemd.conf.j2   |   0
 .../templates/instances.yml.j2                |   0
 .../templates/jvm.options.j2                  |   0
 .../wazuh-elastic6-template-alerts.json.j2    |   0
 .../wazuh-elastic7-template-alerts.json.j2    |   0
 roles/elastic-stack/ansible-kibana/README.md  |   0
 .../ansible-kibana/defaults/main.yml          |   0
 .../ansible-kibana/handlers/main.yml          |   0
 .../ansible-kibana/meta/main.yml              |   0
 .../ansible-kibana/tasks/Debian.yml           |   0
 .../ansible-kibana/tasks/RMDebian.yml         |   0
 .../ansible-kibana/tasks/RMRedHat.yml         |   0
 .../ansible-kibana/tasks/RedHat.yml           |   0
 .../ansible-kibana/tasks/main.yml             |   0
 .../ansible-kibana/templates/kibana.yml.j2    |   0
 roles/wazuh/ansible-filebeat/README.md        |   0
 .../wazuh/ansible-filebeat/defaults/main.yml  |   0
 .../wazuh/ansible-filebeat/handlers/main.yml  |   0
 roles/wazuh/ansible-filebeat/meta/main.yml    |   0
 roles/wazuh/ansible-filebeat/tasks/Debian.yml |   0
 .../wazuh/ansible-filebeat/tasks/RMDebian.yml |   0
 .../wazuh/ansible-filebeat/tasks/RMRedHat.yml |   0
 roles/wazuh/ansible-filebeat/tasks/RedHat.yml |   0
 roles/wazuh/ansible-filebeat/tasks/config.yml |   0
 roles/wazuh/ansible-filebeat/tasks/main.yml   |   0
 .../templates/elasticsearch.yml.j2            |   0
 .../templates/filebeat.yml.j2                 |   0
 .../ansible-filebeat/tests/requirements.yml   |   0
 roles/wazuh/ansible-filebeat/tests/test.yml   |   0
 roles/wazuh/ansible-wazuh-agent/README.md     |   0
 .../ansible-wazuh-agent/defaults/main.yml     |   0
 .../ansible-wazuh-agent/handlers/main.yml     |   0
 roles/wazuh/ansible-wazuh-agent/meta/main.yml |   0
 .../ansible-wazuh-agent/tasks/Debian.yml      |   0
 .../wazuh/ansible-wazuh-agent/tasks/Linux.yml |   0
 .../ansible-wazuh-agent/tasks/RMDebian.yml    |   0
 .../ansible-wazuh-agent/tasks/RMRedHat.yml    |   0
 .../ansible-wazuh-agent/tasks/RedHat.yml      |   0
 .../ansible-wazuh-agent/tasks/Windows.yml     |   0
 .../wazuh/ansible-wazuh-agent/tasks/main.yml  |   0
 ...r-ossec-etc-local-internal-options.conf.j2 |   0
 .../var-ossec-etc-ossec-agent.conf.j2         |   0
 .../ansible-wazuh-agent/vars/api_pass.yml     |   0
 .../ansible-wazuh-agent/vars/authd_pass.yml   |   0
 roles/wazuh/ansible-wazuh-manager/README.md   |   0
 .../ansible-wazuh-manager/defaults/main.yml   |   2 +
 .../decoders/sample_custom_decoders.xml       |   0
 .../rules/sample_custom_rules.xml             |   0
 .../ansible-wazuh-manager/handlers/main.yml   |   0
 .../wazuh/ansible-wazuh-manager/meta/main.yml |   0
 .../ansible-wazuh-manager/tasks/Debian.yml    |   0
 .../ansible-wazuh-manager/tasks/RMDebian.yml  |   0
 .../ansible-wazuh-manager/tasks/RMRedHat.yml  |   0
 .../ansible-wazuh-manager/tasks/RedHat.yml    |   0
 .../ansible-wazuh-manager/tasks/main.yml      |  29 ++++-
 .../templates/agentless.j2                    |   0
 .../templates/api_user.j2                     |   0
 .../templates/authd_pass.j2                   |   0
 .../templates/cdb_lists.j2                    |   0
 .../var-ossec-api-configuration-config.js.j2  |   0
 ...r-ossec-etc-local-internal-options.conf.j2 |   0
 .../var-ossec-etc-ossec-server.conf.j2        |   0
 .../var-ossec-etc-shared-agent.conf.j2        |   0
 .../var-ossec-rules-local_decoder.xml.j2      |   0
 .../var-ossec-rules-local_rules.xml.j2        |   0
 .../vars/agentless_creds.yml                  |   0
 .../ansible-wazuh-manager/vars/authd_pass.yml |   0
 .../ansible-wazuh-manager/vars/cdb_lists.yml  |   0
 .../vars/wazuh_api_creds.yml                  |   0
 128 files changed, 194 insertions(+), 31 deletions(-)
 mode change 100644 => 100755 .gitignore
 mode change 100644 => 100755 .swp
 mode change 100644 => 100755 .yamllint
 mode change 100644 => 100755 CHANGELOG.md
 mode change 100644 => 100755 LICENSE
 mode change 100644 => 100755 Pipfile
 mode change 100644 => 100755 README.md
 mode change 100644 => 100755 VERSION
 mode change 100644 => 100755 molecule/default/Dockerfile.j2
 mode change 100644 => 100755 molecule/default/INSTALL.rst
 mode change 100644 => 100755 molecule/default/create.yml
 mode change 100644 => 100755 molecule/default/destroy.yml
 mode change 100644 => 100755 molecule/default/molecule.yml
 mode change 100644 => 100755 molecule/default/playbook.yml
 mode change 100644 => 100755 molecule/default/prepare.yml
 mode change 100644 => 100755 molecule/default/tests/test_default.py
 mode change 100644 => 100755 molecule/elasticsearch/Dockerfile.j2
 mode change 100644 => 100755 molecule/elasticsearch/INSTALL.rst
 mode change 100644 => 100755 molecule/elasticsearch/molecule.yml
 mode change 100644 => 100755 molecule/elasticsearch/playbook.yml
 mode change 100644 => 100755 molecule/elasticsearch/tests/test_default.py
 create mode 100755 molecule/external_packages/jdk-8u211-linux-x64.rpm
 mode change 100644 => 100755 molecule/filebeat/Dockerfile.j2
 mode change 100644 => 100755 molecule/filebeat/INSTALL.rst
 mode change 100644 => 100755 molecule/filebeat/molecule.yml
 mode change 100644 => 100755 molecule/filebeat/playbook.yml
 mode change 100644 => 100755 molecule/filebeat/prepare.yml
 mode change 100644 => 100755 molecule/filebeat/tests/test_default.py
 mode change 100644 => 100755 molecule/kibana/Dockerfile.j2
 mode change 100644 => 100755 molecule/kibana/INSTALL.rst
 mode change 100644 => 100755 molecule/kibana/molecule.yml
 mode change 100644 => 100755 molecule/kibana/playbook.yml
 mode change 100644 => 100755 molecule/kibana/prepare.yml
 mode change 100644 => 100755 molecule/kibana/tests/test_default.py
 mode change 100644 => 100755 molecule/wazuh-agent/Dockerfile.j2
 mode change 100644 => 100755 molecule/wazuh-agent/INSTALL.rst
 mode change 100644 => 100755 molecule/wazuh-agent/molecule.yml
 mode change 100644 => 100755 molecule/wazuh-agent/playbook.yml
 mode change 100644 => 100755 molecule/wazuh-agent/prepare.yml
 mode change 100644 => 100755 molecule/wazuh-agent/tests/test_agents.py
 mode change 100644 => 100755 molecule/wazuh-agent/tests/test_manager.py
 mode change 100644 => 100755 playbooks/wazuh-agent.yml
 mode change 100644 => 100755 playbooks/wazuh-elastic.yml
 mode change 100644 => 100755 playbooks/wazuh-elastic_stack-distributed.yml
 mode change 100644 => 100755 playbooks/wazuh-elastic_stack-single.yml
 mode change 100644 => 100755 playbooks/wazuh-kibana.yml
 mode change 100644 => 100755 playbooks/wazuh-manager.yml
 mode change 100644 => 100755 roles/ansible-galaxy/meta/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/README.md
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/handlers/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/meta/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/README.md
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/defaults/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/handlers/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/meta/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/tasks/Debian.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/tasks/main.yml
 mode change 100644 => 100755 roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/README.md
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/defaults/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/handlers/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/meta/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tasks/Debian.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tasks/RedHat.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tasks/config.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tasks/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tests/requirements.yml
 mode change 100644 => 100755 roles/wazuh/ansible-filebeat/tests/test.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/README.md
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/defaults/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/handlers/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/meta/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/tasks/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/README.md
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/defaults/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/handlers/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/meta/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/tasks/main.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/api_user.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
 mode change 100644 => 100755 roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml

diff --git a/.gitignore b/.gitignore
old mode 100644
new mode 100755
diff --git a/.swp b/.swp
old mode 100644
new mode 100755
diff --git a/.yamllint b/.yamllint
old mode 100644
new mode 100755
diff --git a/CHANGELOG.md b/CHANGELOG.md
old mode 100644
new mode 100755
diff --git a/LICENSE b/LICENSE
old mode 100644
new mode 100755
diff --git a/Pipfile b/Pipfile
old mode 100644
new mode 100755
diff --git a/README.md b/README.md
old mode 100644
new mode 100755
diff --git a/VERSION b/VERSION
old mode 100644
new mode 100755
diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
old mode 100644
new mode 100755
diff --git a/molecule/default/INSTALL.rst b/molecule/default/INSTALL.rst
old mode 100644
new mode 100755
diff --git a/molecule/default/create.yml b/molecule/default/create.yml
old mode 100644
new mode 100755
diff --git a/molecule/default/destroy.yml b/molecule/default/destroy.yml
old mode 100644
new mode 100755
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
old mode 100644
new mode 100755
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
old mode 100644
new mode 100755
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
old mode 100644
new mode 100755
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
old mode 100644
new mode 100755
index 16a32b85..4e6e25d6
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.2"
+    return "3.9.0"
 
 
 def test_wazuh_packages_are_installed(host):
diff --git a/molecule/elasticsearch/Dockerfile.j2 b/molecule/elasticsearch/Dockerfile.j2
old mode 100644
new mode 100755
diff --git a/molecule/elasticsearch/INSTALL.rst b/molecule/elasticsearch/INSTALL.rst
old mode 100644
new mode 100755
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
old mode 100644
new mode 100755
index 6d6e962a..585614b2
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -11,36 +11,36 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 1024m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-  - name: trusty
-    image: ubuntu:trusty
-    memory_reservation: 1024m
-    ulimits:
-      - nofile:262144:262144
+        #  - name: bionic
+        #    image: solita/ubuntu-systemd:bionic
+        #    command: /sbin/init
+        #    ulimits:
+        #      - nofile:262144:262144
+        #    privileged: true
+        #    memory_reservation: 1024m
+        #  - name: xenial
+        #    image: solita/ubuntu-systemd:xenial
+        #    privileged: true
+        #    memory_reservation: 1024m
+        #    command: /sbin/init
+        #    ulimits:
+        #      - nofile:262144:262144
+        #- name: trusty
+        #image: ubuntu:trusty
+        #memory_reservation: 1024m
+        #ulimits:
+        #- nofile:262144:262144
   - name: centos6
     image: centos:6
     privileged: true
     memory_reservation: 1024m
     ulimits:
       - nofile:262144:262144
-  - name: centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 1024m
-    privileged: true
-    ulimits:
+        #  - name: centos7
+        #    image: milcom/centos7-systemd
+        #    memory_reservation: 1024m
+        #    privileged: true
+        #    ulimits:
       - nofile:262144:262144
 provisioner:
   name: ansible
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
old mode 100644
new mode 100755
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
old mode 100644
new mode 100755
diff --git a/molecule/external_packages/jdk-8u211-linux-x64.rpm b/molecule/external_packages/jdk-8u211-linux-x64.rpm
new file mode 100755
index 00000000..f0fccd61
--- /dev/null
+++ b/molecule/external_packages/jdk-8u211-linux-x64.rpm
@@ -0,0 +1,117 @@
+<html>
+<head>
+<title>Unauthorized Request</title>
+<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
+<link rel="stylesheet" type="text/css" href="/errors/us/assets/hp-styles.css" />
+<link rel="stylesheet" type="text/css" href="/errors/us/assets/master-master.css" />
+
+<body style="margin: 0px" bgcolor=#ffffff>
+<div id="banner">
+  <table width="100%" border="0" cellspacing="0" cellpadding="0">
+    <tr>
+      <td rowspan="2" valign="middle" nowrap><a href="http://www.oracle.com"><img src="/errors/us/assets/oralogo-small.gif" width="154" height="19" hspace="10" vspace="25" border="0" ></a></td>
+      <td align="right" valign="top" width="70%" nowrap class="padMid"><div id="bannerMid"> </div></td>
+
+      <td width="30%" align="left" valign="bottom" nowrap></td>
+    </tr>
+    <tr>
+      <td align="right" valign="bottom" nowrap class="padMid"></td>
+      <td width="30%" align="left" valign="bottom" nowrap></td>
+    </tr>
+  </table>
+</div>
+<!-- Header END //-->
+<table  BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH="100%">
+
+  <tr>
+    <TD><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT=""></TD>
+    <td><table width="100%"  border="0" cellspacing="0" cellpadding="0">
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="15"></td>
+        </tr>
+        <tr>
+          <td><h1>Sorry!</h1></td>
+        </tr>
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
+        </tr>
+        <tr>
+            <td colspan="2">In order to download products from Oracle Technology         
+            Network you must agree to the OTN license terms.</td>
+        </tr>
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
+        </tr>
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
+        </tr>
+        <tr>
+            <td colspan="2"><strong>Be sure that...</strong></td>
+        </tr>
+        <tr>
+            <td><img alt="" src="/errors/us/assets/004894.gif" height="7" vspace="3">
+            Your browser has "cookies" and JavaScript enabled.</td>
+        </tr>
+        <tr>
+            <td colspan="2"><img alt="" src="/errors/us/assets/004894.gif" height="7" vspace="3">
+            You clicked on "Accept License" for the product you wish to download.</td>
+        </tr>
+        <tr>
+            <td colspan="2"><img alt="" src="/errors/us/assets/004894.gif" height="7" vspace="3">
+            You attempt the download within 30 minutes of accepting the license.</td>
+        </tr>
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
+        </tr>
+        <tr>
+            <td colspan="2"><strong>From here you can go...</strong></td>
+        </tr>
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
+        </tr>
+        <tr>
+          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
+        </tr>
+      </table>
+      <table width="100%" border="0" align="center" cellpadding="2" cellspacing="2">
+        <tr valign="middle">
+          <td align="right" valign="top" width="2%"><img src="/errors/us/assets/004894.gif" height="7" vspace="3"></td>
+          <td><a href="javascript:history.back(-1)">Back to Previous Page</a></td>
+        </tr>
+        <tr valign="middle">
+          <td align="right" valign="top"><img src="/errors/us/assets/004894.gif" height="7" vspace="3"></td>
+          <td><a href="http://www.oracle.com/us/sitemaps/index.html#otn">Site Map</a></td>
+        </tr>
+        <tr valign="middle">
+          <td align="right" valign="top"><img src="/errors/us/assets/004894.gif" height="7" vspace="3"></td>
+          <td><a href="http://www.oracle.com/technetwork/index.html">OTN Homepage</a></td>
+        </tr>
+      </table>
+
+      <br>
+      <div id="footer">
+        <table width="100%"  border="0" cellspacing="0" cellpadding="0">
+          <tr>
+            <td width="50%" class="legalese" align="right" valign="top">&nbsp;</td>
+            <td width="50%" class="legalese" align="left" valign="top" >&nbsp;</td>
+          </tr>
+          <tr>
+            <td width="50%" class="legalese" align="left" valign="top">&nbsp;</td>
+
+            <td width="50%" class="legalese" align="right" valign="top"><a class=legalese href="http://www.oracle.com/rss/index.html" target="_top">RSS <img src="/errors/us/assets/feed-icon-14x14.png" width="14" height="14" border="0"></A><span class=navlink> | </span> <a class=legalese href="http://www.oracle.com/html/copyright.html" target="_top">Legal Notices and Terms for Use</a><span class=navlink> | </span> <a class=legalese href="http://www.oracle.com/html/privacy.html" target="_top">Privacy Statement</a><br />
+            </td>
+          </tr>
+          <tr>
+
+            <td width="50%" class="legalese" align="right" valign="top">&nbsp;</td>
+            <td width="50%" class="legalese" align="left" valign="top" ></td>
+          </tr>
+        </table>
+      </div>
+    </td>
+    <TD WIDTH="10"><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" WIDTH="10"></TD>
+  </tr>
+</table>
+
+</body>
+</html>
diff --git a/molecule/filebeat/Dockerfile.j2 b/molecule/filebeat/Dockerfile.j2
old mode 100644
new mode 100755
diff --git a/molecule/filebeat/INSTALL.rst b/molecule/filebeat/INSTALL.rst
old mode 100644
new mode 100755
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
old mode 100644
new mode 100755
diff --git a/molecule/filebeat/playbook.yml b/molecule/filebeat/playbook.yml
old mode 100644
new mode 100755
diff --git a/molecule/filebeat/prepare.yml b/molecule/filebeat/prepare.yml
old mode 100644
new mode 100755
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
old mode 100644
new mode 100755
diff --git a/molecule/kibana/Dockerfile.j2 b/molecule/kibana/Dockerfile.j2
old mode 100644
new mode 100755
diff --git a/molecule/kibana/INSTALL.rst b/molecule/kibana/INSTALL.rst
old mode 100644
new mode 100755
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
old mode 100644
new mode 100755
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
old mode 100644
new mode 100755
diff --git a/molecule/kibana/prepare.yml b/molecule/kibana/prepare.yml
old mode 100644
new mode 100755
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/Dockerfile.j2 b/molecule/wazuh-agent/Dockerfile.j2
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/INSTALL.rst b/molecule/wazuh-agent/INSTALL.rst
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/prepare.yml b/molecule/wazuh-agent/prepare.yml
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
old mode 100644
new mode 100755
diff --git a/molecule/wazuh-agent/tests/test_manager.py b/molecule/wazuh-agent/tests/test_manager.py
old mode 100644
new mode 100755
diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
old mode 100644
new mode 100755
diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
old mode 100644
new mode 100755
diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
old mode 100644
new mode 100755
diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
old mode 100644
new mode 100755
diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml
old mode 100644
new mode 100755
diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
old mode 100644
new mode 100755
diff --git a/roles/ansible-galaxy/meta/main.yml b/roles/ansible-galaxy/meta/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/handlers/main.yml b/roles/elastic-stack/ansible-elasticsearch/handlers/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/meta/main.yml b/roles/elastic-stack/ansible-elasticsearch/meta/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
old mode 100644
new mode 100755
index 776f8b36..5ca11b67
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -197,7 +197,7 @@
   when:
     - elasticsearch_xpack_security
   
-- name: Reload systemd
+- name: Distribution != one of [ centos 6.*,  trusty ] | Reload systemd
   systemd: daemon_reload=true
   ignore_errors: true
   when:
@@ -205,12 +205,37 @@
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
+- name: Get Java version
+  shell: java -version |& awk -F'"' '{print $2}'
+  register: java_version
+
+- debug: msg="{{ java_version.stdout_lines }}"
+
+- name: "Install Java Repo for Trusty"
+  yum_repository: repo='ppa:openjdk-r/ppa'
+  when:
+    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7
+
+- name: Distribution is centos 6.* | Enable Elasticsearch
+  service: name=elasticsearch enabled=yes
+
+- name: Distribution is centos 6.* | Reload Elasticsearch
+  service: name=elasticsearch state=reloaded
+
+- name: Distribution is centos 6.* | Start Elasticsearch
+  service: name=elasticsearch state=started
 
 - name: Ensure Elasticsearch started and enabled
   service:
     name: elasticsearch
     enabled: true
     state: started
+    #  ignore_errors: true
+    #  when:
+    #    - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
+    #    - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
+    #    - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
+    #    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
 - name: Make sure Elasticsearch is running before proceeding
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/README.md b/roles/elastic-stack/ansible-kibana/README.md
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/handlers/main.yml b/roles/elastic-stack/ansible-kibana/handlers/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/meta/main.yml b/roles/elastic-stack/ansible-kibana/meta/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
old mode 100644
new mode 100755
diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/README.md b/roles/wazuh/ansible-filebeat/README.md
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/handlers/main.yml b/roles/wazuh/ansible-filebeat/handlers/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/meta/main.yml b/roles/wazuh/ansible-filebeat/meta/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tasks/config.yml b/roles/wazuh/ansible-filebeat/tasks/config.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tests/requirements.yml b/roles/wazuh/ansible-filebeat/tests/requirements.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-filebeat/tests/test.yml b/roles/wazuh/ansible-filebeat/tests/test.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/README.md b/roles/wazuh/ansible-wazuh-agent/README.md
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/meta/main.yml b/roles/wazuh/ansible-wazuh-agent/meta/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/README.md b/roles/wazuh/ansible-wazuh-manager/README.md
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
old mode 100644
new mode 100755
index 8cf7ef58..ffa9bef2
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,4 +1,6 @@
 ---
+wazuh_manager_api_version: 3.9.0
+
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest
 
diff --git a/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/meta/main.yml b/roles/wazuh/ansible-wazuh-manager/meta/main.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
old mode 100644
new mode 100755
index 2715bba0..7064ba41
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -5,19 +5,38 @@
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
-- name: Install wazuh-manager, wazuh-api and expect
-  package: pkg={{ item }} state={{ wazuh_manager_package_state }}
+- name: CentOS/RedHat | Install wazuh-manager, wazuh-api and expect
+  package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }}
   with_items:
     - wazuh-manager
     - wazuh-api
-    - expect
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-    - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
+    - ansible_distribution in ['CentOS','RedHat']
   tags:
     - init
 
+- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api and expect
+  apt:
+    name: "{{ item }}={{ wazuh_manager_api_version }}-1"
+    state: present
+    cache_valid_time: 3600
+  with_items:
+    - wazuh-manager
+    - wazuh-api
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
+  when:
+  - not (ansible_distribution in ['CentOS','RedHat'])
+  tags: init
+
+- name: Install expect
+  package: pkg=expect state={{ wazuh_manager_package_state }}
+  when:
+    - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
+  tags: init
+
 - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
   replace:
     path: /etc/init.d/wazuh-manager
@@ -30,7 +49,7 @@
 - name: Install wazuh-manager and expect (EL5)
   package: pkg={{ item }} state={{ wazuh_manager_package_state }}
   with_items:
-    - wazuh-manager
+    - wazuh-manager-{{ wazuh_manager_api_version }}
     - expect
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2 b/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/api_user.j2 b/roles/wazuh/ansible-wazuh-manager/templates/api_user.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2 b/roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2 b/roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml b/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
old mode 100644
new mode 100755
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml
old mode 100644
new mode 100755

From 873e9759ae0b250a1a19d415dd26e7f1d1bb700d Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Fri, 12 Jul 2019 13:06:02 +0000
Subject: [PATCH 177/714] Versioning and Ansible-Linting fixes are introduced
 to wazuh-agent and filebeat installations and testings

---
 molecule/filebeat/molecule.yml                |  3 ++
 molecule/filebeat/tests/test_default.py       |  7 +++
 molecule/wazuh-agent/tests/test_agents.py     |  5 ++
 .../wazuh/ansible-filebeat/defaults/main.yml  |  2 +
 roles/wazuh/ansible-filebeat/tasks/main.yml   | 50 +++++++++++++------
 .../ansible-wazuh-agent/defaults/main.yml     |  5 +-
 .../wazuh/ansible-wazuh-agent/tasks/Linux.yml | 16 +++++-
 .../ansible-wazuh-manager/tasks/main.yml      |  4 +-
 8 files changed, 72 insertions(+), 20 deletions(-)

diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index 4f0bffb6..e456c4ae 100755
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -5,6 +5,9 @@ driver:
   name: docker
 lint:
   name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
 platforms:
   - name: trusty
     image: ubuntu:trusty
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
index 72ac55d4..a959e48b 100755
--- a/molecule/filebeat/tests/test_default.py
+++ b/molecule/filebeat/tests/test_default.py
@@ -4,3 +4,10 @@ import testinfra.utils.ansible_runner
 
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_filebeat_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    filebeat = host.package("filebeat")
+    assert filebeat.is_installed
+    assert filebeat.version.startswith('7.1.1')
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
index 5867dc2f..657cc9ee 100755
--- a/molecule/wazuh-agent/tests/test_agents.py
+++ b/molecule/wazuh-agent/tests/test_agents.py
@@ -7,6 +7,11 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent')
 
 
+def get_wazuh_version():
+    """This return the version of Wazuh."""
+    return "3.9.0"
+
+
 def test_ossec_package_installed(Package):
     ossec = Package('wazuh-agent')
     assert ossec.is_installed
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index cfb892bd..541c0214 100755
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,4 +1,6 @@
 ---
+filebeat_version: 7.1.1
+
 filebeat_create_config: true
 
 filebeat_prospectors:
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 2dfa3ecd..7bafcc79 100755
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -5,26 +5,40 @@
 - import_tasks: Debian.yml
   when: ansible_os_family == 'Debian'
 
-- name: Install Filebeat.
-  package: name=filebeat state=present
+- name: CentOS/RedHat |  Install Filebeat.
+  package: name=filebeat-{{ filebeat_version }} state=present
   register: filebeat_installing_package
   until: filebeat_installing_package is succeeded
+  when:
+    - ansible_distribution in ['CentOS','RedHat']
   tags:
     - install
 
+- name: Debian/Ubuntu | Install Filebeat.
+  apt:
+    name: filebeat={{ filebeat_version }}
+    state: present
+    cache_valid_time: 3600
+  register: filebeat_installing_package_debian
+  until: filebeat_installing_package_debian is succeeded
+  when:
+    - not (ansible_distribution in ['CentOS','RedHat'])
+  tags:
+    - init
+
 - name: Check if certificate exists locally
   stat:
-    path: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt"
+    path: "{{ node_certs_destination }}/{{ filebeat_node_name }}.crt"
   register: certificate_file_exists
   when:
     - filebeat_xpack_security
 
 - name: Copy key & certificate files in generator node (locally)
   synchronize:
-    src: "{{node_certs_source}}/{{filebeat_node_name}}/"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ node_certs_source }}/{{ filebeat_node_name }}/"
+    dest: "{{ node_certs_destination }}/"
   delegate_to: "{{ node_certs_generator_ip }}"
-  when: 
+  when:
     - node_certs_generator
     - filebeat_xpack_security
     - not certificate_file_exists.stat.exists
@@ -32,26 +46,30 @@
 
 - name: Copy ca certificate file in generator node (locally)
   synchronize:
-    src: "{{node_certs_source}}/ca/"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ node_certs_source }}/ca/"
+    dest: "{{ node_certs_destination }}/"
   delegate_to: "{{ node_certs_generator_ip }}"
-  when: 
+  when:
     - node_certs_generator
     - filebeat_xpack_security
     - not certificate_file_exists.stat.exists
   register: check_certs_permissions
   tags: xpack-security
-  
+
 - name: Importing key & certificate files from generator node
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{filebeat_node_name}}/ {{node_certs_destination}}/"
+  command: >-
+    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
+    {{ node_certs_source }}/{{ filebeat_node_name }}/ {{ node_certs_destination }}/
   when:
     - not node_certs_generator
     - filebeat_xpack_security
     - not certificate_file_exists.stat.exists
   tags: xpack-security
 
-- name: Importing ca certificate file from generator node 
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
+- name: Importing ca certificate file from generator node
+  command: >-
+    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
+    {{ node_certs_source }}/ca/ {{ node_certs_destination }}/
   when:
     - not node_certs_generator
     - filebeat_xpack_security
@@ -60,7 +78,11 @@
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
-  shell: "chmod -R 770 {{node_certs_destination}}/"
+  file:
+    path: "{{ node_certs_destination }}/"
+    mode: '0770'
+    recurse: yes
+
   when:
     - check_certs_permissions is defined
     - filebeat_xpack_security
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index e95707e6..ded6d5b9 100755
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,4 +1,5 @@
 ---
+wazuh_agent_version: 3.9.0
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
@@ -23,10 +24,10 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.9.2'
+  version: '3.9.3'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: 43936e7bc7eb51bd186f47dac4a6f477
+  md5: c3fdbd6c121ca371b8abcd477ed4e8a4
 wazuh_agent_config:
   active_response:
     ar_disabled: 'no'
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 2b644bde..faa28b57 100755
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -5,10 +5,22 @@
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
-- name: Linux | Install wazuh-agent
-  package: name=wazuh-agent state=present
+- name: Linux CentOS/RedHat | Install wazuh-agent
+  package: name=wazuh-agent-{{ wazuh_agent_version }}-1 state=present
   async: 90
   poll: 30
+  when:
+    - ansible_distribution in ['CentOS','RedHat']
+  tags:
+    - init
+
+- name: Linux Debian | Install wazuh-agent
+  apt:
+    name: "wazuh-agent={{ wazuh_agent_version }}-1"
+    state: present
+    cache_valid_time: 3600
+  when:
+    - not (ansible_distribution in ['CentOS','RedHat'])
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 7064ba41..30e5ec87 100755
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -5,7 +5,7 @@
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
-- name: CentOS/RedHat | Install wazuh-manager, wazuh-api and expect
+- name: CentOS/RedHat | Install wazuh-manager, wazuh-api
   package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }}
   with_items:
     - wazuh-manager
@@ -17,7 +17,7 @@
   tags:
     - init
 
-- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api and expect
+- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api
   apt:
     name: "{{ item }}={{ wazuh_manager_api_version }}-1"
     state: present

From d08b013224db9041b141a92c5880f62736019dee Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Fri, 12 Jul 2019 14:24:31 +0000
Subject: [PATCH 178/714] Kibana test is probably fixed, saving changes ...

---
 molecule/kibana/molecule.yml                  |  3 ++
 molecule/kibana/tests/test_default.py         |  2 +-
 .../ansible-kibana/tasks/main.yml             | 40 ++++++++++++-------
 3 files changed, 30 insertions(+), 15 deletions(-)

diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index a1e0e3f9..c1191c07 100755
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -5,6 +5,9 @@ driver:
   name: docker
 lint:
   name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
 platforms:
   - name: bionic
     image: solita/ubuntu-systemd:bionic
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
index 936f6cfc..f510aed9 100755
--- a/molecule/kibana/tests/test_default.py
+++ b/molecule/kibana/tests/test_default.py
@@ -14,7 +14,7 @@ def test_port_kibana_is_open(host):
 def test_find_correct_elasticsearch_version(host):
     """Test if we find the kibana/elasticsearch version in package.json"""
     kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
-    assert kibana.contains("6.7.1")
+    assert kibana.contains("7.1.1")
 
 
 def test_wazuh_plugin_installed(host):
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 43dfd57e..4e12b1b2 100755
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -16,17 +16,17 @@
 
 - name: Check if certificate exists locally
   stat:
-    path: "{{node_certs_destination}}/{{ kibana_node_name }}.crt"
+    path: "{{ node_certs_destination }}/{{ kibana_node_name }}.crt"
   register: certificate_file_exists
   when:
-    - kibana_xpack_security 
+    - kibana_xpack_security
 
 - name: Copy key & certificate files in generator node (locally)
   synchronize:
-    src: "{{node_certs_source}}/{{kibana_node_name}}/"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ node_certs_source }}/{{ kibana_node_name }}/"
+    dest: "{{ node_certs_destination }}/"
   delegate_to: "{{ node_certs_generator_ip }}"
-  when: 
+  when:
     - node_certs_generator
     - kibana_xpack_security
     - not certificate_file_exists.stat.exists
@@ -34,25 +34,29 @@
 
 - name: Copy ca certificate file in generator node (locally)
   synchronize:
-    src: "{{node_certs_source}}/ca/"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ node_certs_source }}/ca/"
+    dest: "{{ node_certs_destination }}/"
   delegate_to: "{{ node_certs_generator_ip }}"
-  when: 
+  when:
     - node_certs_generator
     - kibana_xpack_security
     - not certificate_file_exists.stat.exists
   tags: xpack-security
-  
+
 - name: Importing key & certificate files from generator node
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{kibana_node_name}}/ {{node_certs_destination}}/"
+  command: >-
+    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
+    {{ node_certs_source }}/{{ kibana_node_name }}/ {{ node_certs_destination }}/
   when:
     - not node_certs_generator
     - kibana_xpack_security
     - not certificate_file_exists.stat.exists
   tags: xpack-security
 
-- name: Importing ca certificate file from generator node 
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
+- name: Importing ca certificate file from generator node
+  command: >-
+    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
+    {{ node_certs_source }}/ca/ {{ node_certs_destination }}/
   when:
     - not node_certs_generator
     - kibana_xpack_security
@@ -61,14 +65,22 @@
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
-  shell: "chown -R kibana: {{node_certs_destination}}/"
+  file:
+    path: "{{ node_certs_destination }}/"
+    state: directory
+    recurse: yes
+    owner: kibana
+    group: kibana
   when:
     - check_certs_permissions is defined
     - kibana_xpack_security
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
-  shell: "chmod -R 770 {{node_certs_destination}}/"
+  file:
+    path: "{{ node_certs_destination }}/"
+    mode: '0770'
+    recurse: yes
   when:
     - check_certs_permissions is defined
     - kibana_xpack_security

From df428f5f52632bb3cf0d7163f2c05346cefae95d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 15 Jul 2019 14:04:13 +0200
Subject: [PATCH 179/714] fixed elasticsearch installation for Centos 6.* -
 Adding Java Installation

---
 molecule/elasticsearch/molecule.yml           |  2 +-
 molecule/elasticsearch/tests/test_default.py  |  2 +-
 .../ansible-elasticsearch/tasks/RedHat.yml    |  5 ++++
 .../ansible-elasticsearch/tasks/main.yml      | 24 +++++++++++--------
 4 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 585614b2..a7e3c26f 100755
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -41,7 +41,7 @@ platforms:
         #    memory_reservation: 1024m
         #    privileged: true
         #    ulimits:
-      - nofile:262144:262144
+        #      - nofile:262144:262144
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
index 8b453255..34fce3b3 100755
--- a/molecule/elasticsearch/tests/test_default.py
+++ b/molecule/elasticsearch/tests/test_default.py
@@ -10,7 +10,7 @@ def test_elasticsearch_is_installed(host):
     """Test if the elasticsearch package is installed."""
     elasticsearch = host.package("elasticsearch")
     assert elasticsearch.is_installed
-    assert elasticsearch.version.startswith('6.7.1')
+    assert elasticsearch.version.startswith('7.1.1')
 
 
 def test_elasticsearch_is_running(host):
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 16366dfc..fbefe51e 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -9,6 +9,11 @@
     gpgcheck: true
   changed_when: false
 
+- name: CentOS x.x => x.x < 7.0 | Installing Java
+  yum:
+    name: java-1.8.0-openjdk.x86_64
+    state: present
+
 - name: RedHat/CentOS/Fedora | Install Elasticsarch
   package: name=elasticsearch-{{ elastic_stack_version }} state=present
   tags: install
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 5ca11b67..c29dc760 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -205,22 +205,26 @@
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
-- name: Get Java version
-  shell: java -version |& awk -F'"' '{print $2}'
-  register: java_version
 
-- debug: msg="{{ java_version.stdout_lines }}"
+#- name: Get Java version
+#  shell: java -version |& awk -F'"' '{print $2}'
+#  register: java_version
+#  ignore_errors: true
 
-- name: "Install Java Repo for Trusty"
-  yum_repository: repo='ppa:openjdk-r/ppa'
-  when:
-    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7
+# - debug: msg="{{ java_version.stdout_lines }}"
+
+#- name: "Install Java Repo for Trusty"
+#  yum_repository: repo='ppa:openjdk-r/ppa'
+#  when:
+#    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7
 
 - name: Distribution is centos 6.* | Enable Elasticsearch
   service: name=elasticsearch enabled=yes
 
-- name: Distribution is centos 6.* | Reload Elasticsearch
-  service: name=elasticsearch state=reloaded
+
+#- name: Distribution is centos 6.* | Reload Elasticsearch
+#  service: name=elasticsearch state=reloaded
+#  state: "{{ elasticsearch_state | default('reloaded') }}"
 
 - name: Distribution is centos 6.* | Start Elasticsearch
   service: name=elasticsearch state=started

From 9605280db076ac48c4cac13c731aaa2193f64121 Mon Sep 17 00:00:00 2001
From: Michael Both <mboth@anynines.com>
Date: Mon, 15 Jul 2019 14:32:19 +0200
Subject: [PATCH 180/714] Use tcp for all connections

---
 playbooks/wazuh-agent.yml                           | 2 +-
 roles/wazuh/ansible-wazuh-agent/README.md           | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
index 8c7eaa69..bd85a3a6 100644
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@@ -6,7 +6,7 @@
     wazuh_managers:
       - address: <your manager IP>
         port: 1514
-        protocol: udp
+        protocol: tcp
         api_port: 55000
         api_proto: 'http'
         api_user: ansible
diff --git a/roles/wazuh/ansible-wazuh-agent/README.md b/roles/wazuh/ansible-wazuh-agent/README.md
index 703c247b..9709d9b3 100644
--- a/roles/wazuh/ansible-wazuh-agent/README.md
+++ b/roles/wazuh/ansible-wazuh-agent/README.md
@@ -32,7 +32,7 @@ The following is an example of how this role can be used:
          wazuh_managers:
            - address: 127.0.0.1
              port: 1514
-             protocol: udp
+             protocol: tcp
              api_port: 55000
              api_proto: 'http'
              api_user: 'ansible'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 8cf7ef58..6550cfa8 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -40,7 +40,7 @@ wazuh_manager_config:
   connection:
     - type: 'secure'
       port: '1514'
-      protocol: 'udp'
+      protocol: 'tcp'
       queue_size: 131072
   authd:
     enable: true

From eb70809add79d1159db57f587dbad7a5c837c616 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 15 Jul 2019 17:06:13 +0200
Subject: [PATCH 181/714] fixed Elasticsearch installation's issues caused by
 the absense of Java in Ubuntu Trusty

---
 molecule/elasticsearch/molecule.yml           | 16 ++++-----
 .../ansible-elasticsearch/tasks/Debian.yml    | 36 +++++++++++++++++++
 .../ansible-elasticsearch/tasks/RedHat.yml    |  2 ++
 .../ansible-elasticsearch/tasks/main.yml      | 23 ------------
 4 files changed, 46 insertions(+), 31 deletions(-)

diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index a7e3c26f..fbb06add 100755
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -25,17 +25,17 @@ platforms:
         #    command: /sbin/init
         #    ulimits:
         #      - nofile:262144:262144
-        #- name: trusty
-        #image: ubuntu:trusty
-        #memory_reservation: 1024m
-        #ulimits:
-        #- nofile:262144:262144
-  - name: centos6
-    image: centos:6
-    privileged: true
+  - name: trusty
+    image: ubuntu:trusty
     memory_reservation: 1024m
     ulimits:
       - nofile:262144:262144
+#  - name: centos6
+#    image: centos:6
+#    privileged: true
+#    memory_reservation: 1024m
+#    ulimits:
+#      - nofile:262144:262144
         #  - name: centos7
         #    image: milcom/centos7-systemd
         #    memory_reservation: 1024m
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 1555f443..17b968cc 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -14,6 +14,42 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
 
+- name: Update and upgrade apt packages
+  become: true
+  apt:
+    upgrade: yes
+    update_cache: yes
+    cache_valid_time: 86400 #One day
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+
+- name: Install Oracle Java 8
+  become: yes
+  apt: name=openjdk-8-jdk state=latest
+
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+
+- name: Set the default Java version
+  become: yes
+  shell: update-alternatives --config java
+
+- name: Set the default Javac version
+  become: yes
+  shell: update-alternatives --config javac
+
+- name: Update and upgrade apt packages
+  become: true
+  apt:
+    upgrade: yes
+    update_cache: yes
+    cache_valid_time: 86400 #One day
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
     url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index fbefe51e..81176ee0 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -13,6 +13,8 @@
   yum:
     name: java-1.8.0-openjdk.x86_64
     state: present
+  when:
+    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7
 
 - name: RedHat/CentOS/Fedora | Install Elasticsarch
   package: name=elasticsearch-{{ elastic_stack_version }} state=present
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index c29dc760..56a3157b 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -206,26 +206,9 @@
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
-#- name: Get Java version
-#  shell: java -version |& awk -F'"' '{print $2}'
-#  register: java_version
-#  ignore_errors: true
-
-# - debug: msg="{{ java_version.stdout_lines }}"
-
-#- name: "Install Java Repo for Trusty"
-#  yum_repository: repo='ppa:openjdk-r/ppa'
-#  when:
-#    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7
-
 - name: Distribution is centos 6.* | Enable Elasticsearch
   service: name=elasticsearch enabled=yes
 
-
-#- name: Distribution is centos 6.* | Reload Elasticsearch
-#  service: name=elasticsearch state=reloaded
-#  state: "{{ elasticsearch_state | default('reloaded') }}"
-
 - name: Distribution is centos 6.* | Start Elasticsearch
   service: name=elasticsearch state=started
 
@@ -234,12 +217,6 @@
     name: elasticsearch
     enabled: true
     state: started
-    #  ignore_errors: true
-    #  when:
-    #    - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
-    #    - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
-    #    - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
-    #    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
 - name: Make sure Elasticsearch is running before proceeding
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300

From fc38d565d9d9e6839dbe1ad6f3b641a8865534f3 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 16 Jul 2019 12:29:07 +0200
Subject: [PATCH 182/714] fixed Elasticsearch installation's issues related to
 Idempotence test - Test passed successfully

---
 molecule/elasticsearch/molecule.yml           | 46 +++++++++----------
 .../ansible-elasticsearch/tasks/Debian.yml    | 20 +++++---
 .../ansible-elasticsearch/tasks/main.yml      |  1 -
 3 files changed, 36 insertions(+), 31 deletions(-)

diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index fbb06add..6860b0f3 100755
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -3,45 +3,43 @@ dependency:
   name: galaxy
 driver:
   name: docker
-#lint:
-#  name: yamllint
 lint:
   name: yamllint
   options:
     config-data:
       ignore: .virtualenv
 platforms:
-        #  - name: bionic
-        #    image: solita/ubuntu-systemd:bionic
-        #    command: /sbin/init
-        #    ulimits:
-        #      - nofile:262144:262144
-        #    privileged: true
-        #    memory_reservation: 1024m
-        #  - name: xenial
-        #    image: solita/ubuntu-systemd:xenial
-        #    privileged: true
-        #    memory_reservation: 1024m
-        #    command: /sbin/init
-        #    ulimits:
-        #      - nofile:262144:262144
+# - name: bionic
+#   image: solita/ubuntu-systemd:bionic
+#   command: /sbin/init
+#   ulimits:
+#     - nofile:262144:262144
+#   privileged: true
+#   memory_reservation: 2048m
+# - name: xenial
+#   image: solita/ubuntu-systemd:xenial
+#   privileged: true
+#   memory_reservation: 2048m
+#   command: /sbin/init
+#   ulimits:
+#     - nofile:262144:262144
   - name: trusty
     image: ubuntu:trusty
-    memory_reservation: 1024m
+    memory_reservation: 2048m
     ulimits:
       - nofile:262144:262144
 #  - name: centos6
 #    image: centos:6
 #    privileged: true
-#    memory_reservation: 1024m
+#    memory_reservation: 2048m
+#    ulimits:
+#      - nofile:262144:262144
+#  - name: centos7
+#    image: milcom/centos7-systemd
+#    memory_reservation: 2048m
+#    privileged: true
 #    ulimits:
 #      - nofile:262144:262144
-        #  - name: centos7
-        #    image: milcom/centos7-systemd
-        #    memory_reservation: 1024m
-        #    privileged: true
-        #    ulimits:
-        #      - nofile:262144:262144
 provisioner:
   name: ansible
   playbooks:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 17b968cc..642e2ee9 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -32,13 +32,19 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
 
-- name: Set the default Java version
-  become: yes
-  shell: update-alternatives --config java
+#- name: Set the default Java version
+#  become: yes
+#  shell: update-alternatives --config java
+#  when:
+#    - ansible_distribution == "Ubuntu"
+#    - ansible_distribution_major_version | int == 14#
 
-- name: Set the default Javac version
-  become: yes
-  shell: update-alternatives --config javac
+#- name: Set the default Javac version
+#  become: yes
+#  shell: update-alternatives --config javac
+#  when:
+#    - ansible_distribution == "Ubuntu"
+#    - ansible_distribution_major_version | int == 14
 
 - name: Update and upgrade apt packages
   become: true
@@ -55,12 +61,14 @@
     url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
     state: present
 
+
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
     repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
     filename: 'elastic_repo'
     update_cache: true
+  changed_when: false
 
 - name: Debian/Ubuntu | Install Elasticsarch
   apt:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 56a3157b..2d446798 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -253,6 +253,5 @@
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 
-
 - import_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"

From 687797a66cd7d7aff3a3b36916182f1950a25453 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 16 Jul 2019 17:23:09 +0200
Subject: [PATCH 183/714] ignored Ubuntu Trusty in Testing

---
 molecule/elasticsearch/molecule.yml           | 57 ++++++++++---------
 molecule/kibana/molecule.yml                  | 10 ++--
 .../ansible-elasticsearch/tasks/Debian.yml    | 14 -----
 .../ansible-elasticsearch/tasks/main.yml      | 23 ++++++++
 4 files changed, 57 insertions(+), 47 deletions(-)

diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 6860b0f3..20d68047 100755
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -9,37 +9,38 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-# - name: bionic
-#   image: solita/ubuntu-systemd:bionic
-#   command: /sbin/init
-#   ulimits:
-#     - nofile:262144:262144
-#   privileged: true
-#   memory_reservation: 2048m
-# - name: xenial
-#   image: solita/ubuntu-systemd:xenial
-#   privileged: true
-#   memory_reservation: 2048m
-#   command: /sbin/init
-#   ulimits:
-#     - nofile:262144:262144
-  - name: trusty
-    image: ubuntu:trusty
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 2048m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+#  - name: trusty
+#    image: ubuntu:trusty
+#    privileged: true
+#    memory_reservation: 2048m
+#    ulimits:
+#      - nofile:262144:262144
+  - name: centos6
+    image: centos:6
+    privileged: true
     memory_reservation: 2048m
     ulimits:
       - nofile:262144:262144
-#  - name: centos6
-#    image: centos:6
-#    privileged: true
-#    memory_reservation: 2048m
-#    ulimits:
-#      - nofile:262144:262144
-#  - name: centos7
-#    image: milcom/centos7-systemd
-#    memory_reservation: 2048m
-#    privileged: true
-#    ulimits:
-#      - nofile:262144:262144
+  - name: centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 2048m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index c1191c07..2017a6bd 100755
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -23,11 +23,11 @@ platforms:
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
-  - name: trusty
-    image: ubuntu:trusty
-    memory_reservation: 1024m
-    ulimits:
-      - nofile:262144:262144
+#  - name: trusty
+#    image: ubuntu:trusty
+#    memory_reservation: 1024m
+#    ulimits:
+#      - nofile:262144:262144
   - name: centos6
     image: centos:6
     privileged: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 642e2ee9..f6c0e6cc 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -32,20 +32,6 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
 
-#- name: Set the default Java version
-#  become: yes
-#  shell: update-alternatives --config java
-#  when:
-#    - ansible_distribution == "Ubuntu"
-#    - ansible_distribution_major_version | int == 14#
-
-#- name: Set the default Javac version
-#  become: yes
-#  shell: update-alternatives --config javac
-#  when:
-#    - ansible_distribution == "Ubuntu"
-#    - ansible_distribution_major_version | int == 14
-
 - name: Update and upgrade apt packages
   become: true
   apt:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 2d446798..9678f8cb 100755
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -197,6 +197,28 @@
   when:
     - elasticsearch_xpack_security
   
+- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
+  lineinfile:
+    path: /etc/security/limits.conf
+    line: elasticsearch - memlock unlimited
+    create: yes
+  become: yes
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+  changed_when: false
+
+- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf
+  lineinfile:
+    path: /etc/security/limits.d/elasticsearch.conf
+    line: elasticsearch - memlock unlimited
+    create: yes
+  become: yes
+  changed_when: false
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+
 - name: Distribution != one of [ centos 6.*,  trusty ] | Reload systemd
   systemd: daemon_reload=true
   ignore_errors: true
@@ -211,6 +233,7 @@
 
 - name: Distribution is centos 6.* | Start Elasticsearch
   service: name=elasticsearch state=started
+  ignore_errors: true
 
 - name: Ensure Elasticsearch started and enabled
   service:

From f30f620350b8a25d5fb4a347fa985b50189098c9 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 17 Jul 2019 12:09:12 +0200
Subject: [PATCH 184/714] disabled core.filemode in git

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index af79a017..f8e65905 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 
 ### Added 
 
-- Update to Wazuh v3.9.2
+- Update to Wazuh  v3.9.2
 - Support for Elastic 7
 - Ability to deploy an Elasticsearch cluster [#6b95e3](https://github.com/wazuh/wazuh-ansible/commit/6b95e304b6ac4dfec08df5cd0fe29be9cc7dc22c)
 

From 2150d71a60ffb7f5ab7651311ed729df7b7bca69 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 17 Jul 2019 12:21:19 +0200
Subject: [PATCH 185/714] changing permissions

---
 .gitignore                                          |   0
 .swp                                                | Bin
 .yamllint                                           |   0
 CHANGELOG.md                                        |   0
 LICENSE                                             |   0
 Pipfile                                             |   0
 README.md                                           |   0
 VERSION                                             |   0
 molecule/default/Dockerfile.j2                      |   0
 molecule/default/INSTALL.rst                        |   0
 molecule/default/create.yml                         |   0
 molecule/default/destroy.yml                        |   0
 molecule/default/molecule.yml                       |   0
 molecule/default/playbook.yml                       |   0
 molecule/default/prepare.yml                        |   0
 molecule/default/tests/test_default.py              |   0
 molecule/elasticsearch/Dockerfile.j2                |   0
 molecule/elasticsearch/INSTALL.rst                  |   0
 molecule/elasticsearch/molecule.yml                 |   0
 molecule/elasticsearch/playbook.yml                 |   0
 molecule/elasticsearch/tests/test_default.py        |   0
 molecule/external_packages/jdk-8u211-linux-x64.rpm  |   0
 molecule/filebeat/Dockerfile.j2                     |   0
 molecule/filebeat/INSTALL.rst                       |   0
 molecule/filebeat/molecule.yml                      |   0
 molecule/filebeat/playbook.yml                      |   0
 molecule/filebeat/prepare.yml                       |   0
 molecule/filebeat/tests/test_default.py             |   0
 molecule/kibana/Dockerfile.j2                       |   0
 molecule/kibana/INSTALL.rst                         |   0
 molecule/kibana/molecule.yml                        |   0
 molecule/kibana/playbook.yml                        |   0
 molecule/kibana/prepare.yml                         |   0
 molecule/kibana/tests/test_default.py               |   0
 molecule/wazuh-agent/Dockerfile.j2                  |   0
 molecule/wazuh-agent/INSTALL.rst                    |   0
 molecule/wazuh-agent/molecule.yml                   |   0
 molecule/wazuh-agent/playbook.yml                   |   0
 molecule/wazuh-agent/prepare.yml                    |   0
 molecule/wazuh-agent/tests/test_agents.py           |   0
 molecule/wazuh-agent/tests/test_manager.py          |   0
 playbooks/wazuh-agent.yml                           |   0
 playbooks/wazuh-elastic.yml                         |   0
 playbooks/wazuh-elastic_stack-distributed.yml       |   0
 playbooks/wazuh-elastic_stack-single.yml            |   0
 playbooks/wazuh-kibana.yml                          |   0
 playbooks/wazuh-manager.yml                         |   0
 roles/ansible-galaxy/meta/main.yml                  |   0
 roles/elastic-stack/ansible-elasticsearch/README.md |   0
 .../ansible-elasticsearch/defaults/main.yml         |   0
 .../ansible-elasticsearch/handlers/main.yml         |   0
 .../ansible-elasticsearch/meta/main.yml             |   0
 .../ansible-elasticsearch/tasks/Debian.yml          |   0
 .../ansible-elasticsearch/tasks/RMDebian.yml        |   0
 .../ansible-elasticsearch/tasks/RMRedHat.yml        |   0
 .../ansible-elasticsearch/tasks/RedHat.yml          |   0
 .../ansible-elasticsearch/tasks/main.yml            |   0
 .../templates/elasticsearch.yml.j2                  |   0
 .../templates/elasticsearch_nonsystemd.j2           |   0
 .../templates/elasticsearch_systemd.conf.j2         |   0
 .../templates/instances.yml.j2                      |   0
 .../ansible-elasticsearch/templates/jvm.options.j2  |   0
 .../wazuh-elastic6-template-alerts.json.j2          |   0
 .../wazuh-elastic7-template-alerts.json.j2          |   0
 roles/elastic-stack/ansible-kibana/README.md        |   0
 .../elastic-stack/ansible-kibana/defaults/main.yml  |   0
 .../elastic-stack/ansible-kibana/handlers/main.yml  |   0
 roles/elastic-stack/ansible-kibana/meta/main.yml    |   0
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml |   0
 .../elastic-stack/ansible-kibana/tasks/RMDebian.yml |   0
 .../elastic-stack/ansible-kibana/tasks/RMRedHat.yml |   0
 roles/elastic-stack/ansible-kibana/tasks/RedHat.yml |   0
 roles/elastic-stack/ansible-kibana/tasks/main.yml   |   0
 .../ansible-kibana/templates/kibana.yml.j2          |   0
 roles/wazuh/ansible-filebeat/README.md              |   0
 roles/wazuh/ansible-filebeat/defaults/main.yml      |   0
 roles/wazuh/ansible-filebeat/handlers/main.yml      |   0
 roles/wazuh/ansible-filebeat/meta/main.yml          |   0
 roles/wazuh/ansible-filebeat/tasks/Debian.yml       |   0
 roles/wazuh/ansible-filebeat/tasks/RMDebian.yml     |   0
 roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml     |   0
 roles/wazuh/ansible-filebeat/tasks/RedHat.yml       |   0
 roles/wazuh/ansible-filebeat/tasks/config.yml       |   0
 roles/wazuh/ansible-filebeat/tasks/main.yml         |   0
 .../ansible-filebeat/templates/elasticsearch.yml.j2 |   0
 .../ansible-filebeat/templates/filebeat.yml.j2      |   0
 roles/wazuh/ansible-filebeat/tests/requirements.yml |   0
 roles/wazuh/ansible-filebeat/tests/test.yml         |   0
 roles/wazuh/ansible-wazuh-agent/README.md           |   0
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   |   0
 roles/wazuh/ansible-wazuh-agent/handlers/main.yml   |   0
 roles/wazuh/ansible-wazuh-agent/meta/main.yml       |   0
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml    |   0
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml     |   0
 roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml  |   0
 roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml  |   0
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml    |   0
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml   |   0
 roles/wazuh/ansible-wazuh-agent/tasks/main.yml      |   0
 .../var-ossec-etc-local-internal-options.conf.j2    |   0
 .../templates/var-ossec-etc-ossec-agent.conf.j2     |   0
 roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml   |   0
 roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml |   0
 roles/wazuh/ansible-wazuh-manager/README.md         |   0
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml |   0
 .../decoders/sample_custom_decoders.xml             |   0
 .../custom_ruleset/rules/sample_custom_rules.xml    |   0
 roles/wazuh/ansible-wazuh-manager/handlers/main.yml |   0
 roles/wazuh/ansible-wazuh-manager/meta/main.yml     |   0
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml  |   0
 .../wazuh/ansible-wazuh-manager/tasks/RMDebian.yml  |   0
 .../wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml  |   0
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml  |   0
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml    |   0
 .../ansible-wazuh-manager/templates/agentless.j2    |   0
 .../ansible-wazuh-manager/templates/api_user.j2     |   0
 .../ansible-wazuh-manager/templates/authd_pass.j2   |   0
 .../ansible-wazuh-manager/templates/cdb_lists.j2    |   0
 .../var-ossec-api-configuration-config.js.j2        |   0
 .../var-ossec-etc-local-internal-options.conf.j2    |   0
 .../templates/var-ossec-etc-ossec-server.conf.j2    |   0
 .../templates/var-ossec-etc-shared-agent.conf.j2    |   0
 .../templates/var-ossec-rules-local_decoder.xml.j2  |   0
 .../templates/var-ossec-rules-local_rules.xml.j2    |   0
 .../ansible-wazuh-manager/vars/agentless_creds.yml  |   0
 .../wazuh/ansible-wazuh-manager/vars/authd_pass.yml |   0
 .../wazuh/ansible-wazuh-manager/vars/cdb_lists.yml  |   0
 .../ansible-wazuh-manager/vars/wazuh_api_creds.yml  |   0
 128 files changed, 0 insertions(+), 0 deletions(-)
 mode change 100755 => 100644 .gitignore
 mode change 100755 => 100644 .swp
 mode change 100755 => 100644 .yamllint
 mode change 100755 => 100644 CHANGELOG.md
 mode change 100755 => 100644 LICENSE
 mode change 100755 => 100644 Pipfile
 mode change 100755 => 100644 README.md
 mode change 100755 => 100644 VERSION
 mode change 100755 => 100644 molecule/default/Dockerfile.j2
 mode change 100755 => 100644 molecule/default/INSTALL.rst
 mode change 100755 => 100644 molecule/default/create.yml
 mode change 100755 => 100644 molecule/default/destroy.yml
 mode change 100755 => 100644 molecule/default/molecule.yml
 mode change 100755 => 100644 molecule/default/playbook.yml
 mode change 100755 => 100644 molecule/default/prepare.yml
 mode change 100755 => 100644 molecule/default/tests/test_default.py
 mode change 100755 => 100644 molecule/elasticsearch/Dockerfile.j2
 mode change 100755 => 100644 molecule/elasticsearch/INSTALL.rst
 mode change 100755 => 100644 molecule/elasticsearch/molecule.yml
 mode change 100755 => 100644 molecule/elasticsearch/playbook.yml
 mode change 100755 => 100644 molecule/elasticsearch/tests/test_default.py
 mode change 100755 => 100644 molecule/external_packages/jdk-8u211-linux-x64.rpm
 mode change 100755 => 100644 molecule/filebeat/Dockerfile.j2
 mode change 100755 => 100644 molecule/filebeat/INSTALL.rst
 mode change 100755 => 100644 molecule/filebeat/molecule.yml
 mode change 100755 => 100644 molecule/filebeat/playbook.yml
 mode change 100755 => 100644 molecule/filebeat/prepare.yml
 mode change 100755 => 100644 molecule/filebeat/tests/test_default.py
 mode change 100755 => 100644 molecule/kibana/Dockerfile.j2
 mode change 100755 => 100644 molecule/kibana/INSTALL.rst
 mode change 100755 => 100644 molecule/kibana/molecule.yml
 mode change 100755 => 100644 molecule/kibana/playbook.yml
 mode change 100755 => 100644 molecule/kibana/prepare.yml
 mode change 100755 => 100644 molecule/kibana/tests/test_default.py
 mode change 100755 => 100644 molecule/wazuh-agent/Dockerfile.j2
 mode change 100755 => 100644 molecule/wazuh-agent/INSTALL.rst
 mode change 100755 => 100644 molecule/wazuh-agent/molecule.yml
 mode change 100755 => 100644 molecule/wazuh-agent/playbook.yml
 mode change 100755 => 100644 molecule/wazuh-agent/prepare.yml
 mode change 100755 => 100644 molecule/wazuh-agent/tests/test_agents.py
 mode change 100755 => 100644 molecule/wazuh-agent/tests/test_manager.py
 mode change 100755 => 100644 playbooks/wazuh-agent.yml
 mode change 100755 => 100644 playbooks/wazuh-elastic.yml
 mode change 100755 => 100644 playbooks/wazuh-elastic_stack-distributed.yml
 mode change 100755 => 100644 playbooks/wazuh-elastic_stack-single.yml
 mode change 100755 => 100644 playbooks/wazuh-kibana.yml
 mode change 100755 => 100644 playbooks/wazuh-manager.yml
 mode change 100755 => 100644 roles/ansible-galaxy/meta/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/README.md
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/handlers/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/meta/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/README.md
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/defaults/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/handlers/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/meta/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/tasks/Debian.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/tasks/main.yml
 mode change 100755 => 100644 roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/README.md
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/defaults/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/handlers/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/meta/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tasks/Debian.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tasks/RedHat.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tasks/config.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tasks/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tests/requirements.yml
 mode change 100755 => 100644 roles/wazuh/ansible-filebeat/tests/test.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/README.md
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/defaults/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/handlers/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/meta/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/tasks/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/README.md
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/defaults/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/handlers/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/meta/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/tasks/main.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/api_user.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
 mode change 100755 => 100644 roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml

diff --git a/.gitignore b/.gitignore
old mode 100755
new mode 100644
diff --git a/.swp b/.swp
old mode 100755
new mode 100644
diff --git a/.yamllint b/.yamllint
old mode 100755
new mode 100644
diff --git a/CHANGELOG.md b/CHANGELOG.md
old mode 100755
new mode 100644
diff --git a/LICENSE b/LICENSE
old mode 100755
new mode 100644
diff --git a/Pipfile b/Pipfile
old mode 100755
new mode 100644
diff --git a/README.md b/README.md
old mode 100755
new mode 100644
diff --git a/VERSION b/VERSION
old mode 100755
new mode 100644
diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
old mode 100755
new mode 100644
diff --git a/molecule/default/INSTALL.rst b/molecule/default/INSTALL.rst
old mode 100755
new mode 100644
diff --git a/molecule/default/create.yml b/molecule/default/create.yml
old mode 100755
new mode 100644
diff --git a/molecule/default/destroy.yml b/molecule/default/destroy.yml
old mode 100755
new mode 100644
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
old mode 100755
new mode 100644
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
old mode 100755
new mode 100644
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
old mode 100755
new mode 100644
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
old mode 100755
new mode 100644
diff --git a/molecule/elasticsearch/Dockerfile.j2 b/molecule/elasticsearch/Dockerfile.j2
old mode 100755
new mode 100644
diff --git a/molecule/elasticsearch/INSTALL.rst b/molecule/elasticsearch/INSTALL.rst
old mode 100755
new mode 100644
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
old mode 100755
new mode 100644
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
old mode 100755
new mode 100644
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
old mode 100755
new mode 100644
diff --git a/molecule/external_packages/jdk-8u211-linux-x64.rpm b/molecule/external_packages/jdk-8u211-linux-x64.rpm
old mode 100755
new mode 100644
diff --git a/molecule/filebeat/Dockerfile.j2 b/molecule/filebeat/Dockerfile.j2
old mode 100755
new mode 100644
diff --git a/molecule/filebeat/INSTALL.rst b/molecule/filebeat/INSTALL.rst
old mode 100755
new mode 100644
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
old mode 100755
new mode 100644
diff --git a/molecule/filebeat/playbook.yml b/molecule/filebeat/playbook.yml
old mode 100755
new mode 100644
diff --git a/molecule/filebeat/prepare.yml b/molecule/filebeat/prepare.yml
old mode 100755
new mode 100644
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
old mode 100755
new mode 100644
diff --git a/molecule/kibana/Dockerfile.j2 b/molecule/kibana/Dockerfile.j2
old mode 100755
new mode 100644
diff --git a/molecule/kibana/INSTALL.rst b/molecule/kibana/INSTALL.rst
old mode 100755
new mode 100644
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
old mode 100755
new mode 100644
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
old mode 100755
new mode 100644
diff --git a/molecule/kibana/prepare.yml b/molecule/kibana/prepare.yml
old mode 100755
new mode 100644
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/Dockerfile.j2 b/molecule/wazuh-agent/Dockerfile.j2
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/INSTALL.rst b/molecule/wazuh-agent/INSTALL.rst
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/prepare.yml b/molecule/wazuh-agent/prepare.yml
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
old mode 100755
new mode 100644
diff --git a/molecule/wazuh-agent/tests/test_manager.py b/molecule/wazuh-agent/tests/test_manager.py
old mode 100755
new mode 100644
diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
old mode 100755
new mode 100644
diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
old mode 100755
new mode 100644
diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
old mode 100755
new mode 100644
diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
old mode 100755
new mode 100644
diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml
old mode 100755
new mode 100644
diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
old mode 100755
new mode 100644
diff --git a/roles/ansible-galaxy/meta/main.yml b/roles/ansible-galaxy/meta/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/handlers/main.yml b/roles/elastic-stack/ansible-elasticsearch/handlers/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/meta/main.yml b/roles/elastic-stack/ansible-elasticsearch/meta/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/README.md b/roles/elastic-stack/ansible-kibana/README.md
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/handlers/main.yml b/roles/elastic-stack/ansible-kibana/handlers/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/meta/main.yml b/roles/elastic-stack/ansible-kibana/meta/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
old mode 100755
new mode 100644
diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/README.md b/roles/wazuh/ansible-filebeat/README.md
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/handlers/main.yml b/roles/wazuh/ansible-filebeat/handlers/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/meta/main.yml b/roles/wazuh/ansible-filebeat/meta/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tasks/config.yml b/roles/wazuh/ansible-filebeat/tasks/config.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tests/requirements.yml b/roles/wazuh/ansible-filebeat/tests/requirements.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-filebeat/tests/test.yml b/roles/wazuh/ansible-filebeat/tests/test.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/README.md b/roles/wazuh/ansible-wazuh-agent/README.md
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/meta/main.yml b/roles/wazuh/ansible-wazuh-agent/meta/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/README.md b/roles/wazuh/ansible-wazuh-manager/README.md
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/meta/main.yml b/roles/wazuh/ansible-wazuh-manager/meta/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2 b/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/api_user.j2 b/roles/wazuh/ansible-wazuh-manager/templates/api_user.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2 b/roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2 b/roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml b/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
old mode 100755
new mode 100644
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml
old mode 100755
new mode 100644

From f6fc17bcc971e2023515922bcfc728e628c55abc Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 17 Jul 2019 12:40:14 +0200
Subject: [PATCH 186/714] implemented the requested changes for PR #206

---
 CHANGELOG.md                                  |   2 +-
 molecule/elasticsearch/molecule.yml           |   2 +-
 .../external_packages/jdk-8u211-linux-x64.rpm | 117 ------------------
 3 files changed, 2 insertions(+), 119 deletions(-)
 delete mode 100644 molecule/external_packages/jdk-8u211-linux-x64.rpm

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f8e65905..af79a017 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 
 ### Added 
 
-- Update to Wazuh  v3.9.2
+- Update to Wazuh v3.9.2
 - Support for Elastic 7
 - Ability to deploy an Elasticsearch cluster [#6b95e3](https://github.com/wazuh/wazuh-ansible/commit/6b95e304b6ac4dfec08df5cd0fe29be9cc7dc22c)
 
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 20d68047..5d6d3075 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -52,7 +52,7 @@ provisioner:
     ANSIBLE_ROLES_PATH: ../../roles
   lint:
     name: ansible-lint
-    enabled: false
+    enabled: true
   inventory:
     group_vars:
       all:
diff --git a/molecule/external_packages/jdk-8u211-linux-x64.rpm b/molecule/external_packages/jdk-8u211-linux-x64.rpm
deleted file mode 100644
index f0fccd61..00000000
--- a/molecule/external_packages/jdk-8u211-linux-x64.rpm
+++ /dev/null
@@ -1,117 +0,0 @@
-<html>
-<head>
-<title>Unauthorized Request</title>
-<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
-<link rel="stylesheet" type="text/css" href="/errors/us/assets/hp-styles.css" />
-<link rel="stylesheet" type="text/css" href="/errors/us/assets/master-master.css" />
-
-<body style="margin: 0px" bgcolor=#ffffff>
-<div id="banner">
-  <table width="100%" border="0" cellspacing="0" cellpadding="0">
-    <tr>
-      <td rowspan="2" valign="middle" nowrap><a href="http://www.oracle.com"><img src="/errors/us/assets/oralogo-small.gif" width="154" height="19" hspace="10" vspace="25" border="0" ></a></td>
-      <td align="right" valign="top" width="70%" nowrap class="padMid"><div id="bannerMid"> </div></td>
-
-      <td width="30%" align="left" valign="bottom" nowrap></td>
-    </tr>
-    <tr>
-      <td align="right" valign="bottom" nowrap class="padMid"></td>
-      <td width="30%" align="left" valign="bottom" nowrap></td>
-    </tr>
-  </table>
-</div>
-<!-- Header END //-->
-<table  BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH="100%">
-
-  <tr>
-    <TD><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT=""></TD>
-    <td><table width="100%"  border="0" cellspacing="0" cellpadding="0">
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="15"></td>
-        </tr>
-        <tr>
-          <td><h1>Sorry!</h1></td>
-        </tr>
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
-        </tr>
-        <tr>
-            <td colspan="2">In order to download products from Oracle Technology         
-            Network you must agree to the OTN license terms.</td>
-        </tr>
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
-        </tr>
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
-        </tr>
-        <tr>
-            <td colspan="2"><strong>Be sure that...</strong></td>
-        </tr>
-        <tr>
-            <td><img alt="" src="/errors/us/assets/004894.gif" height="7" vspace="3">
-            Your browser has "cookies" and JavaScript enabled.</td>
-        </tr>
-        <tr>
-            <td colspan="2"><img alt="" src="/errors/us/assets/004894.gif" height="7" vspace="3">
-            You clicked on "Accept License" for the product you wish to download.</td>
-        </tr>
-        <tr>
-            <td colspan="2"><img alt="" src="/errors/us/assets/004894.gif" height="7" vspace="3">
-            You attempt the download within 30 minutes of accepting the license.</td>
-        </tr>
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
-        </tr>
-        <tr>
-            <td colspan="2"><strong>From here you can go...</strong></td>
-        </tr>
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
-        </tr>
-        <tr>
-          <td><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" height="5"></td>
-        </tr>
-      </table>
-      <table width="100%" border="0" align="center" cellpadding="2" cellspacing="2">
-        <tr valign="middle">
-          <td align="right" valign="top" width="2%"><img src="/errors/us/assets/004894.gif" height="7" vspace="3"></td>
-          <td><a href="javascript:history.back(-1)">Back to Previous Page</a></td>
-        </tr>
-        <tr valign="middle">
-          <td align="right" valign="top"><img src="/errors/us/assets/004894.gif" height="7" vspace="3"></td>
-          <td><a href="http://www.oracle.com/us/sitemaps/index.html#otn">Site Map</a></td>
-        </tr>
-        <tr valign="middle">
-          <td align="right" valign="top"><img src="/errors/us/assets/004894.gif" height="7" vspace="3"></td>
-          <td><a href="http://www.oracle.com/technetwork/index.html">OTN Homepage</a></td>
-        </tr>
-      </table>
-
-      <br>
-      <div id="footer">
-        <table width="100%"  border="0" cellspacing="0" cellpadding="0">
-          <tr>
-            <td width="50%" class="legalese" align="right" valign="top">&nbsp;</td>
-            <td width="50%" class="legalese" align="left" valign="top" >&nbsp;</td>
-          </tr>
-          <tr>
-            <td width="50%" class="legalese" align="left" valign="top">&nbsp;</td>
-
-            <td width="50%" class="legalese" align="right" valign="top"><a class=legalese href="http://www.oracle.com/rss/index.html" target="_top">RSS <img src="/errors/us/assets/feed-icon-14x14.png" width="14" height="14" border="0"></A><span class=navlink> | </span> <a class=legalese href="http://www.oracle.com/html/copyright.html" target="_top">Legal Notices and Terms for Use</a><span class=navlink> | </span> <a class=legalese href="http://www.oracle.com/html/privacy.html" target="_top">Privacy Statement</a><br />
-            </td>
-          </tr>
-          <tr>
-
-            <td width="50%" class="legalese" align="right" valign="top">&nbsp;</td>
-            <td width="50%" class="legalese" align="left" valign="top" ></td>
-          </tr>
-        </table>
-      </div>
-    </td>
-    <TD WIDTH="10"><IMG SRC="/errors/us/assets/spacer.gif" BORDER=0 ALT="" WIDTH="10"></TD>
-  </tr>
-</table>
-
-</body>
-</html>

From 9847b6b003e74798a4027ce97bd2d1f1cfdd6a1e Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 17 Jul 2019 12:52:14 +0200
Subject: [PATCH 187/714] deleted .swp

---
 .gitignore |   1 +
 .swp       | Bin 12288 -> 0 bytes
 2 files changed, 1 insertion(+)
 delete mode 100644 .swp

diff --git a/.gitignore b/.gitignore
index 5b26bcf3..107a85d0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,4 @@ wazuh-kibana.yml
 wazuh-manager.yml
 *.pyc
 Pipfile.lock
+*.swp
diff --git a/.swp b/.swp
deleted file mode 100644
index 3cc197e09a7cc13ae44c3cb176cce131024a3112..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 12288
zcmeI%Jqp4w6u|LU!NEz<3sl{u>LP*%aB!@nl9C`oKctO<lc)12-ov)qv13bze;|1z
zfxO2LGK2))aer_(3s3SkDu!P>^+g`)lB(ENOSMtO*)<4F?LHd_AkYPYfxliY%d0-0
zP2I`Z??O@3fB*srAb<b@2q1s}0xb#Hn<KA0SMQ(CsfjI>LmC7SKmY**5I_I{1Q0*~
z0R#|eKtO4c_fX`M_u~J*djFU62J&$v0tg_000IagfB*srAb<b@2s9+{%&dv@*44^H
PNqkOCm?*uo>D|Z|jm{a*


From 84c0df02dc9a6f5cab42f26ed981cb948afce540 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 17 Jul 2019 12:58:44 +0200
Subject: [PATCH 188/714] Adapted: become: yes -> become:true

---
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml | 2 +-
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index f6c0e6cc..2c7dba73 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -25,7 +25,7 @@
     - ansible_distribution_major_version | int == 14
 
 - name: Install Oracle Java 8
-  become: yes
+  become: true
   apt: name=openjdk-8-jdk state=latest
 
   when:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 9678f8cb..48c25b98 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -202,7 +202,7 @@
     path: /etc/security/limits.conf
     line: elasticsearch - memlock unlimited
     create: yes
-  become: yes
+  become: true
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
@@ -213,7 +213,7 @@
     path: /etc/security/limits.d/elasticsearch.conf
     line: elasticsearch - memlock unlimited
     create: yes
-  become: yes
+  become: true
   changed_when: false
   when:
     - ansible_distribution == "Ubuntu"

From 14cd09a0343dd3ee6c4424e44395383bff4dde78 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 17 Jul 2019 13:27:43 +0200
Subject: [PATCH 189/714] version bumping ..

---
 CHANGELOG.md                                           | 10 ++++++++++
 VERSION                                                |  2 +-
 molecule/default/tests/test_default.py                 |  2 +-
 molecule/elasticsearch/tests/test_default.py           |  2 +-
 molecule/filebeat/tests/test_default.py                |  2 +-
 molecule/kibana/tests/test_default.py                  |  2 +-
 molecule/wazuh-agent/tests/test_agents.py              |  2 +-
 .../ansible-elasticsearch/defaults/main.yml            |  2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml   |  4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml         |  2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml      |  2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml    |  2 +-
 12 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index af79a017..b4961a77 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,16 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.9.3_7.2.0]
+
+### Added 
+- Update to Wazuh v3.9.3 ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
+- Added Versioning Control for Wazuh stack's components installation, so now it's possible to specify which package to install for wazuh-manager, wazuh-agent, Filebeat, Elasticsearch and Kibana. ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
+- Fixes for Molecule testing issues. Issues such as Ansible-Lint and None-Idempotent tasks. ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
+- Fixes for Wazuh components installations' related issues. Such issues were related to determined OS distributions such as `Ubuntu Trusty` and `CetOS 6`. ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
+-  Created Ansible playbook and role in order to automate the uninstallation of already installed Wazuh components. ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
+
+
 ## [v3.9.2_7.1.1]
 
 ### Added 
diff --git a/VERSION b/VERSION
index 36af7bee..933ac2d7 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.9.1"
+WAZUH-ANSIBLE_VERSION="v3.9.3"
 REVISION="3901"
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 4e6e25d6..4be45b4e 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.0"
+    return "3.9.3"
 
 
 def test_wazuh_packages_are_installed(host):
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
index 34fce3b3..c8be3ed2 100644
--- a/molecule/elasticsearch/tests/test_default.py
+++ b/molecule/elasticsearch/tests/test_default.py
@@ -10,7 +10,7 @@ def test_elasticsearch_is_installed(host):
     """Test if the elasticsearch package is installed."""
     elasticsearch = host.package("elasticsearch")
     assert elasticsearch.is_installed
-    assert elasticsearch.version.startswith('7.1.1')
+    assert elasticsearch.version.startswith('7.2.0')
 
 
 def test_elasticsearch_is_running(host):
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
index a959e48b..106e949d 100644
--- a/molecule/filebeat/tests/test_default.py
+++ b/molecule/filebeat/tests/test_default.py
@@ -10,4 +10,4 @@ def test_filebeat_is_installed(host):
     """Test if the elasticsearch package is installed."""
     filebeat = host.package("filebeat")
     assert filebeat.is_installed
-    assert filebeat.version.startswith('7.1.1')
+    assert filebeat.version.startswith('7.2.0')
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
index f510aed9..b09e8e20 100644
--- a/molecule/kibana/tests/test_default.py
+++ b/molecule/kibana/tests/test_default.py
@@ -14,7 +14,7 @@ def test_port_kibana_is_open(host):
 def test_find_correct_elasticsearch_version(host):
     """Test if we find the kibana/elasticsearch version in package.json"""
     kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
-    assert kibana.contains("7.1.1")
+    assert kibana.contains("7.2.0")
 
 
 def test_wazuh_plugin_installed(host):
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
index 657cc9ee..48fdfc6e 100644
--- a/molecule/wazuh-agent/tests/test_agents.py
+++ b/molecule/wazuh-agent/tests/test_agents.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.0"
+    return "3.9.3"
 
 
 def test_ossec_package_installed(Package):
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index df1f9ad4..1340dabb 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.1.1
+elastic_stack_version: 7.2.0
 single_node: false
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index ce0c7c40..dcaa0f59 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.1.1
-wazuh_version: 3.9.2
+elastic_stack_version: 7.2.0
+wazuh_version: 3.9.3
 
 # Xpack Security
 kibana_xpack_security: false
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 541c0214..103d61eb 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.1.1
+filebeat_version: 7.2.0
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index ded6d5b9..7d6135ad 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.9.0
+wazuh_agent_version: 3.9.3
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ffa9bef2..a49a059c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_api_version: 3.9.0
+wazuh_manager_api_version: 3.9.3
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest

From 860f398a7c6be2d57482c866a959a9c79d9485b3 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 17 Jul 2019 13:39:29 +0200
Subject: [PATCH 190/714] Bump revision

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 933ac2d7..fe2acb96 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.9.3"
-REVISION="3901"
+REVISION="3930"

From 8db9700f023fcd885a49f5b8fb2f0f70f776e000 Mon Sep 17 00:00:00 2001
From: Jani Heikkinen <jani.p.heikkinen@gmail.com>
Date: Thu, 18 Jul 2019 09:00:39 +0000
Subject: [PATCH 191/714] added wazuh_agent_nat boolean variable for agents
 behind nat

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml   | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 7d6135ad..ad2a93c9 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -305,3 +305,4 @@ wazuh_agent_config:
     list:
       - key: Env
         value: Production
+wazuh_agent_nat: false
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index faa28b57..d9415ffc 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -54,6 +54,7 @@
         -A {{ agent_name }}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
+        {% if wazuh_agent_nat %}-I "any" {% endif %}
         {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
         {% if wazuh_agent_authd.ssl_agent_ca is not none %}
         -v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
@@ -128,7 +129,7 @@
       environment:
         OSSEC_ACTION: i
         OSSEC_AGENT_NAME: '{{ newagentdata_api.json.data.name }}'
-        OSSEC_AGENT_IP: '{{ newagentdata_api.json.data.ip }}'
+        OSSEC_AGENT_IP: '{% if wazuh_agent_nat %}any{% else %}{{ newagentdata_api.json.data.ip }}{% endif %}'
         OSSEC_AGENT_ID: '{{ newagent_api.json.data.id }}'
         OSSEC_AGENT_KEY: '{{ newagent_api.json.data.key }}'
         OSSEC_ACTION_CONFIRMED: y

From 8575aecc88428fe7b4e60f321cc4951b4ab2a0a9 Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Tue, 23 Jul 2019 19:36:09 +0000
Subject: [PATCH 192/714] fixed the problem by adding a new variable to test
 the connectivity to Elastic

---
 molecule/elasticsearch/molecule.yml                  | 12 ++++++------
 .../ansible-elasticsearch/defaults/main.yml          |  3 ++-
 .../ansible-elasticsearch/tasks/main.yml             |  2 +-
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 5d6d3075..1ad6ef7b 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -23,12 +23,12 @@ platforms:
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
-#  - name: trusty
-#    image: ubuntu:trusty
-#    privileged: true
-#    memory_reservation: 2048m
-#    ulimits:
-#      - nofile:262144:262144
+        #- name: trusty
+        #image: ubuntu:trusty
+        #privileged: true
+        #memory_reservation: 2048m
+        #ulimits:
+        #- nofile:262144:262144
   - name: centos6
     image: centos:6
     privileged: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 1340dabb..520e75f4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -2,7 +2,8 @@
 elasticsearch_cluster_name: wazuh
 elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
-elasticsearch_network_host: 127.0.0.1
+elasticsearch_network_host: 0.0.0.0
+elasticsearch_check_connection: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.2.0
 single_node: false
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 48c25b98..d4015a0b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -242,7 +242,7 @@
     state: started
 
 - name: Make sure Elasticsearch is running before proceeding
-  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300
+  wait_for: host={{ elasticsearch_check_connection }} port={{ elasticsearch_http_port }} delay=3 timeout=400
   tags:
     - configure
     - init

From fcb584ab2016a9d0e867b6748e1b13877067e3c8 Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Wed, 24 Jul 2019 10:49:17 +0000
Subject: [PATCH 193/714] fixed linting errors by refactoring ansible tests and
 change a variable name

---
 .../ansible-elasticsearch/defaults/main.yml   |  2 +-
 .../ansible-elasticsearch/tasks/Debian.yml    |  2 +-
 .../ansible-elasticsearch/tasks/main.yml      | 77 +++++++++++--------
 3 files changed, 49 insertions(+), 32 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 520e75f4..dfe4d3ae 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -3,7 +3,7 @@ elasticsearch_cluster_name: wazuh
 elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 0.0.0.0
-elasticsearch_check_connection: 127.0.0.1
+elasticsearch_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.2.0
 single_node: false
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 2c7dba73..b35f11e1 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -26,7 +26,7 @@
 
 - name: Install Oracle Java 8
   become: true
-  apt: name=openjdk-8-jdk state=latest
+  apt: name=openjdk-8-jdk
 
   when:
     - ansible_distribution == "Ubuntu"
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index d4015a0b..99782056 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -65,7 +65,7 @@
 
 - name: Check if certificate exists locally
   stat:
-    path: "{{node_certs_destination}}/{{ elasticsearch_node_name }}.crt"
+    path: "{{ node_certs_destination }}/{{ elasticsearch_node_name }}.crt"
   register: certificate_file_exists
   when:
     - elasticsearch_xpack_security
@@ -73,7 +73,7 @@
 - name: Write the instances.yml file in the selected node (force = no)
   template:
     src: instances.yml.j2
-    dest: "{{node_certs_source}}/instances.yml"
+    dest: "{{ node_certs_source }}/instances.yml"
     force: no
   register: instances_file_exists
   tags:
@@ -86,23 +86,25 @@
 
 - name: Update instances.yml status after generation
   stat:
-    path: "{{node_certs_source}}/instances.yml"
+    path: "{{ node_certs_source }}/instances.yml"
   register: instances_file_exists
-  when: 
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
 
 - name: Check if the certificates ZIP file exists
   stat:
-    path: "{{node_certs_source}}/certs.zip"
+    path: "{{ node_certs_source }}/certs.zip"
   register: xpack_certs_zip
-  when: 
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
 
 - name: Generating certificates for Elasticsearch security
-  shell: "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in {{node_certs_source}}/instances.yml --out {{node_certs_source}}/certs.zip"
-  when: 
+  command: >-
+     "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in
+     {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip"
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
     - not xpack_certs_zip.stat.exists
@@ -112,10 +114,10 @@
 
 - name: Unzip generated certs.zip
   unarchive:
-    src: "{{node_certs_source}}/certs.zip"
-    dest: "{{node_certs_source}}/"
+    src: "{{ node_certs_source }}/certs.zip"
+    dest: "{{ node_certs_source }}/"
     remote_src: yes
-  when: 
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
     - certs_file_generated is defined
@@ -124,35 +126,39 @@
 
 - name: Copy key & certificate files in generator node (locally)
   synchronize:
-    src: "{{node_certs_source}}/{{elasticsearch_node_name}}/"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ node_certs_source }}/{{ elasticsearch_node_name }}/"
+    dest: "{{ node_certs_destination }}/"
   delegate_to: "{{ node_certs_generator_ip }}"
-  when: 
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
   tags: xpack-security
 
 - name: Copy ca certificate file in generator node (locally)
   synchronize:
-    src: "{{node_certs_source}}/ca/"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ node_certs_source }}/ca/"
+    dest: "{{ node_certs_destination }}/"
   delegate_to: "{{ node_certs_generator_ip }}"
   register: check_certs_permissions
-  when: 
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
   tags: xpack-security
 
 - name: Importing key & certificate files from generator node
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/"
+  command: >-
+    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
+    {{ node_certs_source }}/{{ elasticsearch_node_name }}/ {{ node_certs_destination }}/
   when:
     - not node_certs_generator
     - elasticsearch_xpack_security
     - not certificate_file_exists.stat.exists
   tags: xpack-security
 
-- name: Importing ca certificate file from generator node 
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
+- name: Importing ca certificate file from generator node
+  command: >-
+    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
+    {{ node_certs_source }}/ca/ {{ node_certs_destination }}/
   when:
     - not node_certs_generator
     - elasticsearch_xpack_security
@@ -161,23 +167,32 @@
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
-  shell: "chown -R elasticsearch: {{node_certs_destination}}/"
+  file:
+    path: "{{ node_certs_destination }}/"
+    state: directory
+    recurse: yes
+    owner: elasticsearch
+    group: elasticsearch
   when:
     - check_certs_permissions is defined
     - elasticsearch_xpack_security
   tags: xpack-security
 
 - name: Ensuring certificates folder owner
-  shell: "chmod -R 770 {{node_certs_destination}}/"
+  file:
+    path: "{{ node_certs_destination }}/"
+    mode: '0770'
+    recurse: yes
   when:
     - check_certs_permissions is defined
     - elasticsearch_xpack_security
   tags: xpack-security
-  
 
 - name: Remove generated certs file
-  shell: /bin/rm -f {{node_certs_source}}/certs.zip*
-  when: 
+  file:
+    state: absent
+    path: "{{ node_certs_source }}/certs.zip*"
+  when:
     - node_certs_generator
     - elasticsearch_xpack_security
   tags: xpack-security
@@ -193,10 +208,12 @@
   tags: configure
 
 - name: Set elasticsearch bootstrap password
-  shell: "echo '{{elasticsearch_xpack_security_password}}' | {{node_certs_source}}/bin/elasticsearch-keystore add -xf 'bootstrap.password'"
+  shell: |
+     set -o pipefail
+     "echo '{{ elasticsearch_xpack_security_password }}' | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf 'bootstrap.password'"
   when:
     - elasticsearch_xpack_security
-  
+
 - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
   lineinfile:
     path: /etc/security/limits.conf
@@ -242,7 +259,7 @@
     state: started
 
 - name: Make sure Elasticsearch is running before proceeding
-  wait_for: host={{ elasticsearch_check_connection }} port={{ elasticsearch_http_port }} delay=3 timeout=400
+  wait_for: host={{ elasticsearch_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
   tags:
     - configure
     - init
@@ -252,7 +269,7 @@
     url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/_template/wazuh"
     method: GET
     status_code: 200, 404
-  when: 
+  when:
     - elasticsearch_bootstrap_node or single_node
     - not elasticsearch_xpack_security
   poll: 30
@@ -267,7 +284,7 @@
     status_code: 200
     body_format: json
     body: "{{ lookup('template','wazuh-elastic7-template-alerts.json.j2') }}"
-  when: 
+  when:
     - wazuh_alerts_template_exits.status is defined
     - wazuh_alerts_template_exits.status != 200
     - not elasticsearch_xpack_security

From 31cad22de494d6d2869d10808a2da91d654b75e8 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 24 Jul 2019 14:17:46 +0200
Subject: [PATCH 194/714] Updated CHANGELOG

---
 CHANGELOG.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b4961a77..3221e38f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,16 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.9.4_7.2.0]
+
+### Added 
+
+- Support for registring agents behind NAT [@jheikki100](https://github.com/jheikki100) [#208](https://github.com/wazuh/wazuh-ansible/pull/208)
+
+### Changed
+
+- Default protocol to TCP [@ionphractal](https://github.com/ionphractal) [#204](https://github.com/wazuh/wazuh-ansible/pull/204).
+
 ## [v3.9.3_7.2.0]
 
 ### Added 

From 125b2114e6c77f089aac16bf4668cde2290efcbc Mon Sep 17 00:00:00 2001
From: rshad <rashzk95@gmail.com>
Date: Wed, 24 Jul 2019 12:41:52 +0000
Subject: [PATCH 195/714] changed elasticssearch: network.host from 0.0.0.0 to
 127.0.0.1

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index dfe4d3ae..a07f02e2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -2,7 +2,7 @@
 elasticsearch_cluster_name: wazuh
 elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
-elasticsearch_network_host: 0.0.0.0
+elasticsearch_network_host: 127.0.0.1
 elasticsearch_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.2.0

From 337e3de09fe1f0cb2fd4161317867da6e3bc60d6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 14:26:15 +0200
Subject: [PATCH 196/714] Add master_certs_destination parameter

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 1340dabb..fa84ec81 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -23,6 +23,8 @@ node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/elasticsearch/certs
 
+master_certs_destination: /es_certs
+
 # Rsync
 rsync_path: /usr/bin/rsync
 rsync_user: vagrant

From 5d4e53b089cec4b0aa5071902dbdcda8cbd9948f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 14:27:10 +0200
Subject: [PATCH 197/714] Modified task propagation of certificates

---
 .../ansible-elasticsearch/tasks/main.yml      | 137 ++++++++++++------
 1 file changed, 89 insertions(+), 48 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 48c25b98..de1e4fa4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -110,55 +110,83 @@
   register: certs_file_generated
   tags: xpack-security
 
+# - name: Unzip generated certs.zip
+#   unarchive:
+#     src: "{{node_certs_source}}/certs.zip"
+#     dest: "{{node_certs_source}}/"
+#     remote_src: yes
+#   when: 
+#     - node_certs_generator
+#     - elasticsearch_xpack_security
+#     - certs_file_generated is defined
+#     - not certificate_file_exists.stat.exists
+#   tags: xpack-security
+
+# - name: Copy key & certificate files in generator node (locally)
+#   synchronize:
+#     src: "{{node_certs_source}}/{{elasticsearch_node_name}}/"
+#     dest: "{{node_certs_destination}}/"
+#   delegate_to: "{{ node_certs_generator_ip }}"
+#   when: 
+#     - node_certs_generator
+#     - elasticsearch_xpack_security
+#   tags: xpack-security
+
+# - name: Copy ca certificate file in generator node (locally)
+#   synchronize:
+#     src: "{{node_certs_source}}/ca/"
+#     dest: "{{node_certs_destination}}/"
+#   delegate_to: "{{ node_certs_generator_ip }}"
+#   register: check_certs_permissions
+#   when: 
+#     - node_certs_generator
+#     - elasticsearch_xpack_security
+#   tags: xpack-security
+
+- name: Create the certificates directory
+  file:
+    path: "{{master_certs_destination}}"
+    state: directory
+    mode: '0700'
+  delegate_to: "127.0.0.1"
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+
+- name: Copying certificates to Ansible master
+  fetch:
+    src: "{{node_certs_source}}/certs.zip"
+    dest: "{{master_certs_destination}}/"
+    flat: yes
+    mode: 0700
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+  tags: xpack-security
+
 - name: Unzip generated certs.zip
   unarchive:
-    src: "{{node_certs_source}}/certs.zip"
-    dest: "{{node_certs_source}}/"
-    remote_src: yes
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-    - certs_file_generated is defined
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Copy key & certificate files in generator node (locally)
-  synchronize:
-    src: "{{node_certs_source}}/{{elasticsearch_node_name}}/"
-    dest: "{{node_certs_destination}}/"
-  delegate_to: "{{ node_certs_generator_ip }}"
+    src: "{{master_certs_destination}}/certs.zip"
+    dest: "{{master_certs_destination}}/"
+  become: true
+  delegate_to: "127.0.0.1"
   when: 
     - node_certs_generator
     - elasticsearch_xpack_security
   tags: xpack-security
 
-- name: Copy ca certificate file in generator node (locally)
-  synchronize:
-    src: "{{node_certs_source}}/ca/"
-    dest: "{{node_certs_destination}}/"
-  delegate_to: "{{ node_certs_generator_ip }}"
-  register: check_certs_permissions
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
-- name: Importing key & certificate files from generator node
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{elasticsearch_node_name}}/ {{node_certs_destination}}/"
-  when:
-    - not node_certs_generator
-    - elasticsearch_xpack_security
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Importing ca certificate file from generator node 
-  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
-  when:
-    - not node_certs_generator
-    - elasticsearch_xpack_security
-    - not certificate_file_exists.stat.exists
-  register: check_certs_permissions
-  tags: xpack-security
+# - name: Unzip generated certs.zip
+#   unarchive:
+#     src: "/tmp/elastic_certificates/certs.zip"
+#     dest: "/tmp/elastic_certificates"
+#   become: true
+#   when: 
+#     - node_certs_generator
+#     - elasticsearch_xpack_security
+#     - certs_file_generated is defined
+#     - not certificate_file_exists.stat.exists
+#   tags: xpack-security
+  
 
 - name: Ensuring certificates folder owner
   shell: "chown -R elasticsearch: {{node_certs_destination}}/"
@@ -173,15 +201,28 @@
     - check_certs_permissions is defined
     - elasticsearch_xpack_security
   tags: xpack-security
-  
 
-- name: Remove generated certs file
-  shell: /bin/rm -f {{node_certs_source}}/certs.zip*
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
+
+# Importing certificates
+
+- name: Copying node's certificate from master
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+  with_items: 
+    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
+    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
+    - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
 
+  
+# - name: Remove generated certs file
+#   shell: /bin/rm -f {{node_certs_source}}/certs.zip*
+#   when: 
+#     - node_certs_generator
+#     - elasticsearch_xpack_security
+#   tags: xpack-security
+
 - name: Configure Elasticsearch.
   template:
     src: elasticsearch.yml.j2

From db44b6f450a0b56f2adf7c0b9e55f9cfb57793ab Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 14:27:33 +0200
Subject: [PATCH 198/714] Modified template to accept newly defined variables

---
 .../ansible-elasticsearch/templates/instances.yml.j2      | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index 6279c380..c74b1700 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -4,10 +4,10 @@
 
 {% if node_certs_generator %}
 instances:
-{% for node in instances %}
-- name: "{{ node.name }}"
+{% for (key,value) in instances.iteritems() %}
+- name: "{{ value.name }}" 
   ip:
-   - "{{ node.ip }}"
+   - "{{ value.ip }}"
 {% endfor %}
 
-{% endif %}
\ No newline at end of file
+{% endif %}

From 55635383f2a9b5b96eea3cc5df72bad38990f0a7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 14:30:23 +0200
Subject: [PATCH 199/714] Changed instances list format

---
 playbooks/wazuh-elastic_stack-distributed.yml | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index a422e50b..42f4cf03 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -20,14 +20,15 @@
 
   vars:
     instances:
-      - name: node-1       # Important: must be equal to elasticsearch_node_name.                    
-        ip: <node-1 IP>   # When unzipping, the node will search for its node name folder to get the cert.
-
-      - name: node-2
-        ip: <node-2 IP>
-
-      - name: node-3
-        ip: <node-3 IP>
+      node1:
+        name: node-1       # Important: must be equal to elasticsearch_node_name.                    
+        ip: 172.16.0.161   # When unzipping, the node will search for its node name folder to get the cert.
+      node2:
+        name: node-2
+        ip: 172.16.0.162
+      node3:
+        name: node-3
+        ip: 172.16.0.163
 
 - hosts: <node-2 IP>
   roles:

From b1faf023df41461c8302088e4b14075e85cebc0b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 14:30:34 +0200
Subject: [PATCH 200/714] Update instances list

---
 playbooks/wazuh-elastic_stack-distributed.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 42f4cf03..b582df9b 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -22,13 +22,13 @@
     instances:
       node1:
         name: node-1       # Important: must be equal to elasticsearch_node_name.                    
-        ip: 172.16.0.161   # When unzipping, the node will search for its node name folder to get the cert.
+        ip: <node-1 IP>   # When unzipping, the node will search for its node name folder to get the cert.
       node2:
         name: node-2
-        ip: 172.16.0.162
+        ip: <node-2 IP>
       node3:
         name: node-3
-        ip: 172.16.0.163
+        ip: <node-3 IP>
 
 - hosts: <node-2 IP>
   roles:

From d877738d45c97be4994d053eb909b84ec072a1f2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 15:18:55 +0200
Subject: [PATCH 201/714] Removing unneeded blocks and commenting latest
 implementation for centos and trusty

---
 .../ansible-elasticsearch/tasks/main.yml      | 93 +++++++------------
 1 file changed, 36 insertions(+), 57 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index de1e4fa4..80f23884 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -175,19 +175,6 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
-# - name: Unzip generated certs.zip
-#   unarchive:
-#     src: "/tmp/elastic_certificates/certs.zip"
-#     dest: "/tmp/elastic_certificates"
-#   become: true
-#   when: 
-#     - node_certs_generator
-#     - elasticsearch_xpack_security
-#     - certs_file_generated is defined
-#     - not certificate_file_exists.stat.exists
-#   tags: xpack-security
-  
-
 - name: Ensuring certificates folder owner
   shell: "chown -R elasticsearch: {{node_certs_destination}}/"
   when:
@@ -202,9 +189,6 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
-
-# Importing certificates
-
 - name: Copying node's certificate from master
   copy:
     src: "{{item}}"
@@ -215,14 +199,6 @@
     - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
 
-  
-# - name: Remove generated certs file
-#   shell: /bin/rm -f {{node_certs_source}}/certs.zip*
-#   when: 
-#     - node_certs_generator
-#     - elasticsearch_xpack_security
-#   tags: xpack-security
-
 - name: Configure Elasticsearch.
   template:
     src: elasticsearch.yml.j2
@@ -238,49 +214,52 @@
   when:
     - elasticsearch_xpack_security
   
-- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
-  lineinfile:
-    path: /etc/security/limits.conf
-    line: elasticsearch - memlock unlimited
-    create: yes
-  become: true
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
-  changed_when: false
+# - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
+#   lineinfile:
+#     path: /etc/security/limits.conf
+#     line: elasticsearch - memlock unlimited
+#     create: yes
+#   become: true
+#   when:
+#     - ansible_distribution == "Ubuntu"
+#     - ansible_distribution_major_version | int == 14
+#   changed_when: false
 
-- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf
-  lineinfile:
-    path: /etc/security/limits.d/elasticsearch.conf
-    line: elasticsearch - memlock unlimited
-    create: yes
-  become: true
-  changed_when: false
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
+# - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf
+#   lineinfile:
+#     path: /etc/security/limits.d/elasticsearch.conf
+#     line: elasticsearch - memlock unlimited
+#     create: yes
+#   become: true
+#   changed_when: false
+#   when:
+#     - ansible_distribution == "Ubuntu"
+#     - ansible_distribution_major_version | int == 14
 
-- name: Distribution != one of [ centos 6.*,  trusty ] | Reload systemd
-  systemd: daemon_reload=true
-  ignore_errors: true
-  when:
-    - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
-    - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
-    - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
-    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
+# - name: Distribution != one of [ centos 6.*,  trusty ] | Reload systemd
+#   systemd: daemon_reload=true
+#   ignore_errors: true
+#   when:
+#     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
+#     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
+#     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
+#     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
-- name: Distribution is centos 6.* | Enable Elasticsearch
-  service: name=elasticsearch enabled=yes
+# - name: Distribution is centos 6.* | Enable Elasticsearch
+#   service: name=elasticsearch enabled=yes
 
-- name: Distribution is centos 6.* | Start Elasticsearch
-  service: name=elasticsearch state=started
-  ignore_errors: true
+# - name: Distribution is centos 6.* | Start Elasticsearch
+#   service: name=elasticsearch state=started
+#   ignore_errors: true
 
 - name: Ensure Elasticsearch started and enabled
   service:
     name: elasticsearch
     enabled: true
     state: started
+  tags:
+    - configure
+    - init
 
 - name: Make sure Elasticsearch is running before proceeding
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=300

From fbbf79a15359fb34d322b96488c045d76b12084d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:35:20 +0200
Subject: [PATCH 202/714] Remove daemon reload and centos 6 blocks

---
 .../ansible-elasticsearch/tasks/main.yml      | 83 +++++--------------
 1 file changed, 20 insertions(+), 63 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 80f23884..904a565a 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -214,44 +214,27 @@
   when:
     - elasticsearch_xpack_security
   
-# - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
-#   lineinfile:
-#     path: /etc/security/limits.conf
-#     line: elasticsearch - memlock unlimited
-#     create: yes
-#   become: true
-#   when:
-#     - ansible_distribution == "Ubuntu"
-#     - ansible_distribution_major_version | int == 14
-#   changed_when: false
-
-# - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf
-#   lineinfile:
-#     path: /etc/security/limits.d/elasticsearch.conf
-#     line: elasticsearch - memlock unlimited
-#     create: yes
-#   become: true
-#   changed_when: false
-#   when:
-#     - ansible_distribution == "Ubuntu"
-#     - ansible_distribution_major_version | int == 14
-
-# - name: Distribution != one of [ centos 6.*,  trusty ] | Reload systemd
-#   systemd: daemon_reload=true
-#   ignore_errors: true
-#   when:
-#     - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
-#     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
-#     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
-#     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
-
-# - name: Distribution is centos 6.* | Enable Elasticsearch
-#   service: name=elasticsearch enabled=yes
-
-# - name: Distribution is centos 6.* | Start Elasticsearch
-#   service: name=elasticsearch state=started
-#   ignore_errors: true
+- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
+  lineinfile:
+    path: /etc/security/limits.conf
+    line: elasticsearch - memlock unlimited
+    create: yes
+  become: true
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
+  changed_when: false
 
+- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf
+  lineinfile:
+    path: /etc/security/limits.d/elasticsearch.conf
+    line: elasticsearch - memlock unlimited
+    create: yes
+  become: true
+  changed_when: false
+  when:
+    - ansible_distribution == "Ubuntu"
+    - ansible_distribution_major_version | int == 14
 - name: Ensure Elasticsearch started and enabled
   service:
     name: elasticsearch
@@ -267,32 +250,6 @@
     - configure
     - init
 
-- name: Check for Wazuh Alerts template (http)
-  uri:
-    url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/_template/wazuh"
-    method: GET
-    status_code: 200, 404
-  when: 
-    - elasticsearch_bootstrap_node or single_node
-    - not elasticsearch_xpack_security
-  poll: 30
-  register: wazuh_alerts_template_exits
-  until: wazuh_alerts_template_exits is succeeded
-  tags: init
-
-- name: Installing Wazuh Alerts template (http)
-  uri:
-    url: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/_template/wazuh"
-    method: PUT
-    status_code: 200
-    body_format: json
-    body: "{{ lookup('template','wazuh-elastic7-template-alerts.json.j2') }}"
-  when: 
-    - wazuh_alerts_template_exits.status is defined
-    - wazuh_alerts_template_exits.status != 200
-    - not elasticsearch_xpack_security
-  tags: init
-
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 

From 431bc16343ae59f141f3d53521cbeceb145fb9dc Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:35:39 +0200
Subject: [PATCH 203/714] Add default value master_certs_destination for kibana

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index dcaa0f59..4de06f9b 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -19,6 +19,9 @@ node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/kibana/certs
 
+master_certs_destination: /es_certs
+
+
 # Rsync
 rsync_path: /usr/bin/rsync
 rsync_user: vagrant

From 2656feac52303962aa84a3a01fa6fba5ccbecad2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:36:09 +0200
Subject: [PATCH 204/714] Update kibana certs importing

---
 .../ansible-kibana/tasks/main.yml             | 56 +++----------------
 1 file changed, 8 insertions(+), 48 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 4e12b1b2..512d3198 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -14,54 +14,14 @@
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
-- name: Check if certificate exists locally
-  stat:
-    path: "{{ node_certs_destination }}/{{ kibana_node_name }}.crt"
-  register: certificate_file_exists
-  when:
-    - kibana_xpack_security
-
-- name: Copy key & certificate files in generator node (locally)
-  synchronize:
-    src: "{{ node_certs_source }}/{{ kibana_node_name }}/"
-    dest: "{{ node_certs_destination }}/"
-  delegate_to: "{{ node_certs_generator_ip }}"
-  when:
-    - node_certs_generator
-    - kibana_xpack_security
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Copy ca certificate file in generator node (locally)
-  synchronize:
-    src: "{{ node_certs_source }}/ca/"
-    dest: "{{ node_certs_destination }}/"
-  delegate_to: "{{ node_certs_generator_ip }}"
-  when:
-    - node_certs_generator
-    - kibana_xpack_security
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Importing key & certificate files from generator node
-  command: >-
-    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
-    {{ node_certs_source }}/{{ kibana_node_name }}/ {{ node_certs_destination }}/
-  when:
-    - not node_certs_generator
-    - kibana_xpack_security
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Importing ca certificate file from generator node
-  command: >-
-    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
-    {{ node_certs_source }}/ca/ {{ node_certs_destination }}/
-  when:
-    - not node_certs_generator
-    - kibana_xpack_security
-    - not certificate_file_exists.stat.exists
-  register: check_certs_permissions
+- name: Copying node's certificate from master
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+  with_items: 
+    - "{{master_certs_destination}}/{{kibana_node_name}}/{{ kibana_node_name }}.key" 
+    - "{{master_certs_destination}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
+    - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
 
 - name: Ensuring certificates folder owner

From 229f273e275210fb44409fe27fed43ce2504f16b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:36:31 +0200
Subject: [PATCH 205/714] Fix Kibana APP installation by becoming user kibana

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 512d3198..dfec0f05 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -78,14 +78,14 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: "/usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
   notify: restart kibana
-  ignore_errors: "{{ kibana_plugin_install_ignore_error }}"
+  become_user: kibana
   tags:
     - install
     - skip_ansible_lint

From a305d4ff6fac2c2659e71d9689bb907df3d0937e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:37:05 +0200
Subject: [PATCH 206/714] Add Filebeat default parameter

---
 roles/wazuh/ansible-filebeat/defaults/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 103d61eb..cf0cb5a1 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -39,6 +39,8 @@ node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/filebeat/certs
 
+master_certs_destination: /es_certs
+
 # Rsync
 rsync_path: /usr/bin/rsync
 rsync_user: vagrant

From c6e14f23a01e4c19184773b41c72d590bf058396 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:44:37 +0200
Subject: [PATCH 207/714] Update Filebeat certificate imports

---
 roles/wazuh/ansible-filebeat/tasks/main.yml | 57 +++------------------
 1 file changed, 8 insertions(+), 49 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 7bafcc79..7b89d80d 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -26,55 +26,14 @@
   tags:
     - init
 
-- name: Check if certificate exists locally
-  stat:
-    path: "{{ node_certs_destination }}/{{ filebeat_node_name }}.crt"
-  register: certificate_file_exists
-  when:
-    - filebeat_xpack_security
-
-- name: Copy key & certificate files in generator node (locally)
-  synchronize:
-    src: "{{ node_certs_source }}/{{ filebeat_node_name }}/"
-    dest: "{{ node_certs_destination }}/"
-  delegate_to: "{{ node_certs_generator_ip }}"
-  when:
-    - node_certs_generator
-    - filebeat_xpack_security
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Copy ca certificate file in generator node (locally)
-  synchronize:
-    src: "{{ node_certs_source }}/ca/"
-    dest: "{{ node_certs_destination }}/"
-  delegate_to: "{{ node_certs_generator_ip }}"
-  when:
-    - node_certs_generator
-    - filebeat_xpack_security
-    - not certificate_file_exists.stat.exists
-  register: check_certs_permissions
-  tags: xpack-security
-
-- name: Importing key & certificate files from generator node
-  command: >-
-    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
-    {{ node_certs_source }}/{{ filebeat_node_name }}/ {{ node_certs_destination }}/
-  when:
-    - not node_certs_generator
-    - filebeat_xpack_security
-    - not certificate_file_exists.stat.exists
-  tags: xpack-security
-
-- name: Importing ca certificate file from generator node
-  command: >-
-    {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}:
-    {{ node_certs_source }}/ca/ {{ node_certs_destination }}/
-  when:
-    - not node_certs_generator
-    - filebeat_xpack_security
-    - not certificate_file_exists.stat.exists
-  register: check_certs_permissions
+- name: Copying node's certificate from master
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+  with_items: 
+    - "{{master_certs_destination}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.key" 
+    - "{{master_certs_destination}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
+    - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
 
 - name: Ensuring certificates folder owner

From d027092f6368c9aeb2cdf6f67d388107d5ef126b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:45:57 +0200
Subject: [PATCH 208/714] Remove "elasticsearch_network" parameter

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index e5eb7547..fa84ec81 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -3,7 +3,6 @@ elasticsearch_cluster_name: wazuh
 elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
-elasticsearch_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.2.0
 single_node: false

From ed4b2e7947f40e7745d3d057a96e1336c65724be Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:46:22 +0200
Subject: [PATCH 209/714] Add unzip dependency installation

---
 .../elastic-stack/ansible-elasticsearch/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index f3f2f568..07519d4f 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -10,6 +10,16 @@
   when:
     - ansible_service_mgr == "systemd"
 
+- name: Install unzip dependency.
+  package:
+    name: unzip
+    state: present
+  delegate_to: "127.0.0.1"
+  when:
+    - node_certs_generator
+    - elasticsearch_xpack_security
+    
+
 - name: Configure Elasticsearch System Resources.
   template:
     src: elasticsearch_systemd.conf.j2

From 45356ee3ef68bd3a3d20b578d81e2df77fd26cac Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:46:54 +0200
Subject: [PATCH 210/714] Delete certs.zip in generator node

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 07519d4f..29dbbbbf 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -143,6 +143,14 @@
     - elasticsearch_xpack_security
   tags: xpack-security
 
+- name: Delete certs.zip in Generator node
+  file:
+    state: absent
+    path: "{{ node_certs_source }}/certs.zip"
+  when: 
+    - node_certs_generator
+    - elasticsearch_xpack_security
+
 - name: Unzip generated certs.zip
   unarchive:
     src: "{{master_certs_destination}}/certs.zip"

From 2104183cdb569a5e94f7849387fc21cbe9a7892f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:48:20 +0200
Subject: [PATCH 211/714] Modify wait_for with previous variable

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 29dbbbbf..d9811180 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -242,7 +242,7 @@
     - init
 
 - name: Make sure Elasticsearch is running before proceeding
-  wait_for: host={{ elasticsearch_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
+  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
   tags:
     - configure
     - init

From 1d8f8c525364d36f4e91b6e42780e91be10d394e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:49:25 +0200
Subject: [PATCH 212/714] Fix shell comands

---
 .../ansible-elasticsearch/tasks/main.yml             | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index d9811180..0a91d94a 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -111,9 +111,9 @@
     - elasticsearch_xpack_security
 
 - name: Generating certificates for Elasticsearch security
-  command: >-
-     "/usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in
-     {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip"
+  shell: >-
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in 
+    {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
     - elasticsearch_xpack_security
@@ -205,10 +205,10 @@
   tags: configure
 
 - name: Set elasticsearch bootstrap password
-  shell: |
-     set -o pipefail
-     "echo '{{ elasticsearch_xpack_security_password }}' | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf 'bootstrap.password'"
+  shell: >-
+     echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
   when:
+    - node_certs_generator
     - elasticsearch_xpack_security
 
 - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf

From 5c18d5bed554658941e3b97b1d47135fa63efcc4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:49:43 +0200
Subject: [PATCH 213/714] Update conditionals

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 0a91d94a..def0b46d 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -118,7 +118,6 @@
     - node_certs_generator
     - elasticsearch_xpack_security
     - not xpack_certs_zip.stat.exists
-    - not certificate_file_exists.stat.exists
   register: certs_file_generated
   tags: xpack-security
 
@@ -170,7 +169,6 @@
     owner: elasticsearch
     group: elasticsearch
   when:
-    - check_certs_permissions is defined
     - elasticsearch_xpack_security
   tags: xpack-security
 
@@ -180,7 +178,6 @@
     mode: '0770'
     recurse: yes
   when:
-    - check_certs_permissions is defined
     - elasticsearch_xpack_security
   tags: xpack-security
 
@@ -192,6 +189,8 @@
     - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
     - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
     - "{{master_certs_destination}}/ca/ca.crt"
+  when:
+    - elasticsearch_xpack_security
   tags: xpack-security
 
 - name: Configure Elasticsearch.
@@ -210,7 +209,7 @@
   when:
     - node_certs_generator
     - elasticsearch_xpack_security
-
+    
 - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
   lineinfile:
     path: /etc/security/limits.conf
@@ -232,6 +231,7 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
+
 - name: Ensure Elasticsearch started and enabled
   service:
     name: elasticsearch

From 9734ac23041f40b343b2602c2616357c3f06e298 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:50:17 +0200
Subject: [PATCH 214/714] Remove check_certs_permission parameter

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 --
 roles/wazuh/ansible-filebeat/tasks/main.yml       | 2 --
 2 files changed, 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index dfec0f05..26c4f16a 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -32,7 +32,6 @@
     owner: kibana
     group: kibana
   when:
-    - check_certs_permissions is defined
     - kibana_xpack_security
   tags: xpack-security
 
@@ -42,7 +41,6 @@
     mode: '0770'
     recurse: yes
   when:
-    - check_certs_permissions is defined
     - kibana_xpack_security
   tags: xpack-security
 
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 7b89d80d..0be4be83 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -41,9 +41,7 @@
     path: "{{ node_certs_destination }}/"
     mode: '0770'
     recurse: yes
-
   when:
-    - check_certs_permissions is defined
     - filebeat_xpack_security
   tags: xpack-security
 

From 0cc4838e1da6cbb651052481f1a15cacd5dd9fa4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 00:51:49 +0200
Subject: [PATCH 215/714] Copy certificates from master now depends on xpack
 enabled

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 ++
 roles/wazuh/ansible-filebeat/tasks/main.yml       | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 26c4f16a..0f3dd7a1 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -23,6 +23,8 @@
     - "{{master_certs_destination}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
     - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
+  when:
+    - elasticsearch_xpack_security
 
 - name: Ensuring certificates folder owner
   file:
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 0be4be83..59bc163c 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -35,6 +35,9 @@
     - "{{master_certs_destination}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
     - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
+  when:
+    - elasticsearch_xpack_security
+
 
 - name: Ensuring certificates folder owner
   file:

From 9580056b747d44144391985984ab012ba38165a7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 31 Jul 2019 01:16:36 +0200
Subject: [PATCH 216/714] Fix naming on xpack security conditionals

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 roles/wazuh/ansible-filebeat/tasks/main.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 0f3dd7a1..fe91221b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -24,7 +24,7 @@
     - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
   when:
-    - elasticsearch_xpack_security
+    - kibana_xpack_security
 
 - name: Ensuring certificates folder owner
   file:
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 59bc163c..2b566ed5 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -36,7 +36,7 @@
     - "{{master_certs_destination}}/ca/ca.crt"
   tags: xpack-security
   when:
-    - elasticsearch_xpack_security
+    - filebeat_xpack_security
 
 
 - name: Ensuring certificates folder owner

From 02e0ae9c861b386afd8932fb6a37c08f39520c6f Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manuel.jimenez@wazuh.com>
Date: Wed, 31 Jul 2019 11:59:34 +0200
Subject: [PATCH 217/714] Update Pipfile

Updated Ansible vulnerable version
---
 Pipfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Pipfile b/Pipfile
index 9e3b448b..89f86b7c 100644
--- a/Pipfile
+++ b/Pipfile
@@ -5,7 +5,7 @@ name = "pypi"
 
 [packages]
 docker-py = "*"
-ansible = "==2.7.11"
+ansible = "==2.7.12"
 molecule = "*"
 
 [dev-packages]

From f8bda2f7c7c58e9559101c8b5fd224391913ed0f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 12:34:42 +0200
Subject: [PATCH 218/714] Move xpack_security tasks from main.yml to
 xpack_security.yml

---
 .../ansible-elasticsearch/tasks/main.yml      | 137 +-----------------
 .../tasks/xpack_security.yml                  | 126 ++++++++++++++++
 2 files changed, 128 insertions(+), 135 deletions(-)
 create mode 100644 roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index def0b46d..85706199 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -10,16 +10,6 @@
   when:
     - ansible_service_mgr == "systemd"
 
-- name: Install unzip dependency.
-  package:
-    name: unzip
-    state: present
-  delegate_to: "127.0.0.1"
-  when:
-    - node_certs_generator
-    - elasticsearch_xpack_security
-    
-
 - name: Configure Elasticsearch System Resources.
   template:
     src: elasticsearch_systemd.conf.j2
@@ -73,126 +63,10 @@
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 
-- name: Check if certificate exists locally
-  stat:
-    path: "{{ node_certs_destination }}/{{ elasticsearch_node_name }}.crt"
-  register: certificate_file_exists
+- import_tasks: "xpack_security.yml"
   when:
     - elasticsearch_xpack_security
 
-- name: Write the instances.yml file in the selected node (force = no)
-  template:
-    src: instances.yml.j2
-    dest: "{{ node_certs_source }}/instances.yml"
-    force: no
-  register: instances_file_exists
-  tags:
-    - config
-    - xpack-security
-  when:
-    - node_certs_generator
-    - elasticsearch_xpack_security
-    - not certificate_file_exists.stat.exists
-
-- name: Update instances.yml status after generation
-  stat:
-    path: "{{ node_certs_source }}/instances.yml"
-  register: instances_file_exists
-  when:
-    - node_certs_generator
-    - elasticsearch_xpack_security
-
-- name: Check if the certificates ZIP file exists
-  stat:
-    path: "{{ node_certs_source }}/certs.zip"
-  register: xpack_certs_zip
-  when:
-    - node_certs_generator
-    - elasticsearch_xpack_security
-
-- name: Generating certificates for Elasticsearch security
-  shell: >-
-    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in 
-    {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
-  when:
-    - node_certs_generator
-    - elasticsearch_xpack_security
-    - not xpack_certs_zip.stat.exists
-  register: certs_file_generated
-  tags: xpack-security
-
-- name: Create the certificates directory
-  file:
-    path: "{{master_certs_destination}}"
-    state: directory
-    mode: '0700'
-  delegate_to: "127.0.0.1"
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-
-- name: Copying certificates to Ansible master
-  fetch:
-    src: "{{node_certs_source}}/certs.zip"
-    dest: "{{master_certs_destination}}/"
-    flat: yes
-    mode: 0700
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
-- name: Delete certs.zip in Generator node
-  file:
-    state: absent
-    path: "{{ node_certs_source }}/certs.zip"
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-
-- name: Unzip generated certs.zip
-  unarchive:
-    src: "{{master_certs_destination}}/certs.zip"
-    dest: "{{master_certs_destination}}/"
-  become: true
-  delegate_to: "127.0.0.1"
-  when: 
-    - node_certs_generator
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
-- name: Ensuring certificates folder owner
-  file:
-    path: "{{ node_certs_destination }}/"
-    state: directory
-    recurse: yes
-    owner: elasticsearch
-    group: elasticsearch
-  when:
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
-- name: Ensuring certificates folder owner
-  file:
-    path: "{{ node_certs_destination }}/"
-    mode: '0770'
-    recurse: yes
-  when:
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
-- name: Copying node's certificate from master
-  copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
-  with_items: 
-    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
-    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
-    - "{{master_certs_destination}}/ca/ca.crt"
-  when:
-    - elasticsearch_xpack_security
-  tags: xpack-security
-
 - name: Configure Elasticsearch.
   template:
     src: elasticsearch.yml.j2
@@ -202,14 +76,7 @@
     mode: 0660
   notify: restart elasticsearch
   tags: configure
-
-- name: Set elasticsearch bootstrap password
-  shell: >-
-     echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
-  when:
-    - node_certs_generator
-    - elasticsearch_xpack_security
-    
+  
 - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
   lineinfile:
     path: /etc/security/limits.conf
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
new file mode 100644
index 00000000..3d9f3f7d
--- /dev/null
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -0,0 +1,126 @@
+
+- name: Install unzip dependency.
+  package:
+    name: unzip
+    state: present
+  delegate_to: "127.0.0.1"
+  when:
+    - node_certs_generator
+
+- name: Check if certificate exists locally
+  stat:
+    path: "{{ node_certs_destination }}/{{ elasticsearch_node_name }}.crt"
+  register: certificate_file_exists
+
+- name: Write the instances.yml file in the selected node (force = no)
+  template:
+    src: instances.yml.j2
+    dest: "{{ node_certs_source }}/instances.yml"
+    force: no
+  register: instances_file_exists
+  tags:
+    - config
+    - xpack-security
+  when:
+    - node_certs_generator
+    - not certificate_file_exists.stat.exists
+
+- name: Update instances.yml status after generation
+  stat:
+    path: "{{ node_certs_source }}/instances.yml"
+  register: instances_file_exists
+  when:
+    - node_certs_generator
+
+- name: Check if the certificates ZIP file exists
+  stat:
+    path: "{{ node_certs_source }}/certs.zip"
+  register: xpack_certs_zip
+  when:
+    - node_certs_generator
+
+- name: Generating certificates for Elasticsearch security (generating CA)
+  shell: >-
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in 
+    {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+  when:
+    - node_certs_generator
+    - not xpack_certs_zip.stat.exists
+  tags: xpack-security
+
+- name: Generating certificates for Elasticsearch security (using provided CA)
+  shell: /usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca-key /usr/share/elasticsearch/myCA.key --ca-cert /usr/share/elasticsearch/myCA.pem --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+  when:
+    - node_certs_generator
+    - not xpack_certs_zip.stat.exists
+  tags: xpack-security 
+
+- name: Create the certificates directory
+  file:
+    path: "{{master_certs_destination}}"
+    state: directory
+    mode: '0700'
+  delegate_to: "127.0.0.1"
+  when: 
+    - node_certs_generator
+
+- name: Copying certificates to Ansible master
+  fetch:
+    src: "{{node_certs_source}}/certs.zip"
+    dest: "{{master_certs_destination}}/"
+    flat: yes
+    mode: 0700
+  when: 
+    - node_certs_generator
+  tags: xpack-security
+
+- name: Delete certs.zip in Generator node
+  file:
+    state: absent
+    path: "{{ node_certs_source }}/certs.zip"
+  when: 
+    - node_certs_generator
+    
+
+- name: Unzip generated certs.zip
+  unarchive:
+    src: "{{master_certs_destination}}/certs.zip"
+    dest: "{{master_certs_destination}}/"
+  become: true
+  delegate_to: "127.0.0.1"
+  when: 
+    - node_certs_generator
+  tags: xpack-security
+
+- name: Ensuring certificates folder owner
+  file:
+    path: "{{ node_certs_destination }}/"
+    state: directory
+    recurse: yes
+    owner: elasticsearch
+    group: elasticsearch
+  tags: xpack-security
+
+- name: Ensuring certificates folder owner
+  file:
+    path: "{{ node_certs_destination }}/"
+    mode: '0770'
+    recurse: yes
+  tags: xpack-security
+
+- name: Copying node's certificate from master
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+  with_items: 
+    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
+    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
+    - "{{master_certs_destination}}/ca/ca.crt"
+  tags: xpack-security
+
+- name: Set elasticsearch bootstrap password
+  shell: >-
+     echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
+  when:
+    - node_certs_generator
+    
\ No newline at end of file

From 8234bb11d2ba24ac94eef7ebba1c1b76f64b7926 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:00:00 +0200
Subject: [PATCH 219/714] Add required variables to use custom CA.

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index fa84ec81..bcbcc819 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -25,6 +25,12 @@ node_certs_destination: /etc/elasticsearch/certs
 
 master_certs_destination: /es_certs
 
+# CA generation
+generate_CA: false
+
+ca_key_name: myCA.key
+ca_cert_name: myCA.pem
+
 # Rsync
 rsync_path: /usr/bin/rsync
 rsync_user: vagrant

From 01d4cfc1288adaa0d7c2f78e7fe19ca4eba880ec Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:01:21 +0200
Subject: [PATCH 220/714] Implemented tasks to import custom key and cert from
 Ansible master

---
 .../tasks/xpack_security.yml                     | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 3d9f3f7d..d84e1c31 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -39,6 +39,22 @@
   when:
     - node_certs_generator
 
+- name: Importing custom CA key 
+  copy:
+    src: "{{ master_certs_destination }}/ca/{{ ca_key_name }}"
+    dest: "{{ node_certs_source }}/{{ ca_key_name }}"
+  when:
+   - not generate_CA
+  tags: xpack-security
+
+- name: Importing custom CA cert
+  copy:
+    src: "{{ master_certs_destination }}/ca/{{ ca_cert_name }}"
+    dest: "{{ node_certs_source }}/{{ ca_cert_name }}"
+  when:
+    - not generate_CA
+  tags: xpack-security
+
 - name: Generating certificates for Elasticsearch security (generating CA)
   shell: >-
     /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in 

From 39d8e5978b0857b8a41207d2d26e73189ef8de9d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:01:59 +0200
Subject: [PATCH 221/714] Fix conditionals of custom CA

---
 .../ansible-elasticsearch/tasks/xpack_security.yml              | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index d84e1c31..5d1c528b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -62,6 +62,7 @@
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
+    - generate_CA
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (using provided CA)
@@ -69,6 +70,7 @@
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
+    - not generate_CA
   tags: xpack-security 
 
 - name: Create the certificates directory

From 4b8303ece281ffb3a61d9407e51484bb8686325e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:02:33 +0200
Subject: [PATCH 222/714] Fix custom CA generation command

---
 .../ansible-elasticsearch/tasks/xpack_security.yml              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 5d1c528b..f8166f94 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -66,7 +66,7 @@
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (using provided CA)
-  shell: /usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca-key /usr/share/elasticsearch/myCA.key --ca-cert /usr/share/elasticsearch/myCA.pem --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+  shell: /usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists

From c547e905027f226867667dbe1c1ede8545efd616 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:04:05 +0200
Subject: [PATCH 223/714] Add verification to ensure ca folder is created

---
 .../ansible-elasticsearch/tasks/xpack_security.yml        | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index f8166f94..2578b05c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -73,6 +73,14 @@
     - not generate_CA
   tags: xpack-security 
 
+- name: Verify the Elastic certificates directory
+  file:
+    path: "{{ master_certs_destination }}"
+    state: directory
+    mode: '0700'
+  delegate_to: "127.0.0.1"
+  when: 
+    - node_certs_generator
 - name: Create the certificates directory
   file:
     path: "{{master_certs_destination}}"

From 101a0061784f829b3257814067342e61ffd3fdd7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:04:27 +0200
Subject: [PATCH 224/714] Add folder verification and fix linting

---
 .../ansible-elasticsearch/tasks/xpack_security.yml       | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 2578b05c..3825c3b2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -81,9 +81,10 @@
   delegate_to: "127.0.0.1"
   when: 
     - node_certs_generator
-- name: Create the certificates directory
+
+- name: Verify the Certificates Authority directory
   file:
-    path: "{{master_certs_destination}}"
+    path: "{{ master_certs_destination }}/ca/"
     state: directory
     mode: '0700'
   delegate_to: "127.0.0.1"
@@ -92,8 +93,8 @@
 
 - name: Copying certificates to Ansible master
   fetch:
-    src: "{{node_certs_source}}/certs.zip"
-    dest: "{{master_certs_destination}}/"
+    src: "{{ node_certs_source }}/certs.zip"
+    dest: "{{ master_certs_destination }}/"
     flat: yes
     mode: 0700
   when: 

From 09647b731b2d2d9498040ec811c8c268b72c52a9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:05:17 +0200
Subject: [PATCH 225/714] Fix typo in task name

---
 .../ansible-elasticsearch/tasks/xpack_security.yml              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 3825c3b2..8fabf6eb 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -128,7 +128,7 @@
     group: elasticsearch
   tags: xpack-security
 
-- name: Ensuring certificates folder owner
+- name: Ensuring certificates folder permissions
   file:
     path: "{{ node_certs_destination }}/"
     mode: '0770'

From af0e2f0756ff004acb44ec7fb00b9f3c20244f9d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:05:49 +0200
Subject: [PATCH 226/714] Add copy block to import node's certificate with
 custom CA name

---
 .../tasks/xpack_security.yml                    | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 8fabf6eb..890db757 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -108,7 +108,6 @@
   when: 
     - node_certs_generator
     
-
 - name: Unzip generated certs.zip
   unarchive:
     src: "{{master_certs_destination}}/certs.zip"
@@ -139,10 +138,24 @@
   copy:
     src: "{{item}}"
     dest: "{{node_certs_destination}}/"
-  with_items: 
+  with_items:
     - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
     - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
     - "{{master_certs_destination}}/ca/ca.crt"
+  when:
+    - generate_CA
+  tags: xpack-security
+
+- name: Copying node's certificate from master (Custom CA)
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+  with_items: 
+    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
+    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
+    - "{{master_certs_destination}}/ca/{{ca_cert_name}}"
+  when:
+    - not generate_CA
   tags: xpack-security
 
 - name: Set elasticsearch bootstrap password

From 5ca223726462dc2dac77938bb2adc6059ad4803f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 5 Aug 2019 15:06:04 +0200
Subject: [PATCH 227/714] Updated template to avoid hardcoding the ca format.

---
 .../templates/elasticsearch.yml.j2                    | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index f851e900..3cd386da 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -34,12 +34,19 @@ xpack.security.enabled: true
 xpack.security.transport.ssl.enabled: true
 xpack.security.transport.ssl.verification_mode: certificate 
 xpack.security.transport.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
-xpack.security.transport.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
+xpack.security.transport.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt
+{% if generate_CA == true %}
 xpack.security.transport.ssl.certificate_authorities: [ "{{ node_certs_destination }}/ca.crt" ]
-
+{% elif generate_CA == false %}
+xpack.security.transport.ssl.certificate_authorities: [ "{{ node_certs_destination }}/{{ca_cert_name}}" ]
+{% endif %}
 xpack.security.http.ssl.enabled: true
 xpack.security.http.ssl.verification_mode: certificate
 xpack.security.http.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
 xpack.security.http.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
+{% if generate_CA == true %}
 xpack.security.http.ssl.certificate_authorities: [ "{{ node_certs_destination }}/ca.crt" ]
+{% elif generate_CA == false %}
+xpack.security.http.ssl.certificate_authorities: [ "{{ node_certs_destination }}/{{ca_cert_name}}" ]
+{% endif %}
 {% endif %}
\ No newline at end of file

From c171f3905b5c6dd5436ae81c13992f0433afc282 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 7 Aug 2019 12:00:39 +0200
Subject: [PATCH 228/714] Bump version

---
 CHANGELOG.md                                         | 4 ++++
 VERSION                                              | 4 ++--
 molecule/default/tests/test_default.py               | 2 +-
 molecule/wazuh-agent/tests/test_agents.py            | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 4 ++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 2 +-
 7 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3221e38f..f92b855d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,10 @@ All notable changes to this project will be documented in this file.
 
 - Default protocol to TCP [@ionphractal](https://github.com/ionphractal) [#204](https://github.com/wazuh/wazuh-ansible/pull/204).
 
+### Fixed
+
+- Fixed network.host is not localhost [@rshad](https://github.com/rshad) [#204](https://github.com/wazuh/wazuh-ansible/pull/212).
+
 ## [v3.9.3_7.2.0]
 
 ### Added 
diff --git a/VERSION b/VERSION
index fe2acb96..8909e7be 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.9.3"
-REVISION="3930"
+WAZUH-ANSIBLE_VERSION="v3.9.4"
+REVISION="3940"
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 4be45b4e..e55bc894 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.3"
+    return "3.9.4"
 
 
 def test_wazuh_packages_are_installed(host):
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
index 48fdfc6e..223f4198 100644
--- a/molecule/wazuh-agent/tests/test_agents.py
+++ b/molecule/wazuh-agent/tests/test_agents.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.3"
+    return "3.9.4"
 
 
 def test_ossec_package_installed(Package):
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index dcaa0f59..32a194c8 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.2.0
-wazuh_version: 3.9.3
+wazuh_version: 3.9.4
 
 # Xpack Security
 kibana_xpack_security: false
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index ad2a93c9..d0898cb0 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.9.3
+wazuh_agent_version: 3.9.4
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
@@ -24,7 +24,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.9.3'
+  version: '3.9.4'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: c3fdbd6c121ca371b8abcd477ed4e8a4
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b93bd8ef..a35e3387 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_api_version: 3.9.3
+wazuh_manager_api_version: 3.9.4
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest

From 3d3b3bc1d05b3edfc8f933b8e438a1619d572b28 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 8 Aug 2019 17:41:53 +0200
Subject: [PATCH 229/714] Fix permissions and add password option

---
 .../tasks/xpack_security.yml                  | 80 +++++++++++--------
 1 file changed, 48 insertions(+), 32 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 890db757..e64b71df 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -41,18 +41,22 @@
 
 - name: Importing custom CA key 
   copy:
-    src: "{{ master_certs_destination }}/ca/{{ ca_key_name }}"
+    src: "{{ master_certs_path }}/ca/{{ ca_key_name }}"
     dest: "{{ node_certs_source }}/{{ ca_key_name }}"
+    mode: '0664'
   when:
    - not generate_CA
+   - node_certs_generator
   tags: xpack-security
 
 - name: Importing custom CA cert
   copy:
-    src: "{{ master_certs_destination }}/ca/{{ ca_cert_name }}"
+    src: "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
     dest: "{{ node_certs_source }}/{{ ca_cert_name }}"
+    mode: '0664'
   when:
     - not generate_CA
+    - node_certs_generator
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (generating CA)
@@ -65,17 +69,34 @@
     - generate_CA
   tags: xpack-security
 
-- name: Generating certificates for Elasticsearch security (using provided CA)
-  shell: /usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+- name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password)
+  shell: >- 
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert 
+    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} 
+    --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
     - not generate_CA
-  tags: xpack-security 
+    - ca_password == ""
+  tags: xpack-security
 
+- name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password)
+  shell: >- 
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert 
+    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} 
+    --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip 
+    --ca-pass {{ca_password}}
+  when:
+    - node_certs_generator
+    - not xpack_certs_zip.stat.exists
+    - not generate_CA
+    - ca_password != ""
+  tags: xpack-security 
+  
 - name: Verify the Elastic certificates directory
   file:
-    path: "{{ master_certs_destination }}"
+    path: "{{ master_certs_path }}"
     state: directory
     mode: '0700'
   delegate_to: "127.0.0.1"
@@ -84,7 +105,7 @@
 
 - name: Verify the Certificates Authority directory
   file:
-    path: "{{ master_certs_destination }}/ca/"
+    path: "{{ master_certs_path }}/ca/"
     state: directory
     mode: '0700'
   delegate_to: "127.0.0.1"
@@ -94,7 +115,7 @@
 - name: Copying certificates to Ansible master
   fetch:
     src: "{{ node_certs_source }}/certs.zip"
-    dest: "{{ master_certs_destination }}/"
+    dest: "{{ master_certs_path }}/"
     flat: yes
     mode: 0700
   when: 
@@ -110,38 +131,22 @@
     
 - name: Unzip generated certs.zip
   unarchive:
-    src: "{{master_certs_destination}}/certs.zip"
-    dest: "{{master_certs_destination}}/"
+    src: "{{master_certs_path}}/certs.zip"
+    dest: "{{master_certs_path}}/"
   become: true
   delegate_to: "127.0.0.1"
   when: 
     - node_certs_generator
   tags: xpack-security
 
-- name: Ensuring certificates folder owner
-  file:
-    path: "{{ node_certs_destination }}/"
-    state: directory
-    recurse: yes
-    owner: elasticsearch
-    group: elasticsearch
-  tags: xpack-security
-
-- name: Ensuring certificates folder permissions
-  file:
-    path: "{{ node_certs_destination }}/"
-    mode: '0770'
-    recurse: yes
-  tags: xpack-security
-
 - name: Copying node's certificate from master
   copy:
     src: "{{item}}"
     dest: "{{node_certs_destination}}/"
   with_items:
-    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
-    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
-    - "{{master_certs_destination}}/ca/ca.crt"
+    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
+    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
+    - "{{master_certs_path}}/ca/ca.crt"
   when:
     - generate_CA
   tags: xpack-security
@@ -151,13 +156,24 @@
     src: "{{item}}"
     dest: "{{node_certs_destination}}/"
   with_items: 
-    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
-    - "{{master_certs_destination}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
-    - "{{master_certs_destination}}/ca/{{ca_cert_name}}"
+    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
+    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
+    - "{{master_certs_path}}/ca/{{ca_cert_name}}"
   when:
     - not generate_CA
   tags: xpack-security
 
+- name: Ensuring folder permissions
+  file:
+    path: "{{ node_certs_destination }}/"
+    mode: '0774'
+    state: directory
+    recurse: yes
+  when:
+    - elasticsearch_xpack_security
+    - generate_CA
+  tags: xpack-security
+
 - name: Set elasticsearch bootstrap password
   shell: >-
      echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password

From b2876d15e453636d9c7f946bb63d7ccd8ad9aee3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 8 Aug 2019 17:43:30 +0200
Subject: [PATCH 230/714] Update attributes, remove rsync parameters.

---
 .../ansible-elasticsearch/defaults/main.yml    | 18 ++++++------------
 .../ansible-kibana/defaults/main.yml           | 12 ++++--------
 roles/wazuh/ansible-filebeat/defaults/main.yml | 10 ++++------
 3 files changed, 14 insertions(+), 26 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index bcbcc819..63b953f8 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -19,23 +19,17 @@ elasticsearch_xpack_security_user: elastic
 elasticsearch_xpack_security_password: elastic_pass
 
 node_certs_generator: false
-node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/elasticsearch/certs
 
-master_certs_destination: /es_certs
+
 
 # CA generation
-generate_CA: false
-
-ca_key_name: myCA.key
-ca_cert_name: myCA.pem
-
-# Rsync
-rsync_path: /usr/bin/rsync
-rsync_user: vagrant
-rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
-
+master_certs_path: /es_certs
+generate_CA: true
+ca_key_name: ""
+ca_cert_name: ""
+ca_password: ""
 
 
 
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 4de06f9b..f8dece59 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -15,14 +15,10 @@ elasticsearch_xpack_security_user: elastic
 elasticsearch_xpack_security_password: elastic_pass
 
 node_certs_generator: false
-node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/kibana/certs
 
-master_certs_destination: /es_certs
-
-
-# Rsync
-rsync_path: /usr/bin/rsync
-rsync_user: vagrant
-rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
+# CA Generation
+master_certs_path: /es_certs
+generate_CA: true
+ca_cert_name: ""
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index cf0cb5a1..cbf8cc9d 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -35,13 +35,11 @@ elasticsearch_xpack_security_user: elastic
 elasticsearch_xpack_security_password: elastic_pass
 
 node_certs_generator : false
-node_certs_generator_ip: 172.16.0.161
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/filebeat/certs
 
-master_certs_destination: /es_certs
 
-# Rsync
-rsync_path: /usr/bin/rsync
-rsync_user: vagrant
-rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
+# CA Generation
+master_certs_path: /es_certs
+generate_CA: true
+ca_cert_name: ""

From 7006f99209ad8d28970f36ae5de7f318f6eded80 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 8 Aug 2019 17:43:40 +0200
Subject: [PATCH 231/714] Add import to kibana

---
 .../ansible-kibana/tasks/main.yml             | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index fe91221b..ada29886 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -19,12 +19,27 @@
     src: "{{item}}"
     dest: "{{node_certs_destination}}/"
   with_items: 
-    - "{{master_certs_destination}}/{{kibana_node_name}}/{{ kibana_node_name }}.key" 
-    - "{{master_certs_destination}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
-    - "{{master_certs_destination}}/ca/ca.crt"
+    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.key" 
+    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
+    - "{{master_certs_path}}/ca/ca.crt"
   tags: xpack-security
   when:
     - kibana_xpack_security
+    - generate_CA
+
+- name: Copying node's certificate from master (Custom CA)
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+    mode: '0664' 
+  with_items: 
+    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.key" 
+    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
+    - "{{master_certs_path}}/ca/{{ca_cert_name}}"
+  when:
+    - kibana_xpack_security
+    - not generate_CA
+  tags: xpack-security
 
 - name: Ensuring certificates folder owner
   file:
@@ -52,7 +67,7 @@
     dest: /etc/kibana/kibana.yml
     owner: root
     group: root
-    mode: 0664
+    mode: '0664' 
   notify: restart kibana
   tags: configure
 

From 625970675586b8544404e67b20c8cf259dadbfba Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 8 Aug 2019 17:43:50 +0200
Subject: [PATCH 232/714] Update kibana template

---
 roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
index 76a3c2c4..0f2ef606 100644
--- a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
@@ -109,6 +109,10 @@ elasticsearch.username: "{{ elasticsearch_xpack_security_user }}"
 elasticsearch.password: "{{ elasticsearch_xpack_security_password }}"
 server.ssl.enabled: true
 server.ssl.key: "{{node_certs_destination}}/{{ kibana_node_name }}.key"
-server.ssl.certificate: "{{node_certs_destination}}/{{ kibana_node_name }}.crt" 
+server.ssl.certificate: "{{node_certs_destination}}/{{ kibana_node_name }}.crt"
+{% if generate_CA == true %}
 elasticsearch.ssl.certificateAuthorities: ["{{ node_certs_destination }}/ca.crt"]
+{% elif generate_CA == false %}
+elasticsearch.ssl.certificateAuthorities: ["{{ node_certs_destination }}/{{ca_cert_name}}"]
+{% endif %}
 {% endif %}
\ No newline at end of file

From bb0c79c455cf3cd0ac1a41bce5ce950e8339fe11 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 8 Aug 2019 17:43:57 +0200
Subject: [PATCH 233/714] Update filebeat template

---
 roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
index 0a47af9d..466d9a89 100644
--- a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
@@ -57,8 +57,14 @@ output.elasticsearch:
   username: {{ elasticsearch_xpack_security_user }}
   password: {{ elasticsearch_xpack_security_password }}
   protocol: https
+{% if generate_CA == true %}
   ssl.certificate_authorities: 
     - {{node_certs_destination}}/ca.crt
+{% elif generate_CA == false %}
+  ssl.certificate_authorities:
+    - {{node_certs_destination}}/{{ca_cert_name}}
+{% endif %}
+
   ssl.certificate: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt" 
   ssl.key: "{{node_certs_destination}}/{{ filebeat_node_name }}.key"
 {% endif %}

From fb76622080c24a3dc626379d73fc8f898c157297 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 8 Aug 2019 17:44:08 +0200
Subject: [PATCH 234/714] Add import to

---
 roles/wazuh/ansible-filebeat/tasks/main.yml | 28 +++++++++++++++------
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 2b566ed5..a968e62d 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -31,18 +31,32 @@
     src: "{{item}}"
     dest: "{{node_certs_destination}}/"
   with_items: 
-    - "{{master_certs_destination}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.key" 
-    - "{{master_certs_destination}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
-    - "{{master_certs_destination}}/ca/ca.crt"
-  tags: xpack-security
+    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.key" 
+    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
+    - "{{master_certs_path}}/ca/ca.crt"
   when:
+    - generate_CA
     - filebeat_xpack_security
+  tags: xpack-security
+  
+- name: Copying node's certificate from master (Custom CA)
+  copy:
+    src: "{{item}}"
+    dest: "{{node_certs_destination}}/"
+  with_items: 
+    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.key" 
+    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
+    - "{{master_certs_path}}/ca/{{ca_cert_name}}"
+  when:
+    - not generate_CA
+    - filebeat_xpack_security
+  tags: xpack-security
 
-
-- name: Ensuring certificates folder owner
+- name: Ensuring folder & certs permissions
   file:
     path: "{{ node_certs_destination }}/"
-    mode: '0770'
+    mode: '0774'
+    state: directory
     recurse: yes
   when:
     - filebeat_xpack_security

From 69427edea6e45567212415ff57a388ddd1aa80a4 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 9 Aug 2019 16:45:23 +0200
Subject: [PATCH 235/714] initial changes

---
 roles/wazuh/ansible-filebeat/defaults/main.yml |  5 +++++
 roles/wazuh/ansible-filebeat/tasks/main.yml    | 13 +++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 103d61eb..1fed5fb0 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -43,3 +43,8 @@ node_certs_destination: /etc/filebeat/certs
 rsync_path: /usr/bin/rsync
 rsync_user: vagrant
 rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
+
+filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
+filebeat_module_package_path: /root/
+filebeat_module_destination: /usr/share/filebeat/module
+filebeat_module_folder: /usr/share/filebeat/module/wazuh
\ No newline at end of file
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 7bafcc79..b0e5371c 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -88,6 +88,19 @@
     - filebeat_xpack_security
   tags: xpack-security
 
+- name: Download Filebeat module package
+  get_url:
+    url: https://packages-dev.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}
+    dest: "{{ filebeat_module_package_path }}"
+
+- name: Unpakcaging Filebeat module package
+    unarchive:
+    src: "{{ filebeat_module_package_path }}/{{ filebeat_module_package_name }}"
+    dest: "{{ filebeat_module_destination }}"
+
+- name: Setting 0755 permission for Filebeat module folder
+  file: dest={{ filebeat_module_folder }} mode=u=rwX,g=rwX,o=rwX recurse=yes
+
 - import_tasks: config.yml
   when: filebeat_create_config
   notify: restart filebeat

From da005fea58a33dd77e8c356de26e990f76fc27dd Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 16 Aug 2019 10:27:42 +0200
Subject: [PATCH 236/714] removed Java installation tasks for SysV systems

---
 molecule/filebeat/molecule.yml                | 34 ++++++++--------
 molecule/filebeat/prepare.yml                 |  1 +
 molecule/kibana/molecule.yml                  | 40 +++++++++----------
 molecule/kibana/playbook.yml                  |  1 +
 .../ansible-elasticsearch/tasks/Debian.yml    | 14 -------
 .../ansible-elasticsearch/tasks/RedHat.yml    |  7 ----
 roles/wazuh/ansible-filebeat/tasks/main.yml   |  5 ++-
 7 files changed, 42 insertions(+), 60 deletions(-)

diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index e456c4ae..761326f3 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -11,23 +11,23 @@ lint:
 platforms:
   - name: trusty
     image: ubuntu:trusty
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    privileged: true
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    command: /sbin/init
-  - name: centos6
-    image: geerlingguy/docker-centos6-ansible
-    privileged: true
-    command: /sbin/init
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
-  - name: centos7
-    image: milcom/centos7-systemd
-    privileged: true
+ # - name: bionic
+ #   image: solita/ubuntu-systemd:bionic
+ #   command: /sbin/init
+ #   privileged: true
+ # - name: xenial
+ #   image: solita/ubuntu-systemd:xenial
+ #   privileged: true
+ #   command: /sbin/init
+ #- name: centos6
+ #  image: geerlingguy/docker-centos6-ansible
+ #  privileged: true
+ #  command: /sbin/init
+ #  volumes:
+ #    - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ #- name: centos7
+ #  image: milcom/centos7-systemd
+ #  privileged: true
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/filebeat/prepare.yml b/molecule/filebeat/prepare.yml
index f3dc9aac..49325b85 100644
--- a/molecule/filebeat/prepare.yml
+++ b/molecule/filebeat/prepare.yml
@@ -7,6 +7,7 @@
     - name: "Install Python packages for Trusty to solve trust issues"
       package:
         name:
+          - python-apt
           - python-setuptools
           - python-pip
         state: latest
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 2017a6bd..8cf21dc2 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -9,31 +9,31 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 1024m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
+#  - name: bionic
+#    image: solita/ubuntu-systemd:bionic
+#    command: /sbin/init
+#    ulimits:
+#      - nofile:262144:262144
+#    privileged: true
+#    memory_reservation: 1024m
+#  - name: xenial
+#    image: solita/ubuntu-systemd:xenial
+#    privileged: true
+#    memory_reservation: 1024m
+#    command: /sbin/init
+#    ulimits:
+#      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    memory_reservation: 1024m
 #    ulimits:
 #      - nofile:262144:262144
-  - name: centos6
-    image: centos:6
-    privileged: true
-    memory_reservation: 1024m
-    ulimits:
-      - nofile:262144:262144
+#  - name: centos6
+#    image: centos:6
+#    privileged: true
+#    memory_reservation: 1024m
+#    ulimits:
+#      - nofile:262144:262144
   - name: centos7
     image: milcom/centos7-systemd
     memory_reservation: 1024m
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
index 74fc1038..18543dce 100644
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@@ -3,3 +3,4 @@
   hosts: all
   roles:
     - role: elastic-stack/ansible-kibana
+    
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index b35f11e1..67a34e7e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -8,12 +8,6 @@
   register: elasticsearch_ca_packages_installed
   until: elasticsearch_ca_packages_installed is succeeded
 
-- name: "Install Java Repo for Trusty"
-  apt_repository: repo='ppa:openjdk-r/ppa'
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
-
 - name: Update and upgrade apt packages
   become: true
   apt:
@@ -24,14 +18,6 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
 
-- name: Install Oracle Java 8
-  become: true
-  apt: name=openjdk-8-jdk
-
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
-
 - name: Update and upgrade apt packages
   become: true
   apt:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 81176ee0..16366dfc 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -9,13 +9,6 @@
     gpgcheck: true
   changed_when: false
 
-- name: CentOS x.x => x.x < 7.0 | Installing Java
-  yum:
-    name: java-1.8.0-openjdk.x86_64
-    state: present
-  when:
-    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7
-
 - name: RedHat/CentOS/Fedora | Install Elasticsarch
   package: name=elasticsearch-{{ elastic_stack_version }} state=present
   tags: install
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index b0e5371c..7e1d408a 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -90,13 +90,14 @@
 
 - name: Download Filebeat module package
   get_url:
-    url: https://packages-dev.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}
+    url: https://packages.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}
     dest: "{{ filebeat_module_package_path }}"
 
 - name: Unpakcaging Filebeat module package
-    unarchive:
+  unarchive:
     src: "{{ filebeat_module_package_path }}/{{ filebeat_module_package_name }}"
     dest: "{{ filebeat_module_destination }}"
+    remote_src: yes
 
 - name: Setting 0755 permission for Filebeat module folder
   file: dest={{ filebeat_module_folder }} mode=u=rwX,g=rwX,o=rwX recurse=yes

From 2b7bf881aebc3ba4c989d59be0180d2464291016 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 16 Aug 2019 11:54:51 +0200
Subject: [PATCH 237/714] improved the tasks of filebeat module installation
 and fixed idempotence errors

---
 Pipfile                                     |  1 +
 molecule/filebeat/molecule.yml              | 10 +++++-----
 roles/wazuh/ansible-filebeat/tasks/main.yml | 22 ++++++++++++++++++++-
 3 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/Pipfile b/Pipfile
index 9e3b448b..e7dab50e 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,6 +14,7 @@ molecule = "*"
 python_version = "2.7"
 
 [scripts]
+clean = "molecule destroy"
 test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index 761326f3..e85c687d 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -9,8 +9,8 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: trusty
-    image: ubuntu:trusty
+ # - name: trusty
+ #   image: ubuntu:trusty
  # - name: bionic
  #   image: solita/ubuntu-systemd:bionic
  #   command: /sbin/init
@@ -25,9 +25,9 @@ platforms:
  #  command: /sbin/init
  #  volumes:
  #    - /sys/fs/cgroup:/sys/fs/cgroup:ro
- #- name: centos7
- #  image: milcom/centos7-systemd
- #  privileged: true
+ - name: centos7
+   image: milcom/centos7-systemd
+   privileged: true
 provisioner:
   name: ansible
   playbooks:
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 7e1d408a..8328e068 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -88,19 +88,39 @@
     - filebeat_xpack_security
   tags: xpack-security
 
+- name: Checking if Filebeat Module folder file exists
+  stat:
+    path: "{{ filebeat_module_folder }}"
+  register: filebeat_module_folder
+
 - name: Download Filebeat module package
   get_url:
     url: https://packages.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}
     dest: "{{ filebeat_module_package_path }}"
+  when: not filebeat_module_folder.stat.exists
 
-- name: Unpakcaging Filebeat module package
+- name: Unpakcing Filebeat module package
   unarchive:
     src: "{{ filebeat_module_package_path }}/{{ filebeat_module_package_name }}"
     dest: "{{ filebeat_module_destination }}"
     remote_src: yes
+  when: not filebeat_module_folder.stat.exists
 
 - name: Setting 0755 permission for Filebeat module folder
   file: dest={{ filebeat_module_folder }} mode=u=rwX,g=rwX,o=rwX recurse=yes
+  when: not filebeat_module_folder.stat.exists
+
+- name: Checking if Filebeat Module package file exists
+  stat:
+    path: "{{ filebeat_module_package_path }}/{{ filebeat_module_package_name }}"
+  register: filebeat_module_package
+  when: filebeat_module_package is not defined
+
+- name: Delete Filebeat module package file
+  file:
+    state: absent
+    path: "{{ filebeat_module_package_path }}/{{ filebeat_module_package_name }}"
+  when: filebeat_module_package.stat.exists
 
 - import_tasks: config.yml
   when: filebeat_create_config

From cb5149c6290c8da765f043ae130f7c56fcbb68ef Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 30 Jul 2019 17:36:31 +0200
Subject: [PATCH 238/714] Fix Kibana APP installation by becoming user kibana

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 4e12b1b2..a32b90fd 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -118,14 +118,14 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install  https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: "/usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
   notify: restart kibana
-  ignore_errors: "{{ kibana_plugin_install_ignore_error }}"
+  become_user: kibana
   tags:
     - install
     - skip_ansible_lint

From cae6e96be66f51596bffebfa40fa8bdee73853bf Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 16 Aug 2019 14:43:29 +0200
Subject: [PATCH 239/714] changing default variables values

---
 molecule/filebeat/molecule.yml                       | 12 ++++++------
 molecule/kibana/molecule.yml                         |  1 -
 playbooks/wazuh-elastic.yml                          |  5 +++--
 playbooks/wazuh-kibana.yml                           | 10 +++-------
 playbooks/wazuh-manager.yml                          |  8 +++-----
 .../ansible-elasticsearch/defaults/main.yml          |  3 +--
 .../ansible-elasticsearch/tasks/main.yml             |  2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml |  2 ++
 roles/wazuh/ansible-filebeat/tasks/main.yml          |  1 +
 9 files changed, 20 insertions(+), 24 deletions(-)

diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index e85c687d..699495d1 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -12,9 +12,9 @@ platforms:
  # - name: trusty
  #   image: ubuntu:trusty
  # - name: bionic
- #   image: solita/ubuntu-systemd:bionic
- #   command: /sbin/init
- #   privileged: true
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    privileged: true
  # - name: xenial
  #   image: solita/ubuntu-systemd:xenial
  #   privileged: true
@@ -25,9 +25,9 @@ platforms:
  #  command: /sbin/init
  #  volumes:
  #    - /sys/fs/cgroup:/sys/fs/cgroup:ro
- - name: centos7
-   image: milcom/centos7-systemd
-   privileged: true
+ #- name: centos7
+ #  image: milcom/centos7-systemd
+ #  privileged: true
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 8cf21dc2..42b55fd3 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -55,7 +55,6 @@ provisioner:
     group_vars:
       all:
         elasticsearch_jvm_xms: 256
-        kibana_plugin_install_ignore_error: true
 verifier:
   name: testinfra
   lint:
diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
index 0c3b0a61..36bd9b1d 100644
--- a/playbooks/wazuh-elastic.yml
+++ b/playbooks/wazuh-elastic.yml
@@ -1,4 +1,5 @@
 ---
-- hosts: <your elasticsearch host>
+- hosts: <YOUR_ELASTICSEARCH_IP>
   roles:
-    - {role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'your elasticsearch IP'}
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
+      elasticsearch_network_host: '<YOUR_ELASTICSEARCH_IP>'
diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml
index 2fc5cc1d..200f4891 100644
--- a/playbooks/wazuh-kibana.yml
+++ b/playbooks/wazuh-kibana.yml
@@ -1,10 +1,6 @@
 ---
-- hosts: 172.16.0.162
+- hosts: <KIBANA_HOST>
   roles:
     - role: ../roles/elastic-stack/ansible-kibana
-      kibana_xpack_security: true
-      kibana_user: elastic
-      kibana_password: elastic_pass
-      kibana_node_name: node-2
-      elasticsearch_network_host: 172.16.0.161
-      node_certs_generator: false
+      elasticsearch_network_host: <YOUR_ELASTICSEARCH_IP>
+
diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index 93fb9e9d..5ec6a50b 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -1,10 +1,8 @@
 ---
-- hosts: 172.16.0.161
+- hosts: <WAZUH_MANAGER_HOST>
   roles:
     - role: ../roles/wazuh/ansible-wazuh-manager
     - role: ../roles/wazuh/ansible-filebeat
-      filebeat_output_elasticsearch_hosts: 172.16.0.161:9200
-      filebeat_xpack_security: true
-      filebeat_node_name: node-1
-      node_certs_generator: true
+      filebeat_output_elasticsearch_hosts: <YOUR_ELASTICSEARCH_IP>:9200
+
 
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index a07f02e2..58b5e308 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -3,10 +3,9 @@ elasticsearch_cluster_name: wazuh
 elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
-elasticsearch_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.2.0
-single_node: false
+single_node: true
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
 elasticsearch_cluster_nodes:
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 99782056..8fb9184d 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -259,7 +259,7 @@
     state: started
 
 - name: Make sure Elasticsearch is running before proceeding
-  wait_for: host={{ elasticsearch_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
+  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
   tags:
     - configure
     - init
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 32a194c8..9e9367ca 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -23,3 +23,5 @@ node_certs_destination: /etc/kibana/certs
 rsync_path: /usr/bin/rsync
 rsync_user: vagrant
 rsync_extra_parameters: -avg -e 'ssh -o StrictHostKeyChecking=no' --rsync-path='sudo rsync'
+
+kibana_plugin_install_ignore_error: true
\ No newline at end of file
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 8328e068..fbf8cfbf 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -93,6 +93,7 @@
     path: "{{ filebeat_module_folder }}"
   register: filebeat_module_folder
 
+
 - name: Download Filebeat module package
   get_url:
     url: https://packages.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}

From c1c5f90bc34ef1184d54b4a9cd68da820f46cace Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 16 Aug 2019 18:11:00 +0200
Subject: [PATCH 240/714] Updating tests

---
 molecule/default/molecule.yml | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index f37858bc..97f0fef9 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -8,18 +8,37 @@ lint:
   enabled: false
 platforms:
   - name: bionic
-    image: ubuntu:bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
   - name: xenial
     image: solita/ubuntu-systemd:xenial
     privileged: true
+    memory_reservation: 2048m
     command: /sbin/init
-  - name: trusty
-    image: ubuntu:trusty
+    ulimits:
+      - nofile:262144:262144
+#  - name: trusty
+#    image: ubuntu:trusty
+#    privileged: true
+#    memory_reservation: 2048m
+#    ulimits:
+#      - nofile:262144:262144
   - name: centos6
     image: centos:6
+    privileged: true
+    memory_reservation: 2048m
+    ulimits:
+      - nofile:262144:262144
   - name: centos7
     image: milcom/centos7-systemd
+    memory_reservation: 2048m
     privileged: true
+    ulimits:
+      - nofile:262144:262144
 provisioner:
   name: ansible
   env:

From 7ab3f960c84d4c3158cbbac9477fa7502d6ff7ae Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 16 Aug 2019 19:23:46 +0200
Subject: [PATCH 241/714] fixed some molecule errors

---
 Pipfile                                       |  2 +-
 molecule/default/molecule.yml                 | 24 +++++++++++--------
 molecule/default/playbook.yml                 |  8 +++----
 molecule/elasticsearch/molecule.yml           | 12 +++++-----
 molecule/filebeat/molecule.yml                |  2 +-
 molecule/kibana/playbook.yml                  |  1 +
 .../ansible-elasticsearch/tasks/main.yml      |  7 ------
 7 files changed, 26 insertions(+), 30 deletions(-)

diff --git a/Pipfile b/Pipfile
index e7dab50e..77eeea6b 100644
--- a/Pipfile
+++ b/Pipfile
@@ -15,7 +15,7 @@ python_version = "2.7"
 
 [scripts]
 clean = "molecule destroy"
-test ="molecule test"
+test ="molecule test --destroy=never"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 filebeat ="molecule test -s filebeat"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index f37858bc..064b4643 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -8,18 +8,22 @@ lint:
   enabled: false
 platforms:
   - name: bionic
-    image: ubuntu:bionic
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
+    image: solita/ubuntu-systemd:bionic
     command: /sbin/init
-  - name: trusty
-    image: ubuntu:trusty
-  - name: centos6
-    image: centos:6
-  - name: centos7
-    image: milcom/centos7-systemd
     privileged: true
+    ulimits:
+      - nofile:262144:262144
+#  - name: xenial
+#    image: solita/ubuntu-systemd:xenial
+#    privileged: true
+#    command: /sbin/init
+#  - name: trusty
+#    image: ubuntu:trusty
+#  - name: centos6
+#    image: centos:6
+#  - name: centos7
+#    image: milcom/centos7-systemd
+#    privileged: true
 provisioner:
   name: ansible
   env:
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index 639e6320..e692aaae 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -3,8 +3,6 @@
   hosts: all
   roles:
     - role: wazuh/ansible-wazuh-manager
-
-# - {role: wazuh/ansible-filebeat} #, filebeat_output_elasticsearch_hosts: 'your elastic stack server IP'
-# Elasticsearch requires too much memory to test multiple containers concurrently - To Fix
-# - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-# - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
+    - {role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'localhost:9200'}
+    - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+    - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 1ad6ef7b..b252e554 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -23,12 +23,12 @@ platforms:
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
-        #- name: trusty
-        #image: ubuntu:trusty
-        #privileged: true
-        #memory_reservation: 2048m
-        #ulimits:
-        #- nofile:262144:262144
+  #- name: trusty
+  #image: ubuntu:trusty
+  #privileged: true
+  #memory_reservation: 2048m
+  #ulimits:
+      #- nofile:262144:262144
   - name: centos6
     image: centos:6
     privileged: true
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index 699495d1..7ad07f77 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -11,7 +11,7 @@ lint:
 platforms:
  # - name: trusty
  #   image: ubuntu:trusty
- # - name: bionic
+  - name: bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     privileged: true
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
index 18543dce..6deac809 100644
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@@ -2,5 +2,6 @@
 - name: Converge
   hosts: all
   roles:
+  
     - role: elastic-stack/ansible-kibana
     
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 8fb9184d..7ee77beb 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -245,13 +245,6 @@
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))
 
-- name: Distribution is centos 6.* | Enable Elasticsearch
-  service: name=elasticsearch enabled=yes
-
-- name: Distribution is centos 6.* | Start Elasticsearch
-  service: name=elasticsearch state=started
-  ignore_errors: true
-
 - name: Ensure Elasticsearch started and enabled
   service:
     name: elasticsearch

From 60f58e99386d223c1ad3df1bc7724f597b78459d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 16 Aug 2019 20:09:08 +0200
Subject: [PATCH 242/714] completed

---
 Pipfile                                       |  1 +
 molecule/default/playbook.yml                 |  6 +--
 molecule/default/tests/test_default.py        | 51 +++++++++++++++++++
 .../ansible-kibana/tasks/main.yml             |  1 +
 4 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/Pipfile b/Pipfile
index 77eeea6b..f85e6439 100644
--- a/Pipfile
+++ b/Pipfile
@@ -16,6 +16,7 @@ python_version = "2.7"
 [scripts]
 clean = "molecule destroy"
 test ="molecule test --destroy=never"
+verify_test ="molecule verify"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 filebeat ="molecule test -s filebeat"
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index e692aaae..f34d0837 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -2,7 +2,7 @@
 - name: Converge
   hosts: all
   roles:
-    - role: wazuh/ansible-wazuh-manager
-    - {role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'localhost:9200'}
-    - {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
+    #- role: wazuh/ansible-wazuh-manager
+    #- {role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'localhost:9200'}
+    #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
     - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index e55bc894..da8f772b 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -78,3 +78,54 @@ def test_open_ports(host):
     elif distribution == 'centos':
         assert host.socket("tcp://:::1515").is_listening
         assert not host.socket("tcp://:::1514").is_listening
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_filebeat_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    filebeat = host.package("filebeat")
+    assert filebeat.is_installed
+    assert filebeat.version.startswith('7.2.0')
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_elasticsearch_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    elasticsearch = host.package("elasticsearch")
+    assert elasticsearch.is_installed
+    assert elasticsearch.version.startswith('7.2.0')
+
+
+def test_elasticsearch_is_running(host):
+    """Test if the services are enabled and running."""
+    elasticsearch = host.service("elasticsearch")
+    assert elasticsearch.is_enabled
+    assert elasticsearch.is_running
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_port_kibana_is_open(host):
+    """Test if the port 5601 is open and listening to connections."""
+    host.socket("tcp://0.0.0.0:5601").is_listening
+
+
+def test_find_correct_elasticsearch_version(host):
+    """Test if we find the kibana/elasticsearch version in package.json"""
+    kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
+    assert kibana.contains("7.2.0")
+
+
+def test_wazuh_plugin_installed(host):
+    """Make sure there is a plugin wazuh directory."""
+    kibana = host.file("/usr/share/kibana/plugins/wazuh/")
+
+    assert kibana.is_directory
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index a32b90fd..fe0c9365 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -125,6 +125,7 @@
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
   notify: restart kibana
+  become: yes
   become_user: kibana
   tags:
     - install

From c59c0fd008d3662410333406508b7f6fb84b39b7 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 10:07:38 +0200
Subject: [PATCH 243/714] uncommented some platforms in Molecule tests and made
 the default test running only for the manager

---
 molecule/default/molecule.yml       | 26 +++++++++++++-------------
 molecule/default/playbook.yml       |  6 ++----
 molecule/elasticsearch/molecule.yml | 12 ++++++------
 molecule/filebeat/molecule.yml      | 14 +++++++-------
 molecule/kibana/molecule.yml        | 28 ++++++++++++++--------------
 5 files changed, 42 insertions(+), 44 deletions(-)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 4b1b2677..ea838971 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -14,13 +14,13 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 5120m
-#- name: xenial
-#  image: solita/ubuntu-systemd:xenial
-#  privileged: true
-#  memory_reservation: 2048m
-#  command: /sbin/init
-#  ulimits:
-#    - nofile:262144:262144
+- name: xenial
+  image: solita/ubuntu-systemd:xenial
+  privileged: true
+  memory_reservation: 2048m
+  command: /sbin/init
+  ulimits:
+    - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    privileged: true
@@ -33,12 +33,12 @@ platforms:
 #    memory_reservation: 2048m
 #    ulimits:
 #      - nofile:262144:262144
-#  - name: centos7
-#    image: milcom/centos7-systemd
-#    memory_reservation: 2048m
-#    privileged: true
-#    ulimits:
-#      - nofile:262144:262144
+- name: centos7
+  image: milcom/centos7-systemd
+  memory_reservation: 2048m
+  privileged: true
+  ulimits:
+    - nofile:262144:262144
 provisioner:
   name: ansible
   env:
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index f34d0837..242a3777 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -2,7 +2,5 @@
 - name: Converge
   hosts: all
   roles:
-    #- role: wazuh/ansible-wazuh-manager
-    #- {role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'localhost:9200'}
-    #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'}
-    - {role: elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost'}
+    - role: wazuh/ansible-wazuh-manager
+
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index b252e554..7b2bbe1f 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -29,12 +29,12 @@ platforms:
   #memory_reservation: 2048m
   #ulimits:
       #- nofile:262144:262144
-  - name: centos6
-    image: centos:6
-    privileged: true
-    memory_reservation: 2048m
-    ulimits:
-      - nofile:262144:262144
+  #- name: centos6
+  #  image: centos:6
+  #  privileged: true
+  #  memory_reservation: 2048m
+  #  ulimits:
+  #    - nofile:262144:262144
   - name: centos7
     image: milcom/centos7-systemd
     memory_reservation: 2048m
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index 7ad07f77..a094407a 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -15,19 +15,19 @@ platforms:
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     privileged: true
- # - name: xenial
- #   image: solita/ubuntu-systemd:xenial
- #   privileged: true
- #   command: /sbin/init
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    command: /sbin/init
  #- name: centos6
  #  image: geerlingguy/docker-centos6-ansible
  #  privileged: true
  #  command: /sbin/init
  #  volumes:
  #    - /sys/fs/cgroup:/sys/fs/cgroup:ro
- #- name: centos7
- #  image: milcom/centos7-systemd
- #  privileged: true
+ - name: centos7
+   image: milcom/centos7-systemd
+   privileged: true
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 42b55fd3..20ea5e07 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -9,20 +9,20 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-#  - name: bionic
-#    image: solita/ubuntu-systemd:bionic
-#    command: /sbin/init
-#    ulimits:
-#      - nofile:262144:262144
-#    privileged: true
-#    memory_reservation: 1024m
-#  - name: xenial
-#    image: solita/ubuntu-systemd:xenial
-#    privileged: true
-#    memory_reservation: 1024m
-#    command: /sbin/init
-#    ulimits:
-#      - nofile:262144:262144
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 1024m
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    memory_reservation: 1024m

From 37cd4893b3105c78b3bb35f72e156058a2fc0302 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 10:27:44 +0200
Subject: [PATCH 244/714] fixed some linting errors and removed the changes
 added to the tests

---
 Pipfile                                |  1 -
 molecule/default/molecule.yml          | 26 ++++++-------
 molecule/default/tests/test_default.py | 53 +-------------------------
 molecule/filebeat/molecule.yml         |  6 +--
 4 files changed, 17 insertions(+), 69 deletions(-)

diff --git a/Pipfile b/Pipfile
index f85e6439..b0784518 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,7 +14,6 @@ molecule = "*"
 python_version = "2.7"
 
 [scripts]
-clean = "molecule destroy"
 test ="molecule test --destroy=never"
 verify_test ="molecule verify"
 agent ="molecule test -s wazuh-agent"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index ea838971..ad7d7219 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -14,13 +14,13 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 5120m
-- name: xenial
-  image: solita/ubuntu-systemd:xenial
-  privileged: true
-  memory_reservation: 2048m
-  command: /sbin/init
-  ulimits:
-    - nofile:262144:262144
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 2048m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    privileged: true
@@ -33,12 +33,12 @@ platforms:
 #    memory_reservation: 2048m
 #    ulimits:
 #      - nofile:262144:262144
-- name: centos7
-  image: milcom/centos7-systemd
-  memory_reservation: 2048m
-  privileged: true
-  ulimits:
-    - nofile:262144:262144
+  - name: centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 2048m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
 provisioner:
   name: ansible
   env:
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index da8f772b..8e1817e3 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -77,55 +77,4 @@ def test_open_ports(host):
         assert not host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
         assert host.socket("tcp://:::1515").is_listening
-        assert not host.socket("tcp://:::1514").is_listening
-
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_filebeat_is_installed(host):
-    """Test if the elasticsearch package is installed."""
-    filebeat = host.package("filebeat")
-    assert filebeat.is_installed
-    assert filebeat.version.startswith('7.2.0')
-
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_elasticsearch_is_installed(host):
-    """Test if the elasticsearch package is installed."""
-    elasticsearch = host.package("elasticsearch")
-    assert elasticsearch.is_installed
-    assert elasticsearch.version.startswith('7.2.0')
-
-
-def test_elasticsearch_is_running(host):
-    """Test if the services are enabled and running."""
-    elasticsearch = host.service("elasticsearch")
-    assert elasticsearch.is_enabled
-    assert elasticsearch.is_running
-
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_port_kibana_is_open(host):
-    """Test if the port 5601 is open and listening to connections."""
-    host.socket("tcp://0.0.0.0:5601").is_listening
-
-
-def test_find_correct_elasticsearch_version(host):
-    """Test if we find the kibana/elasticsearch version in package.json"""
-    kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
-    assert kibana.contains("7.2.0")
-
-
-def test_wazuh_plugin_installed(host):
-    """Make sure there is a plugin wazuh directory."""
-    kibana = host.file("/usr/share/kibana/plugins/wazuh/")
-
-    assert kibana.is_directory
\ No newline at end of file
+        assert not host.socket("tcp://:::1514").is_listening
\ No newline at end of file
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index a094407a..5e055508 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -25,9 +25,9 @@ platforms:
  #  command: /sbin/init
  #  volumes:
  #    - /sys/fs/cgroup:/sys/fs/cgroup:ro
- - name: centos7
-   image: milcom/centos7-systemd
-   privileged: true
+  - name: centos7
+    image: milcom/centos7-systemd
+    privileged: true
 provisioner:
   name: ansible
   playbooks:

From 9d9aa9088add1fe32f0038a72fc7b33ca6618c90 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 10:54:34 +0200
Subject: [PATCH 245/714] fixed flake8 errors

---
 molecule/default/tests/test_default.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 8e1817e3..e55bc894 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -77,4 +77,4 @@ def test_open_ports(host):
         assert not host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
         assert host.socket("tcp://:::1515").is_listening
-        assert not host.socket("tcp://:::1514").is_listening
\ No newline at end of file
+        assert not host.socket("tcp://:::1514").is_listening

From 07172620cd31500a59c16b4f91287c5414bcbba0 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 11:37:58 +0200
Subject: [PATCH 246/714] fixed tests for molecule/default

---
 Pipfile                                | 1 -
 molecule/default/molecule.yml          | 2 +-
 molecule/default/tests/test_default.py | 8 ++++----
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/Pipfile b/Pipfile
index b0784518..9919f2cd 100644
--- a/Pipfile
+++ b/Pipfile
@@ -15,7 +15,6 @@ python_version = "2.7"
 
 [scripts]
 test ="molecule test --destroy=never"
-verify_test ="molecule verify"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 filebeat ="molecule test -s filebeat"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index ad7d7219..23b9f5ce 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -57,7 +57,7 @@ scenario:
     - create
     - prepare
     - converge
-    # - idempotence
+    - idempotence
     - side_effect
     - verify
     - cleanup
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index e55bc894..45a52de1 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -73,8 +73,8 @@ def test_open_ports(host):
     """Test if the main port is open and the agent-auth is not open."""
     distribution = host.system_info.distribution.lower()
     if distribution == 'ubuntu':
-        assert host.socket("tcp://0.0.0.0:1515").is_listening
-        assert not host.socket("tcp://0.0.0.0:1514").is_listening
+        assert host.socket("tcp://127.0.0.1:1515").is_listening
+        assert host.socket("tcp://127.0.0.1:1514").is_listening
     elif distribution == 'centos':
-        assert host.socket("tcp://:::1515").is_listening
-        assert not host.socket("tcp://:::1514").is_listening
+        assert host.socket("tcp://127.0.0.1:1515").is_listening
+        assert host.socket("tcp://127.0.0.1:1514").is_listening

From c15a466912551704ef4d29bfc701fede1f0bcc2c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 11:52:54 +0200
Subject: [PATCH 247/714] fixed tests for molecule/default ..

---
 molecule/default/tests/test_default.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 45a52de1..6e5b3294 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -73,8 +73,8 @@ def test_open_ports(host):
     """Test if the main port is open and the agent-auth is not open."""
     distribution = host.system_info.distribution.lower()
     if distribution == 'ubuntu':
-        assert host.socket("tcp://127.0.0.1:1515").is_listening
-        assert host.socket("tcp://127.0.0.1:1514").is_listening
+        assert host.socket("tcp://0.0.0.0:1515").is_listening
+        assert host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
-        assert host.socket("tcp://127.0.0.1:1515").is_listening
-        assert host.socket("tcp://127.0.0.1:1514").is_listening
+        assert host.socket("tcp://:::1515").is_listening
+        assert host.socket("tcp://:::1514").is_listening

From 0d0032e2dced163675121ad6e2d03c5292e3e13f Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 12:17:36 +0200
Subject: [PATCH 248/714] improved molecule/default tests

---
 molecule/default/tests/test_default.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 6e5b3294..7757401e 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -76,5 +76,5 @@ def test_open_ports(host):
         assert host.socket("tcp://0.0.0.0:1515").is_listening
         assert host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
-        assert host.socket("tcp://:::1515").is_listening
-        assert host.socket("tcp://:::1514").is_listening
+        assert host.socket("tcp://127.0.0.1:1515").is_listening
+        assert host.socket("tcp://127.0.0.1:1514").is_listening
\ No newline at end of file

From 8fbac1af24e4bbc72a288e76e7a72a7622ab1e8f Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 12:21:54 +0200
Subject: [PATCH 249/714] removed some additional changes from Pipefile

---
 Pipfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Pipfile b/Pipfile
index 9919f2cd..9e3b448b 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,7 +14,7 @@ molecule = "*"
 python_version = "2.7"
 
 [scripts]
-test ="molecule test --destroy=never"
+test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 filebeat ="molecule test -s filebeat"

From 70e2d68cb0295a1740dc4ab260d4743e28c0e4c7 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 12:44:47 +0200
Subject: [PATCH 250/714] reduced the memory ram for molecule/default

---
 Pipfile                       | 1 +
 molecule/default/molecule.yml | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/Pipfile b/Pipfile
index 9e3b448b..118d47c9 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,6 +14,7 @@ molecule = "*"
 python_version = "2.7"
 
 [scripts]
+destroy ="molecule destroy"
 test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 23b9f5ce..bc49d808 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -13,7 +13,7 @@ platforms:
     ulimits:
       - nofile:262144:262144
     privileged: true
-    memory_reservation: 5120m
+    memory_reservation: 2048m
   - name: xenial
     image: solita/ubuntu-systemd:xenial
     privileged: true
@@ -57,7 +57,7 @@ scenario:
     - create
     - prepare
     - converge
-    - idempotence
+    # - idempotence
     - side_effect
     - verify
     - cleanup

From 9582a0aacd2f7d4afb0d66a9e8ebe72f9ba357e8 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 13:16:51 +0200
Subject: [PATCH 251/714] updated ansible and molecule versions

---
 Pipfile                                | 4 ++--
 molecule/default/tests/test_default.py | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Pipfile b/Pipfile
index 118d47c9..3de882c3 100644
--- a/Pipfile
+++ b/Pipfile
@@ -5,8 +5,8 @@ name = "pypi"
 
 [packages]
 docker-py = "*"
-ansible = "==2.7.11"
-molecule = "*"
+ansible = "==2.7.13"
+molecule = "2.20"
 
 [dev-packages]
 
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 7757401e..227f8e59 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -77,4 +77,4 @@ def test_open_ports(host):
         assert host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
         assert host.socket("tcp://127.0.0.1:1515").is_listening
-        assert host.socket("tcp://127.0.0.1:1514").is_listening
\ No newline at end of file
+        assert host.socket("tcp://127.0.0.1:1514").is_listening

From c295ac2ea45fa7697404edf744e8f4d03cb476eb Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 13:34:36 +0200
Subject: [PATCH 252/714] bump version for 3.9.5_7.2.1

---
 CHANGELOG.md                                               | 7 +++++++
 VERSION                                                    | 4 ++--
 molecule/default/molecule.yml                              | 2 +-
 molecule/default/tests/test_default.py                     | 2 +-
 molecule/elasticsearch/tests/test_default.py               | 2 +-
 molecule/filebeat/tests/test_default.py                    | 2 +-
 molecule/kibana/tests/test_default.py                      | 2 +-
 molecule/wazuh-agent/tests/test_agents.py                  | 2 +-
 .../elastic-stack/ansible-elasticsearch/defaults/main.yml  | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml       | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml             | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml          | 4 ++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml        | 2 +-
 13 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f92b855d..87570f08 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,13 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.9.5_7.2.1]
+
+### Added 
+
+- Update to Wazuh v3.9.5
+- Update to Elastic Stack to v7.2.1
+
 ## [v3.9.4_7.2.0]
 
 ### Added 
diff --git a/VERSION b/VERSION
index 8909e7be..921c9fb1 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.9.4"
-REVISION="3940"
+WAZUH-ANSIBLE_VERSION="v3.9.5"
+REVISION="3950"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index bc49d808..6a54a846 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -57,7 +57,7 @@ scenario:
     - create
     - prepare
     - converge
-    # - idempotence
+    - idempotence
     - side_effect
     - verify
     - cleanup
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 227f8e59..c5e76d67 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.4"
+    return "3.9.5"
 
 
 def test_wazuh_packages_are_installed(host):
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
index c8be3ed2..31c5da6c 100644
--- a/molecule/elasticsearch/tests/test_default.py
+++ b/molecule/elasticsearch/tests/test_default.py
@@ -10,7 +10,7 @@ def test_elasticsearch_is_installed(host):
     """Test if the elasticsearch package is installed."""
     elasticsearch = host.package("elasticsearch")
     assert elasticsearch.is_installed
-    assert elasticsearch.version.startswith('7.2.0')
+    assert elasticsearch.version.startswith('7.2.1')
 
 
 def test_elasticsearch_is_running(host):
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
index 106e949d..02638b52 100644
--- a/molecule/filebeat/tests/test_default.py
+++ b/molecule/filebeat/tests/test_default.py
@@ -10,4 +10,4 @@ def test_filebeat_is_installed(host):
     """Test if the elasticsearch package is installed."""
     filebeat = host.package("filebeat")
     assert filebeat.is_installed
-    assert filebeat.version.startswith('7.2.0')
+    assert filebeat.version.startswith('7.2.1')
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
index b09e8e20..f57bb8f7 100644
--- a/molecule/kibana/tests/test_default.py
+++ b/molecule/kibana/tests/test_default.py
@@ -14,7 +14,7 @@ def test_port_kibana_is_open(host):
 def test_find_correct_elasticsearch_version(host):
     """Test if we find the kibana/elasticsearch version in package.json"""
     kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
-    assert kibana.contains("7.2.0")
+    assert kibana.contains("7.2.1")
 
 
 def test_wazuh_plugin_installed(host):
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
index 223f4198..a4845d06 100644
--- a/molecule/wazuh-agent/tests/test_agents.py
+++ b/molecule/wazuh-agent/tests/test_agents.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.4"
+    return "3.9.5"
 
 
 def test_ossec_package_installed(Package):
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 58b5e308..31ed74de 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.2.0
+elastic_stack_version: 7.2.1
 single_node: true
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 9e9367ca..9ec61091 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.2.0
-wazuh_version: 3.9.4
+elastic_stack_version: 7.2.1
+wazuh_version: 3.9.5
 
 # Xpack Security
 kibana_xpack_security: false
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 1fed5fb0..632ab7e3 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.2.0
+filebeat_version: 7.2.1
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index d0898cb0..2b3f88a4 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.9.4
+wazuh_agent_version: 3.9.5
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
@@ -24,7 +24,7 @@ wazuh_winagent_config:
   install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
   auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.9.4'
+  version: '3.9.5'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: c3fdbd6c121ca371b8abcd477ed4e8a4
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index a35e3387..433e00c6 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_api_version: 3.9.4
+wazuh_manager_api_version: 3.9.5
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest

From 34c098332efee83e1b5f3ca5e13db8f758a9633b Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 15:01:03 +0200
Subject: [PATCH 253/714] fixed Pipefile

---
 Pipfile                             |  2 +-
 molecule/elasticsearch/molecule.yml | 28 ++++++++++++++--------------
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/Pipfile b/Pipfile
index 3de882c3..ce0266f2 100644
--- a/Pipfile
+++ b/Pipfile
@@ -6,7 +6,7 @@ name = "pypi"
 [packages]
 docker-py = "*"
 ansible = "==2.7.13"
-molecule = "2.20"
+molecule = "==2.20.2"
 
 [dev-packages]
 
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 7b2bbe1f..ebf47ccb 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -9,20 +9,20 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 2048m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
+  #- name: bionic
+  #  image: solita/ubuntu-systemd:bionic
+  #  command: /sbin/init
+  #  ulimits:
+  #    - nofile:262144:262144
+  #  privileged: true
+  #  memory_reservation: 2048m
+  #- name: xenial
+  #  image: solita/ubuntu-systemd:xenial
+  #  privileged: true
+  #  memory_reservation: 2048m
+  #  command: /sbin/init
+  #  ulimits:
+  #    - nofile:262144:262144
   #- name: trusty
   #image: ubuntu:trusty
   #privileged: true

From 553d76b9849af9d6349277f67825de577bea5eff Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Mon, 19 Aug 2019 15:09:47 +0200
Subject: [PATCH 254/714] Bump molecule version

---
 Pipfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Pipfile b/Pipfile
index 3de882c3..ce0266f2 100644
--- a/Pipfile
+++ b/Pipfile
@@ -6,7 +6,7 @@ name = "pypi"
 [packages]
 docker-py = "*"
 ansible = "==2.7.13"
-molecule = "2.20"
+molecule = "==2.20.2"
 
 [dev-packages]
 

From 67f681db0d974747106917acc5a8e995666c4c86 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Mon, 19 Aug 2019 15:10:44 +0200
Subject: [PATCH 255/714] Bump molecule version

---
 Pipfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Pipfile b/Pipfile
index 3de882c3..ce0266f2 100644
--- a/Pipfile
+++ b/Pipfile
@@ -6,7 +6,7 @@ name = "pypi"
 [packages]
 docker-py = "*"
 ansible = "==2.7.13"
-molecule = "2.20"
+molecule = "==2.20.2"
 
 [dev-packages]
 

From cd090d63eb848132df63e6b1a268470a6c842251 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 15:18:51 +0200
Subject: [PATCH 256/714] removed basename, adapted paths, fixed Pipefile

---
 Pipfile                                             | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml    | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Pipfile b/Pipfile
index 3de882c3..ce0266f2 100644
--- a/Pipfile
+++ b/Pipfile
@@ -6,7 +6,7 @@ name = "pypi"
 [packages]
 docker-py = "*"
 ansible = "==2.7.13"
-molecule = "2.20"
+molecule = "==2.20.2"
 
 [dev-packages]
 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 433e00c6..6041c64d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -54,8 +54,8 @@ wazuh_manager_config:
     use_password: 'no'
     ssl_agent_ca: null
     ssl_verify_host: 'no'
-    ssl_manager_cert: '/var/ossec/etc/sslmanager.cert'
-    ssl_manager_key: '/var/ossec/etc/sslmanager.key'
+    ssl_manager_cert: 'sslmanager.cert'
+    ssl_manager_key: 'sslmanager.key'
     ssl_auto_negotiate: 'no'
   email_notification: 'no'
   mail_to:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 30e5ec87..1dac6f0f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -70,7 +70,7 @@
 - name: Copy CA, SSL key and cert for authd
   copy:
     src: "{{ item }}"
-    dest: "/var/ossec/etc/{{ item | basename }}"
+    dest: "/var/ossec/etc/{{ item }}"
     mode: 0644
   with_items:
     - "{{ wazuh_manager_config.authd.ssl_agent_ca }}"

From d74e0beeecf8ffebaffa118a1a2b73f1aa96bae3 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 19 Aug 2019 17:15:43 +0200
Subject: [PATCH 257/714] adapted molecule.yml - wazuh-agent -

---
 molecule/wazuh-agent/molecule.yml | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
index 47c0012f..953fbb09 100644
--- a/molecule/wazuh-agent/molecule.yml
+++ b/molecule/wazuh-agent/molecule.yml
@@ -32,18 +32,18 @@ platforms:
       - name: wazuh
     groups:
       - agent
-  - name: wazuh_agent_trusty
-    image: ubuntu:trusty
-    networks:
-      - name: wazuh
-    groups:
-      - agent
-  - name: wazuh_agent_centos6
-    image: centos:6
-    networks:
-      - name: wazuh
-    groups:
-      - agent
+  #- name: wazuh_agent_trusty
+  #  image: ubuntu:trusty
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
+  #- name: wazuh_agent_centos6
+  #  image: centos:6
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
   - name: wazuh_agent_centos7
     image: milcom/centos7-systemd
     privileged: true

From e7614e13e86e1fb87618fe317fb6c2b28113e531 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 20 Aug 2019 15:02:37 +0200
Subject: [PATCH 258/714] added more tests types in Pipefile

---
 Pipfile | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/Pipfile b/Pipfile
index ce0266f2..6b444c31 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,9 +14,20 @@ molecule = "==2.20.2"
 python_version = "2.7"
 
 [scripts]
-destroy ="molecule destroy"
+# Normal Case
 test ="molecule test"
 agent ="molecule test -s wazuh-agent"
 elasticsearch ="molecule test -s elasticsearch"
 filebeat ="molecule test -s filebeat"
 kibana ="molecule test -s kibana"
+
+# Do Not destroy the created containers afte the test execution ends.  
+test_still ="molecule test --destroy=never"
+agent_still ="molecule test -s wazuh-agent --destroy=never"
+elasticsearch_still ="molecule test -s elasticsearch --destroy=never"
+filebeat_still ="molecule test -s filebeat --destroy=never"
+kibana_still ="molecule test -s kibana --destroy=never"
+destroy_still ="molecule destroy --destroy=never"
+
+# Destroy all the existing containers ' Created by Molecule ' 
+destroy ="molecule destroy"

From 61625f80eeb199aed791f0e52d9a46aa413a1f11 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 20 Aug 2019 15:10:17 +0200
Subject: [PATCH 259/714] adding new test /molecule/stack

---
 molecule/stack/Dockerfile.j2         | 14 +++++
 molecule/stack/INSTALL.rst           | 16 ++++++
 molecule/stack/create.yml            | 81 ++++++++++++++++++++++++++++
 molecule/stack/destroy.yml           | 32 +++++++++++
 molecule/stack/molecule.yml          | 69 ++++++++++++++++++++++++
 molecule/stack/playbook.yml          |  6 +++
 molecule/stack/prepare.yml           | 36 +++++++++++++
 molecule/stack/tests/test_default.py | 80 +++++++++++++++++++++++++++
 8 files changed, 334 insertions(+)
 create mode 100644 molecule/stack/Dockerfile.j2
 create mode 100644 molecule/stack/INSTALL.rst
 create mode 100644 molecule/stack/create.yml
 create mode 100644 molecule/stack/destroy.yml
 create mode 100644 molecule/stack/molecule.yml
 create mode 100644 molecule/stack/playbook.yml
 create mode 100644 molecule/stack/prepare.yml
 create mode 100644 molecule/stack/tests/test_default.py

diff --git a/molecule/stack/Dockerfile.j2 b/molecule/stack/Dockerfile.j2
new file mode 100644
index 00000000..19692c20
--- /dev/null
+++ b/molecule/stack/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/stack/INSTALL.rst b/molecule/stack/INSTALL.rst
new file mode 100644
index 00000000..e26493b8
--- /dev/null
+++ b/molecule/stack/INSTALL.rst
@@ -0,0 +1,16 @@
+*******
+Install
+*******
+
+Requirements
+============
+
+* Docker Engine
+* docker-py
+
+Install
+=======
+
+.. code-block:: bash
+
+  $ sudo pip install docker-py
diff --git a/molecule/stack/create.yml b/molecule/stack/create.yml
new file mode 100644
index 00000000..25932aee
--- /dev/null
+++ b/molecule/stack/create.yml
@@ -0,0 +1,81 @@
+---
+- name: Create
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: false
+  tasks:
+    - name: Log into a Docker registry
+      docker_login:
+        username: "{{ item.registry.credentials.username }}"
+        password: "{{ item.registry.credentials.password }}"
+        email: "{{ item.registry.credentials.email | default(omit) }}"
+        registry: "{{ item.registry.url }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+      with_items: "{{ molecule_yml.platforms }}"
+      when:
+        - item.registry is defined
+        - item.registry.credentials is defined
+        - item.registry.credentials.username is defined
+
+    - name: Create Dockerfiles from image names
+      template:
+        src: "{{ molecule_scenario_directory }}/Dockerfile.j2"
+        dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
+      with_items: "{{ molecule_yml.platforms }}"
+      register: platforms
+
+    - name: Discover local Docker images
+      docker_image_facts:
+        name: "molecule_local/{{ item.item.name }}"
+        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
+      with_items: "{{ platforms.results }}"
+      register: docker_images
+
+    - name: Build an Ansible compatible image
+      docker_image:
+        path: "{{ molecule_ephemeral_directory }}"
+        name: "molecule_local/{{ item.item.image }}"
+        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
+        dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}"
+        force: "{{ item.item.force | default(true) }}"
+      with_items: "{{ platforms.results }}"
+      when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
+
+    - name: Create docker network(s)
+      docker_network:
+        name: "{{ item }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        state: present
+      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
+
+    - name: Create molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        hostname: "{{ item.name }}"
+        image: "molecule_local/{{ item.image }}"
+        state: started
+        recreate: false
+        log_driver: json-file
+        command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}"
+        privileged: "{{ item.privileged | default(omit) }}"
+        volumes: "{{ item.volumes | default(omit) }}"
+        capabilities: "{{ item.capabilities | default(omit) }}"
+        exposed_ports: "{{ item.exposed_ports | default(omit) }}"
+        published_ports: "{{ item.published_ports | default(omit) }}"
+        ulimits: "{{ item.ulimits | default(omit) }}"
+        networks: "{{ item.networks | default(omit) }}"
+        dns_servers: "{{ item.dns_servers | default(omit) }}"
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) creation to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: docker_jobs
+      until: docker_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"
diff --git a/molecule/stack/destroy.yml b/molecule/stack/destroy.yml
new file mode 100644
index 00000000..ddf7062b
--- /dev/null
+++ b/molecule/stack/destroy.yml
@@ -0,0 +1,32 @@
+---
+- name: Destroy
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: false
+  tasks:
+    - name: Destroy molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        state: absent
+        force_kill: "{{ item.force_kill | default(true) }}"
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) deletion to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: docker_jobs
+      until: docker_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"
+
+    - name: Delete docker network(s)
+      docker_network:
+        name: "{{ item }}"
+        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        state: absent
+      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
diff --git a/molecule/stack/molecule.yml b/molecule/stack/molecule.yml
new file mode 100644
index 00000000..6a54a846
--- /dev/null
+++ b/molecule/stack/molecule.yml
@@ -0,0 +1,69 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  enabled: false
+platforms:
+  - name: bionic
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+  - name: xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 2048m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+#  - name: trusty
+#    image: ubuntu:trusty
+#    privileged: true
+#    memory_reservation: 2048m
+#    ulimits:
+#      - nofile:262144:262144
+#  - name: centos6
+#    image: centos:6
+#    privileged: true
+#    memory_reservation: 2048m
+#    ulimits:
+#      - nofile:262144:262144
+  - name: centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 2048m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
+provisioner:
+  name: ansible
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+scenario:
+  name: default
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
+    enabled: true
diff --git a/molecule/stack/playbook.yml b/molecule/stack/playbook.yml
new file mode 100644
index 00000000..242a3777
--- /dev/null
+++ b/molecule/stack/playbook.yml
@@ -0,0 +1,6 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+
diff --git a/molecule/stack/prepare.yml b/molecule/stack/prepare.yml
new file mode 100644
index 00000000..f3dc9aac
--- /dev/null
+++ b/molecule/stack/prepare.yml
@@ -0,0 +1,36 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  tasks:
+
+    - name: "Install Python packages for Trusty to solve trust issues"
+      package:
+        name:
+          - python-setuptools
+          - python-pip
+        state: latest
+      register: wazuh_manager_trusty_packages_installed
+      until: wazuh_manager_trusty_packages_installed is succeeded
+      when:
+        - ansible_distribution == "Ubuntu"
+        - ansible_distribution_major_version | int == 14
+
+    - name: "Install dependencies"
+      package:
+        name:
+          - curl
+          - net-tools
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+
+    - name: "Install (RedHat) dependencies"
+      package:
+        name:
+          - initscripts
+        state: latest
+      register: wazuh_manager_dependencies_packages_installed
+      until: wazuh_manager_dependencies_packages_installed is succeeded
+      when:
+        - ansible_os_family == 'RedHat'
diff --git a/molecule/stack/tests/test_default.py b/molecule/stack/tests/test_default.py
new file mode 100644
index 00000000..c5e76d67
--- /dev/null
+++ b/molecule/stack/tests/test_default.py
@@ -0,0 +1,80 @@
+import os
+import pytest
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def get_wazuh_version():
+    """This return the version of Wazuh."""
+    return "3.9.5"
+
+
+def test_wazuh_packages_are_installed(host):
+    """Test if the main packages are installed."""
+    manager = host.package("wazuh-manager")
+    api = host.package("wazuh-api")
+
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'centos':
+        if host.system_info.release == "7":
+            assert manager.is_installed
+            assert manager.version.startswith(get_wazuh_version())
+            assert api.is_installed
+            assert api.version.startswith(get_wazuh_version())
+        elif host.system_info.release.startswith("6"):
+            assert manager.is_installed
+            assert manager.version.startswith(get_wazuh_version())
+    elif distribution == 'ubuntu':
+        assert manager.is_installed
+        assert manager.version.startswith(get_wazuh_version())
+
+
+def test_wazuh_services_are_running(host):
+    """Test if the services are enabled and running.
+
+    When assert commands are commented, this means that the service command has
+    a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
+    """
+    manager = host.service("wazuh-manager")
+    api = host.service("wazuh-api")
+
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'centos':
+        # assert manager.is_running
+        assert manager.is_enabled
+        # assert not api.is_running
+        assert not api.is_enabled
+    elif distribution == 'ubuntu':
+        # assert manager.is_running
+        assert manager.is_enabled
+        # assert api.is_running
+        assert api.is_enabled
+
+
+@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
+    ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
+    ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
+    ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
+    ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
+])
+def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
+    """Test if Wazuh related files exist and have proper owners and mode."""
+    wazuh_file_host = host.file(wazuh_file)
+
+    assert wazuh_file_host.user == wazuh_owner
+    assert wazuh_file_host.group == wazuh_group
+    assert wazuh_file_host.mode == wazuh_mode
+
+
+def test_open_ports(host):
+    """Test if the main port is open and the agent-auth is not open."""
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'ubuntu':
+        assert host.socket("tcp://0.0.0.0:1515").is_listening
+        assert host.socket("tcp://0.0.0.0:1514").is_listening
+    elif distribution == 'centos':
+        assert host.socket("tcp://127.0.0.1:1515").is_listening
+        assert host.socket("tcp://127.0.0.1:1514").is_listening

From 8bfe42cf863b80b2fb9017bf781486e2e8cca165 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 21 Aug 2019 09:59:37 +0200
Subject: [PATCH 260/714] deleted a wrong test and stack folder

---
 Pipfile                              |  1 -
 molecule/default/create.yml          |  4 +-
 molecule/default/molecule.yml        | 26 ++++-----
 molecule/filebeat/molecule.yml       | 16 +++---
 molecule/stack/Dockerfile.j2         | 14 -----
 molecule/stack/INSTALL.rst           | 16 ------
 molecule/stack/create.yml            | 81 ----------------------------
 molecule/stack/destroy.yml           | 32 -----------
 molecule/stack/molecule.yml          | 69 ------------------------
 molecule/stack/playbook.yml          |  6 ---
 molecule/stack/prepare.yml           | 36 -------------
 molecule/stack/tests/test_default.py | 80 ---------------------------
 12 files changed, 23 insertions(+), 358 deletions(-)
 delete mode 100644 molecule/stack/Dockerfile.j2
 delete mode 100644 molecule/stack/INSTALL.rst
 delete mode 100644 molecule/stack/create.yml
 delete mode 100644 molecule/stack/destroy.yml
 delete mode 100644 molecule/stack/molecule.yml
 delete mode 100644 molecule/stack/playbook.yml
 delete mode 100644 molecule/stack/prepare.yml
 delete mode 100644 molecule/stack/tests/test_default.py

diff --git a/Pipfile b/Pipfile
index 6b444c31..4a393c5a 100644
--- a/Pipfile
+++ b/Pipfile
@@ -27,7 +27,6 @@ agent_still ="molecule test -s wazuh-agent --destroy=never"
 elasticsearch_still ="molecule test -s elasticsearch --destroy=never"
 filebeat_still ="molecule test -s filebeat --destroy=never"
 kibana_still ="molecule test -s kibana --destroy=never"
-destroy_still ="molecule destroy --destroy=never"
 
 # Destroy all the existing containers ' Created by Molecule ' 
 destroy ="molecule destroy"
diff --git a/molecule/default/create.yml b/molecule/default/create.yml
index 25932aee..0fba5542 100644
--- a/molecule/default/create.yml
+++ b/molecule/default/create.yml
@@ -51,9 +51,9 @@
 
     - name: Create molecule instance(s)
       docker_container:
-        name: "{{ item.name }}"
+        name: "manager"
         docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        hostname: "{{ item.name }}"
+        hostname: "manager"
         image: "molecule_local/{{ item.image }}"
         state: started
         recreate: false
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 6a54a846..67c54a5b 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -14,13 +14,13 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 2048m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
+#  - name: xenial
+#    image: solita/ubuntu-systemd:xenial
+#    privileged: true
+#    memory_reservation: 2048m
+#    command: /sbin/init
+#    ulimits:
+#      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    privileged: true
@@ -33,12 +33,12 @@ platforms:
 #    memory_reservation: 2048m
 #    ulimits:
 #      - nofile:262144:262144
-  - name: centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 2048m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
+#  - name: centos7
+#    image: milcom/centos7-systemd
+#    memory_reservation: 2048m
+#    privileged: true
+#    ulimits:
+#      - nofile:262144:262144
 provisioner:
   name: ansible
   env:
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
index 5e055508..c111b06e 100644
--- a/molecule/filebeat/molecule.yml
+++ b/molecule/filebeat/molecule.yml
@@ -11,14 +11,14 @@ lint:
 platforms:
  # - name: trusty
  #   image: ubuntu:trusty
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    privileged: true
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    command: /sbin/init
+ #- name: bionic
+ #  image: solita/ubuntu-systemd:bionic
+ #  command: /sbin/init
+ #  privileged: true
+ #- name: xenial
+ #  image: solita/ubuntu-systemd:xenial
+ #  privileged: true
+ #  command: /sbin/init
  #- name: centos6
  #  image: geerlingguy/docker-centos6-ansible
  #  privileged: true
diff --git a/molecule/stack/Dockerfile.j2 b/molecule/stack/Dockerfile.j2
deleted file mode 100644
index 19692c20..00000000
--- a/molecule/stack/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/stack/INSTALL.rst b/molecule/stack/INSTALL.rst
deleted file mode 100644
index e26493b8..00000000
--- a/molecule/stack/INSTALL.rst
+++ /dev/null
@@ -1,16 +0,0 @@
-*******
-Install
-*******
-
-Requirements
-============
-
-* Docker Engine
-* docker-py
-
-Install
-=======
-
-.. code-block:: bash
-
-  $ sudo pip install docker-py
diff --git a/molecule/stack/create.yml b/molecule/stack/create.yml
deleted file mode 100644
index 25932aee..00000000
--- a/molecule/stack/create.yml
+++ /dev/null
@@ -1,81 +0,0 @@
----
-- name: Create
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  no_log: false
-  tasks:
-    - name: Log into a Docker registry
-      docker_login:
-        username: "{{ item.registry.credentials.username }}"
-        password: "{{ item.registry.credentials.password }}"
-        email: "{{ item.registry.credentials.email | default(omit) }}"
-        registry: "{{ item.registry.url }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-      with_items: "{{ molecule_yml.platforms }}"
-      when:
-        - item.registry is defined
-        - item.registry.credentials is defined
-        - item.registry.credentials.username is defined
-
-    - name: Create Dockerfiles from image names
-      template:
-        src: "{{ molecule_scenario_directory }}/Dockerfile.j2"
-        dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
-      with_items: "{{ molecule_yml.platforms }}"
-      register: platforms
-
-    - name: Discover local Docker images
-      docker_image_facts:
-        name: "molecule_local/{{ item.item.name }}"
-        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
-      with_items: "{{ platforms.results }}"
-      register: docker_images
-
-    - name: Build an Ansible compatible image
-      docker_image:
-        path: "{{ molecule_ephemeral_directory }}"
-        name: "molecule_local/{{ item.item.image }}"
-        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
-        dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}"
-        force: "{{ item.item.force | default(true) }}"
-      with_items: "{{ platforms.results }}"
-      when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
-
-    - name: Create docker network(s)
-      docker_network:
-        name: "{{ item }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        state: present
-      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
-
-    - name: Create molecule instance(s)
-      docker_container:
-        name: "{{ item.name }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        hostname: "{{ item.name }}"
-        image: "molecule_local/{{ item.image }}"
-        state: started
-        recreate: false
-        log_driver: json-file
-        command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}"
-        privileged: "{{ item.privileged | default(omit) }}"
-        volumes: "{{ item.volumes | default(omit) }}"
-        capabilities: "{{ item.capabilities | default(omit) }}"
-        exposed_ports: "{{ item.exposed_ports | default(omit) }}"
-        published_ports: "{{ item.published_ports | default(omit) }}"
-        ulimits: "{{ item.ulimits | default(omit) }}"
-        networks: "{{ item.networks | default(omit) }}"
-        dns_servers: "{{ item.dns_servers | default(omit) }}"
-      register: server
-      with_items: "{{ molecule_yml.platforms }}"
-      async: 7200
-      poll: 0
-
-    - name: Wait for instance(s) creation to complete
-      async_status:
-        jid: "{{ item.ansible_job_id }}"
-      register: docker_jobs
-      until: docker_jobs.finished
-      retries: 300
-      with_items: "{{ server.results }}"
diff --git a/molecule/stack/destroy.yml b/molecule/stack/destroy.yml
deleted file mode 100644
index ddf7062b..00000000
--- a/molecule/stack/destroy.yml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-- name: Destroy
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  no_log: false
-  tasks:
-    - name: Destroy molecule instance(s)
-      docker_container:
-        name: "{{ item.name }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        state: absent
-        force_kill: "{{ item.force_kill | default(true) }}"
-      register: server
-      with_items: "{{ molecule_yml.platforms }}"
-      async: 7200
-      poll: 0
-
-    - name: Wait for instance(s) deletion to complete
-      async_status:
-        jid: "{{ item.ansible_job_id }}"
-      register: docker_jobs
-      until: docker_jobs.finished
-      retries: 300
-      with_items: "{{ server.results }}"
-
-    - name: Delete docker network(s)
-      docker_network:
-        name: "{{ item }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        state: absent
-      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
diff --git a/molecule/stack/molecule.yml b/molecule/stack/molecule.yml
deleted file mode 100644
index 6a54a846..00000000
--- a/molecule/stack/molecule.yml
+++ /dev/null
@@ -1,69 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  enabled: false
-platforms:
-  - name: bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 2048m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-#  - name: trusty
-#    image: ubuntu:trusty
-#    privileged: true
-#    memory_reservation: 2048m
-#    ulimits:
-#      - nofile:262144:262144
-#  - name: centos6
-#    image: centos:6
-#    privileged: true
-#    memory_reservation: 2048m
-#    ulimits:
-#      - nofile:262144:262144
-  - name: centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 2048m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
-provisioner:
-  name: ansible
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-scenario:
-  name: default
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    - idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
-    enabled: true
diff --git a/molecule/stack/playbook.yml b/molecule/stack/playbook.yml
deleted file mode 100644
index 242a3777..00000000
--- a/molecule/stack/playbook.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-
diff --git a/molecule/stack/prepare.yml b/molecule/stack/prepare.yml
deleted file mode 100644
index f3dc9aac..00000000
--- a/molecule/stack/prepare.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  gather_facts: true
-  tasks:
-
-    - name: "Install Python packages for Trusty to solve trust issues"
-      package:
-        name:
-          - python-setuptools
-          - python-pip
-        state: latest
-      register: wazuh_manager_trusty_packages_installed
-      until: wazuh_manager_trusty_packages_installed is succeeded
-      when:
-        - ansible_distribution == "Ubuntu"
-        - ansible_distribution_major_version | int == 14
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-
-    - name: "Install (RedHat) dependencies"
-      package:
-        name:
-          - initscripts
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-      when:
-        - ansible_os_family == 'RedHat'
diff --git a/molecule/stack/tests/test_default.py b/molecule/stack/tests/test_default.py
deleted file mode 100644
index c5e76d67..00000000
--- a/molecule/stack/tests/test_default.py
+++ /dev/null
@@ -1,80 +0,0 @@
-import os
-import pytest
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def get_wazuh_version():
-    """This return the version of Wazuh."""
-    return "3.9.5"
-
-
-def test_wazuh_packages_are_installed(host):
-    """Test if the main packages are installed."""
-    manager = host.package("wazuh-manager")
-    api = host.package("wazuh-api")
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'centos':
-        if host.system_info.release == "7":
-            assert manager.is_installed
-            assert manager.version.startswith(get_wazuh_version())
-            assert api.is_installed
-            assert api.version.startswith(get_wazuh_version())
-        elif host.system_info.release.startswith("6"):
-            assert manager.is_installed
-            assert manager.version.startswith(get_wazuh_version())
-    elif distribution == 'ubuntu':
-        assert manager.is_installed
-        assert manager.version.startswith(get_wazuh_version())
-
-
-def test_wazuh_services_are_running(host):
-    """Test if the services are enabled and running.
-
-    When assert commands are commented, this means that the service command has
-    a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
-    """
-    manager = host.service("wazuh-manager")
-    api = host.service("wazuh-api")
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'centos':
-        # assert manager.is_running
-        assert manager.is_enabled
-        # assert not api.is_running
-        assert not api.is_enabled
-    elif distribution == 'ubuntu':
-        # assert manager.is_running
-        assert manager.is_enabled
-        # assert api.is_running
-        assert api.is_enabled
-
-
-@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
-    ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
-    ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
-    ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
-    ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
-])
-def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
-    """Test if Wazuh related files exist and have proper owners and mode."""
-    wazuh_file_host = host.file(wazuh_file)
-
-    assert wazuh_file_host.user == wazuh_owner
-    assert wazuh_file_host.group == wazuh_group
-    assert wazuh_file_host.mode == wazuh_mode
-
-
-def test_open_ports(host):
-    """Test if the main port is open and the agent-auth is not open."""
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'ubuntu':
-        assert host.socket("tcp://0.0.0.0:1515").is_listening
-        assert host.socket("tcp://0.0.0.0:1514").is_listening
-    elif distribution == 'centos':
-        assert host.socket("tcp://127.0.0.1:1515").is_listening
-        assert host.socket("tcp://127.0.0.1:1514").is_listening

From 0e24c57fc617d918fb7ecb0b3390b19175c2639b Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 21 Aug 2019 15:12:57 +0200
Subject: [PATCH 261/714] fixed communications between containers

---
 Pipfile                             | 13 +++------
 molecule/default/create.yml         | 14 +++++-----
 molecule/default/molecule.yml       |  2 +-
 molecule/default/playbook.yml       |  1 +
 molecule/elasticsearch/molecule.yml | 27 ++++++++++---------
 molecule/elasticsearch/playbook.yml |  2 +-
 update-dnsmasq.sh                   | 41 +++++++++++++++++++++++++++++
 7 files changed, 68 insertions(+), 32 deletions(-)
 create mode 100644 update-dnsmasq.sh

diff --git a/Pipfile b/Pipfile
index 4a393c5a..e7b1b5c0 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,19 +14,12 @@ molecule = "==2.20.2"
 python_version = "2.7"
 
 [scripts]
-# Normal Case
-test ="molecule test"
+test ="molecule test --destroy=never"
 agent ="molecule test -s wazuh-agent"
-elasticsearch ="molecule test -s elasticsearch"
+elasticsearch ="molecule test -s elasticsearch  --destroy=never"
 filebeat ="molecule test -s filebeat"
 kibana ="molecule test -s kibana"
 
-# Do Not destroy the created containers afte the test execution ends.  
-test_still ="molecule test --destroy=never"
-agent_still ="molecule test -s wazuh-agent --destroy=never"
-elasticsearch_still ="molecule test -s elasticsearch --destroy=never"
-filebeat_still ="molecule test -s filebeat --destroy=never"
-kibana_still ="molecule test -s kibana --destroy=never"
-
 # Destroy all the existing containers ' Created by Molecule ' 
+destroy_elasticsearch ="molecule destroy -s elasticsearch"
 destroy ="molecule destroy"
diff --git a/molecule/default/create.yml b/molecule/default/create.yml
index 0fba5542..f69ab910 100644
--- a/molecule/default/create.yml
+++ b/molecule/default/create.yml
@@ -44,16 +44,15 @@
 
     - name: Create docker network(s)
       docker_network:
-        name: "{{ item }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
+        name: "new_network"
         state: present
-      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
+      
 
     - name: Create molecule instance(s)
       docker_container:
-        name: "manager"
+        name: "{{ item.name }}"
         docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        hostname: "manager"
+        hostname: "{{ item.name }}"
         image: "molecule_local/{{ item.image }}"
         state: started
         recreate: false
@@ -65,7 +64,8 @@
         exposed_ports: "{{ item.exposed_ports | default(omit) }}"
         published_ports: "{{ item.published_ports | default(omit) }}"
         ulimits: "{{ item.ulimits | default(omit) }}"
-        networks: "{{ item.networks | default(omit) }}"
+        networks: 
+          - name: "new_network"
         dns_servers: "{{ item.dns_servers | default(omit) }}"
       register: server
       with_items: "{{ molecule_yml.platforms }}"
@@ -78,4 +78,4 @@
       register: docker_jobs
       until: docker_jobs.finished
       retries: 300
-      with_items: "{{ server.results }}"
+      with_items: "{{ server.results }}"
\ No newline at end of file
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 67c54a5b..2e5dfa0d 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -7,7 +7,7 @@ lint:
   name: yamllint
   enabled: false
 platforms:
-  - name: bionic
+  - name: manager
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index 242a3777..f181f59a 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -3,4 +3,5 @@
   hosts: all
   roles:
     - role: wazuh/ansible-wazuh-manager
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
 
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index ebf47ccb..109e2f4f 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -9,13 +9,14 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  #- name: bionic
-  #  image: solita/ubuntu-systemd:bionic
-  #  command: /sbin/init
-  #  ulimits:
-  #    - nofile:262144:262144
-  #  privileged: true
-  #  memory_reservation: 2048m
+  - name: elasticsearch
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+    
   #- name: xenial
   #  image: solita/ubuntu-systemd:xenial
   #  privileged: true
@@ -35,12 +36,12 @@ platforms:
   #  memory_reservation: 2048m
   #  ulimits:
   #    - nofile:262144:262144
-  - name: centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 2048m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
+  #- name: centos7
+  #  image: milcom/centos7-systemd
+  #  memory_reservation: 2048m
+  #  privileged: true
+  #  ulimits:
+  #    - nofile:262144:262144
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
index f6bf45f9..75be4f34 100644
--- a/molecule/elasticsearch/playbook.yml
+++ b/molecule/elasticsearch/playbook.yml
@@ -3,4 +3,4 @@
   hosts: all
   roles:
     - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'localhost'
+      elasticsearch_network_host: 'elasticsearch'
diff --git a/update-dnsmasq.sh b/update-dnsmasq.sh
new file mode 100644
index 00000000..d4bee8a1
--- /dev/null
+++ b/update-dnsmasq.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# 10 seconds interval time by default
+INTERVAL=${INTERVAL:-10}
+
+# dnsmasq config directory
+DNSMASQ_CONFIG=${DNSMASQ_CONFIG:-.}
+
+# commands used in this script
+DOCKER=${DOCKER:-docker}
+SLEEP=${SLEEP:-sleep}
+TAIL=${TAIL:-tail}
+
+declare -A service_map
+
+while true
+do
+    changed=false
+    while read line
+    do
+        name=${line##* }
+        ip=$(${DOCKER} inspect --format '{{.NetworkSettings.IPAddress}}' $name)
+        # if IP addr changed
+        if [ -z ${service_map[$name]} ] || [ ${service_map[$name]} != $ip ]
+        then
+            service_map[$name]=$ip
+            # write to file
+            echo $name has a new IP Address $ip >&2
+            echo "host-record=$name,$ip"  > "${DNSMASQ_CONFIG}/docker-$name"
+            changed=true
+        fi
+    done < <(${DOCKER} ps | ${TAIL} -n +2)
+
+    # a change of IP address occured, restart dnsmasq
+    if [ $changed = true ]
+    then
+        systemctl restart dnsmasq
+    fi
+
+    ${SLEEP} $INTERVAL
+done

From 40ab9eb9f2dfb7e77b91de3e705720fba23ad63d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 21 Aug 2019 16:27:15 +0200
Subject: [PATCH 262/714] adapted wazuh-agent test playbook and created run.sh

---
 molecule/default/create.yml       |  4 +--
 molecule/kibana/molecule.yml      | 26 +++++++++---------
 molecule/kibana/playbook.yml      |  1 +
 molecule/wazuh-agent/molecule.yml | 44 +++++++++++++++----------------
 molecule/wazuh-agent/playbook.yml | 30 ++++++++++-----------
 update-dnsmasq.sh                 | 41 ----------------------------
 6 files changed, 52 insertions(+), 94 deletions(-)
 delete mode 100644 update-dnsmasq.sh

diff --git a/molecule/default/create.yml b/molecule/default/create.yml
index f69ab910..09e1a232 100644
--- a/molecule/default/create.yml
+++ b/molecule/default/create.yml
@@ -44,7 +44,7 @@
 
     - name: Create docker network(s)
       docker_network:
-        name: "new_network"
+        name: "main"
         state: present
       
 
@@ -65,7 +65,7 @@
         published_ports: "{{ item.published_ports | default(omit) }}"
         ulimits: "{{ item.ulimits | default(omit) }}"
         networks: 
-          - name: "new_network"
+          - name: "main"
         dns_servers: "{{ item.dns_servers | default(omit) }}"
       register: server
       with_items: "{{ molecule_yml.platforms }}"
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 20ea5e07..5067e088 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -16,13 +16,13 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 1024m
-  - name: xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
+#  - name: xenial
+#    image: solita/ubuntu-systemd:xenial
+#    privileged: true
+#    memory_reservation: 1024m
+#    command: /sbin/init
+#    ulimits:
+#      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    memory_reservation: 1024m
@@ -34,12 +34,12 @@ platforms:
 #    memory_reservation: 1024m
 #    ulimits:
 #      - nofile:262144:262144
-  - name: centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 1024m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
+#  - name: centos7
+#    image: milcom/centos7-systemd
+#    memory_reservation: 1024m
+#    privileged: true
+#    ulimits:
+#      - nofile:262144:262144
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
index 6deac809..c7d3acf8 100644
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@@ -4,4 +4,5 @@
   roles:
   
     - role: elastic-stack/ansible-kibana
+      elasticsearch_network_host: 'elasticsearch'
     
\ No newline at end of file
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
index 953fbb09..5c1082cf 100644
--- a/molecule/wazuh-agent/molecule.yml
+++ b/molecule/wazuh-agent/molecule.yml
@@ -11,27 +11,27 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: wazuh_server_centos7
-    image: milcom/centos7-systemd
-    networks:
-      - name: wazuh
-    privileged: true
-    groups:
-      - manager
+  #- name: wazuh_server_centos7
+  #  image: milcom/centos7-systemd
+  #  networks:
+  #    - name: wazuh
+  #  privileged: true
+  #  groups:
+  #    - manager
   - name: wazuh_agent_bionic
     image: ubuntu:bionic
     networks:
       - name: wazuh
     groups:
       - agent
-  - name: wazuh_agent_xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    command: /sbin/init
-    networks:
-      - name: wazuh
-    groups:
-      - agent
+  #- name: wazuh_agent_xenial
+  #  image: solita/ubuntu-systemd:xenial
+  #  privileged: true
+  #  command: /sbin/init
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
   #- name: wazuh_agent_trusty
   #  image: ubuntu:trusty
   #  networks:
@@ -44,13 +44,13 @@ platforms:
   #    - name: wazuh
   #  groups:
   #    - agent
-  - name: wazuh_agent_centos7
-    image: milcom/centos7-systemd
-    privileged: true
-    networks:
-      - name: wazuh
-    groups:
-      - agent
+  #- name: wazuh_agent_centos7
+  #  image: milcom/centos7-systemd
+  #  privileged: true
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
 provisioner:
   name: ansible
   playbooks:
diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml
index 5b869569..09413204 100644
--- a/molecule/wazuh-agent/playbook.yml
+++ b/molecule/wazuh-agent/playbook.yml
@@ -1,20 +1,18 @@
 ---
 - name: Converge
-  hosts: agent
-  pre_tasks:
-    - name: "Get ip Wazuh Manager"
-      shell: |
-        set -o pipefail
-        grep $(hostname) /etc/hosts | awk '{print $1}' | sort | head -n 2 | tail -n 1
-      register: wazuh_manager_ip_stdout
-      changed_when: false
-      delegate_to: wazuh_server_centos7
-      args:
-        executable: /bin/bash
-
-    - name: "Set fact for ip address"
-      set_fact:
-        wazuh_manager_ip: "{{ wazuh_manager_ip_stdout.stdout }}"
-
+  hosts: all
   roles:
     - role: wazuh/ansible-wazuh-agent
+  vars:
+    wazuh_managers:
+      - address: 'manager'
+        port: 1514
+        protocol: tcp
+        api_port: 55000
+        api_proto: 'http'
+        api_user: ansible
+    wazuh_agent_authd:
+      enable: true
+      port: 1515
+      ssl_agent_ca: null
+      ssl_auto_negotiate: 'no'    
diff --git a/update-dnsmasq.sh b/update-dnsmasq.sh
deleted file mode 100644
index d4bee8a1..00000000
--- a/update-dnsmasq.sh
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/bin/bash
-
-# 10 seconds interval time by default
-INTERVAL=${INTERVAL:-10}
-
-# dnsmasq config directory
-DNSMASQ_CONFIG=${DNSMASQ_CONFIG:-.}
-
-# commands used in this script
-DOCKER=${DOCKER:-docker}
-SLEEP=${SLEEP:-sleep}
-TAIL=${TAIL:-tail}
-
-declare -A service_map
-
-while true
-do
-    changed=false
-    while read line
-    do
-        name=${line##* }
-        ip=$(${DOCKER} inspect --format '{{.NetworkSettings.IPAddress}}' $name)
-        # if IP addr changed
-        if [ -z ${service_map[$name]} ] || [ ${service_map[$name]} != $ip ]
-        then
-            service_map[$name]=$ip
-            # write to file
-            echo $name has a new IP Address $ip >&2
-            echo "host-record=$name,$ip"  > "${DNSMASQ_CONFIG}/docker-$name"
-            changed=true
-        fi
-    done < <(${DOCKER} ps | ${TAIL} -n +2)
-
-    # a change of IP address occured, restart dnsmasq
-    if [ $changed = true ]
-    then
-        systemctl restart dnsmasq
-    fi
-
-    ${SLEEP} $INTERVAL
-done

From 65c9785bb54c93964b73f183722ffda7c5352f34 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 21 Aug 2019 17:07:44 +0200
Subject: [PATCH 263/714] deleted filebeat test

---
 molecule/default/create.yml             |  4 +++
 molecule/default/tests/test_default.py  |  6 ++++
 molecule/filebeat/Dockerfile.j2         | 14 --------
 molecule/filebeat/INSTALL.rst           | 22 ------------
 molecule/filebeat/molecule.yml          | 45 -------------------------
 molecule/filebeat/playbook.yml          |  5 ---
 molecule/filebeat/prepare.yml           | 37 --------------------
 molecule/filebeat/tests/test_default.py | 13 -------
 molecule/kibana/playbook.yml            |  4 +--
 run_none_cluster.sh                     |  6 ++++
 10 files changed, 17 insertions(+), 139 deletions(-)
 delete mode 100644 molecule/filebeat/Dockerfile.j2
 delete mode 100644 molecule/filebeat/INSTALL.rst
 delete mode 100644 molecule/filebeat/molecule.yml
 delete mode 100644 molecule/filebeat/playbook.yml
 delete mode 100644 molecule/filebeat/prepare.yml
 delete mode 100644 molecule/filebeat/tests/test_default.py
 create mode 100644 run_none_cluster.sh

diff --git a/molecule/default/create.yml b/molecule/default/create.yml
index 09e1a232..0b25ec81 100644
--- a/molecule/default/create.yml
+++ b/molecule/default/create.yml
@@ -47,6 +47,10 @@
         name: "main"
         state: present
       
+    - name: Sleep 5 seconds till the network gets created if it's not
+        # Pause for 5 minutes to build app cache.
+      pause:
+        seconds: 10
 
     - name: Create molecule instance(s)
       docker_container:
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index c5e76d67..becf02f7 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -78,3 +78,9 @@ def test_open_ports(host):
     elif distribution == 'centos':
         assert host.socket("tcp://127.0.0.1:1515").is_listening
         assert host.socket("tcp://127.0.0.1:1514").is_listening
+
+def test_filebeat_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    filebeat = host.package("filebeat")
+    assert filebeat.is_installed
+    assert filebeat.version.startswith('7.2.1')
\ No newline at end of file
diff --git a/molecule/filebeat/Dockerfile.j2 b/molecule/filebeat/Dockerfile.j2
deleted file mode 100644
index e6aa95d3..00000000
--- a/molecule/filebeat/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/filebeat/INSTALL.rst b/molecule/filebeat/INSTALL.rst
deleted file mode 100644
index 6a44bde9..00000000
--- a/molecule/filebeat/INSTALL.rst
+++ /dev/null
@@ -1,22 +0,0 @@
-*******
-Docker driver installation guide
-*******
-
-Requirements
-============
-
-* Docker Engine
-
-Install
-=======
-
-Please refer to the `Virtual environment`_ documentation for installation best
-practices. If not using a virtual environment, please consider passing the
-widely recommended `'--user' flag`_ when invoking ``pip``.
-
-.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
-.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
-
-.. code-block:: bash
-
-    $ pip install 'molecule[docker]'
diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml
deleted file mode 100644
index c111b06e..00000000
--- a/molecule/filebeat/molecule.yml
+++ /dev/null
@@ -1,45 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-platforms:
- # - name: trusty
- #   image: ubuntu:trusty
- #- name: bionic
- #  image: solita/ubuntu-systemd:bionic
- #  command: /sbin/init
- #  privileged: true
- #- name: xenial
- #  image: solita/ubuntu-systemd:xenial
- #  privileged: true
- #  command: /sbin/init
- #- name: centos6
- #  image: geerlingguy/docker-centos6-ansible
- #  privileged: true
- #  command: /sbin/init
- #  volumes:
- #    - /sys/fs/cgroup:/sys/fs/cgroup:ro
-  - name: centos7
-    image: milcom/centos7-systemd
-    privileged: true
-provisioner:
-  name: ansible
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/filebeat/playbook.yml b/molecule/filebeat/playbook.yml
deleted file mode 100644
index 3ff917f6..00000000
--- a/molecule/filebeat/playbook.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-filebeat
diff --git a/molecule/filebeat/prepare.yml b/molecule/filebeat/prepare.yml
deleted file mode 100644
index 49325b85..00000000
--- a/molecule/filebeat/prepare.yml
+++ /dev/null
@@ -1,37 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  gather_facts: true
-  tasks:
-
-    - name: "Install Python packages for Trusty to solve trust issues"
-      package:
-        name:
-          - python-apt
-          - python-setuptools
-          - python-pip
-        state: latest
-      register: wazuh_manager_trusty_packages_installed
-      until: wazuh_manager_trusty_packages_installed is succeeded
-      when:
-        - ansible_distribution == "Ubuntu"
-        - ansible_distribution_major_version | int == 14
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-
-    - name: "Install (RedHat) dependencies"
-      package:
-        name:
-          - initscripts
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-      when:
-        - ansible_os_family == 'RedHat'
diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py
deleted file mode 100644
index 02638b52..00000000
--- a/molecule/filebeat/tests/test_default.py
+++ /dev/null
@@ -1,13 +0,0 @@
-import os
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_filebeat_is_installed(host):
-    """Test if the elasticsearch package is installed."""
-    filebeat = host.package("filebeat")
-    assert filebeat.is_installed
-    assert filebeat.version.startswith('7.2.1')
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
index c7d3acf8..f560f96d 100644
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@@ -2,7 +2,5 @@
 - name: Converge
   hosts: all
   roles:
-  
     - role: elastic-stack/ansible-kibana
-      elasticsearch_network_host: 'elasticsearch'
-    
\ No newline at end of file
+      elasticsearch_network_host: 'elasticsearch'
\ No newline at end of file
diff --git a/run_none_cluster.sh b/run_none_cluster.sh
new file mode 100644
index 00000000..77cd0690
--- /dev/null
+++ b/run_none_cluster.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+sudo pipenv run elasticsearch
+sudo pipenv run test
+sudo pipenv run agent
+sudo pipenv run kibana
\ No newline at end of file

From defd2ab2f85e92ae0fca83d787690d742fc60d2a Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 22 Aug 2019 11:15:33 +0200
Subject: [PATCH 264/714] added a worker test

---
 Pipfile                                       |  6 +-
 molecule/default/molecule.yml                 |  2 +-
 molecule/default/tests/test_default.py        |  3 +-
 molecule/worker/Dockerfile.j2                 | 14 +++
 molecule/worker/molecule.yml                  | 60 +++++++++++++
 molecule/worker/playbook.yml                  | 11 +++
 molecule/worker/tests/test_default.py         | 87 +++++++++++++++++++
 .../ansible-wazuh-manager/defaults/main.yml   |  4 +-
 run_cluster_mode.sh                           |  5 ++
 9 files changed, 184 insertions(+), 8 deletions(-)
 create mode 100644 molecule/worker/Dockerfile.j2
 create mode 100644 molecule/worker/molecule.yml
 create mode 100644 molecule/worker/playbook.yml
 create mode 100644 molecule/worker/tests/test_default.py
 create mode 100644 run_cluster_mode.sh

diff --git a/Pipfile b/Pipfile
index e7b1b5c0..8aa7757a 100644
--- a/Pipfile
+++ b/Pipfile
@@ -15,10 +15,10 @@ python_version = "2.7"
 
 [scripts]
 test ="molecule test --destroy=never"
-agent ="molecule test -s wazuh-agent"
+worker ="molecule test -s worker --destroy=never"
+agent ="molecule test -s wazuh-agent --destroy=never"
 elasticsearch ="molecule test -s elasticsearch  --destroy=never"
-filebeat ="molecule test -s filebeat"
-kibana ="molecule test -s kibana"
+kibana ="molecule test -s kibana --destroy=never"
 
 # Destroy all the existing containers ' Created by Molecule ' 
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 2e5dfa0d..054acc00 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -57,7 +57,7 @@ scenario:
     - create
     - prepare
     - converge
-    - idempotence
+    #- idempotence
     - side_effect
     - verify
     - cleanup
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index becf02f7..278ce719 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -79,8 +79,9 @@ def test_open_ports(host):
         assert host.socket("tcp://127.0.0.1:1515").is_listening
         assert host.socket("tcp://127.0.0.1:1514").is_listening
 
+
 def test_filebeat_is_installed(host):
     """Test if the elasticsearch package is installed."""
     filebeat = host.package("filebeat")
     assert filebeat.is_installed
-    assert filebeat.version.startswith('7.2.1')
\ No newline at end of file
+    assert filebeat.version.startswith('7.2.1')
diff --git a/molecule/worker/Dockerfile.j2 b/molecule/worker/Dockerfile.j2
new file mode 100644
index 00000000..e6aa95d3
--- /dev/null
+++ b/molecule/worker/Dockerfile.j2
@@ -0,0 +1,14 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/worker/molecule.yml b/molecule/worker/molecule.yml
new file mode 100644
index 00000000..c82aacfc
--- /dev/null
+++ b/molecule/worker/molecule.yml
@@ -0,0 +1,60 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
+platforms:
+  - name: elasticsearch
+    image: solita/ubuntu-systemd:bionic
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+    
+  #- name: xenial
+  #  image: solita/ubuntu-systemd:xenial
+  #  privileged: true
+  #  memory_reservation: 2048m
+  #  command: /sbin/init
+  #  ulimits:
+  #    - nofile:262144:262144
+  #- name: trusty
+  #image: ubuntu:trusty
+  #privileged: true
+  #memory_reservation: 2048m
+  #ulimits:
+      #- nofile:262144:262144
+  #- name: centos6
+  #  image: centos:6
+  #  privileged: true
+  #  memory_reservation: 2048m
+  #  ulimits:
+  #    - nofile:262144:262144
+  #- name: centos7
+  #  image: milcom/centos7-systemd
+  #  memory_reservation: 2048m
+  #  privileged: true
+  #  ulimits:
+  #    - nofile:262144:262144
+provisioner:
+  name: ansible
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+      prepare: ../default/prepare.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/worker/playbook.yml b/molecule/worker/playbook.yml
new file mode 100644
index 00000000..6c9a6317
--- /dev/null
+++ b/molecule/worker/playbook.yml
@@ -0,0 +1,11 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - { role: wazuh/ansible-wazuh-manager,
+        wazuh_manager_config.cluster.disable: 'no',
+        wazuh_manager_config.cluster.name: 'worker-01',
+        wazuh_manager_config.cluster.node_type: 'worker'
+    }
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
+
diff --git a/molecule/worker/tests/test_default.py b/molecule/worker/tests/test_default.py
new file mode 100644
index 00000000..278ce719
--- /dev/null
+++ b/molecule/worker/tests/test_default.py
@@ -0,0 +1,87 @@
+import os
+import pytest
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def get_wazuh_version():
+    """This return the version of Wazuh."""
+    return "3.9.5"
+
+
+def test_wazuh_packages_are_installed(host):
+    """Test if the main packages are installed."""
+    manager = host.package("wazuh-manager")
+    api = host.package("wazuh-api")
+
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'centos':
+        if host.system_info.release == "7":
+            assert manager.is_installed
+            assert manager.version.startswith(get_wazuh_version())
+            assert api.is_installed
+            assert api.version.startswith(get_wazuh_version())
+        elif host.system_info.release.startswith("6"):
+            assert manager.is_installed
+            assert manager.version.startswith(get_wazuh_version())
+    elif distribution == 'ubuntu':
+        assert manager.is_installed
+        assert manager.version.startswith(get_wazuh_version())
+
+
+def test_wazuh_services_are_running(host):
+    """Test if the services are enabled and running.
+
+    When assert commands are commented, this means that the service command has
+    a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
+    """
+    manager = host.service("wazuh-manager")
+    api = host.service("wazuh-api")
+
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'centos':
+        # assert manager.is_running
+        assert manager.is_enabled
+        # assert not api.is_running
+        assert not api.is_enabled
+    elif distribution == 'ubuntu':
+        # assert manager.is_running
+        assert manager.is_enabled
+        # assert api.is_running
+        assert api.is_enabled
+
+
+@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
+    ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
+    ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
+    ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
+    ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
+])
+def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
+    """Test if Wazuh related files exist and have proper owners and mode."""
+    wazuh_file_host = host.file(wazuh_file)
+
+    assert wazuh_file_host.user == wazuh_owner
+    assert wazuh_file_host.group == wazuh_group
+    assert wazuh_file_host.mode == wazuh_mode
+
+
+def test_open_ports(host):
+    """Test if the main port is open and the agent-auth is not open."""
+    distribution = host.system_info.distribution.lower()
+    if distribution == 'ubuntu':
+        assert host.socket("tcp://0.0.0.0:1515").is_listening
+        assert host.socket("tcp://0.0.0.0:1514").is_listening
+    elif distribution == 'centos':
+        assert host.socket("tcp://127.0.0.1:1515").is_listening
+        assert host.socket("tcp://127.0.0.1:1514").is_listening
+
+
+def test_filebeat_is_installed(host):
+    """Test if the elasticsearch package is installed."""
+    filebeat = host.package("filebeat")
+    assert filebeat.is_installed
+    assert filebeat.version.startswith('7.2.1')
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 6041c64d..8c7c1f16 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -35,9 +35,7 @@ wazuh_manager_config:
     port: '1516'
     bind_addr: '0.0.0.0'
     nodes:
-      - '172.17.0.2'
-      - '172.17.0.3'
-      - '172.17.0.4'
+      - 'manager'
     hidden: 'no'
   connection:
     - type: 'secure'
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
new file mode 100644
index 00000000..e58f0702
--- /dev/null
+++ b/run_cluster_mode.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+#sudo pipenv run elasticsearch
+sudo pipenv run test
+sudo pipenv run worker
\ No newline at end of file

From 36d3cbee4a16d86c46165064ec572540679babe4 Mon Sep 17 00:00:00 2001
From: Apely <moodymob@gmail.com>
Date: Thu, 22 Aug 2019 12:33:45 +0200
Subject: [PATCH 265/714] Update var-ossec-etc-ossec-agent.conf.j2

Hi, it seems that ansible_os_family is too specific for syscheck. Ex: Debian strech ( ansible_os_family == Debian )
---
 .../templates/var-ossec-etc-ossec-agent.conf.j2               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 7d7e139d..fa8fa349 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -99,14 +99,14 @@
     {% endif %}
 
     <!-- Directories to check  (perform all possible verifications) -->
-    {% if wazuh_agent_config.syscheck.directories is defined and ansible_os_family == "Linux" %}
+    {% if wazuh_agent_config.syscheck.directories is defined and ansible_system == "Linux" %}
     {% for directory in wazuh_agent_config.syscheck.directories %}
     <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
     {% endfor %}
     {% endif %}
 
     <!-- Directories to check  (perform all possible verifications) -->
-    {% if wazuh_agent_config.syscheck.win_directories is defined and ansible_os_family == "Windows" %}
+    {% if wazuh_agent_config.syscheck.win_directories is defined and ansible_system == "Windows" %}
     {% for directory in wazuh_agent_config.syscheck.win_directories %}
     <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
     {% endfor %}

From 675e2c5c88b101bdb84c4d25f513a8434acbc7cd Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 22 Aug 2019 13:07:39 +0200
Subject: [PATCH 266/714] possible solution for ansible variables access and
 improving Pipefile

---
 Pipfile                       | 13 +++++++------
 Pipfile.template              | 26 ++++++++++++++++++++++++++
 molecule/default/playbook.yml |  4 +++-
 molecule/worker/molecule.yml  | 18 +++++++++++++++++-
 run_cluster_mode.sh           |  2 +-
 5 files changed, 54 insertions(+), 9 deletions(-)
 create mode 100644 Pipfile.template

diff --git a/Pipfile b/Pipfile
index 8aa7757a..34e238d1 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,12 +14,13 @@ molecule = "==2.20.2"
 python_version = "2.7"
 
 [scripts]
-test ="molecule test --destroy=never"
-worker ="molecule test -s worker --destroy=never"
-agent ="molecule test -s wazuh-agent --destroy=never"
-elasticsearch ="molecule test -s elasticsearch  --destroy=never"
-kibana ="molecule test -s kibana --destroy=never"
+test ="molecule test --destroy=never --platform _PLATFORM_"
+worker ="molecule test -s worker --destroy=never --platform _PLATFORM_"
+agent ="molecule test -s wazuh-agent --destroy=never --platform _PLATFORM_"
+elasticsearch ="molecule test -s elasticsearch  --destroy=never --platform _PLATFORM_"
+kibana ="molecule test -s kibana --destroy=never --platform _PLATFORM_"
 
-# Destroy all the existing containers ' Created by Molecule ' 
+# Destroy all the existing containers ' Molecule instances '
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
+destroy_worker ="molecule destroy -s worker"
 destroy ="molecule destroy"
diff --git a/Pipfile.template b/Pipfile.template
new file mode 100644
index 00000000..47567850
--- /dev/null
+++ b/Pipfile.template
@@ -0,0 +1,26 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+docker-py = "*"
+ansible = "==2.7.13"
+molecule = "==2.20.2"
+
+[dev-packages]
+
+[requires]
+python_version = "2.7"
+
+[scripts]
+test ="molecule test --destroy=never"
+worker ="molecule test -s worker --destroy=never"
+agent ="molecule test -s wazuh-agent --destroy=never"
+elasticsearch ="molecule test -s elasticsearch  --destroy=never"
+kibana ="molecule test -s kibana --destroy=never"
+
+# Destroy all the existing containers ' Created by Molecule '
+destroy_elasticsearch ="molecule destroy -s elasticsearch"
+destroy_worker ="molecule destroy -s worker"
+destroy ="molecule destroy"
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index f181f59a..c92eaf8f 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -2,6 +2,8 @@
 - name: Converge
   hosts: all
   roles:
-    - role: wazuh/ansible-wazuh-manager
+    - { role: wazuh/ansible-wazuh-manager,
+        wazuh_manager_config[cluster][disable]: 'no',
+    }
     - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
 
diff --git a/molecule/worker/molecule.yml b/molecule/worker/molecule.yml
index c82aacfc..11c1fefa 100644
--- a/molecule/worker/molecule.yml
+++ b/molecule/worker/molecule.yml
@@ -9,7 +9,7 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: elasticsearch
+  - name: worker
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
@@ -54,6 +54,22 @@ provisioner:
   lint:
     name: ansible-lint
     enabled: true
+scenario:
+  name: worker
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    #- idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
 verifier:
   name: testinfra
   lint:
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index e58f0702..8821f3e2 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
 
-#sudo pipenv run elasticsearch
+sudo pipenv run elasticsearch
 sudo pipenv run test
 sudo pipenv run worker
\ No newline at end of file

From e1b084c1a7175b930909eb9f9cada1188ecf80a7 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 22 Aug 2019 16:26:07 +0200
Subject: [PATCH 267/714] Adding hash_behaviour: merge in order not to override
 the default variables

---
 Pipfile                                       | 10 +++++-----
 Pipfile.template                              | 12 +++++------
 molecule/default/playbook.yml                 |  5 +----
 molecule/kibana/molecule.yml                  |  2 +-
 molecule/worker/molecule.yml                  |  3 +++
 molecule/worker/playbook.yml                  | 20 +++++++++++++------
 .../ansible-wazuh-manager/tasks/main.yml      |  7 +++++++
 run_none_cluster.sh                           | 13 +++++++++++-
 8 files changed, 49 insertions(+), 23 deletions(-)

diff --git a/Pipfile b/Pipfile
index 34e238d1..d878e0b6 100644
--- a/Pipfile
+++ b/Pipfile
@@ -14,11 +14,11 @@ molecule = "==2.20.2"
 python_version = "2.7"
 
 [scripts]
-test ="molecule test --destroy=never --platform _PLATFORM_"
-worker ="molecule test -s worker --destroy=never --platform _PLATFORM_"
-agent ="molecule test -s wazuh-agent --destroy=never --platform _PLATFORM_"
-elasticsearch ="molecule test -s elasticsearch  --destroy=never --platform _PLATFORM_"
-kibana ="molecule test -s kibana --destroy=never --platform _PLATFORM_"
+test ="molecule test --destroy=never"
+worker ="molecule test -s worker --destroy=never"
+agent ="molecule test -s wazuh-agent --destroy=never"
+elasticsearch ="molecule test -s elasticsearch  --destroy=never"
+kibana ="molecule test -s kibana --destroy=never"
 
 # Destroy all the existing containers ' Molecule instances '
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
diff --git a/Pipfile.template b/Pipfile.template
index 47567850..34e238d1 100644
--- a/Pipfile.template
+++ b/Pipfile.template
@@ -14,13 +14,13 @@ molecule = "==2.20.2"
 python_version = "2.7"
 
 [scripts]
-test ="molecule test --destroy=never"
-worker ="molecule test -s worker --destroy=never"
-agent ="molecule test -s wazuh-agent --destroy=never"
-elasticsearch ="molecule test -s elasticsearch  --destroy=never"
-kibana ="molecule test -s kibana --destroy=never"
+test ="molecule test --destroy=never --platform _PLATFORM_"
+worker ="molecule test -s worker --destroy=never --platform _PLATFORM_"
+agent ="molecule test -s wazuh-agent --destroy=never --platform _PLATFORM_"
+elasticsearch ="molecule test -s elasticsearch  --destroy=never --platform _PLATFORM_"
+kibana ="molecule test -s kibana --destroy=never --platform _PLATFORM_"
 
-# Destroy all the existing containers ' Created by Molecule '
+# Destroy all the existing containers ' Molecule instances '
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
 destroy_worker ="molecule destroy -s worker"
 destroy ="molecule destroy"
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index c92eaf8f..4bb7f5ef 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -2,8 +2,5 @@
 - name: Converge
   hosts: all
   roles:
-    - { role: wazuh/ansible-wazuh-manager,
-        wazuh_manager_config[cluster][disable]: 'no',
-    }
+    - { role: wazuh/ansible-wazuh-manager, wazuh_manager_config.cluster.disable: 'no' }
     - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
-
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 5067e088..57017523 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -9,7 +9,7 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: bionic
+  - name: kibana
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
diff --git a/molecule/worker/molecule.yml b/molecule/worker/molecule.yml
index 11c1fefa..c22b3497 100644
--- a/molecule/worker/molecule.yml
+++ b/molecule/worker/molecule.yml
@@ -44,6 +44,9 @@ platforms:
   #    - nofile:262144:262144
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
   playbooks:
     docker:
       create: ../default/create.yml
diff --git a/molecule/worker/playbook.yml b/molecule/worker/playbook.yml
index 6c9a6317..084419b1 100644
--- a/molecule/worker/playbook.yml
+++ b/molecule/worker/playbook.yml
@@ -2,10 +2,18 @@
 - name: Converge
   hosts: all
   roles:
-    - { role: wazuh/ansible-wazuh-manager,
-        wazuh_manager_config.cluster.disable: 'no',
-        wazuh_manager_config.cluster.name: 'worker-01',
-        wazuh_manager_config.cluster.node_type: 'worker'
-    }
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
+    - role: wazuh/ansible-wazuh-manager
+      vars:
+        wazuh_manager_config:
+            cluster:
+                disable: 'no'
+                name: 'wazuh'
+                node_name: 'worker-01'
+                node_type: 'worker'
+                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
+                port: '1516'
+                bind_addr: '0.0.0.0'
+                nodes:
+                - 'manager'
+                hidden: 'no'
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 1dac6f0f..1dfa58c2 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -1,4 +1,11 @@
 ---
+- debug:
+    msg: Cluster is disabled? => {{ wazuh_manager_config.cluster.disable }}
+
+- debug:
+    #msg: Cluster is disabled? => {{ wazuh_manager_config.cluster.disable }}
+    msg: .... => {{ wazuh_manager_config.openscap.disable | default('default_value') }}
+
 - import_tasks: "RedHat.yml"
   when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
 
diff --git a/run_none_cluster.sh b/run_none_cluster.sh
index 77cd0690..0bad5d84 100644
--- a/run_none_cluster.sh
+++ b/run_none_cluster.sh
@@ -1,6 +1,17 @@
 #!/bin/bash
 
+if [ -z "$1" ]
+then
+      echo "Platform not selected. Please select a platform. => Aborting"
+      exit
+else
+      cp Pipfile.template Pipfile
+      sed -i "s/_PLATFORM_/$1/g" Pipfile
+fi
+
 sudo pipenv run elasticsearch
 sudo pipenv run test
 sudo pipenv run agent
-sudo pipenv run kibana
\ No newline at end of file
+sudo pipenv run kibana
+
+cp Pipfile.template Pipfile
\ No newline at end of file

From 902658bd86bb4836e461369cc924bc44fa2d7085 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 22 Aug 2019 16:30:05 +0200
Subject: [PATCH 268/714] generalizing .. Adding hash_behaviour: merge in order
 not to override the default variables

---
 molecule/default/molecule.yml       | 3 +++
 molecule/elasticsearch/molecule.yml | 3 +++
 molecule/kibana/molecule.yml        | 3 +++
 molecule/wazuh-agent/molecule.yml   | 3 +++
 molecule/worker/playbook.yml        | 2 ++
 5 files changed, 14 insertions(+)

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 054acc00..3a707d0d 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -41,6 +41,9 @@ platforms:
 #      - nofile:262144:262144
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
   env:
     ANSIBLE_ROLES_PATH: ../../roles
   lint:
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 109e2f4f..1f2e4180 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -44,6 +44,9 @@ platforms:
   #    - nofile:262144:262144
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
   playbooks:
     docker:
       create: ../default/create.yml
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 57017523..ba9ceb26 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -42,6 +42,9 @@ platforms:
 #      - nofile:262144:262144
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
   playbooks:
     docker:
       create: ../default/create.yml
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
index 5c1082cf..a0b050b1 100644
--- a/molecule/wazuh-agent/molecule.yml
+++ b/molecule/wazuh-agent/molecule.yml
@@ -53,6 +53,9 @@ platforms:
   #    - agent
 provisioner:
   name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
   playbooks:
     docker:
       create: ../default/create.yml
diff --git a/molecule/worker/playbook.yml b/molecule/worker/playbook.yml
index 084419b1..7e256bbe 100644
--- a/molecule/worker/playbook.yml
+++ b/molecule/worker/playbook.yml
@@ -16,4 +16,6 @@
                 nodes:
                 - 'manager'
                 hidden: 'no'
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
+
 

From 38d954aeaa268dd3357078dfc518b3a854da4eed Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 22 Aug 2019 16:38:24 +0200
Subject: [PATCH 269/714] adding execution scenario for elasticsearch test

---
 molecule/default/playbook.yml       |  2 +-
 molecule/elasticsearch/molecule.yml | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index 4bb7f5ef..4b33eb26 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -3,4 +3,4 @@
   hosts: all
   roles:
     - { role: wazuh/ansible-wazuh-manager, wazuh_manager_config.cluster.disable: 'no' }
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
\ No newline at end of file
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 1f2e4180..564bf371 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -61,6 +61,22 @@ provisioner:
     group_vars:
       all:
         elasticsearch_jvm_xms: 512
+scenario:
+  name: elasticsearch
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    #- idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
 verifier:
   name: testinfra
   lint:

From 3249fd86edac74e161a496f5c624810d018a8921 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 22 Aug 2019 16:48:02 +0200
Subject: [PATCH 270/714] adapted testinfra tests for the worker

---
 Pipfile                               | 2 ++
 molecule/worker/tests/test_default.py | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Pipfile b/Pipfile
index d878e0b6..d4d826df 100644
--- a/Pipfile
+++ b/Pipfile
@@ -20,6 +20,8 @@ agent ="molecule test -s wazuh-agent --destroy=never"
 elasticsearch ="molecule test -s elasticsearch  --destroy=never"
 kibana ="molecule test -s kibana --destroy=never"
 
+verify_worker ="molecule verify -s worker"
+
 # Destroy all the existing containers ' Molecule instances '
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
 destroy_worker ="molecule destroy -s worker"
diff --git a/molecule/worker/tests/test_default.py b/molecule/worker/tests/test_default.py
index 278ce719..eef9fbcb 100644
--- a/molecule/worker/tests/test_default.py
+++ b/molecule/worker/tests/test_default.py
@@ -73,10 +73,10 @@ def test_open_ports(host):
     """Test if the main port is open and the agent-auth is not open."""
     distribution = host.system_info.distribution.lower()
     if distribution == 'ubuntu':
-        assert host.socket("tcp://0.0.0.0:1515").is_listening
+        assert host.socket("tcp://0.0.0.0:1516").is_listening
         assert host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
-        assert host.socket("tcp://127.0.0.1:1515").is_listening
+        assert host.socket("tcp://127.0.0.1:1516").is_listening
         assert host.socket("tcp://127.0.0.1:1514").is_listening
 
 

From 76029f99fd6993746e9d1c4b55bb0a2612e527f4 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 09:58:19 +0200
Subject: [PATCH 271/714] added vars to default/playbook.yml

---
 molecule/default/playbook.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index 4b33eb26..531d8b5f 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -2,5 +2,18 @@
 - name: Converge
   hosts: all
   roles:
-    - { role: wazuh/ansible-wazuh-manager, wazuh_manager_config.cluster.disable: 'no' }
+    - role: wazuh/ansible-wazuh-manager
+      vars:
+        wazuh_manager_config:
+            cluster:
+                disable: 'no'
+                name: 'wazuh'
+                node_name: 'manager'
+                node_type: 'master'
+                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
+                port: '1516'
+                bind_addr: '0.0.0.0'
+                nodes:
+                - 'manager'
+                hidden: 'no'
     - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
\ No newline at end of file

From adbf200142d72a8b14d9e251796118f6bcd29716 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 10:43:44 +0200
Subject: [PATCH 272/714] fixes for the managers tests and added more tasks in
 Pipfile

---
 Pipfile                                | 14 +++++++++++---
 molecule/default/tests/test_default.py |  2 ++
 molecule/worker/tests/test_default.py  |  2 --
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/Pipfile b/Pipfile
index d4d826df..2659fa8f 100644
--- a/Pipfile
+++ b/Pipfile
@@ -20,9 +20,17 @@ agent ="molecule test -s wazuh-agent --destroy=never"
 elasticsearch ="molecule test -s elasticsearch  --destroy=never"
 kibana ="molecule test -s kibana --destroy=never"
 
+# Verify ..
+verify ="molecule verify"
 verify_worker ="molecule verify -s worker"
+verify_agent ="molecule verify -s agent"
+verify_elasticsearch ="molecule verify -s elasticsearch"
+verify_kibana ="molecule verify -s kibana"
 
-# Destroy all the existing containers ' Molecule instances '
-destroy_elasticsearch ="molecule destroy -s elasticsearch"
-destroy_worker ="molecule destroy -s worker"
+# Destroy ..
 destroy ="molecule destroy"
+destroy_worker ="molecule destroy -s worker"
+destroy_agent ="molecule destroy -s agent"
+destroy_elasticsearch ="molecule destroy -s elasticsearch"
+destroy_kibana ="molecule destroy -s kibana"
+
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 278ce719..174a499f 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -73,9 +73,11 @@ def test_open_ports(host):
     """Test if the main port is open and the agent-auth is not open."""
     distribution = host.system_info.distribution.lower()
     if distribution == 'ubuntu':
+        assert host.socket("tcp://0.0.0.0:1516").is_listening
         assert host.socket("tcp://0.0.0.0:1515").is_listening
         assert host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
+        assert host.socket("tcp://0.0.0.0:1516").is_listening
         assert host.socket("tcp://127.0.0.1:1515").is_listening
         assert host.socket("tcp://127.0.0.1:1514").is_listening
 
diff --git a/molecule/worker/tests/test_default.py b/molecule/worker/tests/test_default.py
index eef9fbcb..8dc96bbf 100644
--- a/molecule/worker/tests/test_default.py
+++ b/molecule/worker/tests/test_default.py
@@ -73,10 +73,8 @@ def test_open_ports(host):
     """Test if the main port is open and the agent-auth is not open."""
     distribution = host.system_info.distribution.lower()
     if distribution == 'ubuntu':
-        assert host.socket("tcp://0.0.0.0:1516").is_listening
         assert host.socket("tcp://0.0.0.0:1514").is_listening
     elif distribution == 'centos':
-        assert host.socket("tcp://127.0.0.1:1516").is_listening
         assert host.socket("tcp://127.0.0.1:1514").is_listening
 
 

From 726a8962c5ab42c5af54d3588c04d47c90f92160 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 11:00:47 +0200
Subject: [PATCH 273/714] adapted kibana test

---
 molecule/default/playbook.yml                    | 4 ++--
 molecule/kibana/prepare.yml                      | 5 -----
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 1 -
 run_cluster_mode.sh                              | 3 ++-
 4 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index 531d8b5f..a492a035 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -14,6 +14,6 @@
                 port: '1516'
                 bind_addr: '0.0.0.0'
                 nodes:
-                - 'manager'
+                - 'manager_platofrm'
                 hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
\ No newline at end of file
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_platform:9200' }
\ No newline at end of file
diff --git a/molecule/kibana/prepare.yml b/molecule/kibana/prepare.yml
index 7e5ca29d..c5592219 100644
--- a/molecule/kibana/prepare.yml
+++ b/molecule/kibana/prepare.yml
@@ -34,8 +34,3 @@
       until: wazuh_manager_dependencies_packages_installed is succeeded
       when:
         - ansible_os_family == 'RedHat'
-
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-    - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'localhost'
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 1dfa58c2..b0b90d87 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -3,7 +3,6 @@
     msg: Cluster is disabled? => {{ wazuh_manager_config.cluster.disable }}
 
 - debug:
-    #msg: Cluster is disabled? => {{ wazuh_manager_config.cluster.disable }}
     msg: .... => {{ wazuh_manager_config.openscap.disable | default('default_value') }}
 
 - import_tasks: "RedHat.yml"
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index 8821f3e2..0933b9ee 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -2,4 +2,5 @@
 
 sudo pipenv run elasticsearch
 sudo pipenv run test
-sudo pipenv run worker
\ No newline at end of file
+sudo pipenv run worker
+sudo pipenv run kibana
\ No newline at end of file

From ce862efdcaac5efc7d39ae90c372b5b99ac67e2c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 11:28:14 +0200
Subject: [PATCH 274/714] made the platform selection dynamic

---
 Pipfile.template                       | 15 ++++++++++---
 molecule/default/molecule.yml          | 28 +++++++++++------------
 molecule/default/playbook.yml          |  4 ++--
 molecule/default/playbook.yml.template | 19 ++++++++++++++++
 molecule/elasticsearch/playbook.yml    |  2 +-
 molecule/kibana/molecule.yml           | 28 +++++++++++------------
 molecule/kibana/playbook.yml           |  2 +-
 molecule/wazuh-agent/playbook.yml      |  2 +-
 molecule/worker/molecule.yml           | 31 +++++++++++++-------------
 molecule/worker/playbook.yml           |  4 ++--
 molecule/worker/playbook.yml.template  | 21 +++++++++++++++++
 run_cluster_mode.sh                    | 19 +++++++++++++++-
 run_none_cluster.sh                    | 17 --------------
 13 files changed, 120 insertions(+), 72 deletions(-)
 create mode 100644 molecule/default/playbook.yml.template
 create mode 100644 molecule/worker/playbook.yml.template
 delete mode 100644 run_none_cluster.sh

diff --git a/Pipfile.template b/Pipfile.template
index 34e238d1..8cb94bdf 100644
--- a/Pipfile.template
+++ b/Pipfile.template
@@ -20,7 +20,16 @@ agent ="molecule test -s wazuh-agent --destroy=never --platform _PLATFORM_"
 elasticsearch ="molecule test -s elasticsearch  --destroy=never --platform _PLATFORM_"
 kibana ="molecule test -s kibana --destroy=never --platform _PLATFORM_"
 
-# Destroy all the existing containers ' Molecule instances '
-destroy_elasticsearch ="molecule destroy -s elasticsearch"
-destroy_worker ="molecule destroy -s worker"
+# Verify ..
+verify ="molecule verify"
+verify_worker ="molecule verify -s worker"
+verify_agent ="molecule verify -s agent"
+verify_elasticsearch ="molecule verify -s elasticsearch"
+verify_kibana ="molecule verify -s kibana"
+
+# Destroy ..
 destroy ="molecule destroy"
+destroy_worker ="molecule destroy -s worker"
+destroy_agent ="molecule destroy -s agent"
+destroy_elasticsearch ="molecule destroy -s elasticsearch"
+destroy_kibana ="molecule destroy -s kibana"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 3a707d0d..7fcb33da 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -7,20 +7,20 @@ lint:
   name: yamllint
   enabled: false
 platforms:
-  - name: manager
+  - name: manager_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-#  - name: xenial
-#    image: solita/ubuntu-systemd:xenial
-#    privileged: true
-#    memory_reservation: 2048m
-#    command: /sbin/init
-#    ulimits:
-#      - nofile:262144:262144
+  - name: manager_xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 2048m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    privileged: true
@@ -33,12 +33,12 @@ platforms:
 #    memory_reservation: 2048m
 #    ulimits:
 #      - nofile:262144:262144
-#  - name: centos7
-#    image: milcom/centos7-systemd
-#    memory_reservation: 2048m
-#    privileged: true
-#    ulimits:
-#      - nofile:262144:262144
+  - name: manager_centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 2048m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index a492a035..d4561c1b 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -14,6 +14,6 @@
                 port: '1516'
                 bind_addr: '0.0.0.0'
                 nodes:
-                - 'manager_platofrm'
+                - 'manager_bionic'
                 hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_platform:9200' }
\ No newline at end of file
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_bionic:9200' }
\ No newline at end of file
diff --git a/molecule/default/playbook.yml.template b/molecule/default/playbook.yml.template
new file mode 100644
index 00000000..f73659e9
--- /dev/null
+++ b/molecule/default/playbook.yml.template
@@ -0,0 +1,19 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+      vars:
+        wazuh_manager_config:
+            cluster:
+                disable: 'no'
+                name: 'wazuh'
+                node_name: 'manager'
+                node_type: 'master'
+                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
+                port: '1516'
+                bind_addr: '0.0.0.0'
+                nodes:
+                - 'manager_platform'
+                hidden: 'no'
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_platform:9200' }
\ No newline at end of file
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
index 75be4f34..0b2f9d5a 100644
--- a/molecule/elasticsearch/playbook.yml
+++ b/molecule/elasticsearch/playbook.yml
@@ -3,4 +3,4 @@
   hosts: all
   roles:
     - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'elasticsearch'
+      elasticsearch_network_host: 'elasticsearch_platform'
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index ba9ceb26..96c4ae6f 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -9,20 +9,20 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: kibana
+  - name: kibana_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 1024m
-#  - name: xenial
-#    image: solita/ubuntu-systemd:xenial
-#    privileged: true
-#    memory_reservation: 1024m
-#    command: /sbin/init
-#    ulimits:
-#      - nofile:262144:262144
+  - name: kibana_xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
 #  - name: trusty
 #    image: ubuntu:trusty
 #    memory_reservation: 1024m
@@ -34,12 +34,12 @@ platforms:
 #    memory_reservation: 1024m
 #    ulimits:
 #      - nofile:262144:262144
-#  - name: centos7
-#    image: milcom/centos7-systemd
-#    memory_reservation: 1024m
-#    privileged: true
-#    ulimits:
-#      - nofile:262144:262144
+  - name: kibana_centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 1024m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
index f560f96d..b166ac28 100644
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@@ -3,4 +3,4 @@
   hosts: all
   roles:
     - role: elastic-stack/ansible-kibana
-      elasticsearch_network_host: 'elasticsearch'
\ No newline at end of file
+      elasticsearch_network_host: 'elasticsearch_platform'
\ No newline at end of file
diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml
index 09413204..4feac0c2 100644
--- a/molecule/wazuh-agent/playbook.yml
+++ b/molecule/wazuh-agent/playbook.yml
@@ -5,7 +5,7 @@
     - role: wazuh/ansible-wazuh-agent
   vars:
     wazuh_managers:
-      - address: 'manager'
+      - address: 'manager_platform'
         port: 1514
         protocol: tcp
         api_port: 55000
diff --git a/molecule/worker/molecule.yml b/molecule/worker/molecule.yml
index c22b3497..894b9453 100644
--- a/molecule/worker/molecule.yml
+++ b/molecule/worker/molecule.yml
@@ -9,22 +9,21 @@ lint:
     config-data:
       ignore: .virtualenv
 platforms:
-  - name: worker
+  - name: worker_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-    
-  #- name: xenial
-  #  image: solita/ubuntu-systemd:xenial
-  #  privileged: true
-  #  memory_reservation: 2048m
-  #  command: /sbin/init
-  #  ulimits:
-  #    - nofile:262144:262144
-  #- name: trusty
+  - name: worker_xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 2048m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+  - name: trusty
   #image: ubuntu:trusty
   #privileged: true
   #memory_reservation: 2048m
@@ -36,12 +35,12 @@ platforms:
   #  memory_reservation: 2048m
   #  ulimits:
   #    - nofile:262144:262144
-  #- name: centos7
-  #  image: milcom/centos7-systemd
-  #  memory_reservation: 2048m
-  #  privileged: true
-  #  ulimits:
-  #    - nofile:262144:262144
+  - name: worker_centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 2048m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/worker/playbook.yml b/molecule/worker/playbook.yml
index 7e256bbe..a59f93f2 100644
--- a/molecule/worker/playbook.yml
+++ b/molecule/worker/playbook.yml
@@ -14,8 +14,8 @@
                 port: '1516'
                 bind_addr: '0.0.0.0'
                 nodes:
-                - 'manager'
+                - 'manager_bionic'
                 hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch:9200' }
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_bionic:9200' }
 
 
diff --git a/molecule/worker/playbook.yml.template b/molecule/worker/playbook.yml.template
new file mode 100644
index 00000000..45b12d1d
--- /dev/null
+++ b/molecule/worker/playbook.yml.template
@@ -0,0 +1,21 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: wazuh/ansible-wazuh-manager
+      vars:
+        wazuh_manager_config:
+            cluster:
+                disable: 'no'
+                name: 'wazuh'
+                node_name: 'worker-01'
+                node_type: 'worker'
+                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
+                port: '1516'
+                bind_addr: '0.0.0.0'
+                nodes:
+                - 'manager_platform'
+                hidden: 'no'
+    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_platform:9200' }
+
+
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index 0933b9ee..51e699be 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -1,6 +1,23 @@
 #!/bin/bash
 
+paths=( "molecule/default/" "molecule/worker/" "molecule/elasticsearch/" "molecule/kibana/" )
+
+if [ -z "$1" ]
+then
+      echo "Platform not selected. Please select a platform. => Aborting"
+      exit
+else
+      for i in "${paths[@]}"
+      do
+            cp "$i/playbook.yml.template" "$i/playbook.yml"
+            sed -i "s/platform/$1/g" "$i/playbook.yml"
+      done
+
+      cp Pipfile.template Pipfile
+      sed -i "s/_PLATFORM_/$1/g" Pipfile
+fi
+
 sudo pipenv run elasticsearch
 sudo pipenv run test
-sudo pipenv run worker
+sudo pipenv run agent
 sudo pipenv run kibana
\ No newline at end of file
diff --git a/run_none_cluster.sh b/run_none_cluster.sh
deleted file mode 100644
index 0bad5d84..00000000
--- a/run_none_cluster.sh
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/bash
-
-if [ -z "$1" ]
-then
-      echo "Platform not selected. Please select a platform. => Aborting"
-      exit
-else
-      cp Pipfile.template Pipfile
-      sed -i "s/_PLATFORM_/$1/g" Pipfile
-fi
-
-sudo pipenv run elasticsearch
-sudo pipenv run test
-sudo pipenv run agent
-sudo pipenv run kibana
-
-cp Pipfile.template Pipfile
\ No newline at end of file

From a837d8a18d94aae04c93a88349cadf58ce3194c8 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 11:29:31 +0200
Subject: [PATCH 275/714] made the platform selection dynamic

---
 run_cluster_mode.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index 51e699be..ba9e6af7 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -4,7 +4,8 @@ paths=( "molecule/default/" "molecule/worker/" "molecule/elasticsearch/" "molecu
 
 if [ -z "$1" ]
 then
-      echo "Platform not selected. Please select a platform. => Aborting"
+      echo "Platform not selected. Please select a platform of [bionuc, xenial or centos7]. => Aborting"
+      echo "Run Instruction: ./run_cluster_mode.sh <platform>"
       exit
 else
       for i in "${paths[@]}"

From 3de387b3584b146ad9d7b0c4bf5d5be18e0f0530 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 11:31:30 +0200
Subject: [PATCH 276/714] made the platform selection dynamic ..

---
 molecule/elasticsearch/playbook.yml.template | 6 ++++++
 molecule/kibana/playbook.yml.template        | 6 ++++++
 2 files changed, 12 insertions(+)
 create mode 100644 molecule/elasticsearch/playbook.yml.template
 create mode 100644 molecule/kibana/playbook.yml.template

diff --git a/molecule/elasticsearch/playbook.yml.template b/molecule/elasticsearch/playbook.yml.template
new file mode 100644
index 00000000..0b2f9d5a
--- /dev/null
+++ b/molecule/elasticsearch/playbook.yml.template
@@ -0,0 +1,6 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 'elasticsearch_platform'
diff --git a/molecule/kibana/playbook.yml.template b/molecule/kibana/playbook.yml.template
new file mode 100644
index 00000000..b166ac28
--- /dev/null
+++ b/molecule/kibana/playbook.yml.template
@@ -0,0 +1,6 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: elastic-stack/ansible-kibana
+      elasticsearch_network_host: 'elasticsearch_platform'
\ No newline at end of file

From f4e4ed472268a1804d3c30e09dcd115c63cb58a5 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 13:12:00 +0200
Subject: [PATCH 277/714] automated the selection of a platform - platform
 restriction

---
 Pipfile                                      |  1 -
 Pipfile.template                             | 35 --------
 molecule/default/molecule.yml                | 27 +-----
 molecule/default/molecule.yml.template       | 47 +++++++++++
 molecule/elasticsearch/molecule.yml          | 30 +------
 molecule/elasticsearch/molecule.yml.template | 57 +++++++++++++
 molecule/elasticsearch/playbook.yml          |  2 +-
 molecule/kibana/molecule.yml                 |  2 +-
 molecule/kibana/molecule.yml.template        | 64 ++++++++++++++
 molecule/kibana/playbook.yml                 |  2 +-
 molecule/wazuh-agent/molecule.yml.template   | 89 ++++++++++++++++++++
 molecule/wazuh-agent/playbook.yml.template   | 18 ++++
 molecule/worker/molecule.yml                 | 28 +-----
 molecule/worker/molecule.yml.template        | 54 ++++++++++++
 run_cluster_mode.sh                          | 30 +++++--
 15 files changed, 359 insertions(+), 127 deletions(-)
 delete mode 100644 Pipfile.template
 create mode 100644 molecule/default/molecule.yml.template
 create mode 100644 molecule/elasticsearch/molecule.yml.template
 create mode 100644 molecule/kibana/molecule.yml.template
 create mode 100644 molecule/wazuh-agent/molecule.yml.template
 create mode 100644 molecule/wazuh-agent/playbook.yml.template
 create mode 100644 molecule/worker/molecule.yml.template

diff --git a/Pipfile b/Pipfile
index 2659fa8f..6f709455 100644
--- a/Pipfile
+++ b/Pipfile
@@ -33,4 +33,3 @@ destroy_worker ="molecule destroy -s worker"
 destroy_agent ="molecule destroy -s agent"
 destroy_elasticsearch ="molecule destroy -s elasticsearch"
 destroy_kibana ="molecule destroy -s kibana"
-
diff --git a/Pipfile.template b/Pipfile.template
deleted file mode 100644
index 8cb94bdf..00000000
--- a/Pipfile.template
+++ /dev/null
@@ -1,35 +0,0 @@
-[[source]]
-url = "https://pypi.org/simple"
-verify_ssl = true
-name = "pypi"
-
-[packages]
-docker-py = "*"
-ansible = "==2.7.13"
-molecule = "==2.20.2"
-
-[dev-packages]
-
-[requires]
-python_version = "2.7"
-
-[scripts]
-test ="molecule test --destroy=never --platform _PLATFORM_"
-worker ="molecule test -s worker --destroy=never --platform _PLATFORM_"
-agent ="molecule test -s wazuh-agent --destroy=never --platform _PLATFORM_"
-elasticsearch ="molecule test -s elasticsearch  --destroy=never --platform _PLATFORM_"
-kibana ="molecule test -s kibana --destroy=never --platform _PLATFORM_"
-
-# Verify ..
-verify ="molecule verify"
-verify_worker ="molecule verify -s worker"
-verify_agent ="molecule verify -s agent"
-verify_elasticsearch ="molecule verify -s elasticsearch"
-verify_kibana ="molecule verify -s kibana"
-
-# Destroy ..
-destroy ="molecule destroy"
-destroy_worker ="molecule destroy -s worker"
-destroy_agent ="molecule destroy -s agent"
-destroy_elasticsearch ="molecule destroy -s elasticsearch"
-destroy_kibana ="molecule destroy -s kibana"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
index 7fcb33da..2561f1ac 100644
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -6,7 +6,7 @@ driver:
 lint:
   name: yamllint
   enabled: false
-platforms:
+bionics:
   - name: manager_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
@@ -14,31 +14,6 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-  - name: manager_xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 2048m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-#  - name: trusty
-#    image: ubuntu:trusty
-#    privileged: true
-#    memory_reservation: 2048m
-#    ulimits:
-#      - nofile:262144:262144
-#  - name: centos6
-#    image: centos:6
-#    privileged: true
-#    memory_reservation: 2048m
-#    ulimits:
-#      - nofile:262144:262144
-  - name: manager_centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 2048m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/default/molecule.yml.template b/molecule/default/molecule.yml.template
new file mode 100644
index 00000000..9e67505d
--- /dev/null
+++ b/molecule/default/molecule.yml.template
@@ -0,0 +1,47 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  enabled: false
+platforms:
+  - name: manager_platform_
+    image: imagename
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+scenario:
+  name: default
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    #- idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
+    enabled: true
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
index 564bf371..11d8902f 100644
--- a/molecule/elasticsearch/molecule.yml
+++ b/molecule/elasticsearch/molecule.yml
@@ -8,40 +8,14 @@ lint:
   options:
     config-data:
       ignore: .virtualenv
-platforms:
-  - name: elasticsearch
+bionics:
+  - name: elasticsearch_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
     ulimits:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-    
-  #- name: xenial
-  #  image: solita/ubuntu-systemd:xenial
-  #  privileged: true
-  #  memory_reservation: 2048m
-  #  command: /sbin/init
-  #  ulimits:
-  #    - nofile:262144:262144
-  #- name: trusty
-  #image: ubuntu:trusty
-  #privileged: true
-  #memory_reservation: 2048m
-  #ulimits:
-      #- nofile:262144:262144
-  #- name: centos6
-  #  image: centos:6
-  #  privileged: true
-  #  memory_reservation: 2048m
-  #  ulimits:
-  #    - nofile:262144:262144
-  #- name: centos7
-  #  image: milcom/centos7-systemd
-  #  memory_reservation: 2048m
-  #  privileged: true
-  #  ulimits:
-  #    - nofile:262144:262144
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/elasticsearch/molecule.yml.template b/molecule/elasticsearch/molecule.yml.template
new file mode 100644
index 00000000..abb9bcec
--- /dev/null
+++ b/molecule/elasticsearch/molecule.yml.template
@@ -0,0 +1,57 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
+platforms:
+  - name: elasticsearch_platform_
+    image: imagename
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+      prepare: ../default/prepare.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+  inventory:
+    group_vars:
+      all:
+        elasticsearch_jvm_xms: 512
+scenario:
+  name: elasticsearch
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    #- idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
index 0b2f9d5a..6b5c44f8 100644
--- a/molecule/elasticsearch/playbook.yml
+++ b/molecule/elasticsearch/playbook.yml
@@ -3,4 +3,4 @@
   hosts: all
   roles:
     - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'elasticsearch_platform'
+      elasticsearch_network_host: 'elasticsearch_bionic'
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
index 96c4ae6f..ecd11c49 100644
--- a/molecule/kibana/molecule.yml
+++ b/molecule/kibana/molecule.yml
@@ -8,7 +8,7 @@ lint:
   options:
     config-data:
       ignore: .virtualenv
-platforms:
+bionics:
   - name: kibana_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
diff --git a/molecule/kibana/molecule.yml.template b/molecule/kibana/molecule.yml.template
new file mode 100644
index 00000000..74dddec2
--- /dev/null
+++ b/molecule/kibana/molecule.yml.template
@@ -0,0 +1,64 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
+platforms:
+  - name: kibana_platform_
+    image: imagename
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 1024m
+  - name: kibana_xenial
+    image: solita/ubuntu-systemd:xenial
+    privileged: true
+    memory_reservation: 1024m
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+#  - name: trusty
+#    image: ubuntu:trusty
+#    memory_reservation: 1024m
+#    ulimits:
+#      - nofile:262144:262144
+#  - name: centos6
+#    image: centos:6
+#    privileged: true
+#    memory_reservation: 1024m
+#    ulimits:
+#      - nofile:262144:262144
+  - name: kibana_centos7
+    image: milcom/centos7-systemd
+    memory_reservation: 1024m
+    privileged: true
+    ulimits:
+      - nofile:262144:262144
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+  inventory:
+    group_vars:
+      all:
+        elasticsearch_jvm_xms: 256
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
index b166ac28..6af17723 100644
--- a/molecule/kibana/playbook.yml
+++ b/molecule/kibana/playbook.yml
@@ -3,4 +3,4 @@
   hosts: all
   roles:
     - role: elastic-stack/ansible-kibana
-      elasticsearch_network_host: 'elasticsearch_platform'
\ No newline at end of file
+      elasticsearch_network_host: 'elasticsearch_bionic'
\ No newline at end of file
diff --git a/molecule/wazuh-agent/molecule.yml.template b/molecule/wazuh-agent/molecule.yml.template
new file mode 100644
index 00000000..a0b050b1
--- /dev/null
+++ b/molecule/wazuh-agent/molecule.yml.template
@@ -0,0 +1,89 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+  #lint:
+  #  name: yamllint
+lint:
+  name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
+platforms:
+  #- name: wazuh_server_centos7
+  #  image: milcom/centos7-systemd
+  #  networks:
+  #    - name: wazuh
+  #  privileged: true
+  #  groups:
+  #    - manager
+  - name: wazuh_agent_bionic
+    image: ubuntu:bionic
+    networks:
+      - name: wazuh
+    groups:
+      - agent
+  #- name: wazuh_agent_xenial
+  #  image: solita/ubuntu-systemd:xenial
+  #  privileged: true
+  #  command: /sbin/init
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
+  #- name: wazuh_agent_trusty
+  #  image: ubuntu:trusty
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
+  #- name: wazuh_agent_centos6
+  #  image: centos:6
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
+  #- name: wazuh_agent_centos7
+  #  image: milcom/centos7-systemd
+  #  privileged: true
+  #  networks:
+  #    - name: wazuh
+  #  groups:
+  #    - agent
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  inventory:
+    group_vars:
+      agent:
+        api_pass: password
+        wazuh_managers:
+          - address: "{{ wazuh_manager_ip }}"
+            port: 1514
+            protocol: tcp
+            api_port: 55000
+            api_proto: 'http'
+            api_user: null
+        wazuh_agent_authd:
+          enable: true
+          port: 1515
+          ssl_agent_ca: null
+          ssl_agent_cert: null
+          ssl_agent_key: null
+          ssl_auto_negotiate: 'no'
+  lint:
+    name: ansible-lint
+    enabled: true
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/molecule/wazuh-agent/playbook.yml.template b/molecule/wazuh-agent/playbook.yml.template
new file mode 100644
index 00000000..4feac0c2
--- /dev/null
+++ b/molecule/wazuh-agent/playbook.yml.template
@@ -0,0 +1,18 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: wazuh/ansible-wazuh-agent
+  vars:
+    wazuh_managers:
+      - address: 'manager_platform'
+        port: 1514
+        protocol: tcp
+        api_port: 55000
+        api_proto: 'http'
+        api_user: ansible
+    wazuh_agent_authd:
+      enable: true
+      port: 1515
+      ssl_agent_ca: null
+      ssl_auto_negotiate: 'no'    
diff --git a/molecule/worker/molecule.yml b/molecule/worker/molecule.yml
index 894b9453..61c07c69 100644
--- a/molecule/worker/molecule.yml
+++ b/molecule/worker/molecule.yml
@@ -8,7 +8,7 @@ lint:
   options:
     config-data:
       ignore: .virtualenv
-platforms:
+bionics:
   - name: worker_bionic
     image: solita/ubuntu-systemd:bionic
     command: /sbin/init
@@ -16,31 +16,7 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-  - name: worker_xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 2048m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-  - name: trusty
-  #image: ubuntu:trusty
-  #privileged: true
-  #memory_reservation: 2048m
-  #ulimits:
-      #- nofile:262144:262144
-  #- name: centos6
-  #  image: centos:6
-  #  privileged: true
-  #  memory_reservation: 2048m
-  #  ulimits:
-  #    - nofile:262144:262144
-  - name: worker_centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 2048m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
+
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/worker/molecule.yml.template b/molecule/worker/molecule.yml.template
new file mode 100644
index 00000000..1b2bd85e
--- /dev/null
+++ b/molecule/worker/molecule.yml.template
@@ -0,0 +1,54 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  options:
+    config-data:
+      ignore: .virtualenv
+platforms:
+  - name: worker_platform_
+    image: imagename
+    command: /sbin/init
+    ulimits:
+      - nofile:262144:262144
+    privileged: true
+    memory_reservation: 2048m
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      hash_behaviour: merge
+  playbooks:
+    docker:
+      create: ../default/create.yml
+      destroy: ../default/destroy.yml
+      prepare: ../default/prepare.yml
+  env:
+    ANSIBLE_ROLES_PATH: ../../roles
+  lint:
+    name: ansible-lint
+    enabled: true
+scenario:
+  name: worker
+  test_sequence:
+    - lint
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    #- idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index ba9e6af7..4803542d 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -1,24 +1,38 @@
 #!/bin/bash
 
 paths=( "molecule/default/" "molecule/worker/" "molecule/elasticsearch/" "molecule/kibana/" )
+images=( "solita/ubuntu-systemd:bionic" "solita/ubuntu-systemd:xenial" "milcom/centos7-systemd" "ubuntu:trusty" "centos:6" )
+platform=( "bionic" "xenial" "centos7" "trusty" "centos6" )
 
-if [ -z "$1" ]
+echo "Please select an image. "
+
+select IMAGE in "${images[@]}";
+do
+     echo "You picked $IMAGE ($REPLY)"
+     break
+done
+
+index=$(($REPLY - 1))
+
+if [ -z "$IMAGE" ]
 then
       echo "Platform not selected. Please select a platform of [bionuc, xenial or centos7]. => Aborting"
       echo "Run Instruction: ./run_cluster_mode.sh <platform>"
       exit
 else
-      for i in "${paths[@]}"
-      do
+        for i in "${paths[@]}"
+        do
             cp "$i/playbook.yml.template" "$i/playbook.yml"
-            sed -i "s/platform/$1/g" "$i/playbook.yml"
-      done
+            sed -i "s/platform/${platform[$index]}/g" "$i/playbook.yml"
 
-      cp Pipfile.template Pipfile
-      sed -i "s/_PLATFORM_/$1/g" Pipfile
+            cp "$i/molecule.yml.template" "$i/molecule.yml"
+            sed -i "s|imagename|${images[$index]}|g" "$i/molecule.yml"
+            sed -i "s/platform_/${platform[$index]}/g" "$i/molecule.yml"    
+
+        done
 fi
 
 sudo pipenv run elasticsearch
 sudo pipenv run test
-sudo pipenv run agent
+sudo pipenv run worker
 sudo pipenv run kibana
\ No newline at end of file

From c54b0409550c7f55377c15190a8845cd8aa86439 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 15:13:32 +0200
Subject: [PATCH 278/714] done!

---
 molecule/default/molecule.yml         | 47 --------------------
 molecule/kibana/molecule.yml          | 64 ---------------------------
 molecule/kibana/molecule.yml.template | 24 ----------
 molecule/worker/molecule.yml          | 54 ----------------------
 molecule/worker/molecule.yml.template |  1 -
 run_cluster_mode.sh                   |  1 -
 6 files changed, 191 deletions(-)
 delete mode 100644 molecule/default/molecule.yml
 delete mode 100644 molecule/kibana/molecule.yml
 delete mode 100644 molecule/worker/molecule.yml

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
deleted file mode 100644
index 2561f1ac..00000000
--- a/molecule/default/molecule.yml
+++ /dev/null
@@ -1,47 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  enabled: false
-bionics:
-  - name: manager_bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-scenario:
-  name: default
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    #- idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
-    enabled: true
diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml
deleted file mode 100644
index ecd11c49..00000000
--- a/molecule/kibana/molecule.yml
+++ /dev/null
@@ -1,64 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-bionics:
-  - name: kibana_bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 1024m
-  - name: kibana_xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-#  - name: trusty
-#    image: ubuntu:trusty
-#    memory_reservation: 1024m
-#    ulimits:
-#      - nofile:262144:262144
-#  - name: centos6
-#    image: centos:6
-#    privileged: true
-#    memory_reservation: 1024m
-#    ulimits:
-#      - nofile:262144:262144
-  - name: kibana_centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 1024m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-  inventory:
-    group_vars:
-      all:
-        elasticsearch_jvm_xms: 256
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/kibana/molecule.yml.template b/molecule/kibana/molecule.yml.template
index 74dddec2..eec8f6e3 100644
--- a/molecule/kibana/molecule.yml.template
+++ b/molecule/kibana/molecule.yml.template
@@ -16,30 +16,6 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 1024m
-  - name: kibana_xenial
-    image: solita/ubuntu-systemd:xenial
-    privileged: true
-    memory_reservation: 1024m
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-#  - name: trusty
-#    image: ubuntu:trusty
-#    memory_reservation: 1024m
-#    ulimits:
-#      - nofile:262144:262144
-#  - name: centos6
-#    image: centos:6
-#    privileged: true
-#    memory_reservation: 1024m
-#    ulimits:
-#      - nofile:262144:262144
-  - name: kibana_centos7
-    image: milcom/centos7-systemd
-    memory_reservation: 1024m
-    privileged: true
-    ulimits:
-      - nofile:262144:262144
 provisioner:
   name: ansible
   config_options:
diff --git a/molecule/worker/molecule.yml b/molecule/worker/molecule.yml
deleted file mode 100644
index 61c07c69..00000000
--- a/molecule/worker/molecule.yml
+++ /dev/null
@@ -1,54 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-bionics:
-  - name: worker_bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-      prepare: ../default/prepare.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-scenario:
-  name: worker
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    #- idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/worker/molecule.yml.template b/molecule/worker/molecule.yml.template
index 1b2bd85e..2389d223 100644
--- a/molecule/worker/molecule.yml.template
+++ b/molecule/worker/molecule.yml.template
@@ -16,7 +16,6 @@ platforms:
       - nofile:262144:262144
     privileged: true
     memory_reservation: 2048m
-
 provisioner:
   name: ansible
   config_options:
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index 4803542d..6bb78777 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -17,7 +17,6 @@ index=$(($REPLY - 1))
 if [ -z "$IMAGE" ]
 then
       echo "Platform not selected. Please select a platform of [bionuc, xenial or centos7]. => Aborting"
-      echo "Run Instruction: ./run_cluster_mode.sh <platform>"
       exit
 else
         for i in "${paths[@]}"

From 53d96c18d39cd2a2a6017a977bf754c7ae209f3c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 15:19:21 +0200
Subject: [PATCH 279/714] deleted testing tasks

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index b0b90d87..1dac6f0f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -1,10 +1,4 @@
 ---
-- debug:
-    msg: Cluster is disabled? => {{ wazuh_manager_config.cluster.disable }}
-
-- debug:
-    msg: .... => {{ wazuh_manager_config.openscap.disable | default('default_value') }}
-
 - import_tasks: "RedHat.yml"
   when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
 

From 234271b4f634d45b03cb9d3fdaf51e06607a2dc4 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 23 Aug 2019 15:35:06 +0200
Subject: [PATCH 280/714] added destroy statements to Pipfile and uncommented
 idempotence

---
 molecule/default/molecule.yml.template       | 2 +-
 molecule/elasticsearch/molecule.yml.template | 2 +-
 molecule/worker/molecule.yml.template        | 2 +-
 run_cluster_mode.sh                          | 8 +++++++-
 4 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/molecule/default/molecule.yml.template b/molecule/default/molecule.yml.template
index 9e67505d..f46226c2 100644
--- a/molecule/default/molecule.yml.template
+++ b/molecule/default/molecule.yml.template
@@ -35,7 +35,7 @@ scenario:
     - create
     - prepare
     - converge
-    #- idempotence
+    - idempotence
     - side_effect
     - verify
     - cleanup
diff --git a/molecule/elasticsearch/molecule.yml.template b/molecule/elasticsearch/molecule.yml.template
index abb9bcec..baba140e 100644
--- a/molecule/elasticsearch/molecule.yml.template
+++ b/molecule/elasticsearch/molecule.yml.template
@@ -46,7 +46,7 @@ scenario:
     - create
     - prepare
     - converge
-    #- idempotence
+    - idempotence
     - side_effect
     - verify
     - cleanup
diff --git a/molecule/worker/molecule.yml.template b/molecule/worker/molecule.yml.template
index 2389d223..ecfe6469 100644
--- a/molecule/worker/molecule.yml.template
+++ b/molecule/worker/molecule.yml.template
@@ -42,7 +42,7 @@ scenario:
     - create
     - prepare
     - converge
-    #- idempotence
+    - idempotence
     - side_effect
     - verify
     - cleanup
diff --git a/run_cluster_mode.sh b/run_cluster_mode.sh
index 6bb78777..c1a0941d 100644
--- a/run_cluster_mode.sh
+++ b/run_cluster_mode.sh
@@ -34,4 +34,10 @@ fi
 sudo pipenv run elasticsearch
 sudo pipenv run test
 sudo pipenv run worker
-sudo pipenv run kibana
\ No newline at end of file
+sudo pipenv run kibana
+
+sudo pipenv run destroy
+sudo pipenv run destroy_worker
+sudo pipenv run destroy_elasticsearch
+sudo pipenv run destroy_kibana
+

From fdc2cdb3092f49d54ac680aadb4a2f5c0a7cb8cd Mon Sep 17 00:00:00 2001
From: Joey Wong <joey1a2b3c@gmail.com>
Date: Tue, 3 Sep 2019 14:06:30 -0600
Subject: [PATCH 281/714] Fix typo in var-ossec-etc-ossec-agent.conf.j2

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 7d7e139d..51078d17 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -42,7 +42,7 @@
   </logging>
 
   <active-response>
-    <disabled>{{ wazuh_agent_config.active_response.ar|default('no') }}</disabled>
+    <disabled>{{ wazuh_agent_config.active_response.disabled|default('no') }}</disabled>
     <ca_store>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}{% else %}{{ wazuh_agent_config.active_response.ca_store }}{% endif %}</ca_store>
     <ca_verification>{{ wazuh_agent_config.active_response.ca_verification }}</ca_verification>
   </active-response>

From 06a3f2712cdc61232715144af805616286bc60df Mon Sep 17 00:00:00 2001
From: Joey Wong <joey1a2b3c@gmail.com>
Date: Tue, 3 Sep 2019 14:19:31 -0600
Subject: [PATCH 282/714] Fix typo in var-ossec-etc-ossec-agent.conf.j2

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 51078d17..83e692dd 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -42,7 +42,7 @@
   </logging>
 
   <active-response>
-    <disabled>{{ wazuh_agent_config.active_response.disabled|default('no') }}</disabled>
+    <disabled>{{ wazuh_agent_config.active_response.ar_disabled|default('no') }}</disabled>
     <ca_store>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}{% else %}{{ wazuh_agent_config.active_response.ca_store }}{% endif %}</ca_store>
     <ca_verification>{{ wazuh_agent_config.active_response.ca_verification }}</ca_verification>
   </active-response>

From 4ce3a0e5d77f69ebe2b3afc73057794b2a8e71cd Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 5 Sep 2019 12:05:42 +0200
Subject: [PATCH 283/714] Fix conditionals for Amazon Linux in Manager and
 Filebeat

---
 roles/wazuh/ansible-filebeat/tasks/main.yml   |  4 ++--
 .../ansible-wazuh-manager/tasks/main.yml      | 24 +++++++++----------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index fbf8cfbf..d9dc11c2 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -10,7 +10,7 @@
   register: filebeat_installing_package
   until: filebeat_installing_package is succeeded
   when:
-    - ansible_distribution in ['CentOS','RedHat']
+    - ansible_distribution in ['CentOS','RedHat', 'Amazon']
   tags:
     - install
 
@@ -22,7 +22,7 @@
   register: filebeat_installing_package_debian
   until: filebeat_installing_package_debian is succeeded
   when:
-    - not (ansible_distribution in ['CentOS','RedHat'])
+    - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'])
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 30e5ec87..d63b8ec7 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -5,7 +5,7 @@
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
-- name: CentOS/RedHat | Install wazuh-manager, wazuh-api
+- name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
   package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }}
   with_items:
     - wazuh-manager
@@ -13,7 +13,7 @@
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-    - ansible_distribution in ['CentOS','RedHat']
+    - ansible_distribution in ['CentOS','RedHat', 'Amazon']
   tags:
     - init
 
@@ -28,13 +28,13 @@
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-  - not (ansible_distribution in ['CentOS','RedHat'])
+  - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'])
   tags: init
 
 - name: Install expect
   package: pkg=expect state={{ wazuh_manager_package_state }}
   when:
-    - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
+    - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6)
   tags: init
 
 - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
@@ -43,7 +43,7 @@
     regexp: 'echo -n "Starting Wazuh-manager: "'
     replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
   when:
-    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int == 6
+    - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6
     - wazuh_manager_config.cluster.disable != 'yes'
 
 - name: Install wazuh-manager and expect (EL5)
@@ -54,7 +54,7 @@
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-    - ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6
+    - ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
   tags:
     - init
 
@@ -203,7 +203,7 @@
 - name: Retrieving Wazuh-API User Credentials
   include_vars: wazuh_api_creds.yml
   when:
-    - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6)
+    - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6)
   tags:
     - config
 
@@ -281,7 +281,7 @@
   poll: 0
   when:
     - wazuh_manager_config.vuls.disable != 'yes'
-    - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle']
+    - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle', 'Amazon']
   tags:
     - init
 
@@ -322,7 +322,7 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon' and ansible_distribution_major_version|int < 6)
   tags:
     - config
 
@@ -378,7 +378,7 @@
   environment:
     LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
   when:
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon' and ansible_distribution_major_version|int < 6)
 
 - name: Ensure Wazuh Manager is started and enabled (EL5)
   service:
@@ -388,10 +388,10 @@
   tags:
     - config
   when:
-    - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 6
+    - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
 - import_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
+  when: ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
 
 - import_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"

From a15477300f803d1d1cc6b7bc44e24b6e29bbbcff Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 5 Sep 2019 15:57:02 +0200
Subject: [PATCH 284/714] Reload deamons to fix Kibana error on Amazon Linux 2

---
 .../elastic-stack/ansible-kibana/tasks/main.yml  | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index fe0c9365..e695ddec 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -93,7 +93,6 @@
     owner: root
     group: root
     mode: 0664
-  notify: restart kibana
   tags: configure
 
 - name: Checking Wazuh-APP version
@@ -124,21 +123,30 @@
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
-  notify: restart kibana
   become: yes
   become_user: kibana
   tags:
     - install
     - skip_ansible_lint
 
-- name: Ensure Kibana started and enabled
+- name: Reload systemd configuration
+  systemd:
+    daemon_reload: true
+
+- name: Restart Kibana
+  service:
+    name: kibana
+    enabled: true
+    state: restarted
+
+- name: Ensure Kibana is started 
   service:
     name: kibana
     enabled: true
     state: started
 
 - import_tasks: RMRedHat.yml
-  when: ansible_os_family == 'RedHat'
+  when: ansible_os_family == 'RedHat', 'Amazon'
 
 - import_tasks: RMDebian.yml
   when: ansible_os_family == 'Debian'

From ad0fde391e7b35c42c25a75456db76a3fa2108c2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 5 Sep 2019 15:59:03 +0200
Subject: [PATCH 285/714] Fix Kibana enabling task description

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index e695ddec..320c9b74 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -139,7 +139,7 @@
     enabled: true
     state: restarted
 
-- name: Ensure Kibana is started 
+- name: Ensure Kibana is started and enabled
   service:
     name: kibana
     enabled: true

From 9f84bfe15a2a99cd124c2b57d7256756522b58fa Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:03:03 +0200
Subject: [PATCH 286/714] Update Windows x86 and x64 path detection. Added fact
 for authd.

---
 .../ansible-wazuh-agent/tasks/Windows.yml     | 28 ++++++++-----------
 1 file changed, 11 insertions(+), 17 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 6a8a93ac..47568abb 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -4,25 +4,19 @@
     path: C:\Program Files (x86)
   register: check_path
 
-- name: "Set Win Path"
+- name: Windows | Set Win Path (x86)
   set_fact:
-    wazuh_agent_win_path: "{% wazuh_winagent_config.install_dir_x86 if check_path.stat.exists else wazuh_winagent_config.install_dir %}"
-
-- name: Windows | Get current installed version
-  win_shell: "{% if check_path.stat.exists %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
-  {{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe -h"
-  args:
-    removes: "{% if check_path.stat.exists %}{{ wazuh_winagent_config.install_dir_x86 }}{% else %}
-    {{ wazuh_winagent_config.install_dir }}{% endif %}ossec-agent.exe"
-  register: agent_version
-  failed_when: false
-  changed_when: false
-
-- name: Windows | Check Wazuh agent version installed
-  set_fact: correct_version=true
+    wazuh_agent_win_path: "{{ wazuh_winagent_config.install_dir_x86 }}"
+    wazuh_agent_win_auth_path: "{{ wazuh_winagent_config.auth_path_x86 }}"
   when:
-    - agent_version.stdout is defined
-    - wazuh_winagent_config.version in agent_version.stdout
+    - check_path.stat.exists 
+
+- name: Windows | Set Win Path (x64)
+  set_fact:
+    wazuh_agent_win_path: "{{ wazuh_winagent_config.install_dir }}"
+    wazuh_agent_win_auth_path: "{{ wazuh_winagent_config.auth_path_x86 }}"
+  when:
+    - not check_path.stat.exists
 
 - name: Windows | Downloading windows Wazuh agent installer
   win_get_url:

From ea69b7fc9b655ec109ae292d3255d348b775f1bf Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:04:45 +0200
Subject: [PATCH 287/714] Update Wazuh installation tasks. Added Product key to
 avoid reinstalling Agent

---
 .../ansible-wazuh-agent/tasks/Windows.yml     | 40 ++++++++++---------
 1 file changed, 21 insertions(+), 19 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 47568abb..d620f5da 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -18,34 +18,36 @@
   when:
     - not check_path.stat.exists
 
-- name: Windows | Downloading windows Wazuh agent installer
-  win_get_url:
-    dest: C:\wazuh-agent-installer.msi
-    url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
-  when:
-    - correct_version is not defined
-
-- name: Windows | Verify the downloaded Wazuh agent installer
+- name: Windows | Check if Wazuh installer is already downloaded
   win_stat:
-    path: C:\wazuh-agent-installer.msi
+    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+  register: wazuh_package_downloaded
+
+- name: Windows | Download Wazuh Agent package
+  win_get_url:
+    url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    dest: "{{ wazuh_winagent_config.download_dir }}"
+  when:
+    - not wazuh_package_downloaded.stat.exists
+
+- name: Windows | Verify the Wazuh Agent installer
+  win_stat:
+    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
     get_checksum: true
     checksum_algorithm: md5
-  register: installer_md5
-  when:
-    - correct_version is not defined
+  register: wazuh_agent_status
   failed_when:
-    - installer_md5.stat.checksum != wazuh_winagent_config.md5
+    - wazuh_agent_status.stat.checksum != wazuh_winagent_config.md5
 
-- name: Windows | Install Wazuh agent
+- name: Windows | Install Agent if not already installed
   win_package:
-    path: C:\wazuh-agent-installer.msi
-  when:
-    - correct_version is not defined
+    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    product_id: '{9903C258-FC1E-4886-B7DB-1535976EC1D5}'
+    state: present
 
 - name: Windows | Check if client.keys exists
-  win_stat: path="{{ wazuh_agent_win_path }}"
+  win_stat: path="{{ wazuh_agent_win_path }}client.keys"
   register: check_windows_key
-  notify: restart wazuh-agent windows
   tags:
     - config
 

From a52d5e540c2f97bc6d91f152b108c17480d404b6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:05:40 +0200
Subject: [PATCH 288/714] Modify registration task to use new fact
 "wazuh_agent_win_auth_path"

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index d620f5da..f42467d4 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -58,15 +58,12 @@
 
 - name: Windows | Register agent
   win_shell: >
-    {% if check_path.stat.exists %}{{ wazuh_winagent_config.auth_path_x86 }}{% else %}
-    {{ wazuh_winagent_config.auth_path }}{% endif %}
+    {{ wazuh_agent_win_auth_path }}
     -m {{ wazuh_managers.0.address }}
     -p {{ wazuh_agent_authd.port }}
     {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
-  args:
-    chdir: "{{ wazuh_agent_win_path }}"
   register: agent_auth_output
-  notify: restart wazuh-agent windows
+  notify: Windows | Restart Wazuh Agent
   when:
     - wazuh_agent_authd.enable
     - not check_windows_key.stat.exists or check_windows_key.stat.size == 0

From 1ad5763e00246f455bc80682f9749079eb4e921a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:06:42 +0200
Subject: [PATCH 289/714] Add verification for the wazuh directory path.

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index f42467d4..0640b8e8 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -71,6 +71,11 @@
   tags:
     - config
 
+- name: Windows | Check if ossec folder is accessible
+  win_file:
+    path: "{{ wazuh_agent_win_path }}"
+    state: directory
+
 - name: Windows | Installing agent configuration (ossec.conf)
   win_template:
     src: var-ossec-etc-ossec-agent.conf.j2

From be977fa9ac78c8965c2e4a305629d828254b291f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:07:03 +0200
Subject: [PATCH 290/714] Update task handler naming to a more explicit message

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 0640b8e8..b6d3af4a 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -77,10 +77,10 @@
     state: directory
 
 - name: Windows | Installing agent configuration (ossec.conf)
-  win_template:
+  template:
     src: var-ossec-etc-ossec-agent.conf.j2
     dest: "{{ wazuh_agent_win_path }}ossec.conf"
-  notify: restart wazuh-agent windows
+  notify: Windows | Restart Wazuh Agent
   tags:
     - config
 
@@ -88,11 +88,11 @@
   win_template:
     src: var-ossec-etc-local-internal-options.conf.j2
     dest: "{{ wazuh_agent_win_path }}local_internal_options.conf"
-  notify: restart wazuh-agent windows
+  notify: Windows | Restart Wazuh Agent
   tags:
     - config
 
 - name: Windows | Delete downloaded Wazuh agent installer file
   win_file:
-    path: C:\wazuh-agent-installer.msi
+    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
     state: absent

From 8f856eea7dfaf1b610247ed18088653ec9ad4e56 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:07:52 +0200
Subject: [PATCH 291/714] Updated default attributes for windows agent. Added
 register_key. Removed quotes from path

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 2b3f88a4..21f12684 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -20,14 +20,17 @@ wazuh_notify_time: '10'
 wazuh_time_reconnect: '60'
 wazuh_crypto_method: 'aes'
 wazuh_winagent_config:
-  install_dir: 'C:\Program Files\ossec-agent\'
-  install_dir_x86: 'C:\Program Files (x86)\ossec-agent\'
-  auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe
+  download_dir: C:\
+  install_dir: C:\Program Files\ossec-agent\
+  install_dir_x86: C:\Program Files (x86)\ossec-agent\
+  auth_path: C:\Program Files\ossec-agent\agent-auth.exe
+  # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   version: '3.9.5'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: c3fdbd6c121ca371b8abcd477ed4e8a4
+  md5: ee5b24216db472d291da4e14f0b3bc63
+  register_key: '{9903C258-FC1E-4886-B7DB-1535976EC1D5}'
 wazuh_agent_config:
   active_response:
     ar_disabled: 'no'

From d1246627ff128f093794ae26370b8eedccb362b8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:08:38 +0200
Subject: [PATCH 292/714] Update wazuh-agent windows handler for restarting

---
 roles/wazuh/ansible-wazuh-agent/handlers/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
index bb84954e..1858906b 100644
--- a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml
@@ -2,5 +2,5 @@
 - name: restart wazuh-agent
   service: name=wazuh-agent state=restarted enabled=yes
 
-- name: restart wazuh-agent windows
+- name: Windows | Restart Wazuh Agent
   win_service: name=OssecSvc start_mode=auto state=restarted

From 78ca9ff6168e63899db684af6c1548907ff2737a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:09:51 +0200
Subject: [PATCH 293/714] Remove hardcoding of wazuh-agent 'product_id'

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index b6d3af4a..49e7a38d 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -42,7 +42,7 @@
 - name: Windows | Install Agent if not already installed
   win_package:
     path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
-    product_id: '{9903C258-FC1E-4886-B7DB-1535976EC1D5}'
+    product_id: '{{ "{" }}{{ wazuh_winagent_config.register_key }}{{ "}" }}'
     state: present
 
 - name: Windows | Check if client.keys exists

From ded355809eace5a69d610b236eb19a543dc0cefb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 13:27:22 +0200
Subject: [PATCH 294/714] Remove brackets from "register_key" variable to fix
 the brackets problem in the installation task.

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 21f12684..c3da8e89 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_winagent_config:
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: ee5b24216db472d291da4e14f0b3bc63
-  register_key: '{9903C258-FC1E-4886-B7DB-1535976EC1D5}'
+  register_key: 9903C258-FC1E-4886-B7DB-1535976EC1D5
 wazuh_agent_config:
   active_response:
     ar_disabled: 'no'

From bb591ee466f7f18f1de2a3c49b9d138cda15eb85 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 17:13:33 +0200
Subject: [PATCH 295/714] Remove traling whitespace on line 12 to fix
 ansible-linting error.

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 49e7a38d..2d388748 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -9,7 +9,7 @@
     wazuh_agent_win_path: "{{ wazuh_winagent_config.install_dir_x86 }}"
     wazuh_agent_win_auth_path: "{{ wazuh_winagent_config.auth_path_x86 }}"
   when:
-    - check_path.stat.exists 
+    - check_path.stat.exists
 
 - name: Windows | Set Win Path (x64)
   set_fact:

From d3784b4727027c712c9b7332d8409d2d0ee375ad Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Sep 2019 17:14:10 +0200
Subject: [PATCH 296/714] Fix conditionals longer than 160 characters to pass
 linting tests.

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 8858d0be..a1afbb4c 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -322,7 +322,8 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon' and ansible_distribution_major_version|int < 6)
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon')
+    - ansible_distribution_major_version|int < 6
   tags:
     - config
 
@@ -378,7 +379,8 @@
   environment:
     LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
   when:
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon' and ansible_distribution_major_version|int < 6)
+    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon')
+    - ansible_distribution_major_version|int < 6
 
 - name: Ensure Wazuh Manager is started and enabled (EL5)
   service:

From 3911b8e0382300782ea8fe246f50d00ee8d3cdff Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 16 Sep 2019 18:08:53 +0200
Subject: [PATCH 297/714] Remove old Elastic alerts template.

---
 .../wazuh-elastic6-template-alerts.json.j2    | 621 ------------------
 1 file changed, 621 deletions(-)
 delete mode 100644 roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2
deleted file mode 100644
index 18dda52f..00000000
--- a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2
+++ /dev/null
@@ -1,621 +0,0 @@
-{
-  "order": 0,
-  "template": "wazuh-alerts-3.x-*",
-  "settings": {
-    "index.refresh_interval": "5s"
-  },
-  "mappings": {
-    "wazuh": {
-      "dynamic_templates": [
-        {
-          "string_as_keyword": {
-            "match_mapping_type": "string",
-            "mapping": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        }
-      ],
-      "properties": {
-        "@timestamp": {
-          "type": "date",
-          "format": "dateOptionalTime"
-        },
-        "@version": {
-          "type": "text"
-        },
-        "agent": {
-          "properties": {
-            "ip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "manager": {
-          "properties": {
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "cluster": {
-          "properties": {
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "AlertsFile": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "full_log": {
-          "type": "text"
-        },
-        "previous_log": {
-          "type": "text"
-        },
-        "GeoLocation": {
-          "properties": {
-            "area_code": {
-              "type": "long"
-            },
-            "city_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "continent_code": {
-              "type": "text"
-            },
-            "coordinates": {
-              "type": "double"
-            },
-            "country_code2": {
-              "type": "text"
-            },
-            "country_code3": {
-              "type": "text"
-            },
-            "country_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "dma_code": {
-              "type": "long"
-            },
-            "ip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "latitude": {
-              "type": "double"
-            },
-            "location": {
-              "type": "geo_point"
-            },
-            "longitude": {
-              "type": "double"
-            },
-            "postal_code": {
-              "type": "keyword"
-            },
-            "real_region_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "region_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "timezone": {
-              "type": "text"
-            }
-          }
-        },
-        "host": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "syscheck": {
-          "properties": {
-            "path": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "sha1_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "sha1_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uid_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uid_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gid_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gid_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "perm_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "perm_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "md5_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "md5_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gname_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gname_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "inode_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "inode_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "mtime_after": {
-              "type": "date",
-              "format": "dateOptionalTime",
-              "doc_values": "true"
-            },
-            "mtime_before": {
-              "type": "date",
-              "format": "dateOptionalTime",
-              "doc_values": "true"
-            },
-            "uname_after": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "uname_before": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "size_before": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "size_after": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "diff": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "event": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "location": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "message": {
-          "type": "text"
-        },
-        "offset": {
-          "type": "keyword"
-        },
-        "rule": {
-          "properties": {
-            "description": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "groups": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "level": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "cve": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "info": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "frequency": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "firedtimes": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "cis": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "pci_dss": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gdpr": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "gpg13": {
-              "type": "keyword",
-              "doc_values": "true"
-            }
-          }
-        },
-        "decoder": {
-          "properties": {
-            "parent": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "ftscomment": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "fts": {
-              "type": "long",
-              "doc_values": "true"
-            },
-            "accumulate": {
-              "type": "long",
-              "doc_values": "true"
-            }
-          }
-        },
-        "data": {
-          "properties": {
-            "protocol": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "action": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "srcip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "dstip": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "srcport": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "dstport": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "srcuser": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "dstuser": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "id": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "status": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "data": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "system_name": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "url": {
-              "type": "keyword",
-              "doc_values": "true"
-            },
-            "oscap": {
-              "properties": {
-                "check.title": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "check.id": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "check.result": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "check.severity": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "check.description": {
-                  "type": "text"
-                },
-                "check.rationale": {
-                  "type": "text"
-                },
-                "check.references": {
-                  "type": "text"
-                },
-                "check.identifiers": {
-                  "type": "text"
-                },
-                "check.oval.id": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "scan.id": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "scan.content": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "scan.benchmark.id": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "scan.profile.title": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "scan.profile.id": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "scan.score": {
-                  "type": "double",
-                  "doc_values": "true"
-                },
-                "scan.return_code": {
-                  "type": "long",
-                  "doc_values": "true"
-                }
-              }
-            },
-            "audit": {
-              "properties": {
-                "type": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "id": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "syscall": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "exit": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "ppid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "pid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "auid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "uid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "gid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "euid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "suid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "fsuid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "egid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "sgid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "fsgid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "tty": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "session": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "command": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "exe": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "key": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "cwd": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "directory.name": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "directory.inode": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "directory.mode": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "file.name": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "file.inode": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "file.mode": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "acct": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "dev": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "enforcing": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "list": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "old-auid": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "old-ses": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "old_enforcing": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "old_prom": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "op": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "prom": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "res": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "srcip": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "subj": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                },
-                "success": {
-                  "type": "keyword",
-                  "doc_values": "true"
-                }
-              }
-            }
-          }
-        },
-        "program_name": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "command": {
-          "type": "keyword",
-          "doc_values": "true"
-        },
-        "type": {
-          "type": "text"
-        },
-        "title": {
-          "type": "keyword",
-          "doc_values": "true"
-        }
-      }
-    }
-  }
-}

From fe23f2a97dc654dd6ce280fdf9fca872889e4500 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 16 Sep 2019 18:09:12 +0200
Subject: [PATCH 298/714] Update Elastic templates for Elasticsearch and
 Filebeat

---
 .../wazuh-elastic7-template-alerts.json.j2    | 1986 ++++++++--------
 .../templates/elasticsearch.yml.j2            | 1987 +++++++++--------
 2 files changed, 2207 insertions(+), 1766 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
index 836b2cb2..06af6322 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
@@ -1,25 +1,426 @@
 {
   "order": 0,
-  "index_patterns": ["wazuh-alerts-3.x-*"],
+  "index_patterns": [
+    "wazuh-alerts-3.x-*",
+    "wazuh-archives-3.x-*"
+  ],
   "settings": {
     "index.refresh_interval": "5s",
     "index.number_of_shards": "3",
     "index.number_of_replicas": "0",
     "index.auto_expand_replicas": "0-1",
-    "index.mapping.total_fields.limit": 2000
+    "index.mapping.total_fields.limit": 10000,
+    "index.query.default_field": [
+      "GeoLocation.city_name",
+      "GeoLocation.continent_code",
+      "GeoLocation.country_code2",
+      "GeoLocation.country_code3",
+      "GeoLocation.country_name",
+      "GeoLocation.ip",
+      "GeoLocation.postal_code",
+      "GeoLocation.real_region_name",
+      "GeoLocation.region_name",
+      "GeoLocation.timezone",
+      "agent.id",
+      "agent.ip",
+      "agent.name",
+      "cluster.name",
+      "cluster.node",
+      "command",
+      "data",
+      "data.action",
+      "data.audit",
+      "data.audit.acct",
+      "data.audit.arch",
+      "data.audit.auid",
+      "data.audit.command",
+      "data.audit.cwd",
+      "data.audit.dev",
+      "data.audit.directory.inode",
+      "data.audit.directory.mode",
+      "data.audit.directory.name",
+      "data.audit.egid",
+      "data.audit.enforcing",
+      "data.audit.euid",
+      "data.audit.exe",
+      "data.audit.execve.a0",
+      "data.audit.execve.a1",
+      "data.audit.execve.a2",
+      "data.audit.execve.a3",
+      "data.audit.exit",
+      "data.audit.file.inode",
+      "data.audit.file.mode",
+      "data.audit.file.name",
+      "data.audit.fsgid",
+      "data.audit.fsuid",
+      "data.audit.gid",
+      "data.audit.id",
+      "data.audit.key",
+      "data.audit.list",
+      "data.audit.old-auid",
+      "data.audit.old-ses",
+      "data.audit.old_enforcing",
+      "data.audit.old_prom",
+      "data.audit.op",
+      "data.audit.pid",
+      "data.audit.ppid",
+      "data.audit.prom",
+      "data.audit.res",
+      "data.audit.session",
+      "data.audit.sgid",
+      "data.audit.srcip",
+      "data.audit.subj",
+      "data.audit.success",
+      "data.audit.suid",
+      "data.audit.syscall",
+      "data.audit.tty",
+      "data.audit.uid",
+      "data.aws.accountId",
+      "data.aws.account_id",
+      "data.aws.action",
+      "data.aws.actor",
+      "data.aws.aws_account_id",
+      "data.aws.description",
+      "data.aws.dstport",
+      "data.aws.errorCode",
+      "data.aws.errorMessage",
+      "data.aws.eventID",
+      "data.aws.eventName",
+      "data.aws.eventSource",
+      "data.aws.eventType",
+      "data.aws.id",
+      "data.aws.name",
+      "data.aws.requestParameters.accessKeyId",
+      "data.aws.requestParameters.bucketName",
+      "data.aws.requestParameters.gatewayId",
+      "data.aws.requestParameters.groupDescription",
+      "data.aws.requestParameters.groupId",
+      "data.aws.requestParameters.groupName",
+      "data.aws.requestParameters.host",
+      "data.aws.requestParameters.hostedZoneId",
+      "data.aws.requestParameters.instanceId",
+      "data.aws.requestParameters.instanceProfileName",
+      "data.aws.requestParameters.loadBalancerName",
+      "data.aws.requestParameters.loadBalancerPorts",
+      "data.aws.requestParameters.masterUserPassword",
+      "data.aws.requestParameters.masterUsername",
+      "data.aws.requestParameters.name",
+      "data.aws.requestParameters.natGatewayId",
+      "data.aws.requestParameters.networkAclId",
+      "data.aws.requestParameters.path",
+      "data.aws.requestParameters.policyName",
+      "data.aws.requestParameters.port",
+      "data.aws.requestParameters.stackId",
+      "data.aws.requestParameters.stackName",
+      "data.aws.requestParameters.subnetId",
+      "data.aws.requestParameters.subnetIds",
+      "data.aws.requestParameters.volumeId",
+      "data.aws.requestParameters.vpcId",
+      "data.aws.resource.accessKeyDetails.accessKeyId",
+      "data.aws.resource.accessKeyDetails.principalId",
+      "data.aws.resource.accessKeyDetails.userName",
+      "data.aws.resource.instanceDetails.instanceId",
+      "data.aws.resource.instanceDetails.instanceState",
+      "data.aws.resource.instanceDetails.networkInterfaces.privateDnsName",
+      "data.aws.resource.instanceDetails.networkInterfaces.publicDnsName",
+      "data.aws.resource.instanceDetails.networkInterfaces.subnetId",
+      "data.aws.resource.instanceDetails.networkInterfaces.vpcId",
+      "data.aws.resource.instanceDetails.tags.value",
+      "data.aws.responseElements.AssociateVpcCidrBlockResponse.vpcId",
+      "data.aws.responseElements.description",
+      "data.aws.responseElements.instanceId",
+      "data.aws.responseElements.instances.instanceId",
+      "data.aws.responseElements.instancesSet.items.instanceId",
+      "data.aws.responseElements.listeners.port",
+      "data.aws.responseElements.loadBalancerName",
+      "data.aws.responseElements.loadBalancers.vpcId",
+      "data.aws.responseElements.loginProfile.userName",
+      "data.aws.responseElements.networkAcl.vpcId",
+      "data.aws.responseElements.ownerId",
+      "data.aws.responseElements.publicIp",
+      "data.aws.responseElements.user.userId",
+      "data.aws.responseElements.user.userName",
+      "data.aws.responseElements.volumeId",
+      "data.aws.service.serviceName",
+      "data.aws.severity",
+      "data.aws.source",
+      "data.aws.sourceIPAddress",
+      "data.aws.srcport",
+      "data.aws.userIdentity.accessKeyId",
+      "data.aws.userIdentity.accountId",
+      "data.aws.userIdentity.userName",
+      "data.aws.vpcEndpointId",
+      "data.command",
+      "data.data",
+      "data.docker.Actor.Attributes.container",
+      "data.docker.Actor.Attributes.image",
+      "data.docker.Actor.Attributes.name",
+      "data.docker.Actor.ID",
+      "data.docker.id",
+      "data.docker.message",
+      "data.docker.status",
+      "data.dstip",
+      "data.dstport",
+      "data.dstuser",
+      "data.hardware.serial",
+      "data.id",
+      "data.integration",
+      "data.netinfo.iface.adapter",
+      "data.netinfo.iface.ipv4.address",
+      "data.netinfo.iface.ipv6.address",
+      "data.netinfo.iface.mac",
+      "data.netinfo.iface.name",
+      "data.os.architecture",
+      "data.os.build",
+      "data.os.codename",
+      "data.os.hostname",
+      "data.os.major",
+      "data.os.minor",
+      "data.os.name",
+      "data.os.platform",
+      "data.os.release",
+      "data.os.release_version",
+      "data.os.sysname",
+      "data.os.version",
+      "data.oscap.check.description",
+      "data.oscap.check.id",
+      "data.oscap.check.identifiers",
+      "data.oscap.check.oval.id",
+      "data.oscap.check.rationale",
+      "data.oscap.check.references",
+      "data.oscap.check.result",
+      "data.oscap.check.severity",
+      "data.oscap.check.title",
+      "data.oscap.scan.benchmark.id",
+      "data.oscap.scan.content",
+      "data.oscap.scan.id",
+      "data.oscap.scan.profile.id",
+      "data.oscap.scan.profile.title",
+      "data.osquery.columns.address",
+      "data.osquery.columns.command",
+      "data.osquery.columns.description",
+      "data.osquery.columns.dst_ip",
+      "data.osquery.columns.gid",
+      "data.osquery.columns.hostname",
+      "data.osquery.columns.md5",
+      "data.osquery.columns.path",
+      "data.osquery.columns.sha1",
+      "data.osquery.columns.sha256",
+      "data.osquery.columns.src_ip",
+      "data.osquery.columns.user",
+      "data.osquery.columns.username",
+      "data.osquery.name",
+      "data.osquery.pack",
+      "data.port.process",
+      "data.port.protocol",
+      "data.port.state",
+      "data.process.args",
+      "data.process.cmd",
+      "data.process.egroup",
+      "data.process.euser",
+      "data.process.fgroup",
+      "data.process.name",
+      "data.process.rgroup",
+      "data.process.ruser",
+      "data.process.sgroup",
+      "data.process.state",
+      "data.process.suser",
+      "data.program.architecture",
+      "data.program.description",
+      "data.program.format",
+      "data.program.location",
+      "data.program.multiarch",
+      "data.program.name",
+      "data.program.priority",
+      "data.program.section",
+      "data.program.source",
+      "data.program.vendor",
+      "data.program.version",
+      "data.protocol",
+      "data.pwd",
+      "data.sca",
+      "data.sca.check.compliance.cis",
+      "data.sca.check.compliance.cis_csc",
+      "data.sca.check.compliance.pci_dss",
+      "data.sca.check.compliance.hipaa",
+      "data.sca.check.compliance.nist_800_53",
+      "data.sca.check.description",
+      "data.sca.check.directory",
+      "data.sca.check.file",
+      "data.sca.check.id",
+      "data.sca.check.previous_result",
+      "data.sca.check.process",
+      "data.sca.check.rationale",
+      "data.sca.check.reason",
+      "data.sca.check.references",
+      "data.sca.check.registry",
+      "data.sca.check.remediation",
+      "data.sca.check.result",
+      "data.sca.check.status",
+      "data.sca.check.title",
+      "data.sca.description",
+      "data.sca.file",
+      "data.sca.invalid",
+      "data.sca.name",
+      "data.sca.policy",
+      "data.sca.policy_id",
+      "data.sca.scan_id",
+      "data.sca.total_checks",
+      "data.script",
+      "data.src_ip",
+      "data.src_port",
+      "data.srcip",
+      "data.srcport",
+      "data.srcuser",
+      "data.status",
+      "data.system_name",
+      "data.title",
+      "data.tty",
+      "data.uid",
+      "data.url",
+      "data.virustotal.description",
+      "data.virustotal.error",
+      "data.virustotal.found",
+      "data.virustotal.permalink",
+      "data.virustotal.scan_date",
+      "data.virustotal.sha1",
+      "data.virustotal.source.alert_id",
+      "data.virustotal.source.file",
+      "data.virustotal.source.md5",
+      "data.virustotal.source.sha1",
+      "data.vulnerability.advisories",
+      "data.vulnerability.bugzilla_reference",
+      "data.vulnerability.cve",
+      "data.vulnerability.cwe_reference",
+      "data.vulnerability.package.condition",
+      "data.vulnerability.package.name",
+      "data.vulnerability.package.version",
+      "data.vulnerability.reference",
+      "data.vulnerability.severity",
+      "data.vulnerability.state",
+      "data.vulnerability.title",
+      "data.win.eventdata.auditPolicyChanges",
+      "data.win.eventdata.auditPolicyChangesId",
+      "data.win.eventdata.binary",
+      "data.win.eventdata.category",
+      "data.win.eventdata.categoryId",
+      "data.win.eventdata.data",
+      "data.win.eventdata.image",
+      "data.win.eventdata.ipAddress",
+      "data.win.eventdata.ipPort",
+      "data.win.eventdata.keyName",
+      "data.win.eventdata.logonGuid",
+      "data.win.eventdata.logonProcessName",
+      "data.win.eventdata.operation",
+      "data.win.eventdata.parentImage",
+      "data.win.eventdata.processId",
+      "data.win.eventdata.processName",
+      "data.win.eventdata.providerName",
+      "data.win.eventdata.returnCode",
+      "data.win.eventdata.service",
+      "data.win.eventdata.status",
+      "data.win.eventdata.subcategory",
+      "data.win.eventdata.subcategoryGuid",
+      "data.win.eventdata.subcategoryId",
+      "data.win.eventdata.subjectDomainName",
+      "data.win.eventdata.subjectLogonId",
+      "data.win.eventdata.subjectUserName",
+      "data.win.eventdata.subjectUserSid",
+      "data.win.eventdata.targetDomainName",
+      "data.win.eventdata.targetLinkedLogonId",
+      "data.win.eventdata.targetLogonId",
+      "data.win.eventdata.targetUserName",
+      "data.win.eventdata.targetUserSid",
+      "data.win.eventdata.workstationName",
+      "data.win.system.channel",
+      "data.win.system.computer",
+      "data.win.system.eventID",
+      "data.win.system.eventRecordID",
+      "data.win.system.eventSourceName",
+      "data.win.system.keywords",
+      "data.win.system.level",
+      "data.win.system.message",
+      "data.win.system.opcode",
+      "data.win.system.processID",
+      "data.win.system.providerGuid",
+      "data.win.system.providerName",
+      "data.win.system.securityUserID",
+      "data.win.system.severityValue",
+      "data.win.system.userID",
+      "decoder.ftscomment",
+      "decoder.name",
+      "decoder.parent",
+      "full_log",
+      "host",
+      "id",
+      "input",
+      "location",
+      "manager.name",
+      "message",
+      "offset",
+      "predecoder.hostname",
+      "predecoder.program_name",
+      "previous_log",
+      "previous_output",
+      "program_name",
+      "rule.cis",
+      "rule.cve",
+      "rule.description",
+      "rule.gdpr",
+      "rule.gpg13",
+      "rule.groups",
+      "rule.id",
+      "rule.info",
+      "rule.pci_dss",
+      "syscheck.audit.effective_user.id",
+      "syscheck.audit.effective_user.name",
+      "syscheck.audit.group.id",
+      "syscheck.audit.group.name",
+      "syscheck.audit.login_user.id",
+      "syscheck.audit.login_user.name",
+      "syscheck.audit.process.id",
+      "syscheck.audit.process.name",
+      "syscheck.audit.process.ppid",
+      "syscheck.audit.user.id",
+      "syscheck.audit.user.name",
+      "syscheck.diff",
+      "syscheck.event",
+      "syscheck.gid_after",
+      "syscheck.gid_before",
+      "syscheck.gname_after",
+      "syscheck.gname_before",
+      "syscheck.inode_after",
+      "syscheck.inode_before",
+      "syscheck.md5_after",
+      "syscheck.md5_before",
+      "syscheck.path",
+      "syscheck.perm_after",
+      "syscheck.perm_before",
+      "syscheck.sha1_after",
+      "syscheck.sha1_before",
+      "syscheck.sha256_after",
+      "syscheck.sha256_before",
+      "syscheck.tags",
+      "syscheck.uid_after",
+      "syscheck.uid_before",
+      "syscheck.uname_after",
+      "syscheck.uname_before",
+      "title",
+      "type"
+    ]
   },
   "mappings": {
     "dynamic_templates": [
       {
         "string_as_keyword": {
-          "match_mapping_type": "string",
           "mapping": {
-            "type": "keyword",
-            "doc_values": "true"
-          }
+            "type": "keyword"
+          },
+          "match_mapping_type": "string"
         }
       }
     ],
+    "date_detection": false,
     "properties": {
       "@timestamp": {
         "type": "date"
@@ -34,42 +435,35 @@
       "agent": {
         "properties": {
           "ip": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "id": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           }
         }
       },
       "manager": {
         "properties": {
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           }
         }
       },
       "cluster": {
         "properties": {
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "node": {
+            "type": "keyword"
           }
         }
       },
-      "AlertsFile": {
-        "type": "keyword",
-        "doc_values": "true"
-      },
       "full_log": {
-        "enabled": false,
-        "type": "object"
+        "type": "text"
       },
       "previous_log": {
         "type": "text"
@@ -80,8 +474,7 @@
             "type": "long"
           },
           "city_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "continent_code": {
             "type": "text"
@@ -96,15 +489,13 @@
             "type": "text"
           },
           "country_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "dma_code": {
             "type": "long"
           },
           "ip": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "latitude": {
             "type": "double"
@@ -119,12 +510,10 @@
             "type": "keyword"
           },
           "real_region_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "region_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "timezone": {
             "type": "text"
@@ -132,110 +521,151 @@
         }
       },
       "host": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "syscheck": {
         "properties": {
           "path": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "sha1_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "sha1_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "uid_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "uid_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gid_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gid_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "perm_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "perm_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "md5_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "md5_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gname_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gname_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "inode_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "inode_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "mtime_after": {
             "type": "date",
-            "format": "dateOptionalTime",
-            "doc_values": "true"
+            "format": "date_optional_time"
           },
           "mtime_before": {
             "type": "date",
-            "format": "dateOptionalTime",
-            "doc_values": "true"
+            "format": "date_optional_time"
           },
           "uname_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "uname_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "size_before": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "size_after": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "diff": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "event": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "audit": {
+            "properties": {
+              "effective_user": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "group": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "login_user": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "process": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  },
+                  "ppid": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "user": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              }
+            }
+          },
+          "sha256_after": {
+            "type": "keyword"
+          },
+          "sha256_before": {
+            "type": "keyword"
+          },
+          "tags": {
+            "type": "keyword"
           }
         }
       },
       "location": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "message": {
         "type": "text"
@@ -246,554 +676,441 @@
       "rule": {
         "properties": {
           "description": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "groups": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "level": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "id": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "cve": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "info": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "frequency": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "firedtimes": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "cis": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "pci_dss": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gdpr": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gpg13": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "hipaa": {
+            "type": "keyword"
+          },
+          "nist_800_53": {
+            "type": "keyword"
+          },
+          "mail": {
+            "type": "boolean"
           }
         }
       },
       "predecoder": {
         "properties": {
           "program_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "timestamp": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "hostname": {
+            "type": "keyword"
           }
         }
       },
       "decoder": {
         "properties": {
           "parent": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "ftscomment": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "fts": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "accumulate": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           }
         }
       },
       "data": {
         "properties": {
-          "protocol": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "action": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "srcip": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "dstip": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "srcport": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "dstport": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "srcuser": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "dstuser": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "id": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "status": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "data": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "system_name": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "url": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "oscap": {
-            "properties": {
-              "check.title": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.result": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.severity": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.description": {
-                "type": "text"
-              },
-              "check.rationale": {
-                "type": "text"
-              },
-              "check.references": {
-                "type": "text"
-              },
-              "check.identifiers": {
-                "type": "text"
-              },
-              "check.oval.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.content": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.benchmark.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.profile.title": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.profile.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.score": {
-                "type": "double",
-                "doc_values": "true"
-              },
-              "scan.return_code": {
-                "type": "long",
-                "doc_values": "true"
-              }
-            }
-          },
           "audit": {
             "properties": {
-              "type": {
-                "type": "keyword",
-                "doc_values": "true"
+              "acct": {
+                "type": "keyword"
               },
-              "id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "syscall": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "exit": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "ppid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "pid": {
-                "type": "keyword",
-                "doc_values": "true"
+              "arch": {
+                "type": "keyword"
               },
               "auid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "uid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "gid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "euid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "suid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "fsuid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "egid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "sgid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "fsgid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "tty": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "session": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "command": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "exe": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "key": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "cwd": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "directory.name": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "directory.inode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "directory.mode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "file.name": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "file.inode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "file.mode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "acct": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "dev": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
-              "enforcing": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "list": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old-auid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old-ses": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old_enforcing": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old_prom": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "op": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "prom": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "res": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "srcip": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "subj": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "success": {
-                "type": "keyword",
-                "doc_values": "true"
-              }
-            }
-          },
-          "aws": {
-            "properties": {
-              "bytes": {
-                "type": "long",
-                "doc_values": "true"
-              },
-              "dstaddr": {
-                "type": "ip",
-                "doc_values": "true"
-              },
-              "srcaddr": {
-                "type": "ip",
-                "doc_values": "true"
-              },
-              "end": {
-                "type": "date",
-                "doc_values": "true"
-              },
-              "start": {
-                "type": "date",
-                "doc_values": "true"
-              },
-              "source_ip_address": {
-                "type": "ip",
-                "doc_values": "true"
-              },
-              "resource.instanceDetails.networkInterfaces": {
+              "directory": {
                 "properties": {
-                  "privateIpAddress": {
-                    "type": "ip",
-                    "doc_values": "true"
+                  "inode": {
+                    "type": "keyword"
                   },
-                  "publicIp": {
-                    "type": "ip",
-                    "doc_values": "true"
+                  "mode": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
                   }
                 }
               },
-              "service": {
+              "egid": {
+                "type": "keyword"
+              },
+              "enforcing": {
+                "type": "keyword"
+              },
+              "euid": {
+                "type": "keyword"
+              },
+              "exe": {
+                "type": "keyword"
+              },
+              "execve": {
                 "properties": {
-                  "count": {
-                    "type": "long",
-                    "doc_values": "true"
+                  "a0": {
+                    "type": "keyword"
                   },
-                  "action.networkConnectionAction.remoteIpDetails": {
+                  "a1": {
+                    "type": "keyword"
+                  },
+                  "a2": {
+                    "type": "keyword"
+                  },
+                  "a3": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "exit": {
+                "type": "keyword"
+              },
+              "file": {
+                "properties": {
+                  "inode": {
+                    "type": "keyword"
+                  },
+                  "mode": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "fsgid": {
+                "type": "keyword"
+              },
+              "fsuid": {
+                "type": "keyword"
+              },
+              "gid": {
+                "type": "keyword"
+              },
+              "id": {
+                "type": "keyword"
+              },
+              "key": {
+                "type": "keyword"
+              },
+              "list": {
+                "type": "keyword"
+              },
+              "old-auid": {
+                "type": "keyword"
+              },
+              "old-ses": {
+                "type": "keyword"
+              },
+              "old_enforcing": {
+                "type": "keyword"
+              },
+              "old_prom": {
+                "type": "keyword"
+              },
+              "op": {
+                "type": "keyword"
+              },
+              "pid": {
+                "type": "keyword"
+              },
+              "ppid": {
+                "type": "keyword"
+              },
+              "prom": {
+                "type": "keyword"
+              },
+              "res": {
+                "type": "keyword"
+              },
+              "session": {
+                "type": "keyword"
+              },
+              "sgid": {
+                "type": "keyword"
+              },
+              "srcip": {
+                "type": "keyword"
+              },
+              "subj": {
+                "type": "keyword"
+              },
+              "success": {
+                "type": "keyword"
+              },
+              "suid": {
+                "type": "keyword"
+              },
+              "syscall": {
+                "type": "keyword"
+              },
+              "tty": {
+                "type": "keyword"
+              },
+              "type": {
+                "type": "keyword"
+              },
+              "uid": {
+                "type": "keyword"
+              }
+            }
+          },
+          "protocol": {
+            "type": "keyword"
+          },
+          "action": {
+            "type": "keyword"
+          },
+          "srcip": {
+            "type": "keyword"
+          },
+          "dstip": {
+            "type": "keyword"
+          },
+          "srcport": {
+            "type": "keyword"
+          },
+          "dstport": {
+            "type": "keyword"
+          },
+          "srcuser": {
+            "type": "keyword"
+          },
+          "dstuser": {
+            "type": "keyword"
+          },
+          "id": {
+            "type": "keyword"
+          },
+          "status": {
+            "type": "keyword"
+          },
+          "data": {
+            "type": "keyword"
+          },
+          "system_name": {
+            "type": "keyword"
+          },
+          "url": {
+            "type": "keyword"
+          },
+          "oscap": {
+            "properties": {
+              "check": {
+                "properties": {
+                  "description": {
+                    "type": "text"
+                  },
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "identifiers": {
+                    "type": "text"
+                  },
+                  "oval": {
                     "properties": {
-                      "ipAddressV4": {
-                        "type": "ip",
-                        "doc_values": "true"
-                      },
-                      "geoLocation": {
-                        "type": "geo_point",
-                        "doc_values": "true"
+                      "id": {
+                        "type": "keyword"
                       }
                     }
+                  },
+                  "rationale": {
+                    "type": "text"
+                  },
+                  "references": {
+                    "type": "text"
+                  },
+                  "result": {
+                    "type": "keyword"
+                  },
+                  "severity": {
+                    "type": "keyword"
+                  },
+                  "title": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "scan": {
+                "properties": {
+                  "benchmark": {
+                    "properties": {
+                      "id": {
+                        "type": "keyword"
+                      }
+                    }
+                  },
+                  "content": {
+                    "type": "keyword"
+                  },
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "profile": {
+                    "properties": {
+                      "id": {
+                        "type": "keyword"
+                      },
+                      "title": {
+                        "type": "keyword"
+                      }
+                    }
+                  },
+                  "return_code": {
+                    "type": "long"
+                  },
+                  "score": {
+                    "type": "double"
                   }
                 }
               }
             }
           },
           "type": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "netinfo": {
             "properties": {
               "iface": {
                 "properties": {
                   "name": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "mac": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "adapter": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "type": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "state": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "mtu": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_bytes": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_bytes": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_errors": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_errors": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_dropped": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_dropped": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_packets": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_packets": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "ipv4": {
                     "properties": {
                       "gateway": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "dhcp": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "address": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "netmask": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "broadcast": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "metric": {
-                        "type": "long",
-                        "doc_values": "true"
+                        "type": "long"
                       }
                     }
                   },
                   "ipv6": {
                     "properties": {
                       "gateway": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "dhcp": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "address": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "netmask": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "broadcast": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "metric": {
-                        "type": "long",
-                        "doc_values": "true"
+                        "type": "long"
                       }
                     }
                   }
@@ -804,630 +1121,523 @@
           "os": {
             "properties": {
               "hostname": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "architecture": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "version": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "codename": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "major": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "minor": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "build": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "platform": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "sysname": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "release": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "release_version": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               }
             }
           },
           "port": {
             "properties": {
               "protocol": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "local_ip": {
-                "type": "ip",
-                "doc_values": "true"
+                "type": "ip"
               },
               "local_port": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "remote_ip": {
-                "type": "ip",
-                "doc_values": "true"
+                "type": "ip"
               },
               "remote_port": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "tx_queue": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "rx_queue": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "inode": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "state": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "pid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "process": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               }
             }
           },
           "hardware": {
             "properties": {
               "serial": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "cpu_name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "cpu_cores": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "cpu_mhz": {
-                "type": "double",
-                "doc_values": "true"
+                "type": "double"
               },
               "ram_total": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "ram_free": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "ram_usage": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               }
             }
           },
           "program": {
             "properties": {
               "format": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "priority": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "section": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "size": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "vendor": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "install_time": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "version": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "architecture": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "multiarch": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "source": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "description": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "location": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               }
             }
           },
           "process": {
             "properties": {
               "pid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "state": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "ppid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "utime": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "stime": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "cmd": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "args": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "euser": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "ruser": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "suser": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "egroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "sgroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "fgroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "rgroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "priority": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "nice": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "size": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "vm_size": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "resident": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "share": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "start_time": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "pgrp": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "session": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "nlwp": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "tgid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "tty": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "processor": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               }
             }
           },
           "sca": {
             "properties": {
               "type": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "scan_id": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "policy": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "file": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "description": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "passed": {
-                "type": "integer",
-                "doc_values": "true"
+                "type": "integer"
               },
               "failed": {
-                "type": "integer",
-                "doc_values": "true"
+                "type": "integer"
               },
               "score": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "check": {
                 "properties": {
                   "id": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "title": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "description": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "rationale": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "remediation": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "compliance": {
                     "properties": {
                       "cis": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "cis_csc": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "pci_dss": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
+                      },
+                      "hipaa": {
+                        "type": "keyword"
+                      },
+                      "nist_800_53": {
+                        "type": "keyword"
                       }
                     }
                   },
                   "references": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "file": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "directory": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "registry": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "process": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "result": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "previous_result": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
+                  },
+                  "reason": {
+                    "type": "keyword"
+                  },
+                  "status": {
+                    "type": "keyword"
                   }
                 }
+              },
+              "invalid": {
+                "type": "keyword"
+              },
+              "policy_id": {
+                "type": "keyword"
+              },
+              "total_checks": {
+                "type": "keyword"
               }
             }
           },
-          "win": {
+          "command": {
+            "type": "keyword"
+          },
+          "integration": {
+            "type": "keyword"
+          },
+          "timestamp": {
+            "type": "date"
+          },
+          "title": {
+            "type": "keyword"
+          },
+          "uid": {
+            "type": "keyword"
+          },
+          "virustotal": {
             "properties": {
-              "system": {
+              "description": {
+                "type": "keyword"
+              },
+              "error": {
+                "type": "keyword"
+              },
+              "found": {
+                "type": "keyword"
+              },
+              "malicious": {
+                "type": "keyword"
+              },
+              "permalink": {
+                "type": "keyword"
+              },
+              "positives": {
+                "type": "keyword"
+              },
+              "scan_date": {
+                "type": "keyword"
+              },
+              "sha1": {
+                "type": "keyword"
+              },
+              "source": {
                 "properties": {
-                  "providerName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "alert_id": {
+                    "type": "keyword"
                   },
-                  "providerGuid": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "file": {
+                    "type": "keyword"
                   },
-                  "eventSourceName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "md5": {
+                    "type": "keyword"
                   },
-                  "securityUserID": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "sha1": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "total": {
+                "type": "keyword"
+              }
+            }
+          },
+          "vulnerability": {
+            "properties": {
+              "advisories": {
+                "type": "keyword"
+              },
+              "bugzilla_reference": {
+                "type": "keyword"
+              },
+              "cve": {
+                "type": "keyword"
+              },
+              "cvss": {
+                "properties": {
+                  "cvss3_score": {
+                    "type": "keyword"
                   },
-                  "userID": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "cvss_score": {
+                    "type": "keyword"
                   },
-                  "eventID": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "cvss_scoring_vector": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "cwe_reference": {
+                "type": "keyword"
+              },
+              "package": {
+                "properties": {
+                  "condition": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
                   },
                   "version": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "level": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "task": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "opcode": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "keywords": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "systemTime": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "eventRecordID": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "processID": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "threadID": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "channel": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "computer": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "severityValue": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "message": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   }
                 }
               },
-              "eventdata": {
+              "published": {
+                "type": "date"
+              },
+              "reference": {
+                "type": "keyword"
+              },
+              "severity": {
+                "type": "keyword"
+              },
+              "state": {
+                "type": "keyword"
+              },
+              "title": {
+                "type": "keyword"
+              }
+            }
+          },
+          "aws": {
+            "properties": {
+              "bytes": {
+                "type": "long"
+              },
+              "dstaddr": {
+                "type": "ip"
+              },
+              "srcaddr": {
+                "type": "ip"
+              },
+              "end": {
+                "type": "date"
+              },
+              "start": {
+                "type": "date"
+              },
+              "source_ip_address": {
+                "type": "ip"
+              },
+              "service": {
                 "properties": {
-                  "subjectUserSid": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "count": {
+                    "type": "long"
                   },
-                  "subjectUserName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "action.networkConnectionAction.remoteIpDetails": {
+                    "properties": {
+                      "ipAddressV4": {
+                        "type": "ip"
+                      },
+                      "geoLocation": {
+                        "type": "geo_point"
+                      }
+                    }
                   },
-                  "subjectDomainName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "eventFirstSeen": {
+                    "type": "date"
                   },
-                  "subjectLogonId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetUserSid": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetUserName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetDomainName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetLogonId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "logonType": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "logonProcessName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "authenticationPackageName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "logonGuid": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "keyLength": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "impersonationLevel": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "transactionId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "newState": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "resourceManager": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "processId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "processName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "data": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "image": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "binary": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "parentImage": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "categoryId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "subcategoryId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "subcategoryGuid": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "auditPolicyChangesId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "category": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "subcategory": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "auditPolicyChanges": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "eventLastSeen": {
+                    "type": "date"
                   }
                 }
               },
-              "rmSessionEvent": {
+              "createdAt": {
+                "type": "date"
+              },
+              "updatedAt": {
+                "type": "date"
+              },
+              "resource.instanceDetails": {
                 "properties": {
-                  "rmSessionId": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "launchTime": {
+                    "type": "date"
                   },
-                  "uTCStartTime": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "networkInterfaces": {
+                    "properties": {
+                      "privateIpAddress": {
+                        "type": "ip"
+                      },
+                      "publicIp": {
+                        "type": "ip"
+                      }
+                    }
                   }
                 }
               }
@@ -1436,21 +1646,31 @@
         }
       },
       "program_name": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "command": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "type": {
         "type": "text"
       },
       "title": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
+      },
+      "id": {
+        "type": "keyword"
+      },
+      "input": {
+        "properties": {
+          "type": {
+            "type": "keyword"
+          }
+        }
+      },
+      "previous_output": {
+        "type": "keyword"
       }
     }
-  }
+  },
+  "version": 1
 }
-
diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
index 11ef6176..06af6322 100644
--- a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
@@ -1,25 +1,426 @@
 {
   "order": 0,
-  "index_patterns": ["wazuh-alerts-3.x-*"],
+  "index_patterns": [
+    "wazuh-alerts-3.x-*",
+    "wazuh-archives-3.x-*"
+  ],
   "settings": {
     "index.refresh_interval": "5s",
     "index.number_of_shards": "3",
     "index.number_of_replicas": "0",
     "index.auto_expand_replicas": "0-1",
-    "index.mapping.total_fields.limit": 2000
+    "index.mapping.total_fields.limit": 10000,
+    "index.query.default_field": [
+      "GeoLocation.city_name",
+      "GeoLocation.continent_code",
+      "GeoLocation.country_code2",
+      "GeoLocation.country_code3",
+      "GeoLocation.country_name",
+      "GeoLocation.ip",
+      "GeoLocation.postal_code",
+      "GeoLocation.real_region_name",
+      "GeoLocation.region_name",
+      "GeoLocation.timezone",
+      "agent.id",
+      "agent.ip",
+      "agent.name",
+      "cluster.name",
+      "cluster.node",
+      "command",
+      "data",
+      "data.action",
+      "data.audit",
+      "data.audit.acct",
+      "data.audit.arch",
+      "data.audit.auid",
+      "data.audit.command",
+      "data.audit.cwd",
+      "data.audit.dev",
+      "data.audit.directory.inode",
+      "data.audit.directory.mode",
+      "data.audit.directory.name",
+      "data.audit.egid",
+      "data.audit.enforcing",
+      "data.audit.euid",
+      "data.audit.exe",
+      "data.audit.execve.a0",
+      "data.audit.execve.a1",
+      "data.audit.execve.a2",
+      "data.audit.execve.a3",
+      "data.audit.exit",
+      "data.audit.file.inode",
+      "data.audit.file.mode",
+      "data.audit.file.name",
+      "data.audit.fsgid",
+      "data.audit.fsuid",
+      "data.audit.gid",
+      "data.audit.id",
+      "data.audit.key",
+      "data.audit.list",
+      "data.audit.old-auid",
+      "data.audit.old-ses",
+      "data.audit.old_enforcing",
+      "data.audit.old_prom",
+      "data.audit.op",
+      "data.audit.pid",
+      "data.audit.ppid",
+      "data.audit.prom",
+      "data.audit.res",
+      "data.audit.session",
+      "data.audit.sgid",
+      "data.audit.srcip",
+      "data.audit.subj",
+      "data.audit.success",
+      "data.audit.suid",
+      "data.audit.syscall",
+      "data.audit.tty",
+      "data.audit.uid",
+      "data.aws.accountId",
+      "data.aws.account_id",
+      "data.aws.action",
+      "data.aws.actor",
+      "data.aws.aws_account_id",
+      "data.aws.description",
+      "data.aws.dstport",
+      "data.aws.errorCode",
+      "data.aws.errorMessage",
+      "data.aws.eventID",
+      "data.aws.eventName",
+      "data.aws.eventSource",
+      "data.aws.eventType",
+      "data.aws.id",
+      "data.aws.name",
+      "data.aws.requestParameters.accessKeyId",
+      "data.aws.requestParameters.bucketName",
+      "data.aws.requestParameters.gatewayId",
+      "data.aws.requestParameters.groupDescription",
+      "data.aws.requestParameters.groupId",
+      "data.aws.requestParameters.groupName",
+      "data.aws.requestParameters.host",
+      "data.aws.requestParameters.hostedZoneId",
+      "data.aws.requestParameters.instanceId",
+      "data.aws.requestParameters.instanceProfileName",
+      "data.aws.requestParameters.loadBalancerName",
+      "data.aws.requestParameters.loadBalancerPorts",
+      "data.aws.requestParameters.masterUserPassword",
+      "data.aws.requestParameters.masterUsername",
+      "data.aws.requestParameters.name",
+      "data.aws.requestParameters.natGatewayId",
+      "data.aws.requestParameters.networkAclId",
+      "data.aws.requestParameters.path",
+      "data.aws.requestParameters.policyName",
+      "data.aws.requestParameters.port",
+      "data.aws.requestParameters.stackId",
+      "data.aws.requestParameters.stackName",
+      "data.aws.requestParameters.subnetId",
+      "data.aws.requestParameters.subnetIds",
+      "data.aws.requestParameters.volumeId",
+      "data.aws.requestParameters.vpcId",
+      "data.aws.resource.accessKeyDetails.accessKeyId",
+      "data.aws.resource.accessKeyDetails.principalId",
+      "data.aws.resource.accessKeyDetails.userName",
+      "data.aws.resource.instanceDetails.instanceId",
+      "data.aws.resource.instanceDetails.instanceState",
+      "data.aws.resource.instanceDetails.networkInterfaces.privateDnsName",
+      "data.aws.resource.instanceDetails.networkInterfaces.publicDnsName",
+      "data.aws.resource.instanceDetails.networkInterfaces.subnetId",
+      "data.aws.resource.instanceDetails.networkInterfaces.vpcId",
+      "data.aws.resource.instanceDetails.tags.value",
+      "data.aws.responseElements.AssociateVpcCidrBlockResponse.vpcId",
+      "data.aws.responseElements.description",
+      "data.aws.responseElements.instanceId",
+      "data.aws.responseElements.instances.instanceId",
+      "data.aws.responseElements.instancesSet.items.instanceId",
+      "data.aws.responseElements.listeners.port",
+      "data.aws.responseElements.loadBalancerName",
+      "data.aws.responseElements.loadBalancers.vpcId",
+      "data.aws.responseElements.loginProfile.userName",
+      "data.aws.responseElements.networkAcl.vpcId",
+      "data.aws.responseElements.ownerId",
+      "data.aws.responseElements.publicIp",
+      "data.aws.responseElements.user.userId",
+      "data.aws.responseElements.user.userName",
+      "data.aws.responseElements.volumeId",
+      "data.aws.service.serviceName",
+      "data.aws.severity",
+      "data.aws.source",
+      "data.aws.sourceIPAddress",
+      "data.aws.srcport",
+      "data.aws.userIdentity.accessKeyId",
+      "data.aws.userIdentity.accountId",
+      "data.aws.userIdentity.userName",
+      "data.aws.vpcEndpointId",
+      "data.command",
+      "data.data",
+      "data.docker.Actor.Attributes.container",
+      "data.docker.Actor.Attributes.image",
+      "data.docker.Actor.Attributes.name",
+      "data.docker.Actor.ID",
+      "data.docker.id",
+      "data.docker.message",
+      "data.docker.status",
+      "data.dstip",
+      "data.dstport",
+      "data.dstuser",
+      "data.hardware.serial",
+      "data.id",
+      "data.integration",
+      "data.netinfo.iface.adapter",
+      "data.netinfo.iface.ipv4.address",
+      "data.netinfo.iface.ipv6.address",
+      "data.netinfo.iface.mac",
+      "data.netinfo.iface.name",
+      "data.os.architecture",
+      "data.os.build",
+      "data.os.codename",
+      "data.os.hostname",
+      "data.os.major",
+      "data.os.minor",
+      "data.os.name",
+      "data.os.platform",
+      "data.os.release",
+      "data.os.release_version",
+      "data.os.sysname",
+      "data.os.version",
+      "data.oscap.check.description",
+      "data.oscap.check.id",
+      "data.oscap.check.identifiers",
+      "data.oscap.check.oval.id",
+      "data.oscap.check.rationale",
+      "data.oscap.check.references",
+      "data.oscap.check.result",
+      "data.oscap.check.severity",
+      "data.oscap.check.title",
+      "data.oscap.scan.benchmark.id",
+      "data.oscap.scan.content",
+      "data.oscap.scan.id",
+      "data.oscap.scan.profile.id",
+      "data.oscap.scan.profile.title",
+      "data.osquery.columns.address",
+      "data.osquery.columns.command",
+      "data.osquery.columns.description",
+      "data.osquery.columns.dst_ip",
+      "data.osquery.columns.gid",
+      "data.osquery.columns.hostname",
+      "data.osquery.columns.md5",
+      "data.osquery.columns.path",
+      "data.osquery.columns.sha1",
+      "data.osquery.columns.sha256",
+      "data.osquery.columns.src_ip",
+      "data.osquery.columns.user",
+      "data.osquery.columns.username",
+      "data.osquery.name",
+      "data.osquery.pack",
+      "data.port.process",
+      "data.port.protocol",
+      "data.port.state",
+      "data.process.args",
+      "data.process.cmd",
+      "data.process.egroup",
+      "data.process.euser",
+      "data.process.fgroup",
+      "data.process.name",
+      "data.process.rgroup",
+      "data.process.ruser",
+      "data.process.sgroup",
+      "data.process.state",
+      "data.process.suser",
+      "data.program.architecture",
+      "data.program.description",
+      "data.program.format",
+      "data.program.location",
+      "data.program.multiarch",
+      "data.program.name",
+      "data.program.priority",
+      "data.program.section",
+      "data.program.source",
+      "data.program.vendor",
+      "data.program.version",
+      "data.protocol",
+      "data.pwd",
+      "data.sca",
+      "data.sca.check.compliance.cis",
+      "data.sca.check.compliance.cis_csc",
+      "data.sca.check.compliance.pci_dss",
+      "data.sca.check.compliance.hipaa",
+      "data.sca.check.compliance.nist_800_53",
+      "data.sca.check.description",
+      "data.sca.check.directory",
+      "data.sca.check.file",
+      "data.sca.check.id",
+      "data.sca.check.previous_result",
+      "data.sca.check.process",
+      "data.sca.check.rationale",
+      "data.sca.check.reason",
+      "data.sca.check.references",
+      "data.sca.check.registry",
+      "data.sca.check.remediation",
+      "data.sca.check.result",
+      "data.sca.check.status",
+      "data.sca.check.title",
+      "data.sca.description",
+      "data.sca.file",
+      "data.sca.invalid",
+      "data.sca.name",
+      "data.sca.policy",
+      "data.sca.policy_id",
+      "data.sca.scan_id",
+      "data.sca.total_checks",
+      "data.script",
+      "data.src_ip",
+      "data.src_port",
+      "data.srcip",
+      "data.srcport",
+      "data.srcuser",
+      "data.status",
+      "data.system_name",
+      "data.title",
+      "data.tty",
+      "data.uid",
+      "data.url",
+      "data.virustotal.description",
+      "data.virustotal.error",
+      "data.virustotal.found",
+      "data.virustotal.permalink",
+      "data.virustotal.scan_date",
+      "data.virustotal.sha1",
+      "data.virustotal.source.alert_id",
+      "data.virustotal.source.file",
+      "data.virustotal.source.md5",
+      "data.virustotal.source.sha1",
+      "data.vulnerability.advisories",
+      "data.vulnerability.bugzilla_reference",
+      "data.vulnerability.cve",
+      "data.vulnerability.cwe_reference",
+      "data.vulnerability.package.condition",
+      "data.vulnerability.package.name",
+      "data.vulnerability.package.version",
+      "data.vulnerability.reference",
+      "data.vulnerability.severity",
+      "data.vulnerability.state",
+      "data.vulnerability.title",
+      "data.win.eventdata.auditPolicyChanges",
+      "data.win.eventdata.auditPolicyChangesId",
+      "data.win.eventdata.binary",
+      "data.win.eventdata.category",
+      "data.win.eventdata.categoryId",
+      "data.win.eventdata.data",
+      "data.win.eventdata.image",
+      "data.win.eventdata.ipAddress",
+      "data.win.eventdata.ipPort",
+      "data.win.eventdata.keyName",
+      "data.win.eventdata.logonGuid",
+      "data.win.eventdata.logonProcessName",
+      "data.win.eventdata.operation",
+      "data.win.eventdata.parentImage",
+      "data.win.eventdata.processId",
+      "data.win.eventdata.processName",
+      "data.win.eventdata.providerName",
+      "data.win.eventdata.returnCode",
+      "data.win.eventdata.service",
+      "data.win.eventdata.status",
+      "data.win.eventdata.subcategory",
+      "data.win.eventdata.subcategoryGuid",
+      "data.win.eventdata.subcategoryId",
+      "data.win.eventdata.subjectDomainName",
+      "data.win.eventdata.subjectLogonId",
+      "data.win.eventdata.subjectUserName",
+      "data.win.eventdata.subjectUserSid",
+      "data.win.eventdata.targetDomainName",
+      "data.win.eventdata.targetLinkedLogonId",
+      "data.win.eventdata.targetLogonId",
+      "data.win.eventdata.targetUserName",
+      "data.win.eventdata.targetUserSid",
+      "data.win.eventdata.workstationName",
+      "data.win.system.channel",
+      "data.win.system.computer",
+      "data.win.system.eventID",
+      "data.win.system.eventRecordID",
+      "data.win.system.eventSourceName",
+      "data.win.system.keywords",
+      "data.win.system.level",
+      "data.win.system.message",
+      "data.win.system.opcode",
+      "data.win.system.processID",
+      "data.win.system.providerGuid",
+      "data.win.system.providerName",
+      "data.win.system.securityUserID",
+      "data.win.system.severityValue",
+      "data.win.system.userID",
+      "decoder.ftscomment",
+      "decoder.name",
+      "decoder.parent",
+      "full_log",
+      "host",
+      "id",
+      "input",
+      "location",
+      "manager.name",
+      "message",
+      "offset",
+      "predecoder.hostname",
+      "predecoder.program_name",
+      "previous_log",
+      "previous_output",
+      "program_name",
+      "rule.cis",
+      "rule.cve",
+      "rule.description",
+      "rule.gdpr",
+      "rule.gpg13",
+      "rule.groups",
+      "rule.id",
+      "rule.info",
+      "rule.pci_dss",
+      "syscheck.audit.effective_user.id",
+      "syscheck.audit.effective_user.name",
+      "syscheck.audit.group.id",
+      "syscheck.audit.group.name",
+      "syscheck.audit.login_user.id",
+      "syscheck.audit.login_user.name",
+      "syscheck.audit.process.id",
+      "syscheck.audit.process.name",
+      "syscheck.audit.process.ppid",
+      "syscheck.audit.user.id",
+      "syscheck.audit.user.name",
+      "syscheck.diff",
+      "syscheck.event",
+      "syscheck.gid_after",
+      "syscheck.gid_before",
+      "syscheck.gname_after",
+      "syscheck.gname_before",
+      "syscheck.inode_after",
+      "syscheck.inode_before",
+      "syscheck.md5_after",
+      "syscheck.md5_before",
+      "syscheck.path",
+      "syscheck.perm_after",
+      "syscheck.perm_before",
+      "syscheck.sha1_after",
+      "syscheck.sha1_before",
+      "syscheck.sha256_after",
+      "syscheck.sha256_before",
+      "syscheck.tags",
+      "syscheck.uid_after",
+      "syscheck.uid_before",
+      "syscheck.uname_after",
+      "syscheck.uname_before",
+      "title",
+      "type"
+    ]
   },
   "mappings": {
     "dynamic_templates": [
       {
         "string_as_keyword": {
-          "match_mapping_type": "string",
           "mapping": {
-            "type": "keyword",
-            "doc_values": "true"
-          }
+            "type": "keyword"
+          },
+          "match_mapping_type": "string"
         }
       }
     ],
+    "date_detection": false,
     "properties": {
       "@timestamp": {
         "type": "date"
@@ -34,42 +435,35 @@
       "agent": {
         "properties": {
           "ip": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "id": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           }
         }
       },
       "manager": {
         "properties": {
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           }
         }
       },
       "cluster": {
         "properties": {
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "node": {
+            "type": "keyword"
           }
         }
       },
-      "AlertsFile": {
-        "type": "keyword",
-        "doc_values": "true"
-      },
       "full_log": {
-        "enabled": false,
-        "type": "object"
+        "type": "text"
       },
       "previous_log": {
         "type": "text"
@@ -80,8 +474,7 @@
             "type": "long"
           },
           "city_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "continent_code": {
             "type": "text"
@@ -96,15 +489,13 @@
             "type": "text"
           },
           "country_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "dma_code": {
             "type": "long"
           },
           "ip": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "latitude": {
             "type": "double"
@@ -119,12 +510,10 @@
             "type": "keyword"
           },
           "real_region_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "region_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "timezone": {
             "type": "text"
@@ -132,110 +521,151 @@
         }
       },
       "host": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "syscheck": {
         "properties": {
           "path": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "sha1_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "sha1_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "uid_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "uid_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gid_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gid_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "perm_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "perm_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "md5_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "md5_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gname_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gname_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "inode_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "inode_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "mtime_after": {
             "type": "date",
-            "format": "dateOptionalTime",
-            "doc_values": "true"
+            "format": "date_optional_time"
           },
           "mtime_before": {
             "type": "date",
-            "format": "dateOptionalTime",
-            "doc_values": "true"
+            "format": "date_optional_time"
           },
           "uname_after": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "uname_before": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "size_before": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "size_after": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "diff": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "event": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "audit": {
+            "properties": {
+              "effective_user": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "group": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "login_user": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "process": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  },
+                  "ppid": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "user": {
+                "properties": {
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              }
+            }
+          },
+          "sha256_after": {
+            "type": "keyword"
+          },
+          "sha256_before": {
+            "type": "keyword"
+          },
+          "tags": {
+            "type": "keyword"
           }
         }
       },
       "location": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "message": {
         "type": "text"
@@ -246,554 +676,441 @@
       "rule": {
         "properties": {
           "description": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "groups": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "level": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "id": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "cve": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "info": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "frequency": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "firedtimes": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "cis": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "pci_dss": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gdpr": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "gpg13": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "hipaa": {
+            "type": "keyword"
+          },
+          "nist_800_53": {
+            "type": "keyword"
+          },
+          "mail": {
+            "type": "boolean"
           }
         }
       },
       "predecoder": {
         "properties": {
           "program_name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "timestamp": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
+          },
+          "hostname": {
+            "type": "keyword"
           }
         }
       },
       "decoder": {
         "properties": {
           "parent": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "name": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "ftscomment": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "fts": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           },
           "accumulate": {
-            "type": "long",
-            "doc_values": "true"
+            "type": "long"
           }
         }
       },
       "data": {
         "properties": {
-          "protocol": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "action": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "srcip": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "dstip": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "srcport": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "dstport": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "srcuser": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "dstuser": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "id": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "status": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "data": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "system_name": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "url": {
-            "type": "keyword",
-            "doc_values": "true"
-          },
-          "oscap": {
-            "properties": {
-              "check.title": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.result": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.severity": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "check.description": {
-                "type": "text"
-              },
-              "check.rationale": {
-                "type": "text"
-              },
-              "check.references": {
-                "type": "text"
-              },
-              "check.identifiers": {
-                "type": "text"
-              },
-              "check.oval.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.content": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.benchmark.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.profile.title": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.profile.id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "scan.score": {
-                "type": "double",
-                "doc_values": "true"
-              },
-              "scan.return_code": {
-                "type": "long",
-                "doc_values": "true"
-              }
-            }
-          },
           "audit": {
             "properties": {
-              "type": {
-                "type": "keyword",
-                "doc_values": "true"
+              "acct": {
+                "type": "keyword"
               },
-              "id": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "syscall": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "exit": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "ppid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "pid": {
-                "type": "keyword",
-                "doc_values": "true"
+              "arch": {
+                "type": "keyword"
               },
               "auid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "uid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "gid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "euid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "suid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "fsuid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "egid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "sgid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "fsgid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "tty": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "session": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "command": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "exe": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "key": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "cwd": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "directory.name": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "directory.inode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "directory.mode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "file.name": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "file.inode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "file.mode": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "acct": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "dev": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
-              "enforcing": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "list": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old-auid": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old-ses": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old_enforcing": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "old_prom": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "op": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "prom": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "res": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "srcip": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "subj": {
-                "type": "keyword",
-                "doc_values": "true"
-              },
-              "success": {
-                "type": "keyword",
-                "doc_values": "true"
-              }
-            }
-          },
-          "aws": {
-            "properties": {
-              "bytes": {
-                "type": "long",
-                "doc_values": "true"
-              },
-              "dstaddr": {
-                "type": "ip",
-                "doc_values": "true"
-              },
-              "srcaddr": {
-                "type": "ip",
-                "doc_values": "true"
-              },
-              "end": {
-                "type": "date",
-                "doc_values": "true"
-              },
-              "start": {
-                "type": "date",
-                "doc_values": "true"
-              },
-              "source_ip_address": {
-                "type": "ip",
-                "doc_values": "true"
-              },
-              "resource.instanceDetails.networkInterfaces": {
+              "directory": {
                 "properties": {
-                  "privateIpAddress": {
-                    "type": "ip",
-                    "doc_values": "true"
+                  "inode": {
+                    "type": "keyword"
                   },
-                  "publicIp": {
-                    "type": "ip",
-                    "doc_values": "true"
+                  "mode": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
                   }
                 }
               },
-              "service": {
+              "egid": {
+                "type": "keyword"
+              },
+              "enforcing": {
+                "type": "keyword"
+              },
+              "euid": {
+                "type": "keyword"
+              },
+              "exe": {
+                "type": "keyword"
+              },
+              "execve": {
                 "properties": {
-                  "count": {
-                    "type": "long",
-                    "doc_values": "true"
+                  "a0": {
+                    "type": "keyword"
                   },
-                  "action.networkConnectionAction.remoteIpDetails": {
+                  "a1": {
+                    "type": "keyword"
+                  },
+                  "a2": {
+                    "type": "keyword"
+                  },
+                  "a3": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "exit": {
+                "type": "keyword"
+              },
+              "file": {
+                "properties": {
+                  "inode": {
+                    "type": "keyword"
+                  },
+                  "mode": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "fsgid": {
+                "type": "keyword"
+              },
+              "fsuid": {
+                "type": "keyword"
+              },
+              "gid": {
+                "type": "keyword"
+              },
+              "id": {
+                "type": "keyword"
+              },
+              "key": {
+                "type": "keyword"
+              },
+              "list": {
+                "type": "keyword"
+              },
+              "old-auid": {
+                "type": "keyword"
+              },
+              "old-ses": {
+                "type": "keyword"
+              },
+              "old_enforcing": {
+                "type": "keyword"
+              },
+              "old_prom": {
+                "type": "keyword"
+              },
+              "op": {
+                "type": "keyword"
+              },
+              "pid": {
+                "type": "keyword"
+              },
+              "ppid": {
+                "type": "keyword"
+              },
+              "prom": {
+                "type": "keyword"
+              },
+              "res": {
+                "type": "keyword"
+              },
+              "session": {
+                "type": "keyword"
+              },
+              "sgid": {
+                "type": "keyword"
+              },
+              "srcip": {
+                "type": "keyword"
+              },
+              "subj": {
+                "type": "keyword"
+              },
+              "success": {
+                "type": "keyword"
+              },
+              "suid": {
+                "type": "keyword"
+              },
+              "syscall": {
+                "type": "keyword"
+              },
+              "tty": {
+                "type": "keyword"
+              },
+              "type": {
+                "type": "keyword"
+              },
+              "uid": {
+                "type": "keyword"
+              }
+            }
+          },
+          "protocol": {
+            "type": "keyword"
+          },
+          "action": {
+            "type": "keyword"
+          },
+          "srcip": {
+            "type": "keyword"
+          },
+          "dstip": {
+            "type": "keyword"
+          },
+          "srcport": {
+            "type": "keyword"
+          },
+          "dstport": {
+            "type": "keyword"
+          },
+          "srcuser": {
+            "type": "keyword"
+          },
+          "dstuser": {
+            "type": "keyword"
+          },
+          "id": {
+            "type": "keyword"
+          },
+          "status": {
+            "type": "keyword"
+          },
+          "data": {
+            "type": "keyword"
+          },
+          "system_name": {
+            "type": "keyword"
+          },
+          "url": {
+            "type": "keyword"
+          },
+          "oscap": {
+            "properties": {
+              "check": {
+                "properties": {
+                  "description": {
+                    "type": "text"
+                  },
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "identifiers": {
+                    "type": "text"
+                  },
+                  "oval": {
                     "properties": {
-                      "ipAddressV4": {
-                        "type": "ip",
-                        "doc_values": "true"
-                      },
-                      "geoLocation": {
-                        "type": "geo_point",
-                        "doc_values": "true"
+                      "id": {
+                        "type": "keyword"
                       }
                     }
+                  },
+                  "rationale": {
+                    "type": "text"
+                  },
+                  "references": {
+                    "type": "text"
+                  },
+                  "result": {
+                    "type": "keyword"
+                  },
+                  "severity": {
+                    "type": "keyword"
+                  },
+                  "title": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "scan": {
+                "properties": {
+                  "benchmark": {
+                    "properties": {
+                      "id": {
+                        "type": "keyword"
+                      }
+                    }
+                  },
+                  "content": {
+                    "type": "keyword"
+                  },
+                  "id": {
+                    "type": "keyword"
+                  },
+                  "profile": {
+                    "properties": {
+                      "id": {
+                        "type": "keyword"
+                      },
+                      "title": {
+                        "type": "keyword"
+                      }
+                    }
+                  },
+                  "return_code": {
+                    "type": "long"
+                  },
+                  "score": {
+                    "type": "double"
                   }
                 }
               }
             }
           },
           "type": {
-            "type": "keyword",
-            "doc_values": "true"
+            "type": "keyword"
           },
           "netinfo": {
             "properties": {
               "iface": {
                 "properties": {
                   "name": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "mac": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "adapter": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "type": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "state": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "mtu": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_bytes": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_bytes": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_errors": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_errors": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_dropped": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_dropped": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "tx_packets": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "rx_packets": {
-                    "type": "long",
-                    "doc_values": "true"
+                    "type": "long"
                   },
                   "ipv4": {
                     "properties": {
                       "gateway": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "dhcp": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "address": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "netmask": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "broadcast": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "metric": {
-                        "type": "long",
-                        "doc_values": "true"
+                        "type": "long"
                       }
                     }
                   },
                   "ipv6": {
                     "properties": {
                       "gateway": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "dhcp": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "address": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "netmask": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "broadcast": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "metric": {
-                        "type": "long",
-                        "doc_values": "true"
+                        "type": "long"
                       }
                     }
                   }
@@ -804,630 +1121,523 @@
           "os": {
             "properties": {
               "hostname": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "architecture": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "version": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "codename": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "major": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "minor": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "build": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "platform": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "sysname": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "release": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "release_version": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               }
             }
           },
           "port": {
             "properties": {
               "protocol": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "local_ip": {
-                "type": "ip",
-                "doc_values": "true"
+                "type": "ip"
               },
               "local_port": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "remote_ip": {
-                "type": "ip",
-                "doc_values": "true"
+                "type": "ip"
               },
               "remote_port": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "tx_queue": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "rx_queue": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "inode": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "state": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "pid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "process": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               }
             }
           },
           "hardware": {
             "properties": {
               "serial": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "cpu_name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "cpu_cores": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "cpu_mhz": {
-                "type": "double",
-                "doc_values": "true"
+                "type": "double"
               },
               "ram_total": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "ram_free": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "ram_usage": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               }
             }
           },
           "program": {
             "properties": {
               "format": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "priority": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "section": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "size": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "vendor": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "install_time": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "version": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "architecture": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "multiarch": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "source": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "description": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "location": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               }
             }
           },
           "process": {
             "properties": {
               "pid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "state": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "ppid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "utime": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "stime": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "cmd": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "args": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "euser": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "ruser": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "suser": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "egroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "sgroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "fgroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "rgroup": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "priority": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "nice": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "size": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "vm_size": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "resident": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "share": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "start_time": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "pgrp": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "session": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "nlwp": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "tgid": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "tty": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "processor": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               }
             }
           },
           "sca": {
             "properties": {
               "type": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "scan_id": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "policy": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "name": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "file": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "description": {
-                "type": "keyword",
-                "doc_values": "true"
+                "type": "keyword"
               },
               "passed": {
-                "type": "integer",
-                "doc_values": "true"
+                "type": "integer"
               },
               "failed": {
-                "type": "integer",
-                "doc_values": "true"
+                "type": "integer"
               },
               "score": {
-                "type": "long",
-                "doc_values": "true"
+                "type": "long"
               },
               "check": {
                 "properties": {
                   "id": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "title": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "description": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "rationale": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "remediation": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "compliance": {
                     "properties": {
                       "cis": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "cis_csc": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
                       },
                       "pci_dss": {
-                        "type": "keyword",
-                        "doc_values": "true"
+                        "type": "keyword"
+                      },
+                      "hipaa": {
+                        "type": "keyword"
+                      },
+                      "nist_800_53": {
+                        "type": "keyword"
                       }
                     }
                   },
                   "references": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "file": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "directory": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "registry": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "process": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "result": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   },
                   "previous_result": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
+                  },
+                  "reason": {
+                    "type": "keyword"
+                  },
+                  "status": {
+                    "type": "keyword"
                   }
                 }
+              },
+              "invalid": {
+                "type": "keyword"
+              },
+              "policy_id": {
+                "type": "keyword"
+              },
+              "total_checks": {
+                "type": "keyword"
               }
             }
           },
-          "win": {
+          "command": {
+            "type": "keyword"
+          },
+          "integration": {
+            "type": "keyword"
+          },
+          "timestamp": {
+            "type": "date"
+          },
+          "title": {
+            "type": "keyword"
+          },
+          "uid": {
+            "type": "keyword"
+          },
+          "virustotal": {
             "properties": {
-              "system": {
+              "description": {
+                "type": "keyword"
+              },
+              "error": {
+                "type": "keyword"
+              },
+              "found": {
+                "type": "keyword"
+              },
+              "malicious": {
+                "type": "keyword"
+              },
+              "permalink": {
+                "type": "keyword"
+              },
+              "positives": {
+                "type": "keyword"
+              },
+              "scan_date": {
+                "type": "keyword"
+              },
+              "sha1": {
+                "type": "keyword"
+              },
+              "source": {
                 "properties": {
-                  "providerName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "alert_id": {
+                    "type": "keyword"
                   },
-                  "providerGuid": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "file": {
+                    "type": "keyword"
                   },
-                  "eventSourceName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "md5": {
+                    "type": "keyword"
                   },
-                  "securityUserID": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "sha1": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "total": {
+                "type": "keyword"
+              }
+            }
+          },
+          "vulnerability": {
+            "properties": {
+              "advisories": {
+                "type": "keyword"
+              },
+              "bugzilla_reference": {
+                "type": "keyword"
+              },
+              "cve": {
+                "type": "keyword"
+              },
+              "cvss": {
+                "properties": {
+                  "cvss3_score": {
+                    "type": "keyword"
                   },
-                  "userID": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "cvss_score": {
+                    "type": "keyword"
                   },
-                  "eventID": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "cvss_scoring_vector": {
+                    "type": "keyword"
+                  }
+                }
+              },
+              "cwe_reference": {
+                "type": "keyword"
+              },
+              "package": {
+                "properties": {
+                  "condition": {
+                    "type": "keyword"
+                  },
+                  "name": {
+                    "type": "keyword"
                   },
                   "version": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "level": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "task": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "opcode": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "keywords": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "systemTime": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "eventRecordID": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "processID": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "threadID": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "channel": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "computer": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "severityValue": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "message": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                    "type": "keyword"
                   }
                 }
               },
-              "eventdata": {
+              "published": {
+                "type": "date"
+              },
+              "reference": {
+                "type": "keyword"
+              },
+              "severity": {
+                "type": "keyword"
+              },
+              "state": {
+                "type": "keyword"
+              },
+              "title": {
+                "type": "keyword"
+              }
+            }
+          },
+          "aws": {
+            "properties": {
+              "bytes": {
+                "type": "long"
+              },
+              "dstaddr": {
+                "type": "ip"
+              },
+              "srcaddr": {
+                "type": "ip"
+              },
+              "end": {
+                "type": "date"
+              },
+              "start": {
+                "type": "date"
+              },
+              "source_ip_address": {
+                "type": "ip"
+              },
+              "service": {
                 "properties": {
-                  "subjectUserSid": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "count": {
+                    "type": "long"
                   },
-                  "subjectUserName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "action.networkConnectionAction.remoteIpDetails": {
+                    "properties": {
+                      "ipAddressV4": {
+                        "type": "ip"
+                      },
+                      "geoLocation": {
+                        "type": "geo_point"
+                      }
+                    }
                   },
-                  "subjectDomainName": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "eventFirstSeen": {
+                    "type": "date"
                   },
-                  "subjectLogonId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetUserSid": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetUserName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetDomainName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "targetLogonId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "logonType": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "logonProcessName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "authenticationPackageName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "logonGuid": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "keyLength": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "impersonationLevel": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "transactionId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "newState": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "resourceManager": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "processId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "processName": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "data": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "image": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "binary": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "parentImage": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "categoryId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "subcategoryId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "subcategoryGuid": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "auditPolicyChangesId": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "category": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "subcategory": {
-                    "type": "keyword",
-                    "doc_values": "true"
-                  },
-                  "auditPolicyChanges": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "eventLastSeen": {
+                    "type": "date"
                   }
                 }
               },
-              "rmSessionEvent": {
+              "createdAt": {
+                "type": "date"
+              },
+              "updatedAt": {
+                "type": "date"
+              },
+              "resource.instanceDetails": {
                 "properties": {
-                  "rmSessionId": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "launchTime": {
+                    "type": "date"
                   },
-                  "uTCStartTime": {
-                    "type": "keyword",
-                    "doc_values": "true"
+                  "networkInterfaces": {
+                    "properties": {
+                      "privateIpAddress": {
+                        "type": "ip"
+                      },
+                      "publicIp": {
+                        "type": "ip"
+                      }
+                    }
                   }
                 }
               }
@@ -1436,20 +1646,31 @@
         }
       },
       "program_name": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "command": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
       },
       "type": {
         "type": "text"
       },
       "title": {
-        "type": "keyword",
-        "doc_values": "true"
+        "type": "keyword"
+      },
+      "id": {
+        "type": "keyword"
+      },
+      "input": {
+        "properties": {
+          "type": {
+            "type": "keyword"
+          }
+        }
+      },
+      "previous_output": {
+        "type": "keyword"
       }
     }
-  }
-}
\ No newline at end of file
+  },
+  "version": 1
+}

From 58b3b734bea81da15d43131a69c115cb33e727fa Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 16 Sep 2019 18:10:28 +0200
Subject: [PATCH 299/714] Bump version to 3.10.0_7.3.2

---
 VERSION                                                     | 4 ++--
 molecule/default/tests/test_default.py                      | 4 ++--
 molecule/elasticsearch/tests/test_default.py                | 2 +-
 molecule/kibana/tests/test_default.py                       | 2 +-
 molecule/wazuh-agent/tests/test_agents.py                   | 2 +-
 molecule/worker/tests/test_default.py                       | 4 ++--
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 4 ++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 2 +-
 11 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/VERSION b/VERSION
index 921c9fb1..2a8b969e 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.9.5"
-REVISION="3950"
+WAZUH-ANSIBLE_VERSION="v3.10.0"
+REVISION="31000"
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 174a499f..03fe99d4 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.5"
+    return "3.10.0"
 
 
 def test_wazuh_packages_are_installed(host):
@@ -86,4 +86,4 @@ def test_filebeat_is_installed(host):
     """Test if the elasticsearch package is installed."""
     filebeat = host.package("filebeat")
     assert filebeat.is_installed
-    assert filebeat.version.startswith('7.2.1')
+    assert filebeat.version.startswith('7.3.2')
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
index 31c5da6c..f4021876 100644
--- a/molecule/elasticsearch/tests/test_default.py
+++ b/molecule/elasticsearch/tests/test_default.py
@@ -10,7 +10,7 @@ def test_elasticsearch_is_installed(host):
     """Test if the elasticsearch package is installed."""
     elasticsearch = host.package("elasticsearch")
     assert elasticsearch.is_installed
-    assert elasticsearch.version.startswith('7.2.1')
+    assert elasticsearch.version.startswith('7.3.2')
 
 
 def test_elasticsearch_is_running(host):
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
index f57bb8f7..ccd4d4f2 100644
--- a/molecule/kibana/tests/test_default.py
+++ b/molecule/kibana/tests/test_default.py
@@ -14,7 +14,7 @@ def test_port_kibana_is_open(host):
 def test_find_correct_elasticsearch_version(host):
     """Test if we find the kibana/elasticsearch version in package.json"""
     kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
-    assert kibana.contains("7.2.1")
+    assert kibana.contains("7.3.2")
 
 
 def test_wazuh_plugin_installed(host):
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
index a4845d06..1846d3fe 100644
--- a/molecule/wazuh-agent/tests/test_agents.py
+++ b/molecule/wazuh-agent/tests/test_agents.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.5"
+    return "3.10.0"
 
 
 def test_ossec_package_installed(Package):
diff --git a/molecule/worker/tests/test_default.py b/molecule/worker/tests/test_default.py
index 8dc96bbf..4de03dc3 100644
--- a/molecule/worker/tests/test_default.py
+++ b/molecule/worker/tests/test_default.py
@@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 
 def get_wazuh_version():
     """This return the version of Wazuh."""
-    return "3.9.5"
+    return "3.10.0"
 
 
 def test_wazuh_packages_are_installed(host):
@@ -82,4 +82,4 @@ def test_filebeat_is_installed(host):
     """Test if the elasticsearch package is installed."""
     filebeat = host.package("filebeat")
     assert filebeat.is_installed
-    assert filebeat.version.startswith('7.2.1')
+    assert filebeat.version.startswith('7.3.2')
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 31ed74de..ca6dd06e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.2.1
+elastic_stack_version: 7.3.2
 single_node: true
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 9ec61091..06c2c6af 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.2.1
-wazuh_version: 3.9.5
+elastic_stack_version: 7.3.2
+wazuh_version: 3.10.0
 
 # Xpack Security
 kibana_xpack_security: false
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 632ab7e3..180308a6 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.2.1
+filebeat_version: 7.3.2
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index c3da8e89..f6904240 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.9.5
+wazuh_agent_version: 3.10.0
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
@@ -26,7 +26,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.9.5'
+  version: '3.10.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: ee5b24216db472d291da4e14f0b3bc63
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 8c7c1f16..87ab144b 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_api_version: 3.9.5
+wazuh_manager_api_version: 3.10.0
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest

From e98f52deb7226c83eaa2910e9443a582152be7da Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 16 Sep 2019 18:26:47 +0200
Subject: [PATCH 300/714] Update CHANGELOG.md

---
 CHANGELOG.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 87570f08..0c31372c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,23 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.10.0_7.3.2]
+
+### Added
+
+
+### Changed
+
+- Updated agent.conf template [@moodymob](https://github.com/moodymob) [#222](https://github.com/wazuh/wazuh-ansible/pull/222)
+- Improved molecule tests [@rshad](https://github.com/rshad) [#223](https://github.com/wazuh/wazuh-ansible/pull/223/files)
+
+### Fixed
+
+- Fixed typo in the `agent.conf` template [@joey1a2b3c](https://github.com/joey1a2b3c) [#227](https://github.com/wazuh/wazuh-ansible/pull/227)
+- Updated conditionals in tasks to fix Amazon Linux installation [@jm404](https://github.com/jm404) [#229](https://github.com/wazuh/wazuh-ansible/pull/229)
+- Fixed Kibana installation in Amazon Linux [@jm404](https://github.com/jm404) [#232](https://github.com/wazuh/wazuh-ansible/pull/232)
+- Fixed Windows Agent installation and configuration [@jm404](https://github.com/jm404) [#234](https://github.com/wazuh/wazuh-ansible/pull/234)
+
 ## [v3.9.5_7.2.1]
 
 ### Added 

From 3680e6a3a3f827b7314b67045a096a86c4a0cff0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 11:53:53 +0200
Subject: [PATCH 301/714] Remove "Amazon" from conditional in remove repo task

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 320c9b74..13fcd37d 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -146,7 +146,7 @@
     state: started
 
 - import_tasks: RMRedHat.yml
-  when: ansible_os_family == 'RedHat', 'Amazon'
+  when: ansible_os_family == 'RedHat'
 
 - import_tasks: RMDebian.yml
   when: ansible_os_family == 'Debian'

From 9db41aac8cbece45559c96b47c444e8380054517 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 11:54:40 +0200
Subject: [PATCH 302/714] Add changed_when: false conditional to fix
 idempotence

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 13fcd37d..af9b5eaf 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -138,6 +138,7 @@
     name: kibana
     enabled: true
     state: restarted
+  changed_when: false
 
 - name: Ensure Kibana is started and enabled
   service:

From 8c48c6ce624c574fda8e771dffe9ca67b8a16b90 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 12:43:47 +0200
Subject: [PATCH 303/714] Remove explicit Kibana restart. Add restart
 notifications

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index af9b5eaf..d09f13fb 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -84,6 +84,7 @@
   when:
     - check_certs_permissions is defined
     - kibana_xpack_security
+  notify: restart kibana
   tags: xpack-security
 
 - name: Kibana configuration
@@ -93,6 +94,7 @@
     owner: root
     group: root
     mode: 0664
+  notify: restart kibana
   tags: configure
 
 - name: Checking Wazuh-APP version
@@ -125,6 +127,7 @@
     creates: /usr/share/kibana/plugins/wazuh/package.json
   become: yes
   become_user: kibana
+  notify: restart kibana
   tags:
     - install
     - skip_ansible_lint
@@ -133,13 +136,6 @@
   systemd:
     daemon_reload: true
 
-- name: Restart Kibana
-  service:
-    name: kibana
-    enabled: true
-    state: restarted
-  changed_when: false
-
 - name: Ensure Kibana is started and enabled
   service:
     name: kibana

From f94e095972bc2f6d25b6752c38bd51df19f68695 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 12:47:19 +0200
Subject: [PATCH 304/714] Remove Amazon from daemon reload exceptions

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index d09f13fb..6b66920b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -6,10 +6,10 @@
   when: ansible_os_family == 'Debian'
 
 - name: Reload systemd
-  systemd: daemon_reload=true
+  systemd: 
+    daemon_reload: true
   ignore_errors: true
   when:
-    - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))

From d6ebdbba76b3c754f4864f8083b70a926601df96 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 12:48:20 +0200
Subject: [PATCH 305/714] Update CHANGELOG.md

---
 CHANGELOG.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0c31372c..153218ac 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,6 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.10.0_7.3.2]
 
-### Added
-
-
 ### Changed
 
 - Updated agent.conf template [@moodymob](https://github.com/moodymob) [#222](https://github.com/wazuh/wazuh-ansible/pull/222)

From 8f953f4272045423ee82db0c4a36530c44679fab Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 13:04:35 +0200
Subject: [PATCH 306/714] Add versioning to filter AL2 in the daemon reload
 task

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 6b66920b..c4069f90 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -10,6 +10,7 @@
     daemon_reload: true
   ignore_errors: true
   when:
+    - not (ansible_distribution == "Amazon and ansible_distribution_version == "(Karoo)")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))

From d6ef30b6a30abe703d654a02f7ff2681ac9d57cf Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 13:05:06 +0200
Subject: [PATCH 307/714] Update CHANGELOG.md

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 153218ac..ab4e5eea 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,8 +3,13 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.10.0_7.3.2]
 
+### Added
+
+- Update to Wazuh v3.10.0 
+
 ### Changed
 
+- Updated Kibana [@jm404](https://github.com/jm404) [#237](https://github.com/wazuh/wazuh-ansible/pull/237)
 - Updated agent.conf template [@moodymob](https://github.com/moodymob) [#222](https://github.com/wazuh/wazuh-ansible/pull/222)
 - Improved molecule tests [@rshad](https://github.com/rshad) [#223](https://github.com/wazuh/wazuh-ansible/pull/223/files)
 

From c1e085a1ed2d954ddf9687f99f9283a3f203e88f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 17 Sep 2019 14:34:04 +0200
Subject: [PATCH 308/714] Fix trailing whitespace for linting checks

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c4069f90..a0f6e5c0 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -6,7 +6,7 @@
   when: ansible_os_family == 'Debian'
 
 - name: Reload systemd
-  systemd: 
+  systemd:
     daemon_reload: true
   ignore_errors: true
   when:

From a9d2c5201047c273c2c4fead5a54e576111da455 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 18 Sep 2019 08:55:17 +0200
Subject: [PATCH 309/714] Moved run_cluster_mode.sh script to molecule folder

---
 run_cluster_mode.sh => molecule/run_cluster_mode.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename run_cluster_mode.sh => molecule/run_cluster_mode.sh (100%)

diff --git a/run_cluster_mode.sh b/molecule/run_cluster_mode.sh
similarity index 100%
rename from run_cluster_mode.sh
rename to molecule/run_cluster_mode.sh

From 48cff3046de5052b99d3c9b68ccd532b55e10feb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 18 Sep 2019 08:58:19 +0200
Subject: [PATCH 310/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ab4e5eea..95a9d18b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@ All notable changes to this project will be documented in this file.
 - Updated Kibana [@jm404](https://github.com/jm404) [#237](https://github.com/wazuh/wazuh-ansible/pull/237)
 - Updated agent.conf template [@moodymob](https://github.com/moodymob) [#222](https://github.com/wazuh/wazuh-ansible/pull/222)
 - Improved molecule tests [@rshad](https://github.com/rshad) [#223](https://github.com/wazuh/wazuh-ansible/pull/223/files)
+- Moved "run_cluster_mode.sh" script to molecule folder [@jm404](https://github.com/jm404) [#a9d2c52](https://github.com/wazuh/wazuh-ansible/commit/a9d2c5201047c273c2c4fead5a54e576111da455)
 
 ### Fixed
 

From 61740ebebc60d63fccdd33c41e82fdb262a9a01e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 18 Sep 2019 09:01:10 +0200
Subject: [PATCH 311/714] Fix typo in Amazon distribution conditional

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index a0f6e5c0..c7c7f551 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -10,7 +10,7 @@
     daemon_reload: true
   ignore_errors: true
   when:
-    - not (ansible_distribution == "Amazon and ansible_distribution_version == "(Karoo)")
+    - not (ansible_distribution == "Amazon" and ansible_distribution_version == "(Karoo)")
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
     - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
     - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))

From 9f08ca93f86f3773ff1810e70b2b1ae73b17400d Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 18 Sep 2019 15:35:29 +0200
Subject: [PATCH 312/714] Removed molecule from root folder

---
 Pipfile                                      | 35 --------
 README.md                                    | 15 ++++
 molecule/default/Dockerfile.j2               | 14 ---
 molecule/default/INSTALL.rst                 | 16 ----
 molecule/default/create.yml                  | 85 -------------------
 molecule/default/destroy.yml                 | 32 -------
 molecule/default/molecule.yml.template       | 47 -----------
 molecule/default/playbook.yml                | 19 -----
 molecule/default/playbook.yml.template       | 19 -----
 molecule/default/prepare.yml                 | 36 --------
 molecule/default/tests/test_default.py       | 89 --------------------
 molecule/elasticsearch/Dockerfile.j2         | 14 ---
 molecule/elasticsearch/INSTALL.rst           | 22 -----
 molecule/elasticsearch/molecule.yml          | 57 -------------
 molecule/elasticsearch/molecule.yml.template | 57 -------------
 molecule/elasticsearch/playbook.yml          |  6 --
 molecule/elasticsearch/playbook.yml.template |  6 --
 molecule/elasticsearch/tests/test_default.py | 20 -----
 molecule/kibana/Dockerfile.j2                | 14 ---
 molecule/kibana/INSTALL.rst                  | 22 -----
 molecule/kibana/molecule.yml.template        | 40 ---------
 molecule/kibana/playbook.yml                 |  6 --
 molecule/kibana/playbook.yml.template        |  6 --
 molecule/kibana/prepare.yml                  | 36 --------
 molecule/kibana/tests/test_default.py        | 24 ------
 molecule/run_cluster_mode.sh                 | 43 ----------
 molecule/wazuh-agent/Dockerfile.j2           | 14 ---
 molecule/wazuh-agent/INSTALL.rst             | 22 -----
 molecule/wazuh-agent/molecule.yml            | 89 --------------------
 molecule/wazuh-agent/molecule.yml.template   | 89 --------------------
 molecule/wazuh-agent/playbook.yml            | 18 ----
 molecule/wazuh-agent/playbook.yml.template   | 18 ----
 molecule/wazuh-agent/prepare.yml             | 43 ----------
 molecule/wazuh-agent/tests/test_agents.py    | 28 ------
 molecule/wazuh-agent/tests/test_manager.py   | 15 ----
 molecule/worker/Dockerfile.j2                | 14 ---
 molecule/worker/molecule.yml.template        | 53 ------------
 molecule/worker/playbook.yml                 | 21 -----
 molecule/worker/playbook.yml.template        | 21 -----
 molecule/worker/tests/test_default.py        | 85 -------------------
 40 files changed, 15 insertions(+), 1295 deletions(-)
 delete mode 100644 Pipfile
 delete mode 100644 molecule/default/Dockerfile.j2
 delete mode 100644 molecule/default/INSTALL.rst
 delete mode 100644 molecule/default/create.yml
 delete mode 100644 molecule/default/destroy.yml
 delete mode 100644 molecule/default/molecule.yml.template
 delete mode 100644 molecule/default/playbook.yml
 delete mode 100644 molecule/default/playbook.yml.template
 delete mode 100644 molecule/default/prepare.yml
 delete mode 100644 molecule/default/tests/test_default.py
 delete mode 100644 molecule/elasticsearch/Dockerfile.j2
 delete mode 100644 molecule/elasticsearch/INSTALL.rst
 delete mode 100644 molecule/elasticsearch/molecule.yml
 delete mode 100644 molecule/elasticsearch/molecule.yml.template
 delete mode 100644 molecule/elasticsearch/playbook.yml
 delete mode 100644 molecule/elasticsearch/playbook.yml.template
 delete mode 100644 molecule/elasticsearch/tests/test_default.py
 delete mode 100644 molecule/kibana/Dockerfile.j2
 delete mode 100644 molecule/kibana/INSTALL.rst
 delete mode 100644 molecule/kibana/molecule.yml.template
 delete mode 100644 molecule/kibana/playbook.yml
 delete mode 100644 molecule/kibana/playbook.yml.template
 delete mode 100644 molecule/kibana/prepare.yml
 delete mode 100644 molecule/kibana/tests/test_default.py
 delete mode 100644 molecule/run_cluster_mode.sh
 delete mode 100644 molecule/wazuh-agent/Dockerfile.j2
 delete mode 100644 molecule/wazuh-agent/INSTALL.rst
 delete mode 100644 molecule/wazuh-agent/molecule.yml
 delete mode 100644 molecule/wazuh-agent/molecule.yml.template
 delete mode 100644 molecule/wazuh-agent/playbook.yml
 delete mode 100644 molecule/wazuh-agent/playbook.yml.template
 delete mode 100644 molecule/wazuh-agent/prepare.yml
 delete mode 100644 molecule/wazuh-agent/tests/test_agents.py
 delete mode 100644 molecule/wazuh-agent/tests/test_manager.py
 delete mode 100644 molecule/worker/Dockerfile.j2
 delete mode 100644 molecule/worker/molecule.yml.template
 delete mode 100644 molecule/worker/playbook.yml
 delete mode 100644 molecule/worker/playbook.yml.template
 delete mode 100644 molecule/worker/tests/test_default.py

diff --git a/Pipfile b/Pipfile
deleted file mode 100644
index 6f709455..00000000
--- a/Pipfile
+++ /dev/null
@@ -1,35 +0,0 @@
-[[source]]
-url = "https://pypi.org/simple"
-verify_ssl = true
-name = "pypi"
-
-[packages]
-docker-py = "*"
-ansible = "==2.7.13"
-molecule = "==2.20.2"
-
-[dev-packages]
-
-[requires]
-python_version = "2.7"
-
-[scripts]
-test ="molecule test --destroy=never"
-worker ="molecule test -s worker --destroy=never"
-agent ="molecule test -s wazuh-agent --destroy=never"
-elasticsearch ="molecule test -s elasticsearch  --destroy=never"
-kibana ="molecule test -s kibana --destroy=never"
-
-# Verify ..
-verify ="molecule verify"
-verify_worker ="molecule verify -s worker"
-verify_agent ="molecule verify -s agent"
-verify_elasticsearch ="molecule verify -s elasticsearch"
-verify_kibana ="molecule verify -s kibana"
-
-# Destroy ..
-destroy ="molecule destroy"
-destroy_worker ="molecule destroy -s worker"
-destroy_agent ="molecule destroy -s agent"
-destroy_elasticsearch ="molecule destroy -s elasticsearch"
-destroy_kibana ="molecule destroy -s kibana"
diff --git a/README.md b/README.md
index f684d1a8..257d15cc 100644
--- a/README.md
+++ b/README.md
@@ -47,6 +47,21 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack.
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
 
 ## Testing
+
+1. Get the `wazuh-ansible` folder from the `wazuh-qa` [repository](https://github.com/wazuh/wazuh-qa/tree/master/ansible/wazuh-ansible).
+
+```
+git clone https://github.com/wazuh/wazuh-qa
+```
+
+2. Copy the `Pipfile` and the `molecule` folder into the root wazuh-ansible directory:
+
+```
+cp wazuh-qa/ansible/wazuh-ansible/* . -R
+```
+
+3. Follow these steps for launching the tests. Check the Pipfile for running different scenarios:
+
 ```
 pip install pipenv
 sudo pipenv install
diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
deleted file mode 100644
index 19692c20..00000000
--- a/molecule/default/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/default/INSTALL.rst b/molecule/default/INSTALL.rst
deleted file mode 100644
index e26493b8..00000000
--- a/molecule/default/INSTALL.rst
+++ /dev/null
@@ -1,16 +0,0 @@
-*******
-Install
-*******
-
-Requirements
-============
-
-* Docker Engine
-* docker-py
-
-Install
-=======
-
-.. code-block:: bash
-
-  $ sudo pip install docker-py
diff --git a/molecule/default/create.yml b/molecule/default/create.yml
deleted file mode 100644
index 0b25ec81..00000000
--- a/molecule/default/create.yml
+++ /dev/null
@@ -1,85 +0,0 @@
----
-- name: Create
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  no_log: false
-  tasks:
-    - name: Log into a Docker registry
-      docker_login:
-        username: "{{ item.registry.credentials.username }}"
-        password: "{{ item.registry.credentials.password }}"
-        email: "{{ item.registry.credentials.email | default(omit) }}"
-        registry: "{{ item.registry.url }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-      with_items: "{{ molecule_yml.platforms }}"
-      when:
-        - item.registry is defined
-        - item.registry.credentials is defined
-        - item.registry.credentials.username is defined
-
-    - name: Create Dockerfiles from image names
-      template:
-        src: "{{ molecule_scenario_directory }}/Dockerfile.j2"
-        dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
-      with_items: "{{ molecule_yml.platforms }}"
-      register: platforms
-
-    - name: Discover local Docker images
-      docker_image_facts:
-        name: "molecule_local/{{ item.item.name }}"
-        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
-      with_items: "{{ platforms.results }}"
-      register: docker_images
-
-    - name: Build an Ansible compatible image
-      docker_image:
-        path: "{{ molecule_ephemeral_directory }}"
-        name: "molecule_local/{{ item.item.image }}"
-        docker_host: "{{ item.item.docker_host | default('unix://var/run/docker.sock') }}"
-        dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}"
-        force: "{{ item.item.force | default(true) }}"
-      with_items: "{{ platforms.results }}"
-      when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
-
-    - name: Create docker network(s)
-      docker_network:
-        name: "main"
-        state: present
-      
-    - name: Sleep 5 seconds till the network gets created if it's not
-        # Pause for 5 minutes to build app cache.
-      pause:
-        seconds: 10
-
-    - name: Create molecule instance(s)
-      docker_container:
-        name: "{{ item.name }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        hostname: "{{ item.name }}"
-        image: "molecule_local/{{ item.image }}"
-        state: started
-        recreate: false
-        log_driver: json-file
-        command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}"
-        privileged: "{{ item.privileged | default(omit) }}"
-        volumes: "{{ item.volumes | default(omit) }}"
-        capabilities: "{{ item.capabilities | default(omit) }}"
-        exposed_ports: "{{ item.exposed_ports | default(omit) }}"
-        published_ports: "{{ item.published_ports | default(omit) }}"
-        ulimits: "{{ item.ulimits | default(omit) }}"
-        networks: 
-          - name: "main"
-        dns_servers: "{{ item.dns_servers | default(omit) }}"
-      register: server
-      with_items: "{{ molecule_yml.platforms }}"
-      async: 7200
-      poll: 0
-
-    - name: Wait for instance(s) creation to complete
-      async_status:
-        jid: "{{ item.ansible_job_id }}"
-      register: docker_jobs
-      until: docker_jobs.finished
-      retries: 300
-      with_items: "{{ server.results }}"
\ No newline at end of file
diff --git a/molecule/default/destroy.yml b/molecule/default/destroy.yml
deleted file mode 100644
index ddf7062b..00000000
--- a/molecule/default/destroy.yml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-- name: Destroy
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  no_log: false
-  tasks:
-    - name: Destroy molecule instance(s)
-      docker_container:
-        name: "{{ item.name }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        state: absent
-        force_kill: "{{ item.force_kill | default(true) }}"
-      register: server
-      with_items: "{{ molecule_yml.platforms }}"
-      async: 7200
-      poll: 0
-
-    - name: Wait for instance(s) deletion to complete
-      async_status:
-        jid: "{{ item.ansible_job_id }}"
-      register: docker_jobs
-      until: docker_jobs.finished
-      retries: 300
-      with_items: "{{ server.results }}"
-
-    - name: Delete docker network(s)
-      docker_network:
-        name: "{{ item }}"
-        docker_host: "{{ item.docker_host | default('unix://var/run/docker.sock') }}"
-        state: absent
-      with_items: "{{ molecule_yml.platforms | molecule_get_docker_networks }}"
diff --git a/molecule/default/molecule.yml.template b/molecule/default/molecule.yml.template
deleted file mode 100644
index f46226c2..00000000
--- a/molecule/default/molecule.yml.template
+++ /dev/null
@@ -1,47 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  enabled: false
-platforms:
-  - name: manager_platform_
-    image: imagename
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-scenario:
-  name: default
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    - idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
-    enabled: true
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
deleted file mode 100644
index d4561c1b..00000000
--- a/molecule/default/playbook.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-      vars:
-        wazuh_manager_config:
-            cluster:
-                disable: 'no'
-                name: 'wazuh'
-                node_name: 'manager'
-                node_type: 'master'
-                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
-                port: '1516'
-                bind_addr: '0.0.0.0'
-                nodes:
-                - 'manager_bionic'
-                hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_bionic:9200' }
\ No newline at end of file
diff --git a/molecule/default/playbook.yml.template b/molecule/default/playbook.yml.template
deleted file mode 100644
index f73659e9..00000000
--- a/molecule/default/playbook.yml.template
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-      vars:
-        wazuh_manager_config:
-            cluster:
-                disable: 'no'
-                name: 'wazuh'
-                node_name: 'manager'
-                node_type: 'master'
-                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
-                port: '1516'
-                bind_addr: '0.0.0.0'
-                nodes:
-                - 'manager_platform'
-                hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_platform:9200' }
\ No newline at end of file
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
deleted file mode 100644
index f3dc9aac..00000000
--- a/molecule/default/prepare.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  gather_facts: true
-  tasks:
-
-    - name: "Install Python packages for Trusty to solve trust issues"
-      package:
-        name:
-          - python-setuptools
-          - python-pip
-        state: latest
-      register: wazuh_manager_trusty_packages_installed
-      until: wazuh_manager_trusty_packages_installed is succeeded
-      when:
-        - ansible_distribution == "Ubuntu"
-        - ansible_distribution_major_version | int == 14
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-
-    - name: "Install (RedHat) dependencies"
-      package:
-        name:
-          - initscripts
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-      when:
-        - ansible_os_family == 'RedHat'
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
deleted file mode 100644
index 03fe99d4..00000000
--- a/molecule/default/tests/test_default.py
+++ /dev/null
@@ -1,89 +0,0 @@
-import os
-import pytest
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def get_wazuh_version():
-    """This return the version of Wazuh."""
-    return "3.10.0"
-
-
-def test_wazuh_packages_are_installed(host):
-    """Test if the main packages are installed."""
-    manager = host.package("wazuh-manager")
-    api = host.package("wazuh-api")
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'centos':
-        if host.system_info.release == "7":
-            assert manager.is_installed
-            assert manager.version.startswith(get_wazuh_version())
-            assert api.is_installed
-            assert api.version.startswith(get_wazuh_version())
-        elif host.system_info.release.startswith("6"):
-            assert manager.is_installed
-            assert manager.version.startswith(get_wazuh_version())
-    elif distribution == 'ubuntu':
-        assert manager.is_installed
-        assert manager.version.startswith(get_wazuh_version())
-
-
-def test_wazuh_services_are_running(host):
-    """Test if the services are enabled and running.
-
-    When assert commands are commented, this means that the service command has
-    a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
-    """
-    manager = host.service("wazuh-manager")
-    api = host.service("wazuh-api")
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'centos':
-        # assert manager.is_running
-        assert manager.is_enabled
-        # assert not api.is_running
-        assert not api.is_enabled
-    elif distribution == 'ubuntu':
-        # assert manager.is_running
-        assert manager.is_enabled
-        # assert api.is_running
-        assert api.is_enabled
-
-
-@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
-    ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
-    ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
-    ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
-    ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
-])
-def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
-    """Test if Wazuh related files exist and have proper owners and mode."""
-    wazuh_file_host = host.file(wazuh_file)
-
-    assert wazuh_file_host.user == wazuh_owner
-    assert wazuh_file_host.group == wazuh_group
-    assert wazuh_file_host.mode == wazuh_mode
-
-
-def test_open_ports(host):
-    """Test if the main port is open and the agent-auth is not open."""
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'ubuntu':
-        assert host.socket("tcp://0.0.0.0:1516").is_listening
-        assert host.socket("tcp://0.0.0.0:1515").is_listening
-        assert host.socket("tcp://0.0.0.0:1514").is_listening
-    elif distribution == 'centos':
-        assert host.socket("tcp://0.0.0.0:1516").is_listening
-        assert host.socket("tcp://127.0.0.1:1515").is_listening
-        assert host.socket("tcp://127.0.0.1:1514").is_listening
-
-
-def test_filebeat_is_installed(host):
-    """Test if the elasticsearch package is installed."""
-    filebeat = host.package("filebeat")
-    assert filebeat.is_installed
-    assert filebeat.version.startswith('7.3.2')
diff --git a/molecule/elasticsearch/Dockerfile.j2 b/molecule/elasticsearch/Dockerfile.j2
deleted file mode 100644
index e6aa95d3..00000000
--- a/molecule/elasticsearch/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/elasticsearch/INSTALL.rst b/molecule/elasticsearch/INSTALL.rst
deleted file mode 100644
index 6a44bde9..00000000
--- a/molecule/elasticsearch/INSTALL.rst
+++ /dev/null
@@ -1,22 +0,0 @@
-*******
-Docker driver installation guide
-*******
-
-Requirements
-============
-
-* Docker Engine
-
-Install
-=======
-
-Please refer to the `Virtual environment`_ documentation for installation best
-practices. If not using a virtual environment, please consider passing the
-widely recommended `'--user' flag`_ when invoking ``pip``.
-
-.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
-.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
-
-.. code-block:: bash
-
-    $ pip install 'molecule[docker]'
diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml
deleted file mode 100644
index 11d8902f..00000000
--- a/molecule/elasticsearch/molecule.yml
+++ /dev/null
@@ -1,57 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-bionics:
-  - name: elasticsearch_bionic
-    image: solita/ubuntu-systemd:bionic
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-      prepare: ../default/prepare.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-  inventory:
-    group_vars:
-      all:
-        elasticsearch_jvm_xms: 512
-scenario:
-  name: elasticsearch
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    #- idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/elasticsearch/molecule.yml.template b/molecule/elasticsearch/molecule.yml.template
deleted file mode 100644
index baba140e..00000000
--- a/molecule/elasticsearch/molecule.yml.template
+++ /dev/null
@@ -1,57 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-platforms:
-  - name: elasticsearch_platform_
-    image: imagename
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-      prepare: ../default/prepare.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-  inventory:
-    group_vars:
-      all:
-        elasticsearch_jvm_xms: 512
-scenario:
-  name: elasticsearch
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    - idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml
deleted file mode 100644
index 6b5c44f8..00000000
--- a/molecule/elasticsearch/playbook.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'elasticsearch_bionic'
diff --git a/molecule/elasticsearch/playbook.yml.template b/molecule/elasticsearch/playbook.yml.template
deleted file mode 100644
index 0b2f9d5a..00000000
--- a/molecule/elasticsearch/playbook.yml.template
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: elastic-stack/ansible-elasticsearch
-      elasticsearch_network_host: 'elasticsearch_platform'
diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py
deleted file mode 100644
index f4021876..00000000
--- a/molecule/elasticsearch/tests/test_default.py
+++ /dev/null
@@ -1,20 +0,0 @@
-import os
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_elasticsearch_is_installed(host):
-    """Test if the elasticsearch package is installed."""
-    elasticsearch = host.package("elasticsearch")
-    assert elasticsearch.is_installed
-    assert elasticsearch.version.startswith('7.3.2')
-
-
-def test_elasticsearch_is_running(host):
-    """Test if the services are enabled and running."""
-    elasticsearch = host.service("elasticsearch")
-    assert elasticsearch.is_enabled
-    assert elasticsearch.is_running
diff --git a/molecule/kibana/Dockerfile.j2 b/molecule/kibana/Dockerfile.j2
deleted file mode 100644
index e6aa95d3..00000000
--- a/molecule/kibana/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/kibana/INSTALL.rst b/molecule/kibana/INSTALL.rst
deleted file mode 100644
index 6a44bde9..00000000
--- a/molecule/kibana/INSTALL.rst
+++ /dev/null
@@ -1,22 +0,0 @@
-*******
-Docker driver installation guide
-*******
-
-Requirements
-============
-
-* Docker Engine
-
-Install
-=======
-
-Please refer to the `Virtual environment`_ documentation for installation best
-practices. If not using a virtual environment, please consider passing the
-widely recommended `'--user' flag`_ when invoking ``pip``.
-
-.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
-.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
-
-.. code-block:: bash
-
-    $ pip install 'molecule[docker]'
diff --git a/molecule/kibana/molecule.yml.template b/molecule/kibana/molecule.yml.template
deleted file mode 100644
index eec8f6e3..00000000
--- a/molecule/kibana/molecule.yml.template
+++ /dev/null
@@ -1,40 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-platforms:
-  - name: kibana_platform_
-    image: imagename
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 1024m
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-  inventory:
-    group_vars:
-      all:
-        elasticsearch_jvm_xms: 256
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml
deleted file mode 100644
index 6af17723..00000000
--- a/molecule/kibana/playbook.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: elastic-stack/ansible-kibana
-      elasticsearch_network_host: 'elasticsearch_bionic'
\ No newline at end of file
diff --git a/molecule/kibana/playbook.yml.template b/molecule/kibana/playbook.yml.template
deleted file mode 100644
index b166ac28..00000000
--- a/molecule/kibana/playbook.yml.template
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: elastic-stack/ansible-kibana
-      elasticsearch_network_host: 'elasticsearch_platform'
\ No newline at end of file
diff --git a/molecule/kibana/prepare.yml b/molecule/kibana/prepare.yml
deleted file mode 100644
index c5592219..00000000
--- a/molecule/kibana/prepare.yml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  gather_facts: true
-  pre_tasks:
-
-    - name: "Install Python packages for Trusty to solve trust issues"
-      package:
-        name:
-          - python-setuptools
-          - python-pip
-        state: latest
-      register: wazuh_manager_trusty_packages_installed
-      until: wazuh_manager_trusty_packages_installed is succeeded
-      when:
-        - ansible_distribution == "Ubuntu"
-        - ansible_distribution_major_version | int == 14
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-
-    - name: "Install (RedHat) dependencies"
-      package:
-        name:
-          - initscripts
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-      when:
-        - ansible_os_family == 'RedHat'
diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py
deleted file mode 100644
index ccd4d4f2..00000000
--- a/molecule/kibana/tests/test_default.py
+++ /dev/null
@@ -1,24 +0,0 @@
-import os
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_port_kibana_is_open(host):
-    """Test if the port 5601 is open and listening to connections."""
-    host.socket("tcp://0.0.0.0:5601").is_listening
-
-
-def test_find_correct_elasticsearch_version(host):
-    """Test if we find the kibana/elasticsearch version in package.json"""
-    kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json")
-    assert kibana.contains("7.3.2")
-
-
-def test_wazuh_plugin_installed(host):
-    """Make sure there is a plugin wazuh directory."""
-    kibana = host.file("/usr/share/kibana/plugins/wazuh/")
-
-    assert kibana.is_directory
diff --git a/molecule/run_cluster_mode.sh b/molecule/run_cluster_mode.sh
deleted file mode 100644
index c1a0941d..00000000
--- a/molecule/run_cluster_mode.sh
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/bin/bash
-
-paths=( "molecule/default/" "molecule/worker/" "molecule/elasticsearch/" "molecule/kibana/" )
-images=( "solita/ubuntu-systemd:bionic" "solita/ubuntu-systemd:xenial" "milcom/centos7-systemd" "ubuntu:trusty" "centos:6" )
-platform=( "bionic" "xenial" "centos7" "trusty" "centos6" )
-
-echo "Please select an image. "
-
-select IMAGE in "${images[@]}";
-do
-     echo "You picked $IMAGE ($REPLY)"
-     break
-done
-
-index=$(($REPLY - 1))
-
-if [ -z "$IMAGE" ]
-then
-      echo "Platform not selected. Please select a platform of [bionuc, xenial or centos7]. => Aborting"
-      exit
-else
-        for i in "${paths[@]}"
-        do
-            cp "$i/playbook.yml.template" "$i/playbook.yml"
-            sed -i "s/platform/${platform[$index]}/g" "$i/playbook.yml"
-
-            cp "$i/molecule.yml.template" "$i/molecule.yml"
-            sed -i "s|imagename|${images[$index]}|g" "$i/molecule.yml"
-            sed -i "s/platform_/${platform[$index]}/g" "$i/molecule.yml"    
-
-        done
-fi
-
-sudo pipenv run elasticsearch
-sudo pipenv run test
-sudo pipenv run worker
-sudo pipenv run kibana
-
-sudo pipenv run destroy
-sudo pipenv run destroy_worker
-sudo pipenv run destroy_elasticsearch
-sudo pipenv run destroy_kibana
-
diff --git a/molecule/wazuh-agent/Dockerfile.j2 b/molecule/wazuh-agent/Dockerfile.j2
deleted file mode 100644
index e6aa95d3..00000000
--- a/molecule/wazuh-agent/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/wazuh-agent/INSTALL.rst b/molecule/wazuh-agent/INSTALL.rst
deleted file mode 100644
index 6a44bde9..00000000
--- a/molecule/wazuh-agent/INSTALL.rst
+++ /dev/null
@@ -1,22 +0,0 @@
-*******
-Docker driver installation guide
-*******
-
-Requirements
-============
-
-* Docker Engine
-
-Install
-=======
-
-Please refer to the `Virtual environment`_ documentation for installation best
-practices. If not using a virtual environment, please consider passing the
-widely recommended `'--user' flag`_ when invoking ``pip``.
-
-.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
-.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
-
-.. code-block:: bash
-
-    $ pip install 'molecule[docker]'
diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml
deleted file mode 100644
index a0b050b1..00000000
--- a/molecule/wazuh-agent/molecule.yml
+++ /dev/null
@@ -1,89 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-  #lint:
-  #  name: yamllint
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-platforms:
-  #- name: wazuh_server_centos7
-  #  image: milcom/centos7-systemd
-  #  networks:
-  #    - name: wazuh
-  #  privileged: true
-  #  groups:
-  #    - manager
-  - name: wazuh_agent_bionic
-    image: ubuntu:bionic
-    networks:
-      - name: wazuh
-    groups:
-      - agent
-  #- name: wazuh_agent_xenial
-  #  image: solita/ubuntu-systemd:xenial
-  #  privileged: true
-  #  command: /sbin/init
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-  #- name: wazuh_agent_trusty
-  #  image: ubuntu:trusty
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-  #- name: wazuh_agent_centos6
-  #  image: centos:6
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-  #- name: wazuh_agent_centos7
-  #  image: milcom/centos7-systemd
-  #  privileged: true
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  inventory:
-    group_vars:
-      agent:
-        api_pass: password
-        wazuh_managers:
-          - address: "{{ wazuh_manager_ip }}"
-            port: 1514
-            protocol: tcp
-            api_port: 55000
-            api_proto: 'http'
-            api_user: null
-        wazuh_agent_authd:
-          enable: true
-          port: 1515
-          ssl_agent_ca: null
-          ssl_agent_cert: null
-          ssl_agent_key: null
-          ssl_auto_negotiate: 'no'
-  lint:
-    name: ansible-lint
-    enabled: true
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/wazuh-agent/molecule.yml.template b/molecule/wazuh-agent/molecule.yml.template
deleted file mode 100644
index a0b050b1..00000000
--- a/molecule/wazuh-agent/molecule.yml.template
+++ /dev/null
@@ -1,89 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-  #lint:
-  #  name: yamllint
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-platforms:
-  #- name: wazuh_server_centos7
-  #  image: milcom/centos7-systemd
-  #  networks:
-  #    - name: wazuh
-  #  privileged: true
-  #  groups:
-  #    - manager
-  - name: wazuh_agent_bionic
-    image: ubuntu:bionic
-    networks:
-      - name: wazuh
-    groups:
-      - agent
-  #- name: wazuh_agent_xenial
-  #  image: solita/ubuntu-systemd:xenial
-  #  privileged: true
-  #  command: /sbin/init
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-  #- name: wazuh_agent_trusty
-  #  image: ubuntu:trusty
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-  #- name: wazuh_agent_centos6
-  #  image: centos:6
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-  #- name: wazuh_agent_centos7
-  #  image: milcom/centos7-systemd
-  #  privileged: true
-  #  networks:
-  #    - name: wazuh
-  #  groups:
-  #    - agent
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  inventory:
-    group_vars:
-      agent:
-        api_pass: password
-        wazuh_managers:
-          - address: "{{ wazuh_manager_ip }}"
-            port: 1514
-            protocol: tcp
-            api_port: 55000
-            api_proto: 'http'
-            api_user: null
-        wazuh_agent_authd:
-          enable: true
-          port: 1515
-          ssl_agent_ca: null
-          ssl_agent_cert: null
-          ssl_agent_key: null
-          ssl_auto_negotiate: 'no'
-  lint:
-    name: ansible-lint
-    enabled: true
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml
deleted file mode 100644
index 4feac0c2..00000000
--- a/molecule/wazuh-agent/playbook.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-agent
-  vars:
-    wazuh_managers:
-      - address: 'manager_platform'
-        port: 1514
-        protocol: tcp
-        api_port: 55000
-        api_proto: 'http'
-        api_user: ansible
-    wazuh_agent_authd:
-      enable: true
-      port: 1515
-      ssl_agent_ca: null
-      ssl_auto_negotiate: 'no'    
diff --git a/molecule/wazuh-agent/playbook.yml.template b/molecule/wazuh-agent/playbook.yml.template
deleted file mode 100644
index 4feac0c2..00000000
--- a/molecule/wazuh-agent/playbook.yml.template
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-agent
-  vars:
-    wazuh_managers:
-      - address: 'manager_platform'
-        port: 1514
-        protocol: tcp
-        api_port: 55000
-        api_proto: 'http'
-        api_user: ansible
-    wazuh_agent_authd:
-      enable: true
-      port: 1515
-      ssl_agent_ca: null
-      ssl_auto_negotiate: 'no'    
diff --git a/molecule/wazuh-agent/prepare.yml b/molecule/wazuh-agent/prepare.yml
deleted file mode 100644
index ddb1bbe1..00000000
--- a/molecule/wazuh-agent/prepare.yml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-- name: Prepare
-  hosts: manager
-  gather_facts: true
-  tasks:
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_manager_dependencies_packages_installed
-      until: wazuh_manager_dependencies_packages_installed is succeeded
-
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-
-- name: Prepare
-  hosts: agent
-  gather_facts: true
-  tasks:
-
-    - name: "Install Python packages for Trusty to solve trust issues"
-      package:
-        name:
-          - python-setuptools
-          - python-pip
-        state: latest
-      register: wazuh_manager_trusty_packages_installed
-      until: wazuh_manager_trusty_packages_installed is succeeded
-      when:
-        - ansible_distribution == "Ubuntu"
-        - ansible_distribution_major_version | int == 14
-
-    - name: "Install dependencies"
-      package:
-        name:
-          - curl
-          - net-tools
-        state: latest
-      register: wazuh_agent_dependencies_packages_installed
-      until: wazuh_agent_dependencies_packages_installed is succeeded
diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py
deleted file mode 100644
index 1846d3fe..00000000
--- a/molecule/wazuh-agent/tests/test_agents.py
+++ /dev/null
@@ -1,28 +0,0 @@
-import os
-import pytest
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent')
-
-
-def get_wazuh_version():
-    """This return the version of Wazuh."""
-    return "3.10.0"
-
-
-def test_ossec_package_installed(Package):
-    ossec = Package('wazuh-agent')
-    assert ossec.is_installed
-
-
-@pytest.mark.parametrize("wazuh_service, wazuh_owner", (
-        ("ossec-agentd", "ossec"),
-        ("ossec-execd", "root"),
-        ("ossec-syscheckd", "root"),
-        ("wazuh-modulesd", "root"),
-))
-def test_wazuh_processes_running(host, wazuh_service, wazuh_owner):
-    master = host.process.get(user=wazuh_owner, comm=wazuh_service)
-    assert master.args == "/var/ossec/bin/" + wazuh_service
diff --git a/molecule/wazuh-agent/tests/test_manager.py b/molecule/wazuh-agent/tests/test_manager.py
deleted file mode 100644
index 9b085b2b..00000000
--- a/molecule/wazuh-agent/tests/test_manager.py
+++ /dev/null
@@ -1,15 +0,0 @@
-import os
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('manager')
-
-
-def test_agents_registered_on_manager(host):
-    cmd = host.run("/var/ossec/bin/manage_agents -l")
-    assert 'wazuh_agent_bionic' in cmd.stdout
-    assert 'wazuh_agent_xenial' in cmd.stdout
-    assert 'wazuh_agent_trusty' in cmd.stdout
-    assert 'wazuh_agent_centos6' in cmd.stdout
-    assert 'wazuh_agent_centos7' in cmd.stdout
diff --git a/molecule/worker/Dockerfile.j2 b/molecule/worker/Dockerfile.j2
deleted file mode 100644
index e6aa95d3..00000000
--- a/molecule/worker/Dockerfile.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
-    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \
-    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi
diff --git a/molecule/worker/molecule.yml.template b/molecule/worker/molecule.yml.template
deleted file mode 100644
index ecfe6469..00000000
--- a/molecule/worker/molecule.yml.template
+++ /dev/null
@@ -1,53 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-lint:
-  name: yamllint
-  options:
-    config-data:
-      ignore: .virtualenv
-platforms:
-  - name: worker_platform_
-    image: imagename
-    command: /sbin/init
-    ulimits:
-      - nofile:262144:262144
-    privileged: true
-    memory_reservation: 2048m
-provisioner:
-  name: ansible
-  config_options:
-    defaults:
-      hash_behaviour: merge
-  playbooks:
-    docker:
-      create: ../default/create.yml
-      destroy: ../default/destroy.yml
-      prepare: ../default/prepare.yml
-  env:
-    ANSIBLE_ROLES_PATH: ../../roles
-  lint:
-    name: ansible-lint
-    enabled: true
-scenario:
-  name: worker
-  test_sequence:
-    - lint
-    - dependency
-    - cleanup
-    - destroy
-    - syntax
-    - create
-    - prepare
-    - converge
-    - idempotence
-    - side_effect
-    - verify
-    - cleanup
-    - destroy
-verifier:
-  name: testinfra
-  lint:
-    name: flake8
diff --git a/molecule/worker/playbook.yml b/molecule/worker/playbook.yml
deleted file mode 100644
index a59f93f2..00000000
--- a/molecule/worker/playbook.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-      vars:
-        wazuh_manager_config:
-            cluster:
-                disable: 'no'
-                name: 'wazuh'
-                node_name: 'worker-01'
-                node_type: 'worker'
-                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
-                port: '1516'
-                bind_addr: '0.0.0.0'
-                nodes:
-                - 'manager_bionic'
-                hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_bionic:9200' }
-
-
diff --git a/molecule/worker/playbook.yml.template b/molecule/worker/playbook.yml.template
deleted file mode 100644
index 45b12d1d..00000000
--- a/molecule/worker/playbook.yml.template
+++ /dev/null
@@ -1,21 +0,0 @@
----
-- name: Converge
-  hosts: all
-  roles:
-    - role: wazuh/ansible-wazuh-manager
-      vars:
-        wazuh_manager_config:
-            cluster:
-                disable: 'no'
-                name: 'wazuh'
-                node_name: 'worker-01'
-                node_type: 'worker'
-                key: 'ugdtAnd7Pi9myP7CVts4qZaZQEQcRYZa'
-                port: '1516'
-                bind_addr: '0.0.0.0'
-                nodes:
-                - 'manager_platform'
-                hidden: 'no'
-    - { role: wazuh/ansible-filebeat, filebeat_output_elasticsearch_hosts: 'elasticsearch_platform:9200' }
-
-
diff --git a/molecule/worker/tests/test_default.py b/molecule/worker/tests/test_default.py
deleted file mode 100644
index 4de03dc3..00000000
--- a/molecule/worker/tests/test_default.py
+++ /dev/null
@@ -1,85 +0,0 @@
-import os
-import pytest
-
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def get_wazuh_version():
-    """This return the version of Wazuh."""
-    return "3.10.0"
-
-
-def test_wazuh_packages_are_installed(host):
-    """Test if the main packages are installed."""
-    manager = host.package("wazuh-manager")
-    api = host.package("wazuh-api")
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'centos':
-        if host.system_info.release == "7":
-            assert manager.is_installed
-            assert manager.version.startswith(get_wazuh_version())
-            assert api.is_installed
-            assert api.version.startswith(get_wazuh_version())
-        elif host.system_info.release.startswith("6"):
-            assert manager.is_installed
-            assert manager.version.startswith(get_wazuh_version())
-    elif distribution == 'ubuntu':
-        assert manager.is_installed
-        assert manager.version.startswith(get_wazuh_version())
-
-
-def test_wazuh_services_are_running(host):
-    """Test if the services are enabled and running.
-
-    When assert commands are commented, this means that the service command has
-    a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107
-    """
-    manager = host.service("wazuh-manager")
-    api = host.service("wazuh-api")
-
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'centos':
-        # assert manager.is_running
-        assert manager.is_enabled
-        # assert not api.is_running
-        assert not api.is_enabled
-    elif distribution == 'ubuntu':
-        # assert manager.is_running
-        assert manager.is_enabled
-        # assert api.is_running
-        assert api.is_enabled
-
-
-@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [
-    ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640),
-    ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640),
-    ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640),
-    ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640),
-])
-def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode):
-    """Test if Wazuh related files exist and have proper owners and mode."""
-    wazuh_file_host = host.file(wazuh_file)
-
-    assert wazuh_file_host.user == wazuh_owner
-    assert wazuh_file_host.group == wazuh_group
-    assert wazuh_file_host.mode == wazuh_mode
-
-
-def test_open_ports(host):
-    """Test if the main port is open and the agent-auth is not open."""
-    distribution = host.system_info.distribution.lower()
-    if distribution == 'ubuntu':
-        assert host.socket("tcp://0.0.0.0:1514").is_listening
-    elif distribution == 'centos':
-        assert host.socket("tcp://127.0.0.1:1514").is_listening
-
-
-def test_filebeat_is_installed(host):
-    """Test if the elasticsearch package is installed."""
-    filebeat = host.package("filebeat")
-    assert filebeat.is_installed
-    assert filebeat.version.startswith('7.3.2')

From a1359495a98a966851f171f238b7f372c46f8a78 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Sep 2019 10:57:23 +0200
Subject: [PATCH 313/714] Fix linting: trailing whitespace

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 85706199..af17e528 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -76,7 +76,7 @@
     mode: 0660
   notify: restart elasticsearch
   tags: configure
-  
+
 - name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf
   lineinfile:
     path: /etc/security/limits.conf

From 02425e0c85a15157882f5db6f559acd12383a945 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Sep 2019 11:09:21 +0200
Subject: [PATCH 314/714] Fix linting errors

Fixed linting on xpack_security.yml
---
 .../tasks/xpack_security.yml                  | 67 +++++++++----------
 1 file changed, 33 insertions(+), 34 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index e64b71df..046c3382 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -39,7 +39,7 @@
   when:
     - node_certs_generator
 
-- name: Importing custom CA key 
+- name: Importing custom CA key
   copy:
     src: "{{ master_certs_path }}/ca/{{ ca_key_name }}"
     dest: "{{ node_certs_source }}/{{ ca_key_name }}"
@@ -61,7 +61,7 @@
 
 - name: Generating certificates for Elasticsearch security (generating CA)
   shell: >-
-    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in 
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in
     {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
@@ -70,37 +70,37 @@
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password)
-  shell: >- 
-    /usr/share/elasticsearch/bin/elasticsearch-certutil cert 
-    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} 
+  shell: >-
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert
+    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
     --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
     - not generate_CA
-    - ca_password == ""
+    - ca_password | length == 0
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password)
-  shell: >- 
-    /usr/share/elasticsearch/bin/elasticsearch-certutil cert 
-    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }} 
-    --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip 
-    --ca-pass {{ca_password}}
+  shell: >-
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert
+    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
+    --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+    --ca-pass {{ ca_password }}
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
     - not generate_CA
-    - ca_password != ""
-  tags: xpack-security 
-  
+    - ca_password | length > 0
+  tags: xpack-security
+
 - name: Verify the Elastic certificates directory
   file:
     path: "{{ master_certs_path }}"
     state: directory
     mode: '0700'
   delegate_to: "127.0.0.1"
-  when: 
+  when:
     - node_certs_generator
 
 - name: Verify the Certificates Authority directory
@@ -109,7 +109,7 @@
     state: directory
     mode: '0700'
   delegate_to: "127.0.0.1"
-  when: 
+  when:
     - node_certs_generator
 
 - name: Copying certificates to Ansible master
@@ -118,7 +118,7 @@
     dest: "{{ master_certs_path }}/"
     flat: yes
     mode: 0700
-  when: 
+  when:
     - node_certs_generator
   tags: xpack-security
 
@@ -126,39 +126,39 @@
   file:
     state: absent
     path: "{{ node_certs_source }}/certs.zip"
-  when: 
+  when:
     - node_certs_generator
-    
+
 - name: Unzip generated certs.zip
   unarchive:
-    src: "{{master_certs_path}}/certs.zip"
-    dest: "{{master_certs_path}}/"
+    src: "{{ master_certs_path }}/certs.zip"
+    dest: "{{ master_certs_path }}/"
   become: true
   delegate_to: "127.0.0.1"
-  when: 
+  when:
     - node_certs_generator
   tags: xpack-security
 
 - name: Copying node's certificate from master
   copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
+    src: "{{ item }}"
+    dest: "{{ node_certs_destination }}/"
   with_items:
-    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
-    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
-    - "{{master_certs_path}}/ca/ca.crt"
+    - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
+    - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
+    - "{{ master_certs_path }}/ca/ca.crt"
   when:
     - generate_CA
   tags: xpack-security
 
 - name: Copying node's certificate from master (Custom CA)
   copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
-  with_items: 
-    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.key" 
-    - "{{master_certs_path}}/{{elasticsearch_node_name}}/{{ elasticsearch_node_name }}.crt"
-    - "{{master_certs_path}}/ca/{{ca_cert_name}}"
+    src: "{{ item }}"
+    dest: "{{ node_certs_destination }}/"
+  with_items:
+    - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
+    - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
+    - "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
   when:
     - not generate_CA
   tags: xpack-security
@@ -179,4 +179,3 @@
      echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
   when:
     - node_certs_generator
-    
\ No newline at end of file

From 534704f115628b6d92a8f81100f56d7b64a1c1b2 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Sep 2019 12:47:28 +0200
Subject: [PATCH 315/714] Fix linting errors on vars

---
 roles/wazuh/ansible-filebeat/tasks/main.yml | 26 ++++++++++-----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 7cd01cbd..85bd17e1 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -28,25 +28,25 @@
 
 - name: Copying node's certificate from master
   copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
-  with_items: 
-    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.key" 
-    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
-    - "{{master_certs_path}}/ca/ca.crt"
+    src: "{{ item }}"
+    dest: "{{ node_certs_destination }}/"
+  with_items:
+    - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.key"
+    - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.crt"
+    - "{{ master_certs_path }}/ca/ca.crt"
   when:
     - generate_CA
     - filebeat_xpack_security
   tags: xpack-security
-  
+
 - name: Copying node's certificate from master (Custom CA)
   copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
-  with_items: 
-    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.key" 
-    - "{{master_certs_path}}/{{filebeat_node_name}}/{{ filebeat_node_name }}.crt"
-    - "{{master_certs_path}}/ca/{{ca_cert_name}}"
+    src: "{{ item }}"
+    dest: "{{ node_certs_destination }}/"
+  with_items:
+    - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.key"
+    - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.crt"
+    - "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
   when:
     - not generate_CA
     - filebeat_xpack_security

From 4f955fe4988b19c433342daeed87e1bc852b5c78 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Sep 2019 12:49:26 +0200
Subject: [PATCH 316/714] Switch tasks from shell to command

---
 .../tasks/xpack_security.yml                  | 23 +++++++++++--------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 046c3382..650692c5 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -60,9 +60,10 @@
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (generating CA)
-  shell: >-
-    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in
-    {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+  command: >-
+    /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem
+    --in {{ node_certs_source }}/instances.yml
+    --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
@@ -70,10 +71,12 @@
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password)
-  shell: >-
+  command: >-
     /usr/share/elasticsearch/bin/elasticsearch-certutil cert
-    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
-    --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
+    --ca-key {{ node_certs_source }}/{{ ca_key_name }}
+    --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
+    --pem --in {{ node_certs_source }}/instances.yml
+    --out {{ node_certs_source }}/certs.zip
   when:
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
@@ -82,9 +85,10 @@
   tags: xpack-security
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password)
-  shell: >-
+  command: >-
     /usr/share/elasticsearch/bin/elasticsearch-certutil cert
-    --ca-key {{ node_certs_source }}/{{ ca_key_name }} --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
+    --ca-key {{ node_certs_source }}/{{ ca_key_name }}
+    --ca-cert {{ node_certs_source }}/{{ ca_cert_name }}
     --pem --in {{ node_certs_source }}/instances.yml --out {{ node_certs_source }}/certs.zip
     --ca-pass {{ ca_password }}
   when:
@@ -175,7 +179,8 @@
   tags: xpack-security
 
 - name: Set elasticsearch bootstrap password
-  shell: >-
+  command: >-
+     set -o pipefail
      echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
   when:
     - node_certs_generator

From de70f4eecd1ae6d25e907a0124625952305e07a0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 24 Sep 2019 18:36:44 +0200
Subject: [PATCH 317/714] Add single_node:false to ES distributed playbook

---
 playbooks/wazuh-elastic_stack-distributed.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index b582df9b..8c6bc567 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -17,6 +17,7 @@
       elasticsearch_xpack_security: true
       node_certs_generator: true
       elasticsearch_xpack_security_password: elastic_pass
+      single_node: false
 
   vars:
     instances:
@@ -35,6 +36,7 @@
     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: <node-2 IP>
       elasticsearch_node_name: node-2
+      single_node: false
       elasticsearch_xpack_security: true
       elasticsearch_master_candidate: true
       elasticsearch_discovery_nodes:
@@ -47,6 +49,7 @@
     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
       elasticsearch_network_host: <node-3 IP>
       elasticsearch_node_name: node-3
+      single_node: false
       elasticsearch_xpack_security: true
       elasticsearch_master_candidate: true
       elasticsearch_discovery_nodes:

From b8803de85fb71edf090b0c076d4fe3684cd7cb36 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 24 Sep 2019 18:37:14 +0200
Subject: [PATCH 318/714] Fix set bootstrap password task. Linting OK

---
 .../ansible-elasticsearch/tasks/xpack_security.yml          | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 650692c5..d05c3241 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -179,8 +179,8 @@
   tags: xpack-security
 
 - name: Set elasticsearch bootstrap password
-  command: >-
-     set -o pipefail
-     echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
+  shell: >-
+    set -o pipefail;
+    echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
   when:
     - node_certs_generator

From 0017b34c6b6ae9ccb7e1d9a4b5a23d299ef4bf64 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 25 Sep 2019 09:14:07 +0200
Subject: [PATCH 319/714] Update CHANGELOG.md

---
 CHANGELOG.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 95a9d18b..72c6ae35 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,22 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.10.2_7.3.2]
+
+### Added
+
+- Update to Wazuh v3.10.2
+
+### Changed
+
+- Moved molecule folder to Wazuh QA Repository [manuasir](https://github.com/manuasir) [#120ed16](https://github.com/wazuh/wazuh-ansible/commit/120ed163b6f131315848938beca65c1f1cad7f1b)
+
+- Refactored XPack Security configuration tasks [@jm404](https://github.com/jm404) [#246](https://github.com/wazuh/wazuh-ansible/pull/246)
+
+### Fixed
+
+- Fixed ES bootstrap password configuration [@jm404](https://github.com/jm404) [#b8803de](https://github.com/wazuh/wazuh-ansible/commit/b8803de85fb71edf090b0c076d4fe3684cd7cb36)
+
 ## [v3.10.0_7.3.2]
 
 ### Added

From 5646848266ceefe513134f0a230d179913442cea Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 25 Sep 2019 09:14:31 +0200
Subject: [PATCH 320/714] Bump version to 3.10.2_7.3.2

---
 VERSION                                              | 4 ++--
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 4 ++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/VERSION b/VERSION
index 2a8b969e..f4d1cb92 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.10.0"
-REVISION="31000"
+WAZUH-ANSIBLE_VERSION="v3.10.2"
+REVISION="31020"
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 25525d89..ad639011 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.3.2
-wazuh_version: 3.10.0
+wazuh_version: 3.10.2
 
 # Xpack Security
 kibana_xpack_security: false
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index f6904240..fe6749ce 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.10.0
+wazuh_agent_version: 3.10.2
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
@@ -26,7 +26,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.10.0'
+  version: '3.10.2'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: ee5b24216db472d291da4e14f0b3bc63
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 87ab144b..170a8da5 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_api_version: 3.10.0
+wazuh_manager_api_version: 3.10.2
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest

From a0d4967b1fd0ab19e5bfa4fab571345253bef2ba Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 25 Sep 2019 09:48:07 +0200
Subject: [PATCH 321/714] Add filebeat_module_folder to default variables

---
 roles/wazuh/ansible-filebeat/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 78a47cf8..46d65654 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -28,6 +28,8 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
+filebeat_module_folder: /usr/share/filebeat/module/wazuh
+
 # Xpack Security
 filebeat_xpack_security: false
 
@@ -43,3 +45,5 @@ node_certs_destination: /etc/filebeat/certs
 master_certs_path: /es_certs
 generate_CA: true
 ca_cert_name: ""
+
+

From 744193008199987e8c589093c45186e3e47c466a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 25 Sep 2019 11:49:56 +0200
Subject: [PATCH 322/714] Add default filebeat module variables

---
 roles/wazuh/ansible-filebeat/defaults/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 46d65654..d38565d9 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -28,6 +28,9 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
+filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
+filebeat_module_package_path: /tmp/
+filebeat_module_destination: /usr/share/filebeat/module
 filebeat_module_folder: /usr/share/filebeat/module/wazuh
 
 # Xpack Security

From 133cda683a6c3e7e9efd5120f955d1b9a57ebe7a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 25 Sep 2019 12:47:49 +0200
Subject: [PATCH 323/714] Fix linting in ansible-kibana tasks

---
 .../ansible-kibana/tasks/main.yml             | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index b49cef4e..f2152d00 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -17,12 +17,12 @@
 
 - name: Copying node's certificate from master
   copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
-  with_items: 
-    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.key" 
-    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
-    - "{{master_certs_path}}/ca/ca.crt"
+    src: "{{ item }}"
+    dest: "{{ node_certs_destination }}/"
+  with_items:
+    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
+    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
+    - "{{ master_certs_path }}/ca/ca.crt"
   tags: xpack-security
   when:
     - kibana_xpack_security
@@ -30,13 +30,13 @@
 
 - name: Copying node's certificate from master (Custom CA)
   copy:
-    src: "{{item}}"
-    dest: "{{node_certs_destination}}/"
-    mode: '0664' 
-  with_items: 
-    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.key" 
-    - "{{master_certs_path}}/{{kibana_node_name}}/{{ kibana_node_name }}.crt"
-    - "{{master_certs_path}}/ca/{{ca_cert_name}}"
+    src: "{{ item }}"
+    dest: "{{ node_certs_destination }}/"
+    mode: '0664'
+  with_items:
+    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
+    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
+    - "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
   when:
     - kibana_xpack_security
     - not generate_CA
@@ -69,7 +69,7 @@
     dest: /etc/kibana/kibana.yml
     owner: root
     group: root
-    mode: '0664' 
+    mode: '0664'
   notify: restart kibana
   tags: configure
 

From e8881ee82fdf1be46543b1d460f01550a815de7b Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Thu, 26 Sep 2019 13:03:14 +0200
Subject: [PATCH 324/714] Bypass idempotence tests on elastic xpack

---
 .../tasks/xpack_security.yml                  | 36 ++++++++++++++-----
 1 file changed, 27 insertions(+), 9 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index d05c3241..35f64fae 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -68,7 +68,9 @@
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
     - generate_CA
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password)
   command: >-
@@ -82,7 +84,9 @@
     - not xpack_certs_zip.stat.exists
     - not generate_CA
     - ca_password | length == 0
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password)
   command: >-
@@ -96,7 +100,9 @@
     - not xpack_certs_zip.stat.exists
     - not generate_CA
     - ca_password | length > 0
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Verify the Elastic certificates directory
   file:
@@ -124,7 +130,9 @@
     mode: 0700
   when:
     - node_certs_generator
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Delete certs.zip in Generator node
   file:
@@ -132,6 +140,7 @@
     path: "{{ node_certs_source }}/certs.zip"
   when:
     - node_certs_generator
+  tags: molecule-idempotence-notest
 
 - name: Unzip generated certs.zip
   unarchive:
@@ -141,7 +150,9 @@
   delegate_to: "127.0.0.1"
   when:
     - node_certs_generator
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Copying node's certificate from master
   copy:
@@ -153,7 +164,9 @@
     - "{{ master_certs_path }}/ca/ca.crt"
   when:
     - generate_CA
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Copying node's certificate from master (Custom CA)
   copy:
@@ -165,7 +178,9 @@
     - "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
   when:
     - not generate_CA
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Ensuring folder permissions
   file:
@@ -179,8 +194,11 @@
   tags: xpack-security
 
 - name: Set elasticsearch bootstrap password
-  shell: >-
-    set -o pipefail;
+  shell: |
+    set -o pipefail
     echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
+  args:
+    executable: /bin/bash
   when:
     - node_certs_generator
+  tags: molecule-idempotence-notest

From 736f9b8c4822baac0bce60afcc45ea698dc68ee4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 26 Sep 2019 13:05:44 +0200
Subject: [PATCH 325/714] Rename Elastic respository to allow upgrades from 6.x

---
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml | 2 +-
 roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml        | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/RedHat.yml        | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 67a34e7e..69c698f0 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -38,7 +38,7 @@
   apt_repository:
     repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
-    filename: 'elastic_repo'
+    filename: 'elastic_repo_7'
     update_cache: true
   changed_when: false
 
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index 16366dfc..d02664c8 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -2,7 +2,7 @@
 
 - name: RedHat/CentOS/Fedora | Install Elastic repo
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     description: Elastic repository for 7.x packages
     baseurl: https://artifacts.elastic.co/packages/7.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 95663765..ae6ff0e9 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -17,7 +17,7 @@
   apt_repository:
     repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
     state: present
-    filename: 'elastic_repo'
+    filename: 'elastic_repo_7'
     update_cache: true
   changed_when: false
 
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
index 1364552b..abb8b0c0 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
@@ -1,7 +1,7 @@
 ---
 - name: RedHat/CentOS/Fedora | Install Elastic repo
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     description: Elastic repository for 7.x packages
     baseurl: https://artifacts.elastic.co/packages/7.x/yum
     gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch

From 33a95a5c4a7b50f5f920bf0088b7e225beea728b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 26 Sep 2019 13:06:42 +0200
Subject: [PATCH 326/714] Fix "Checking Wazuh-APP version" task that updates
 plugins

---
 .../elastic-stack/ansible-kibana/tasks/main.yml  | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index f2152d00..8f9602ae 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -74,24 +74,26 @@
   tags: configure
 
 - name: Checking Wazuh-APP version
-  shell: |
-    set -o pipefail
-    grep -c -E 'version.*{{ elastic_stack_version }}' /usr/share/kibana/plugins/wazuh/package.json | xargs echo
+  shell: >-
+    grep -c -E 'version.*{{ elastic_stack_version }}' /usr/share/kibana/plugins/wazuh/package.json
   args:
     executable: /bin/bash
     removes: /usr/share/kibana/plugins/wazuh/package.json
   register: wazuh_app_verify
   changed_when: false
-  tags: install
+  failed_when: wazuh_app_verify.stderr | length > 0
 
 - name: Removing old Wazuh-APP
-  command: /usr/share/kibana/bin/kibana-plugin remove wazuh
-  when: wazuh_app_verify.stdout == "0"
+  command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh
+  when: wazuh_app_verify.rc == 1
+  debugger: always
   tags: install
 
 - name: Removing bundles
   file: path=/usr/share/kibana/optimize/bundles state=absent
-  when: wazuh_app_verify.stdout == "0"
+  become: yes
+  become_user: kibana
+  when: wazuh_app_verify.rc == 1
   tags: install
 
 - name: Install Wazuh-APP (can take a while)

From 4c9ae0eee5bd3842352894c28b7b0a4770ea1299 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 26 Sep 2019 16:11:20 +0200
Subject: [PATCH 327/714] Fix conditional when checking Wazuh-APP version

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 8f9602ae..9e28411a 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -81,7 +81,9 @@
     removes: /usr/share/kibana/plugins/wazuh/package.json
   register: wazuh_app_verify
   changed_when: false
-  failed_when: wazuh_app_verify.stderr | length > 0
+  failed_when:
+    -  wazuh_app_verify.rc != 0
+    -  wazuh_app_verify.rc != 1
 
 - name: Removing old Wazuh-APP
   command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh

From 1ec7e696e2c5f574eef77cae1a068b92f1f78891 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 26 Sep 2019 16:11:38 +0200
Subject: [PATCH 328/714] Remove debugger setting used in testing

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 9e28411a..584becc7 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -88,7 +88,6 @@
 - name: Removing old Wazuh-APP
   command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh
   when: wazuh_app_verify.rc == 1
-  debugger: always
   tags: install
 
 - name: Removing bundles

From 47b16b3c20b3f85e68e0d44f0644f176152b56d3 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Thu, 26 Sep 2019 16:32:57 +0200
Subject: [PATCH 329/714] Support both IP and DNS when creating elastic cluster

---
 .../ansible-elasticsearch/templates/instances.yml.j2 | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index c74b1700..62182293 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -4,10 +4,14 @@
 
 {% if node_certs_generator %}
 instances:
-{% for (key,value) in instances.iteritems() %}
-- name: "{{ value.name }}" 
+{% for (key,value) in instances.items() %}
+- name: "{{ value.name }}"
+{% if value.ip %}
   ip:
    - "{{ value.ip }}"
-{% endfor %}
-
+{% elif value.dns %}
+  dns:
+   - "{{ value.dns }}"
+{% endif %}
+{% endfor %}
 {% endif %}

From 7444885ecd26b381f46d2ac57baa3aa786f4f3e8 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 27 Sep 2019 12:47:44 +0200
Subject: [PATCH 330/714] Check if var is defined

---
 .../ansible-elasticsearch/templates/instances.yml.j2          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index 62182293..1e87f8d2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -6,10 +6,10 @@
 instances:
 {% for (key,value) in instances.items() %}
 - name: "{{ value.name }}"
-{% if value.ip %}
+{% if value.ip is defined %}
   ip:
    - "{{ value.ip }}"
-{% elif value.dns %}
+{% elif value.dns is defined %}
   dns:
    - "{{ value.dns }}"
 {% endif %}

From a542c3bb4ba27d57356f4bae6886c4c329e5f6a1 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 27 Sep 2019 13:08:02 +0200
Subject: [PATCH 331/714] Remove unzip check

---
 .../ansible-elasticsearch/tasks/xpack_security.yml        | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 35f64fae..8cdfdb77 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -1,12 +1,4 @@
 
-- name: Install unzip dependency.
-  package:
-    name: unzip
-    state: present
-  delegate_to: "127.0.0.1"
-  when:
-    - node_certs_generator
-
 - name: Check if certificate exists locally
   stat:
     path: "{{ node_certs_destination }}/{{ elasticsearch_node_name }}.crt"

From 7371e7392041fe1753073290e231acf143ee8b71 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 27 Sep 2019 13:38:45 +0200
Subject: [PATCH 332/714] Update default variables for sca configuration

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 170a8da5..f45e95b0 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -154,6 +154,14 @@ wazuh_manager_config:
     packages: 'yes'
     ports_no: 'yes'
     processes: 'yes'
+  sca:
+    enabled: 'yes'
+    scan_on_start: 'yes'
+    interval: '12h'
+    skip_nfs: 'yes'
+    day: ''
+    wday: ''
+    time: ''
   vul_detector:
     disable: 'yes'
     interval: '5m'

From beacf88017b24f9b473b11dbfa56e6c76c782b2f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 27 Sep 2019 14:29:53 +0200
Subject: [PATCH 333/714] Update Manager template to add <sca> configuration

---
 .../var-ossec-etc-ossec-server.conf.j2        | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 65ae38fb..b107d6d1 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -222,6 +222,32 @@
     <processes>{{ wazuh_manager_config.syscollector.processes }}</processes>
   </wodle>
 
+  {% if ansible_system == "Linux" %}
+    <sca>
+    {% if wazuh_manager_config.sca.enabled | length > 0 %}
+      <enabled>{{ wazuh_manager_config.sca.enabled }}</enabled>
+    {% endif %}
+    {% if wazuh_manager_config.sca.scan_on_start | length > 0 %}
+      <scan_on_start>{{ wazuh_manager_config.sca.scan_on_start }}</scan_on_start>
+    {% endif %}
+    {% if wazuh_manager_config.sca.interval | length > 0 %}
+      <interval>{{ wazuh_manager_config.sca.interval }}</interval>
+    {% endif %}
+    {% if wazuh_manager_config.sca.skip_nfs | length > 0 %}  
+      <skip_nfs>yes</skip_nfs>
+    {% endif %}
+    {% if wazuh_manager_config.sca.day | length > 0 %}  
+      <day>yes</day>
+    {% endif %}
+    {% if wazuh_manager_config.sca.wday | length > 0 %}  
+      <wday>yes</wday>
+    {% endif %}
+    {% if wazuh_manager_config.sca.time | length > 0 %}  
+      <time>yes</time>
+    {% endif %}
+    </sca>
+  {% endif %}
+
   <wodle name="vulnerability-detector">
     <disabled>{{ wazuh_manager_config.vul_detector.disable }}</disabled>
     <interval>{{ wazuh_manager_config.vul_detector.interval }}</interval>

From 3e0cc08104726cc9338260eaf4ab58312df7fa64 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 27 Sep 2019 14:30:11 +0200
Subject: [PATCH 334/714] Add sca default variables to wazuh agent defaults

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index fe6749ce..7eaab059 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -237,6 +237,14 @@ wazuh_agent_config:
     packages: 'yes'
     ports_no: 'yes'
     processes: 'yes'
+  sca:
+    enabled: 'yes'
+    scan_on_start: 'yes'
+    interval: '12h'
+    skip_nfs: 'yes'
+    day: ''
+    wday: ''
+    time: ''
   cis_cat:
     disable: 'yes'
     install_java: 'yes'

From d45ad1db03538c8935ad57c0132f2e78bf96eb89 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 27 Sep 2019 14:30:20 +0200
Subject: [PATCH 335/714] Update wazuh agent template to add sca configuration

---
 .../var-ossec-etc-ossec-agent.conf.j2         | 26 ++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 6946cc07..59ab67d2 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -270,7 +270,31 @@
     <processes>{{ wazuh_agent_config.syscollector.processes }}</processes>
   </wodle>
 
-
+    {% if ansible_system == "Linux" %}
+    <sca>
+    {% if wazuh_agent_config.sca.enabled | length > 0 %}
+      <enabled>{{ wazuh_agent_config.sca.enabled }}</enabled>
+    {% endif %}
+    {% if wazuh_agent_config.sca.scan_on_start | length > 0 %}
+      <scan_on_start>{{ wazuh_agent_config.sca.scan_on_start }}</scan_on_start>
+    {% endif %}
+    {% if wazuh_agent_config.sca.interval | length > 0 %}
+      <interval>{{ wazuh_agent_config.sca.interval }}</interval>
+    {% endif %}
+    {% if wazuh_agent_config.sca.skip_nfs | length > 0 %}  
+      <skip_nfs>yes</skip_nfs>
+    {% endif %}
+    {% if wazuh_agent_config.sca.day | length > 0 %}  
+      <day>yes</day>
+    {% endif %}
+    {% if wazuh_agent_config.sca.wday | length > 0 %}  
+      <wday>yes</wday>
+    {% endif %}
+    {% if wazuh_agent_config.sca.time | length > 0 %}  
+      <time>yes</time>
+    {% endif %}
+    </sca>
+  {% endif %}
 
   {% if ansible_system == "Linux" and wazuh_agent_config.vuls.disable == 'no' %}
   <wodle name="command">

From 6fc395a81f7ccb4a469a73fcd28e6c159432df87 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 27 Sep 2019 15:12:54 +0200
Subject: [PATCH 336/714] Add length check

---
 .../ansible-elasticsearch/templates/instances.yml.j2          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
index 1e87f8d2..b2f3bf6c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2
@@ -6,10 +6,10 @@
 instances:
 {% for (key,value) in instances.items() %}
 - name: "{{ value.name }}"
-{% if value.ip is defined %}
+{% if value.ip is defined and value.ip | length > 0 %}
   ip:
    - "{{ value.ip }}"
-{% elif value.dns is defined %}
+{% elif value.dns is defined and value.dns | length > 0 %}
   dns:
    - "{{ value.dns }}"
 {% endif %}

From a53674791f7ff3d8ab276a35d1c17bfdf5292fc7 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 27 Sep 2019 16:44:12 +0200
Subject: [PATCH 337/714] Add xpack scenario in the Readme

---
 .../ansible-elasticsearch/README.md           | 66 +++++++++++++++++++
 1 file changed, 66 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index f3089e7e..68d55c29 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -12,6 +12,8 @@ This role will work on:
  * Fedora
  * Debian
  * Ubuntu
+ 
+For the elasticsearch role with XPack security the `unzip` command must be available on the Ansible master.
 
 Role Variables
 --------------
@@ -53,6 +55,70 @@ Example Playbook
     - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
 ```
 
+- Three nodes Elasticsearch cluster with XPack security
+```
+---
+- hosts: elastic-1
+  roles:
+    - role: ../roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 172.16.0.111
+      node_name: node-1
+      single_node: false
+      elasticsearch_master_candidate: true
+      elasticsearch_bootstrap_node: true
+      elasticsearch_cluster_nodes:
+        - 172.16.0.111
+        - 172.16.0.112
+        - 172.16.0.113
+      elasticsearch_discovery_nodes:
+        - 172.16.0.111
+        - 172.16.0.112
+        - 172.16.0.113
+      elasticsearch_xpack_security: true
+      node_certs_generator: true
+      node_certs_generator_ip: 172.16.0.111
+
+  vars:
+    instances:
+      node-1:
+        name: node-1
+        ip: 172.16.0.111
+      node-2:
+        name: node-2
+        ip: 172.16.0.112
+      node-3:
+        name: node-3
+        ip: 172.16.0.113
+
+- hosts: elastic-2
+  roles:
+    - role: ../roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 172.16.0.112
+      elasticsearch_node_name: node-2
+      elasticsearch_xpack_security: true
+      elasticsearch_master_candidate: true
+      node_certs_generator_ip: 172.16.0.111
+      elasticsearch_discovery_nodes:
+        - 172.16.0.111
+        - 172.16.0.112
+        - 172.16.0.113
+
+- hosts: elastic-3
+  roles:
+    - role: ../roles/elastic-stack/ansible-elasticsearch
+      elasticsearch_network_host: 172.16.0.113
+      elasticsearch_node_name: node-3
+      elasticsearch_xpack_security: true
+      elasticsearch_master_candidate: true
+      node_certs_generator_ip: 172.16.0.111
+      elasticsearch_discovery_nodes:
+        - 172.16.0.111
+        - 172.16.0.112
+        - 172.16.0.113
+
+```
+
+
 License and copyright
 ---------------------
 

From 65ba7e088f361854de3a80cfd5c031b35d863cb3 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 27 Sep 2019 18:39:21 +0200
Subject: [PATCH 338/714] Add config tag to the enable service task

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index d9415ffc..37a8a8eb 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -185,6 +185,7 @@
     name: wazuh-agent
     enabled: true
     state: started
+  tags: config
 
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"

From 86de4a0fee015d2c6e96fc10d08dc008b8fc29ca Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 1 Oct 2019 11:01:18 +0200
Subject: [PATCH 339/714] Add elasticsearch_reachable_host

This fixes #262
---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 5 +----
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml    | 2 +-
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index f365f66a..c19fcce9 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -3,6 +3,7 @@ elasticsearch_cluster_name: wazuh
 elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
+elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.3.2
 single_node: true
@@ -30,7 +31,3 @@ generate_CA: true
 ca_key_name: ""
 ca_cert_name: ""
 ca_password: ""
-
-
-
-
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index af17e528..706de27e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -109,7 +109,7 @@
     - init
 
 - name: Make sure Elasticsearch is running before proceeding
-  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
+  wait_for: host={{ elasticsearch_reachable_host }} port={{ elasticsearch_http_port }} delay=3 timeout=400
   tags:
     - configure
     - init

From 38993c3100360f09539834714078da9fd7add340 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 1 Oct 2019 18:20:29 +0200
Subject: [PATCH 340/714] Fix vars on cluster example

---
 roles/elastic-stack/ansible-elasticsearch/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index 68d55c29..41cebd54 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -62,7 +62,7 @@ Example Playbook
   roles:
     - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.111
-      node_name: node-1
+      elasticsearch_node_name: node-1
       single_node: false
       elasticsearch_master_candidate: true
       elasticsearch_bootstrap_node: true
@@ -95,6 +95,7 @@ Example Playbook
     - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.112
       elasticsearch_node_name: node-2
+      single_node: false
       elasticsearch_xpack_security: true
       elasticsearch_master_candidate: true
       node_certs_generator_ip: 172.16.0.111
@@ -108,6 +109,7 @@ Example Playbook
     - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: 172.16.0.113
       elasticsearch_node_name: node-3
+      single_node: false
       elasticsearch_xpack_security: true
       elasticsearch_master_candidate: true
       node_certs_generator_ip: 172.16.0.111

From b9695dc9058236758a44adb421a4c2b89fd9b4b8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 2 Oct 2019 09:25:53 +0200
Subject: [PATCH 341/714] Remove product_id parameter from windows Agent.
 Update md5

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 3 +--
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 1 -
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index f6904240..0222d8d7 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -29,8 +29,7 @@ wazuh_winagent_config:
   version: '3.10.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: ee5b24216db472d291da4e14f0b3bc63
-  register_key: 9903C258-FC1E-4886-B7DB-1535976EC1D5
+  md5: 2bceb80901f22b56221658aceb64b914  
 wazuh_agent_config:
   active_response:
     ar_disabled: 'no'
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 2d388748..8dff6274 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -42,7 +42,6 @@
 - name: Windows | Install Agent if not already installed
   win_package:
     path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
-    product_id: '{{ "{" }}{{ wazuh_winagent_config.register_key }}{{ "}" }}'
     state: present
 
 - name: Windows | Check if client.keys exists

From 37bbca73a420aec8cf191f72db2a98408c1ac430 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 2 Oct 2019 09:30:59 +0200
Subject: [PATCH 342/714] Update CHANGELOG.md

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 95a9d18b..3c192f74 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,10 @@ All notable changes to this project will be documented in this file.
 - Fixed Kibana installation in Amazon Linux [@jm404](https://github.com/jm404) [#232](https://github.com/wazuh/wazuh-ansible/pull/232)
 - Fixed Windows Agent installation and configuration [@jm404](https://github.com/jm404) [#234](https://github.com/wazuh/wazuh-ansible/pull/234)
 
+### Fixed
+
+- Removed registry key check on Wazuh Agent installation in windows [@jm404](https://github.com/jm404) [#265](https://github.com/wazuh/wazuh-ansible/pull/265)
+
 ## [v3.9.5_7.2.1]
 
 ### Added 

From 867936d4c5fa3b71a33e812627eb529b809cccc0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 2 Oct 2019 09:52:13 +0200
Subject: [PATCH 343/714] Update md5 for windows agent installater

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 0222d8d7..32d5963c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -29,7 +29,7 @@ wazuh_winagent_config:
   version: '3.10.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: 2bceb80901f22b56221658aceb64b914  
+  md5: 71650780904cbfc2e45eae4298adb7a3 
 wazuh_agent_config:
   active_response:
     ar_disabled: 'no'

From 99426a3c0fbf5d98e6c930a0c21c2deaef65ea51 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 4 Oct 2019 17:01:34 +0200
Subject: [PATCH 344/714] New task to create elasticsearch users

Fixes #269
Fixes #268
---
 .../ansible-elasticsearch/README.md              |  7 +++++++
 .../tasks/xpack_security.yml                     | 16 ++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index 41cebd54..b10a2152 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -79,6 +79,13 @@ Example Playbook
       node_certs_generator_ip: 172.16.0.111
 
   vars:
+    elasticsearch_xpack_users:
+      anne:
+        password: 'PasswordHere'
+        roles: '["kibana_user", "monitoring_user"]'
+      jack:
+        password: 'PasswordHere'
+        roles: '["superuser"]'
     instances:
       node-1:
         name: node-1
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 8cdfdb77..1d338cf7 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -194,3 +194,19 @@
   when:
     - node_certs_generator
   tags: molecule-idempotence-notest
+
+- name: Create elasticsearch users
+  uri:
+    url: "https://{{ elasticsearch_reachable_host }}:9200/_security/user/{{ item.key }}"
+    method: POST
+    body_format: json
+    user: "{{ elasticsearch_xpack_security_user }}"
+    password: "{{ elasticsearch_xpack_security_password }}"
+    body: '{ "password" : "{{ item.value["password"] }}", "roles" : {{ item.value["roles"] }} }'
+    validate_certs: no
+  loop: "{{ elasticsearch_xpack_users|default({})|dict2items }}"
+  register: http_response
+  failed_when: http_response.status != 200
+  when:
+    - elasticsearch_xpack_users is defined
+    - node_certs_generator

From d7e3cec04bed4a865971601aee9daf34ec3fe1f5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 7 Oct 2019 16:17:18 +0200
Subject: [PATCH 345/714] Enabling sca for Windows Agent in the ossec.conf
 template

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2                 | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 59ab67d2..4d43bc94 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -270,7 +270,6 @@
     <processes>{{ wazuh_agent_config.syscollector.processes }}</processes>
   </wodle>
 
-    {% if ansible_system == "Linux" %}
     <sca>
     {% if wazuh_agent_config.sca.enabled | length > 0 %}
       <enabled>{{ wazuh_agent_config.sca.enabled }}</enabled>
@@ -294,7 +293,6 @@
       <time>yes</time>
     {% endif %}
     </sca>
-  {% endif %}
 
   {% if ansible_system == "Linux" and wazuh_agent_config.vuls.disable == 'no' %}
   <wodle name="command">

From d482629c80f13ed4367db87b1c71a9bbf95e9ea3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 7 Oct 2019 16:26:56 +0200
Subject: [PATCH 346/714] Remove sca linux conditional from Manager template

---
 .../templates/var-ossec-etc-ossec-server.conf.j2                | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index b107d6d1..145af4af 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -222,7 +222,6 @@
     <processes>{{ wazuh_manager_config.syscollector.processes }}</processes>
   </wodle>
 
-  {% if ansible_system == "Linux" %}
     <sca>
     {% if wazuh_manager_config.sca.enabled | length > 0 %}
       <enabled>{{ wazuh_manager_config.sca.enabled }}</enabled>
@@ -246,7 +245,6 @@
       <time>yes</time>
     {% endif %}
     </sca>
-  {% endif %}
 
   <wodle name="vulnerability-detector">
     <disabled>{{ wazuh_manager_config.vul_detector.disable }}</disabled>

From 1e8cc831cfbd0cd9be2c6c03d3ca986a5116f557 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 9 Oct 2019 16:47:41 +0200
Subject: [PATCH 347/714] Remove become from local task

---
 .../elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 1d338cf7..855be9b9 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -138,7 +138,6 @@
   unarchive:
     src: "{{ master_certs_path }}/certs.zip"
     dest: "{{ master_certs_path }}/"
-  become: true
   delegate_to: "127.0.0.1"
   when:
     - node_certs_generator

From 9c125c6b1c16d2873882c68b9f976db824da7185 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 9 Oct 2019 16:59:58 +0200
Subject: [PATCH 348/714] Move user creation to main file

---
 .../ansible-elasticsearch/tasks/main.yml         | 15 +++++++++++++++
 .../tasks/xpack_security.yml                     | 16 ----------------
 2 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 706de27e..8146eaee 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -119,3 +119,18 @@
 
 - import_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"
+
+- name: Create elasticsearch users
+  uri:
+    url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_security/user/{{ item.key }}"
+    method: POST
+    body_format: json
+    user: "{{ elasticsearch_xpack_security_user }}"
+    password: "{{ elasticsearch_xpack_security_password }}"
+    body: '{ "password" : "{{ item.value["password"] }}", "roles" : {{ item.value["roles"] }} }'
+    validate_certs: no
+  loop: "{{ elasticsearch_xpack_users|default({})|dict2items }}"
+  register: http_response
+  failed_when: http_response.status != 200
+  when:
+    - elasticsearch_xpack_users is defined
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 855be9b9..e9261956 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -193,19 +193,3 @@
   when:
     - node_certs_generator
   tags: molecule-idempotence-notest
-
-- name: Create elasticsearch users
-  uri:
-    url: "https://{{ elasticsearch_reachable_host }}:9200/_security/user/{{ item.key }}"
-    method: POST
-    body_format: json
-    user: "{{ elasticsearch_xpack_security_user }}"
-    password: "{{ elasticsearch_xpack_security_password }}"
-    body: '{ "password" : "{{ item.value["password"] }}", "roles" : {{ item.value["roles"] }} }'
-    validate_certs: no
-  loop: "{{ elasticsearch_xpack_users|default({})|dict2items }}"
-  register: http_response
-  failed_when: http_response.status != 200
-  when:
-    - elasticsearch_xpack_users is defined
-    - node_certs_generator

From dcc7624d59317f784c8d98b7dde050e4177095ac Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 9 Oct 2019 17:00:47 +0200
Subject: [PATCH 349/714] Add waiting task before creating users

Wait for elasticsearch API to be ready before attempting to add users
---
 .../ansible-elasticsearch/tasks/main.yml         | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index 8146eaee..aef459e2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -120,6 +120,22 @@
 - import_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"
 
+- name: Wait for Elasticsearch API
+  uri:
+    url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_cluster/health/"
+    user: "{{ elasticsearch_xpack_security_user }}"
+    password: "{{ elasticsearch_xpack_security_password }}"
+    validate_certs: no
+    status_code: 200,401
+    return_content: yes
+    timeout: 4
+  register: _result
+  until: (  _result.json is defined) and (_result.json.status == "green")
+  retries: 24
+  delay: 5
+  when:
+    - elasticsearch_xpack_users is defined
+
 - name: Create elasticsearch users
   uri:
     url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_security/user/{{ item.key }}"

From 9b0bcf9fe64d533b671d7d7d323e5aba36aee4c9 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 9 Oct 2019 17:12:01 +0200
Subject: [PATCH 350/714] Add docs on user creation

---
 .../ansible-elasticsearch/README.md           | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index b10a2152..288628e7 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -55,7 +55,9 @@ Example Playbook
     - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
 ```
 
+
 - Three nodes Elasticsearch cluster with XPack security
+
 ```
 ---
 - hosts: elastic-1
@@ -79,13 +81,6 @@ Example Playbook
       node_certs_generator_ip: 172.16.0.111
 
   vars:
-    elasticsearch_xpack_users:
-      anne:
-        password: 'PasswordHere'
-        roles: '["kibana_user", "monitoring_user"]'
-      jack:
-        password: 'PasswordHere'
-        roles: '["superuser"]'
     instances:
       node-1:
         name: node-1
@@ -124,9 +119,19 @@ Example Playbook
         - 172.16.0.111
         - 172.16.0.112
         - 172.16.0.113
+  vars:
+    elasticsearch_xpack_users:
+      anne:
+        password: 'PasswordHere'
+        roles: '["kibana_user", "monitoring_user"]'
+      jack:
+        password: 'PasswordHere'
+        roles: '["superuser"]'
 
 ```
 
+It is possible to define users directly on the playbook, these must be defined on a variable `elasticsearch_xpack_users` on the last node of the cluster as in the example.
+
 
 License and copyright
 ---------------------

From 56e7d1093721dc3cdc13eb0923670d933a733ffd Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 9 Oct 2019 17:13:11 +0200
Subject: [PATCH 351/714] Fix space typo

---
 roles/elastic-stack/ansible-elasticsearch/README.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index 288628e7..388affce 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -55,9 +55,7 @@ Example Playbook
     - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
 ```
 
-
 - Three nodes Elasticsearch cluster with XPack security
-
 ```
 ---
 - hosts: elastic-1

From 68166a49e1465319dd0d45ec5c4b92d6fe3a15b6 Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Mon, 14 Oct 2019 17:01:56 -0500
Subject: [PATCH 352/714] Update Manager templates for integrations

---
 .../ansible-wazuh-manager/defaults/main.yml   | 20 ++++++++
 .../ansible-wazuh-manager/tasks/main.yml      | 10 ++++
 .../var-ossec-etc-ossec-server.conf.j2        | 49 +++++++++++++++++++
 .../ansible-wazuh-manager/vars/aws_creds.yml  | 11 +++++
 .../vars/external_API_creds.yml               |  9 ++++
 5 files changed, 99 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
 create mode 100644 roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 170a8da5..f1ad3826 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -260,6 +260,26 @@ wazuh_manager_config:
     - server: null
       port: null
       format: null
+  integrations:
+    - name: 'slack'
+      hook_url: <hook_url>
+      alert_level: 10
+      alert_format: 'json'
+    - name: 'pagerduty'
+      api_key: <api_key>
+      alert_level: 10
+  monitor_aws:
+    disable: 'no'
+    internal: '10m'
+    run_on_start: 'yes'
+    skip_on_error: 'yes'
+    s3:
+      - name: 's3-bucket-example-name'
+        bucket_type: 'guardduty'
+        path: 'path'
+        only_logs_after: '1970-JAN-01'
+        access_key: <access key>
+        secret_key: <secret key>
   labels:
     enable: false
     list:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index a1afbb4c..c247e60f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -200,6 +200,16 @@
   tags:
     - config
 
+- name: Retrieving external API Credentials
+  include_vars: external_API_creds.yml
+  tags:
+    - config
+
+- name: Retrieving AWS Credentials
+  include_vars: aws_creds.yml
+  tags:
+    - config
+
 - name: Retrieving Wazuh-API User Credentials
   include_vars: wazuh_api_creds.yml
   when:
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 65ae38fb..5995d79a 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -530,6 +530,55 @@
 {% endfor %}
 {% endif %}
 
+{% if wazuh_manager_config.integrations is defined %}
+{% for integration in wazuh_manager_config.integrations %}
+{% if integration.name is not none %}
+  <!-- Integration with {{ integration.name }} -->
+  <integration>
+    <name>{{ integration.name }}</name>
+    {% if integration.hook_url is defined %}
+    <hook_url>{{ integration.hook_url }}</hook_url>
+    {% endif %}
+    {% if integration.api_key is defined %}
+    <api_key>{{ integration.api_key }}</api_key>
+    {% endif %}
+    {% if integration.alert_format is defined %}
+    <alert_format>{{ integration.alert_format }}</alert_format>
+    {% endif %}
+    {% if integration.alert_level is defined %}
+    <level>{{ integration.alert_level }}</level>
+    {% endif %}
+    {% if integration.rule_id is defined %}
+    <rule_id>{{ integration.rule_id }}</rule_id>
+    {% endif %}
+  </integration>
+{% endif %}
+{% endfor %}
+{% endif %}
+
+{% if monitor_aws is defined %}
+  <!-- S3 -->
+  <wodle name="aws-s3">
+    <disabled>{{ monitor_aws.disable }}</disabled>
+    <interval>{{ monitor_aws.interval }}</interval>
+    <run_on_start>{{ monitor_aws.run_on_start }}</run_on_start>
+    <skip_on_error>{{ monitor_aws.skip_on_error }}</skip_on_error>
+    {% for bucket in monitor_aws.s3 %}
+    <bucket type="{{ bucket.bucket_type }}">
+      <name>{{ bucket.name }}</name>
+      {% if bucket.path is defined %}
+      <path>{{ bucket.path }}</path>
+      {% endif %}
+      {% if bucket.only_logs_after is defined %}
+      <only_logs_after>{{ bucket.only_logs_after }}</only_logs_after>
+      {% endif %}
+      <access_key>{{ bucket.access_key }}</access_key>
+      <secret_key>{{ bucket.secret_key }}</secret_key>
+    </bucket>
+    {% endfor %}
+  </wodle>
+{% endif %}
+
 {% if wazuh_manager_config.labels.enable == true %}
   <labels>
   {% for label in wazuh_manager_config.labels.list %}
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
new file mode 100644
index 00000000..1a164900
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
@@ -0,0 +1,11 @@
+---
+monitor_aws:
+    disable: 'no'
+    interval: '10m'
+    run_on_start: 'yes'
+    skip_on_error: 'yes'
+    s3:
+      - name: 'S3_bucket'
+        bucket_type: 'guardduty'
+        access_key: ''
+        secret_key: ''
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
new file mode 100644
index 00000000..2d743af0
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
@@ -0,0 +1,9 @@
+#---
+#integrations:
+#  - name: 'slack'
+#    hook_url: <hook_url>
+#    alert_level: 10
+#    alert_format: 'json'
+#  - name: 'pagerduty'
+#    api_key: <api_key>
+#    alert_level: 10

From a49f394858cb93fe902c7960e8e46a6bc9c398ac Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Mon, 14 Oct 2019 17:12:43 -0500
Subject: [PATCH 353/714] Add pseudo credentials for template

---
 .../ansible-wazuh-manager/defaults/main.yml   |  6 ++---
 .../ansible-wazuh-manager/vars/aws_creds.yml  | 22 +++++++++----------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f1ad3826..a5840bec 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -266,7 +266,7 @@ wazuh_manager_config:
       alert_level: 10
       alert_format: 'json'
     - name: 'pagerduty'
-      api_key: <api_key>
+      api_key: '<api_key>'
       alert_level: 10
   monitor_aws:
     disable: 'no'
@@ -278,8 +278,8 @@ wazuh_manager_config:
         bucket_type: 'guardduty'
         path: 'path'
         only_logs_after: '1970-JAN-01'
-        access_key: <access key>
-        secret_key: <secret key>
+        access_key: '<access key>'
+        secret_key: '<secret key>'
   labels:
     enable: false
     list:
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
index 1a164900..6251c292 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
@@ -1,11 +1,11 @@
----
-monitor_aws:
-    disable: 'no'
-    interval: '10m'
-    run_on_start: 'yes'
-    skip_on_error: 'yes'
-    s3:
-      - name: 'S3_bucket'
-        bucket_type: 'guardduty'
-        access_key: ''
-        secret_key: ''
+#---
+#monitor_aws:
+#    disable: 'no'
+#    interval: '10m'
+#    run_on_start: 'yes'
+#    skip_on_error: 'yes'
+#    s3:
+#      - name: 'S3_bucket'
+#        bucket_type: 'guardduty'
+#        access_key: '<access_key>'
+#        secret_key: '<secret_key>'

From dd0c0d24ad15b3d765ffc999a6704c715c05109a Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Mon, 14 Oct 2019 17:25:50 -0500
Subject: [PATCH 354/714] adjust for passing strings

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 2 +-
 .../wazuh/ansible-wazuh-manager/vars/external_API_creds.yml | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index a5840bec..f86d7bf3 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -262,7 +262,7 @@ wazuh_manager_config:
       format: null
   integrations:
     - name: 'slack'
-      hook_url: <hook_url>
+      hook_url: '<hook_url>'
       alert_level: 10
       alert_format: 'json'
     - name: 'pagerduty'
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
index 2d743af0..5b557fea 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
@@ -1,9 +1,9 @@
 #---
 #integrations:
 #  - name: 'slack'
-#    hook_url: <hook_url>
-#    alert_level: 10
+#    hook_url: '<hook_url>'
+#    rule_id: '80102'
 #    alert_format: 'json'
 #  - name: 'pagerduty'
-#    api_key: <api_key>
+#    api_key: '<api_key>'
 #    alert_level: 10

From c265bbbaac6c581fba22f3947ac9cea05a94b06c Mon Sep 17 00:00:00 2001
From: havidarou <javier@wazuh.com>
Date: Sat, 19 Oct 2019 17:39:38 +0200
Subject: [PATCH 355/714] Add filebeat role to wazuh-elastic_stack-single.yml
 playbook

---
 playbooks/wazuh-elastic_stack-single.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index ac5efaf1..051b5fd2 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -2,5 +2,7 @@
 - hosts: <your server host>
   roles:
       - {role: ../roles/wazuh/ansible-wazuh-manager}
+      - role: ../roles/wazuh/ansible-filebeat
+        filebeat_output_elasticsearch_hosts: localhost:9200
       - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
       - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }

From 6db1fd65d385e2365c64e08c18e771eb5b62475f Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 21 Oct 2019 16:34:43 +0200
Subject: [PATCH 356/714] Add support for environments with low disk space

This adds and option to bypass ES default disk-based shard allocation.
---
 .../ansible-elasticsearch/defaults/main.yml              | 1 +
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2 | 9 ++++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index c19fcce9..87381a4e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -14,6 +14,7 @@ elasticsearch_cluster_nodes:
 elasticsearch_discovery_nodes:
   - 127.0.0.1
 
+elasticsearch_lower_disk_requirements: false
 # X-Pack Security 
 elasticsearch_xpack_security: false
 elasticsearch_xpack_security_user: elastic
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 3cd386da..2bb6ebe4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -27,6 +27,13 @@ discovery.seed_hosts:
 {% endfor %}
 {% endif %}
 
+{% if elasticsearch_lower_disk_requirements %}
+cluster.routing.allocation.disk.threshold_enabled: true
+cluster.routing.allocation.disk.watermark.flood_stage: 200mb
+cluster.routing.allocation.disk.watermark.low: 500mb
+cluster.routing.allocation.disk.watermark.high: 300mb
+{% endif %}
+
 # XPACK Security
 
 {% if elasticsearch_xpack_security %}
@@ -49,4 +56,4 @@ xpack.security.http.ssl.certificate_authorities: [ "{{ node_certs_destination }}
 {% elif generate_CA == false %}
 xpack.security.http.ssl.certificate_authorities: [ "{{ node_certs_destination }}/{{ca_cert_name}}" ]
 {% endif %}
-{% endif %}
\ No newline at end of file
+{% endif %}

From 62ac174880772dd874b884dbff89da919287453e Mon Sep 17 00:00:00 2001
From: sgargel <sgargel@yahoo.it>
Date: Thu, 24 Oct 2019 18:24:32 +0200
Subject: [PATCH 357/714] Fix for Wazuh-API User skipped on debian

This should fix that Wazuh-API User task is being skipped on debian > 6
---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index a1afbb4c..40b51863 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -322,8 +322,7 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon')
-    - ansible_distribution_major_version|int < 6
+    - not (ansible_facts['os_family']|lower == 'redhat' and ansible_distribution_major_version|int < 6)
   tags:
     - config
 
@@ -379,8 +378,7 @@
   environment:
     LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
   when:
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon')
-    - ansible_distribution_major_version|int < 6
+    - not (ansible_facts['os_family']|lower == 'redhat' and ansible_distribution_major_version|int < 6)
 
 - name: Ensure Wazuh Manager is started and enabled (EL5)
   service:

From 9647c79e68c14ec8f345e16632c9a4ce577c47dc Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 25 Oct 2019 13:44:56 +0200
Subject: [PATCH 358/714] Updated Filebeat configuration file template

---
 .../templates/filebeat.yml.j2                 | 56 ++++---------------
 1 file changed, 11 insertions(+), 45 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
index 466d9a89..da87ec8d 100644
--- a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2
@@ -1,58 +1,24 @@
 # Wazuh - Filebeat configuration file
 
-filebeat.inputs:
-  - type: log
-    paths:
-      - '/var/ossec/logs/alerts/alerts.json'
+# Wazuh - Filebeat configuration file
+filebeat.modules:
+  - module: wazuh
+    alerts:
+      enabled: true
+    archives:
+      enabled: false
 
 setup.template.json.enabled: true
-setup.template.json.path: "/etc/filebeat/wazuh-template.json"
-setup.template.json.name: "wazuh"
+setup.template.json.path: '/etc/filebeat/wazuh-template.json'
+setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
+setup.ilm.enabled: false
 
-processors:
-  - decode_json_fields:
-      fields: ['message']
-      process_array: true
-      max_depth: 200
-      target: ''
-      overwrite_keys: true
-  - drop_fields:
-      fields: ['message', 'ecs', 'beat', 'input_type', 'tags', 'count', '@version', 'log', 'offset', 'type', 'host']
-  - rename:
-      fields:
-        - from: "data.aws.sourceIPAddress"
-          to: "@src_ip"
-      ignore_missing: true
-      fail_on_error: false
-      when:
-        regexp:
-          data.aws.sourceIPAddress: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
-  - rename:
-      fields:
-        - from: "data.srcip"
-          to: "@src_ip"
-      ignore_missing: true
-      fail_on_error: false
-      when:
-        regexp:
-          data.srcip: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
-  - rename:
-      fields:
-        - from: "data.win.eventdata.ipAddress"
-          to: "@src_ip"
-      ignore_missing: true
-      fail_on_error: false
-      when:
-        regexp:
-          data.win.eventdata.ipAddress: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
 
 # Send events directly to Elasticsearch
 output.elasticsearch:
   hosts: {{ filebeat_output_elasticsearch_hosts | to_json }}
-  #pipeline: geoip
-  indices:
-    - index: 'wazuh-alerts-3.x-%{+yyyy.MM.dd}'
+
 {% if filebeat_xpack_security %}
   username: {{ elasticsearch_xpack_security_user }}
   password: {{ elasticsearch_xpack_security_password }}

From 359f3e3cb40dfcf1c10cd99af7eee9c866e59d39 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 25 Oct 2019 13:45:03 +0200
Subject: [PATCH 359/714] Updated Wazuh template

---
 roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
index 06af6322..5387bf8c 100644
--- a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
@@ -162,6 +162,7 @@
       "data.dstip",
       "data.dstport",
       "data.dstuser",
+      "data.extra_data",
       "data.hardware.serial",
       "data.id",
       "data.integration",
@@ -943,6 +944,9 @@
           "data": {
             "type": "keyword"
           },
+          "extra_data": {
+            "type": "keyword"
+          },
           "system_name": {
             "type": "keyword"
           },
@@ -1673,4 +1677,4 @@
     }
   },
   "version": 1
-}
+}
\ No newline at end of file

From 88d3ea22dd83eb5eb0d3654c06e26d5183ae8673 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 25 Oct 2019 16:59:14 +0200
Subject: [PATCH 360/714] Update tempate for ossec.conf (Agent)

---
 .../var-ossec-etc-ossec-agent.conf.j2         | 159 +++++++++---------
 1 file changed, 81 insertions(+), 78 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 4d43bc94..61c28012 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -1,4 +1,4 @@
-#jinja2: trim_blocks: False
+#jinja2: lstrip_blocks: True
 <!-- {{ ansible_managed }} -->
 <!--
   Wazuh - Agent
@@ -8,7 +8,6 @@
 
 <ossec_config>
   <client>
-
     {% for manager in wazuh_managers  %}
     <server>
       <address>{{ manager.address }}</address>
@@ -20,7 +19,6 @@
       {% endif %}
     </server>
     {% endfor %}
-
     {% if wazuh_profile is not none %}
     <config-profile>{{ wazuh_profile }}</config-profile>
     {% endif %}
@@ -31,12 +29,14 @@
     <auto_restart>{{ wazuh_auto_restart }}</auto_restart>
     <crypto_method>{{ wazuh_crypto_method }}</crypto_method>
   </client>
+
   <client_buffer>
     <!-- Agent buffer options -->
     <disabled>{{ wazuh_agent_config.client_buffer.disable }}</disabled>
     <queue_size>{{ wazuh_agent_config.client_buffer.queue_size }}</queue_size>
     <events_per_second>{{ wazuh_agent_config.client_buffer.events_per_sec }}</events_per_second>
   </client_buffer>
+
   <logging>
     <log_format>{{ wazuh_agent_config.log_format }}</log_format>
   </logging>
@@ -72,7 +72,6 @@
     {% endif %}
     <skip_nfs>yes</skip_nfs>
     {% endif %}
-
     {% if ansible_os_family == "Windows" %}
     <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
     <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
@@ -86,11 +85,11 @@
   {% if wazuh_agent_config.syscheck is defined %}
   <syscheck>
     <disabled>no</disabled>
-<!--    #<alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
+  <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
     <!-- Frequency that syscheck is executed -- default every 20 hours -->
     <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
     {% if ansible_system == "Linux" %}
-<!--    #<directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> -->
+  <!-- <directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> -->
     <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
     <directories check_all="yes">/bin,/sbin,/boot</directories>
 
@@ -130,7 +129,7 @@
     {% for no_diff in wazuh_agent_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
     {% endfor %}
-
+    
     <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
     {% endif %}
     <!-- Remove not monitored files -->
@@ -270,29 +269,29 @@
     <processes>{{ wazuh_agent_config.syscollector.processes }}</processes>
   </wodle>
 
-    <sca>
-    {% if wazuh_agent_config.sca.enabled | length > 0 %}
-      <enabled>{{ wazuh_agent_config.sca.enabled }}</enabled>
-    {% endif %}
-    {% if wazuh_agent_config.sca.scan_on_start | length > 0 %}
-      <scan_on_start>{{ wazuh_agent_config.sca.scan_on_start }}</scan_on_start>
-    {% endif %}
-    {% if wazuh_agent_config.sca.interval | length > 0 %}
-      <interval>{{ wazuh_agent_config.sca.interval }}</interval>
-    {% endif %}
-    {% if wazuh_agent_config.sca.skip_nfs | length > 0 %}  
-      <skip_nfs>yes</skip_nfs>
-    {% endif %}
-    {% if wazuh_agent_config.sca.day | length > 0 %}  
-      <day>yes</day>
-    {% endif %}
-    {% if wazuh_agent_config.sca.wday | length > 0 %}  
-      <wday>yes</wday>
-    {% endif %}
-    {% if wazuh_agent_config.sca.time | length > 0 %}  
-      <time>yes</time>
-    {% endif %}
-    </sca>
+  <sca>
+  {% if wazuh_agent_config.sca.enabled | length > 0 %}
+    <enabled>{{ wazuh_agent_config.sca.enabled }}</enabled>
+  {% endif %}
+  {% if wazuh_agent_config.sca.scan_on_start | length > 0 %}
+    <scan_on_start>{{ wazuh_agent_config.sca.scan_on_start }}</scan_on_start>
+  {% endif %}
+  {% if wazuh_agent_config.sca.interval | length > 0 %}
+    <interval>{{ wazuh_agent_config.sca.interval }}</interval>
+  {% endif %}
+  {% if wazuh_agent_config.sca.skip_nfs | length > 0 %}
+    <skip_nfs>yes</skip_nfs>
+  {% endif %}
+  {% if wazuh_agent_config.sca.day | length > 0 %}  
+    <day>yes</day>
+  {% endif %}
+  {% if wazuh_agent_config.sca.wday | length > 0 %}  
+    <wday>yes</wday>
+  {% endif %}
+  {% if wazuh_agent_config.sca.time | length > 0 %}  
+    <time>yes</time>
+  {% endif %}
+  </sca>
 
   {% if ansible_system == "Linux" and wazuh_agent_config.vuls.disable == 'no' %}
   <wodle name="command">
@@ -306,68 +305,72 @@
   {% endif %}
 
   <!-- Files to monitor (localfiles) -->
-    {% if ansible_system == "Linux" %}
-    {% for localfile in wazuh_agent_config.localfiles.linux %}
-    <localfile>
-        <log_format>{{ localfile.format }}</log_format>
+  {% if ansible_system == "Linux" %}
+  {% for localfile in wazuh_agent_config.localfiles.linux %}
+  
+  <localfile>
+    <log_format>{{ localfile.format }}</log_format>
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
-        <command>{{ localfile.command }}</command>
-        <frequency>{{ localfile.frequency }}</frequency>
-        {% if localfile.alias is defined %}
-          <alias>{{ localfile.alias }}</alias>
-        {% endif %}
-    {% else %}
-        <location>{{ localfile.location }}</location>
+    <command>{{ localfile.command }}</command>
+    <frequency>{{ localfile.frequency }}</frequency>
+    {% if localfile.alias is defined %}
+    <alias>{{ localfile.alias }}</alias>
     {% endif %}
-    </localfile>
+  {% else %}
+    <location>{{ localfile.location }}</location>
+    {% endif %}
+  </localfile>
   {% endfor %}
   {% endif %}
 
-    {% if ansible_os_family == "Debian" %}
-    {% for localfile in wazuh_agent_config.localfiles.debian %}
-    <localfile>
-        <log_format>{{ localfile.format }}</log_format>
+  {% if ansible_os_family == "Debian" %}
+  {% for localfile in wazuh_agent_config.localfiles.debian %}
+
+  <localfile>
+      <log_format>{{ localfile.format }}</log_format>
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
-        <command>{{ localfile.command }}</command>
-        <frequency>{{ localfile.frequency }}</frequency>
-        {% if localfile.alias is defined %}
-          <alias>{{ localfile.alias }}</alias>
-        {% endif %}
-    {% else %}
-        <location>{{ localfile.location }}</location>
-    {% endif %}
-    </localfile>
+      <command>{{ localfile.command }}</command>
+      <frequency>{{ localfile.frequency }}</frequency>
+    {% if localfile.alias is defined %}
+      <alias>{{ localfile.alias }}</alias>
+      {% endif %}
+  {% else %}
+      <location>{{ localfile.location }}</location>
+  {% endif %}
+  </localfile>
   {% endfor %}
   {% endif %}
 
-    {% if ansible_os_family == "RedHat" %}
-    {% for localfile in wazuh_agent_config.localfiles.centos %}
-    <localfile>
-        <log_format>{{ localfile.format }}</log_format>
+  {% if ansible_os_family == "RedHat" %}
+  {% for localfile in wazuh_agent_config.localfiles.centos %}
+
+  <localfile>
+      <log_format>{{ localfile.format }}</log_format>
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}
-        <command>{{ localfile.command }}</command>
-        <frequency>{{ localfile.frequency }}</frequency>
-        {% if localfile.alias is defined %}
-          <alias>{{ localfile.alias }}</alias>
-        {% endif %}
+      <command>{{ localfile.command }}</command>
+      <frequency>{{ localfile.frequency }}</frequency>
+      {% if localfile.alias is defined %}
+      <alias>{{ localfile.alias }}</alias>
+      {% endif %}
     {% else %}
-        <location>{{ localfile.location }}</location>
-    {% endif %}
-    </localfile>
+      <location>{{ localfile.location }}</location>
+  {% endif %}
+  </localfile>
   {% endfor %}
   {% endif %}
 
-   {% if ansible_os_family == "Windows" %}
-   {% for localfile in wazuh_agent_config.localfiles.windows %}
-    <localfile>
-        <log_format>{{ localfile.format }}</log_format>
-    {% if localfile.format == 'eventchannel' %}
-        <location>{{ localfile.location }}</location>
-        <query>{{ localfile.query}}</query>
-    {% else %}
-        <location>{{ localfile.location }}</location>
-    {% endif %}
-    </localfile>
+  {% if ansible_os_family == "Windows" %}
+  {% for localfile in wazuh_agent_config.localfiles.windows %}
+
+  <localfile>
+      <log_format>{{ localfile.format }}</log_format>
+  {% if localfile.format == 'eventchannel' %}
+      <location>{{ localfile.location }}</location>
+      <query>{{ localfile.query}}</query>
+  {% else %}
+      <location>{{ localfile.location }}</location>
+  {% endif %}
+  </localfile>
   {% endfor %}
   {% endif %}
 

From 9d607c2a4256b608c8338e7aae09203725a41cd2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 25 Oct 2019 16:59:25 +0200
Subject: [PATCH 361/714] Update template for ossec.conf (Manager)

---
 .../var-ossec-etc-ossec-server.conf.j2        | 192 ++++++++++--------
 1 file changed, 112 insertions(+), 80 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 145af4af..733cae18 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -1,4 +1,4 @@
-#jinja2: trim_blocks: False
+#jinja2: lstrip_blocks: True
 <!--
   Wazuh - Manager - Default configuration
   More info at: https://documentation.wazuh.com
@@ -62,11 +62,15 @@
     <log_format>{{ wazuh_manager_config.log_format }}</log_format>
   </logging>
 
-  {% for connection in wazuh_manager_config.connection %}
-   <remote>
+{% for connection in wazuh_manager_config.connection %}
+  <remote>
     <connection>{{ connection.type }}</connection>
-    {% if connection.port is defined %}<port>{{ connection.port }}</port>{% endif %}
-    {% if connection.protocol is defined %}<protocol>{{ connection.protocol }}</protocol>{% endif %}
+    {% if connection.port is defined %}
+    <port>{{ connection.port }}</port>
+    {% endif %}
+    {% if connection.protocol is defined %}
+    <protocol>{{ connection.protocol }}</protocol>
+    {% endif %}
     {% if connection.allowed_ips is defined %}
     {% for allowed_ip in connection.allowed_ips %}
     <allowed-ips>{{ allowed_ip }}</allowed-ips>
@@ -77,11 +81,17 @@
     <denied-ips>{{ denied_ip }}</denied-ips>
     {% endfor %}
     {% endif %}
-    {% if connection.local_ip is defined %}<local_ip>{{ connection.local_ip }}</local_ip>{% endif %}
-    {% if connection.ipv6 is defined %}<ipv6>{{ connection.ipv6 }}</ipv6>{% endif %}
-    {% if connection.queue_size is defined %}<queue_size>{{connection.queue_size}}</queue_size>{% endif %}
+    {% if connection.local_ip is defined %}
+    <local_ip>{{ connection.local_ip }}</local_ip>
+    {% endif %}
+    {% if connection.ipv6 is defined %}
+    <ipv6>{{ connection.ipv6 }}</ipv6>
+    {% endif %}
+    {% if connection.queue_size is defined %}
+    <queue_size>{{connection.queue_size}}</queue_size>
+    {% endif %}
   </remote>
-  {% endfor %}
+{% endfor %}
 
 {% if wazuh_manager_config.reports is defined %}
 {% for report in wazuh_manager_config.reports %}
@@ -102,7 +112,6 @@
 {% endfor %}
 {% endif %}
 
-
   <!-- Policy monitoring -->
   <rootcheck>
     <disabled>no</disabled>
@@ -222,29 +231,29 @@
     <processes>{{ wazuh_manager_config.syscollector.processes }}</processes>
   </wodle>
 
-    <sca>
-    {% if wazuh_manager_config.sca.enabled | length > 0 %}
-      <enabled>{{ wazuh_manager_config.sca.enabled }}</enabled>
-    {% endif %}
-    {% if wazuh_manager_config.sca.scan_on_start | length > 0 %}
-      <scan_on_start>{{ wazuh_manager_config.sca.scan_on_start }}</scan_on_start>
-    {% endif %}
-    {% if wazuh_manager_config.sca.interval | length > 0 %}
-      <interval>{{ wazuh_manager_config.sca.interval }}</interval>
-    {% endif %}
-    {% if wazuh_manager_config.sca.skip_nfs | length > 0 %}  
-      <skip_nfs>yes</skip_nfs>
-    {% endif %}
-    {% if wazuh_manager_config.sca.day | length > 0 %}  
-      <day>yes</day>
-    {% endif %}
-    {% if wazuh_manager_config.sca.wday | length > 0 %}  
-      <wday>yes</wday>
-    {% endif %}
-    {% if wazuh_manager_config.sca.time | length > 0 %}  
-      <time>yes</time>
-    {% endif %}
-    </sca>
+  <sca>
+  {% if wazuh_manager_config.sca.enabled | length > 0 %}
+    <enabled>{{ wazuh_manager_config.sca.enabled }}</enabled>
+  {% endif %}
+  {% if wazuh_manager_config.sca.scan_on_start | length > 0 %}
+    <scan_on_start>{{ wazuh_manager_config.sca.scan_on_start }}</scan_on_start>
+  {% endif %}
+  {% if wazuh_manager_config.sca.interval | length > 0 %}
+    <interval>{{ wazuh_manager_config.sca.interval }}</interval>
+  {% endif %}
+  {% if wazuh_manager_config.sca.skip_nfs | length > 0 %}
+    <skip_nfs>yes</skip_nfs>
+  {% endif %}
+  {% if wazuh_manager_config.sca.day | length > 0 %}  
+    <day>yes</day>
+  {% endif %}
+  {% if wazuh_manager_config.sca.wday | length > 0 %}  
+    <wday>yes</wday>
+  {% endif %}
+  {% if wazuh_manager_config.sca.time | length > 0 %}  
+    <time>yes</time>
+  {% endif %}
+  </sca>
 
   <wodle name="vulnerability-detector">
     <disabled>{{ wazuh_manager_config.vul_detector.disable }}</disabled>
@@ -297,7 +306,6 @@
     {% for no_diff in wazuh_manager_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
     {% endfor %}
-
     {% if wazuh_manager_config.syscheck.skip_nfs is defined %}
     <skip_nfs>{{ wazuh_manager_config.syscheck.skip_nfs }}</skip_nfs>
     {% endif %}
@@ -319,53 +327,77 @@
 {% endfor %}
   </global>
 
-  {% for command in wazuh_manager_config.commands %}
-    <command>
-      <name>{{ command.name }}</name>
-      <executable>{{ command.executable }}</executable>
-      <expect>{{ command.expect }}</expect>
-      <timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed>
-    </command>
+{% for command in wazuh_manager_config.commands %}
+
+  <command>
+    <name>{{ command.name }}</name>
+    <executable>{{ command.executable }}</executable>
+    <expect>{{ command.expect }}</expect>
+    <timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed>
+  </command>
+{% endfor %}
+
+  <ruleset>
+  <!-- Default ruleset -->
+  <decoder_dir>ruleset/decoders</decoder_dir>
+  <rule_dir>ruleset/rules</rule_dir>
+  {% if wazuh_manager_config.rule_exclude is defined %}
+  {% for rule in wazuh_manager_config.rule_exclude %}
+  <rule_exclude>{{ rule }}</rule_exclude>
   {% endfor %}
+  {% endif %}
+  {% if cdb_lists is defined %}
+  {% for list in cdb_lists %}
+  <list>etc/lists/{{ list.name }}</list>
+  {% endfor %}
+  {% endif %}
 
-   <ruleset>
-    <!-- Default ruleset -->
-    <decoder_dir>ruleset/decoders</decoder_dir>
-    <rule_dir>ruleset/rules</rule_dir>
-    {% if wazuh_manager_config.rule_exclude is defined %}
-    {% for rule in wazuh_manager_config.rule_exclude %}
-    <rule_exclude>{{ rule }}</rule_exclude>
-    {% endfor %}
-    {% endif %}
-    {% if cdb_lists is defined %}
-    {% for list in cdb_lists %}
-    <list>etc/lists/{{ list.name }}</list>
-    {% endfor %}
-    {% endif %}
-
-    <!-- User-defined ruleset -->
-    <decoder_dir>etc/decoders</decoder_dir>
-    <rule_dir>etc/rules</rule_dir>
+  <!-- User-defined ruleset -->
+  <decoder_dir>etc/decoders</decoder_dir>
+  <rule_dir>etc/rules</rule_dir>
   </ruleset>
 
 {% if wazuh_manager_config.authd.enable == true %}
   <auth>
     <disabled>no</disabled>
-    {% if wazuh_manager_config.authd.port is not none %}<port>{{wazuh_manager_config.authd.port}}</port>{% else %}<port>1515</port>{% endif %}
-    {% if wazuh_manager_config.authd.use_source_ip is not none %}<use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>{% endif %}
-    {% if wazuh_manager_config.authd.force_insert is not none %}<force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>{% endif %}
-    {% if wazuh_manager_config.authd.force_time is not none %}<force_time>{{wazuh_manager_config.authd.force_time}}</force_time>{% endif %}
-    {% if wazuh_manager_config.authd.purge is not none %}<purge>{{wazuh_manager_config.authd.purge}}</purge>{% endif %}
-    {% if wazuh_manager_config.authd.use_password is not none %}<use_password>{{wazuh_manager_config.authd.use_password}}</use_password>{% endif %}
-    {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}<ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>{% endif %}
-    {% if wazuh_manager_config.authd.ssl_verify_host is not none %}<ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>{% endif %}
-    {% if wazuh_manager_config.authd.ssl_manager_cert is not none %}<ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>{% endif %}
-    {% if wazuh_manager_config.authd.ssl_manager_key is not none %}<ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>{% endif %}
-    {% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}<ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>{% endif %}
+    {% if wazuh_manager_config.authd.port is not none %}
+    <port>{{wazuh_manager_config.authd.port}}</port>
+    {% else %}
+    <port>1515</port>
+    {% endif %}
+    {% if wazuh_manager_config.authd.use_source_ip is not none %}
+    <use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>
+    {% endif %}
+    {% if wazuh_manager_config.authd.force_insert is not none %}
+    <force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>
+    {% endif %}
+    {% if wazuh_manager_config.authd.force_time is not none %}
+    <force_time>{{wazuh_manager_config.authd.force_time}}</force_time>
+    {% endif %}
+    {% if wazuh_manager_config.authd.purge is not none %}
+    <purge>{{wazuh_manager_config.authd.purge}}</purge>
+    {% endif %}
+    {% if wazuh_manager_config.authd.use_password is not none %}
+    <use_password>{{wazuh_manager_config.authd.use_password}}</use_password>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
+    <ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_verify_host is not none %}
+    <ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_manager_cert is not none %}
+    <ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_manager_key is not none %}
+    <ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}
+    <ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>
+    {% endif %}
   </auth>
 {% endif %}
 
-
   <cluster>
     <disabled>{{ wazuh_manager_config.cluster.disable }}</disabled>
     <name>{{ wazuh_manager_config.cluster.name }}</name>
@@ -385,7 +417,7 @@
     <hidden>{{ wazuh_manager_config.cluster.hidden }}</hidden>
   </cluster>
 
-  {% if ansible_system == "Linux" and wazuh_manager_config.vuls.disable == 'no' %}
+{% if ansible_system == "Linux" and wazuh_manager_config.vuls.disable == 'no' %}
   <wodle name="command">
     <disabled>no</disabled>
     <tag>Wazuh-VULS</tag>
@@ -394,7 +426,7 @@
     <ignore_output>yes</ignore_output>
     <run_on_start>{{ wazuh_manager_config.vuls.run_on_start }}</run_on_start>
   </wodle>
-  {% endif %}
+{% endif -%}
 
 {% if agentless_creds is defined %}
 {% for agentless in agentless_creds %}
@@ -407,11 +439,8 @@
       <arguments>{{ agentless.arguments }}</arguments>
     {% endif %}
   </agentless>
-
 {% endfor %}
-{% endif %}
-
-
+{% endif -%}
 
 {% if wazuh_manager_config.active_responses is defined %}
   {% for response in wazuh_manager_config.active_responses %}
@@ -427,10 +456,11 @@
       {%if response.repeated_offenders is defined %}<repeated_offenders>{{ response.repeated_offenders }}</repeated_offenders>{% endif %}
     </active-response>
   {% endfor %}
-{% endif %}
+{% endif -%}
 
   <!-- Files to monitor (localfiles) -->
 {% for localfile in wazuh_manager_config.localfiles.common %}
+
   <localfile>
      <log_format>{{ localfile.format }}</log_format>
      {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@@ -468,6 +498,7 @@
 
 {% if ansible_os_family == "Debian" %}
 {% for localfile in wazuh_manager_config.localfiles.debian %}
+
   <localfile>
      <log_format>{{ localfile.format }}</log_format>
      {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@@ -502,10 +533,11 @@
      {% endif %}
   </localfile>
 {% endfor %}
-{% endif %}
+{% endif -%}
 
 {% if ansible_os_family == "RedHat" %}  
 {% for localfile in wazuh_manager_config.localfiles.centos %}
+
   <localfile>
      <log_format>{{ localfile.format }}</log_format>
      {% if localfile.format == 'command' or localfile.format == 'full_command' %}
@@ -540,7 +572,7 @@
      {% endif %}
   </localfile>
 {% endfor %}
-{% endif %}
+{% endif -%}
 
 {% if wazuh_manager_config.syslog_outputs is defined %}
 {% for syslog_output in wazuh_manager_config.syslog_outputs %}

From 812fadd76b40a9f05c5159fa53b9a150368ca272 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 10:01:25 +0100
Subject: [PATCH 362/714] Add default to manage repositories

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 87f8534c..d7155415 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -31,6 +31,10 @@ wazuh_winagent_config:
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 71650780904cbfc2e45eae4298adb7a3 
 wazuh_agent_config:
+  repo:
+    apt: 'https://packages.wazuh.com/3.x/apt/ stable main'
+    yum: 'https://packages.wazuh.com/3.x/yum/'
+    gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
   active_response:
     ar_disabled: 'no'
     ca_store: '/var/ossec/etc/wpk_root.pem'

From 8a69a6e92234db6539ff439e5a7c1097c2851903 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 10:02:07 +0100
Subject: [PATCH 363/714] Update Debian repositories to use dynamic urls from
 default variables

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml   | 5 +++--
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 8 +++++---
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 48e45685..e2629069 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -22,13 +22,14 @@
     - ansible_distribution_major_version | int == 14
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
-  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key:
+    url: "{{ wazuh_agent_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
+    repo: "deb {{ wazuh_agent_config.repo.apt }}"
     state: present
     update_cache: true
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 9e9a94d7..79328bb1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -24,13 +24,14 @@
     - ansible_distribution_major_version | int == 14
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
-  apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+  apt_key:
+    url: "{{ wazuh_agent_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
+    repo: deb "{{ wazuh_agent_config.repo.apt }}"
     state: present
     update_cache: true
   changed_when: false
@@ -49,7 +50,8 @@
     - ansible_distribution_major_version | int == 14
 
 - name: Debian/Ubuntu | Installing NodeJS repository key
-  apt_key: url=https://deb.nodesource.com/gpgkey/nodesource.gpg.key
+  apt_key:
+    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 

From afff33941d088497085209c5d2d750e7e423fe8e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 10:02:41 +0100
Subject: [PATCH 364/714] Update RedHat tasks to use dynamic repo urls from
 variables

---
 .../ansible-wazuh-agent/tasks/RedHat.yml      | 27 ++++++----------
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 31 ++++++++++---------
 2 files changed, 26 insertions(+), 32 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 33382e28..86d38f12 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -1,36 +1,27 @@
 ---
-- name: RedHat/CentOS/Fedora | Install Wazuh repo
-  yum_repository:
-    name: wazuh_repo
-    description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
-    gpgcheck: true
-  changed_when: false
-  when:
-    - ansible_distribution_major_version|int > 5
-
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/5/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH-5
+    baseurl: "{{ wazuh_agent_config.repo.yum }}5/"
+    gpgkey: "{{ wazuh_agent_config.repo.gpg }}-5"
     gpgcheck: true
   changed_when: false
   when:
-    - ansible_distribution_major_version|int == 5
+    - (ansible_facts['os_family']|lower == 'redhat')
+    - (ansible_os_family = ansible_distribution_major_version|int <= 5)
+  register: repo_v5_installed
 
-- name: AmazonLinux | Install Wazuh repo
+- name: RedHat/CentOS/Fedora | Install Wazuh repo
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: "{{ wazuh_agent_config.repo.yum }}"
+    gpgkey: "{{ wazuh_agent_config.repo.gpg }}"
     gpgcheck: true
   changed_when: false
   when:
-    - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
+    - repo_v5_installed is undefined
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 7540e142..ffac6189 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -38,26 +38,29 @@
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
-- name: RedHat/CentOS/Fedora | Install Wazuh repo
-  yum_repository:
-    name: wazuh_repo
-    description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
-    gpgcheck: true
-  changed_when: false
-  when:
-    - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
-
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: https://packages.wazuh.com/3.x/yum/5/
-    gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+    baseurl: "{{ wazuh_agent_config.repo.yum }}5/"
+    gpgkey: "{{ wazuh_agent_config.repo.gpg }}-5"
     gpgcheck: true
+  changed_when: false
   when:
-    - ansible_distribution_major_version|int == 5
+    - (ansible_facts['os_family']|lower == 'redhat')
+    - (ansible_os_family = ansible_distribution_major_version|int <= 5)
+  register: repo_v5_manager_installed
+
+- name: RedHat/CentOS/Fedora | Install Wazuh repo
+  yum_repository:
+    name: wazuh_repo
+    description: Wazuh repository
+    baseurl: "{{ wazuh_agent_config.repo.yum }}"
+    gpgkey: "{{ wazuh_agent_config.repo.gpg }}"
+    gpgcheck: true
+  changed_when: false
+  when:
+    - repo_v5_manager_installed is undefined
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present

From 8c1740381bc392322395663963d9d76dff331dee Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 10:27:22 +0100
Subject: [PATCH 365/714] Add manager repo variables

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f45e95b0..1482a533 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,6 +5,10 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: latest
 
 wazuh_manager_config:
+  repo:
+    apt: 'https://packages.wazuh.com/3.x/apt/ stable main'
+    yum: 'https://packages.wazuh.com/3.x/yum/'
+    gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
   json_output: 'yes'
   alerts_log: 'yes'
   logall: 'no'

From a21392fe58991ac5e0645e69afd38e57f43fcc74 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 10:27:32 +0100
Subject: [PATCH 366/714] Fix manager repo variables typo

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index ffac6189..3ec0719b 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -42,8 +42,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: "{{ wazuh_agent_config.repo.yum }}5/"
-    gpgkey: "{{ wazuh_agent_config.repo.gpg }}-5"
+    baseurl: "{{ wazuh_manager_config.repo.yum }}5/"
+    gpgkey: "{{ wazuh_manager_config.repo.gpg }}-5"
     gpgcheck: true
   changed_when: false
   when:
@@ -55,8 +55,8 @@
   yum_repository:
     name: wazuh_repo
     description: Wazuh repository
-    baseurl: "{{ wazuh_agent_config.repo.yum }}"
-    gpgkey: "{{ wazuh_agent_config.repo.gpg }}"
+    baseurl: "{{ wazuh_manager_config.repo.yum }}"
+    gpgkey: "{{ wazuh_manager_config.repo.gpg }}"
     gpgcheck: true
   changed_when: false
   when:

From 30b04ac5a8b7c0771d2485a4a44a0b44bc8b8665 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 10:55:21 +0100
Subject: [PATCH 367/714] Update CHANGELOG.md

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)
 mode change 100644 => 100755 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
old mode 100644
new mode 100755
index ad13d3d3..f220561d
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.xx.x_x.x.x]
+
+## Changed
+
+- Make Wazuh repositories instalation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
+
 ## [v3.10.2_7.3.2]
 
 ### Added

From 3bedf74055c69f8eccb1f2083a93df9fdb9ad777 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 11:50:55 +0100
Subject: [PATCH 368/714] Fix wrong conditionals in repo installation tasks

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 86d38f12..0c3b8b97 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -9,7 +9,7 @@
   changed_when: false
   when:
     - (ansible_facts['os_family']|lower == 'redhat')
-    - (ansible_os_family = ansible_distribution_major_version|int <= 5)
+    - (ansible_distribution_major_version|int <= 5)
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 3ec0719b..71a5a375 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -48,7 +48,7 @@
   changed_when: false
   when:
     - (ansible_facts['os_family']|lower == 'redhat')
-    - (ansible_os_family = ansible_distribution_major_version|int <= 5)
+    - (ansible_distribution_major_version|int <= 5)
   register: repo_v5_manager_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo

From 83d0de790a46e9ebed1a86fc9c9fe6e22f2335fe Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 15:54:29 +0100
Subject: [PATCH 369/714] Fix wazuh manager variable typo related with
 repositories

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 79328bb1..bad36dfb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -25,13 +25,13 @@
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
-    url: "{{ wazuh_agent_config.repo.gpg }}"
+    url: "{{ wazuh_manager_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: deb "{{ wazuh_agent_config.repo.apt }}"
+    repo: deb "{{ wazuh_manager_config.repo.apt }}"
     state: present
     update_cache: true
   changed_when: false

From acb052ba73a5dc6cb15751c7d98452f32a586fdd Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 17:09:39 +0100
Subject: [PATCH 370/714] Fix RedHat conditional related with Wazuh
 repositories

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 71a5a375..09b2c0a4 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -60,7 +60,7 @@
     gpgcheck: true
   changed_when: false
   when:
-    - repo_v5_manager_installed is undefined
+    - repo_v5_manager_installed.skipped
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present

From 34ed408cfd05ce24938b819b069babdfce3c5fab Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 17:54:00 +0100
Subject: [PATCH 371/714] Fix typo in Debian repository installation task

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index bad36dfb..8bf97217 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -31,7 +31,7 @@
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: deb "{{ wazuh_manager_config.repo.apt }}"
+    repo: "deb {{ wazuh_manager_config.repo.apt }}"
     state: present
     update_cache: true
   changed_when: false

From fd0d51bc52432c5e78062a980e8f1ff50e3dbce9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 20:53:14 +0100
Subject: [PATCH 372/714] Change Agent repository condition to .skipped  like
 manager task

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 0c3b8b97..7bfcc611 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -21,8 +21,8 @@
     gpgcheck: true
   changed_when: false
   when:
-    - repo_v5_installed is undefined
-
+    - repo_v5_installed.skipped
+    
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
     url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm

From f367e9bd23ad7b12b11caf1ed94737f8665da11f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 28 Oct 2019 20:54:51 +0100
Subject: [PATCH 373/714] Fix typo in CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f220561d..b434ff63 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 
 ## Changed
 
-- Make Wazuh repositories instalation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
+- Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
 
 ## [v3.10.2_7.3.2]
 

From 0587512be17e52abeed441c837a4380eec2530c3 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 29 Oct 2019 17:31:44 +0100
Subject: [PATCH 374/714] Require openssl

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index a1afbb4c..42be0533 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -5,6 +5,11 @@
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
+- name: Install Openssl
+  package:
+    name: openssl
+    state: present
+
 - name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
   package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }}
   with_items:

From d17542698218973c1e938bbd317d58f8420ce70a Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 29 Oct 2019 17:36:57 +0100
Subject: [PATCH 375/714] Remove duplicated install

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 09b2c0a4..efec0395 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -66,7 +66,6 @@
   package: name={{ item }} state=present
   with_items:
     - openscap-scanner
-    - openssl
   register: wazuh_manager_openscp_packages_installed
   until: wazuh_manager_openscp_packages_installed is succeeded
   tags:

From ec0104cda58d4acca20422a63a40268e00354536 Mon Sep 17 00:00:00 2001
From: sgargel <sgargel@yahoo.it>
Date: Wed, 30 Oct 2019 11:05:46 +0100
Subject: [PATCH 376/714] Update main.yml

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 40b51863..7b2ca34e 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -322,7 +322,6 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
-    - not (ansible_facts['os_family']|lower == 'redhat' and ansible_distribution_major_version|int < 6)
   tags:
     - config
 

From d184ec76fe20af247cb5bbffb27b7f6533bd18fe Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 30 Oct 2019 15:06:00 +0100
Subject: [PATCH 377/714] Require unzip

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 42be0533..97a9f4fa 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -1,15 +1,18 @@
 ---
+- name: "Install dependencies"
+  package:
+    name:
+      - unzip
+      - openssl
+      - tar
+    state: present
+
 - import_tasks: "RedHat.yml"
   when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
 
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
-- name: Install Openssl
-  package:
-    name: openssl
-    state: present
-
 - name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
   package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }}
   with_items:

From f0f54b63a658eeb41c579f3a2859ddbb50293582 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 30 Oct 2019 16:01:32 +0100
Subject: [PATCH 378/714] Rename "elasticsearch_master_candidate" to
 "elasticsearch_node_master"

---
 roles/elastic-stack/ansible-elasticsearch/README.md    | 10 +++++-----
 .../ansible-elasticsearch/defaults/main.yml            |  2 +-
 .../templates/elasticsearch.yml.j2                     |  2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md
index 388affce..c574aa9f 100644
--- a/roles/elastic-stack/ansible-elasticsearch/README.md
+++ b/roles/elastic-stack/ansible-elasticsearch/README.md
@@ -48,11 +48,11 @@ Example Playbook
 
 - hosts: 172.16.0.162
   roles:
-    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.162', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
+    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.162', elasticsearch_node_master: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
 
 - hosts: 172.16.0.163
   roles:
-    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_master_candidate: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
+    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '172.16.0.163', elasticsearch_node_master: true, elasticsearch_cluster_nodes: ['172.16.0.162','172.16.0.163','172.16.0.161']}
 ```
 
 - Three nodes Elasticsearch cluster with XPack security
@@ -64,7 +64,7 @@ Example Playbook
       elasticsearch_network_host: 172.16.0.111
       elasticsearch_node_name: node-1
       single_node: false
-      elasticsearch_master_candidate: true
+      elasticsearch_node_master: true
       elasticsearch_bootstrap_node: true
       elasticsearch_cluster_nodes:
         - 172.16.0.111
@@ -97,7 +97,7 @@ Example Playbook
       elasticsearch_node_name: node-2
       single_node: false
       elasticsearch_xpack_security: true
-      elasticsearch_master_candidate: true
+      elasticsearch_node_master: true
       node_certs_generator_ip: 172.16.0.111
       elasticsearch_discovery_nodes:
         - 172.16.0.111
@@ -111,7 +111,7 @@ Example Playbook
       elasticsearch_node_name: node-3
       single_node: false
       elasticsearch_xpack_security: true
-      elasticsearch_master_candidate: true
+      elasticsearch_node_master: true
       node_certs_generator_ip: 172.16.0.111
       elasticsearch_discovery_nodes:
         - 172.16.0.111
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 87381a4e..abf3161c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -8,7 +8,7 @@ elasticsearch_jvm_xms: null
 elastic_stack_version: 7.3.2
 single_node: true
 elasticsearch_bootstrap_node: false
-elasticsearch_master_candidate: false
+elasticsearch_node_master: false
 elasticsearch_cluster_nodes:
   - 127.0.0.1
 elasticsearch_discovery_nodes:
diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 2bb6ebe4..4f8d56cc 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -20,7 +20,7 @@ discovery.seed_hosts:
   - {{ item }}
 {% endfor %}
 {% else %}
-node.master: {{ elasticsearch_master_candidate|lower }}
+node.master: {{ elasticsearch_node_master|lower }}
 discovery.seed_hosts:
 {% for item in elasticsearch_discovery_nodes %}
   - {{ item }}

From 9020e06ec8d330276439faf78bcbb012281bfbc2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 30 Oct 2019 16:01:56 +0100
Subject: [PATCH 379/714] Update ES parameters with new node.ingest and
 node.data variables

---
 .../ansible-elasticsearch/defaults/main.yml         | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index abf3161c..bcd81183 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -1,20 +1,25 @@
 ---
-elasticsearch_cluster_name: wazuh
-elasticsearch_node_name: node-1
+
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
 elastic_stack_version: 7.3.2
+elasticsearch_lower_disk_requirements: false
+
+# Cluster Settings
 single_node: true
+elasticsearch_cluster_name: wazuh
+elasticsearch_node_name: node-1
 elasticsearch_bootstrap_node: false
 elasticsearch_node_master: false
 elasticsearch_cluster_nodes:
   - 127.0.0.1
 elasticsearch_discovery_nodes:
   - 127.0.0.1
+elasticsearch_node_data: true
+elasticsearch_node_ingest: true
 
-elasticsearch_lower_disk_requirements: false
 # X-Pack Security 
 elasticsearch_xpack_security: false
 elasticsearch_xpack_security_user: elastic
@@ -24,8 +29,6 @@ node_certs_generator: false
 node_certs_source: /usr/share/elasticsearch
 node_certs_destination: /etc/elasticsearch/certs
 
-
-
 # CA generation
 master_certs_path: /es_certs
 generate_CA: true

From a46b681dcfc32f655ed4e93a09e1b4e5d9fa190e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 30 Oct 2019 16:02:26 +0100
Subject: [PATCH 380/714] Update elasticsearch.yml to render node.data and
 .ingest vars

---
 .../ansible-elasticsearch/templates/elasticsearch.yml.j2 | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 4f8d56cc..0d6887f5 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -21,6 +21,12 @@ discovery.seed_hosts:
 {% endfor %}
 {% else %}
 node.master: {{ elasticsearch_node_master|lower }}
+{% if elasticsearch_node_data|lower == 'false' %}
+node.data: false
+{% endif %}
+{% if elasticsearch_node_ingest|lower == 'false' %}
+node.ingest: false
+{% endif %}
 discovery.seed_hosts:
 {% for item in elasticsearch_discovery_nodes %}
   - {{ item }}
@@ -34,9 +40,8 @@ cluster.routing.allocation.disk.watermark.low: 500mb
 cluster.routing.allocation.disk.watermark.high: 300mb
 {% endif %}
 
-# XPACK Security
-
 {% if elasticsearch_xpack_security %}
+# XPACK Security
 xpack.security.enabled: true
 xpack.security.transport.ssl.enabled: true
 xpack.security.transport.ssl.verification_mode: certificate 

From 895715bd19f6f6ff80d3bdf62176a34e21e0539d Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 30 Oct 2019 16:34:30 +0100
Subject: [PATCH 381/714] Enable node repo for Amazon Linux

---
 .../wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 09b2c0a4..bea182b8 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -26,17 +26,9 @@
   args:
     warn: false
     executable: /bin/bash
+    creates: /etc/yum.repos.d/nodesource-el7.repo
   when:
-    - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
-
-- name: AmazonLinux | Install Nodejs repo
-  yum:
-    name: nodejs
-    state: present
-  register: wazuh_manager_amz_node_packages_installed
-  until: wazuh_manager_amz_node_packages_installed is succeeded
-  when:
-    - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
+    - ansible_distribution|lower == "amazon"
 
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
@@ -47,7 +39,7 @@
     gpgcheck: true
   changed_when: false
   when:
-    - (ansible_facts['os_family']|lower == 'redhat')
+    - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
   register: repo_v5_manager_installed
 
@@ -60,7 +52,7 @@
     gpgcheck: true
   changed_when: false
   when:
-    - repo_v5_manager_installed.skipped
+    - repo_v5_manager_installed|skipped
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present

From 0252131041284841e1ecb68f4ea20ec93a098878 Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Thu, 31 Oct 2019 08:29:11 -0500
Subject: [PATCH 382/714] Recommended changes

---
 .../ansible-wazuh-manager/defaults/main.yml   | 21 +++++++++++--------
 .../ansible-wazuh-manager/tasks/main.yml      | 10 ---------
 .../ansible-wazuh-manager/vars/aws_creds.yml  | 11 ----------
 .../vars/external_API_creds.yml               |  9 --------
 4 files changed, 12 insertions(+), 39 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f86d7bf3..ddc62093 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -261,25 +261,28 @@ wazuh_manager_config:
       port: null
       format: null
   integrations:
-    - name: 'slack'
+    #slack
+    - name: null
       hook_url: '<hook_url>'
       alert_level: 10
       alert_format: 'json'
-    - name: 'pagerduty'
+      rule_id: null
+    #pagerduty
+    - name: null
       api_key: '<api_key>'
-      alert_level: 10
+      alert_level: 12
   monitor_aws:
     disable: 'no'
     internal: '10m'
     run_on_start: 'yes'
     skip_on_error: 'yes'
     s3:
-      - name: 's3-bucket-example-name'
-        bucket_type: 'guardduty'
-        path: 'path'
-        only_logs_after: '1970-JAN-01'
-        access_key: '<access key>'
-        secret_key: '<secret key>'
+      - name: null
+        bucket_type: null
+        path: null
+        only_logs_after: null
+        access_key: null
+        secret_key: null
   labels:
     enable: false
     list:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index c247e60f..a1afbb4c 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -200,16 +200,6 @@
   tags:
     - config
 
-- name: Retrieving external API Credentials
-  include_vars: external_API_creds.yml
-  tags:
-    - config
-
-- name: Retrieving AWS Credentials
-  include_vars: aws_creds.yml
-  tags:
-    - config
-
 - name: Retrieving Wazuh-API User Credentials
   include_vars: wazuh_api_creds.yml
   when:
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
deleted file mode 100644
index 6251c292..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-#---
-#monitor_aws:
-#    disable: 'no'
-#    interval: '10m'
-#    run_on_start: 'yes'
-#    skip_on_error: 'yes'
-#    s3:
-#      - name: 'S3_bucket'
-#        bucket_type: 'guardduty'
-#        access_key: '<access_key>'
-#        secret_key: '<secret_key>'
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
deleted file mode 100644
index 5b557fea..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-#---
-#integrations:
-#  - name: 'slack'
-#    hook_url: '<hook_url>'
-#    rule_id: '80102'
-#    alert_format: 'json'
-#  - name: 'pagerduty'
-#    api_key: '<api_key>'
-#    alert_level: 10

From f36d8be92ef7850fd3474cede6acd2dd1952bd5b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 10:35:59 +0100
Subject: [PATCH 383/714] Fixing repo_v5 | skipped ocurrences. Updating to new
 format

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 7bfcc611..cbc981d5 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -21,7 +21,7 @@
     gpgcheck: true
   changed_when: false
   when:
-    - repo_v5_installed.skipped
+    - repo_v5_installed is skipped
     
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index fd614765..d64829a9 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -52,7 +52,7 @@
     gpgcheck: true
   changed_when: false
   when:
-    - repo_v5_manager_installed|skipped
+    - repo_v5_manager_installed is skipped
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present

From 0ce3590b6e84f5fa7703211a6038d50446c25dfe Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 12:48:38 +0100
Subject: [PATCH 384/714] Add "agent_name" var to "wazuh_agent_authd" vars

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index d7155415..22b1f26c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -12,6 +12,7 @@ wazuh_auto_restart: 'yes'
 wazuh_agent_authd:
   enable: false
   port: 1515
+  agent_name: null
   ssl_agent_ca: null
   ssl_agent_cert: null
   ssl_agent_key: null

From 5af556b72c4263e05fc405f5eedd7700aa4c14d4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 12:49:21 +0100
Subject: [PATCH 385/714] Update Wazuh Agent registration task with new
 "agent_name" var

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 37a8a8eb..4300576f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -51,7 +51,7 @@
     - name: Linux | Register agent (via authd)
       shell: >
         /var/ossec/bin/agent-auth
-        -A {{ agent_name }}
+        {% if wazuh_agent_authd.agent_name is not none %}-A {{ agent_name }} {% endif %}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
         {% if wazuh_agent_nat %}-I "any" {% endif %}

From e531427df05c3263f49d7914cb3aef99d5c9369e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 13:30:47 +0100
Subject: [PATCH 386/714] Fix syntax error on Register agent task

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 4300576f..88c0784b 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -51,7 +51,7 @@
     - name: Linux | Register agent (via authd)
       shell: >
         /var/ossec/bin/agent-auth
-        {% if wazuh_agent_authd.agent_name is not none %}-A {{ agent_name }} {% endif %}
+        {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
         {% if wazuh_agent_nat %}-I "any" {% endif %}

From b6ccd7020e78a192162f711ca3dc515d1fa38e4b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 14:25:11 +0100
Subject: [PATCH 387/714] Add notify to Agent registration tasks to explictly
 restart it

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 37a8a8eb..bc00e87e 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -63,6 +63,7 @@
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %}-a{% endif %}
       register: agent_auth_output
+      notify: restart wazuh-agent
       vars:
         agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
       when:
@@ -99,6 +100,7 @@
         user: "{{ wazuh_managers.0.api_user }}"
         password: "{{ api_pass }}"
       register: newagent_api
+      notify: restart wazuh-agent
       # changed_when: newagent_api.json.error == 0
       vars:
         agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"

From e52a5dba4fa308e1694f541d46947dc63f8faf31 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 14:44:33 +0100
Subject: [PATCH 388/714] Update windows register task to use new "agent_name"
 variable

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 8dff6274..2de09a8e 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -60,6 +60,7 @@
     {{ wazuh_agent_win_auth_path }}
     -m {{ wazuh_managers.0.address }}
     -p {{ wazuh_agent_authd.port }}
+    {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
     {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
   register: agent_auth_output
   notify: Windows | Restart Wazuh Agent

From 483a543c76fc6f6017237b2a15f59364c4bb51ef Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:14:30 +0100
Subject: [PATCH 389/714] Create variable to flexibility Wazuh App URL

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index ad639011..36367cea 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -7,6 +7,7 @@ kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.3.2
 wazuh_version: 3.10.2
+wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # Xpack Security
 kibana_xpack_security: false

From 5684805d5539b264669868b1013dd4854b208622 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:14:53 +0100
Subject: [PATCH 390/714] Update Kibana task to make use of "wazuh_app_url"

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 584becc7..622db80b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -98,7 +98,7 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:

From 0d95790a163895887ad3e2ca7a83e7e12b4f8f3b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:25:33 +0100
Subject: [PATCH 391/714] Update CHANGELOG.md

---
 CHANGELOG.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b434ff63..68c280a7 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,7 +3,11 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.xx.x_x.x.x]
 
-## Changed
+### Added
+
+- Wazuh Agent registration task now explicitly notify restart [@jm404](https://github.com/jm404) [#302](https://github.com/wazuh/wazuh-ansible/pull/302)
+
+### Changed
 
 - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
 

From e4f72e0ad3aa52052043ec45023bdd9a58d446dc Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:26:58 +0100
Subject: [PATCH 392/714] Update CHANGELOG.md

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b434ff63..39a086da 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,10 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.xx.x_x.x.x]
 
-## Changed
+### Changed
 
 - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
+- Wazuh App URL is now flexible [@jm404](https://github.com/jm404) [#304](https://github.com/wazuh/wazuh-ansible/pull/304)
 
 ## [v3.10.2_7.3.2]
 

From 9dcb8b424432f3a5d2ddd8c28645eb81929a8e4c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:36:36 +0100
Subject: [PATCH 393/714] Update CHANGELOG.md

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b434ff63..6bd805cb 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ All notable changes to this project will be documented in this file.
 
 - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
 
+### Fixed
+
+- Wazuh Agent registration using agent name has been fixed [@jm404](https://github.com/jm404) [#298](https://github.com/wazuh/wazuh-ansible/pull/298)
+
 ## [v3.10.2_7.3.2]
 
 ### Added

From c02885c2ad21abcd0b18e084e065986120726a71 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 11:48:31 +0100
Subject: [PATCH 394/714] Update conditional in Redhat/Debian installation

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 37a8a8eb..41cf60df 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -10,7 +10,7 @@
   async: 90
   poll: 30
   when:
-    - ansible_distribution in ['CentOS','RedHat']
+    - {{ ansible_os_family|lower == "redhat" }}
   tags:
     - init
 
@@ -20,7 +20,7 @@
     state: present
     cache_valid_time: 3600
   when:
-    - not (ansible_distribution in ['CentOS','RedHat'])
+    - {{ ansible_os_family|lower != "redhat" }}
   tags:
     - init
 

From 1593e7fdc243f8aa668459b1ee37df7d48636b25 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 11:51:22 +0100
Subject: [PATCH 395/714] Fix syntax errors on Wazuh Agent installation
 conditionals

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 41cf60df..3d9d04dc 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -10,7 +10,7 @@
   async: 90
   poll: 30
   when:
-    - {{ ansible_os_family|lower == "redhat" }}
+    - ansible_os_family|lower == "redhat"
   tags:
     - init
 
@@ -20,7 +20,7 @@
     state: present
     cache_valid_time: 3600
   when:
-    - {{ ansible_os_family|lower != "redhat" }}
+    - ansible_os_family|lower != "redhat"
   tags:
     - init
 

From 2ad7e03a7cbc8822c2a1fef8e5f6fad6a33a153c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:22:32 +0100
Subject: [PATCH 396/714] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b434ff63..ff30cea7 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file.
 ## Changed
 
 - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
+- Fix Wazuh repository and installation conditionals  [@jm404](https://github.com/jm404) [#299](https://github.com/wazuh/wazuh-ansible/pull/299)
 
 ## [v3.10.2_7.3.2]
 

From 5fb65306b7d09c462503749ab3f84b2b0d3635a5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:24:00 +0100
Subject: [PATCH 397/714] Update CHANGELOG.md

---
 CHANGELOG.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ff30cea7..1ddce2c9 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,12 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.xx.x_x.x.x]
 
-## Changed
+### Changed
 
 - Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
+
+### Fixed
+
 - Fix Wazuh repository and installation conditionals  [@jm404](https://github.com/jm404) [#299](https://github.com/wazuh/wazuh-ansible/pull/299)
 
 ## [v3.10.2_7.3.2]

From 27c332183d289ef70f0b7b5b9c3cd26c638a07fb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 16:51:41 +0100
Subject: [PATCH 398/714] Add Amazon conditonal to RHEL/Centos

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index cbc981d5..5c026a13 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -8,7 +8,7 @@
     gpgcheck: true
   changed_when: false
   when:
-    - (ansible_facts['os_family']|lower == 'redhat')
+    - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
   register: repo_v5_installed
 

From 11fe7e81ba57a28b691a70a6c82d47906f0d05a5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 5 Nov 2019 17:08:59 +0100
Subject: [PATCH 399/714] Fix trailing whitespaces for linting

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 5c026a13..8f3b8dbd 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -22,7 +22,7 @@
   changed_when: false
   when:
     - repo_v5_installed is skipped
-    
+
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
     url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm

From 1c2d6d41ec5652002dae9931efb6093fac460506 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 14:16:14 +0100
Subject: [PATCH 400/714] Update default variables for manager version and
 package state

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 1482a533..e5c56256 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,8 +1,8 @@
 ---
-wazuh_manager_api_version: 3.10.2
+wazuh_manager_version: 3.10.2-1
 
 wazuh_manager_fqdn: "wazuh-server"
-wazuh_manager_package_state: latest
+wazuh_manager_package_state: present
 
 wazuh_manager_config:
   repo:

From d64b107fbb7c892fa2ed11629f8c4fdb06f3b1b6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 14:16:36 +0100
Subject: [PATCH 401/714] Update tasks related to manager installation. Remove
 -1, update state

---
 .../ansible-wazuh-manager/tasks/main.yml      | 26 ++++++++++++-------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 97a9f4fa..b90909dc 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -14,20 +14,22 @@
   when: ansible_os_family == "Debian"
 
 - name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
-  package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }}
+  package: 
+    name: "{{ item }}-{{ wazuh_manager_version }}"
+    state: "{{ wazuh_manager_package_state }}"
   with_items:
     - wazuh-manager
     - wazuh-api
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-    - ansible_distribution in ['CentOS','RedHat', 'Amazon']
+    - ansible_os_family|lower == "redhat"
   tags:
     - init
 
 - name: Debian/Ubuntu | Install wazuh-manager, wazuh-api
   apt:
-    name: "{{ item }}={{ wazuh_manager_api_version }}-1"
+    name: "{{ item }}={{ wazuh_manager_version }}"
     state: present
     cache_valid_time: 3600
   with_items:
@@ -36,13 +38,15 @@
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-  - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'])
+  - not (ansible_os_family|lower == "redhat")
   tags: init
 
 - name: Install expect
-  package: pkg=expect state={{ wazuh_manager_package_state }}
+  package:
+    name: expect
+    state: "{{ wazuh_manager_package_state }}"
   when:
-    - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6)
+    - not (ansible_os_family|lower == "redhat" and ansible_distribution_major_version|int < 6)
   tags: init
 
 - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
@@ -54,15 +58,17 @@
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6
     - wazuh_manager_config.cluster.disable != 'yes'
 
-- name: Install wazuh-manager and expect (EL5)
-  package: pkg={{ item }} state={{ wazuh_manager_package_state }}
+- name: Install expect (EL5)
+  package: 
+    name: "{{ item }}"
+    state: "{{ wazuh_manager_package_state }}"
   with_items:
-    - wazuh-manager-{{ wazuh_manager_api_version }}
     - expect
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
-    - ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
+    - ansible_os_family|lower == "RedHat"
+    - ansible_distribution_major_version|int < 6
   tags:
     - init
 

From cc18318590e7e783ae16c7b7bb533b0630f268e4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 15:07:56 +0100
Subject: [PATCH 402/714] Fix trailing whitespaces for linting

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index b90909dc..bd0c9663 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -14,7 +14,7 @@
   when: ansible_os_family == "Debian"
 
 - name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
-  package: 
+  package:
     name: "{{ item }}-{{ wazuh_manager_version }}"
     state: "{{ wazuh_manager_package_state }}"
   with_items:
@@ -59,7 +59,7 @@
     - wazuh_manager_config.cluster.disable != 'yes'
 
 - name: Install expect (EL5)
-  package: 
+  package:
     name: "{{ item }}"
     state: "{{ wazuh_manager_package_state }}"
   with_items:

From 00f04dd4a46e5e23a4981e4c087d32a680f14162 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 15:18:49 +0100
Subject: [PATCH 403/714] Update wazuh_agent_version value

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 22b1f26c..dc2b366d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.10.2
+wazuh_agent_version: 3.10.2-1
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514

From 357a21bed3e72e933ed590aef1c3467ac103c03a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 15:19:07 +0100
Subject: [PATCH 404/714] Update Agent installation tasks to remove "-1" sufix

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 7230c7a6..949e5719 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -6,7 +6,9 @@
   when: ansible_os_family == "Debian"
 
 - name: Linux CentOS/RedHat | Install wazuh-agent
-  package: name=wazuh-agent-{{ wazuh_agent_version }}-1 state=present
+  package: 
+    name: wazuh-agent-{{ wazuh_agent_version }}
+    state: present
   async: 90
   poll: 30
   when:
@@ -16,7 +18,7 @@
 
 - name: Linux Debian | Install wazuh-agent
   apt:
-    name: "wazuh-agent={{ wazuh_agent_version }}-1"
+    name: "wazuh-agent={{ wazuh_agent_version }}"
     state: present
     cache_valid_time: 3600
   when:

From 0b62d85802b248916f3739ed9c53de577098f2b3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 15:30:46 +0100
Subject: [PATCH 405/714] Fix linting: trailing whitespace

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 949e5719..698f704f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -6,7 +6,7 @@
   when: ansible_os_family == "Debian"
 
 - name: Linux CentOS/RedHat | Install wazuh-agent
-  package: 
+  package:
     name: wazuh-agent-{{ wazuh_agent_version }}
     state: present
   async: 90

From c657ebd50e41a49c9e00a82a3a47a1de620029de Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 17:28:11 +0100
Subject: [PATCH 406/714] Change "openscap.disable" to no in default Wazuh
 Agent variables

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 22b1f26c..378a6689 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -218,7 +218,7 @@ wazuh_agent_config:
   rootcheck:
     frequency: 43200
   openscap:
-    disable: 'no'
+    disable: 'yes'
     timeout: 1800
     interval: '1d'
     scan_on_start: 'yes'

From ee7cf1a5984e7c2ad5f74d86824014efcf80da65 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 17:37:40 +0100
Subject: [PATCH 407/714] Change default repo.apt variable of Managers and
 Agents to include "deb"

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 22b1f26c..e87e3a6f 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -33,7 +33,7 @@ wazuh_winagent_config:
   md5: 71650780904cbfc2e45eae4298adb7a3 
 wazuh_agent_config:
   repo:
-    apt: 'https://packages.wazuh.com/3.x/apt/ stable main'
+    apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
   active_response:
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 1482a533..634d3758 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -6,7 +6,7 @@ wazuh_manager_package_state: latest
 
 wazuh_manager_config:
   repo:
-    apt: 'https://packages.wazuh.com/3.x/apt/ stable main'
+    apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
   json_output: 'yes'

From 154e10912a7fdf363ab7dd4f69dafaf79f0effd2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 Nov 2019 17:38:24 +0100
Subject: [PATCH 408/714] Include apt repository name in debian task. Remove
 explicit "deb"

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml   | 3 ++-
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index e2629069..1aa7a38e 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -29,7 +29,8 @@
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: "deb {{ wazuh_agent_config.repo.apt }}"
+    filename: wazuh_repo
+    repo: "{{ wazuh_agent_config.repo.apt }}"
     state: present
     update_cache: true
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 8bf97217..611aa3b6 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -31,7 +31,8 @@
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
-    repo: "deb {{ wazuh_manager_config.repo.apt }}"
+    filename: wazuh_repo
+    repo: "{{ wazuh_manager_config.repo.apt }}"
     state: present
     update_cache: true
   changed_when: false

From e1f88c84f2d76029c5a60e5a249bdf535b6b24d2 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Thu, 7 Nov 2019 17:41:16 +0100
Subject: [PATCH 409/714] Enable allow-root flag for kibana-plugin

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 622db80b..aba4060c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -98,14 +98,14 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: |
+    /usr/share/kibana/bin/kibana-plugin --allow-root install \
+    https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
-  become: yes
-  become_user: kibana
   notify: restart kibana
   tags:
     - install

From 63c5fcce08cbbb205bb9c66a3ed0ac88cb596d81 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 11 Nov 2019 11:32:44 +0100
Subject: [PATCH 410/714] Fix Wazuh-API User task conditionals. Removed
 exclusion of OS's

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index bd0c9663..2a14fb69 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -336,8 +336,6 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' or ansible_distribution == 'Amazon')
-    - ansible_distribution_major_version|int < 6
   tags:
     - config
 

From 75c6ee2ea9f716f7c58d9153954a6ee19e6dd966 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 11 Nov 2019 14:51:18 +0100
Subject: [PATCH 411/714] Update apt param format

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 611aa3b6..48f528cc 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -85,16 +85,15 @@
     - init
 
 - name: Debian/Ubuntu | Install OpenScap
-  package:
-    name: "{{ item }}"
+  apt:
+    name:
+      - libopenscap8
+      - xsltproc
     state: present
     cache_valid_time: 3600
   register: wazuh_manager_openscap_installed
   until: wazuh_manager_openscap_installed is succeeded
   when: wazuh_manager_config.openscap.disable == 'no'
-  with_items:
-    - libopenscap8
-    - xsltproc
   tags:
     - init
 

From 7316af3db1de1b0b8124a4ec59e65a29ac80ba1f Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 11 Nov 2019 15:02:09 +0100
Subject: [PATCH 412/714] Move OS dependent tasks to its own file

---
 .../ansible-wazuh-manager/tasks/Debian.yml    | 12 +++++
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 37 ++++++++++++++
 .../ansible-wazuh-manager/tasks/main.yml      | 51 -------------------
 3 files changed, 49 insertions(+), 51 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 48f528cc..1f5d6e96 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -112,3 +112,15 @@
   changed_when: false
   tags:
     - config
+
+- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api
+  apt:
+    name: "{{ item }}={{ wazuh_manager_version }}"
+    state: present
+    cache_valid_time: 3600
+  with_items:
+    - wazuh-manager
+    - wazuh-api
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
+  tags: init
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index d64829a9..c8e8a95a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -137,3 +137,40 @@
     cis_distribution_filename: cis_rhel7_linux_rcl.txt
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
+
+- name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
+  package:
+    name: "{{ item }}-{{ wazuh_manager_version }}"
+    state: "{{ wazuh_manager_package_state }}"
+  with_items:
+    - wazuh-manager
+    - wazuh-api
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
+  when:
+    - ansible_os_family|lower == "redhat"
+  tags:
+    - init
+
+- name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
+  replace:
+    path: /etc/init.d/wazuh-manager
+    regexp: 'echo -n "Starting Wazuh-manager: "'
+    replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
+  when:
+    - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6
+    - wazuh_manager_config.cluster.disable != 'yes'
+
+- name: Install expect (EL5)
+  package:
+    name: "{{ item }}"
+    state: "{{ wazuh_manager_package_state }}"
+  with_items:
+    - expect
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
+  when:
+    - ansible_os_family|lower == "RedHat"
+    - ansible_distribution_major_version|int < 6
+  tags:
+    - init
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 2a14fb69..e8734373 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -13,34 +13,6 @@
 - import_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
-- name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
-  package:
-    name: "{{ item }}-{{ wazuh_manager_version }}"
-    state: "{{ wazuh_manager_package_state }}"
-  with_items:
-    - wazuh-manager
-    - wazuh-api
-  register: wazuh_manager_main_packages_installed
-  until: wazuh_manager_main_packages_installed is succeeded
-  when:
-    - ansible_os_family|lower == "redhat"
-  tags:
-    - init
-
-- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api
-  apt:
-    name: "{{ item }}={{ wazuh_manager_version }}"
-    state: present
-    cache_valid_time: 3600
-  with_items:
-    - wazuh-manager
-    - wazuh-api
-  register: wazuh_manager_main_packages_installed
-  until: wazuh_manager_main_packages_installed is succeeded
-  when:
-  - not (ansible_os_family|lower == "redhat")
-  tags: init
-
 - name: Install expect
   package:
     name: expect
@@ -49,29 +21,6 @@
     - not (ansible_os_family|lower == "redhat" and ansible_distribution_major_version|int < 6)
   tags: init
 
-- name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
-  replace:
-    path: /etc/init.d/wazuh-manager
-    regexp: 'echo -n "Starting Wazuh-manager: "'
-    replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib'
-  when:
-    - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int == 6
-    - wazuh_manager_config.cluster.disable != 'yes'
-
-- name: Install expect (EL5)
-  package:
-    name: "{{ item }}"
-    state: "{{ wazuh_manager_package_state }}"
-  with_items:
-    - expect
-  register: wazuh_manager_main_packages_installed
-  until: wazuh_manager_main_packages_installed is succeeded
-  when:
-    - ansible_os_family|lower == "RedHat"
-    - ansible_distribution_major_version|int < 6
-  tags:
-    - init
-
 - name: Generate SSL files for authd
   command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{ wazuh_manager_fqdn }}/"
   args:

From ee6daa79d741c2e9bc78d67ef8de930bdab2af1e Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 11 Nov 2019 15:08:50 +0100
Subject: [PATCH 413/714] Disable APT recommends

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 1f5d6e96..a61b064d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -7,6 +7,7 @@
       - gnupg
     state: present
     cache_valid_time: 3600
+    install_recommends: false
   register: wazuh_manager_https_packages_installed
   until: wazuh_manager_https_packages_installed is succeeded
 
@@ -91,6 +92,7 @@
       - xsltproc
     state: present
     cache_valid_time: 3600
+    install_recommends: false
   register: wazuh_manager_openscap_installed
   until: wazuh_manager_openscap_installed is succeeded
   when: wazuh_manager_config.openscap.disable == 'no'
@@ -118,6 +120,7 @@
     name: "{{ item }}={{ wazuh_manager_version }}"
     state: present
     cache_valid_time: 3600
+    install_recommends: false
   with_items:
     - wazuh-manager
     - wazuh-api

From c1141b1e73c3bc118c11bce9ec674d6fbc32c0d7 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 11 Nov 2019 15:32:15 +0100
Subject: [PATCH 414/714] Remove deprecation warning

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index a61b064d..b7bc7946 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -117,13 +117,12 @@
 
 - name: Debian/Ubuntu | Install wazuh-manager, wazuh-api
   apt:
-    name: "{{ item }}={{ wazuh_manager_version }}"
+    name:
+      - "wazuh-manager={{ wazuh_manager_version }}"
+      - "wazuh-api={{ wazuh_manager_version }}"
     state: present
     cache_valid_time: 3600
     install_recommends: false
-  with_items:
-    - wazuh-manager
-    - wazuh-api
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   tags: init

From 249f6b666d95303d3e0f0c78bac20dd14dbd1240 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 11 Nov 2019 15:53:59 +0100
Subject: [PATCH 415/714] Use include_tasks to reduce unnecessary output

---
 roles/wazuh/ansible-filebeat/tasks/main.yml      | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 85bd17e1..ca5ea6ac 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -1,8 +1,8 @@
 ---
-- import_tasks: RedHat.yml
+- include_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
 
-- import_tasks: Debian.yml
+- include_tasks: Debian.yml
   when: ansible_os_family == 'Debian'
 
 - name: CentOS/RedHat |  Install Filebeat.
@@ -116,8 +116,8 @@
     state: started
     enabled: true
 
-- import_tasks: "RMRedHat.yml"
+- include_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 
-- import_tasks: "RMDebian.yml"
+- include_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index e8734373..ed4847aa 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -7,10 +7,10 @@
       - tar
     state: present
 
-- import_tasks: "RedHat.yml"
+- include_tasks: "RedHat.yml"
   when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
 
-- import_tasks: "Debian.yml"
+- include_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
 - name: Install expect
@@ -353,8 +353,8 @@
   when:
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
-- import_tasks: "RMRedHat.yml"
+- include_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
 
-- import_tasks: "RMDebian.yml"
+- include_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"

From 0384bf69117b740f890941a31dc775441f01d84d Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 11 Nov 2019 16:07:00 +0100
Subject: [PATCH 416/714] Switch agent to include_tasks

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 8 ++++----
 roles/wazuh/ansible-wazuh-agent/tasks/main.yml  | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 698f704f..2ef87f11 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -1,8 +1,8 @@
 ---
-- import_tasks: "RedHat.yml"
+- include_tasks: "RedHat.yml"
   when: ansible_os_family == "RedHat"
 
-- import_tasks: "Debian.yml"
+- include_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
 - name: Linux CentOS/RedHat | Install wazuh-agent
@@ -191,8 +191,8 @@
     state: started
   tags: config
 
-- import_tasks: "RMRedHat.yml"
+- include_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 
-- import_tasks: "RMDebian.yml"
+- include_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
index 4b919bc5..25c7b955 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
-- import_tasks: "Windows.yml"
+- include_tasks: "Windows.yml"
   when: ansible_os_family == "Windows"
 
-- import_tasks: "Linux.yml"
+- include_tasks: "Linux.yml"
   when: ansible_system == "Linux"

From 10ab6a30a627e57d5596c41019dc597feb58211e Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Mon, 11 Nov 2019 18:31:43 +0100
Subject: [PATCH 417/714] Bump elasticsearch version

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index bcd81183..7eb645c2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.3.2
+elastic_stack_version: 7.4.2
 elasticsearch_lower_disk_requirements: false
 
 # Cluster Settings
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 36367cea..526bfabf 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,7 +5,7 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.3.2
+elastic_stack_version: 7.4.2
 wazuh_version: 3.10.2
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index d38565d9..c5914664 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.3.2
+filebeat_version: 7.4.2
 
 filebeat_create_config: true
 

From 699cbccf7eac4a311889a6f49c14cd2ef455c23b Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Mon, 11 Nov 2019 18:31:43 +0100
Subject: [PATCH 418/714] Resolved conflicts

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 5 ++++-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index f365f66a..ceb3244b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,10 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.3.2
+elastic_stack_version: 7.4.2
+elasticsearch_lower_disk_requirements: false
+
+# Cluster Settings
 single_node: true
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index ad639011..92605c13 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,7 +5,7 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.3.2
+elastic_stack_version: 7.4.2
 wazuh_version: 3.10.2
 
 # Xpack Security
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index d38565d9..c5914664 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.3.2
+filebeat_version: 7.4.2
 
 filebeat_create_config: true
 

From ade8496dce289eba5ab2901bf11149dce4c365be Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Mon, 11 Nov 2019 18:31:43 +0100
Subject: [PATCH 419/714] Resolved conflicts

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 5 ++++-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 5 +++--
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index ca6dd06e..0015c25b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,10 @@ elasticsearch_node_name: node-1
 elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.3.2
+elastic_stack_version: 7.4.2
+elasticsearch_lower_disk_requirements: false
+
+# Cluster Settings
 single_node: true
 elasticsearch_bootstrap_node: false
 elasticsearch_master_candidate: false
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 06c2c6af..19b33876 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,9 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.3.2
-wazuh_version: 3.10.0
+elastic_stack_version: 7.4.2
+wazuh_version: 3.10.2
+wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # Xpack Security
 kibana_xpack_security: false
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 180308a6..d37cf5e6 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.3.2
+filebeat_version: 7.4.2
 
 filebeat_create_config: true
 

From fbd287984d49dfe4f531d6479db2c17959241637 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 14 Nov 2019 10:50:49 +0100
Subject: [PATCH 420/714] Set default user to "elastic" for the first API calls
 to ES

---
 roles/elastic-stack/ansible-elasticsearch/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
index aef459e2..d74a391b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml
@@ -123,7 +123,7 @@
 - name: Wait for Elasticsearch API
   uri:
     url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_cluster/health/"
-    user: "{{ elasticsearch_xpack_security_user }}"
+    user: "elastic" # Default Elasticsearch user is always "elastic"
     password: "{{ elasticsearch_xpack_security_password }}"
     validate_certs: no
     status_code: 200,401
@@ -141,7 +141,7 @@
     url: "https://{{ node_certs_generator_ip }}:{{ elasticsearch_http_port }}/_security/user/{{ item.key }}"
     method: POST
     body_format: json
-    user: "{{ elasticsearch_xpack_security_user }}"
+    user: "elastic"
     password: "{{ elasticsearch_xpack_security_password }}"
     body: '{ "password" : "{{ item.value["password"] }}", "roles" : {{ item.value["roles"] }} }'
     validate_certs: no

From 2b4a1407a5f804bd502391ad24a79fa786ff93bf Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 14 Nov 2019 19:11:28 +0100
Subject: [PATCH 421/714] Add variables for sources installation

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 4060e99c..e8e5c83c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -33,6 +33,8 @@ wazuh_winagent_config:
   md5: 71650780904cbfc2e45eae4298adb7a3 
 wazuh_agent_config:
   repo:
+    sources: false
+    sources_branch: "3.10"
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'

From 8e56076b9fc8e4200a4dadd5dfbf67943844ec5f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 14 Nov 2019 19:11:59 +0100
Subject: [PATCH 422/714] Add conditionals to disable repo installation and
 install from sources

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 7 +++++++
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 7 +++++++
 2 files changed, 14 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 1aa7a38e..cd7f3d77 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,4 +1,9 @@
 ---
+
+- include_tasks: "installation_from_sources"
+  when:
+    - wazuh_agent_config.repo.sources == "true"
+
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
     name:
@@ -33,6 +38,8 @@
     repo: "{{ wazuh_agent_config.repo.apt }}"
     state: present
     update_cache: true
+  when:
+    - wazuh_agent_config.repo.sources == "false"
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
   set_fact:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 8f3b8dbd..1aa909fa 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -1,4 +1,9 @@
 ---
+
+- include_tasks: "installation_from_sources"
+  when:
+    - wazuh_agent_config.repo.sources == "true"
+
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
     name: wazuh_repo
@@ -10,6 +15,7 @@
   when:
     - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
+    - wazuh_agent_config.repo.sources == "false"
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -22,6 +28,7 @@
   changed_when: false
   when:
     - repo_v5_installed is skipped
+    - wazuh_agent_config.repo.sources == "false"
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:

From a3f4ed74eaf8b7c87fa5a10db306c50f8a026f53 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 14 Nov 2019 19:12:22 +0100
Subject: [PATCH 423/714] Add installation_from_sources.yml tasks

---
 .../tasks/installation_from_sources.yml       | 59 +++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
new file mode 100644
index 00000000..f068353c
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -0,0 +1,59 @@
+---
+  - hosts: all
+    tasks:
+      - include_vars: ../defaults/main.yml
+      - name: Install dependencies to build Wazuh packages
+        package:
+          name:
+            - make
+            - gcc
+            - policycoreutils-python-utils
+            - automake
+            - autoconf
+            - libtool
+          state: present
+
+      - name: Download required packages from github.com/wazuh/wazuh
+        get_url:
+          url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_agent_config.repo.sources_branch }}.tar.gz"
+          dest: "/tmp/{{ wazuh_agent_config.repo.sources_branch }}.tar.gz"
+        delegate_to: "{{ inventory_hostname }}"
+      
+      - name: Extract downloaded Wazuh branch from Github
+        unarchive:
+          src: "/tmp/{{ wazuh_agent_config.repo.sources_branch }}.tar.gz"
+          dest: "/tmp/"
+          remote_src: yes
+
+      - name: Configure "preloaded_vars.conf" file 
+        copy:
+          dest: "/tmp/wazuh-{{ wazuh_agent_config.repo.sources_branch }}/etc/preloaded-vars.conf"
+          content: |
+            USER_LANGUAGE="en"
+            USER_NO_STOP="y"
+            USER_INSTALL_TYPE="agent"
+            USER_DIR="/var/ossec"
+            USER_ENABLE_SYSCHECK="y"
+            USER_ENABLE_ROOTCHECK="y"
+            USER_ENABLE_OPENSCAP="y"
+            USER_ENABLE_ACTIVE_RESPONSE="y"
+            USER_AGENT_SERVER_IP="{{ wazuh_managers.0.address }}" 
+            USER_CA_STORE="/var/ossec/wpk_root.pem" 
+            USER_ENABLE_SCA="y" 
+          force: yes
+
+      - name: Clean remaining files from others builds
+        command: "make -C src {{ item }}"
+        args:
+          chdir: "/tmp/wazuh-{{ wazuh_agent_config.repo.sources_branch }}/src/"
+        with_items:
+          - "clean"
+          - "clean-deps"
+        failed_when: false
+
+      - name: Executing "install.sh" script to build and install the Wazuh Agent
+        shell: ./install.sh
+        args:
+          chdir: "/tmp/wazuh-{{ wazuh_agent_config.repo.sources_branch }}"
+
+    become: yes

From df016d53c6173512f790cba1e95e8d7a6a1f81e2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 15 Nov 2019 16:39:12 +0100
Subject: [PATCH 424/714] Add variables for wazuh installation from sources

---
 .../ansible-wazuh-agent/defaults/main.yml     | 22 +++++++++++++++--
 .../ansible-wazuh-manager/defaults/main.yml   | 24 +++++++++++++++++++
 2 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index e8e5c83c..58db0f85 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,25 @@
 ---
 wazuh_agent_version: 3.10.2-1
+wazuh_sources_installation:
+  enabled: "true"
+  branch: "3.10"
+  user_language: "y"
+  user_no_stop: "y"
+  user_install_type: "agent"
+  user_dir: "/var/ossec"
+  user_delete_dir: "y"
+  user_enable_active_response: "y"
+  user_enable_syscheck: "y"
+  user_enable_rootcheck: "y"
+  user_enable_openscap: "y"
+  user_enable_authd: null
+  user_generate_authd_cert: null
+  user_update: null
+  user_binaryinstall: null
+  user_agent_server_ip: null
+  user_agent_server_name: null
+  user_agent_config_profile: null
+
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
@@ -33,8 +53,6 @@ wazuh_winagent_config:
   md5: 71650780904cbfc2e45eae4298adb7a3 
 wazuh_agent_config:
   repo:
-    sources: false
-    sources_branch: "3.10"
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index e66ccae5..924bd980 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -4,6 +4,30 @@ wazuh_manager_version: 3.10.2-1
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
+wazuh_sources_installation:
+  enabled: false
+  branch: "3.10"
+  user_language: "y"
+  user_no_stop: "y"
+  user_install_type: "manager"
+  user_dir: "/var/ossec"
+  user_delete_dir: "y"
+  user_enable_active_response: "y"
+  user_enable_syscheck: "y"
+  user_enable_rootcheck: "y"
+  user_enable_openscap: "y"
+  user_enable_authd: "y"
+  user_generate_authd_cert: "n"
+  user_update: null
+  user_binaryinstall: null
+  user_enable_email: null
+  user_auto_start: null
+  user_email_address: null
+  user_email_smpt: null
+  user_enable_syslog: null
+  user_white_list: null
+  user_ca_store: null
+
 wazuh_manager_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From 46b4d34695094e1066f8cebaf7e3a14e78938e4f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 15 Nov 2019 16:41:28 +0100
Subject: [PATCH 425/714] Update conditionals to use new variables

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml   |  4 ++--
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml    | 10 ++++++++--
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml   |  6 +++---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml |  6 ++++++
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml |  3 +++
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml   |  8 ++++++--
 6 files changed, 28 insertions(+), 9 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index cd7f3d77..5e2cfae6 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -2,7 +2,7 @@
 
 - include_tasks: "installation_from_sources"
   when:
-    - wazuh_agent_config.repo.sources == "true"
+    - wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
@@ -39,7 +39,7 @@
     state: present
     update_cache: true
   when:
-    - wazuh_agent_config.repo.sources == "false"
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
   set_fact:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 2ef87f11..3a745a20 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -13,6 +13,7 @@
   poll: 30
   when:
     - ansible_os_family|lower == "redhat"
+    - not wazuh_sources_installation.enabled
   tags:
     - init
 
@@ -23,6 +24,7 @@
     cache_valid_time: 3600
   when:
     - ansible_os_family|lower != "redhat"
+    - not wazuh_sources_installation.enabled
   tags:
     - init
 
@@ -192,7 +194,11 @@
   tags: config
 
 - include_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
+  when: 
+    - ansible_os_family == "RedHat"
+    - not wazuh_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
-  when: ansible_os_family == "Debian"
+  when: 
+    - ansible_os_family == "Debian"
+    - not wazuh_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 1aa909fa..a81ecea5 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -2,7 +2,7 @@
 
 - include_tasks: "installation_from_sources"
   when:
-    - wazuh_agent_config.repo.sources == "true"
+    - wazuh_sources_installation.enabled
 
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
@@ -15,7 +15,7 @@
   when:
     - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - wazuh_agent_config.repo.sources == "false"
+    - not wazuh_sources_installation.enabled
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -28,7 +28,7 @@
   changed_when: false
   when:
     - repo_v5_installed is skipped
-    - wazuh_agent_config.repo.sources == "false"
+    - not wazuh_sources_installation.enabled
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index b7bc7946..fc3a646f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -23,12 +23,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -37,6 +39,8 @@
     state: present
     update_cache: true
   changed_when: false
+  when:
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
   become: true
@@ -126,3 +130,5 @@
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   tags: init
+  when:
+    - not wazuh_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index c8e8a95a..2a76fb45 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -41,6 +41,7 @@
   when:
     - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
+    - not wazuh_sources_installation.enabled
   register: repo_v5_manager_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -53,6 +54,7 @@
   changed_when: false
   when:
     - repo_v5_manager_installed is skipped
+    - not wazuh_sources_installation.enabled
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present
@@ -149,6 +151,7 @@
   until: wazuh_manager_main_packages_installed is succeeded
   when:
     - ansible_os_family|lower == "redhat"
+    - not wazuh_sources_installation.enabled
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index ed4847aa..901ec050 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -354,7 +354,11 @@
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
 - include_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
+  when: 
+    - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
+    - not wazuh_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
-  when: ansible_os_family == "Debian"
+  when: 
+    - ansible_os_family == "Debian"
+    - not wazuh_sources_installation.enabled

From 8ecbeff501b403ba9c7bc611a4f89d46763219b3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 15 Nov 2019 16:42:27 +0100
Subject: [PATCH 426/714] Update installation_from_sources.yml. Added
 installation conditionals

---
 .../tasks/installation_from_sources.yml       | 54 ++++++++++---------
 1 file changed, 30 insertions(+), 24 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index f068353c..bdfc9676 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -7,53 +7,59 @@
           name:
             - make
             - gcc
-            - policycoreutils-python-utils
             - automake
             - autoconf
             - libtool
           state: present
 
+      - name: Installing policycoreutils-python (RedHat families)
+        package:
+          name:
+            - policycoreutils-python
+        when:
+          - ansible_os_family|lower == "redhat"
+
+      - name: Installing policycoreutils-python-utils (Debian families)
+        package:
+          name:
+            - libc6-dev
+            - curl
+            - policycoreutils
+        when:
+          - ansible_os_family|lower == "debian"
+
       - name: Download required packages from github.com/wazuh/wazuh
         get_url:
-          url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_agent_config.repo.sources_branch }}.tar.gz"
-          dest: "/tmp/{{ wazuh_agent_config.repo.sources_branch }}.tar.gz"
+          url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
+          dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
         delegate_to: "{{ inventory_hostname }}"
       
       - name: Extract downloaded Wazuh branch from Github
         unarchive:
-          src: "/tmp/{{ wazuh_agent_config.repo.sources_branch }}.tar.gz"
+          src: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
           dest: "/tmp/"
           remote_src: yes
 
-      - name: Configure "preloaded_vars.conf" file 
-        copy:
-          dest: "/tmp/wazuh-{{ wazuh_agent_config.repo.sources_branch }}/etc/preloaded-vars.conf"
-          content: |
-            USER_LANGUAGE="en"
-            USER_NO_STOP="y"
-            USER_INSTALL_TYPE="agent"
-            USER_DIR="/var/ossec"
-            USER_ENABLE_SYSCHECK="y"
-            USER_ENABLE_ROOTCHECK="y"
-            USER_ENABLE_OPENSCAP="y"
-            USER_ENABLE_ACTIVE_RESPONSE="y"
-            USER_AGENT_SERVER_IP="{{ wazuh_managers.0.address }}" 
-            USER_CA_STORE="/var/ossec/wpk_root.pem" 
-            USER_ENABLE_SCA="y" 
-          force: yes
-
       - name: Clean remaining files from others builds
         command: "make -C src {{ item }}"
         args:
-          chdir: "/tmp/wazuh-{{ wazuh_agent_config.repo.sources_branch }}/src/"
+          chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
         with_items:
           - "clean"
           - "clean-deps"
-        failed_when: false
+        failed_when: false          
+
+      - name: Render the "preloaded-vars.conf" file
+        template:
+          src: ../templates/preloaded_vars.conf.j2
+          dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+          owner: root
+          group: root
+          mode: '644'
 
       - name: Executing "install.sh" script to build and install the Wazuh Agent
         shell: ./install.sh
         args:
-          chdir: "/tmp/wazuh-{{ wazuh_agent_config.repo.sources_branch }}"
+          chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
 
     become: yes

From 6a0c92294e0f08644a538f4ebb68771d3d21c2db Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 15 Nov 2019 16:42:40 +0100
Subject: [PATCH 427/714] Implement template for preloaded_vars.conf

---
 .../ansible-wazuh-agent/templates/preloaded_vars.conf.j2   | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
new file mode 100644
index 00000000..f02252d1
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
@@ -0,0 +1,7 @@
+{% for key, value in wazuh_sources_installation.items() %}
+{% if "user_" in key %}
+{% if value is defined and value is not none %}
+{{ key|upper }}="{{ value }}"
+{% endif %}
+{% endif %}
+{% endfor %}
\ No newline at end of file

From b3a2fea6b94616726e2d6250915eb71b55fc1285 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 18 Nov 2019 16:04:00 +0100
Subject: [PATCH 428/714] UPdate wazuh-agent default settings related to
 sources_installation

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 58db0f85..886de1bb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -12,13 +12,15 @@ wazuh_sources_installation:
   user_enable_syscheck: "y"
   user_enable_rootcheck: "y"
   user_enable_openscap: "y"
-  user_enable_authd: null
-  user_generate_authd_cert: null
+  user_enable_sca: "y"
+  user_enable_authd: "y"
+  user_generate_authd_cert: "n"
   user_update: null
   user_binaryinstall: null
-  user_agent_server_ip: null
+  user_agent_server_ip: "172.16.1.2"
   user_agent_server_name: null
   user_agent_config_profile: null
+  user_ca_store: "/var/ossec/wpk_root.pem"
 
 wazuh_managers:
   - address: 127.0.0.1

From c1b331be79ef28cb4bb768d45879523009f9777a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 18 Nov 2019 16:04:13 +0100
Subject: [PATCH 429/714] Update Wazuh Manager default vars related to sources
 installation

---
 .../ansible-wazuh-manager/defaults/main.yml     | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 924bd980..9df70863 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,11 +5,11 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_sources_installation:
-  enabled: false
+  enabled: true
   branch: "3.10"
-  user_language: "y"
+  user_language: "en"
   user_no_stop: "y"
-  user_install_type: "manager"
+  user_install_type: "server"
   user_dir: "/var/ossec"
   user_delete_dir: "y"
   user_enable_active_response: "y"
@@ -17,16 +17,17 @@ wazuh_sources_installation:
   user_enable_rootcheck: "y"
   user_enable_openscap: "y"
   user_enable_authd: "y"
-  user_generate_authd_cert: "n"
+  user_generate_authd_cert: null
   user_update: null
   user_binaryinstall: null
-  user_enable_email: null
-  user_auto_start: null
+  user_enable_email: "n"
+  user_auto_start: "y"
   user_email_address: null
   user_email_smpt: null
-  user_enable_syslog: null
-  user_white_list: null
+  user_enable_syslog: "n"
+  user_white_list: "n"
   user_ca_store: null
+  threads: "2"
 
 wazuh_manager_config:
   repo:

From 9258026c49400e23f2c7247ac6dd89ef57331752 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:08:42 +0100
Subject: [PATCH 430/714] Update installation_from_sources.yml to pass linting

---
 .../tasks/installation_from_sources.yml         | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index bdfc9676..d45c4219 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -33,7 +33,7 @@
           url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
           dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
         delegate_to: "{{ inventory_hostname }}"
-      
+
       - name: Extract downloaded Wazuh branch from Github
         unarchive:
           src: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
@@ -47,19 +47,22 @@
         with_items:
           - "clean"
           - "clean-deps"
-        failed_when: false          
+        register: clean_result
+        changed_when: clean_result.rc == 0
+        failed_when: false
 
       - name: Render the "preloaded-vars.conf" file
         template:
-          src: ../templates/preloaded_vars.conf.j2
+          src: /templates/preloaded_vars.conf.j2
           dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
           owner: root
           group: root
           mode: '644'
 
-      - name: Executing "install.sh" script to build and install the Wazuh Agent
-        shell: ./install.sh
+      - name: Executing "install.sh" script to build and install the Wazuh Manager
+        shell: ./install.sh > /tmp/build_log.txt
+        register: installation_result
+        changed_when: installation_result == 0
         args:
           chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
-
-    become: yes
+    become: yes
\ No newline at end of file

From b467a9e5c77278c2a66601fc8d7116019baf91ee Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:09:10 +0100
Subject: [PATCH 431/714] Fix linting for "Linux.yml" tasks in Wazuh Agent

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 3a745a20..5cd95ff4 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -194,11 +194,11 @@
   tags: config
 
 - include_tasks: "RMRedHat.yml"
-  when: 
+  when:
     - ansible_os_family == "RedHat"
     - not wazuh_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
-  when: 
+  when:
     - ansible_os_family == "Debian"
     - not wazuh_sources_installation.enabled

From cbc5de68acb955441358ad33b4f2144770f83489 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:09:56 +0100
Subject: [PATCH 432/714] Set "delete_dir" and "enable_active_response" to null
 in manager default

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 9df70863..ab652cc2 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -11,8 +11,8 @@ wazuh_sources_installation:
   user_no_stop: "y"
   user_install_type: "server"
   user_dir: "/var/ossec"
-  user_delete_dir: "y"
-  user_enable_active_response: "y"
+  user_delete_dir: null
+  user_enable_active_response: null
   user_enable_syscheck: "y"
   user_enable_rootcheck: "y"
   user_enable_openscap: "y"

From 95ee10d7a71da6e6dfa65d9973069b500a119577 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:10:32 +0100
Subject: [PATCH 433/714] Add import of "installation_from_sources" for Debian
 and RHEL families

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 4 ++++
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index fc3a646f..4aa7b045 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,4 +1,8 @@
 ---
+- include_tasks: "installation_from_sources"
+  when:
+    - wazuh_sources_installation.enabled
+
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
     name:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 2a76fb45..ae7be9d9 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,4 +1,8 @@
 ---
+- include_tasks: "../roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml"
+  when:
+    - wazuh_sources_installation.enabled
+
 - name: RedHat/CentOS | Install Nodejs repo
   yum_repository:
     name: NodeJS

From d3d0edc291a5c1f13a3ee2f85bf6e3d5b17d39a6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:12:03 +0100
Subject: [PATCH 434/714] Add tasks to install from sources to Wazuh Manager

---
 .../tasks/installation_from_sources.yml       | 70 +++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
new file mode 100644
index 00000000..85920f40
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -0,0 +1,70 @@
+---
+
+# Wazuh Manager
+  - name: Install dependencies to build Wazuh packages
+    package:
+      name:
+        - make
+        - gcc
+        - automake
+        - autoconf
+        - libtool
+      state: present
+
+  - name: Installing policycoreutils-python (RedHat families)
+    package:
+      name:
+        - policycoreutils-python
+    when:
+      - ansible_os_family|lower == "redhat"
+
+  - name: Installing policycoreutils-python-utils (Debian families)
+    package:
+      name:
+        - libc6-dev
+        - curl
+        - policycoreutils
+    when:
+      - ansible_os_family|lower == "debian"
+
+  - name: Download required packages from github.com/wazuh/wazuh
+    get_url:
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+    delegate_to: "{{ inventory_hostname }}"
+
+  - name: Extract downloaded Wazuh branch from Github
+    unarchive:
+      src: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/"
+      remote_src: yes
+
+  - name: Clean remaining files from others builds
+    command: "make -C src {{ item }}"
+    args:
+      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
+    with_items:
+      - "clean"
+      - "clean-deps"
+    register: clean_result
+    changed_when: clean_result.rc == 0
+    failed_when: false
+
+  - name: Render the "preloaded-vars.conf" file
+    template:
+      src: "templates/preloaded_vars.conf.j2"
+      dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+      owner: root
+      group: root
+      mode: '644'
+
+  - name: Executing "install.sh" script to build and install the Wazuh Manager
+    shell: ./install.sh > /tmp/build_log.txt
+    register: installation_result
+    changed_when: installation_result == 0
+    args:
+      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+
+# Wazuh API
+
+  - name: 
\ No newline at end of file

From cc9f28719cf035bbdce83b838a79d1db6cd99da3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:12:11 +0100
Subject: [PATCH 435/714] Fix linting

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 901ec050..f2fc55db 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -354,11 +354,11 @@
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
 - include_tasks: "RMRedHat.yml"
-  when: 
+  when:
     - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
     - not wazuh_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
-  when: 
+  when:
     - ansible_os_family == "Debian"
     - not wazuh_sources_installation.enabled

From 9e4544ae424ae300165ee0496234234deca8b2e2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:12:36 +0100
Subject: [PATCH 436/714] Add template to configure "preloaded_vars"  in Wazuh
 Manager role

---
 .../ansible-wazuh-manager/templates/preloaded_vars.conf.j2 | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
new file mode 100644
index 00000000..f02252d1
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
@@ -0,0 +1,7 @@
+{% for key, value in wazuh_sources_installation.items() %}
+{% if "user_" in key %}
+{% if value is defined and value is not none %}
+{{ key|upper }}="{{ value }}"
+{% endif %}
+{% endif %}
+{% endfor %}
\ No newline at end of file

From a90b241fb0652638e59c205cba07b62f48db820d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 12:19:32 +0100
Subject: [PATCH 437/714] Remove deprecated API installation tasks

---
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 25 +------------------
 1 file changed, 1 insertion(+), 24 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index c8e8a95a..0f4cf567 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,34 +1,11 @@
 ---
-- name: RedHat/CentOS | Install Nodejs repo
-  yum_repository:
-    name: NodeJS
-    description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
-    gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: true
-  changed_when: false
-  when:
-    - ansible_distribution_major_version|int > 5
-
-- name: Fedora | Install Nodejs repo
-  yum_repository:
-    name: NodeJS
-    description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
-    gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: true
-  when: ansible_distribution == 'Fedora'
-
-- name: AmazonLinux | Get Nodejs
+- name: Install Wazuh API repository
   shell: |
     set -o pipefail
     curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
   args:
     warn: false
     executable: /bin/bash
-    creates: /etc/yum.repos.d/nodesource-el7.repo
-  when:
-    - ansible_distribution|lower == "amazon"
 
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:

From 89557bdaddcc877e31c4ae874db3c081ef89426c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 19 Nov 2019 14:49:39 +0100
Subject: [PATCH 438/714] Update alerts template for Elasticsearch

---
 roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
index 5387bf8c..444cef06 100644
--- a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
@@ -162,7 +162,6 @@
       "data.dstip",
       "data.dstport",
       "data.dstuser",
-      "data.extra_data",
       "data.hardware.serial",
       "data.id",
       "data.integration",
@@ -944,9 +943,6 @@
           "data": {
             "type": "keyword"
           },
-          "extra_data": {
-            "type": "keyword"
-          },
           "system_name": {
             "type": "keyword"
           },

From 219b35c2ef4a97bda98f3aca68857e8b72669045 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 14:58:44 +0100
Subject: [PATCH 439/714] Add API installation tasks to
 installation_from_sources.yml

---
 .../tasks/installation_from_sources.yml       | 40 ++++++++++++++++---
 1 file changed, 34 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 85920f40..cb12739e 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -1,5 +1,4 @@
 ---
-
 # Wazuh Manager
   - name: Install dependencies to build Wazuh packages
     package:
@@ -9,6 +8,7 @@
         - automake
         - autoconf
         - libtool
+        - tar
       state: present
 
   - name: Installing policycoreutils-python (RedHat families)
@@ -33,11 +33,15 @@
       dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
     delegate_to: "{{ inventory_hostname }}"
 
+  - name: Create folder to extract Wazuh branch
+    file:
+      path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      state: directory
+
   - name: Extract downloaded Wazuh branch from Github
-    unarchive:
-      src: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/"
-      remote_src: yes
+    shell: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    args:
+      warn: false
 
   - name: Clean remaining files from others builds
     command: "make -C src {{ item }}"
@@ -67,4 +71,28 @@
 
 # Wazuh API
 
-  - name: 
\ No newline at end of file
+  - name: Download script to install Nodejs repository
+    get_url:
+      url: "{{ node_js_repository_url }}"
+      dest: "/tmp/setup_nodejs_repo.sh"
+      mode: "0700"
+
+  - name: Execute downloaded script to install Nodejs repo
+    shell: /tmp/setup_nodejs_repo.sh
+    
+  - name: Install Nodejs
+    package:
+      name: nodejs
+      state: present
+    
+  - name: Run NPM under root account
+    shell: npm config set user 0
+
+  - name: Download the installation script to install Wazuh API
+    get_url:
+      url: "https://raw.githubusercontent.com/wazuh/wazuh-api/v{{ wazuh_manager_version[:-2] }}/install_api.sh"
+      dest: "/tmp/install_api.sh"
+      mode: "0700"
+
+  - name: Execute Wazuh API installation script
+    shell: /tmp/install_api.sh download

From 35d35b5059cecb430b8f60bc01122dabc4f05829 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 14:59:38 +0100
Subject: [PATCH 440/714] Update tasks that download the Wazuh branch and
 extract it.

---
 .../tasks/installation_from_sources.yml       | 123 +++++++++---------
 1 file changed, 62 insertions(+), 61 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index d45c4219..7b259b98 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -1,68 +1,69 @@
----
-  - hosts: all
-    tasks:
-      - include_vars: ../defaults/main.yml
-      - name: Install dependencies to build Wazuh packages
-        package:
-          name:
-            - make
-            - gcc
-            - automake
-            - autoconf
-            - libtool
-          state: present
+---  
+  - name: Install dependencies to build Wazuh packages
+    package:
+      name:
+        - make
+        - gcc
+        - automake
+        - autoconf
+        - libtool
+        - tar
+      state: present
 
-      - name: Installing policycoreutils-python (RedHat families)
-        package:
-          name:
-            - policycoreutils-python
-        when:
-          - ansible_os_family|lower == "redhat"
+  - name: Installing policycoreutils-python (RedHat families)
+    package:
+      name:
+        - policycoreutils-python
+    when:
+      - ansible_os_family|lower == "redhat"
 
-      - name: Installing policycoreutils-python-utils (Debian families)
-        package:
-          name:
-            - libc6-dev
-            - curl
-            - policycoreutils
-        when:
-          - ansible_os_family|lower == "debian"
+  - name: Installing policycoreutils-python-utils (Debian families)
+    package:
+      name:
+        - libc6-dev
+        - curl
+        - policycoreutils
+    when:
+      - ansible_os_family|lower == "debian"
 
-      - name: Download required packages from github.com/wazuh/wazuh
-        get_url:
-          url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
-          dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
-        delegate_to: "{{ inventory_hostname }}"
+  - name: Download required packages from github.com/wazuh/wazuh
+    get_url:
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+    delegate_to: "{{ inventory_hostname }}"
 
-      - name: Extract downloaded Wazuh branch from Github
-        unarchive:
-          src: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
-          dest: "/tmp/"
-          remote_src: yes
+  - name: Create folder to extract Wazuh branch
+    file:
+      path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      state: directory
 
-      - name: Clean remaining files from others builds
-        command: "make -C src {{ item }}"
-        args:
-          chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
-        with_items:
-          - "clean"
-          - "clean-deps"
-        register: clean_result
-        changed_when: clean_result.rc == 0
-        failed_when: false
+  - name: Extract downloaded Wazuh branch from Github
+    shell: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    args:
+      warn: false
 
-      - name: Render the "preloaded-vars.conf" file
-        template:
-          src: /templates/preloaded_vars.conf.j2
-          dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
-          owner: root
-          group: root
-          mode: '644'
+  - name: Clean remaining files from others builds
+    command: "make -C src {{ item }}"
+    args:
+      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
+    with_items:
+      - "clean"
+      - "clean-deps"
+    register: clean_result
+    changed_when: clean_result.rc == 0
+    failed_when: false
 
-      - name: Executing "install.sh" script to build and install the Wazuh Manager
-        shell: ./install.sh > /tmp/build_log.txt
-        register: installation_result
-        changed_when: installation_result == 0
-        args:
-          chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
-    become: yes
\ No newline at end of file
+  - name: Render the "preloaded-vars.conf" file
+    template:
+      src: "templates/preloaded_vars.conf.j2"
+      dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+      owner: root
+      group: root
+      mode: '644'
+
+  - name: Executing "install.sh" script to build and install the Wazuh Manager
+    shell: ./install.sh > /tmp/build_log.txt
+    register: installation_result
+    changed_when: installation_result == 0
+    args:
+      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
\ No newline at end of file

From 9b6fd47e3a0b08212ee14dcd0acfea060a01808d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 15:00:50 +0100
Subject: [PATCH 441/714] Add conditional to don't install Node repo when
 installing from sources

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 4aa7b045..6e488cc5 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -58,12 +58,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
+    - not wazuh_sources_installation.enabled    
 
 - name: Debian/Ubuntu | Installing NodeJS repository key
   apt_key:
     url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
+    - not wazuh_sources_installation.enabled    
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
@@ -71,6 +73,8 @@
     state: present
     update_cache: true
   changed_when: false
+  when:
+    - not wazuh_sources_installation.enabled    
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:

From d9cb1a24dd72aa7b576ceb42450a6397324b0181 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 15:02:18 +0100
Subject: [PATCH 442/714] Implement "node_js_repository_url" variable

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ab652cc2..2e82056c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -351,3 +351,5 @@ wazuh_agent_configs:
         format: 'eventchannel'
       - location: 'System'
         format: 'eventlog'
+
+node_js_repository_url: https://rpm.nodesource.com/setup_8.x
\ No newline at end of file

From be1b60471e8b53a4360eb097207abddd942b0dc1 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 15:05:59 +0100
Subject: [PATCH 443/714] Change Wazuh APP installation to do it as kibana user

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index aba4060c..efde790c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -98,14 +98,13 @@
   tags: install
 
 - name: Install Wazuh-APP (can take a while)
-  shell: |
-    /usr/share/kibana/bin/kibana-plugin --allow-root install \
-    https://packages.wazuh.com/wazuhapp/wazuhapp-{{ wazuh_version }}_{{ elastic_stack_version }}.zip
+  shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
     executable: /bin/bash
-    creates: /usr/share/kibana/plugins/wazuh/package.json
+  become: yes
+  become_user: kibana
   notify: restart kibana
   tags:
     - install

From 4dd780504b0669d6aa7d77fea5711cf58c312b9d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 20 Nov 2019 16:33:14 +0100
Subject: [PATCH 444/714] Adapt NodeJS installation tasks in Debian

---
 .../ansible-wazuh-manager/tasks/Debian.yml    | 24 +++++++------------
 1 file changed, 8 insertions(+), 16 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index b7bc7946..af33e4ba 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -38,31 +38,23 @@
     update_cache: true
   changed_when: false
 
-- name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
+- name: Debian/Ubuntu | Installing NodeJS repository
   become: true
   shell: |
     set -o pipefail
-    curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
+    curl -sL https://deb.nodesource.com/setup_8.x | bash -
   args:
     warn: false
     executable: /bin/bash
   changed_when: false
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
 
-- name: Debian/Ubuntu | Installing NodeJS repository key
-  apt_key:
-    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
-  when:
-    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-
-- name: Debian/Ubuntu | Add NodeSource repositories for Node.js
-  apt_repository:
-    repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
+- name: Debian/Ubuntu | Install NodeJS
+  apt:
+    name: "nodejs"
     state: present
-    update_cache: true
-  changed_when: false
+  register: nodejs_package_is_installed
+  until: nodejs_package_is_installed is succeeded
+  tags: init
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:

From 2c9b18de72be4986affbffd96803b1aae4e66ac7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:36:56 +0100
Subject: [PATCH 445/714] Update ("user_update" and "branch") variables.

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 4 ++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 886de1bb..e7126e0a 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -2,7 +2,7 @@
 wazuh_agent_version: 3.10.2-1
 wazuh_sources_installation:
   enabled: "true"
-  branch: "3.10"
+  branch: "v3.10.2"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -15,7 +15,7 @@ wazuh_sources_installation:
   user_enable_sca: "y"
   user_enable_authd: "y"
   user_generate_authd_cert: "n"
-  user_update: null
+  user_update: "y"
   user_binaryinstall: null
   user_agent_server_ip: "172.16.1.2"
   user_agent_server_name: null
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 2e82056c..68948ae4 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -6,7 +6,7 @@ wazuh_manager_package_state: present
 
 wazuh_sources_installation:
   enabled: true
-  branch: "3.10"
+  branch: "v3.10.2"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -18,7 +18,7 @@ wazuh_sources_installation:
   user_enable_openscap: "y"
   user_enable_authd: "y"
   user_generate_authd_cert: null
-  user_update: null
+  user_update: "y"
   user_binaryinstall: null
   user_enable_email: "n"
   user_auto_start: "y"

From 0329441817c2c8604f337700d157c77d35c3f6a4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:37:27 +0100
Subject: [PATCH 446/714] Update tasks and conditioinals for Agent
 installations in Debian families

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 5e2cfae6..87112798 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,6 +1,6 @@
 ---
 
-- include_tasks: "installation_from_sources"
+- include_tasks: "../roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml"
   when:
     - wazuh_sources_installation.enabled
 
@@ -25,6 +25,7 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
+    - not wazuh_sources_installation.enabled    
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:

From a6d614610e53d86e6cc9a451493b3847694891fc Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:37:49 +0100
Subject: [PATCH 447/714] Format updates for "installation_from_sources.yml"

---
 .../ansible-wazuh-agent/tasks/installation_from_sources.yml  | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 7b259b98..053b4ea6 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -1,4 +1,5 @@
----  
+---
+  
   - name: Install dependencies to build Wazuh packages
     package:
       name:
@@ -61,7 +62,7 @@
       group: root
       mode: '644'
 
-  - name: Executing "install.sh" script to build and install the Wazuh Manager
+  - name: Executing "install.sh" script to build and install the Wazuh Agent
     shell: ./install.sh > /tmp/build_log.txt
     register: installation_result
     changed_when: installation_result == 0

From c5f2893a0b6bb81a74eb4c14d320e50b826656ea Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:38:02 +0100
Subject: [PATCH 448/714] Update tasks path in "Redhat.yml"

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index a81ecea5..36984115 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -1,6 +1,6 @@
 ---
 
-- include_tasks: "installation_from_sources"
+- include_tasks: "../roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml"
   when:
     - wazuh_sources_installation.enabled
 

From 841fe3d28d559ee47cf4f93f23cea0e4d6aa44ca Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:39:57 +0100
Subject: [PATCH 449/714] Remove testing address  in "user_agent_server_ip"

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index e7126e0a..b4bed923 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -17,7 +17,7 @@ wazuh_sources_installation:
   user_generate_authd_cert: "n"
   user_update: "y"
   user_binaryinstall: null
-  user_agent_server_ip: "172.16.1.2"
+  user_agent_server_ip: "YOUR_MANAGER_IP"
   user_agent_server_name: null
   user_agent_config_profile: null
   user_ca_store: "/var/ossec/wpk_root.pem"

From da7cfa60b130725f64a6f063f11769a3f4e1a16d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:49:11 +0100
Subject: [PATCH 450/714] Restore "creates" setting in Wazuh Kibana plugin
 installation

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index efde790c..622db80b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -103,6 +103,7 @@
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
     executable: /bin/bash
+    creates: /usr/share/kibana/plugins/wazuh/package.json
   become: yes
   become_user: kibana
   notify: restart kibana

From e0038118e1ffb2a02ee39d733cff0c26138e5afe Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 16:49:11 +0100
Subject: [PATCH 451/714] Restore "creates" setting in Wazuh Kibana plugin
 installation

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index efde790c..622db80b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -103,6 +103,7 @@
     NODE_OPTIONS: "--max-old-space-size=3072"
   args:
     executable: /bin/bash
+    creates: /usr/share/kibana/plugins/wazuh/package.json
   become: yes
   become_user: kibana
   notify: restart kibana

From 571abfbb2c7d7152df44574db890e23e4a208dea Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 19:00:53 +0100
Subject: [PATCH 452/714] Update untar task to pass linting, added comment

---
 .../tasks/installation_from_sources.yml                    | 7 ++++---
 .../tasks/installation_from_sources.yml                    | 6 ++++--
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 053b4ea6..381f9c67 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -1,5 +1,4 @@
 ---
-  
   - name: Install dependencies to build Wazuh packages
     package:
       name:
@@ -38,8 +37,10 @@
       path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
       state: directory
 
-  - name: Extract downloaded Wazuh branch from Github
-    shell: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+  - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
+    command: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    register: wazuh_untar
+    changed_when: wazuh_untar.rc ==0
     args:
       warn: false
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index cb12739e..65e06e24 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -38,8 +38,10 @@
       path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
       state: directory
 
-  - name: Extract downloaded Wazuh branch from Github
-    shell: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+  - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
+    command: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    register: wazuh_untar
+    changed_when: wazuh_untar.rc ==0
     args:
       warn: false
 

From 9d62860ea1644656db5c949e2c46f152f87e83c1 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 19:06:48 +0100
Subject: [PATCH 453/714] Update "installation_from_sources" to fix linting
 errors

---
 .../tasks/installation_from_sources.yml          | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 65e06e24..1ecfd7c8 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -80,15 +80,19 @@
       mode: "0700"
 
   - name: Execute downloaded script to install Nodejs repo
-    shell: /tmp/setup_nodejs_repo.sh
-    
+    command: /tmp/setup_nodejs_repo.sh
+    register: node_repo_installation_result
+    changed_when: node_repo_installation_result.rc == 0
+
   - name: Install Nodejs
     package:
       name: nodejs
       state: present
-    
+
   - name: Run NPM under root account
-    shell: npm config set user 0
+    command: npm config set user 0
+    register: allow_root_npm
+    changed_when: allow_root_npm.rc == 0
 
   - name: Download the installation script to install Wazuh API
     get_url:
@@ -97,4 +101,6 @@
       mode: "0700"
 
   - name: Execute Wazuh API installation script
-    shell: /tmp/install_api.sh download
+    command: /tmp/install_api.sh download
+    register: install_api
+    changed_when: install_api.rc == 0

From e3ecb74ca87f7f4e561da8fe7e19a96677220b3d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 19:09:40 +0100
Subject: [PATCH 454/714] Move "installation_from_sources" include to Linux.yml

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 7 +------
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml  | 4 ++++
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 5 -----
 3 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 87112798..81062d80 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -1,9 +1,4 @@
 ---
-
-- include_tasks: "../roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml"
-  when:
-    - wazuh_sources_installation.enabled
-
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
     name:
@@ -25,7 +20,7 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled    
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 5cd95ff4..0c1f8e5f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -1,4 +1,8 @@
 ---
+- include_tasks: "../roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml"
+  when:
+    - wazuh_sources_installation.enabled
+
 - include_tasks: "RedHat.yml"
   when: ansible_os_family == "RedHat"
 
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 36984115..13b1b3e8 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -1,9 +1,4 @@
 ---
-
-- include_tasks: "../roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml"
-  when:
-    - wazuh_sources_installation.enabled
-
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
     name: wazuh_repo

From c64d331e7f99a8cac94058f778a7320479aeeac6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 20 Nov 2019 19:16:44 +0100
Subject: [PATCH 455/714] Fix include_tasks for "installation_from_sources.yml"

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml    | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 0c1f8e5f..e258fa1f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -1,5 +1,5 @@
 ---
-- include_tasks: "../roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml"
+- include_tasks: "../tasks/installation_from_sources.yml"
   when:
     - wazuh_sources_installation.enabled
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 6e488cc5..3bd2c541 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,5 +1,5 @@
 ---
-- include_tasks: "installation_from_sources"
+- include_tasks: "installation_from_sources.yml"
   when:
     - wazuh_sources_installation.enabled
 
@@ -58,14 +58,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled    
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing NodeJS repository key
   apt_key:
     url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_sources_installation.enabled    
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
@@ -74,7 +74,7 @@
     update_cache: true
   changed_when: false
   when:
-    - not wazuh_sources_installation.enabled    
+    - not wazuh_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index ae7be9d9..ed681344 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,5 +1,5 @@
 ---
-- include_tasks: "../roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml"
+- include_tasks: "../tasks/installation_from_sources.yml"
   when:
     - wazuh_sources_installation.enabled
 

From 3c70bc5b2a1e7505971090867378f72fa9219249 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 21 Nov 2019 13:13:36 +0100
Subject: [PATCH 456/714] Update NodJS installation tasks

---
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 42 +++++++++----------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index c8e8a95a..5503a10c 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,25 +1,5 @@
 ---
-- name: RedHat/CentOS | Install Nodejs repo
-  yum_repository:
-    name: NodeJS
-    description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
-    gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: true
-  changed_when: false
-  when:
-    - ansible_distribution_major_version|int > 5
-
-- name: Fedora | Install Nodejs repo
-  yum_repository:
-    name: NodeJS
-    description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
-    gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: true
-  when: ansible_distribution == 'Fedora'
-
-- name: AmazonLinux | Get Nodejs
+- name: Centos | Get Nodejs
   shell: |
     set -o pipefail
     curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
@@ -27,8 +7,28 @@
     warn: false
     executable: /bin/bash
     creates: /etc/yum.repos.d/nodesource-el7.repo
+  when:
+    - ansible_distribution_major_version|int > 5
+
+- name: AmazonLinux/Fedora| Get Nodejs
+  shell: |
+    set -o pipefail
+    curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
+  args:
+    warn: false
+    executable: /bin/bash
   when:
     - ansible_distribution|lower == "amazon"
+    - ansible_distribution == 'Fedora'
+
+- name: CentOS/RedHat/Amazon/Fedora | Install NodeJS
+  package:
+    name: "nodejs"
+    state: present
+  register: nodejs_is_installed
+  until: nodejs_is_installed is succeeded
+  tags:
+    - init
 
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:

From 320b3732404cced74dceed93f0d57e4d1e835610 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 13:28:46 +0100
Subject: [PATCH 457/714] Add default variables to build Wazuh Kibana Plugin

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 526bfabf..f6ac7023 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -23,3 +23,10 @@ node_certs_destination: /etc/kibana/certs
 master_certs_path: /es_certs
 generate_CA: true
 ca_cert_name: ""
+
+# Nodejs
+node_js_repository_url: https://rpm.nodesource.com/setup_8.x
+
+# Build from sources
+build_from_sources: true
+wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file

From 2f8da1b7c508f88c13dcf1ccc9760dd9c90a6fd3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 13:29:03 +0100
Subject: [PATCH 458/714] Add "build_wazuh_plugin.yml" tasks

---
 .../tasks/build_wazuh_plugin.yml              | 76 +++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
new file mode 100644
index 00000000..494bc8f0
--- /dev/null
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -0,0 +1,76 @@
+---
+
+  - name: Ensure the Git package is present
+    package:
+      name: git
+      state: present
+
+  - name: Download script to install Nodejs repository
+    get_url:
+      url: "{{ node_js_repository_url }}"
+      dest: "/tmp/setup_nodejs_repo.sh"
+      mode: "0700"
+
+  - name: Execute downloaded script to install Nodejs repo
+    command: /tmp/setup_nodejs_repo.sh
+    register: node_repo_installation_result
+    changed_when: node_repo_installation_result.rc == 0
+
+  - name: Install Nodejs
+    package:
+      name: nodejs
+      state: present
+
+  - name: Run NPM under root account
+    command: npm config set user 0
+    register: allow_root_npm
+    changed_when: allow_root_npm.rc == 0
+
+  - name: Install yarn dependency to build the Wazuh Kibana Plugin
+    command: npm install -g yarn@1.10.1
+    register: install_yarn_result
+    changed_when: install_yarn_result == 0
+
+  - name: Remove old wazuh-kibana-app git directory
+    file:
+      path: /tmp/app
+      state: absent
+
+  - name: Clone wazuh-kibana-app repository # Using command as git module doesn't cover single-branch nor depth
+    command: git clone https://github.com/wazuh/wazuh-kibana-app -b {{ wazuh_plugin_branch }} --single-branch --depth=1 app # noqa 303
+    register: clone_app_repo_result
+    changed_when: clone_app_repo_result.rc == 0
+    args:
+      chdir: "/tmp"
+
+  - name: Executing yarn to build the package
+    command: "{{ item }}"
+    with_items:
+      - "yarn"
+      - "yarn build"
+      - "yarn build" # Executing multiple times to workaround errors returned by yarn build
+    register: yarn_execution_result
+    changed_when: yarn_execution_result == 0
+    args:
+      chdir: "/tmp/app/"
+
+  - name: Obtain name of generated package
+    shell: "find ./ -name 'wazuh-*.zip' -printf '%f\\n'"
+    register: wazuhapp_package_name
+    changed_when: false
+    args:
+      chdir: "/tmp/app/build"
+
+  - name: Install Wazuh Plugin (can take a while)
+    shell: "/usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}"
+    environment:
+      NODE_OPTIONS: "--max-old-space-size=3072"
+    args:
+      executable: /bin/bash
+      creates: /usr/share/kibana/plugins/wazuh/package.json
+    become: yes
+    become_user: kibana
+    notify: restart kibana
+    tags:
+      - install
+      - skip_ansible_lint

From 886e96b182c90bbbd3e994d59246a39e8a058894 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 13:29:58 +0100
Subject: [PATCH 459/714] Update "main.yml" in Kibana installation to enable
 sources install

---
 .../ansible-kibana/tasks/main.yml             | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 622db80b..89af291c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -82,8 +82,8 @@
   register: wazuh_app_verify
   changed_when: false
   failed_when:
-    -  wazuh_app_verify.rc != 0
-    -  wazuh_app_verify.rc != 1
+    - wazuh_app_verify.rc != 0
+    - wazuh_app_verify.rc != 1
 
 - name: Removing old Wazuh-APP
   command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh
@@ -91,13 +91,24 @@
   tags: install
 
 - name: Removing bundles
-  file: path=/usr/share/kibana/optimize/bundles state=absent
-  become: yes
-  become_user: kibana
+  file:
+    path: /usr/share/kibana/optimize/bundles
+    state: absent
   when: wazuh_app_verify.rc == 1
   tags: install
 
-- name: Install Wazuh-APP (can take a while)
+- name: Explicitly starting Kibana to generate "wazuh-"
+  service:
+    name: kibana
+    state: started
+
+- name: Build and Install Wazuh Kibana Plugin from sources
+  import_tasks: build_wazuh_plugin.yml
+  when:
+    - build_from_sources is defined
+    - build_from_sources
+
+- name: Install Wazuh Plugin (can take a while)
   shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:
     NODE_OPTIONS: "--max-old-space-size=3072"
@@ -110,6 +121,8 @@
   tags:
     - install
     - skip_ansible_lint
+  when:
+    - not build_from_sources
 
 - name: Reload systemd configuration
   systemd:

From 3acdd20dff1b4c2eb4ffb7c953ebbafaa58611b9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 13:30:43 +0100
Subject: [PATCH 460/714] Change Wazuh API build task to log info to
 "/tmp/build_wazuh_api_log."

---
 .../ansible-wazuh-manager/tasks/installation_from_sources.yml   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 1ecfd7c8..472eab8f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -101,6 +101,6 @@
       mode: "0700"
 
   - name: Execute Wazuh API installation script
-    command: /tmp/install_api.sh download
+    shell: /tmp/install_api.sh download > /tmp/build_api_log.txt
     register: install_api
     changed_when: install_api.rc == 0

From e2cee2e45d1cbdba88acf6724347bae4768fa6c7 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 21 Nov 2019 14:00:08 +0100
Subject: [PATCH 461/714] fix conditional statement when

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 5503a10c..30e0cdc1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -18,8 +18,7 @@
     warn: false
     executable: /bin/bash
   when:
-    - ansible_distribution|lower == "amazon"
-    - ansible_distribution == 'Fedora'
+    - ansible_distribution|lower == "amazon" or ansible_distribution|lower == 'fedora'
 
 - name: CentOS/RedHat/Amazon/Fedora | Install NodeJS
   package:

From 686c02b3d5d424356bde2df86ed335fb7276291b Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 21 Nov 2019 14:48:54 +0100
Subject: [PATCH 462/714] Add task to check if node service already exists

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 30e0cdc1..196d0e3b 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,4 +1,8 @@
 ---
+- name: Check if NodeJS service Exists
+  stat: path=/usr/bin/node
+  register: node_service_status
+
 - name: Centos | Get Nodejs
   shell: |
     set -o pipefail
@@ -8,7 +12,7 @@
     executable: /bin/bash
     creates: /etc/yum.repos.d/nodesource-el7.repo
   when:
-    - ansible_distribution_major_version|int > 5
+    - ansible_distribution_major_version|int > 5 and not node_service_status.stat.exists
 
 - name: AmazonLinux/Fedora| Get Nodejs
   shell: |
@@ -18,7 +22,7 @@
     warn: false
     executable: /bin/bash
   when:
-    - ansible_distribution|lower == "amazon" or ansible_distribution|lower == 'fedora'
+    - ( ansible_distribution|lower == "amazon" or ansible_distribution|lower == 'fedora' ) and not node_service_status.stat.exists
 
 - name: CentOS/RedHat/Amazon/Fedora | Install NodeJS
   package:
@@ -28,6 +32,7 @@
   until: nodejs_is_installed is succeeded
   tags:
     - init
+  when: not node_service_status.stat.exists
 
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:

From 13b232154026a852998b499ad8757a906bf9a538 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 15:01:15 +0100
Subject: [PATCH 463/714] Rename wazuh_sources_installation to wazuh_manager
 sources_installation

---
 playbooks/wazuh-elastic_stack-single.yml      | 12 +--
 .../ansible-wazuh-agent/defaults/main.yml     |  2 +-
 .../ansible-wazuh-agent/tasks/Debian.yml      |  4 +-
 .../wazuh/ansible-wazuh-agent/tasks/Linux.yml | 10 +--
 .../ansible-wazuh-agent/tasks/RedHat.yml      |  4 +-
 .../tasks/installation_from_sources.yml       | 14 ++--
 .../templates/preloaded_vars.conf.j2          |  2 +-
 .../ansible-wazuh-manager/defaults/main.yml   |  2 +-
 .../ansible-wazuh-manager/tasks/Debian.yml    | 16 ++--
 .../ansible-wazuh-manager/tasks/RedHat.yml    |  8 +-
 .../tasks/installation_from_sources.yml       | 74 ++++++++++---------
 .../ansible-wazuh-manager/tasks/main.yml      |  4 +-
 .../templates/preloaded_vars.conf.j2          |  2 +-
 13 files changed, 81 insertions(+), 73 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index 051b5fd2..bc353dfd 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -1,8 +1,8 @@
 ---
-- hosts: <your server host>
+- hosts: all
   roles:
-      - {role: ../roles/wazuh/ansible-wazuh-manager}
-      - role: ../roles/wazuh/ansible-filebeat
-        filebeat_output_elasticsearch_hosts: localhost:9200
-      - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
-      - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost' }
+      # - {role: ../roles/wazuh/ansible-wazuh-manager}
+      # - role: ../roles/wazuh/ansible-filebeat
+      #   filebeat_output_elasticsearch_hosts: 172.24.1.2:9200
+      # - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
+      - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: '172.24.1.1', elasticsearch_reachable_host: '172.24.1.2' }
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index b4bed923..3ff7d803 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 wazuh_agent_version: 3.10.2-1
-wazuh_sources_installation:
+wazuh_manager_sources_installation:
   enabled: "true"
   branch: "v3.10.2"
   user_language: "y"
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 81062d80..329fab6d 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -20,7 +20,7 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
@@ -35,7 +35,7 @@
     state: present
     update_cache: true
   when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
   set_fact:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index e258fa1f..9c8db0b8 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -1,7 +1,7 @@
 ---
 - include_tasks: "../tasks/installation_from_sources.yml"
   when:
-    - wazuh_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled
 
 - include_tasks: "RedHat.yml"
   when: ansible_os_family == "RedHat"
@@ -17,7 +17,7 @@
   poll: 30
   when:
     - ansible_os_family|lower == "redhat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
   tags:
     - init
 
@@ -28,7 +28,7 @@
     cache_valid_time: 3600
   when:
     - ansible_os_family|lower != "redhat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
   tags:
     - init
 
@@ -200,9 +200,9 @@
 - include_tasks: "RMRedHat.yml"
   when:
     - ansible_os_family == "RedHat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
   when:
     - ansible_os_family == "Debian"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 13b1b3e8..e9580a94 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -10,7 +10,7 @@
   when:
     - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -23,7 +23,7 @@
   changed_when: false
   when:
     - repo_v5_installed is skipped
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 381f9c67..55714673 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -28,17 +28,17 @@
 
   - name: Download required packages from github.com/wazuh/wazuh
     get_url:
-      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
     delegate_to: "{{ inventory_hostname }}"
 
   - name: Create folder to extract Wazuh branch
     file:
-      path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
       state: directory
 
   - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
-    command: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    command: "tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
     register: wazuh_untar
     changed_when: wazuh_untar.rc ==0
     args:
@@ -47,7 +47,7 @@
   - name: Clean remaining files from others builds
     command: "make -C src {{ item }}"
     args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
     with_items:
       - "clean"
       - "clean-deps"
@@ -58,7 +58,7 @@
   - name: Render the "preloaded-vars.conf" file
     template:
       src: "templates/preloaded_vars.conf.j2"
-      dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+      dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
       owner: root
       group: root
       mode: '644'
@@ -68,4 +68,4 @@
     register: installation_result
     changed_when: installation_result == 0
     args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
\ No newline at end of file
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
index f02252d1..be552560 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
@@ -1,4 +1,4 @@
-{% for key, value in wazuh_sources_installation.items() %}
+{% for key, value in wazuh_manager_sources_installation.items() %}
 {% if "user_" in key %}
 {% if value is defined and value is not none %}
 {{ key|upper }}="{{ value }}"
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 68948ae4..2767ab37 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -4,7 +4,7 @@ wazuh_manager_version: 3.10.2-1
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
-wazuh_sources_installation:
+wazuh_manager_sources_installation:
   enabled: true
   branch: "v3.10.2"
   user_language: "en"
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 3bd2c541..c8b52fda 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,7 +1,7 @@
 ---
 - include_tasks: "installation_from_sources.yml"
   when:
-    - wazuh_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
@@ -27,14 +27,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -44,7 +44,7 @@
     update_cache: true
   changed_when: false
   when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
   become: true
@@ -58,14 +58,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing NodeJS repository key
   apt_key:
     url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
@@ -74,7 +74,7 @@
     update_cache: true
   changed_when: false
   when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
@@ -139,4 +139,4 @@
   until: wazuh_manager_main_packages_installed is succeeded
   tags: init
   when:
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index ed681344..9baae413 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,7 +1,7 @@
 ---
 - include_tasks: "../tasks/installation_from_sources.yml"
   when:
-    - wazuh_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled
 
 - name: RedHat/CentOS | Install Nodejs repo
   yum_repository:
@@ -45,7 +45,7 @@
   when:
     - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
   register: repo_v5_manager_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -58,7 +58,7 @@
   changed_when: false
   when:
     - repo_v5_manager_installed is skipped
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present
@@ -155,7 +155,7 @@
   until: wazuh_manager_main_packages_installed is succeeded
   when:
     - ansible_os_family|lower == "redhat"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 472eab8f..8469713e 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -29,17 +29,17 @@
 
   - name: Download required packages from github.com/wazuh/wazuh
     get_url:
-      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/{{ wazuh_sources_installation.branch }}.tar.gz"
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
     delegate_to: "{{ inventory_hostname }}"
 
   - name: Create folder to extract Wazuh branch
     file:
-      path: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
       state: directory
 
   - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
-    command: "tar -xzvf /tmp/{{ wazuh_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+    command: "tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
     register: wazuh_untar
     changed_when: wazuh_untar.rc ==0
     args:
@@ -48,7 +48,7 @@
   - name: Clean remaining files from others builds
     command: "make -C src {{ item }}"
     args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/src/"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
     with_items:
       - "clean"
       - "clean-deps"
@@ -59,7 +59,7 @@
   - name: Render the "preloaded-vars.conf" file
     template:
       src: "templates/preloaded_vars.conf.j2"
-      dest: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}/etc/preloaded-vars.conf"
+      dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
       owner: root
       group: root
       mode: '644'
@@ -69,38 +69,46 @@
     register: installation_result
     changed_when: installation_result == 0
     args:
-      chdir: "/tmp/wazuh-{{ wazuh_sources_installation.branch }}"
+      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
 
 # Wazuh API
+  - name: Check if Wazuh API is already installed
+    stat:
+      path: /var/ossec/api/app.js
+    register: wazuh_api
 
-  - name: Download script to install Nodejs repository
-    get_url:
-      url: "{{ node_js_repository_url }}"
-      dest: "/tmp/setup_nodejs_repo.sh"
-      mode: "0700"
+  - name: Install Wazuh API from sources
+    block:
+      - name: Download script to install Nodejs repository
+        get_url:
+          url: "{{ node_js_repository_url }}"
+          dest: "/tmp/setup_nodejs_repo.sh"
+          mode: "0700"
 
-  - name: Execute downloaded script to install Nodejs repo
-    command: /tmp/setup_nodejs_repo.sh
-    register: node_repo_installation_result
-    changed_when: node_repo_installation_result.rc == 0
+      - name: Execute downloaded script to install Nodejs repo
+        command: /tmp/setup_nodejs_repo.sh
+        register: node_repo_installation_result
+        changed_when: node_repo_installation_result.rc == 0
 
-  - name: Install Nodejs
-    package:
-      name: nodejs
-      state: present
+      - name: Install Nodejs
+        package:
+          name: nodejs
+          state: present
 
-  - name: Run NPM under root account
-    command: npm config set user 0
-    register: allow_root_npm
-    changed_when: allow_root_npm.rc == 0
+      - name: Run NPM under root account
+        command: npm config set user 0
+        register: allow_root_npm
+        changed_when: allow_root_npm.rc == 0
 
-  - name: Download the installation script to install Wazuh API
-    get_url:
-      url: "https://raw.githubusercontent.com/wazuh/wazuh-api/v{{ wazuh_manager_version[:-2] }}/install_api.sh"
-      dest: "/tmp/install_api.sh"
-      mode: "0700"
+      - name: Download the installation script to install Wazuh API
+        get_url:
+          url: "https://raw.githubusercontent.com/wazuh/wazuh-api/v{{ wazuh_manager_version[:-2] }}/install_api.sh"
+          dest: "/tmp/install_api.sh"
+          mode: "0700"
 
-  - name: Execute Wazuh API installation script
-    shell: /tmp/install_api.sh download > /tmp/build_api_log.txt
-    register: install_api
-    changed_when: install_api.rc == 0
+      - name: Execute Wazuh API installation script
+        shell: /tmp/install_api.sh download > /tmp/build_api_log.txt
+        register: install_api
+        changed_when: install_api.rc == 0
+    when:
+      - not wazuh_api.stat.exists
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index f2fc55db..d2c99535 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -356,9 +356,9 @@
 - include_tasks: "RMRedHat.yml"
   when:
     - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
   when:
     - ansible_os_family == "Debian"
-    - not wazuh_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
index f02252d1..be552560 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
@@ -1,4 +1,4 @@
-{% for key, value in wazuh_sources_installation.items() %}
+{% for key, value in wazuh_manager_sources_installation.items() %}
 {% if "user_" in key %}
 {% if value is defined and value is not none %}
 {{ key|upper }}="{{ value }}"

From d85d210a3e5029253b0a30276e60d35233ab8fa1 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 21 Nov 2019 16:12:08 +0100
Subject: [PATCH 464/714] Centralize NodeJS installation tasks

---
 playbooks/wazuh-manager.yml                   |  4 +++
 .../ansible-wazuh-manager/tasks/Debian.yml    | 18 ----------
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 35 -------------------
 .../ansible-wazuh-manager/tasks/main.yml      | 19 ++++++++++
 4 files changed, 23 insertions(+), 53 deletions(-)

diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index 5ec6a50b..846d4158 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -1,5 +1,9 @@
 ---
 - hosts: <WAZUH_MANAGER_HOST>
+- vars:
+    - repo_dic:
+        debian: "deb"
+        redhat: "rpm"
   roles:
     - role: ../roles/wazuh/ansible-wazuh-manager
     - role: ../roles/wazuh/ansible-filebeat
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index af33e4ba..b4e94308 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -38,24 +38,6 @@
     update_cache: true
   changed_when: false
 
-- name: Debian/Ubuntu | Installing NodeJS repository
-  become: true
-  shell: |
-    set -o pipefail
-    curl -sL https://deb.nodesource.com/setup_8.x | bash -
-  args:
-    warn: false
-    executable: /bin/bash
-  changed_when: false
-
-- name: Debian/Ubuntu | Install NodeJS
-  apt:
-    name: "nodejs"
-    state: present
-  register: nodejs_package_is_installed
-  until: nodejs_package_is_installed is succeeded
-  tags: init
-
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
     cis_distribution_filename: cis_debian_linux_rcl.txt
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 196d0e3b..938bc83d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,39 +1,4 @@
 ---
-- name: Check if NodeJS service Exists
-  stat: path=/usr/bin/node
-  register: node_service_status
-
-- name: Centos | Get Nodejs
-  shell: |
-    set -o pipefail
-    curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
-  args:
-    warn: false
-    executable: /bin/bash
-    creates: /etc/yum.repos.d/nodesource-el7.repo
-  when:
-    - ansible_distribution_major_version|int > 5 and not node_service_status.stat.exists
-
-- name: AmazonLinux/Fedora| Get Nodejs
-  shell: |
-    set -o pipefail
-    curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
-  args:
-    warn: false
-    executable: /bin/bash
-  when:
-    - ( ansible_distribution|lower == "amazon" or ansible_distribution|lower == 'fedora' ) and not node_service_status.stat.exists
-
-- name: CentOS/RedHat/Amazon/Fedora | Install NodeJS
-  package:
-    name: "nodejs"
-    state: present
-  register: nodejs_is_installed
-  until: nodejs_is_installed is succeeded
-  tags:
-    - init
-  when: not node_service_status.stat.exists
-
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
     name: wazuh_repo
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index ed4847aa..33aa58b7 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -13,6 +13,25 @@
 - include_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
+- name: Installing NodeJS repository script
+  become: true
+  get_url:
+    url: "https://{{ repo_dic[ansible_os_family] }}nodesource.com/setup_8.x"
+    dest: /etc/nodejs.sh
+    mode: '0775'
+  changed_when: false
+
+- name: Running NodeJS bash script
+  script: /etc/nodejs.sh
+
+- name: Installing NodeJS
+  package:
+    name: ntpdate
+    state: present
+  register: nodejs_service_is_installed
+  until: nodejs_service_is_installed is succeeded
+  tags: init
+
 - name: Install expect
   package:
     name: expect

From 7bf823bcadead3ce3bae0206882d3dd43d2b98c9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 18:44:34 +0100
Subject: [PATCH 465/714] Split preloaded_vars into preloaded_vars_manager and
 api

---
 .../templates/preloaded_vars_api.conf.j2                   | 7 +++++++
 ...eloaded_vars.conf.j2 => preloaded_vars_manager.conf.j2} | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2
 rename roles/wazuh/ansible-wazuh-manager/templates/{preloaded_vars.conf.j2 => preloaded_vars_manager.conf.j2} (93%)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2
new file mode 100644
index 00000000..198178c8
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_api.conf.j2
@@ -0,0 +1,7 @@
+{% for key, value in wazuh_api_sources_installation.items() %}
+{% if "enabled" not in key and "branch" not in key %}
+{% if value is defined and value is not none %}
+{{ key|upper }}="{{ value }}"
+{% endif %}
+{% endif %}
+{% endfor %}
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_manager.conf.j2
similarity index 93%
rename from roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
rename to roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_manager.conf.j2
index be552560..3dacef92 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/preloaded_vars_manager.conf.j2
@@ -4,4 +4,4 @@
 {{ key|upper }}="{{ value }}"
 {% endif %}
 {% endif %}
-{% endfor %}
\ No newline at end of file
+{% endfor %}

From 628dcb2ccc8ddcc1a27d5d1255c206a9ae1cc63e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 18:45:01 +0100
Subject: [PATCH 466/714] Update conditonals and add required tasks to
 RedHat.yml

---
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 42 ++++++++++++++-----
 1 file changed, 32 insertions(+), 10 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 9baae413..354beca4 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,7 +1,4 @@
 ---
-- include_tasks: "../tasks/installation_from_sources.yml"
-  when:
-    - wazuh_manager_sources_installation.enabled
 
 - name: RedHat/CentOS | Install Nodejs repo
   yum_repository:
@@ -13,6 +10,7 @@
   changed_when: false
   when:
     - ansible_distribution_major_version|int > 5
+    - not wazuh_api_sources_installation.enabled
 
 - name: Fedora | Install Nodejs repo
   yum_repository:
@@ -21,7 +19,9 @@
     baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
     gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
     gpgcheck: true
-  when: ansible_distribution == 'Fedora'
+  when:
+    - ansible_distribution == 'Fedora'
+    - not wazuh_api_sources_installation.enabled
 
 - name: AmazonLinux | Get Nodejs
   shell: |
@@ -33,6 +33,7 @@
     creates: /etc/yum.repos.d/nodesource-el7.repo
   when:
     - ansible_distribution|lower == "amazon"
+    - not wazuh_api_sources_installation.enabled
 
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
@@ -46,6 +47,7 @@
     - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
   register: repo_v5_manager_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -58,7 +60,7 @@
   changed_when: false
   when:
     - repo_v5_manager_installed is skipped
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present
@@ -144,13 +146,10 @@
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
-- name: CentOS/RedHat/Amazon | Install wazuh-manager, wazuh-api
+- name: CentOS/RedHat/Amazon | Install Wazuh Manager
   package:
-    name: "{{ item }}-{{ wazuh_manager_version }}"
+    name: "wazuh-manager-{{ wazuh_manager_version }}"
     state: "{{ wazuh_manager_package_state }}"
-  with_items:
-    - wazuh-manager
-    - wazuh-api
   register: wazuh_manager_main_packages_installed
   until: wazuh_manager_main_packages_installed is succeeded
   when:
@@ -159,6 +158,28 @@
   tags:
     - init
 
+- include_tasks: "../tasks/installation_from_sources.yml"
+  tags: manager
+  when:
+    - wazuh_manager_sources_installation.enabled
+
+- name: CentOS/RedHat/Amazon | Install Wazuh API
+  package:
+    name: "wazuh-api-{{ wazuh_manager_version }}"
+    state: "{{ wazuh_manager_package_state }}"
+  register: wazuh_api_main_packages_installed
+  until: wazuh_api_main_packages_installed is succeeded
+  when:
+    - ansible_os_family|lower == "redhat"
+    - not wazuh_api_sources_installation.enabled
+  tags:
+    - init
+
+- include_tasks: "../tasks/installation_from_sources.yml"
+  tags: api
+  when:
+    - wazuh_api_sources_installation.enabled
+
 - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
   replace:
     path: /etc/init.d/wazuh-manager
@@ -181,3 +202,4 @@
     - ansible_distribution_major_version|int < 6
   tags:
     - init
+

From 380d4d14300b71b8f99822cc29253e834cf3a7e7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 18:45:25 +0100
Subject: [PATCH 467/714] Update installation_from_sources conditionals and
 blocks

---
 .../tasks/installation_from_sources.yml       | 196 +++++++++++-------
 1 file changed, 122 insertions(+), 74 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 8469713e..ef24c238 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -1,75 +1,98 @@
 ---
 # Wazuh Manager
-  - name: Install dependencies to build Wazuh packages
-    package:
-      name:
-        - make
-        - gcc
-        - automake
-        - autoconf
-        - libtool
-        - tar
-      state: present
+  - name: Check if Wazuh Manager is already installed
+    stat:
+      path: /var/ossec/bin/ossec-control
+    register: wazuh_ossec_control
 
-  - name: Installing policycoreutils-python (RedHat families)
-    package:
-      name:
-        - policycoreutils-python
+  - name: Installing Wazuh Manager from sources
+    block:
+      - name: Install dependencies to build Wazuh packages
+        package:
+          name:
+            - make
+            - gcc
+            - automake
+            - autoconf
+            - libtool
+            - tar
+          state: present
+
+      - name: Installing policycoreutils-python (RedHat families)
+        package:
+          name:
+            - policycoreutils-python
+        when:
+          - ansible_os_family|lower == "redhat"
+
+      - name: Installing policycoreutils-python-utils (Debian families)
+        package:
+          name:
+            - libc6-dev
+            - curl
+            - policycoreutils
+        when:
+          - ansible_os_family|lower == "debian"
+
+      - name: Remove old repository folder
+        file:
+          path: /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}
+          state: absent
+
+      - name: Download required packages from github.com/wazuh/wazuh
+        get_url:
+          url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+          dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+        delegate_to: "{{ inventory_hostname }}"
+
+      - name: Create folder to extract Wazuh branch
+        file:
+          path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
+          state: directory
+
+    # When downloading "v3.10.2" extracted folder name is 3.10.2. 
+    # Explicitly creating the folder with proper naming and striping first level in .tar.gz file
+
+      - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
+        command: >-
+          tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz
+          --strip 1
+          --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}
+        register: wazuh_untar
+        changed_when: wazuh_untar.rc ==0
+        args:
+          warn: false
+
+      - name: Clean remaining files from others builds
+        command: "make -C src {{ item }}"
+        args:
+          chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
+        with_items:
+          - "clean"
+          - "clean-deps"
+        register: clean_result
+        changed_when: clean_result.rc == 0
+        failed_when: false
+
+      - name: Render the "preloaded-vars.conf" file
+        template:
+          src: "templates/preloaded_vars_manager.conf.j2"
+          dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
+          owner: root
+          group: root
+          mode: '644'
+
+      - name: Executing "install.sh" script to build and install the Wazuh Manager
+        shell: ./install.sh > /tmp/build_manager_log.txt
+        register: installation_result
+        changed_when: installation_result == 0
+        args:
+          chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
     when:
-      - ansible_os_family|lower == "redhat"
-
-  - name: Installing policycoreutils-python-utils (Debian families)
-    package:
-      name:
-        - libc6-dev
-        - curl
-        - policycoreutils
-    when:
-      - ansible_os_family|lower == "debian"
-
-  - name: Download required packages from github.com/wazuh/wazuh
-    get_url:
-      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
-    delegate_to: "{{ inventory_hostname }}"
-
-  - name: Create folder to extract Wazuh branch
-    file:
-      path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
-      state: directory
-
-  - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
-    command: "tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
-    register: wazuh_untar
-    changed_when: wazuh_untar.rc ==0
-    args:
-      warn: false
-
-  - name: Clean remaining files from others builds
-    command: "make -C src {{ item }}"
-    args:
-      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
-    with_items:
-      - "clean"
-      - "clean-deps"
-    register: clean_result
-    changed_when: clean_result.rc == 0
-    failed_when: false
-
-  - name: Render the "preloaded-vars.conf" file
-    template:
-      src: "templates/preloaded_vars.conf.j2"
-      dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
-      owner: root
-      group: root
-      mode: '644'
-
-  - name: Executing "install.sh" script to build and install the Wazuh Manager
-    shell: ./install.sh > /tmp/build_log.txt
-    register: installation_result
-    changed_when: installation_result == 0
-    args:
-      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
+      - not wazuh_ossec_control.stat.exists
+      - wazuh_manager_sources_installation.enabled
+    tags:
+      - manager
 
 # Wazuh API
   - name: Check if Wazuh API is already installed
@@ -79,6 +102,11 @@
 
   - name: Install Wazuh API from sources
     block:
+      - name: Ensure Git is present in the host
+        package:
+          name: git
+          state: present
+
       - name: Download script to install Nodejs repository
         get_url:
           url: "{{ node_js_repository_url }}"
@@ -100,15 +128,35 @@
         register: allow_root_npm
         changed_when: allow_root_npm.rc == 0
 
-      - name: Download the installation script to install Wazuh API
-        get_url:
-          url: "https://raw.githubusercontent.com/wazuh/wazuh-api/v{{ wazuh_manager_version[:-2] }}/install_api.sh"
-          dest: "/tmp/install_api.sh"
-          mode: "0700"
+      - name: Remove old repository folder
+        file:
+          path: /tmp/wazuh-api
+          state: absent
+
+      - name: Download the Wazuh API repository
+        git:
+          repo: 'https://github.com/wazuh/wazuh-api.git'
+          version: "{{ wazuh_api_sources_installation.branch }}"
+          dest: /tmp/wazuh-api
+
+      - name: Configure Wazuh API installation
+        template:
+          src: "templates/preloaded_vars_api.conf.j2"
+          dest: "/tmp/wazuh-api/configuration/preloaded_vars.conf"
+          owner: root
+          group: root
+          mode: '644'
 
       - name: Execute Wazuh API installation script
-        shell: /tmp/install_api.sh download > /tmp/build_api_log.txt
+        shell: ./install_api.sh > /tmp/build_api_log.txt
         register: install_api
         changed_when: install_api.rc == 0
+        args:
+          chdir: "/tmp/wazuh-api"
+        notify:
+          - restart wazuh-api
     when:
       - not wazuh_api.stat.exists
+      - wazuh_api_sources_installation.enabled
+    tags:
+      - api
\ No newline at end of file

From 9e6966b6994d07ae9ef18f054500b27ff8ea3bf1 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 18:45:45 +0100
Subject: [PATCH 468/714] Fix conditionals for Debian families. Split Manager
 and API install

---
 .../ansible-wazuh-manager/tasks/Debian.yml    | 26 +++++++++++++++----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index c8b52fda..6da6a6f3 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,7 +1,7 @@
 ---
 - include_tasks: "installation_from_sources.yml"
   when:
-    - wazuh_manager_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
@@ -28,6 +28,7 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
@@ -35,6 +36,7 @@
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -45,6 +47,7 @@
   changed_when: false
   when:
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
   become: true
@@ -59,13 +62,14 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing NodeJS repository key
   apt_key:
     url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add NodeSource repositories for Node.js
   apt_repository:
@@ -74,7 +78,7 @@
     update_cache: true
   changed_when: false
   when:
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
@@ -127,11 +131,10 @@
   tags:
     - config
 
-- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api
+- name: Debian/Ubuntu | Install wazuh-manager
   apt:
     name:
       - "wazuh-manager={{ wazuh_manager_version }}"
-      - "wazuh-api={{ wazuh_manager_version }}"
     state: present
     cache_valid_time: 3600
     install_recommends: false
@@ -140,3 +143,16 @@
   tags: init
   when:
     - not wazuh_manager_sources_installation.enabled
+
+- name: Debian/Ubuntu | Install wazuh-api
+  apt:
+    name:
+      - "wazuh-api={{ wazuh_manager_version }}"
+    state: present
+    cache_valid_time: 3600
+    install_recommends: false
+  register: wazuh_manager_main_packages_installed
+  until: wazuh_manager_main_packages_installed is succeeded
+  tags: init
+  when:
+    - not wazuh_api_sources_installation.enabled
\ No newline at end of file

From 6ba58b68386d9a38b08f630cc01eba2c1fd760b5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 21 Nov 2019 18:46:11 +0100
Subject: [PATCH 469/714] Add variables for Wazuh Api installation from sources

---
 .../ansible-wazuh-manager/defaults/main.yml    | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 2767ab37..475a50a9 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -29,6 +29,24 @@ wazuh_manager_sources_installation:
   user_ca_store: null
   threads: "2"
 
+wazuh_api_sources_installation:
+  enabled: true
+  branch: "v3.10.2"
+  update: "y"
+  remove: "y"
+  directory: null
+  port: 55000
+  https: "n"
+  authd: null
+  proxy: null
+  country: null
+  state: null
+  locality: null
+  org_name: null
+  org_unit: null
+  common_name: null
+  password: null
+
 wazuh_manager_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From 902ee2a3d18fce94e48cfe376dacb13b56664b0b Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 22 Nov 2019 11:18:09 +0100
Subject: [PATCH 470/714] Add a task to check if nodejs already exists

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 33aa58b7..2a3b20e0 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -13,20 +13,29 @@
 - include_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
+- name: Check if NodeJS service Exists
+  stat:
+    path: /usr/bin/node
+  register: node_service_status
+
 - name: Installing NodeJS repository script
   become: true
   get_url:
-    url: "https://{{ repo_dic[ansible_os_family] }}nodesource.com/setup_8.x"
+    url: "https://{{ repo_dic[ansible_os_family|lower] }}.nodesource.com/setup_8.x"
     dest: /etc/nodejs.sh
     mode: '0775'
   changed_when: false
+  when: not node_service_status.stat.exists
 
 - name: Running NodeJS bash script
-  script: /etc/nodejs.sh
+  command: sh /etc/nodejs.sh
+  register: nodejs_script
+  changed_when: nodejs_script.rc == 0
+  when: not node_service_status.stat.exists
 
 - name: Installing NodeJS
   package:
-    name: ntpdate
+    name: nodejs
     state: present
   register: nodejs_service_is_installed
   until: nodejs_service_is_installed is succeeded

From c32d992f890e20f3cb4a439509399df802c5ce49 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 22 Nov 2019 11:39:08 +0100
Subject: [PATCH 471/714] Re-order tasks

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 2a3b20e0..a5ccf343 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -7,12 +7,6 @@
       - tar
     state: present
 
-- include_tasks: "RedHat.yml"
-  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
-
-- include_tasks: "Debian.yml"
-  when: ansible_os_family == "Debian"
-
 - name: Check if NodeJS service Exists
   stat:
     path: /usr/bin/node
@@ -41,6 +35,12 @@
   until: nodejs_service_is_installed is succeeded
   tags: init
 
+- include_tasks: "RedHat.yml"
+  when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
+
+- include_tasks: "Debian.yml"
+  when: ansible_os_family == "Debian"
+
 - name: Install expect
   package:
     name: expect

From 376628a914e93cebaabf105f3208d0e57923ef03 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 22 Nov 2019 13:14:48 +0100
Subject: [PATCH 472/714] Define variable in default.yml instead of playbook

---
 playbooks/wazuh-manager.yml                        | 4 ----
 roles/wazuh/ansible-wazuh-manager/vars/default.yml | 3 +++
 2 files changed, 3 insertions(+), 4 deletions(-)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/vars/default.yml

diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml
index 846d4158..5ec6a50b 100644
--- a/playbooks/wazuh-manager.yml
+++ b/playbooks/wazuh-manager.yml
@@ -1,9 +1,5 @@
 ---
 - hosts: <WAZUH_MANAGER_HOST>
-- vars:
-    - repo_dic:
-        debian: "deb"
-        redhat: "rpm"
   roles:
     - role: ../roles/wazuh/ansible-wazuh-manager
     - role: ../roles/wazuh/ansible-filebeat
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/default.yml b/roles/wazuh/ansible-wazuh-manager/vars/default.yml
new file mode 100644
index 00000000..af1a2fbe
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/vars/default.yml
@@ -0,0 +1,3 @@
+- repo_dic:
+    debian: "deb"
+    redhat: "rpm"
\ No newline at end of file

From 5fd5ddc61f9befa864c7e37d92698ad48fffa50c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 22 Nov 2019 13:16:28 +0100
Subject: [PATCH 473/714] Englobe tasks with same when statement in block

---
 .../ansible-wazuh-manager/tasks/main.yml      | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index a5ccf343..d10f1f2a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -7,24 +7,24 @@
       - tar
     state: present
 
-- name: Check if NodeJS service Exists
+- name: Check if NodeJS service exists
   stat:
     path: /usr/bin/node
   register: node_service_status
 
-- name: Installing NodeJS repository script
-  become: true
-  get_url:
-    url: "https://{{ repo_dic[ansible_os_family|lower] }}.nodesource.com/setup_8.x"
-    dest: /etc/nodejs.sh
-    mode: '0775'
-  changed_when: false
-  when: not node_service_status.stat.exists
+- name: Install NodeJS repository
+  block:
+    - name: Download NodeJS repository script
+      get_url:
+        url: "https://{{ repo_dic[ansible_os_family|lower] }}.nodesource.com/setup_8.x"
+        dest: /etc/nodejs.sh
+        mode: '0775'
+      changed_when: false
 
-- name: Running NodeJS bash script
-  command: sh /etc/nodejs.sh
-  register: nodejs_script
-  changed_when: nodejs_script.rc == 0
+    - name: Run NodeJS bash script
+      command: sh /etc/nodejs.sh
+      register: nodejs_script
+      changed_when: nodejs_script.rc == 0
   when: not node_service_status.stat.exists
 
 - name: Installing NodeJS

From 565a84c49f801c934bcecffeda47b7356e334584 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 22 Nov 2019 13:38:11 +0100
Subject: [PATCH 474/714] Define variables in default/main.yml

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 +++
 roles/wazuh/ansible-wazuh-manager/vars/default.yml  | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/default.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index e66ccae5..069af007 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -326,3 +326,6 @@ wazuh_agent_configs:
         format: 'eventchannel'
       - location: 'System'
         format: 'eventlog'
+repo_dic:
+  debian: "deb"
+  redhat: "rpm"
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/default.yml b/roles/wazuh/ansible-wazuh-manager/vars/default.yml
deleted file mode 100644
index af1a2fbe..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/default.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-- repo_dic:
-    debian: "deb"
-    redhat: "rpm"
\ No newline at end of file

From bc4f36582a0b1ed5c3f70c37c9f309da08dbb33d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:40:48 +0100
Subject: [PATCH 475/714] Remove unused tags from sources installation
 "include_tasks"

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 354beca4..382e33b8 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -159,7 +159,6 @@
     - init
 
 - include_tasks: "../tasks/installation_from_sources.yml"
-  tags: manager
   when:
     - wazuh_manager_sources_installation.enabled
 
@@ -176,7 +175,6 @@
     - init
 
 - include_tasks: "../tasks/installation_from_sources.yml"
-  tags: api
   when:
     - wazuh_api_sources_installation.enabled
 

From 8d667131d91f9cbf7a674ae9c6de90d65500284b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:41:06 +0100
Subject: [PATCH 476/714] Fix conditional for ssl_agent_ca

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index d2c99535..f9d54536 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -28,7 +28,7 @@
     chdir: /var/ossec/etc/
   tags:
     - config
-  when: not wazuh_manager_config.authd.ssl_agent_ca is not none
+  when: wazuh_manager_config.authd.ssl_agent_ca is not none
 
 - name: Copy CA, SSL key and cert for authd
   copy:

From df56764dbda227e7d55c0f509db90097c970977a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:41:47 +0100
Subject: [PATCH 477/714] Add dpeendencies to Wazuh API. Update nodejs repo
 installation

---
 .../tasks/installation_from_sources.yml       | 23 ++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index ef24c238..a0d22133 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -83,7 +83,7 @@
           mode: '644'
 
       - name: Executing "install.sh" script to build and install the Wazuh Manager
-        shell: ./install.sh > /tmp/build_manager_log.txt
+        shell: ./install.sh > /tmp/build_wazuh_manager_log.txt
         register: installation_result
         changed_when: installation_result == 0
         args:
@@ -102,14 +102,31 @@
 
   - name: Install Wazuh API from sources
     block:
+      - name: Install dependencies to build Wazuh packages
+        package:
+          name:
+            - make
+            - gcc
+            - automake
+            - autoconf
+            - libtool
+            - tar
+          state: present
+
       - name: Ensure Git is present in the host
         package:
           name: git
           state: present
 
+      - name: Modify repo url if host is in Debian family
+        set_fact:
+          node_js_repo_type: deb
+        when:
+          - ansible_os_family | lower == "debian"
+
       - name: Download script to install Nodejs repository
         get_url:
-          url: "{{ node_js_repository_url }}"
+          url: "https://{{ node_js_repo_type }}.{{ node_js_repo_url }}"
           dest: "/tmp/setup_nodejs_repo.sh"
           mode: "0700"
 
@@ -148,7 +165,7 @@
           mode: '644'
 
       - name: Execute Wazuh API installation script
-        shell: ./install_api.sh > /tmp/build_api_log.txt
+        shell: ./install_api.sh > /tmp/build_wazuh_api_log.txt
         register: install_api
         changed_when: install_api.rc == 0
         args:

From 5fd46ab9e4ce46972dbb129e0e44497b840e88d9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:42:09 +0100
Subject: [PATCH 478/714] Remove conditional from wazuh-api restart handler

---
 roles/wazuh/ansible-wazuh-manager/handlers/main.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
index 0fac45a1..46f1097b 100644
--- a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
@@ -12,6 +12,4 @@
   service:
     name: wazuh-api
     state: restarted
-    enabled: true
-  when:
-    - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6)
+    enabled: true
\ No newline at end of file

From d91ac23d8c13a0e6efe409ffe35c0da0c3feeaca Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:42:23 +0100
Subject: [PATCH 479/714] Update Nodejs repo variables to make it flexible for
 deb and rpm

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 475a50a9..84448ae7 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -370,4 +370,5 @@ wazuh_agent_configs:
       - location: 'System'
         format: 'eventlog'
 
-node_js_repository_url: https://rpm.nodesource.com/setup_8.x
\ No newline at end of file
+node_js_repo_url: nodesource.com/setup_8.x
+node_js_repo_type: rpm
\ No newline at end of file

From 32dd2e5df5c0348c99a69d7cdaf87ae6d320959c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:42:56 +0100
Subject: [PATCH 480/714] Rename "preloaded_vars" to "preloaded_vars_agent"

---
 .../{preloaded_vars.conf.j2 => preloaded_vars_agent.conf.j2}    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename roles/wazuh/ansible-wazuh-agent/templates/{preloaded_vars.conf.j2 => preloaded_vars_agent.conf.j2} (61%)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars_agent.conf.j2
similarity index 61%
rename from roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
rename to roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars_agent.conf.j2
index be552560..0887b367 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/preloaded_vars_agent.conf.j2
@@ -1,4 +1,4 @@
-{% for key, value in wazuh_manager_sources_installation.items() %}
+{% for key, value in wazuh_agent_sources_installation.items() %}
 {% if "user_" in key %}
 {% if value is defined and value is not none %}
 {{ key|upper }}="{{ value }}"

From cbad3e06a2bfd115229cd54a4fffee2c05965fc7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:43:10 +0100
Subject: [PATCH 481/714] Fix sources conditionals for RedHat.yml

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index e9580a94..76ed0f76 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -10,7 +10,8 @@
   when:
     - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
+    - not wazuh_api_sources_installation.enabled
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -23,7 +24,7 @@
   changed_when: false
   when:
     - repo_v5_installed is skipped
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:

From f60f218c8824ab332360d3fecad40f3d90ca1ef5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:43:38 +0100
Subject: [PATCH 482/714] Fix agent installation from sources. Update
 conditionals and includes

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 9c8db0b8..9265ce92 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -1,14 +1,14 @@
 ---
-- include_tasks: "../tasks/installation_from_sources.yml"
-  when:
-    - wazuh_manager_sources_installation.enabled
-
 - include_tasks: "RedHat.yml"
   when: ansible_os_family == "RedHat"
 
 - include_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
+- include_tasks: "installation_from_sources.yml"
+  when:
+    - wazuh_agent_sources_installation.enabled
+
 - name: Linux CentOS/RedHat | Install wazuh-agent
   package:
     name: wazuh-agent-{{ wazuh_agent_version }}
@@ -17,7 +17,7 @@
   poll: 30
   when:
     - ansible_os_family|lower == "redhat"
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
   tags:
     - init
 
@@ -28,7 +28,7 @@
     cache_valid_time: 3600
   when:
     - ansible_os_family|lower != "redhat"
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
   tags:
     - init
 
@@ -200,9 +200,9 @@
 - include_tasks: "RMRedHat.yml"
   when:
     - ansible_os_family == "RedHat"
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
 
 - include_tasks: "RMDebian.yml"
   when:
     - ansible_os_family == "Debian"
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled

From 66ac8fea816f6c4c5f0e90b6e2129bf8c77e22b5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:44:05 +0100
Subject: [PATCH 483/714] Fix naming copied from agent. Fix linting

---
 .../tasks/installation_from_sources.yml       | 25 ++++++++++++-------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 55714673..afc3605f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -28,26 +28,31 @@
 
   - name: Download required packages from github.com/wazuh/wazuh
     get_url:
-      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
-      dest: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+      url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+      dest: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
     delegate_to: "{{ inventory_hostname }}"
 
   - name: Create folder to extract Wazuh branch
     file:
-      path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
+      path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
       state: directory
 
   - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
-    command: "tar -xzvf /tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz --strip 1 --directory /tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
+    command: >-
+      tar -xzvf /tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz
+      --strip 1
+      --directory /tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}
     register: wazuh_untar
     changed_when: wazuh_untar.rc ==0
     args:
       warn: false
+    tags:
+      - molecule-idempotence-notest
 
   - name: Clean remaining files from others builds
     command: "make -C src {{ item }}"
     args:
-      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/src/"
+      chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}/src/"
     with_items:
       - "clean"
       - "clean-deps"
@@ -57,15 +62,17 @@
 
   - name: Render the "preloaded-vars.conf" file
     template:
-      src: "templates/preloaded_vars.conf.j2"
-      dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
+      src: "templates/preloaded_vars_agent.conf.j2"
+      dest: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}/etc/preloaded-vars.conf"
       owner: root
       group: root
       mode: '644'
+    tags:
+      - molecule-idempotence-notest
 
   - name: Executing "install.sh" script to build and install the Wazuh Agent
-    shell: ./install.sh > /tmp/build_log.txt
+    shell: ./install.sh > /tmp/build_agent_log.txt
     register: installation_result
     changed_when: installation_result == 0
     args:
-      chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
\ No newline at end of file
+      chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
\ No newline at end of file

From ce3dcf7abe9ba20210dec8ccef8058a287b60444 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:44:24 +0100
Subject: [PATCH 484/714] Fix sources conditionals in Debian.yml tasks

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 329fab6d..0e0ba92f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -20,13 +20,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_agent_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
+    - not wazuh_agent_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -35,7 +36,7 @@
     state: present
     update_cache: true
   when:
-    - not wazuh_manager_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
   set_fact:

From 329910eb4191af1c3668d2ca8f12d49185596096 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:45:14 +0100
Subject: [PATCH 485/714] Solve typo in default Agent variables

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 3ff7d803..28e807f3 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,6 +1,7 @@
 ---
 wazuh_agent_version: 3.10.2-1
-wazuh_manager_sources_installation:
+
+wazuh_agent_sources_installation:
   enabled: "true"
   branch: "v3.10.2"
   user_language: "y"
@@ -342,4 +343,4 @@ wazuh_agent_config:
     list:
       - key: Env
         value: Production
-wazuh_agent_nat: false
+wazuh_agent_nat: false
\ No newline at end of file

From c988e6220ea8de6d811c59c9b8282b815d1f4a2d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:45:37 +0100
Subject: [PATCH 486/714] Add custom repo for Wazuh Plugin Kibana installation
 app

---
 .../ansible-kibana/tasks/build_wazuh_plugin.yml           | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 494bc8f0..f4f8fd80 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -5,9 +5,15 @@
       name: git
       state: present
 
+  - name: Modify repo url if host is in Debian family
+    set_fact:
+      node_js_repo_type: deb
+    when:
+      - ansible_os_family | lower == "debian"
+
   - name: Download script to install Nodejs repository
     get_url:
-      url: "{{ node_js_repository_url }}"
+      url: "https://{{ node_js_repo_type }}.{{ node_js_repo_url }}"
       dest: "/tmp/setup_nodejs_repo.sh"
       mode: "0700"
 

From c87da91104d5b7c87d3fdd9a5676a14be0126718 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 15:46:49 +0100
Subject: [PATCH 487/714] Add Kibana default vars to install Nodejs

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index f6ac7023..1352e352 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -25,8 +25,9 @@ generate_CA: true
 ca_cert_name: ""
 
 # Nodejs
-node_js_repository_url: https://rpm.nodesource.com/setup_8.x
+node_js_repo_url: https://rpm.nodesource.com/setup_8.x
+node_js_repo_type: rpm
 
 # Build from sources
-build_from_sources: true
-wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file
+build_from_sources: false
+wazuh_plugin_branch: 3.10-7.3
\ No newline at end of file

From 2efe6e626831263bd9a0206b07d05cdc964ceaa6 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 16:04:06 +0100
Subject: [PATCH 488/714] Restore playbook wazuh-elastic_stack-single.yml to
 default configuration

---
 playbooks/wazuh-elastic_stack-single.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index bc353dfd..6558e255 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -1,8 +1,8 @@
 ---
 - hosts: all
   roles:
-      # - {role: ../roles/wazuh/ansible-wazuh-manager}
-      # - role: ../roles/wazuh/ansible-filebeat
-      #   filebeat_output_elasticsearch_hosts: 172.24.1.2:9200
-      # - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
-      - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: '172.24.1.1', elasticsearch_reachable_host: '172.24.1.2' }
+    - {role: ../roles/wazuh/ansible-wazuh-manager}
+    - role: ../roles/wazuh/ansible-filebeat
+      filebeat_output_elasticsearch_hosts: localhost:9200
+    - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
+    - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost', elasticsearch_reachable_host: 'localhost' }s
\ No newline at end of file

From 61d05a0cdde62c8751488235d9df65598ca56ae9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 16:16:50 +0100
Subject: [PATCH 489/714] Fix linting in Ansible playbooks related with Elastic

---
 playbooks/wazuh-elastic.yml                   | 2 +-
 playbooks/wazuh-elastic_stack-distributed.yml | 8 ++++----
 playbooks/wazuh-elastic_stack-single.yml      | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
index 36bd9b1d..eda19931 100644
--- a/playbooks/wazuh-elastic.yml
+++ b/playbooks/wazuh-elastic.yml
@@ -1,5 +1,5 @@
 ---
 - hosts: <YOUR_ELASTICSEARCH_IP>
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: '<YOUR_ELASTICSEARCH_IP>'
diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 8c6bc567..5f4213f5 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -6,7 +6,7 @@
       elasticsearch_network_host: <node-1 IP>
       node_name: node-1
       elasticsearch_bootstrap_node: true
-      elasticsearch_cluster_nodes: 
+      elasticsearch_cluster_nodes:
         - <node-1 IP>
         - <node-2 IP>
         - <node-3 IP>
@@ -22,7 +22,7 @@
   vars:
     instances:
       node1:
-        name: node-1       # Important: must be equal to elasticsearch_node_name.                    
+        name: node-1       # Important: must be equal to elasticsearch_node_name.
         ip: <node-1 IP>   # When unzipping, the node will search for its node name folder to get the cert.
       node2:
         name: node-2
@@ -43,10 +43,10 @@
         - <node-1 IP>
         - <node-2 IP>
         - <node-3 IP>
-  
+
 - hosts: <node-3 IP>
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch 
+    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: <node-3 IP>
       elasticsearch_node_name: node-3
       single_node: false
diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index 6558e255..9bf5f0fa 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -5,4 +5,4 @@
     - role: ../roles/wazuh/ansible-filebeat
       filebeat_output_elasticsearch_hosts: localhost:9200
     - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
-    - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost', elasticsearch_reachable_host: 'localhost' }s
\ No newline at end of file
+    - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost', elasticsearch_reachable_host: 'localhost' }
\ No newline at end of file

From e003a2d51eb3c1fad46baa5e7644ad727796898d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 25 Nov 2019 17:39:03 +0100
Subject: [PATCH 490/714] Parameterize NodeJS repo. url

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 8 +++++---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml    | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 069af007..66253fef 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -326,6 +326,8 @@ wazuh_agent_configs:
         format: 'eventchannel'
       - location: 'System'
         format: 'eventlog'
-repo_dic:
-  debian: "deb"
-  redhat: "rpm"
\ No newline at end of file
+nodejs:
+  repo_dic:
+      debian: "deb"
+      redhat: "rpm"
+  repo_url_ext: "nodesource.com/setup_8.x"
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index d10f1f2a..d17e29bd 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -16,7 +16,7 @@
   block:
     - name: Download NodeJS repository script
       get_url:
-        url: "https://{{ repo_dic[ansible_os_family|lower] }}.nodesource.com/setup_8.x"
+        url: "https://{{ nodejs['repo_dic'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
         dest: /etc/nodejs.sh
         mode: '0775'
       changed_when: false

From f57840b2e7ec2203c7d5fd43455c5c6479f5bb90 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 18:11:27 +0100
Subject: [PATCH 491/714] Merge #330 from wazuh/ansible

---
 .../ansible-wazuh-manager/defaults/main.yml   |  7 ++--
 .../ansible-wazuh-manager/tasks/Debian.yml    | 31 ----------------
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 36 -------------------
 3 files changed, 5 insertions(+), 69 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 84448ae7..92fbf13c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -370,5 +370,8 @@ wazuh_agent_configs:
       - location: 'System'
         format: 'eventlog'
 
-node_js_repo_url: nodesource.com/setup_8.x
-node_js_repo_type: rpm
\ No newline at end of file
+nodejs:
+  repo_dic:
+      debian: "deb"
+      redhat: "rpm"
+  repo_url_ext: "nodesource.com/setup_8.x" 
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 6da6a6f3..2c2db72d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -49,37 +49,6 @@
     - not wazuh_manager_sources_installation.enabled
     - not wazuh_api_sources_installation.enabled
 
-- name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14)
-  become: true
-  shell: |
-    set -o pipefail
-    curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
-  args:
-    warn: false
-    executable: /bin/bash
-  changed_when: false
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
-    - not wazuh_manager_sources_installation.enabled
-    - not wazuh_api_sources_installation.enabled
-
-- name: Debian/Ubuntu | Installing NodeJS repository key
-  apt_key:
-    url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
-  when:
-    - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_api_sources_installation.enabled
-
-- name: Debian/Ubuntu | Add NodeSource repositories for Node.js
-  apt_repository:
-    repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main"
-    state: present
-    update_cache: true
-  changed_when: false
-  when:
-    - not wazuh_api_sources_installation.enabled
-
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
     cis_distribution_filename: cis_debian_linux_rcl.txt
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 382e33b8..68bf381f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -1,40 +1,4 @@
 ---
-
-- name: RedHat/CentOS | Install Nodejs repo
-  yum_repository:
-    name: NodeJS
-    description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
-    gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: true
-  changed_when: false
-  when:
-    - ansible_distribution_major_version|int > 5
-    - not wazuh_api_sources_installation.enabled
-
-- name: Fedora | Install Nodejs repo
-  yum_repository:
-    name: NodeJS
-    description: NodeJS-$releasever
-    baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
-    gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
-    gpgcheck: true
-  when:
-    - ansible_distribution == 'Fedora'
-    - not wazuh_api_sources_installation.enabled
-
-- name: AmazonLinux | Get Nodejs
-  shell: |
-    set -o pipefail
-    curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
-  args:
-    warn: false
-    executable: /bin/bash
-    creates: /etc/yum.repos.d/nodesource-el7.repo
-  when:
-    - ansible_distribution|lower == "amazon"
-    - not wazuh_api_sources_installation.enabled
-
 - name: RedHat/CentOS 5 | Install Wazuh repo
   yum_repository:
     name: wazuh_repo

From 9c2ce76f0919ee1aebc976fe95668b3bb242eb23 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 18:44:00 +0100
Subject: [PATCH 492/714] Fix linting

---
 .../tasks/installation_from_sources.yml       | 26 +++++++++----------
 .../tasks/installation_from_sources.yml       |  6 ++---
 2 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 70c3b5af..2b29a682 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -9,14 +9,14 @@
         - libtool
         - tar
       state: present
-      
-      - name: Removing old files
-        file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
-        state: absent
 
-      - name: Removing old folders
-        file: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
-        state: absent             
+  - name: Removing old files
+    file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+    state: absent
+
+  - name: Removing old folders
+    file: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
+    state: absent
 
   - name: Installing policycoreutils-python (RedHat families)
     package:
@@ -85,10 +85,10 @@
     args:
       chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
 
-    - name: Cleanup downloaded files
-      file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
-      state: absent
+  - name: Cleanup downloaded files
+    file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+    state: absent
 
-    - name: Cleanup created folders
-      file: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
-      state: absent             
\ No newline at end of file
+  - name: Cleanup created folders
+    file: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
+    state: absent
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 69d27cfd..411254b1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -24,7 +24,7 @@
 
       - name: Removing old folders
         file: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
-        state: absent          
+        state: absent
 
       - name: Installing policycoreutils-python (RedHat families)
         package:
@@ -167,6 +167,4 @@
       - not wazuh_api.stat.exists
       - wazuh_api_sources_installation.enabled
     tags:
-      - api
-    
-    
\ No newline at end of file
+      - api
\ No newline at end of file

From c9c00b82c2fb88f592373451a72ee55a588093c4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 18:44:09 +0100
Subject: [PATCH 493/714] Add Nodejs installation

---
 .../ansible-wazuh-manager/tasks/main.yml      | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index f9d54536..c6f0ae26 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -7,6 +7,34 @@
       - tar
     state: present
 
+- name: Check if NodeJS service exists
+  stat:
+    path: /usr/bin/node
+  register: node_service_status
+
+- name: Install NodeJS repository
+  block:
+    - name: Download NodeJS repository script
+      get_url:
+        url: "https://{{ nodejs['repo_dic'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
+        dest: /etc/nodejs.sh
+        mode: '0775'
+      changed_when: false
+
+    - name: Run NodeJS bash script
+      command: sh /etc/nodejs.sh
+      register: nodejs_script
+      changed_when: nodejs_script.rc == 0
+  when: not node_service_status.stat.exists
+
+- name: Installing NodeJS
+  package:
+    name: nodejs
+    state: present
+  register: nodejs_service_is_installed
+  until: nodejs_service_is_installed is succeeded
+  tags: init
+
 - include_tasks: "RedHat.yml"
   when: (ansible_os_family == "RedHat" and ansible_distribution_major_version|int > 5) or (ansible_os_family  == "RedHat" and ansible_distribution == "Amazon")
 

From fa0e3f16408af2497792eb25998eb5d3d322d8af Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 18:54:21 +0100
Subject: [PATCH 494/714] Fix cleanup tasks for Wazuh Manager and Agent

---
 .../tasks/installation_from_sources.yml       | 20 +++++++++++--------
 .../tasks/installation_from_sources.yml       | 20 +++++++++++--------
 2 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 2b29a682..b13c17ef 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -11,12 +11,14 @@
       state: present
 
   - name: Removing old files
-    file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
-    state: absent
+    file: 
+      path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+      state: absent
 
   - name: Removing old folders
-    file: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
-    state: absent
+    file: 
+      path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
+      state: absent
 
   - name: Installing policycoreutils-python (RedHat families)
     package:
@@ -86,9 +88,11 @@
       chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
 
   - name: Cleanup downloaded files
-    file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
-    state: absent
+    file: 
+      path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+      state: absent
 
   - name: Cleanup created folders
-    file: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
-    state: absent
\ No newline at end of file
+    file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+      path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
+      state: absent
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 411254b1..1bc17d9d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -19,12 +19,14 @@
           state: present
 
       - name: Removing old files
-        file: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
-        state: absent
+        file: 
+          path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+          state: absent
 
       - name: Removing old folders
-        file: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
-        state: absent
+        file: 
+          path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
+          state: absent
 
       - name: Installing policycoreutils-python (RedHat families)
         package:
@@ -98,12 +100,14 @@
           chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
 
       - name: Cleanup downloaded files
-        file: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
-        state: absent
+        file: 
+          path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
+          state: absent
 
       - name: Cleanup created folders
-        file: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
-        state: absent
+        file: 
+          path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
+          state: absent
 
     when:
       - not wazuh_ossec_control.stat.exists

From fd50b604850d7a77809e19af06146cd65923605e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 19:01:02 +0100
Subject: [PATCH 495/714] Fix linting

---
 .../tasks/installation_from_sources.yml                   | 8 ++++----
 .../tasks/installation_from_sources.yml                   | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index b13c17ef..b426df58 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -11,12 +11,12 @@
       state: present
 
   - name: Removing old files
-    file: 
+    file:
       path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
       state: absent
 
   - name: Removing old folders
-    file: 
+    file:
       path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
       state: absent
 
@@ -88,11 +88,11 @@
       chdir: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
 
   - name: Cleanup downloaded files
-    file: 
+    file:
       path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
       state: absent
 
   - name: Cleanup created folders
-    file: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
+    file:
       path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
       state: absent
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 1bc17d9d..7e28a70e 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -19,12 +19,12 @@
           state: present
 
       - name: Removing old files
-        file: 
+        file:
           path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
           state: absent
 
       - name: Removing old folders
-        file: 
+        file:
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: absent
 
@@ -100,12 +100,12 @@
           chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
 
       - name: Cleanup downloaded files
-        file: 
+        file:
           path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz"
           state: absent
 
       - name: Cleanup created folders
-        file: 
+        file:
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: absent
 

From 3406109b33ca3d05eac3d308ef96ab90abd668f7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 19:35:23 +0100
Subject: [PATCH 496/714] Remove tags from "preloaded-vars.conf"

---
 .../ansible-wazuh-agent/tasks/installation_from_sources.yml     | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index b426df58..4c4a2c82 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -77,8 +77,6 @@
       owner: root
       group: root
       mode: '644'
-    tags:
-      - molecule-idempotence-notest
 
   - name: Executing "install.sh" script to build and install the Wazuh Agent
     shell: ./install.sh > /tmp/build_agent_log.txt

From a4f68f6487dfb46c4ce62ccba3725bb6bf904fa3 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 25 Nov 2019 20:04:28 +0100
Subject: [PATCH 497/714] Remove molecule-idemptence-notest  tag to fix Jenkins
 build

---
 .../ansible-wazuh-agent/tasks/installation_from_sources.yml     | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 4c4a2c82..0cca7044 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -56,8 +56,6 @@
     changed_when: wazuh_untar.rc ==0
     args:
       warn: false
-    tags:
-      - molecule-idempotence-notest
 
   - name: Clean remaining files from others builds
     command: "make -C src {{ item }}"

From b4352beda178e54f4aeebfc0dd438832c4248ab9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 00:39:19 +0100
Subject: [PATCH 498/714] Add changed_when conditionals to avoid idempotence
 errors

---
 .../tasks/installation_from_sources.yml                  | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 0cca7044..69934631 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -41,11 +41,13 @@
       url: "https://github.com/wazuh/wazuh/archive/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
       dest: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
     delegate_to: "{{ inventory_hostname }}"
+    changed_when: false
 
   - name: Create folder to extract Wazuh branch
     file:
       path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
       state: directory
+    changed_when: false
 
   - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip
     command: >-
@@ -53,7 +55,7 @@
       --strip 1
       --directory /tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}
     register: wazuh_untar
-    changed_when: wazuh_untar.rc ==0
+    changed_when: false
     args:
       warn: false
 
@@ -75,6 +77,7 @@
       owner: root
       group: root
       mode: '644'
+    changed_when: false
 
   - name: Executing "install.sh" script to build and install the Wazuh Agent
     shell: ./install.sh > /tmp/build_agent_log.txt
@@ -87,8 +90,10 @@
     file:
       path: "/tmp/{{ wazuh_agent_sources_installation.branch }}.tar.gz"
       state: absent
+    changed_when: false
 
   - name: Cleanup created folders
     file:
       path: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}"
-      state: absent
\ No newline at end of file
+      state: absent
+    changed_when: false
\ No newline at end of file

From dc0811e6690b901d8e6abfa3cec18e02223decc1 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 01:13:09 +0100
Subject: [PATCH 499/714] Testing Manager: sources, API packages

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 92fbf13c..3d1615f4 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From 37a59e212e3fa472a15faa0681ebf991cbc8835e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 01:14:51 +0100
Subject: [PATCH 500/714] Testing, Manager: package, API: package

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3d1615f4..90d7fed3 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,7 +5,7 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   user_language: "en"
   user_no_stop: "y"

From 0e196abb51c38a432e51737ab1c5d31e3968f43a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 10:35:34 +0100
Subject: [PATCH 501/714] Add npm as dependency required for Debian 10

---
 .../ansible-wazuh-manager/tasks/installation_from_sources.yml    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 7e28a70e..89b934e8 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -133,6 +133,7 @@
             - autoconf
             - libtool
             - tar
+            - npm
           state: present
 
       - name: Ensure Git is present in the host

From 85db46bbd89db0b8f6439fc7a3261762eb3fcbed Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 10:50:03 +0100
Subject: [PATCH 502/714] Set installation type to sources

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 90d7fed3..92fbf13c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,7 +5,7 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
-  enabled: false
+  enabled: true
   branch: "v3.10.2"
   user_language: "en"
   user_no_stop: "y"
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: false
+  enabled: true
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From c17424b4639a7916548540f612c51ac1a246176a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 11:28:22 +0100
Subject: [PATCH 503/714] Limit the npm installation to Debian hosts only

---
 .../tasks/installation_from_sources.yml                   | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 89b934e8..420992e6 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -133,8 +133,14 @@
             - autoconf
             - libtool
             - tar
-            - npm
           state: present
+      
+      - name: Explicitly installing npm for Debian hosts
+        package:
+          name: npm
+          state: present
+        when:
+          - ansible_distribution == "Debian"
 
       - name: Ensure Git is present in the host
         package:

From e4fdb984d6ad2b538a442ab205a0e55837d8dc7f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 11:38:54 +0100
Subject: [PATCH 504/714] Fix Linting

---
 .../ansible-wazuh-manager/tasks/installation_from_sources.yml   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 420992e6..b92e4edc 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -134,7 +134,7 @@
             - libtool
             - tar
           state: present
-      
+
       - name: Explicitly installing npm for Debian hosts
         package:
           name: npm

From 94ed23c60788c33cb9afadcb454770457d87fc16 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 13:22:42 +0100
Subject: [PATCH 505/714] Testing Agent from packages. Testing sources/package
 for manager and api

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 28e807f3..64935264 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -2,7 +2,7 @@
 wazuh_agent_version: 3.10.2-1
 
 wazuh_agent_sources_installation:
-  enabled: "true"
+  enabled: "false"
   branch: "v3.10.2"
   user_language: "y"
   user_no_stop: "y"
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 92fbf13c..3d1615f4 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From a25b7d9681fa30d05e975388549f33f5ce2b2906 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 14:55:57 +0100
Subject: [PATCH 506/714] Fix conditionals related with Manager and API kind of
 installatioin

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml   | 3 +--
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 9 +++------
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 3 +--
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 76ed0f76..e0b2b426 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -10,8 +10,7 @@
   when:
     - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_agent_sources_installation.enabled
-    - not wazuh_api_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled or not wazuh_api_sources_installation.enabled
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 2c2db72d..9752545a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -27,16 +27,14 @@
   when:
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
-    - not wazuh_manager_sources_installation.enabled
-    - not wazuh_api_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
-    - not wazuh_manager_sources_installation.enabled
-    - not wazuh_api_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -46,8 +44,7 @@
     update_cache: true
   changed_when: false
   when:
-    - not wazuh_manager_sources_installation.enabled
-    - not wazuh_api_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 68bf381f..807275f1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -10,8 +10,7 @@
   when:
     - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_manager_sources_installation.enabled
-    - not wazuh_api_sources_installation.enabled
+    - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
   register: repo_v5_manager_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo

From c772d5c983b3e9aa53fd45d7b6798aa2ff03a125 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 15:00:22 +0100
Subject: [PATCH 507/714] Fix Nodejs in Kibana and rename 'repo_dic'  to
 'repo_dict'

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml       | 7 +++++--
 .../ansible-kibana/tasks/build_wazuh_plugin.yml            | 3 ++-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml        | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml           | 2 +-
 4 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 1352e352..db42b801 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -25,8 +25,11 @@ generate_CA: true
 ca_cert_name: ""
 
 # Nodejs
-node_js_repo_url: https://rpm.nodesource.com/setup_8.x
-node_js_repo_type: rpm
+nodejs:
+  repo_dict:
+      debian: "deb"
+      redhat: "rpm"
+  repo_url_ext: "nodesource.com/setup_8.x" 
 
 # Build from sources
 build_from_sources: false
diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index f4f8fd80..b864afc3 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -13,7 +13,8 @@
 
   - name: Download script to install Nodejs repository
     get_url:
-      url: "https://{{ node_js_repo_type }}.{{ node_js_repo_url }}"
+    nodejs['repo_dict'][ansible_os_family|lower]
+      url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
       dest: "/tmp/setup_nodejs_repo.sh"
       mode: "0700"
 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3d1615f4..f85e32eb 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -371,7 +371,7 @@ wazuh_agent_configs:
         format: 'eventlog'
 
 nodejs:
-  repo_dic:
+  repo_dict:
       debian: "deb"
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_8.x" 
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index c6f0ae26..0bb00fef 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -16,7 +16,7 @@
   block:
     - name: Download NodeJS repository script
       get_url:
-        url: "https://{{ nodejs['repo_dic'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
+        url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
         dest: /etc/nodejs.sh
         mode: '0775'
       changed_when: false

From e18e95816004b76cab8a46aa5841d371f56a8fb7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 16:38:40 +0100
Subject: [PATCH 508/714] Fix typo in build_wazuh_plugin.yml

---
 roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index b864afc3..4a2ebc23 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -1,5 +1,4 @@
 ---
-
   - name: Ensure the Git package is present
     package:
       name: git
@@ -13,7 +12,6 @@
 
   - name: Download script to install Nodejs repository
     get_url:
-    nodejs['repo_dict'][ansible_os_family|lower]
       url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
       dest: "/tmp/setup_nodejs_repo.sh"
       mode: "0700"

From ad8ae0ed655205f062ef50bead632e2a1448177c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 17:53:24 +0100
Subject: [PATCH 509/714] Testing package/sources for Manager and API
 respectively

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f85e32eb..ca23f8ff 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,7 +5,7 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   user_language: "en"
   user_no_stop: "y"
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: false
+  enabled: true
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From 4ba0a85bf199511278d127a774e3e81f6b0b4ce8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 18:49:10 +0100
Subject: [PATCH 510/714] Fix includes for wazuh-manager role

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 4 ----
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 9752545a..e045059d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -1,8 +1,4 @@
 ---
-- include_tasks: "installation_from_sources.yml"
-  when:
-    - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
-
 - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates
   apt:
     name:
@@ -110,6 +106,10 @@
   when:
     - not wazuh_manager_sources_installation.enabled
 
+- include_tasks: "installation_from_sources.yml"
+  when:
+    - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
+
 - name: Debian/Ubuntu | Install wazuh-api
   apt:
     name:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 807275f1..49ff0cdf 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -137,10 +137,6 @@
   tags:
     - init
 
-- include_tasks: "../tasks/installation_from_sources.yml"
-  when:
-    - wazuh_api_sources_installation.enabled
-
 - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3
   replace:
     path: /etc/init.d/wazuh-manager

From dbf436be04828e4a0c28abae95ce1da926ada5c0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 26 Nov 2019 18:56:06 +0100
Subject: [PATCH 511/714] Testing installation from packages

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ca23f8ff..ad3ddf1d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From ae5a3d6f91f459f2963a257b4d6e1c0ccff7173c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 27 Nov 2019 10:04:21 +0100
Subject: [PATCH 512/714] Fix conditional for RHEL hosts

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ad3ddf1d..ca23f8ff 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: false
+  enabled: true
   branch: "v3.10.2"
   update: "y"
   remove: "y"
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 49ff0cdf..fc8cd489 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -123,7 +123,7 @@
 
 - include_tasks: "../tasks/installation_from_sources.yml"
   when:
-    - wazuh_manager_sources_installation.enabled
+    - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
 
 - name: CentOS/RedHat/Amazon | Install Wazuh API
   package:

From aaa68bd5bb87c0a8bda4d2fb3aee63ac60aca738 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 27 Nov 2019 11:27:26 +0100
Subject: [PATCH 513/714] Testing installation from packages

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ca23f8ff..ad3ddf1d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From dec2fc5cca33e001ba8717af2741b5b9874edc64 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 27 Nov 2019 12:50:06 +0100
Subject: [PATCH 514/714] Test Kibana installation from sources

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index db42b801..0a05d853 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -32,5 +32,5 @@ nodejs:
   repo_url_ext: "nodesource.com/setup_8.x" 
 
 # Build from sources
-build_from_sources: false
-wazuh_plugin_branch: 3.10-7.3
\ No newline at end of file
+build_from_sources: true
+wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file

From 814cfa1e5e5cf2f97bfe9ca81a60b1107eac79e8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 27 Nov 2019 13:49:12 +0100
Subject: [PATCH 515/714] Fix idempotence on Kibana installation from sources

---
 .../ansible-kibana/tasks/build_wazuh_plugin.yml            | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 4a2ebc23..8de3281c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -19,7 +19,7 @@
   - name: Execute downloaded script to install Nodejs repo
     command: /tmp/setup_nodejs_repo.sh
     register: node_repo_installation_result
-    changed_when: node_repo_installation_result.rc == 0
+    changed_when: false
 
   - name: Install Nodejs
     package:
@@ -29,7 +29,7 @@
   - name: Run NPM under root account
     command: npm config set user 0
     register: allow_root_npm
-    changed_when: allow_root_npm.rc == 0
+    changed_when: false
 
   - name: Install yarn dependency to build the Wazuh Kibana Plugin
     command: npm install -g yarn@1.10.1
@@ -40,11 +40,12 @@
     file:
       path: /tmp/app
       state: absent
+    changed_when: false
 
   - name: Clone wazuh-kibana-app repository # Using command as git module doesn't cover single-branch nor depth
     command: git clone https://github.com/wazuh/wazuh-kibana-app -b {{ wazuh_plugin_branch }} --single-branch --depth=1 app # noqa 303
     register: clone_app_repo_result
-    changed_when: clone_app_repo_result.rc == 0
+    changed_when: false
     args:
       chdir: "/tmp"
 

From 77145e71b867326df92f7904e8e95c1f24ca7a8f Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 27 Nov 2019 18:00:34 +0100
Subject: [PATCH 516/714] Disable Kibana from sources and test sources/package
 after changes

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 0a05d853..8e4a6572 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -32,5 +32,5 @@ nodejs:
   repo_url_ext: "nodesource.com/setup_8.x" 
 
 # Build from sources
-build_from_sources: true
+build_from_sources: false
 wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ad3ddf1d..f85e32eb 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,7 +5,7 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
-  enabled: false
+  enabled: true
   branch: "v3.10.2"
   user_language: "en"
   user_no_stop: "y"

From eed1a11aebb7e4ffdb68d8548983aad46e6f2af8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 28 Nov 2019 10:13:08 +0100
Subject: [PATCH 517/714] Testing sources/sources installation for Manager and
 API respectively

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f85e32eb..27106dc1 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: false
+  enabled: true
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From 50cd3745bb13750572b3ae73bf191c61b7325b9e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 28 Nov 2019 11:28:38 +0100
Subject: [PATCH 518/714] Add check to stop if trying to build Kibana in Debian
 10

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 89af291c..dd0e423f 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -1,4 +1,13 @@
 ---
+
+- name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible
+  fail:
+    msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924"
+  when:
+    - build_from_sources
+    - ansible_distribution == "Debian"
+    - ansible_distribution_major_version == "10"
+
 - import_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
 
@@ -108,6 +117,7 @@
     - build_from_sources is defined
     - build_from_sources
 
+
 - name: Install Wazuh Plugin (can take a while)
   shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   environment:

From 7f70b4dfebce1484c95db3e8ff623d05871624b4 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 28 Nov 2019 11:49:40 +0100
Subject: [PATCH 519/714] Update "build_wazuh_plugin" to fix conditional and
 update npm task

---
 .../ansible-kibana/tasks/build_wazuh_plugin.yml        | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 8de3281c..a18a752b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -26,13 +26,9 @@
       name: nodejs
       state: present
 
-  - name: Run NPM under root account
-    command: npm config set user 0
-    register: allow_root_npm
-    changed_when: false
-
   - name: Install yarn dependency to build the Wazuh Kibana Plugin
-    command: npm install -g yarn@1.10.1
+    # Using shell due to errors when evaluating text between @ with command
+    shell: "npm install -g {{ 'yarn' }}{{ '@' }}{{ '1.10.1'}}" # noqa 305
     register: install_yarn_result
     changed_when: install_yarn_result == 0
 
@@ -56,7 +52,7 @@
       - "yarn build"
       - "yarn build" # Executing multiple times to workaround errors returned by yarn build
     register: yarn_execution_result
-    changed_when: yarn_execution_result == 0
+    changed_when: false
     args:
       chdir: "/tmp/app/"
 

From b9a6d0e1d6c2f098480dc04e8309f439b23ee671 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 28 Nov 2019 11:49:47 +0100
Subject: [PATCH 520/714] Testing Kibana from sources

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 8e4a6572..0a05d853 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -32,5 +32,5 @@ nodejs:
   repo_url_ext: "nodesource.com/setup_8.x" 
 
 # Build from sources
-build_from_sources: false
+build_from_sources: true
 wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file

From 7525c75beb3cbb66e0a6822d762713b6220e14a2 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 29 Nov 2019 10:00:19 +0100
Subject: [PATCH 521/714] Restore elastic_stack-single to default configuration

---
 playbooks/wazuh-elastic_stack-single.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml
index 9bf5f0fa..aba365c9 100644
--- a/playbooks/wazuh-elastic_stack-single.yml
+++ b/playbooks/wazuh-elastic_stack-single.yml
@@ -1,8 +1,8 @@
 ---
-- hosts: all
+- hosts: <your server host>
   roles:
     - {role: ../roles/wazuh/ansible-wazuh-manager}
     - role: ../roles/wazuh/ansible-filebeat
       filebeat_output_elasticsearch_hosts: localhost:9200
     - {role: ../roles/elastic-stack/ansible-elasticsearch, elasticsearch_network_host: '0.0.0.0', single_node: true}
-    - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: 'localhost', elasticsearch_reachable_host: 'localhost' }
\ No newline at end of file
+    - { role: ../roles/elastic-stack/ansible-kibana, elasticsearch_network_host: '0.0.0.0', elasticsearch_reachable_host: 'localhost' }
\ No newline at end of file

From e45aaf6a8e133910e17536aaa7897668fafb9eaf Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 29 Nov 2019 10:04:09 +0100
Subject: [PATCH 522/714] Improving description for installation tasks in
 "RedHat.yml"

---
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index fc8cd489..5dc57e81 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -109,7 +109,7 @@
   when:
     - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
 
-- name: CentOS/RedHat/Amazon | Install Wazuh Manager
+- name: CentOS/RedHat/Amazon | Install wazuh-manager
   package:
     name: "wazuh-manager-{{ wazuh_manager_version }}"
     state: "{{ wazuh_manager_package_state }}"
@@ -125,7 +125,7 @@
   when:
     - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
 
-- name: CentOS/RedHat/Amazon | Install Wazuh API
+- name: CentOS/RedHat/Amazon | Install wazuh-api
   package:
     name: "wazuh-api-{{ wazuh_manager_version }}"
     state: "{{ wazuh_manager_package_state }}"

From ab4ef23e2ae9a947ed8585500a434188314bafc8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 29 Nov 2019 10:51:58 +0100
Subject: [PATCH 523/714] Remove unneeded yarn build execution

---
 roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index a18a752b..6a3dc514 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -50,7 +50,6 @@
     with_items:
       - "yarn"
       - "yarn build"
-      - "yarn build" # Executing multiple times to workaround errors returned by yarn build
     register: yarn_execution_result
     changed_when: false
     args:

From da2442ca0685f2e2286943f31dbc69263c59cf4c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 5 Dec 2019 17:03:50 +0100
Subject: [PATCH 524/714] Adapt agent installation to the default

---
 .../ansible-wazuh-agent/defaults/main.yml     | 32 +++++++++----------
 .../var-ossec-etc-ossec-agent.conf.j2         | 27 ++++------------
 2 files changed, 22 insertions(+), 37 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 64935264..dc447edd 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -74,8 +74,6 @@ wazuh_agent_config:
     scan_on_start: 'yes'
     auto_ignore: 'no'
     alert_new_files: 'yes'
-    remove_old_diff: 'yes'
-    restart_audit: 'yes'
     win_audit_interval: 300
     skip_nfs: 'yes'
     ignore:
@@ -93,6 +91,10 @@ wazuh_agent_config:
       - /etc/svc/volatile
       - /sys/kernel/security
       - /sys/kernel/debug
+      - /dev/core
+    ignore_linux_type:
+      - '^/proc'
+      - '.log$|.swp$'
     ignore_win:
       - '.log$|.htm$|.jpg$|.png$|.chm$|.pnf$|.evtx$'
     no_diff:
@@ -273,19 +275,15 @@ wazuh_agent_config:
     wday: ''
     time: ''
   cis_cat:
-    disable: 'yes'
-    install_java: 'yes'
+    disable: 'no'
+    install_java: 'no'
     timeout: 1800
     interval: '1d'
     scan_on_start: 'yes'
-    java_path: '/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/bin'
+    java_path: 'wodles/java'
     java_path_win: '\\server\jre\bin\java.exe'
-    ciscat_path: '/var/ossec/wodles/ciscat'
+    ciscat_path: 'wodles/ciscat'
     ciscat_path_win: 'C:\cis-cat'
-    content:
-      - type: 'xccdf'
-        path: 'benchmarks/CIS_Ubuntu_Linux_16.04_LTS_Benchmark_v1.0.0-xccdf.xml'
-        profile: 'xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Server'
   vuls:
     disable: 'yes'
     interval: '1d'
@@ -318,16 +316,16 @@ wazuh_agent_config:
     linux:
       - format: 'syslog'
         location: '/var/ossec/logs/active-responses.log'
-      - format: 'command'
-        command: df -P -x squashfs -x tmpfs -x devtmpfs
-        frequency: '360'
-      - format: 'full_command'
-        command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
-        alias: 'netstat listening ports'
-        frequency: '360'
       - format: 'full_command'
         command: 'last -n 20'
         frequency: '360'
+      - format: 'command'
+        command: df -P
+        frequency: '360'
+      - format: 'full_command'
+        command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
+        alias: 'netstat listening ports'
+        frequency: '360'
     windows:
       - format: 'eventlog'
         location: 'Application'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 61c28012..ae5e47da 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -51,7 +51,6 @@
   <rootcheck>
     <disabled>no</disabled>
     {% if ansible_system == "Linux" %}
-    <check_unixaudit>yes</check_unixaudit>
     <check_files>yes</check_files>
     <check_trojans>yes</check_trojans>
     <check_dev>yes</check_dev>
@@ -65,11 +64,6 @@
 
     <rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
     <rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
-    <system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit>
-    <system_audit>/var/ossec/etc/shared/system_audit_ssh.txt</system_audit>
-    {% if cis_distribution_filename is defined %}
-    <system_audit>/var/ossec/etc/shared/{{ cis_distribution_filename }}</system_audit>
-    {% endif %}
     <skip_nfs>yes</skip_nfs>
     {% endif %}
     {% if ansible_os_family == "Windows" %}
@@ -118,6 +112,13 @@
     {% endfor %}
     {% endif %}
 
+    <!-- File types to ignore -->
+    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %}
+    {% for ignore in wazuh_agent_config.syscheck.ignore_linux_type %}
+    <ignore type="sregex">{{ ignore }}</ignore>
+    {% endfor %}
+    {% endif %}
+
     {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Windows" %}
     {% for ignore in wazuh_agent_config.syscheck.ignore_win %}
     <ignore type="sregex">{{ ignore }}</ignore>
@@ -132,13 +133,6 @@
     
     <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
     {% endif %}
-    <!-- Remove not monitored files -->
-    <remove_old_diff>{{ wazuh_agent_config.syscheck.remove_old_diff }}</remove_old_diff>
-
-    {% if ansible_system == "Linux"%}
-    <!-- Allow the system to restart Auditd after installing the plugin -->
-    <restart_audit>{{ wazuh_agent_config.syscheck.restart_audit }}</restart_audit>
-    {% endif %} 
 
     {% if ansible_os_family == "Windows" %}
     {% for registry_key in wazuh_agent_config.syscheck.windows_registry %}
@@ -234,13 +228,6 @@
     <java_path>{{ wazuh_agent_config.cis_cat.java_path }}</java_path>
     {% endif %}
     <ciscat_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.cis_cat.ciscat_path_win }}{% else %}{{ wazuh_agent_config.cis_cat.ciscat_path }}{% endif %}</ciscat_path>
-    {% if ansible_system == "Linux" %}
-    {% for benchmark in wazuh_agent_config.cis_cat.content %}
-    <content type="{{ benchmark.type }}" path="{{ benchmark.path }}">
-      <profile>{{ benchmark.profile }}</profile>
-    </content>
-    {% endfor %}
-    {% endif %}
   </wodle>
   {% endif %}
 

From 29b4a9aacd549f6464f40a757825cc722be57cac Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 5 Dec 2019 17:20:24 +0100
Subject: [PATCH 525/714] Change server protocol '' tcp -> udp ''

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index dc447edd..11e481f2 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -26,7 +26,7 @@ wazuh_agent_sources_installation:
 wazuh_managers:
   - address: 127.0.0.1
     port: 1514
-    protocol: tcp
+    protocol: udp
     api_port: 55000
     api_proto: 'http'
     api_user: null

From 03e409fc52d0679fec6b79ff1083b4d5788bb742 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 5 Dec 2019 18:44:18 +0100
Subject: [PATCH 526/714] Disable cis-cat

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 11e481f2..af9ad4c8 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -275,7 +275,7 @@ wazuh_agent_config:
     wday: ''
     time: ''
   cis_cat:
-    disable: 'no'
+    disable: 'yes'
     install_java: 'no'
     timeout: 1800
     interval: '1d'

From f6e4468fd86d4e496bd6783bfc7e4553d5c33d0a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 10 Dec 2019 10:12:32 +0100
Subject: [PATCH 527/714] Change default installation mode to packages.

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 0a05d853..8e4a6572 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -32,5 +32,5 @@ nodejs:
   repo_url_ext: "nodesource.com/setup_8.x" 
 
 # Build from sources
-build_from_sources: true
+build_from_sources: false
 wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 64935264..30eddc6e 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -2,7 +2,7 @@
 wazuh_agent_version: 3.10.2-1
 
 wazuh_agent_sources_installation:
-  enabled: "false"
+  enabled: false
   branch: "v3.10.2"
   user_language: "y"
   user_no_stop: "y"
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 0a5eaf07..ca536bff 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,7 +5,7 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   user_language: "en"
   user_no_stop: "y"
@@ -30,7 +30,7 @@ wazuh_manager_sources_installation:
   threads: "2"
 
 wazuh_api_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.10.2"
   update: "y"
   remove: "y"

From 8ef63f06ebaf17d8a8c4485dbdc604b8795d6162 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 12 Dec 2019 16:01:41 +0100
Subject: [PATCH 528/714] Fix Wazuh Agent name conditional in Linux.yml

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml   | 4 ++--
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 9265ce92..b53b2450 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -59,12 +59,12 @@
     - name: Linux | Register agent (via authd)
       shell: >
         /var/ossec/bin/agent-auth
-        {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
+        {% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
         {% if wazuh_agent_nat %}-I "any" {% endif %}
         {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
-        {% if wazuh_agent_authd.ssl_agent_ca is not none %}
+        {% if wazuh_agent_authd.ssl_agent_ca is defined %}
         -v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
         -x "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}"
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 2de09a8e..ee0aced7 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -60,7 +60,7 @@
     {{ wazuh_agent_win_auth_path }}
     -m {{ wazuh_managers.0.address }}
     -p {{ wazuh_agent_authd.port }}
-    {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
+    {% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
     {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
   register: agent_auth_output
   notify: Windows | Restart Wazuh Agent

From 2ddd8b9e72e403f7b0d99282e379644579a95092 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 16 Dec 2019 21:55:54 +0100
Subject: [PATCH 529/714] Add conditional check for syscheck.auto_ignore

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2                 | 2 +-
 .../templates/var-ossec-etc-shared-agent.conf.j2                | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index ae5e47da..6629da08 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -113,7 +113,7 @@
     {% endif %}
 
     <!-- File types to ignore -->
-    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %}
+    {% if wazuh_agent_config.syscheck.ignore_linux_type is defined and ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %}
     {% for ignore in wazuh_agent_config.syscheck.ignore_linux_type %}
     <ignore type="sregex">{{ ignore }}</ignore>
     {% endfor %}
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index 4ae5a145..77e64fbf 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -4,7 +4,9 @@
 <agent_config {{ agent_config.type }}="{{ agent_config.type_value }}">
   {% if agent_config.syscheck is defined %}
   <syscheck>
+    {% if agent_config.syscheck.auto_ignore is defined %}
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
+    {% endif %}
     <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
     <!-- Frequency that syscheck is executed -- default every 20 hours -->
     <frequency>{{ agent_config.syscheck.frequency }}</frequency>

From ce013d1dde312c9b0e9a73393402542ee1545186 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 16 Dec 2019 21:57:10 +0100
Subject: [PATCH 530/714] Adapt ossec.conf template and variables to v3.11 -
 manager

---
 .../ansible-wazuh-manager/defaults/main.yml   | 85 +++++++++-------
 .../var-ossec-etc-ossec-server.conf.j2        | 96 +++++++++++--------
 2 files changed, 108 insertions(+), 73 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 0a5eaf07..3551c3ab 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -87,7 +87,7 @@ wazuh_manager_config:
   connection:
     - type: 'secure'
       port: '1514'
-      protocol: 'tcp'
+      protocol: 'udp'
       queue_size: 131072
   authd:
     enable: true
@@ -97,6 +97,8 @@ wazuh_manager_config:
     force_time: 0
     purge: 'no'
     use_password: 'no'
+    limit_maxagents: 'yes'
+    ciphers: 'HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH'
     ssl_agent_ca: null
     ssl_verify_host: 'no'
     ssl_manager_cert: 'sslmanager.cert'
@@ -105,13 +107,14 @@ wazuh_manager_config:
   email_notification: 'no'
   mail_to:
     - 'admin@example.net'
-  mail_smtp_server: localhost
-  mail_from: wazuh-server@example.com
+  mail_smtp_server: smtp.example.wazuh.com
+  mail_from: ossecm@example.wazuh.com
   mail_maxperhour: 12
   mail_queue_size: 131072
+  email_log_source: 'alerts.log'
   extra_emails:
     - enable: false
-      mail_to: 'admin@example.net'
+      mail_to: 'recipient@example.wazuh.com'
       format: full
       level: 7
       event_location: null
@@ -152,6 +155,10 @@ wazuh_manager_config:
       - /etc/svc/volatile
       - /sys/kernel/security
       - /sys/kernel/debug
+      - /dev/core
+    ignore_linux_type:
+      - '^/proc'
+      - '.log$|.swp$'
     no_diff:
       - /etc/ssl/private.key
     directories:
@@ -164,8 +171,6 @@ wazuh_manager_config:
       timeframe: 'timeframe="3600"'
       value: 'no'
     skip_nfs: 'yes'
-    remove_old_diff: 'yes'
-    restart_audit: 'yes'
   rootcheck:
     frequency: 43200
   openscap:
@@ -181,10 +186,6 @@ wazuh_manager_config:
     scan_on_start: 'yes'
     java_path: '/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/bin'
     ciscat_path: 'wodles/ciscat'
-    content:
-      - type: 'xccdf'
-        path: 'benchmarks/CIS_Ubuntu_Linux_16.04_LTS_Benchmark_v1.0.0-xccdf.xml'
-        profile: 'xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Server'
   osquery:
     disable: 'yes'
     run_daemon: 'yes'
@@ -209,20 +210,40 @@ wazuh_manager_config:
     day: ''
     wday: ''
     time: ''
-  vul_detector:
-    disable: 'yes'
+  vulnerability_detector:
+    enabled: 'no'
     interval: '5m'
     ignore_time: '6h'
     run_on_start: 'yes'
-    ubuntu:
-      disable: 'yes'
-      update_interval: '1h'
-    redhat:
-      disable: 'yes'
-      update_interval: '1h'
-    debian:
-      disable: 'yes'
-      update_interval: '1h'
+    providers:
+      canonical:
+        - name: 'canonical'
+          enabled: 'no'
+          os:
+            - precise
+            - trusty
+            - xenial
+            - bionic
+          update_interval: '1h'
+      debian:
+        - name: 'debian'
+          enabled: 'no'
+          os:
+            - wheezy
+            - stretch
+            - jessie
+            - buster
+          update_interval: '1h'
+      redhat:
+        - name: 'redhat'
+          enabled: 'no'
+          update_from_year: '2010'
+          update_interval: '1h'
+      nvd:
+        - name: 'nvd'
+          enabled: 'no'
+          update_from_year: '2010'
+          update_interval: '1h'    
   vuls:
     disable: 'yes'
     interval: '1d'
@@ -233,15 +254,15 @@ wazuh_manager_config:
       - 'updatenvd'
       - 'nvd-year 2016'
       - 'autoupdate'
-  log_level: 1
+  log_level: 3
   email_level: 12
   localfiles:
     common:
       - format: 'command'
-        command: df -P -x squashfs -x tmpfs -x devtmpfs
+        command: df -P
         frequency: '360'
       - format: 'full_command'
-        command: ss -nutal | awk '{print $1,$5,$6;}' | sort -b | column -t
+        command: netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d
         alias: 'netstat listening ports'
         frequency: '360'
       - format: 'full_command'
@@ -268,18 +289,15 @@ wazuh_manager_config:
         location: '/var/log/audit/audit.log'
   globals:
     - '127.0.0.1'
-    - '192.168.2.1'
+    - '^localhost.localdomain$'
+    - '127.0.0.53'
   commands:
     - name: 'disable-account'
       executable: 'disable-account.sh'
       expect: 'user'
       timeout_allowed: 'yes'
-    # - name: 'restart-ossec'
-    #   executable: 'restart-ossec.sh'
-    #   expect: ''
-    #   timeout_allowed: 'no'
-    - name: 'win_restart-ossec'
-      executable: 'restart-ossec.cmd'
+    - name: 'restart-ossec'
+      executable: 'restart-ossec.sh'
       expect: ''
       timeout_allowed: 'no'
     - name: 'firewall-drop'
@@ -298,6 +316,10 @@ wazuh_manager_config:
       executable: 'route-null.cmd'
       expect: 'srcip'
       timeout_allowed: 'yes'
+    - name: 'win_route-null-2012'
+      executable: 'route-null-2012.cmd'
+      expect: 'srcip'
+      timeout_allowed: 'yes'
     - name: 'netsh'
       executable: 'netsh.cmd'
       expect: 'srcip'
@@ -327,7 +349,6 @@ wazuh_agent_configs:
     syscheck:
       frequency: 43200
       scan_on_start: 'yes'
-      auto_ignore: 'no'
       alert_new_files: 'yes'
       ignore:
         - /etc/mtab
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 733cae18..603ce858 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -18,7 +18,7 @@
     <smtp_server>{{ wazuh_manager_config.mail_smtp_server }}</smtp_server>
     <email_from>{{ wazuh_manager_config.mail_from }}</email_from>
     <email_maxperhour>{{ wazuh_manager_config.mail_maxperhour }}</email_maxperhour>
-    <queue_size>{{ wazuh_manager_config.mail_queue_size }}</queue_size>
+    <email_log_source>{{ wazuh_manager_config.email_log_source }}</email_log_source>
   </global>
 
   <alerts>
@@ -115,7 +115,6 @@
   <!-- Policy monitoring -->
   <rootcheck>
     <disabled>no</disabled>
-    <check_unixaudit>yes</check_unixaudit>
     <check_files>yes</check_files>
     <check_trojans>yes</check_trojans>
     <check_dev>yes</check_dev>
@@ -129,11 +128,6 @@
 
     <rootkit_files>/var/ossec/etc/shared/default/rootkit_files.txt</rootkit_files>
     <rootkit_trojans>/var/ossec/etc/shared/default/rootkit_trojans.txt</rootkit_trojans>
-    <system_audit>/var/ossec/etc/shared/default/system_audit_rcl.txt</system_audit>
-    <system_audit>/var/ossec/etc/shared/default/system_audit_ssh.txt</system_audit>
-    {% if cis_distribution_filename is defined %}
-    <system_audit>/var/ossec/etc/shared/default/{{ cis_distribution_filename }}</system_audit>
-    {% endif %}
 
     <skip_nfs>yes</skip_nfs>
   </rootcheck>
@@ -202,11 +196,6 @@
     <java_path>{{ wazuh_manager_config.cis_cat.java_path }}</java_path>
     {% endif %}
     <ciscat_path>{{ wazuh_manager_config.cis_cat.ciscat_path }}</ciscat_path>
-    {% for benchmark in wazuh_manager_config.cis_cat.content %}
-    <content type="{{ benchmark.type }}" path="{{ benchmark.path }}">
-      <profile>{{ benchmark.profile }}</profile>
-    </content>
-    {% endfor %}
   </wodle>
 
   <!-- Osquery integration -->
@@ -255,24 +244,45 @@
   {% endif %}
   </sca>
 
-  <wodle name="vulnerability-detector">
-    <disabled>{{ wazuh_manager_config.vul_detector.disable }}</disabled>
-    <interval>{{ wazuh_manager_config.vul_detector.interval }}</interval>
-    <ignore_time>{{ wazuh_manager_config.vul_detector.ignore_time }}</ignore_time>
-    <run_on_start>{{ wazuh_manager_config.vul_detector.run_on_start }}</run_on_start>
-    <feed name="ubuntu-18">
-      <disabled>{{ wazuh_manager_config.vul_detector.ubuntu.disable }}</disabled>
-      <update_interval>{{ wazuh_manager_config.vul_detector.ubuntu.update_interval }}</update_interval>
-    </feed>
-    <feed name="redhat">
-      <disabled>{{ wazuh_manager_config.vul_detector.redhat.disable }}</disabled>
-      <update_interval>{{ wazuh_manager_config.vul_detector.redhat.update_interval }}</update_interval>
-    </feed>
-    <feed name="debian-9">
-      <disabled>{{ wazuh_manager_config.vul_detector.debian.disable }}</disabled>
-      <update_interval>{{ wazuh_manager_config.vul_detector.debian.update_interval }}</update_interval>
-    </feed>
-  </wodle>
+  <vulnerability-detector>
+  {% if wazuh_manager_config.vulnerability_detector.enabled is defined %}
+    <enabled>{{ wazuh_manager_config.vulnerability_detector.enabled }}</enabled>
+  {% endif %}
+  {% if wazuh_manager_config.vulnerability_detector.interval is defined %}
+    <interval>{{ wazuh_manager_config.vulnerability_detector.interval }}</interval>
+  {% endif %}
+  {% if wazuh_manager_config.vulnerability_detector.ignore_time is defined %}
+    <ignore_time>{{ wazuh_manager_config.vulnerability_detector.ignore_time }}</ignore_time>
+  {% endif %}
+  {% if wazuh_manager_config.vulnerability_detector.run_on_start is defined %}
+    <run_on_start>{{ wazuh_manager_config.vulnerability_detector.run_on_start }}</run_on_start>
+  {% endif %}
+  {% if wazuh_manager_config.vulnerability_detector.providers is defined %}
+  {% for provider in wazuh_manager_config.vulnerability_detector.providers %}
+    <provider name={{ provider.name }}>
+
+        {% if provider.enabled is defined %}
+        <enabled>{{ provider.enabled }}</enabled>
+        {% endif %}
+
+        {% if provider.os is defined %}
+        {% for os_ in provider.os %}
+        <os>{{ os_ }}</os>
+        {% endfor %}
+        {% endif %}
+
+        {% if provider.update_from_year is defined %}
+        <update_from_year>{{ provider.update_from_year }}</update_from_year>
+        {% endif %}
+
+        {% if provider.update_interval is defined %}
+        <update_interval>{{ provider.update_interval }}</update_interval>
+        {% endif %}
+
+    </provider>
+  {% endfor %}
+  {% endif %}
+  </vulnerability-detector>
 
   <!-- File integrity monitoring -->
   <syscheck>
@@ -283,7 +293,7 @@
     <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>
 
-    <!-- Don't ignore files that change more than 'frequency' times -->
+    <!-- Do not ignore files that change more than 'frequency' times -->
     {% if wazuh_manager_config.syscheck.auto_ignore_frequency is defined %}
     <auto_ignore {{ wazuh_manager_config.syscheck.auto_ignore_frequency.frequency }} {{ wazuh_manager_config.syscheck.auto_ignore_frequency.timeframe }}>{{wazuh_manager_config.syscheck.auto_ignore_frequency.value }}</auto_ignore>
     {% endif %}
@@ -302,6 +312,14 @@
     {% endfor %}
     {% endif %}
 
+    <!-- File types to ignore -->
+    {% if wazuh_manager_config.syscheck.ignore_linux_type is defined and ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %}
+    {% for ignore in wazuh_manager_config.syscheck.ignore_linux_type %}
+    <ignore type="sregex">{{ ignore }}</ignore>
+    {% endfor %}
+    {% endif %}
+
+
     <!-- Files no diff -->
     {% for no_diff in wazuh_manager_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
@@ -309,16 +327,6 @@
     {% if wazuh_manager_config.syscheck.skip_nfs is defined %}
     <skip_nfs>{{ wazuh_manager_config.syscheck.skip_nfs }}</skip_nfs>
     {% endif %}
-
-    <!-- Remove not monitored files -->
-    {% if wazuh_manager_config.syscheck.remove_old_diff is defined %}
-    <remove_old_diff>{{ wazuh_manager_config.syscheck.remove_old_diff }}</remove_old_diff>
-    {% endif %}
-
-    <!-- Allow the system to restart Auditd after installing the plugin -->
-    {% if wazuh_manager_config.syscheck.restart_audit is defined %}
-    <restart_audit>{{ wazuh_manager_config.syscheck.restart_audit }}</restart_audit>
-    {% endif %}
   </syscheck>
 
   <global>
@@ -380,6 +388,12 @@
     {% if wazuh_manager_config.authd.use_password is not none %}
     <use_password>{{wazuh_manager_config.authd.use_password}}</use_password>
     {% endif %}
+    {% if wazuh_manager_config.authd.limit_maxagents is not none %}
+    <limit_maxagents>{{wazuh_manager_config.authd.limit_maxagents}}</limit_maxagents>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ciphers is not none %}
+    <ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers>
+    {% endif %}    
     {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
     <ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
     {% endif %}

From 7df74182f4e4e086082c42712f9e4b69dbd34a35 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 17 Dec 2019 11:50:28 +0100
Subject: [PATCH 531/714] Fix conditional check for null variables

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index b53b2450..5664a428 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -59,17 +59,23 @@
     - name: Linux | Register agent (via authd)
       shell: >
         /var/ossec/bin/agent-auth
-        {% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
+        {% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
+        -A {{ wazuh_agent_authd.agent_name }}
+        {% endif %}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
-        {% if wazuh_agent_nat %}-I "any" {% endif %}
-        {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
-        {% if wazuh_agent_authd.ssl_agent_ca is defined %}
+        {% if wazuh_agent_nat %} -I "any" {% endif %}
+        {% if authd_pass is defined %} -P {{ authd_pass }} {% endif %}
+        {% if wazuh_agent_authd.ssl_agent_ca is defined and wazuh_agent_authd.ssl_agent_ca != None %}
         -v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
+        {% endif %}
+        {% if wazuh_agent_authd.ssl_agent_cert is defined and wazuh_agent_authd.ssl_agent_cert != None %}
         -x "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}"
+        {% endif %}
+        {% if wazuh_agent_authd.ssl_agent_key is defined and wazuh_agent_authd.ssl_agent_key != None  %}
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
-        {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %}-a{% endif %}
+        {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent
       vars:

From 760057583c0b6c27266ceecf1659dc6b0572ca6a Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 17 Dec 2019 14:15:16 +0100
Subject: [PATCH 532/714] Bump version to wazuh 3.11.0

---
 CHANGELOG.md                                                | 4 ++--
 VERSION                                                     | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 6 +++---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 6 +++---
 .../tasks/installation_from_sources.yml                     | 2 +-
 6 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c04df488..8ed1e39c 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,11 +17,11 @@ All notable changes to this project will be documented in this file.
 - Wazuh Agent registration using agent name has been fixed [@jm404](https://github.com/jm404) [#298](https://github.com/wazuh/wazuh-ansible/pull/298)
 - Fix Wazuh repository and installation conditionals  [@jm404](https://github.com/jm404) [#299](https://github.com/wazuh/wazuh-ansible/pull/299)
 
-## [v3.10.2_7.3.2]
+## [v3.11.0_7.3.2]
 
 ### Added
 
-- Update to Wazuh v3.10.2
+- Update to Wazuh v3.11.0
 
 ### Changed
 
diff --git a/VERSION b/VERSION
index f4d1cb92..31264c4e 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.10.2"
+WAZUH-ANSIBLE_VERSION="v3.11.0"
 REVISION="31020"
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 0a05d853..62af2781 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.4.2
-wazuh_version: 3.10.2
+wazuh_version: 3.11.0
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # Xpack Security
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index af9ad4c8..ff574fe8 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.10.2-1
+wazuh_agent_version: 3.11.0-1
 
 wazuh_agent_sources_installation:
   enabled: "false"
-  branch: "v3.10.2"
+  branch: "v3.11.0"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -50,7 +50,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.10.2'
+  version: '3.11.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 71650780904cbfc2e45eae4298adb7a3 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3551c3ab..e46a095c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.10.2-1
+wazuh_manager_version: 3.11.0-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: true
-  branch: "v3.10.2"
+  branch: "v3.11.0"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: true
-  branch: "v3.10.2"
+  branch: "v3.11.0"
   update: "y"
   remove: "y"
   directory: null
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index b92e4edc..fe78cdbb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -60,7 +60,7 @@
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: directory
 
-    # When downloading "v3.10.2" extracted folder name is 3.10.2. 
+    # When downloading "v3.11.0" extracted folder name is 3.11.0. 
     # Explicitly creating the folder with proper naming and striping first level in .tar.gz file
 
       - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip

From dc96d210e5de5201f44a5f093ba3aa47515cd423 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 17 Dec 2019 11:50:28 +0100
Subject: [PATCH 533/714] Fix conditional check for null variables cherry pick:
 7df74182f4e4e086082c42712f9e4b69dbd34a35

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 9265ce92..5664a428 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -59,17 +59,23 @@
     - name: Linux | Register agent (via authd)
       shell: >
         /var/ossec/bin/agent-auth
-        {% if wazuh_agent_authd.agent_name is not none %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
+        {% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
+        -A {{ wazuh_agent_authd.agent_name }}
+        {% endif %}
         -m {{ wazuh_managers.0.address }}
         -p {{ wazuh_agent_authd.port }}
-        {% if wazuh_agent_nat %}-I "any" {% endif %}
-        {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
-        {% if wazuh_agent_authd.ssl_agent_ca is not none %}
+        {% if wazuh_agent_nat %} -I "any" {% endif %}
+        {% if authd_pass is defined %} -P {{ authd_pass }} {% endif %}
+        {% if wazuh_agent_authd.ssl_agent_ca is defined and wazuh_agent_authd.ssl_agent_ca != None %}
         -v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
+        {% endif %}
+        {% if wazuh_agent_authd.ssl_agent_cert is defined and wazuh_agent_authd.ssl_agent_cert != None %}
         -x "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}"
+        {% endif %}
+        {% if wazuh_agent_authd.ssl_agent_key is defined and wazuh_agent_authd.ssl_agent_key != None  %}
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
-        {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %}-a{% endif %}
+        {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent
       vars:

From e7e3a39df7185e02d2db48110b8b71d04aae898e Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 18 Dec 2019 17:14:07 +0100
Subject: [PATCH 534/714] Adapt agent (windows) to 3.11

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index ff574fe8..2ade229c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -2,7 +2,7 @@
 wazuh_agent_version: 3.11.0-1
 
 wazuh_agent_sources_installation:
-  enabled: "false"
+  enabled: "true"
   branch: "v3.11.0"
   user_language: "y"
   user_no_stop: "y"
@@ -250,11 +250,11 @@ wazuh_agent_config:
   osquery:
     disable: 'yes'
     run_daemon: 'yes'
-    bin_path_win: 'C:\ProgramData\osquery\osqueryd'
+    bin_path_win: 'C:\Program Files\osquery\osqueryd'
     log_path: '/var/log/osquery/osqueryd.results.log'
-    log_path_win: 'C:\ProgramData\osquery\log\osqueryd.results.log'
+    log_path_win: 'C:\Program Files\osquery\log\osqueryd.results.log'
     config_path: '/etc/osquery/osquery.conf'
-    config_path_win: 'C:\ProgramData\osquery\osquery.conf'
+    config_path_win: 'C:\Program Files\osquery\osquery.conf'
     add_labels: 'yes'
   syscollector:
     disable: 'no'

From d64d26d5a558825e76be9d258026525f014d2cb6 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 18 Dec 2019 17:48:09 +0100
Subject: [PATCH 535/714] Fix variable name in <vulnerability_detector>

---
 .../var-ossec-etc-ossec-server.conf.j2        | 34 +++++++++----------
 1 file changed, 16 insertions(+), 18 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 603ce858..251a8d5a 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -258,27 +258,25 @@
     <run_on_start>{{ wazuh_manager_config.vulnerability_detector.run_on_start }}</run_on_start>
   {% endif %}
   {% if wazuh_manager_config.vulnerability_detector.providers is defined %}
-  {% for provider in wazuh_manager_config.vulnerability_detector.providers %}
-    <provider name={{ provider.name }}>
+  {% for provider_ in wazuh_manager_config.vulnerability_detector.providers_ %}
+    <provider name={{ provider_.name }}>
+      {% if provider_.enabled is defined %}
+      <enabled>{{ provider_.enabled }}</enabled>
+      {% endif %}
 
-        {% if provider.enabled is defined %}
-        <enabled>{{ provider.enabled }}</enabled>
-        {% endif %}
+      {% if provider_.os is defined %}
+      {% for os_ in provider_.os %}
+      <os>{{ os_ }}</os>
+      {% endfor %}
+      {% endif %}
 
-        {% if provider.os is defined %}
-        {% for os_ in provider.os %}
-        <os>{{ os_ }}</os>
-        {% endfor %}
-        {% endif %}
-
-        {% if provider.update_from_year is defined %}
-        <update_from_year>{{ provider.update_from_year }}</update_from_year>
-        {% endif %}
-
-        {% if provider.update_interval is defined %}
-        <update_interval>{{ provider.update_interval }}</update_interval>
-        {% endif %}
+      {% if provider_.update_from_year is defined %}
+      <update_from_year>{{ provider_.update_from_year }}</update_from_year>
+      {% endif %}
 
+      {% if provider_.update_interval is defined %}
+      <update_interval>{{ provider_.update_interval }}</update_interval>
+      {% endif %}
     </provider>
   {% endfor %}
   {% endif %}

From 9a42faebdf3eb0b14e76e0888e2e2beb080ee2f5 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 18 Dec 2019 17:48:58 +0100
Subject: [PATCH 536/714] Rename and Reorder <vulnerability_detector> vars.

---
 .../ansible-wazuh-manager/defaults/main.yml   | 58 +++++++++----------
 1 file changed, 29 insertions(+), 29 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index e46a095c..cc956434 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -215,35 +215,35 @@ wazuh_manager_config:
     interval: '5m'
     ignore_time: '6h'
     run_on_start: 'yes'
-    providers:
-      canonical:
-        - name: 'canonical'
-          enabled: 'no'
-          os:
-            - precise
-            - trusty
-            - xenial
-            - bionic
-          update_interval: '1h'
-      debian:
-        - name: 'debian'
-          enabled: 'no'
-          os:
-            - wheezy
-            - stretch
-            - jessie
-            - buster
-          update_interval: '1h'
-      redhat:
-        - name: 'redhat'
-          enabled: 'no'
-          update_from_year: '2010'
-          update_interval: '1h'
-      nvd:
-        - name: 'nvd'
-          enabled: 'no'
-          update_from_year: '2010'
-          update_interval: '1h'    
+    providers_:
+      - canonical:
+          - enabled: 'no'
+            os:
+              - 'precise'
+              - 'trusty'
+              - 'xenial'
+              - 'bionic'
+            update_interval: '1h'
+            name: 'canonical'
+      - debian:
+          - enabled: 'no'
+            os:
+              - 'wheezy'
+              - 'stretch'
+              - 'jessie'
+              - 'buster'
+            update_interval: '1h'
+            name: 'debian'
+      - redhat:
+          - enabled: 'no'
+            update_from_year: '2010'
+            update_interval: '1h'
+            name: 'redhat'
+      - nvd:
+          - enabled: 'no'
+            update_from_year: '2010'
+            update_interval: '1h'
+            name: 'nvd'
   vuls:
     disable: 'yes'
     interval: '1d'

From 39e514d51505602385391280c2d651d5b09bb858 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 19 Dec 2019 11:02:27 +0100
Subject: [PATCH 537/714] Fix vulnerability-detector variables structure

---
 .../ansible-wazuh-manager/defaults/main.yml   | 54 +++++++++----------
 .../var-ossec-etc-ossec-server.conf.j2        |  2 +-
 2 files changed, 26 insertions(+), 30 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index cc956434..f43958bb 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -215,35 +215,31 @@ wazuh_manager_config:
     interval: '5m'
     ignore_time: '6h'
     run_on_start: 'yes'
-    providers_:
-      - canonical:
-          - enabled: 'no'
-            os:
-              - 'precise'
-              - 'trusty'
-              - 'xenial'
-              - 'bionic'
-            update_interval: '1h'
-            name: 'canonical'
-      - debian:
-          - enabled: 'no'
-            os:
-              - 'wheezy'
-              - 'stretch'
-              - 'jessie'
-              - 'buster'
-            update_interval: '1h'
-            name: 'debian'
-      - redhat:
-          - enabled: 'no'
-            update_from_year: '2010'
-            update_interval: '1h'
-            name: 'redhat'
-      - nvd:
-          - enabled: 'no'
-            update_from_year: '2010'
-            update_interval: '1h'
-            name: 'nvd'
+    providers:
+      - enabled: 'no'
+        os:
+          - 'precise'
+          - 'trusty'
+          - 'xenial'
+          - 'bionic'
+        update_interval: '1h'
+        name: 'canonical'
+      - enabled: 'no'
+        os:
+          - 'wheezy'
+          - 'stretch'
+          - 'jessie'
+          - 'buster'
+        update_interval: '1h'
+        name: 'debian'
+      - enabled: 'no'
+        update_from_year: '2010'
+        update_interval: '1h'
+        name: 'redhat'
+      - enabled: 'no'
+        update_from_year: '2010'
+        update_interval: '1h'
+        name: 'nvd'
   vuls:
     disable: 'yes'
     interval: '1d'
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 251a8d5a..a6daf8b6 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -258,7 +258,7 @@
     <run_on_start>{{ wazuh_manager_config.vulnerability_detector.run_on_start }}</run_on_start>
   {% endif %}
   {% if wazuh_manager_config.vulnerability_detector.providers is defined %}
-  {% for provider_ in wazuh_manager_config.vulnerability_detector.providers_ %}
+  {% for provider_ in wazuh_manager_config.vulnerability_detector.providers %}
     <provider name={{ provider_.name }}>
       {% if provider_.enabled is defined %}
       <enabled>{{ provider_.enabled }}</enabled>

From fe1fc854a428044c40a263a99fdf5e5792002960 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 19 Dec 2019 11:17:09 +0100
Subject: [PATCH 538/714] Quote vulnerabilit-detector providers names

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f43958bb..73834fc2 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -223,7 +223,7 @@ wazuh_manager_config:
           - 'xenial'
           - 'bionic'
         update_interval: '1h'
-        name: 'canonical'
+        name: '"canonical"'
       - enabled: 'no'
         os:
           - 'wheezy'
@@ -231,15 +231,15 @@ wazuh_manager_config:
           - 'jessie'
           - 'buster'
         update_interval: '1h'
-        name: 'debian'
+        name: '"debian"'
       - enabled: 'no'
         update_from_year: '2010'
         update_interval: '1h'
-        name: 'redhat'
+        name: '"redhat"'
       - enabled: 'no'
         update_from_year: '2010'
         update_interval: '1h'
-        name: 'nvd'
+        name: '"nvd"'
   vuls:
     disable: 'yes'
     interval: '1d'

From efc5ad1b07e19e12a80955cadd5ce4ae492dcce2 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 19 Dec 2019 13:28:18 +0100
Subject: [PATCH 539/714] Remove empty lines from template

---
 .../templates/var-ossec-etc-ossec-server.conf.j2               | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index a6daf8b6..81b7d31b 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -263,17 +263,14 @@
       {% if provider_.enabled is defined %}
       <enabled>{{ provider_.enabled }}</enabled>
       {% endif %}
-
       {% if provider_.os is defined %}
       {% for os_ in provider_.os %}
       <os>{{ os_ }}</os>
       {% endfor %}
       {% endif %}
-
       {% if provider_.update_from_year is defined %}
       <update_from_year>{{ provider_.update_from_year }}</update_from_year>
       {% endif %}
-
       {% if provider_.update_interval is defined %}
       <update_interval>{{ provider_.update_interval }}</update_interval>
       {% endif %}

From 879c2782b01ae8abc5117e4e9c964b2cf51a5559 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 26 Dec 2019 11:58:01 +0100
Subject: [PATCH 540/714] Bump version to 3.11.0_7.5.1

---
 VERSION                                                     | 4 ++--
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 6 +++---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 6 +++---
 .../tasks/installation_from_sources.yml                     | 2 +-
 7 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/VERSION b/VERSION
index f4d1cb92..53ae3f4b 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.10.2"
-REVISION="31020"
+WAZUH-ANSIBLE_VERSION="v3.11.0"
+REVISION="31100"
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 7eb645c2..a1bef6b2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.4.2
+elastic_stack_version: 7.5.1
 elasticsearch_lower_disk_requirements: false
 
 # Cluster Settings
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 8e4a6572..72e51254 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.4.2
-wazuh_version: 3.10.2
+elastic_stack_version: 7.5.1
+wazuh_version: 3.11.0
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # Xpack Security
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index c5914664..1b1c1bd8 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.4.2
+filebeat_version: 7.5.1
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 30eddc6e..dc045dd6 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.10.2-1
+wazuh_agent_version: 3.11.0-1
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.10.2"
+  branch: "v3.11.0"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -50,7 +50,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.10.2'
+  version: '3.11.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 71650780904cbfc2e45eae4298adb7a3 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ca536bff..bd039d68 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.10.2-1
+wazuh_manager_version: 3.11.0-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.10.2"
+  branch: "v3.11.0"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.10.2"
+  branch: "v3.11.0"
   update: "y"
   remove: "y"
   directory: null
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index b92e4edc..fe78cdbb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -60,7 +60,7 @@
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: directory
 
-    # When downloading "v3.10.2" extracted folder name is 3.10.2. 
+    # When downloading "v3.11.0" extracted folder name is 3.11.0. 
     # Explicitly creating the folder with proper naming and striping first level in .tar.gz file
 
       - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip

From bfe86ed1d30d75ed14b43d4bb6bfd87a1e859409 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 26 Dec 2019 13:13:32 +0100
Subject: [PATCH 541/714] Update CHANGELOG.md

---
 CHANGELOG.md | 46 ++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 40 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c04df488..73f7ea43 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,21 +1,55 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
-## [v3.xx.x_x.x.x]
+## [v3.11.0_7.5.1]
 
 ### Added
 
-- Wazuh Agent registration task now explicitly notify restart [@jm404](https://github.com/jm404) [#302](https://github.com/wazuh/wazuh-ansible/pull/302)
+- Update to Wazuh v3.11.0
+
+- Wazuh Agent registration task now explicitly notify restart ([@jm404](https://github.com/jm404)) [PR#302](https://github.com/wazuh/wazuh-ansible/pull/302)
+
+- Support both IP and DNS when creating elastic cluster ([@xr09](https://github.com/xr09)) [PR#252](https://github.com/wazuh/wazuh-ansible/pull/252)
+
+- Added config tag to the Wazuh Agent's enable task ([@xr09](https://github.com/xr09)) [PR#261](https://github.com/wazuh/wazuh-ansible/pull/261)
+
+- Implement task to configure Elasticsearch user on every cluster node ([@xr09](https://github.com/xr09)) [PR#270](https://github.com/wazuh/wazuh-ansible/pull/270)
+
+- Added SCA to Wazuh Agent and Manager installation ([@jm404](https://github.com/jm404)) [PR#260](https://github.com/wazuh/wazuh-ansible/pull/260)
+
+- Added support for environments with low disk space ([@xr09](https://github.com/xr09)) [PR#281](https://github.com/wazuh/wazuh-ansible/pull/281)
+
+- Add parameters to configure an Elasticsearch coordinating node ([@jm404](https://github.com/jm404)) [PR#292](https://github.com/wazuh/wazuh-ansible/pull/292)
+ 
 
 ### Changed
 
-- Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288)
-- Wazuh App URL is now flexible [@jm404](https://github.com/jm404) [#304](https://github.com/wazuh/wazuh-ansible/pull/304)
+- Updated Filebeat and Elasticsearch templates ([@manuasir](https://github.com/manuasir)) [PR#285](https://github.com/wazuh/wazuh-ansible/pull/285)
+
+- Make ossec.conf file more readable by removing trailing whitespaces ([@jm404](https://github.com/jm404)) [PR#286](https://github.com/wazuh/wazuh-ansible/pull/286)
+
+- Wazuh repositories can now be configured to different sources URLs ([@jm404](https://github.com/jm404)) [PR#288](https://github.com/wazuh/wazuh-ansible/pull/288)
+
+- Wazuh App URL is now flexible ([@jm404](https://github.com/jm404)) [PR#304](https://github.com/wazuh/wazuh-ansible/pull/304)
+
+- Agent installation task now does not hardcodes the "-1" sufix ([@jm404](https://github.com/jm404)) [PR#310](https://github.com/wazuh/wazuh-ansible/pull/310)
+
+- Enhanced task importation in Wazuh Manager role and removed deprecated warnings ([@xr09](https://github.com/xr09)) [PR#320](https://github.com/wazuh/wazuh-ansible/pull/320)
+
+- Wazuh API installation task have been upgraded ([@rshad](https://github.com/rshad)) [PR#330](https://github.com/wazuh/wazuh-ansible/pull/330)
+
+- It's now possible to install Wazuh Manager and Agent from sources ([@jm404](https://github.com/jm404)) [PR#329](https://github.com/wazuh/wazuh-ansible/pull/329)
+
 
 ### Fixed
 
-- Wazuh Agent registration using agent name has been fixed [@jm404](https://github.com/jm404) [#298](https://github.com/wazuh/wazuh-ansible/pull/298)
-- Fix Wazuh repository and installation conditionals  [@jm404](https://github.com/jm404) [#299](https://github.com/wazuh/wazuh-ansible/pull/299)
+- Ansible upgrade from 6.x to 7.x ([@jm404](https://github.com/jm404)) [PR#252](https://github.com/wazuh/wazuh-ansible/pull/251)
+
+- Wazuh Agent registration using agent name has been fixed ([@jm404](https://github.com/jm404)) [PR#298](https://github.com/wazuh/wazuh-ansible/pull/298)
+- Fix Wazuh repository and installation conditionals ([@jm404](https://github.com/jm404)) [PR#299](https://github.com/wazuh/wazuh-ansible/pull/299)
+
+- Fixed Wazuh Agent registration using an Agent's name ([@jm404](https://github.com/jm404)) [PR#334](https://github.com/wazuh/wazuh-ansible/pull/334)
+
 
 ## [v3.10.2_7.3.2]
 

From 6eebfa4f2c83320c414ab33815b8ab3ef5a284cb Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 30 Dec 2019 17:37:07 +0100
Subject: [PATCH 542/714] Fix openscap block rendering for CentOS 8

---
 .../var-ossec-etc-ossec-server.conf.j2         | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 733cae18..b4d27e14 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -160,23 +160,33 @@
     <content type="oval" path="cve-debian-9-oval.xml"/>
     {% endif %}
     {% elif ansible_distribution == 'CentOS' %}
-      {% if ansible_distribution_major_version == '7' %}
+      {% if ansible_distribution_major_version == '8' %}
+        {# Policy not available #}
+      {% elif ansible_distribution_major_version == '7' %}
       <content type="xccdf" path="ssg-centos-7-ds.xml">
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
       {% elif ansible_distribution_major_version == '6' %}
       <content type="xccdf" path="ssg-centos-6-ds.xml">
-      {% endif %}
         <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
         <profile>xccdf_org.ssgproject.content_profile_common</profile>
       </content>
+      {% endif %}
     {% elif ansible_distribution == 'RedHat' %}
-      {% if ansible_distribution_major_version == '7' %}
+      {% if ansible_distribution_major_version == '8' %}
+        {# Policy not available #}
+      {% elif ansible_distribution_major_version == '7' %}
       <content type="xccdf" path="ssg-rhel-7-ds.xml">
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
       {% elif ansible_distribution_major_version == '6' %}
       <content type="xccdf" path="ssg-rhel-6-ds.xml">
-      {% endif %}
         <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
         <profile>xccdf_org.ssgproject.content_profile_common</profile>
       </content>
+      {% endif %}
       {% if ansible_distribution_major_version == '7' %}
       <content type="oval" path="cve-redhat-7-ds.xml"/>
       {% elif ansible_distribution_major_version == '6' %}

From e5643b33ccc42609d33b5f06f4003ae119f63f88 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 7 Jan 2020 13:57:47 +0100
Subject: [PATCH 543/714] Bump version - Wazuh = 3.11.1_7.5.1

---
 VERSION                                                     | 2 +-
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 6 +++---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 6 +++---
 .../tasks/installation_from_sources.yml                     | 2 +-
 7 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/VERSION b/VERSION
index 31264c4e..fccb7443 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.11.0"
+WAZUH-ANSIBLE_VERSION="v3.11.1"
 REVISION="31020"
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 7eb645c2..a1bef6b2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.4.2
+elastic_stack_version: 7.5.1
 elasticsearch_lower_disk_requirements: false
 
 # Cluster Settings
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 62af2781..8ec8f78a 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.4.2
-wazuh_version: 3.11.0
+elastic_stack_version: 7.5.1
+wazuh_version: 3.11.1
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # Xpack Security
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index c5914664..1b1c1bd8 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.4.2
+filebeat_version: 7.5.1
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 2ade229c..daa8df50 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.11.0-1
+wazuh_agent_version: 3.11.1-1
 
 wazuh_agent_sources_installation:
   enabled: "true"
-  branch: "v3.11.0"
+  branch: "v3.11.1"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -50,7 +50,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.11.0'
+  version: '3.11.1'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 71650780904cbfc2e45eae4298adb7a3 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 73834fc2..1bf5d2f4 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.11.0-1
+wazuh_manager_version: 3.11.1-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: true
-  branch: "v3.11.0"
+  branch: "v3.11.1"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: true
-  branch: "v3.11.0"
+  branch: "v3.11.1"
   update: "y"
   remove: "y"
   directory: null
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index fe78cdbb..b8bf5625 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -60,7 +60,7 @@
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: directory
 
-    # When downloading "v3.11.0" extracted folder name is 3.11.0. 
+    # When downloading "v3.11.1" extracted folder name is 3.11.1. 
     # Explicitly creating the folder with proper naming and striping first level in .tar.gz file
 
       - name: Extract downloaded Wazuh branch from Github # Using shell instead of unarchive due to that module not working properlyh with --strip

From d3f73a5e5816b0e474e76c04eec152ad1fe66e09 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 7 Jan 2020 14:03:44 +0100
Subject: [PATCH 544/714] Set source installation mode to false

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index daa8df50..b6a1452c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -2,7 +2,7 @@
 wazuh_agent_version: 3.11.1-1
 
 wazuh_agent_sources_installation:
-  enabled: "true"
+  enabled: "false"
   branch: "v3.11.1"
   user_language: "y"
   user_no_stop: "y"
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 1bf5d2f4..6c4a27c8 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -5,7 +5,7 @@ wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
-  enabled: true
+  enabled: false
   branch: "v3.11.1"
   user_language: "en"
   user_no_stop: "y"

From 58c5005bedcc3cbd1e0c9f39fc840a3d191614d6 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 15:01:05 +0100
Subject: [PATCH 545/714] Set new API configuration behavior

---
 .../ansible-kibana/defaults/main.yml          |   8 ++
 .../ansible-kibana/tasks/main.yml             |  25 ++++
 .../ansible-kibana/templates/wazuh.yml.j2     | 134 ++++++++++++++++++
 3 files changed, 167 insertions(+)
 create mode 100644 roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 72e51254..22dcf3ea 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -9,6 +9,14 @@ elastic_stack_version: 7.5.1
 wazuh_version: 3.11.0
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
+# API credentials
+api_auth:
+  - api_id: "default"
+    api_url: "http://localhost"
+    api_port: 55000
+    api_user: "foo"
+    api_password: "bar"
+
 # Xpack Security
 kibana_xpack_security: false
 
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index dd0e423f..c37a23eb 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -134,6 +134,31 @@
   when:
     - not build_from_sources
 
+- name: Wait for Elasticsearch port
+  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}
+
+- name: Select correct API protocol
+  set_fact:
+    elastic_api_protocol: "{% if kibana_xpack_security %}https{% else %}http{% endif %}"
+  
+- name: Attempting to delete legacy Wazuh index if exists
+  uri:
+    url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
+    method: DELETE
+    user: "{{ elasticsearch_xpack_security_user }}"
+    password: "{{ elasticsearch_xpack_security_password }}"
+    validate_certs: no
+    status_code: 200, 404
+  ignore_errors: yes
+
+- name: Configure Wazuh Plugin
+  template:
+    src: wazuh.yml.j2
+    dest: /usr/share/kibana/plugins/wazuh/wazuh.yml
+    owner: kibana
+    group: root
+    mode: 0644
+
 - name: Reload systemd configuration
   systemd:
     daemon_reload: true
diff --git a/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
new file mode 100644
index 00000000..4895c105
--- /dev/null
+++ b/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
@@ -0,0 +1,134 @@
+---
+#
+# Wazuh app - App configuration file
+# Copyright (C) 2015-2019 Wazuh, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Find more information about this on the LICENSE file.
+#
+# ======================== Wazuh app configuration file ========================
+#
+# Please check the documentation for more information on configuration options:
+# https://documentation.wazuh.com/current/installation-guide/index.html
+#
+# Also, you can check our repository:
+# https://github.com/wazuh/wazuh-kibana-app
+#
+# ------------------------------- Index patterns -------------------------------
+#
+# Default index pattern to use.
+#pattern: wazuh-alerts-3.x-*
+#
+# ----------------------------------- Checks -----------------------------------
+#
+# Defines which checks must to be consider by the healthcheck
+# step once the Wazuh app starts. Values must to be true or false.
+#checks.pattern : true
+#checks.template: true
+#checks.api     : true
+#checks.setup   : true
+#
+# --------------------------------- Extensions ---------------------------------
+#
+# Defines which extensions should be activated when you add a new API entry.
+# You can change them after Wazuh app starts.
+# Values must to be true or false.
+#extensions.pci       : true
+#extensions.gdpr      : true
+#extensions.hipaa     : true
+#extensions.nist      : true
+#extensions.audit     : true
+#extensions.oscap     : false
+#extensions.ciscat    : false
+#extensions.aws       : false
+#extensions.virustotal: false
+#extensions.osquery   : false
+#extensions.docker    : false
+#
+# ---------------------------------- Time out ----------------------------------
+#
+# Defines maximum timeout to be used on the Wazuh app requests.
+# It will be ignored if it is bellow 1500.
+# It means milliseconds before we consider a request as failed.
+# Default: 20000
+#timeout: 20000
+#
+# ------------------------------ Advanced indices ------------------------------
+#
+# Configure .wazuh indices shards and replicas.
+#wazuh.shards          : 1
+#wazuh.replicas        : 0
+#
+# --------------------------- Index pattern selector ---------------------------
+#
+# Defines if the user is allowed to change the selected
+# index pattern directly from the Wazuh app top menu.
+# Default: true
+#ip.selector: true
+#
+# List of index patterns to be ignored
+#ip.ignore: []
+#
+# -------------------------------- X-Pack RBAC ---------------------------------
+#
+# Custom setting to enable/disable built-in X-Pack RBAC security capabilities.
+# Default: enabled
+#xpack.rbac.enabled: true
+#
+# ------------------------------ wazuh-monitoring ------------------------------
+#
+# Custom setting to enable/disable wazuh-monitoring indices.
+# Values: true, false, worker
+# If worker is given as value, the app will show the Agents status
+# visualization but won't insert data on wazuh-monitoring indices.
+# Default: true
+#wazuh.monitoring.enabled: true
+#
+# Custom setting to set the frequency for wazuh-monitoring indices cron task.
+# Default: 900 (s)
+#wazuh.monitoring.frequency: 900
+#
+# Configure wazuh-monitoring-3.x-* indices shards and replicas.
+#wazuh.monitoring.shards: 2
+#wazuh.monitoring.replicas: 0
+#
+# Configure wazuh-monitoring-3.x-* indices custom creation interval.
+# Values: h (hourly), d (daily), w (weekly), m (monthly)
+# Default: d
+#wazuh.monitoring.creation: d
+#
+# Default index pattern to use for Wazuh monitoring
+#wazuh.monitoring.pattern: wazuh-monitoring-3.x-*
+#
+#
+# ------------------------------- App privileges --------------------------------
+#admin: true
+#
+# ------------------------------- App logging level -----------------------------
+# Set the logging level for the Wazuh App log files.
+# Default value: info
+# Allowed values: info, debug
+#logs.level: info
+#
+#-------------------------------- API entries -----------------------------------
+#The following configuration is the default structure to define an API entry.
+#
+#hosts:
+#  - <id>:
+#     url: http(s)://<url>
+#     port: <port>
+#     user: <user>
+#     password: <password>
+
+hosts:
+{% for api in api_auth %}
+  - {{ api['api_id'] }}:
+      url: {{ api['api_url'] }}
+      port: {{ api['api_port'] }}
+      user: {{ api['api_user'] }}
+      password: {{ api['api_password'] }}
+{% endfor %}

From c7ca41169e07da37cddf82847d47c5fd88778a1d Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 16:06:08 +0100
Subject: [PATCH 546/714] Rename API variables

---
 .../elastic-stack/ansible-kibana/defaults/main.yml | 14 +++++++-------
 .../ansible-kibana/templates/wazuh.yml.j2          | 12 ++++++------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 22dcf3ea..0f1b0611 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -10,12 +10,12 @@ wazuh_version: 3.11.0
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # API credentials
-api_auth:
-  - api_id: "default"
-    api_url: "http://localhost"
-    api_port: 55000
-    api_user: "foo"
-    api_password: "bar"
+wazuh_api_credentials:
+  - id: "default"
+    url: "http://localhost"
+    port: 55000
+    user: "foo"
+    password: "bar"
 
 # Xpack Security
 kibana_xpack_security: false
@@ -41,4 +41,4 @@ nodejs:
 
 # Build from sources
 build_from_sources: false
-wazuh_plugin_branch: 3.10-7.4
\ No newline at end of file
+wazuh_plugin_branch: 3.10-7.4
diff --git a/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
index 4895c105..1cbc9e2d 100644
--- a/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/wazuh.yml.j2
@@ -125,10 +125,10 @@
 #     password: <password>
 
 hosts:
-{% for api in api_auth %}
-  - {{ api['api_id'] }}:
-      url: {{ api['api_url'] }}
-      port: {{ api['api_port'] }}
-      user: {{ api['api_user'] }}
-      password: {{ api['api_password'] }}
+{% for api in wazuh_api_credentials %}
+  - {{ api['id'] }}:
+      url: {{ api['url'] }}
+      port: {{ api['port'] }}
+      user: {{ api['user'] }}
+      password: {{ api['password'] }}
 {% endfor %}

From 2d91a5c126c615a9b0541ea202853f3046b62b8c Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 16:10:04 +0100
Subject: [PATCH 547/714] Rename task

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c37a23eb..5e300934 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -151,7 +151,7 @@
     status_code: 200, 404
   ignore_errors: yes
 
-- name: Configure Wazuh Plugin
+- name: Configure Wazuh Kibana Plugin
   template:
     src: wazuh.yml.j2
     dest: /usr/share/kibana/plugins/wazuh/wazuh.yml

From 71e52de80f33fcb8be0c3b620e3cfbc2f10fc2b3 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 16:21:47 +0100
Subject: [PATCH 548/714] Do not ignore errors on index removal

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 5e300934..d21dea91 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -149,7 +149,6 @@
     password: "{{ elasticsearch_xpack_security_password }}"
     validate_certs: no
     status_code: 200, 404
-  ignore_errors: yes
 
 - name: Configure Wazuh Kibana Plugin
   template:

From 5b895233d458203e5a97acbc07bdae846224fa38 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 16:29:20 +0100
Subject: [PATCH 549/714] Fix missing bump

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 0f1b0611..4e32c838 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -41,4 +41,4 @@ nodejs:
 
 # Build from sources
 build_from_sources: false
-wazuh_plugin_branch: 3.10-7.4
+wazuh_plugin_branch: 3.11-7.5

From 812fb81b812aab284455242f7dd6f1c88496641a Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 12:02:14 +0100
Subject: [PATCH 550/714] Bump to version 3.11.1_7.5.1

---
 VERSION                                              | 4 ++--
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 6 +++---
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/VERSION b/VERSION
index 53ae3f4b..3961d05c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.11.0"
-REVISION="31100"
+WAZUH-ANSIBLE_VERSION="v3.11.1"
+REVISION="31110"
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 4e32c838..486448d2 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.5.1
-wazuh_version: 3.11.0
+wazuh_version: 3.11.1
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # API credentials
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index dc045dd6..ba697a4b 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.11.0-1
+wazuh_agent_version: 3.11.1-1
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.11.0"
+  branch: "v3.11.1"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -50,7 +50,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.11.0'
+  version: '3.11.1'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 71650780904cbfc2e45eae4298adb7a3 
@@ -343,4 +343,4 @@ wazuh_agent_config:
     list:
       - key: Env
         value: Production
-wazuh_agent_nat: false
\ No newline at end of file
+wazuh_agent_nat: false
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index bd039d68..6b884123 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.11.0-1
+wazuh_manager_version: 3.11.1-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.11.0"
+  branch: "v3.11.1"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.11.0"
+  branch: "v3.11.1"
   update: "y"
   remove: "y"
   directory: null

From cf37169f1d4657b955be91523ad639ddec748352 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 16:39:49 +0100
Subject: [PATCH 551/714] Update Windows package MD5 hash

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index ba697a4b..4786dadb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -53,7 +53,7 @@ wazuh_winagent_config:
   version: '3.11.1'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: 71650780904cbfc2e45eae4298adb7a3 
+  md5: 1e39c2ad032259cb9682c1eac3ac646a
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From 0d23ca8b01420122861c780c70f2538211ec6f8b Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 16:45:53 +0100
Subject: [PATCH 552/714] Update CHANGELOG.md

---
 CHANGELOG.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 73f7ea43..8509f0fd 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,13 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.11.1_7.5.1]
+
+### Added
+
+- Update to Wazuh v3.11.1
+
+
 ## [v3.11.0_7.5.1]
 
 ### Added

From 1348f1acc2a0ef8d85c5b86e2312efce8f246316 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 17:47:39 +0100
Subject: [PATCH 553/714] Remove whitespace

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index d21dea91..4926e19d 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -140,7 +140,7 @@
 - name: Select correct API protocol
   set_fact:
     elastic_api_protocol: "{% if kibana_xpack_security %}https{% else %}http{% endif %}"
-  
+
 - name: Attempting to delete legacy Wazuh index if exists
   uri:
     url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"

From 09fd2ac4fe98df1e8c9f3c817a52d238b9dde68a Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 7 Jan 2020 18:09:49 +0100
Subject: [PATCH 554/714] Update revision to 31110

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index fad76f5c..3961d05c 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v3.11.1"
-REVISION="31100"
+REVISION="31110"

From 0428fb3180570fd6b89673a39d5c421732aba8a0 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 7 Jan 2020 17:47:39 +0100
Subject: [PATCH 555/714] Remove whitespace

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index d21dea91..4926e19d 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -140,7 +140,7 @@
 - name: Select correct API protocol
   set_fact:
     elastic_api_protocol: "{% if kibana_xpack_security %}https{% else %}http{% endif %}"
-  
+
 - name: Attempting to delete legacy Wazuh index if exists
   uri:
     url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"

From d2615ef6466ffac7fb512aca979b92a7f95c2460 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 8 Jan 2020 14:22:07 +0100
Subject: [PATCH 556/714] Update Windows MD5 hash of Wazuh Agent 3.11.0

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index dc045dd6..6645a4b3 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -53,7 +53,7 @@ wazuh_winagent_config:
   version: '3.11.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: 71650780904cbfc2e45eae4298adb7a3 
+  md5: 817b52aabea7a9e936effa022c5eba43
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From b050291a23da5fb911ca07c5ee20c12b37b7f925 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 8 Jan 2020 14:23:14 +0100
Subject: [PATCH 557/714] Update CHANGELOG.md

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 73f7ea43..f2f333cc 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,8 @@ All notable changes to this project will be documented in this file.
 
 - Update to Wazuh v3.11.0
 
+- Implemented changes to configure Wazuh API using the `wazuh.yml` file ([@xr09](https://github.com/xr09)) [PR#342](https://github.com/wazuh/wazuh-ansible/pull/342)
+
 - Wazuh Agent registration task now explicitly notify restart ([@jm404](https://github.com/jm404)) [PR#302](https://github.com/wazuh/wazuh-ansible/pull/302)
 
 - Support both IP and DNS when creating elastic cluster ([@xr09](https://github.com/xr09)) [PR#252](https://github.com/wazuh/wazuh-ansible/pull/252)

From 16495e9b91881eb3744c677c638beed0147f1be8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 8 Jan 2020 17:16:38 +0100
Subject: [PATCH 558/714] Restore Wazuh version 3.11.0_7.5.1

---
 VERSION                                                     | 4 ++--
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 6 +++---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 6 +++---
 .../tasks/installation_from_sources.yml                     | 2 +-
 wazuh-qa                                                    | 1 +
 6 files changed, 11 insertions(+), 10 deletions(-)
 create mode 160000 wazuh-qa

diff --git a/VERSION b/VERSION
index 3961d05c..53ae3f4b 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.11.1"
-REVISION="31110"
+WAZUH-ANSIBLE_VERSION="v3.11.0"
+REVISION="31100"
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 32039d6b..b82f4ce2 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.5.1
-wazuh_version: 3.11.1
+wazuh_version: 3.11.0
 
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index b6a1452c..d748f80e 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.11.1-1
+wazuh_agent_version: 3.11.0-1
 
 wazuh_agent_sources_installation:
   enabled: "false"
-  branch: "v3.11.1"
+  branch: "v3.11.0"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -50,7 +50,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.11.1'
+  version: '3.11.0'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 71650780904cbfc2e45eae4298adb7a3 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 21faa35c..d075b3cb 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.11.1-1
+wazuh_manager_version: 3.11.0-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.11.1"
+  branch: "v3.11.0"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.11.1"
+  branch: "v3.11.0"
   update: "y"
   remove: "y"
   directory: null
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 68aeac34..10203cb9 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -60,7 +60,7 @@
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: directory
 
-    # When downloading "v3.11.1" extracted folder name is 3.11.1. 
+    # When downloading "v3.11.0" extracted folder name is 3.11.0. 
 
     # Explicitly creating the folder with proper naming and striping first level in .tar.gz file
 
diff --git a/wazuh-qa b/wazuh-qa
new file mode 160000
index 00000000..2699bb7b
--- /dev/null
+++ b/wazuh-qa
@@ -0,0 +1 @@
+Subproject commit 2699bb7ba8026daae2bb73f19ac50c2010b4677c

From 3954c0d317c6055d6ce45349c4a689902214dd8a Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Wed, 8 Jan 2020 17:39:03 +0100
Subject: [PATCH 559/714] Remove wazuh-qa submodule

---
 wazuh-qa | 1 -
 1 file changed, 1 deletion(-)
 delete mode 160000 wazuh-qa

diff --git a/wazuh-qa b/wazuh-qa
deleted file mode 160000
index 2699bb7b..00000000
--- a/wazuh-qa
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 2699bb7ba8026daae2bb73f19ac50c2010b4677c

From 99f5403d5005adf7c7c075c457b396b26102cbf0 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Thu, 9 Jan 2020 11:10:30 +0100
Subject: [PATCH 560/714] Update templates for Python 3 compatibility

---
 .../templates/var-ossec-etc-ossec-server.conf.j2            | 6 +++---
 .../templates/var-ossec-etc-shared-agent.conf.j2            | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 99201c29..a3dcbb46 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -502,7 +502,7 @@
      {% endif %}
      {% endif %}
      {% if localfile.format == 'json' and localfile.labels is defined %}
-     {% for key, value in localfile.labels.iteritems() %}
+     {% for key, value in localfile.labels.items() %}
      <label key="{{ key }}">{{ value }}</label>
      {% endfor %}
      {% endif %}
@@ -540,7 +540,7 @@
      {% endif %}
      {% endif %}
      {% if localfile.format == 'json' and localfile.labels is defined %}
-     {% for key, value in localfile.labels.iteritems() %}
+     {% for key, value in localfile.labels.items() %}
      <label key="{{ key }}">{{ value }}</label>
      {% endfor %}
      {% endif %}
@@ -579,7 +579,7 @@
      {% endif %}
      {% endif %}
      {% if localfile.format == 'json' and localfile.labels is defined %}
-     {% for key, value in localfile.labels.iteritems() %}
+     {% for key, value in localfile.labels.items() %}
      <label key="{{ key }}">{{ value }}</label>
      {% endfor %}
      {% endif %}
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index 77e64fbf..dd1c8d9a 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -68,7 +68,7 @@
        {% endif %}
        {% endif %}
        {% if localfile.format == 'json' and localfile.labels is defined %}
-       {% for key, value in localfile.labels.iteritems() %}
+       {% for key, value in localfile.labels.items() %}
        <label key="{{ key }}">{{ value }}</label>
        {% endfor %}
        {% endif %}

From a35c7bceb1f9daeb543cd5e68a9685ab35f3fc81 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 9 Jan 2020 18:05:41 +0100
Subject: [PATCH 561/714] Fix rootkit files & trojans paths for manager

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  |  8 ++++----
 .../templates/var-ossec-etc-ossec-server.conf.j2     | 12 ++++++------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 21faa35c..e4f6a17d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -95,7 +95,7 @@ wazuh_manager_config:
     use_source_ip: 'yes'
     force_insert: 'yes'
     force_time: 0
-    purge: 'no'
+    purge: 'yes'
     use_password: 'no'
     limit_maxagents: 'yes'
     ciphers: 'HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH'
@@ -114,7 +114,7 @@ wazuh_manager_config:
   email_log_source: 'alerts.log'
   extra_emails:
     - enable: false
-      mail_to: 'recipient@example.wazuh.com'
+      mail_to: 'admin@example.net'
       format: full
       level: 7
       event_location: null
@@ -174,7 +174,7 @@ wazuh_manager_config:
   rootcheck:
     frequency: 43200
   openscap:
-    disable: 'no'
+    disable: 'yes'
     timeout: 1800
     interval: '1d'
     scan_on_start: 'yes'
@@ -263,6 +263,7 @@ wazuh_manager_config:
         frequency: '360'
       - format: 'full_command'
         command: 'last -n 20'
+        frequency: '360'
       - format: 'syslog'
         location: '/var/ossec/logs/active-responses.log'
     debian:
@@ -295,7 +296,6 @@ wazuh_manager_config:
     - name: 'restart-ossec'
       executable: 'restart-ossec.sh'
       expect: ''
-      timeout_allowed: 'no'
     - name: 'firewall-drop'
       executable: 'firewall-drop.sh'
       expect: 'srcip'
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 99201c29..94223a94 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -126,8 +126,8 @@
     <!-- Frequency that rootcheck is executed - every 12 hours -->
     <frequency>{{ wazuh_manager_config.rootcheck.frequency }}</frequency>
 
-    <rootkit_files>/var/ossec/etc/shared/default/rootkit_files.txt</rootkit_files>
-    <rootkit_trojans>/var/ossec/etc/shared/default/rootkit_trojans.txt</rootkit_trojans>
+    <rootkit_files>/var/ossec/etc/rootcheck/rootkit_files.txt</rootkit_files>
+    <rootkit_trojans>/var/ossec/etc/rootcheck/rootkit_trojans.txt</rootkit_trojans>
 
     <skip_nfs>yes</skip_nfs>
   </rootcheck>
@@ -292,7 +292,6 @@
   <!-- File integrity monitoring -->
   <syscheck>
     <disabled>{{ wazuh_manager_config.syscheck.disable }}</disabled>
-    <auto_ignore>{{ wazuh_manager_config.syscheck.auto_ignore }}</auto_ignore>
     <alert_new_files>{{ wazuh_manager_config.syscheck.alert_new_files }}</alert_new_files>
     <!-- Frequency that syscheck is executed -- default every 20 hours -->
     <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
@@ -318,7 +317,7 @@
     {% endif %}
 
     <!-- File types to ignore -->
-    {% if wazuh_manager_config.syscheck.ignore_linux_type is defined and ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %}
+    {% if wazuh_manager_config.syscheck.ignore_linux_type is defined %}
     {% for ignore in wazuh_manager_config.syscheck.ignore_linux_type %}
     <ignore type="sregex">{{ ignore }}</ignore>
     {% endfor %}
@@ -346,7 +345,9 @@
     <name>{{ command.name }}</name>
     <executable>{{ command.executable }}</executable>
     <expect>{{ command.expect }}</expect>
-    <timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed>
+    {% if command.timeout_allowed is defined %}
+        <timeout_allowed>{{ command.timeout_allowed }}</timeout_allowed>
+    {% endif %}
   </command>
 {% endfor %}
 
@@ -359,7 +360,6 @@
   <rule_exclude>{{ rule }}</rule_exclude>
   {% endfor %}
   {% endif %}
-  {% if cdb_lists is defined %}
   {% for list in cdb_lists %}
   <list>etc/lists/{{ list.name }}</list>
   {% endfor %}

From 285cbc26fc5e64bdfa11b3e2d51621282c34d8f2 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 9 Jan 2020 19:14:59 +0100
Subject: [PATCH 562/714] Adapt agent to 3.11.1 - detailed changes

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2      | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 6629da08..57787b07 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -86,8 +86,6 @@
   <!-- <directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> -->
     <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
     <directories check_all="yes">/bin,/sbin,/boot</directories>
-
-    <auto_ignore>{{ wazuh_agent_config.syscheck.auto_ignore }}</auto_ignore>
     <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
     {% endif %}
 
@@ -113,7 +111,7 @@
     {% endif %}
 
     <!-- File types to ignore -->
-    {% if wazuh_agent_config.syscheck.ignore_linux_type is defined and ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %}
+    {% if wazuh_agent_config.syscheck.ignore_linux_type is defined %}
     {% for ignore in wazuh_agent_config.syscheck.ignore_linux_type %}
     <ignore type="sregex">{{ ignore }}</ignore>
     {% endfor %}
@@ -161,9 +159,9 @@
   </syscheck>
   {% endif %}
 
-  {% if ansible_system == "Linux" and wazuh_agent_config.openscap.disable == 'no' %}
+  {% if ansible_system == "Linux" %}
   <wodle name="open-scap">
-    <disabled>no</disabled>
+    <disabled>{{ wazuh_agent_config.openscap.disable }}</disabled>
     <timeout>{{ wazuh_agent_config.openscap.timeout }}</timeout>
     <interval>{{ wazuh_agent_config.openscap.interval }}</interval>
     <scan-on-start>{{ wazuh_agent_config.openscap.scan_on_start }}</scan-on-start>
@@ -214,9 +212,8 @@
   </wodle>
   {% endif %}
 
-  {% if wazuh_agent_config.cis_cat.disable == 'no' %}
   <wodle name="cis-cat">
-    <disabled>no</disabled>
+    <disabled>{{ wazuh_agent_config.cis_cat.disable }}</disabled>
     <timeout>{{ wazuh_agent_config.cis_cat.timeout }}</timeout>
     <interval>{{ wazuh_agent_config.cis_cat.interval }}</interval>
     <scan-on-start>{{ wazuh_agent_config.cis_cat.scan_on_start }}</scan-on-start>
@@ -229,7 +226,6 @@
     {% endif %}
     <ciscat_path>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.cis_cat.ciscat_path_win }}{% else %}{{ wazuh_agent_config.cis_cat.ciscat_path }}{% endif %}</ciscat_path>
   </wodle>
-  {% endif %}
 
   <!-- Osquery integration -->
   <wodle name="osquery">

From 144067763b3356dcac4801f962950012394faf6c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Thu, 9 Jan 2020 19:15:14 +0100
Subject: [PATCH 563/714] Remove cdb related tasks and config

---
 .../ansible-wazuh-manager/handlers/main.yml   |  3 -
 .../ansible-wazuh-manager/tasks/main.yml      | 26 ------
 .../var-ossec-etc-ossec-server.conf.j2        |  3 +-
 .../ansible-wazuh-manager/vars/cdb_lists.yml  | 88 +------------------
 4 files changed, 5 insertions(+), 115 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
index 46f1097b..f422b85d 100644
--- a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml
@@ -1,7 +1,4 @@
 ---
-- name: rebuild cdb_lists
-  command: /var/ossec/bin/ossec-makelists
-
 - name: restart wazuh-manager
   service:
     name: wazuh-manager
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 0bb00fef..842d33a6 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -198,11 +198,6 @@
   tags:
     - config
 
-- name: Retrieving CDB lists
-  include_vars: cdb_lists.yml
-  tags:
-    - config
-
 - name: Check if syslog output is enabled
   set_fact: syslog_output=true
   when: item.server is not none
@@ -334,27 +329,6 @@
   tags:
     - config
 
-- name: CDB Lists
-  template:
-    src: cdb_lists.j2
-    dest: "/var/ossec/etc/lists/{{ item.name }}"
-    owner: root
-    group: ossec
-    mode: 0640
-  no_log: true
-  register: wazuh_manager_cdb_lists
-  until: wazuh_manager_cdb_lists is succeeded
-  notify:
-    - rebuild cdb_lists
-    - restart wazuh-manager
-  with_items:
-    - "{{ cdb_lists }}"
-  when:
-    - cdb_lists is defined
-    - cdb_lists is iterable
-  tags:
-    - config
-
 - name: Ensure Wazuh Manager, wazuh API service is started and enabled
   service:
     name: "{{ item }}"
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 94223a94..125f948c 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -360,8 +360,9 @@
   <rule_exclude>{{ rule }}</rule_exclude>
   {% endfor %}
   {% endif %}
+  {% if cdb_lists is defined %}
   {% for list in cdb_lists %}
-  <list>etc/lists/{{ list.name }}</list>
+  <list>etc/lists/{{ list }}</list>
   {% endfor %}
   {% endif %}
 
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml b/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
index 8e904e14..44188745 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
@@ -1,87 +1,5 @@
 ---
 cdb_lists:
-  - name: 'audit-keys'
-    content: |
-      audit-wazuh-w:write
-      audit-wazuh-r:read
-      audit-wazuh-a:attribute
-      audit-wazuh-x:execute
-      audit-wazuh-c:command
-  - name: 'aws-source'
-    content: |
-      ec2.amazonaws.com:
-      elasticloadbalancing.amazonaws.com:
-      iam.amazonaws.com:
-      signin.amazonaws.com:
-      kms.amazonaws.com:
-      s3.amazonaws.com:
-  - name: 'aws-eventnames'
-    content: |
-      AddUserToGroup:
-      AllocateAddress:
-      AssociateAddress:
-      AssociateDhcpOptions:
-      AssociateRouteTable:
-      AttachGroupPolicy:
-      AttachNetworkInterface:
-      AttachRolePolicy:
-      AttachUserPolicy:
-      AttachVolume:
-      AuthorizeSecurityGroupIngress:
-      ConsoleLogin:
-      CopySnapshot:
-      CreateAccountAlias:
-      CreateGroup:
-      CreateImage:
-      CreateLoadBalancer:
-      CreatePlacementGroup:
-      CreatePolicy:
-      CreateRole:
-      CreateRouteTable:
-      CreateSecurityGroup:
-      CreateSnapshot:
-      CreateSubnet:
-      CreateTags:
-      CreateUser:
-      CreateVolume:
-      CreateVpc:
-      DeleteAccountAlias:
-      DeleteLoadBalancer:
-      DeletePlacementGroup:
-      DeleteSecurityGroup:
-      DeleteSnapshot:
-      DeleteTags:
-      DeleteUser:
-      DeleteVolume:
-      DeregisterImage:
-      DetachGroupPolicy:
-      DetachNetworkInterface:
-      DetachRolePolicy:
-      DetachVolume:
-      DisableKey:
-      DisassociateAddress:
-      DisassociateAddress:
-      DisassociateRouteTable:
-      GetGroup:
-      ListAliases:
-      ListGroups:
-      ListUsers:
-      ModifyImageAttribute:
-      ModifyInstanceAttribute:
-      ModifyNetworkInterfaceAttribute:
-      ModifySnapshotAttribute:
-      ModifySubnetAttribute:
-      ModifyVolumeAttribute:
-      MonitorInstances:
-      RebootInstances:
-      RegisterImage:
-      RemoveUserFromGroup:
-      RevokeSecurityGroupIngress:
-      RunInstances:
-      StartInstances:
-      StopInstances:
-      TerminateInstances:
-      UnmonitorInstances:
-      UpdateAccessKey:
-      UpdateAccountPasswordPolicy:
-      UpdateInstanceAlias:
+  - 'audit-keys'
+  - 'security-eventchannel'
+  - 'amazon/aws-eventnames'

From cb2ded0e49569b2f8c925ccf8e9954b429272a0e Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 10 Jan 2020 11:16:15 +0100
Subject: [PATCH 564/714] Define cdb_lists in wzuh-manger default variables

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml          | 4 ++++
 .../templates/var-ossec-etc-ossec-server.conf.j2             | 4 ++--
 roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml         | 5 -----
 3 files changed, 6 insertions(+), 7 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index e4f6a17d..385e3e6a 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -327,6 +327,10 @@ wazuh_manager_config:
   ruleset:
     rules_path: 'custom_ruleset/rules/'
     decoders_path: 'custom_ruleset/decoders/'
+    cdb_lists:
+      - 'audit-keys'
+      - 'security-eventchannel'
+      - 'amazon/aws-eventnames'
   rule_exclude:
     - '0215-policy_rules.xml'
   syslog_outputs:
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 125f948c..f7242951 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -360,8 +360,8 @@
   <rule_exclude>{{ rule }}</rule_exclude>
   {% endfor %}
   {% endif %}
-  {% if cdb_lists is defined %}
-  {% for list in cdb_lists %}
+  {% if wazuh_manager_config.ruleset.cdb_lists is defined %}
+  {% for list in wazuh_manager_config.ruleset.cdb_lists %}
   <list>etc/lists/{{ list }}</list>
   {% endfor %}
   {% endif %}
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml b/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
deleted file mode 100644
index 44188745..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-cdb_lists:
-  - 'audit-keys'
-  - 'security-eventchannel'
-  - 'amazon/aws-eventnames'

From 50a093d071418f3a375063532f872c3bf096f138 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 10 Jan 2020 13:35:11 +0100
Subject: [PATCH 565/714] Change default email_to

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 385e3e6a..638fa90b 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -114,7 +114,7 @@ wazuh_manager_config:
   email_log_source: 'alerts.log'
   extra_emails:
     - enable: false
-      mail_to: 'admin@example.net'
+      mail_to: 'recipient@example.wazuh.com'
       format: full
       level: 7
       event_location: null
@@ -126,7 +126,7 @@ wazuh_manager_config:
     - enable: false
       category: 'syscheck'
       title: 'Daily report: File changes'
-      email_to: 'admin@example.net'
+      email_to: 'recipient@example.wazuh.com'
       location: null
       group: null
       rule: null

From 8ba493ed24560e10aa3ebc6430bbf7703506e9bf Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 10 Jan 2020 13:35:41 +0100
Subject: [PATCH 566/714] Change config. tags order

---
 .../var-ossec-etc-ossec-server.conf.j2        | 183 +++++++++---------
 1 file changed, 93 insertions(+), 90 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index f7242951..d8334e2e 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -26,6 +26,11 @@
     <email_alert_level>{{ wazuh_manager_config.email_level }}</email_alert_level>
   </alerts>
 
+  <!-- Choose between "plain", "json", or "plain,json" for the format of internal logs -->
+  <logging>
+    <log_format>{{ wazuh_manager_config.log_format }}</log_format>
+  </logging>
+
 {% if wazuh_manager_config.extra_emails is defined %}
 {% for mail in wazuh_manager_config.extra_emails %}
 {% if mail.enable == true %}
@@ -57,10 +62,7 @@
 {% endfor %}
 {% endif %}
 
-  <!-- Choose between "plain", "json", or "plain,json" for the format of internal logs -->
-  <logging>
-    <log_format>{{ wazuh_manager_config.log_format }}</log_format>
-  </logging>
+
 
 {% for connection in wazuh_manager_config.connection %}
   <remote>
@@ -351,92 +353,6 @@
   </command>
 {% endfor %}
 
-  <ruleset>
-  <!-- Default ruleset -->
-  <decoder_dir>ruleset/decoders</decoder_dir>
-  <rule_dir>ruleset/rules</rule_dir>
-  {% if wazuh_manager_config.rule_exclude is defined %}
-  {% for rule in wazuh_manager_config.rule_exclude %}
-  <rule_exclude>{{ rule }}</rule_exclude>
-  {% endfor %}
-  {% endif %}
-  {% if wazuh_manager_config.ruleset.cdb_lists is defined %}
-  {% for list in wazuh_manager_config.ruleset.cdb_lists %}
-  <list>etc/lists/{{ list }}</list>
-  {% endfor %}
-  {% endif %}
-
-  <!-- User-defined ruleset -->
-  <decoder_dir>etc/decoders</decoder_dir>
-  <rule_dir>etc/rules</rule_dir>
-  </ruleset>
-
-{% if wazuh_manager_config.authd.enable == true %}
-  <auth>
-    <disabled>no</disabled>
-    {% if wazuh_manager_config.authd.port is not none %}
-    <port>{{wazuh_manager_config.authd.port}}</port>
-    {% else %}
-    <port>1515</port>
-    {% endif %}
-    {% if wazuh_manager_config.authd.use_source_ip is not none %}
-    <use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>
-    {% endif %}
-    {% if wazuh_manager_config.authd.force_insert is not none %}
-    <force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>
-    {% endif %}
-    {% if wazuh_manager_config.authd.force_time is not none %}
-    <force_time>{{wazuh_manager_config.authd.force_time}}</force_time>
-    {% endif %}
-    {% if wazuh_manager_config.authd.purge is not none %}
-    <purge>{{wazuh_manager_config.authd.purge}}</purge>
-    {% endif %}
-    {% if wazuh_manager_config.authd.use_password is not none %}
-    <use_password>{{wazuh_manager_config.authd.use_password}}</use_password>
-    {% endif %}
-    {% if wazuh_manager_config.authd.limit_maxagents is not none %}
-    <limit_maxagents>{{wazuh_manager_config.authd.limit_maxagents}}</limit_maxagents>
-    {% endif %}
-    {% if wazuh_manager_config.authd.ciphers is not none %}
-    <ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers>
-    {% endif %}    
-    {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
-    <ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
-    {% endif %}
-    {% if wazuh_manager_config.authd.ssl_verify_host is not none %}
-    <ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>
-    {% endif %}
-    {% if wazuh_manager_config.authd.ssl_manager_cert is not none %}
-    <ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>
-    {% endif %}
-    {% if wazuh_manager_config.authd.ssl_manager_key is not none %}
-    <ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>
-    {% endif %}
-    {% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}
-    <ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>
-    {% endif %}
-  </auth>
-{% endif %}
-
-  <cluster>
-    <disabled>{{ wazuh_manager_config.cluster.disable }}</disabled>
-    <name>{{ wazuh_manager_config.cluster.name }}</name>
-    <node_name>{{ wazuh_manager_config.cluster.node_name }}</node_name>
-    <node_type>{{ wazuh_manager_config.cluster.node_type }}</node_type>
-    <key>{{ wazuh_manager_config.cluster.key }}</key>
-    {% if wazuh_manager_config.cluster.interval is defined %}
-    <interval>{{ wazuh_manager_config.cluster.interval }}</interval>
-    {% endif %}
-    <port>{{ wazuh_manager_config.cluster.port }}</port>
-    <bind_addr>{{ wazuh_manager_config.cluster.bind_addr }}</bind_addr>
-    <nodes>
-    {% for node in wazuh_manager_config.cluster.nodes %}
-      <node>{{ node }}</node>
-    {% endfor %}
-    </nodes>
-    <hidden>{{ wazuh_manager_config.cluster.hidden }}</hidden>
-  </cluster>
-
 {% if ansible_system == "Linux" and wazuh_manager_config.vuls.disable == 'no' %}
   <wodle name="command">
     <disabled>no</disabled>
@@ -614,4 +530,91 @@
   </labels>
 {% endif %}
 
+
+  <ruleset>
+  <!-- Default ruleset -->
+  <decoder_dir>ruleset/decoders</decoder_dir>
+  <rule_dir>ruleset/rules</rule_dir>
+  {% if wazuh_manager_config.rule_exclude is defined %}
+  {% for rule in wazuh_manager_config.rule_exclude %}
+  <rule_exclude>{{ rule }}</rule_exclude>
+  {% endfor %}
+  {% endif %}
+  {% if wazuh_manager_config.ruleset.cdb_lists is defined %}
+  {% for list in wazuh_manager_config.ruleset.cdb_lists %}
+  <list>etc/lists/{{ list }}</list>
+  {% endfor %}
+  {% endif %}
+
+  <!-- User-defined ruleset -->
+  <decoder_dir>etc/decoders</decoder_dir>
+  <rule_dir>etc/rules</rule_dir>
+  </ruleset>
+
+{% if wazuh_manager_config.authd.enable == true %}
+  <auth>
+    <disabled>no</disabled>
+    {% if wazuh_manager_config.authd.port is not none %}
+    <port>{{wazuh_manager_config.authd.port}}</port>
+    {% else %}
+    <port>1515</port>
+    {% endif %}
+    {% if wazuh_manager_config.authd.use_source_ip is not none %}
+    <use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>
+    {% endif %}
+    {% if wazuh_manager_config.authd.force_insert is not none %}
+    <force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>
+    {% endif %}
+    {% if wazuh_manager_config.authd.force_time is not none %}
+    <force_time>{{wazuh_manager_config.authd.force_time}}</force_time>
+    {% endif %}
+    {% if wazuh_manager_config.authd.purge is not none %}
+    <purge>{{wazuh_manager_config.authd.purge}}</purge>
+    {% endif %}
+    {% if wazuh_manager_config.authd.use_password is not none %}
+    <use_password>{{wazuh_manager_config.authd.use_password}}</use_password>
+    {% endif %}
+    {% if wazuh_manager_config.authd.limit_maxagents is not none %}
+    <limit_maxagents>{{wazuh_manager_config.authd.limit_maxagents}}</limit_maxagents>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ciphers is not none %}
+    <ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers>
+    {% endif %}    
+    {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
+    <ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_verify_host is not none %}
+    <ssl_verify_host>{{wazuh_manager_config.authd.ssl_verify_host}}</ssl_verify_host>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_manager_cert is not none %}
+    <ssl_manager_cert>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_cert | basename}}</ssl_manager_cert>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_manager_key is not none %}
+    <ssl_manager_key>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_manager_key | basename}}</ssl_manager_key>
+    {% endif %}
+    {% if wazuh_manager_config.authd.ssl_auto_negotiate is not none %}
+    <ssl_auto_negotiate>{{wazuh_manager_config.authd.ssl_auto_negotiate}}</ssl_auto_negotiate>
+    {% endif %}
+  </auth>
+{% endif %}
+
+  <cluster>
+    <disabled>{{ wazuh_manager_config.cluster.disable }}</disabled>
+    <name>{{ wazuh_manager_config.cluster.name }}</name>
+    <node_name>{{ wazuh_manager_config.cluster.node_name }}</node_name>
+    <node_type>{{ wazuh_manager_config.cluster.node_type }}</node_type>
+    <key>{{ wazuh_manager_config.cluster.key }}</key>
+    {% if wazuh_manager_config.cluster.interval is defined %}
+    <interval>{{ wazuh_manager_config.cluster.interval }}</interval>
+    {% endif %}
+    <port>{{ wazuh_manager_config.cluster.port }}</port>
+    <bind_addr>{{ wazuh_manager_config.cluster.bind_addr }}</bind_addr>
+    <nodes>
+    {% for node in wazuh_manager_config.cluster.nodes %}
+      <node>{{ node }}</node>
+    {% endfor %}
+    </nodes>
+    <hidden>{{ wazuh_manager_config.cluster.hidden }}</hidden>
+  </cluster>
+
 </ossec_config>

From 5aa0f2e6c42af9c155706a523a4c8570e9aa5e26 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 10 Jan 2020 13:36:12 +0100
Subject: [PATCH 567/714] Define config_profile for CentOS and Ubuntu

---
 .../ansible-wazuh-agent/defaults/main.yml     |   5 +-
 .../var-ossec-etc-ossec-agent.conf.j2         | 193 +++++++++---------
 2 files changed, 101 insertions(+), 97 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 88c560fa..9db5406d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -30,7 +30,8 @@ wazuh_managers:
     api_port: 55000
     api_proto: 'http'
     api_user: null
-wazuh_profile: null
+wazuh_profile_centos: 'centos, centos7, centos7.6'
+wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
 wazuh_auto_restart: 'yes'
 wazuh_agent_authd:
   enable: false
@@ -102,7 +103,7 @@ wazuh_agent_config:
     directories:
       - dirs: /etc,/usr/bin,/usr/sbin
         checks: 'check_all="yes"'
-      - dirs: /bin,/sbin
+      - dirs: /bin,/sbin,/boot
         checks: 'check_all="yes"'
     win_directories:
       - dirs: '%WINDIR%\regedit.exe'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 57787b07..424410b8 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -19,8 +19,12 @@
       {% endif %}
     </server>
     {% endfor %}
-    {% if wazuh_profile is not none %}
-    <config-profile>{{ wazuh_profile }}</config-profile>
+    {% if wazuh_profile_centos is not none or wazuh_profile_ubuntu is not none %}
+    {% if ansible_distribution == 'CentOS' %}
+    <config-profile>{{ wazuh_profile_centos }}</config-profile>
+    {% elif ansible_distribution == "Ubuntu" %}
+    <config-profile>{{ wazuh_profile_ubuntu }}</config-profile>
+    {% endif %}
     {% endif %}
     {% if wazuh_notify_time is not none and wazuh_time_reconnect is not none %}
     <notify_time>{{ wazuh_notify_time }}</notify_time>
@@ -37,16 +41,6 @@
     <events_per_second>{{ wazuh_agent_config.client_buffer.events_per_sec }}</events_per_second>
   </client_buffer>
 
-  <logging>
-    <log_format>{{ wazuh_agent_config.log_format }}</log_format>
-  </logging>
-
-  <active-response>
-    <disabled>{{ wazuh_agent_config.active_response.ar_disabled|default('no') }}</disabled>
-    <ca_store>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}{% else %}{{ wazuh_agent_config.active_response.ca_store }}{% endif %}</ca_store>
-    <ca_verification>{{ wazuh_agent_config.active_response.ca_verification }}</ca_verification>
-  </active-response>
-
   {% if wazuh_agent_config.rootcheck is defined %}
   <rootcheck>
     <disabled>no</disabled>
@@ -75,89 +69,6 @@
   </rootcheck>
   {% endif %}
 
-  <!-- Directories to check  (perform all possible verifications) -->
-  {% if wazuh_agent_config.syscheck is defined %}
-  <syscheck>
-    <disabled>no</disabled>
-  <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
-    <!-- Frequency that syscheck is executed -- default every 20 hours -->
-    <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
-    {% if ansible_system == "Linux" %}
-  <!-- <directories check_all="yes" realtime="yes" restrict="^/var/ossec/etc/shared/agent.conf$">/var/ossec/etc/shared</directories> -->
-    <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
-    <directories check_all="yes">/bin,/sbin,/boot</directories>
-    <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
-    {% endif %}
-
-    <!-- Directories to check  (perform all possible verifications) -->
-    {% if wazuh_agent_config.syscheck.directories is defined and ansible_system == "Linux" %}
-    {% for directory in wazuh_agent_config.syscheck.directories %}
-    <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
-    {% endfor %}
-    {% endif %}
-
-    <!-- Directories to check  (perform all possible verifications) -->
-    {% if wazuh_agent_config.syscheck.win_directories is defined and ansible_system == "Windows" %}
-    {% for directory in wazuh_agent_config.syscheck.win_directories %}
-    <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
-    {% endfor %}
-    {% endif %}
-
-    <!-- Files/directories to ignore -->
-    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Linux" %}
-    {% for ignore in wazuh_agent_config.syscheck.ignore %}
-    <ignore>{{ ignore }}</ignore>
-    {% endfor %}
-    {% endif %}
-
-    <!-- File types to ignore -->
-    {% if wazuh_agent_config.syscheck.ignore_linux_type is defined %}
-    {% for ignore in wazuh_agent_config.syscheck.ignore_linux_type %}
-    <ignore type="sregex">{{ ignore }}</ignore>
-    {% endfor %}
-    {% endif %}
-
-    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Windows" %}
-    {% for ignore in wazuh_agent_config.syscheck.ignore_win %}
-    <ignore type="sregex">{{ ignore }}</ignore>
-    {% endfor %}
-    {% endif %}
-
-    {% if ansible_system == "Linux" %}
-    <!-- Files no diff -->
-    {% for no_diff in wazuh_agent_config.syscheck.no_diff %}
-    <nodiff>{{ no_diff }}</nodiff>
-    {% endfor %}
-    
-    <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
-    {% endif %}
-
-    {% if ansible_os_family == "Windows" %}
-    {% for registry_key in wazuh_agent_config.syscheck.windows_registry %}
-    {% if registry_key.arch is defined %}
-    <windows_registry arch="{{ registry_key.arch }}">{{ registry_key.key }}</windows_registry>
-    {% else %}
-    <windows_registry>{{ registry_key.key }}</windows_registry>
-    {% endif %}
-    {% endfor %}
-    {% endif %}
-
-    {% if ansible_os_family == "Windows" %}
-    {% for registry_key in wazuh_agent_config.syscheck.windows_registry_ignore %}
-    {% if registry_key.type is defined %}
-    <registry_ignore type="{{ registry_key.type }}">{{ registry_key.key }}</registry_ignore>
-    {% else %}
-    <registry_ignore>{{ registry_key.key }}</registry_ignore>
-    {% endif %}
-    {% endfor %}
-    {% endif %}
-
-    {% if ansible_os_family == "Windows" %}
-    <!-- Frequency for ACL checking (seconds) -->
-    <windows_audit_interval>{{ wazuh_agent_config.syscheck.win_audit_interval }}</windows_audit_interval>
-    {% endif %}
-  </syscheck>
-  {% endif %}
 
   {% if ansible_system == "Linux" %}
   <wodle name="open-scap">
@@ -276,6 +187,88 @@
   {% endif %}
   </sca>
 
+
+  <!-- Directories to check  (perform all possible verifications) -->
+  {% if wazuh_agent_config.syscheck is defined %}
+  <syscheck>
+    <disabled>no</disabled>
+  <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
+    <!-- Frequency that syscheck is executed -- default every 20 hours -->
+    <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
+    {% if ansible_system == "Linux" %}
+    <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
+    <!-- Directories to check  (perform all possible verifications) -->
+    {% if wazuh_agent_config.syscheck.directories is defined and ansible_system == "Linux" %}
+    {% for directory in wazuh_agent_config.syscheck.directories %}
+    <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
+    {% endfor %}
+    {% endif %}
+    {% endif %}
+
+    <!-- Directories to check  (perform all possible verifications) -->
+    {% if wazuh_agent_config.syscheck.win_directories is defined and ansible_system == "Windows" %}
+    {% for directory in wazuh_agent_config.syscheck.win_directories %}
+    <directories {{ directory.checks }}>{{ directory.dirs }}</directories>
+    {% endfor %}
+    {% endif %}
+
+    <!-- Files/directories to ignore -->
+    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Linux" %}
+    {% for ignore in wazuh_agent_config.syscheck.ignore %}
+    <ignore>{{ ignore }}</ignore>
+    {% endfor %}
+    {% endif %}
+
+    <!-- File types to ignore -->
+    {% if wazuh_agent_config.syscheck.ignore_linux_type is defined %}
+    {% for ignore in wazuh_agent_config.syscheck.ignore_linux_type %}
+    <ignore type="sregex">{{ ignore }}</ignore>
+    {% endfor %}
+    {% endif %}
+
+    {% if wazuh_agent_config.syscheck.ignore is defined and ansible_system == "Windows" %}
+    {% for ignore in wazuh_agent_config.syscheck.ignore_win %}
+    <ignore type="sregex">{{ ignore }}</ignore>
+    {% endfor %}
+    {% endif %}
+
+    {% if ansible_system == "Linux" %}
+    <!-- Files no diff -->
+    {% for no_diff in wazuh_agent_config.syscheck.no_diff %}
+    <nodiff>{{ no_diff }}</nodiff>
+    {% endfor %}
+    
+    <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
+    {% endif %}
+
+    {% if ansible_os_family == "Windows" %}
+    {% for registry_key in wazuh_agent_config.syscheck.windows_registry %}
+    {% if registry_key.arch is defined %}
+    <windows_registry arch="{{ registry_key.arch }}">{{ registry_key.key }}</windows_registry>
+    {% else %}
+    <windows_registry>{{ registry_key.key }}</windows_registry>
+    {% endif %}
+    {% endfor %}
+    {% endif %}
+
+    {% if ansible_os_family == "Windows" %}
+    {% for registry_key in wazuh_agent_config.syscheck.windows_registry_ignore %}
+    {% if registry_key.type is defined %}
+    <registry_ignore type="{{ registry_key.type }}">{{ registry_key.key }}</registry_ignore>
+    {% else %}
+    <registry_ignore>{{ registry_key.key }}</registry_ignore>
+    {% endif %}
+    {% endfor %}
+    {% endif %}
+
+    {% if ansible_os_family == "Windows" %}
+    <!-- Frequency for ACL checking (seconds) -->
+    <windows_audit_interval>{{ wazuh_agent_config.syscheck.win_audit_interval }}</windows_audit_interval>
+    {% endif %}
+  </syscheck>
+  {% endif %}
+
+
   {% if ansible_system == "Linux" and wazuh_agent_config.vuls.disable == 'no' %}
   <wodle name="command">
     <disabled>no</disabled>
@@ -365,4 +358,14 @@
   </labels>
 {% endif %}
 
+  <active-response>
+    <disabled>{{ wazuh_agent_config.active_response.ar_disabled|default('no') }}</disabled>
+    <ca_store>{% if ansible_os_family == "Windows" %}{{ wazuh_agent_config.active_response.ca_store_win }}{% else %}{{ wazuh_agent_config.active_response.ca_store }}{% endif %}</ca_store>
+    <ca_verification>{{ wazuh_agent_config.active_response.ca_verification }}</ca_verification>
+  </active-response>
+
+  <logging>
+    <log_format>{{ wazuh_agent_config.log_format }}</log_format>
+  </logging>
+
 </ossec_config>

From c3cc763a5e719aacb81c378c0f64d6233762fa1a Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Thu, 16 Jan 2020 11:58:05 +0100
Subject: [PATCH 568/714] added key ID for download only when required

---
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml | 4 ++--
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml        | 5 +++--
 roles/wazuh/ansible-filebeat/tasks/Debian.yml              | 5 +++--
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml           | 1 +
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml         | 1 +
 5 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index c82e52ce..1b9c1da5 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -30,9 +30,9 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
-
+    state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index b00ad94a..4a621092 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -8,10 +8,11 @@
   register: kibana_installing_ca_package
   until: kibana_installing_ca_package is succeeded
 
-- name: Debian/Ubuntu | Add Elasticsearch GPG key
+- name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
+    state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index a192c401..ed4cde1a 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -8,10 +8,11 @@
   register: filebeat_ca_packages_install
   until: filebeat_ca_packages_install is succeeded
 
-- name: Debian/Ubuntu | Add Elasticsearch apt key.
+- name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    keyserver: "{{ elasticrepo_gpg_keyserver }}"
+    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
+    state: present
 
 - name: Debian/Ubuntu | Add Filebeat repository.
   apt_repository:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 0e0ba92f..d3d12c22 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -25,6 +25,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_agent_config.repo.gpg }}"
+    id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_agent_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index e045059d..f47a3ef7 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -28,6 +28,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
+    id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled

From d328609f29f3092b33b2bc382257c454fd83b2f3 Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Thu, 16 Jan 2020 13:06:40 +0100
Subject: [PATCH 569/714] repo param not needed any longer

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 4 ----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 ---
 2 files changed, 7 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index b4d1ed06..9db5406d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -342,8 +342,4 @@ wazuh_agent_config:
     list:
       - key: Env
         value: Production
-
 wazuh_agent_nat: false
-
-wazuhrepo_server: https://packages.wazuh.com/3.x/apt/
-wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 09a8b4a1..638fa90b 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -396,6 +396,3 @@ nodejs:
       debian: "deb"
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_8.x"
-
-wauzhrepo_gpg_keyserver: pool.sks-keyservers.net
-wazuhrepo_server: https://packages.wazuh.com/3.x/apt/

From b9b2663b3d0d496350fa5ca907d8cdfae3a1d548 Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Thu, 16 Jan 2020 13:26:34 +0100
Subject: [PATCH 570/714] made elasticrepo configurable

---
 .../elastic-stack/ansible-elasticsearch/defaults/main.yml | 6 ++++--
 .../elastic-stack/ansible-elasticsearch/tasks/Debian.yml  | 4 ++--
 .../ansible-elasticsearch/tasks/RMDebian.yml              | 2 +-
 .../ansible-elasticsearch/tasks/RMRedHat.yml              | 2 +-
 .../elastic-stack/ansible-elasticsearch/tasks/RedHat.yml  | 4 ++--
 roles/elastic-stack/ansible-kibana/defaults/main.yml      | 6 ++++--
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml       | 4 ++--
 roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml     | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml     | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/RedHat.yml       | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml            | 6 ++++--
 roles/wazuh/ansible-filebeat/tasks/Debian.yml             | 4 ++--
 roles/wazuh/ansible-filebeat/tasks/RMDebian.yml           | 2 +-
 roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml           | 2 +-
 roles/wazuh/ansible-filebeat/tasks/RedHat.yml             | 8 ++++----
 15 files changed, 32 insertions(+), 26 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 55b79a69..8b16fb18 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -7,8 +7,10 @@ elasticsearch_jvm_xms: null
 elastic_stack_version: 7.5.1
 elasticsearch_lower_disk_requirements: false
 
-elasticrepo_server: https://artifacts.elastic.co/packages/7.x/apt
-elasticrepo_gpg_keyserver: pool.sks-keyservers.net
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
 
 # Cluster Settings
 single_node: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 1b9c1da5..e908d63c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -30,13 +30,13 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+    url: "{{ elasticrepo.gpg }}"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: "deb {{ elasticrepo_server }} stable main"
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: present
     filename: 'elastic_repo_7'
     update_cache: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
index c123c707..4fcfb44c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml
@@ -1,6 +1,6 @@
 ---
 - name: Debian/Ubuntu | Removing Elasticsearch repository
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: absent
   changed_when: false
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
index bdf667bc..46989361 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml
@@ -1,6 +1,6 @@
 ---
 - name: RedHat/CentOS/Fedora | Remove Elasticsearch repository (and clean up left-over metadata)
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     state: absent
   changed_when: false
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
index d02664c8..62f63978 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml
@@ -4,8 +4,8 @@
   yum_repository:
     name: elastic_repo_7
     description: Elastic repository for 7.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    baseurl: "{{ elasticrepo.yum }}"
+    gpgkey: "{{ elasticrepo.gpg }}"
     gpgcheck: true
   changed_when: false
 
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 642473af..e741567a 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -9,8 +9,10 @@ elastic_stack_version: 7.5.1
 wazuh_version: 3.11.1
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
-elasticrepo_server: https://artifacts.elastic.co/packages/7.x/apt
-elasticrepo_gpg_keyserver: pool.sks-keyservers.net
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
 
 # API credentials
 wazuh_api_credentials:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 4a621092..04c174c9 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -10,13 +10,13 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+    url: "{{ elasticrepo.gpg }}"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: "deb {{ elasticrepo_server }} stable main"
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: present
     filename: 'elastic_repo_7'
     update_cache: true
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
index c123c707..4fcfb44c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml
@@ -1,6 +1,6 @@
 ---
 - name: Debian/Ubuntu | Removing Elasticsearch repository
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: absent
   changed_when: false
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
index 1ae7df57..0da555b3 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml
@@ -1,6 +1,6 @@
 ---
 - name: Remove Elasticsearch repository (and clean up left-over metadata)
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     state: absent
   changed_when: false
diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
index abb8b0c0..7acdec09 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml
@@ -3,8 +3,8 @@
   yum_repository:
     name: elastic_repo_7
     description: Elastic repository for 7.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    baseurl: "{{ elasticrepo.yum }}"
+    gpgkey: "{{ elasticrepo.gpg }}"
     gpgcheck: true
   changed_when: false
 
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index eda469ba..ad93dd3a 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -49,5 +49,7 @@ master_certs_path: /es_certs
 generate_CA: true
 ca_cert_name: ""
 
-elasticrepo_gpg_keyserver: pool.sks-keyservers.net
-elasticrepo_server: https://artifacts.elastic.co/packages/7.x/apt
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index ed4cde1a..8c33fb0e 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -10,13 +10,13 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+    url: "{{ elasticrepo.gpg }}"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
     state: present
 
 - name: Debian/Ubuntu | Add Filebeat repository.
   apt_repository:
-    repo: "deb {{ elasticrepo_server }} stable main"
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: present
     update_cache: true
   changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
index 6472db68..25a33909 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml
@@ -1,6 +1,6 @@
 ---
 - name: Debian/Ubuntu | Remove Filebeat repository (and clean up left-over metadata)
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: absent
   changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
index 519121b3..1cf84081 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml
@@ -1,6 +1,6 @@
 ---
 - name: RedHat/CentOS/Fedora | Remove Filebeat repository (and clean up left-over metadata)
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     state: absent
   changed_when: false
diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
index 3d3108f6..23948b37 100644
--- a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml
@@ -1,9 +1,9 @@
 ---
 - name: RedHat/CentOS/Fedora/Amazon Linux | Install Filebeats repo
   yum_repository:
-    name: elastic_repo
-    description: Elastic repository for 6.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    name: elastic_repo_7
+    description: Elastic repository for 7.x packages
+    baseurl: "{{ elasticrepo.yum }}"
+    gpgkey: "{{ elasticrepo.gpg }}"
     gpgcheck: true
   changed_when: false

From f9e50c5e8439025711b477232845e955a8d8eddd Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Thu, 16 Jan 2020 13:36:22 +0100
Subject: [PATCH 571/714] unnecessary changes

---
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml | 2 +-
 roles/wazuh/ansible-filebeat/tasks/Debian.yml       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 04c174c9..597a6354 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -8,7 +8,7 @@
   register: kibana_installing_ca_package
   until: kibana_installing_ca_package is succeeded
 
-- name: Debian/Ubuntu | Add Elasticsearch GPG key.
+- name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
     url: "{{ elasticrepo.gpg }}"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 8c33fb0e..1a97d44f 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -8,7 +8,7 @@
   register: filebeat_ca_packages_install
   until: filebeat_ca_packages_install is succeeded
 
-- name: Debian/Ubuntu | Add Elasticsearch GPG key.
+- name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
     url: "{{ elasticrepo.gpg }}"
     id: 46095ACC8548582C1A2699A9D27D666CD88E42B4

From 7e9f59388a94f73d1a673b6736cb52ee24a6b513 Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Thu, 16 Jan 2020 14:23:53 +0100
Subject: [PATCH 572/714] filebeat module destination configurable

---
 roles/wazuh/ansible-filebeat/defaults/main.yml | 1 +
 roles/wazuh/ansible-filebeat/tasks/main.yml    | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index ad93dd3a..7f49790e 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -28,6 +28,7 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
+filebeat_module_package_url: https://packages.wazuh.com/3.x/filebeat
 filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
 filebeat_module_package_path: /tmp/
 filebeat_module_destination: /usr/share/filebeat/module
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index ca5ea6ac..07bc94ea 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -70,7 +70,7 @@
 
 - name: Download Filebeat module package
   get_url:
-    url: https://packages.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}
+    url: "{{ filebeat_module_package_url }}/{{ filebeat_module_package_name }}"
     dest: "{{ filebeat_module_package_path }}"
   when: not filebeat_module_folder.stat.exists
 

From 5906bd2df4ae8d6a5d3349168dd8f5307239945b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 21 Jan 2020 09:08:03 +0100
Subject: [PATCH 573/714] Change Wazuh Agent default protocol to udp in
 wazuh-agent.yml playbook

---
 playbooks/wazuh-agent.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
index bd85a3a6..8c7eaa69 100644
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@@ -6,7 +6,7 @@
     wazuh_managers:
       - address: <your manager IP>
         port: 1514
-        protocol: tcp
+        protocol: udp
         api_port: 55000
         api_proto: 'http'
         api_user: ansible

From 6361eacbf0dd56e0171aa26654f2a29a3baf050f Mon Sep 17 00:00:00 2001
From: joschneider <jott.ess@web.de>
Date: Tue, 21 Jan 2020 10:56:59 +0100
Subject: [PATCH 574/714] repo gpg key id as a paramater

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 1 +
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml  | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 1 +
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml         | 2 +-
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 1 +
 roles/wazuh/ansible-filebeat/tasks/Debian.yml               | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml            | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 1 +
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml          | 2 +-
 10 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 8b16fb18..1a737c04 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -11,6 +11,7 @@ elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
   gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  kid: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
 # Cluster Settings
 single_node: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index e908d63c..cfdbe342 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -31,7 +31,7 @@
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
     url: "{{ elasticrepo.gpg }}"
-    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
+    id: "{{ elasticrepo.kid }}"
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index e741567a..07675f85 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -13,6 +13,7 @@ elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
   gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  kid: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
 # API credentials
 wazuh_api_credentials:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index 597a6354..ff4373dc 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -11,7 +11,7 @@
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
     url: "{{ elasticrepo.gpg }}"
-    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
+    id: "{{ elasticrepo.kid }}"
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 7f49790e..5b655311 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -54,3 +54,4 @@ elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
   gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  kid: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index 1a97d44f..bdd7dc51 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -11,7 +11,7 @@
 - name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
     url: "{{ elasticrepo.gpg }}"
-    id: 46095ACC8548582C1A2699A9D27D666CD88E42B4
+    id: "{{ elasticrepo.kid }}"
     state: present
 
 - name: Debian/Ubuntu | Add Filebeat repository.
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 9db5406d..d92b07b4 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,6 +60,7 @@ wazuh_agent_config:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+    kid: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
   active_response:
     ar_disabled: 'no'
     ca_store: '/var/ossec/etc/wpk_root.pem'
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index d3d12c22..452fbdf8 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -25,7 +25,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_agent_config.repo.gpg }}"
-    id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
+    id: "{{ wazuhrepo.kid }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_agent_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 638fa90b..fadc54f9 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -52,6 +52,7 @@ wazuh_manager_config:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+    kid: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
   json_output: 'yes'
   alerts_log: 'yes'
   logall: 'no'
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index f47a3ef7..e4b69bcb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -28,7 +28,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
-    id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
+    id: "{{ wazuhrepo.kid }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled

From 50964bd0f855244778b0569075bb468061f1eb79 Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Tue, 21 Jan 2020 11:57:33 +0100
Subject: [PATCH 575/714] better naming for parameter kid

---
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml  | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/Debian.yml         | 2 +-
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 roles/wazuh/ansible-filebeat/tasks/Debian.yml               | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 2 +-
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml            | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml          | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index 1a737c04..50b56d5c 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -11,7 +11,7 @@ elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
   gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
-  kid: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
 # Cluster Settings
 single_node: true
diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index cfdbe342..74c6bcf2 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -31,7 +31,7 @@
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
     url: "{{ elasticrepo.gpg }}"
-    id: "{{ elasticrepo.kid }}"
+    id: "{{ elasticrepo.key_id }}"
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 07675f85..10408e77 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -13,7 +13,7 @@ elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
   gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
-  kid: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
 # API credentials
 wazuh_api_credentials:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
index ff4373dc..281555ca 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml
@@ -11,7 +11,7 @@
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
     url: "{{ elasticrepo.gpg }}"
-    id: "{{ elasticrepo.kid }}"
+    id: "{{ elasticrepo.key_id }}"
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 5b655311..d7bdcf02 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -54,4 +54,4 @@ elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
   gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
-  kid: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
index bdd7dc51..a87bb2bf 100644
--- a/roles/wazuh/ansible-filebeat/tasks/Debian.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/Debian.yml
@@ -11,7 +11,7 @@
 - name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
     url: "{{ elasticrepo.gpg }}"
-    id: "{{ elasticrepo.kid }}"
+    id: "{{ elasticrepo.key_id }}"
     state: present
 
 - name: Debian/Ubuntu | Add Filebeat repository.
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index d92b07b4..d1c027ad 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,7 +60,7 @@ wazuh_agent_config:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
-    kid: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
+    key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
   active_response:
     ar_disabled: 'no'
     ca_store: '/var/ossec/etc/wpk_root.pem'
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 452fbdf8..88b9895c 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -25,7 +25,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_agent_config.repo.gpg }}"
-    id: "{{ wazuhrepo.kid }}"
+    id: "{{ wazuhrepo.key_id }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_agent_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index fadc54f9..ce84fa80 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -52,7 +52,7 @@ wazuh_manager_config:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
-    kid: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
+    key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
   json_output: 'yes'
   alerts_log: 'yes'
   logall: 'no'
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index e4b69bcb..58e4c232 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -28,7 +28,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
-    id: "{{ wazuhrepo.kid }}"
+    id: "{{ wazuhrepo.key_id }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled

From d79a14de054a757a19944f31c703075fd0e3701d Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 22 Jan 2020 13:30:53 +0100
Subject: [PATCH 576/714] Bump version to 3.11.2_7.5.1

---
 VERSION                                              | 4 ++--
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 6 +++---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 6 +++---
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/VERSION b/VERSION
index 3961d05c..6d825ed6 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.11.1"
-REVISION="31110"
+WAZUH-ANSIBLE_VERSION="v3.11.2"
+REVISION="31120"
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 486448d2..9b6ec2f3 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.5.1
-wazuh_version: 3.11.1
+wazuh_version: 3.11.2
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # API credentials
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 9db5406d..35992118 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.11.1-1
+wazuh_agent_version: 3.11.2-1
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.11.1"
+  branch: "v3.11.2"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -51,7 +51,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.11.1'
+  version: '3.11.2'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 1e39c2ad032259cb9682c1eac3ac646a
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 638fa90b..1a7b841e 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.11.1-1
+wazuh_manager_version: 3.11.2-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.11.1"
+  branch: "v3.11.2"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.11.1"
+  branch: "v3.11.2"
   update: "y"
   remove: "y"
   directory: null

From 125af8cff3680a62b21200a170fcf136c64526e5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 22 Jan 2020 13:31:08 +0100
Subject: [PATCH 577/714] Update wazuh-elasticsearch.json template

---
 .../templates/elasticsearch.yml.j2            | 140 +++++++++++++++++-
 1 file changed, 132 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
index 444cef06..88d50c3f 100644
--- a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
+++ b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2
@@ -162,6 +162,7 @@
       "data.dstip",
       "data.dstport",
       "data.dstuser",
+      "data.extra_data",
       "data.hardware.serial",
       "data.id",
       "data.integration",
@@ -291,10 +292,37 @@
       "data.vulnerability.advisories",
       "data.vulnerability.bugzilla_reference",
       "data.vulnerability.cve",
+      "data.vulnerability.cvss.cvss2.base_score",
+      "data.vulnerability.cvss.cvss2.exploitability_score",
+      "data.vulnerability.cvss.cvss2.impact_score",
+      "data.vulnerability.cvss.cvss2.vector.access_complexity",
+      "data.vulnerability.cvss.cvss2.vector.attack_vector",
+      "data.vulnerability.cvss.cvss2.vector.authentication",
+      "data.vulnerability.cvss.cvss2.vector.availability",
+      "data.vulnerability.cvss.cvss2.vector.confidentiality_impact",
+      "data.vulnerability.cvss.cvss2.vector.integrity_impact",
+      "data.vulnerability.cvss.cvss2.vector.privileges_required",
+      "data.vulnerability.cvss.cvss2.vector.scope",
+      "data.vulnerability.cvss.cvss2.vector.user_interaction",
+      "data.vulnerability.cvss.cvss3.base_score",
+      "data.vulnerability.cvss.cvss3.exploitability_score",
+      "data.vulnerability.cvss.cvss3.impact_score",
+      "data.vulnerability.cvss.cvss3.vector.access_complexity",
+      "data.vulnerability.cvss.cvss3.vector.attack_vector",
+      "data.vulnerability.cvss.cvss3.vector.authentication",
+      "data.vulnerability.cvss.cvss3.vector.availability",
+      "data.vulnerability.cvss.cvss3.vector.confidentiality_impact",
+      "data.vulnerability.cvss.cvss3.vector.integrity_impact",
+      "data.vulnerability.cvss.cvss3.vector.privileges_required",
+      "data.vulnerability.cvss.cvss3.vector.scope",
+      "data.vulnerability.cvss.cvss3.vector.user_interaction",
       "data.vulnerability.cwe_reference",
+      "data.vulnerability.package.architecture",
       "data.vulnerability.package.condition",
+      "data.vulnerability.package.generated_cpe",
       "data.vulnerability.package.name",
       "data.vulnerability.package.version",
+      "data.vulnerability.rationale",
       "data.vulnerability.reference",
       "data.vulnerability.severity",
       "data.vulnerability.state",
@@ -372,6 +400,8 @@
       "rule.id",
       "rule.info",
       "rule.pci_dss",
+      "rule.hipaa",
+      "rule.nist_800_53",
       "syscheck.audit.effective_user.id",
       "syscheck.audit.effective_user.name",
       "syscheck.audit.group.id",
@@ -943,6 +973,9 @@
           "data": {
             "type": "keyword"
           },
+          "extra_data": {
+            "type": "keyword"
+          },
           "system_name": {
             "type": "keyword"
           },
@@ -1531,14 +1564,93 @@
               },
               "cvss": {
                 "properties": {
-                  "cvss3_score": {
-                    "type": "keyword"
+                  "cvss2": {
+                    "properties": {
+                      "base_score": {
+                        "type": "keyword"
+                      },
+                      "exploitability_score": {
+                        "type": "keyword"
+                      },
+                      "impact_score": {
+                        "type": "keyword"
+                      },
+                      "vector": {
+                        "properties": {
+                          "access_complexity": {
+                            "type": "keyword"
+                          },
+                          "attack_vector": {
+                            "type": "keyword"
+                          },
+                          "authentication": {
+                            "type": "keyword"
+                          },
+                          "availability": {
+                            "type": "keyword"
+                          },
+                          "confidentiality_impact": {
+                            "type": "keyword"
+                          },
+                          "integrity_impact": {
+                            "type": "keyword"
+                          },
+                          "privileges_required": {
+                            "type": "keyword"
+                          },
+                          "scope": {
+                            "type": "keyword"
+                          },
+                          "user_interaction": {
+                            "type": "keyword"
+                          }
+                        }
+                      }
+                    }
                   },
-                  "cvss_score": {
-                    "type": "keyword"
-                  },
-                  "cvss_scoring_vector": {
-                    "type": "keyword"
+                  "cvss3": {
+                    "properties": {
+                      "base_score": {
+                        "type": "keyword"
+                      },
+                      "exploitability_score": {
+                        "type": "keyword"
+                      },
+                      "impact_score": {
+                        "type": "keyword"
+                      },
+                      "vector": {
+                        "properties": {
+                          "access_complexity": {
+                            "type": "keyword"
+                          },
+                          "attack_vector": {
+                            "type": "keyword"
+                          },
+                          "authentication": {
+                            "type": "keyword"
+                          },
+                          "availability": {
+                            "type": "keyword"
+                          },
+                          "confidentiality_impact": {
+                            "type": "keyword"
+                          },
+                          "integrity_impact": {
+                            "type": "keyword"
+                          },
+                          "privileges_required": {
+                            "type": "keyword"
+                          },
+                          "scope": {
+                            "type": "keyword"
+                          },
+                          "user_interaction": {
+                            "type": "keyword"
+                          }
+                        }
+                      }
+                    }
                   }
                 }
               },
@@ -1547,9 +1659,15 @@
               },
               "package": {
                 "properties": {
+                  "architecture": {
+                    "type": "keyword"
+                  },
                   "condition": {
                     "type": "keyword"
                   },
+                  "generated_cpe": {
+                    "type": "keyword"
+                  },
                   "name": {
                     "type": "keyword"
                   },
@@ -1561,6 +1679,12 @@
               "published": {
                 "type": "date"
               },
+              "updated": {
+                "type": "date"
+              },
+              "rationale": {
+                "type": "keyword"
+              },
               "reference": {
                 "type": "keyword"
               },
@@ -1673,4 +1797,4 @@
     }
   },
   "version": 1
-}
\ No newline at end of file
+}

From 7f86bbe76529daa3e8687cd6f7305821b5ddac3a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 22 Jan 2020 13:33:54 +0100
Subject: [PATCH 578/714] Update CHANGELOG.md

---
 CHANGELOG.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 09f505e9..cd521303 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,16 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.11.2_7.5.1]
+
+### Added
+
+- Update to Wazuh v3.11.2
+
+### Changed
+
+- Update templates for Python 3 compatibility ([@xr09](https://github.com/xr09)) [PR#344](https://github.com/wazuh/wazuh-ansible/pull/344)
+
 ## [v3.11.1_7.5.1]
 
 ### Added

From 867df7b870ef30fee5325b7e3031d8bb76b2409a Mon Sep 17 00:00:00 2001
From: francobep <francobep@gmail.com>
Date: Wed, 22 Jan 2020 10:50:37 -0300
Subject: [PATCH 579/714] Fix playbook template

In the first host of the elastic cluster, the "node_name" property, will be  "elasticsearch_node_name"
---
 playbooks/wazuh-elastic_stack-distributed.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 5f4213f5..16abfcf5 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -4,7 +4,7 @@
   roles:
     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: <node-1 IP>
-      node_name: node-1
+      elasticsearch_node_name: node-1
       elasticsearch_bootstrap_node: true
       elasticsearch_cluster_nodes:
         - <node-1 IP>
@@ -88,4 +88,4 @@
 #       kibana_node_name: node-3
 #       elasticsearch_network_host: 172.16.0.161
 #       node_certs_generator: false
-#       elasticsearch_xpack_security_password: elastic_pass
\ No newline at end of file
+#       elasticsearch_xpack_security_password: elastic_pass

From 94095c88c9439e344998b545d9e6014244e4a327 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 22 Jan 2020 15:14:56 +0100
Subject: [PATCH 580/714] Bump MD5 hash for Windows Agent

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 35992118..22db8c9d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -54,7 +54,7 @@ wazuh_winagent_config:
   version: '3.11.2'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: 1e39c2ad032259cb9682c1eac3ac646a
+  md5: 9b6e57054353e31f449ce61bf3695271
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From 5479fc55501efe4c6a2406dcf74f7847df1c13d1 Mon Sep 17 00:00:00 2001
From: Jochen Schneider <jochen.schneider@ionos.com>
Date: Thu, 23 Jan 2020 14:30:55 +0100
Subject: [PATCH 581/714] corrected repo key id parameter

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 88b9895c..68c0b726 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -25,7 +25,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_agent_config.repo.gpg }}"
-    id: "{{ wazuhrepo.key_id }}"
+    id: "{{ wazuh_agent_config.repo.key_id }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_agent_sources_installation.enabled
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 58e4c232..36fe4ff5 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -28,7 +28,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
-    id: "{{ wazuhrepo.key_id }}"
+    id: "{{ wazuh_manager_config.repo.key_id }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled

From f1771eaa62a85dabe871e1842cfdeceb878c2a3b Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Mon, 27 Jan 2020 19:32:54 +0100
Subject: [PATCH 582/714] Fix agent's ossec.conf for CentOS 8

---
 .../var-ossec-etc-ossec-agent.conf.j2          | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 424410b8..128ba142 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -92,23 +92,33 @@
     <content type="oval" path="cve-debian-9-oval.xml"/>
     {% endif %}
     {% elif ansible_distribution == 'CentOS' %}
-      {% if ansible_distribution_major_version == '7' %}
+      {% if ansible_distribution_major_version == '8' %}
+        {# Policy not available #}
+      {% elif ansible_distribution_major_version == '7' %}
       <content type="xccdf" path="ssg-centos-7-ds.xml">
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
       {% elif ansible_distribution_major_version == '6' %}
       <content type="xccdf" path="ssg-centos-6-ds.xml">
-      {% endif %}
         <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
         <profile>xccdf_org.ssgproject.content_profile_common</profile>
       </content>
+      {% endif %}
     {% elif ansible_distribution == 'RedHat' %}
-      {% if ansible_distribution_major_version == '7' %}
+      {% if ansible_distribution_major_version == '8' %}
+        {# Policy not available #}
+      {% elif ansible_distribution_major_version == '7' %}
       <content type="xccdf" path="ssg-rhel-7-ds.xml">
+        <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
+        <profile>xccdf_org.ssgproject.content_profile_common</profile>
+      </content>
       {% elif ansible_distribution_major_version == '6' %}
       <content type="xccdf" path="ssg-rhel-6-ds.xml">
-      {% endif %}
         <profile>xccdf_org.ssgproject.content_profile_pci-dss</profile>
         <profile>xccdf_org.ssgproject.content_profile_common</profile>
       </content>
+      {% endif %}
       {% if ansible_distribution_major_version == '7' %}
       <content type="oval" path="cve-redhat-7-ds.xml"/>
       {% elif ansible_distribution_major_version == '6' %}

From 87b485e5106033a485f8d23352f149cd8a7ca7ee Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 28 Jan 2020 12:09:38 +0100
Subject: [PATCH 583/714] Update CHANGELOG.md

---
 CHANGELOG.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cd521303..53ee7343 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,17 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.11.3_7.5.1]
+
+### Added
+
+- Update to Wazuh v3.11.3
+
+### Fixed
+
+- Fix Wazuh Agent configuration file for RHEL 8 ([@xr09](https://github.com/xr09)) [PR#354](https://github.com/wazuh/wazuh-ansible/pull/354)
+- Fix default port used in Wazuh Agent playbook ([@jm404](https://github.com/jm404)) [PR#347](https://github.com/wazuh/wazuh-ansible/pull/347)
+
 ## [v3.11.2_7.5.1]
 
 ### Added

From a400138eb0d42b0b862c246ad98d52deacb8e872 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 28 Jan 2020 12:15:35 +0100
Subject: [PATCH 584/714] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 53ee7343..987939a3 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,7 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
-## [v3.11.3_7.5.1]
+## [v3.11.3_7.5.2]
 
 ### Added
 

From b39e6debacb14ca0f9d81dd4adaf158120e942de Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 28 Jan 2020 12:17:53 +0100
Subject: [PATCH 585/714] Bump version to 3.11.3_7.5.2

---
 VERSION                                                     | 4 ++--
 roles/elastic-stack/ansible-elasticsearch/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml        | 4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml              | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml           | 6 +++---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 6 +++---
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/VERSION b/VERSION
index 6d825ed6..a70bc633 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.11.2"
-REVISION="31120"
+WAZUH-ANSIBLE_VERSION="v3.11.3"
+REVISION="31130"
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index a1bef6b2..9d3a9cdb 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.5.1
+elastic_stack_version: 7.5.2
 elasticsearch_lower_disk_requirements: false
 
 # Cluster Settings
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 9b6ec2f3..b0b1fc83 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.5.1
-wazuh_version: 3.11.2
+elastic_stack_version: 7.5.2
+wazuh_version: 3.11.3
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 # API credentials
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 1b1c1bd8..84693899 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.5.1
+filebeat_version: 7.5.2
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 22db8c9d..6bf29daf 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,9 +1,9 @@
 ---
-wazuh_agent_version: 3.11.2-1
+wazuh_agent_version: 3.11.3-1
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.11.2"
+  branch: "v3.11.3"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -51,7 +51,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.11.2'
+  version: '3.11.3'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
   md5: 9b6e57054353e31f449ce61bf3695271
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 1a7b841e..0025bf5b 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,12 +1,12 @@
 ---
-wazuh_manager_version: 3.11.2-1
+wazuh_manager_version: 3.11.3-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.11.2"
+  branch: "v3.11.3"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -31,7 +31,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.11.2"
+  branch: "v3.11.3"
   update: "y"
   remove: "y"
   directory: null

From 81096636d0dd6f91dca65de5c74174112eee9464 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 28 Jan 2020 18:37:48 +0100
Subject: [PATCH 586/714] Update MD5 hash for Windows Agent

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 6bf29daf..3ce49b3e 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -54,7 +54,7 @@ wazuh_winagent_config:
   version: '3.11.3'
   revision: '1'
   repo: https://packages.wazuh.com/3.x/windows/
-  md5: 9b6e57054353e31f449ce61bf3695271
+  md5: e4623e7cd3f2fc6ac8a313cbdd7c3cba
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From 7a8d2a7f9d68e1ed76cbde2b930f1b586782128f Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 4 Feb 2020 11:59:19 +0100
Subject: [PATCH 587/714] Upgrade to NodeJS v10

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 0025bf5b..489becb2 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -395,4 +395,4 @@ nodejs:
   repo_dict:
       debian: "deb"
       redhat: "rpm"
-  repo_url_ext: "nodesource.com/setup_8.x"
+  repo_url_ext: "nodesource.com/setup_10.x"

From 13e283687ca1de2d4e7f62e491d9e1e62ff9d43d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 14:49:53 +0100
Subject: [PATCH 588/714] Define agent_groups group list

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 5f32a0f1..3d5c9986 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -397,3 +397,7 @@ nodejs:
       debian: "deb"
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_10.x"
+
+agent_groups:
+  groups: # [] # groups to create
+    - group2
\ No newline at end of file

From 8d8ed17ce98387905e056b57f7b220d85c30a03c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 14:50:06 +0100
Subject: [PATCH 589/714] Add task to create agent groups

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 842d33a6..f26664eb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -355,6 +355,13 @@
   when:
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
+- name: Create agent groups
+  shell: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
+  with_items:
+    - "{{ agent_groups.groups }}"
+  when:
+    - ( agent_groups.groups is defined) and ( agent_groups.groups|length > 0)
+
 - include_tasks: "RMRedHat.yml"
   when:
     - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"

From 01fb6b1d361236ed9d8231e288c630f55d9e93ff Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 11 Feb 2020 14:51:10 +0100
Subject: [PATCH 590/714] Sanatizing the Manager and API active status
 verification task

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 58c3f763..dd4fa04a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -339,20 +339,6 @@
     - wazuh-api
   tags:
     - config
-  environment:
-    LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib"
-  when:
-    - not (ansible_facts['os_family']|lower == 'redhat' and ansible_distribution_major_version|int < 6)
-
-- name: Ensure Wazuh Manager is started and enabled (EL5)
-  service:
-    name: wazuh-manager
-    enabled: true
-    state: started
-  tags:
-    - config
-  when:
-    - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
 - include_tasks: "RMRedHat.yml"
   when:

From e11c44e72e6b95d102093a8ad30cc1d075f7c625 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 16:14:50 +0100
Subject: [PATCH 591/714] Set group list to empty

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 1 +
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 +--
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 266cb33f..51ba5302 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -37,6 +37,7 @@ wazuh_agent_authd:
   enable: false
   port: 1515
   agent_name: null
+  groups: []
   ssl_agent_ca: null
   ssl_agent_cert: null
   ssl_agent_key: null
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3d5c9986..52de8dab 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -399,5 +399,4 @@ nodejs:
   repo_url_ext: "nodesource.com/setup_10.x"
 
 agent_groups:
-  groups: # [] # groups to create
-    - group2
\ No newline at end of file
+  groups: [] # groups to create

From e1b3156ee647dbd358c6c3cbf9db24788c860256 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 16:16:15 +0100
Subject: [PATCH 592/714] Add ability to register agent and assign it to groups

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 5664a428..6dbf1e46 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -76,6 +76,9 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %} 
+        -G "{{ wazuh_agent_authd.groups | join(',') }}" 
+        {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent
       vars:

From 76215bf6ed5c01d648c37ed29dc8ed2c64512e21 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 17:55:51 +0100
Subject: [PATCH 593/714] Replace shell by command

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index f26664eb..6637f287 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -356,7 +356,7 @@
     - ansible_distribution in ['CentOS', 'RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6
 
 - name: Create agent groups
-  shell: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
+  command: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
   with_items:
     - "{{ agent_groups.groups }}"
   when:

From 50ad3e07da8f4cf8b4c1afb3a6c52b19f83cb60d Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Tue, 11 Feb 2020 17:56:06 +0100
Subject: [PATCH 594/714] Remove trailing spaces

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 6dbf1e46..5465f393 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -76,8 +76,8 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
-        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %} 
-        -G "{{ wazuh_agent_authd.groups | join(',') }}" 
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %}
+        -G "{{ wazuh_agent_authd.groups | join(',') }}"
         {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent

From 4adc19a02ff42585ffcff00a249b47193fb0f921 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 12 Feb 2020 14:16:38 +0100
Subject: [PATCH 595/714] Ignore idempotence test for agent groups creation

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 6637f287..6a2ccf95 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -361,6 +361,7 @@
     - "{{ agent_groups.groups }}"
   when:
     - ( agent_groups.groups is defined) and ( agent_groups.groups|length > 0)
+  tags: molecule-idempotence-notest
 
 - include_tasks: "RMRedHat.yml"
   when:

From abdbab92474556add24b3d672e7a3b6be9d769de Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Fri, 14 Feb 2020 15:09:40 +0100
Subject: [PATCH 596/714] Fix auth path for 64bits Windows

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index ee0aced7..61e2412d 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -14,7 +14,7 @@
 - name: Windows | Set Win Path (x64)
   set_fact:
     wazuh_agent_win_path: "{{ wazuh_winagent_config.install_dir }}"
-    wazuh_agent_win_auth_path: "{{ wazuh_winagent_config.auth_path_x86 }}"
+    wazuh_agent_win_auth_path: "{{ wazuh_winagent_config.auth_path }}"
   when:
     - not check_path.stat.exists
 

From 1366a745696aa9304021683d48433c98d8614ba5 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 14 Feb 2020 17:13:42 +0100
Subject: [PATCH 597/714] Remove API credentials as variable files and move to
 defaults

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml        | 3 +++
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml           | 6 ------
 roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml | 3 ---
 3 files changed, 3 insertions(+), 9 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 5f32a0f1..8c71671b 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -47,6 +47,9 @@ wazuh_api_sources_installation:
   common_name: null
   password: null
 
+wazuh_api_user:
+  - "foo:$apr1$/axqZYWQ$Xo/nz/IG3PdwV82EnfYKh/"
+
 wazuh_manager_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index dd4fa04a..faf13d05 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -191,12 +191,6 @@
   tags:
     - config
 
-- name: Retrieving Wazuh-API User Credentials
-  include_vars: wazuh_api_creds.yml
-  when:
-    - not (ansible_distribution in ['CentOS','RedHat', 'Amazon'] and ansible_distribution_major_version|int < 6)
-  tags:
-    - config
 
 - name: Check if syslog output is enabled
   set_fact: syslog_output=true
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml
deleted file mode 100644
index 2d5f8c73..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-wazuh_api_user:
-  - "foo:$apr1$/axqZYWQ$Xo/nz/IG3PdwV82EnfYKh/"

From 9bc6d550be6de3b42b3bfc07a5adbf73a7537baa Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 17:46:41 +0100
Subject: [PATCH 598/714] Create required variables for Wazuh Manager
 installation from packages

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 8c71671b..f1e9866b 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -4,6 +4,15 @@ wazuh_manager_version: 3.11.3-1
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
+# Custom packages installation
+wazuh_custom_packages_installation_manager_enabled: true
+wazuh_custom_packages_installation_manager_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-manager_3.12.0-0.3319fimreworksqlite_amd64.deb"
+wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-manager-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
+wazuh_custom_packages_installation_api_enabled: true
+wazuh_custom_packages_installation_api_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-api_3.12.0-0.3319fimreworksqlite_amd64.deb"
+wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-api-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
+
+# Sources installation
 wazuh_manager_sources_installation:
   enabled: false
   branch: "v3.11.3"

From 7fb76b42e65993b925355b513aea31c40aa8be11 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 17:47:13 +0100
Subject: [PATCH 599/714] Create required tasks to download and install .rpm
 and .deb packages

---
 .../installation_from_custom_packages.yml     | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
new file mode 100644
index 00000000..ae837c9a
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
@@ -0,0 +1,34 @@
+---
+  - block:
+      - name: Install Wazuh Manager from .deb packages
+        apt:
+          deb: "{{ wazuh_custom_packages_installation_manager_deb_url }}"
+          state: present
+        when:
+          - wazuh_custom_packages_installation_manager_enabled
+
+      - name: Install Wazuh API from .deb packages
+        apt:
+          deb: "{{ wazuh_custom_packages_installation_api_deb_url }}"
+          state: present
+        when:
+          - wazuh_custom_packages_installation_api_enabled
+    when:
+      - ansible_os_family|lower == "debian"
+
+  - block:
+    - name: Install Wazuh Manager from .rpm packages
+      yum:
+        name: "{{ wazuh_custom_packages_installation_manager_rpm_url }}"
+        state: present
+      when:
+        - wazuh_custom_packages_installation_manager_enabled
+
+    - name: Install Wazuh API from .rpm packages
+      yum:
+        name: "{{ wazuh_custom_packages_installation_api_rpm_url }}"
+        state: present
+      when:
+        - wazuh_custom_packages_installation_api_enabled
+    when:
+      - ansible_os_family|lower == "redhat"
\ No newline at end of file

From bf6f72039cccac7fb0f9ebcce28a4084f4247ad9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 17:47:49 +0100
Subject: [PATCH 600/714] Update conditionals in Managers tasks to filter
 installation from packages

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 11 ++++++++++-
 roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml |  8 ++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index 36fe4ff5..ca4820fc 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -24,6 +24,7 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
@@ -32,6 +33,7 @@
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -42,6 +44,7 @@
   changed_when: false
   when:
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
@@ -106,11 +109,16 @@
   tags: init
   when:
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled
 
 - include_tasks: "installation_from_sources.yml"
   when:
     - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
 
+- include_tasks: "installation_from_custom_packages.yml"
+  when:
+    - wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
+
 - name: Debian/Ubuntu | Install wazuh-api
   apt:
     name:
@@ -122,4 +130,5 @@
   until: wazuh_manager_main_packages_installed is succeeded
   tags: init
   when:
-    - not wazuh_api_sources_installation.enabled
\ No newline at end of file
+    - not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index 5dc57e81..c0ff9ee4 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -11,6 +11,7 @@
     - (ansible_os_family|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_api_enabled
   register: repo_v5_manager_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -24,6 +25,7 @@
   when:
     - repo_v5_manager_installed is skipped
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_api_enabled
 
 - name: RedHat/CentOS/Fedora | Install openscap
   package: name={{ item }} state=present
@@ -118,6 +120,7 @@
   when:
     - ansible_os_family|lower == "redhat"
     - not wazuh_manager_sources_installation.enabled
+    - not wazuh_custom_packages_installation_manager_enabled
   tags:
     - init
 
@@ -125,6 +128,10 @@
   when:
     - wazuh_manager_sources_installation.enabled or wazuh_api_sources_installation.enabled
 
+- include_tasks: "../tasks/installation_from_custom_packages.yml"
+  when:
+    - wazuh_custom_packages_installation_manager_enabled or wazuh_custom_packages_installation_api_enabled
+
 - name: CentOS/RedHat/Amazon | Install wazuh-api
   package:
     name: "wazuh-api-{{ wazuh_manager_version }}"
@@ -134,6 +141,7 @@
   when:
     - ansible_os_family|lower == "redhat"
     - not wazuh_api_sources_installation.enabled
+    - not wazuh_custom_packages_installation_api_enabled
   tags:
     - init
 

From aa33bd353140783b798b3036a71df4ab0077d681 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 18:09:26 +0100
Subject: [PATCH 601/714] Add required variables to install agents from custom
 packages

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 266cb33f..202f5d3a 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,6 +1,15 @@
 ---
 wazuh_agent_version: 3.11.3-1
 
+
+# Custom packages installation
+
+wazuh_custom_packages_installation_agent_enabled: true
+wazuh_custom_packages_installation_agent_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-agent_3.12.0-0.3319fimreworksqlite_amd64.deb"
+wazuh_custom_packages_installation_agent_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-agent-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
+
+# Sources installation
+
 wazuh_agent_sources_installation:
   enabled: false
   branch: "v3.11.3"

From 281d54557afcd46c564effee58d637be9f6e186b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 18:09:48 +0100
Subject: [PATCH 602/714] Create tasks to download and install Agent from .rpm
 and .deb packages

---
 .../tasks/installation_from_custom_packages.yml  | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
new file mode 100644
index 00000000..01ce540c
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
@@ -0,0 +1,16 @@
+---
+  - name: Install Wazuh Agent from .deb packages
+    apt:
+      deb: "{{ wazuh_custom_packages_installation_agent_deb_url }}"
+      state: present
+    when:
+      - ansible_os_family|lower == "debian"
+      - wazuh_custom_packages_installation_agent_enabled
+
+  - name: Install Wazuh Agent from .rpm packages
+    yum:
+      name: "{{ wazuh_custom_packages_installation_agent_rpm_url }}"
+      state: present
+    when:
+      - ansible_os_family|lower == "redhat"
+      - wazuh_custom_packages_installation_agent_enabled
\ No newline at end of file

From 8f0d54b274ffdc93c26fbe811f2a6042e0a7bcce Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 18:10:26 +0100
Subject: [PATCH 603/714] Update Agent conditionals to make them work with
 custom packages install

---
 roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml | 3 +++
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml  | 6 ++++++
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 6 ++++--
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
index 68c0b726..9c12fdbf 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml
@@ -21,6 +21,7 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
     - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
@@ -29,6 +30,7 @@
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -38,6 +40,7 @@
     update_cache: true
   when:
     - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for debian
   set_fact:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 5664a428..c1c701fc 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -9,6 +9,10 @@
   when:
     - wazuh_agent_sources_installation.enabled
 
+- include_tasks: "installation_from_custom_packages.yml"
+  when:
+    - wazuh_custom_packages_installation_agent_enabled
+
 - name: Linux CentOS/RedHat | Install wazuh-agent
   package:
     name: wazuh-agent-{{ wazuh_agent_version }}
@@ -18,6 +22,7 @@
   when:
     - ansible_os_family|lower == "redhat"
     - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
   tags:
     - init
 
@@ -29,6 +34,7 @@
   when:
     - ansible_os_family|lower != "redhat"
     - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index e0b2b426..d93052c4 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -10,7 +10,8 @@
   when:
     - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
     - (ansible_distribution_major_version|int <= 5)
-    - not wazuh_agent_sources_installation.enabled or not wazuh_api_sources_installation.enabled
+    - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
   register: repo_v5_installed
 
 - name: RedHat/CentOS/Fedora | Install Wazuh repo
@@ -24,6 +25,7 @@
   when:
     - repo_v5_installed is skipped
     - not wazuh_agent_sources_installation.enabled
+    - not wazuh_custom_packages_installation_agent_enabled
 
 - name: RedHat/CentOS/Fedora | download Oracle Java RPM
   get_url:
@@ -34,7 +36,7 @@
   until: oracle_java_task_rpm_download is succeeded
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
-    - wazuh_agent_config.cis_cat.install_java == 'yes'
+    - wazuh_agent_config.cis_cat.install_java == 'yes'    
   tags:
     - init
 

From 53cee9a7be1602777bbc4a40667f3c86750dabcb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 18:11:39 +0100
Subject: [PATCH 604/714] Fix trailing whitespace in `RedHat.yml` tasks from
 Agent

---
 roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index d93052c4..8dbd2452 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -36,7 +36,7 @@
   until: oracle_java_task_rpm_download is succeeded
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
-    - wazuh_agent_config.cis_cat.install_java == 'yes'    
+    - wazuh_agent_config.cis_cat.install_java == 'yes'
   tags:
     - init
 

From 807a816cf226215a565ba7af0a6b49b1da3cb06b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 18:12:44 +0100
Subject: [PATCH 605/714] Set Wazuh version to 3.12.0 for testing purposes

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 2 +-
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 202f5d3a..8b4d197e 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.11.3-1
+wazuh_agent_version: 3.12.0-1
 
 
 # Custom packages installation
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f1e9866b..3c5712d2 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 3.11.3-1
+wazuh_manager_version: 3.12.0-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present

From 9dddd2b26e176410fe0439345a1a55d00f3e5b99 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 19 Feb 2020 19:19:16 +0100
Subject: [PATCH 606/714] Restore Wazuh installation to default configuration

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml   | 4 ++--
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 8b4d197e..ccd96e1c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,10 +1,10 @@
 ---
-wazuh_agent_version: 3.12.0-1
+wazuh_agent_version: 3.11.3-1
 
 
 # Custom packages installation
 
-wazuh_custom_packages_installation_agent_enabled: true
+wazuh_custom_packages_installation_agent_enabled: false
 wazuh_custom_packages_installation_agent_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-agent_3.12.0-0.3319fimreworksqlite_amd64.deb"
 wazuh_custom_packages_installation_agent_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-agent-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
 
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 3c5712d2..ffd1d90d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,14 +1,14 @@
 ---
-wazuh_manager_version: 3.12.0-1
+wazuh_manager_version: 3.11.3-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 # Custom packages installation
-wazuh_custom_packages_installation_manager_enabled: true
+wazuh_custom_packages_installation_manager_enabled: false
 wazuh_custom_packages_installation_manager_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-manager_3.12.0-0.3319fimreworksqlite_amd64.deb"
 wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-manager-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
-wazuh_custom_packages_installation_api_enabled: true
+wazuh_custom_packages_installation_api_enabled: false
 wazuh_custom_packages_installation_api_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-api_3.12.0-0.3319fimreworksqlite_amd64.deb"
 wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-api-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
 

From 2a7241b31a87da9289933e0358690dba64f15b6c Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 20 Feb 2020 12:39:26 +0100
Subject: [PATCH 607/714] Adapt Windows Agent package related variables

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index ccd96e1c..a5e0a8c0 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,10 +60,9 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  version: '3.11.3'
-  revision: '1'
-  repo: https://packages.wazuh.com/3.x/windows/
   md5: e4623e7cd3f2fc6ac8a313cbdd7c3cba
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.3-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.11.3-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'

From c32b1ed1bd667addd29785aaa3029e79d025f996 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 20 Feb 2020 12:39:45 +0100
Subject: [PATCH 608/714] Change Window spackage occurences to adapt it to the
 new variables

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 61e2412d..11f15255 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -20,19 +20,19 @@
 
 - name: Windows | Check if Wazuh installer is already downloaded
   win_stat:
-    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
   register: wazuh_package_downloaded
 
 - name: Windows | Download Wazuh Agent package
   win_get_url:
-    url: "{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    url: "{{ wazuh_winagent_config_url }}"
     dest: "{{ wazuh_winagent_config.download_dir }}"
   when:
     - not wazuh_package_downloaded.stat.exists
 
 - name: Windows | Verify the Wazuh Agent installer
   win_stat:
-    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
     get_checksum: true
     checksum_algorithm: md5
   register: wazuh_agent_status
@@ -41,11 +41,12 @@
 
 - name: Windows | Install Agent if not already installed
   win_package:
-    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
     state: present
 
 - name: Windows | Check if client.keys exists
-  win_stat: path="{{ wazuh_agent_win_path }}client.keys"
+  win_stat: 
+    path: "{{ wazuh_agent_win_path }}client.keys"
   register: check_windows_key
   tags:
     - config
@@ -94,5 +95,5 @@
 
 - name: Windows | Delete downloaded Wazuh agent installer file
   win_file:
-    path: "{{ wazuh_winagent_config.download_dir }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi"
+    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
     state: absent

From 4f8d3c6c0c17d40488b1551f452c62319a6cb0ff Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 20 Feb 2020 12:46:41 +0100
Subject: [PATCH 609/714] Remove traling whitespace in win_package task

---
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 11f15255..dc9b8fe0 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -45,7 +45,7 @@
     state: present
 
 - name: Windows | Check if client.keys exists
-  win_stat: 
+  win_stat:
     path: "{{ wazuh_agent_win_path }}client.keys"
   register: check_windows_key
   tags:

From ca8b8684cfb251e5c972498c13049f5dc02e7adf Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 21 Feb 2020 16:31:45 +0100
Subject: [PATCH 610/714] Disable shared config by default. Update occurrences

---
 roles/wazuh/ansible-wazuh-manager/README.md   |  4 +-
 .../ansible-wazuh-manager/defaults/main.yml   | 94 +++++++++----------
 .../ansible-wazuh-manager/tasks/main.yml      |  2 +
 .../var-ossec-etc-shared-agent.conf.j2        |  4 +-
 4 files changed, 53 insertions(+), 51 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/README.md b/roles/wazuh/ansible-wazuh-manager/README.md
index 19b1eae9..199e7810 100644
--- a/roles/wazuh/ansible-wazuh-manager/README.md
+++ b/roles/wazuh/ansible-wazuh-manager/README.md
@@ -20,7 +20,7 @@ This role has some variables which you can or need to override.
 ```
 wazuh_manager_fqdn: ~
 wazuh_manager_config: []
-wazuh_agent_configs: []
+shared_agent_config: []
 ```
 
 Vault variables
@@ -157,7 +157,7 @@ wazuh_manager_config:
       level: 6
       timeout: 600
 
-wazuh_agent_configs:
+shared_agent_config:
   - type: os
     type_value: linux
     frequency_check: 79200
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ffd1d90d..f955ddc4 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -356,53 +356,53 @@ wazuh_manager_config:
       - key: Env
         value: Production
 
-wazuh_agent_configs:
-  - type: os
-    type_value: Linux
-    syscheck:
-      frequency: 43200
-      scan_on_start: 'yes'
-      alert_new_files: 'yes'
-      ignore:
-        - /etc/mtab
-        - /etc/mnttab
-        - /etc/hosts.deny
-        - /etc/mail/statistics
-        - /etc/svc/volatile
-      no_diff:
-        - /etc/ssl/private.key
-    rootcheck:
-      frequency: 43200
-      cis_distribution_filename: null
-    localfiles:
-      - format: 'syslog'
-        location: '/var/log/messages'
-      - format: 'syslog'
-        location: '/var/log/secure'
-      - format: 'syslog'
-        location: '/var/log/maillog'
-      - format: 'apache'
-        location: '/var/log/httpd/error_log'
-      - format: 'apache'
-        location: '/var/log/httpd/access_log'
-      - format: 'apache'
-        location: '/var/ossec/logs/active-responses.log'
-  - type: os
-    type_value: Windows
-    syscheck:
-      frequency: 43200
-      scan_on_start: 'yes'
-      auto_ignore: 'no'
-      alert_new_files: 'yes'
-      windows_registry:
-        - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
-          arch: 'both'
-        - key: 'HKEY_LOCAL_MACHINE\Software\Classes\Folder'
-    localfiles:
-      - location: 'Security'
-        format: 'eventchannel'
-      - location: 'System'
-        format: 'eventlog'
+# shared_agent_config:
+  # - type: os
+  #   type_value: Linux
+  #   syscheck:
+  #     frequency: 43200
+  #     scan_on_start: 'yes'
+  #     alert_new_files: 'yes'
+  #     ignore:
+  #       - /etc/mtab
+  #       - /etc/mnttab
+  #       - /etc/hosts.deny
+  #       - /etc/mail/statistics
+  #       - /etc/svc/volatile
+  #     no_diff:
+  #       - /etc/ssl/private.key
+  #   rootcheck:
+  #     frequency: 43200
+  #     cis_distribution_filename: null
+  #   localfiles:
+  #     - format: 'syslog'
+  #       location: '/var/log/messages'
+  #     - format: 'syslog'
+  #       location: '/var/log/secure'
+  #     - format: 'syslog'
+  #       location: '/var/log/maillog'
+  #     - format: 'apache'
+  #       location: '/var/log/httpd/error_log'
+  #     - format: 'apache'
+  #       location: '/var/log/httpd/access_log'
+  #     - format: 'apache'
+  #       location: '/var/ossec/logs/active-responses.log'
+  # - type: os
+  #   type_value: Windows
+  #   syscheck:
+  #     frequency: 43200
+  #     scan_on_start: 'yes'
+  #     auto_ignore: 'no'
+  #     alert_new_files: 'yes'
+  #     windows_registry:
+  #       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
+  #         arch: 'both'
+  #       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\Folder'
+  #   localfiles:
+  #     - location: 'Security'
+  #       format: 'eventchannel'
+  #     - location: 'System'
+  #       format: 'eventlog'
 
 nodejs:
   repo_dict:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index faf13d05..88b3628f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -158,6 +158,8 @@
   tags:
     - init
     - config
+  when:
+    - shared_agent_config is defined
 
 - name: Installing the config.js (api configuration)
   template: src=var-ossec-api-configuration-config.js.j2
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index dd1c8d9a..00fdcd01 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -1,6 +1,6 @@
 #jinja2: trim_blocks: False
-{% if wazuh_agent_configs is defined %}
-{% for agent_config in wazuh_agent_configs %}
+{% if shared_agent_config is defined %}
+{% for agent_config in shared_agent_config %}
 <agent_config {{ agent_config.type }}="{{ agent_config.type_value }}">
   {% if agent_config.syscheck is defined %}
   <syscheck>

From abd4f57106e5dddda336a150c24ee27807f7b70d Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Feb 2020 16:11:44 +0100
Subject: [PATCH 611/714] Avoid to install Wazuh API in worker nodes, fixes
 #370

---
 .../ansible-wazuh-manager/tasks/Debian.yml    |  3 +-
 .../ansible-wazuh-manager/tasks/RedHat.yml    |  1 +
 .../installation_from_custom_packages.yml     |  3 ++
 .../tasks/installation_from_sources.yml       |  3 ++
 .../ansible-wazuh-manager/tasks/main.yml      | 29 +++++++++++++++----
 5 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index ca4820fc..4712b573 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -131,4 +131,5 @@
   tags: init
   when:
     - not wazuh_api_sources_installation.enabled
-    - not wazuh_custom_packages_installation_manager_enabled
\ No newline at end of file
+    - not wazuh_custom_packages_installation_manager_enabled
+    - wazuh_manager_config.cluster.node_type == "master"
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index c0ff9ee4..cb0dbf5a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -142,6 +142,7 @@
     - ansible_os_family|lower == "redhat"
     - not wazuh_api_sources_installation.enabled
     - not wazuh_custom_packages_installation_api_enabled
+    - wazuh_manager_config.cluster.node_type == "master"
   tags:
     - init
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
index ae837c9a..c4081a08 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
@@ -13,6 +13,8 @@
           state: present
         when:
           - wazuh_custom_packages_installation_api_enabled
+          - wazuh_manager_config.cluster.node_type == "master"
+
     when:
       - ansible_os_family|lower == "debian"
 
@@ -30,5 +32,6 @@
         state: present
       when:
         - wazuh_custom_packages_installation_api_enabled
+        - wazuh_manager_config.cluster.node_type == "master"
     when:
       - ansible_os_family|lower == "redhat"
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 10203cb9..484f4b58 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -122,6 +122,8 @@
     stat:
       path: /var/ossec/api/app.js
     register: wazuh_api
+    when:       
+      - wazuh_manager_config.cluster.node_type == "master"
 
   - name: Install Wazuh API from sources
     block:
@@ -178,5 +180,6 @@
     when:
       - not wazuh_api.stat.exists
       - wazuh_api_sources_installation.enabled
+      - wazuh_manager_config.cluster.node_type == "master"
     tags:
       - api
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 88b3628f..d2ab8237 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -11,6 +11,8 @@
   stat:
     path: /usr/bin/node
   register: node_service_status
+  when: 
+    - wazuh_manager_config.cluster.node_type == "master"
 
 - name: Install NodeJS repository
   block:
@@ -25,7 +27,9 @@
       command: sh /etc/nodejs.sh
       register: nodejs_script
       changed_when: nodejs_script.rc == 0
-  when: not node_service_status.stat.exists
+  when: 
+    - not node_service_status.stat.exists
+    - wazuh_manager_config.cluster.node_type == "master"
 
 - name: Installing NodeJS
   package:
@@ -33,6 +37,9 @@
     state: present
   register: nodejs_service_is_installed
   until: nodejs_service_is_installed is succeeded
+  when: 
+    - wazuh_manager_config.cluster.node_type == "master"
+
   tags: init
 
 - include_tasks: "RedHat.yml"
@@ -168,6 +175,9 @@
             group=ossec
             mode=0740
   notify: restart wazuh-api
+  when: 
+    - wazuh_manager_config.cluster.node_type == "master"
+
   tags:
     - init
     - config
@@ -304,6 +314,7 @@
   notify: restart wazuh-api
   when:
     - wazuh_api_user is defined
+    - wazuh_manager_config.cluster.node_type == "master"
   tags:
     - config
 
@@ -325,14 +336,20 @@
   tags:
     - config
 
-- name: Ensure Wazuh Manager, wazuh API service is started and enabled
+- name: Ensure Wazuh Manager service is started and enabled.
   service:
-    name: "{{ item }}"
+    name: "wazuh-manager"
     enabled: true
     state: started
-  with_items:
-    - wazuh-manager
-    - wazuh-api
+  tags:
+    - config
+
+- name: Ensure Wazuh API service is started and enabled.
+  service:
+    name: "wazuh-api"
+    enabled: true
+    state: started
+  when: wazuh_manager_config.cluster.node_type == "master"
   tags:
     - config
 

From 543eff6342647d9834cc3d55d12e984202f8523c Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Wed, 26 Feb 2020 17:06:48 +0100
Subject: [PATCH 612/714] Fix conditions in tasks: Replace variables

---
 roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
index ca4820fc..c8980bfa 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml
@@ -24,7 +24,7 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
-    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_api_enabled
 
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
@@ -33,7 +33,7 @@
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
-    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_api_enabled
 
 - name: Debian/Ubuntu | Add Wazuh repositories
   apt_repository:
@@ -44,7 +44,7 @@
   changed_when: false
   when:
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled
-    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
+    - not wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_api_enabled
 
 - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu
   set_fact:
@@ -117,7 +117,7 @@
 
 - include_tasks: "installation_from_custom_packages.yml"
   when:
-    - wazuh_custom_packages_installation_manager_enabled or not wazuh_custom_packages_installation_manager_enabled
+    - wazuh_custom_packages_installation_manager_enabled or wazuh_custom_packages_installation_api_enabled
 
 - name: Debian/Ubuntu | Install wazuh-api
   apt:

From 079273eb353cf180010a84a3e4d3e5f8e8d0bf0c Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 26 Feb 2020 17:26:01 +0100
Subject: [PATCH 613/714] Fix linting

---
 .../tasks/installation_from_sources.yml                   | 2 +-
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml          | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index 484f4b58..c83aaff1 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -122,7 +122,7 @@
     stat:
       path: /var/ossec/api/app.js
     register: wazuh_api
-    when:       
+    when:
       - wazuh_manager_config.cluster.node_type == "master"
 
   - name: Install Wazuh API from sources
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index d2ab8237..c1d91434 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -11,7 +11,7 @@
   stat:
     path: /usr/bin/node
   register: node_service_status
-  when: 
+  when:
     - wazuh_manager_config.cluster.node_type == "master"
 
 - name: Install NodeJS repository
@@ -27,7 +27,7 @@
       command: sh /etc/nodejs.sh
       register: nodejs_script
       changed_when: nodejs_script.rc == 0
-  when: 
+  when:
     - not node_service_status.stat.exists
     - wazuh_manager_config.cluster.node_type == "master"
 
@@ -37,7 +37,7 @@
     state: present
   register: nodejs_service_is_installed
   until: nodejs_service_is_installed is succeeded
-  when: 
+  when:
     - wazuh_manager_config.cluster.node_type == "master"
 
   tags: init
@@ -175,7 +175,7 @@
             group=ossec
             mode=0740
   notify: restart wazuh-api
-  when: 
+  when:
     - wazuh_manager_config.cluster.node_type == "master"
 
   tags:

From fde6d65723a0097183489a2602c49e106bd5dab8 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 27 Feb 2020 15:17:43 +0100
Subject: [PATCH 614/714] Add chdir argument to Wazuh Kibana Plugin
 installation tasks

---
 roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml | 1 +
 roles/elastic-stack/ansible-kibana/tasks/main.yml               | 1 +
 2 files changed, 2 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 6a3dc514..37cfd7dc 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -69,6 +69,7 @@
     args:
       executable: /bin/bash
       creates: /usr/share/kibana/plugins/wazuh/package.json
+      chdir: /usr/share/kibana
     become: yes
     become_user: kibana
     notify: restart kibana
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 4926e19d..c0d663cc 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -125,6 +125,7 @@
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
+    chdir: /usr/share/kibana
   become: yes
   become_user: kibana
   notify: restart kibana

From ac8a0c83082e590953ba79339dc3249861aa94c7 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 2 Mar 2020 22:43:15 +0100
Subject: [PATCH 615/714] Adapt Agent installation from custom packages to
 support RHEL/Centos 8

---
 .../installation_from_custom_packages.yml      | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
index 01ce540c..ddd9b50d 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
@@ -7,10 +7,24 @@
       - ansible_os_family|lower == "debian"
       - wazuh_custom_packages_installation_agent_enabled
 
-  - name: Install Wazuh Agent from .rpm packages
+  - name: Install Wazuh Agent from .rpm packages | yum
     yum:
       name: "{{ wazuh_custom_packages_installation_agent_rpm_url }}"
       state: present
     when:
       - ansible_os_family|lower == "redhat"
-      - wazuh_custom_packages_installation_agent_enabled
\ No newline at end of file
+      - wazuh_custom_packages_installation_agent_enabled
+      - not (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8")
+      - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
+      - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
+
+  - name: Install Wazuh Agent from .rpm packages | dnf
+    dnf:
+      name: "{{ wazuh_custom_packages_installation_agent_rpm_url }}"
+      state: present
+    when:
+      - ansible_os_family|lower == "redhat"
+      - wazuh_custom_packages_installation_agent_enabled
+      - (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8") or
+        (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8") or
+        (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
\ No newline at end of file

From 03e35ada29493d6011d686b1aa1425feab4f6ebf Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 2 Mar 2020 22:43:26 +0100
Subject: [PATCH 616/714] Adapt Manager installation from custom packages to
 support RHEL/Centos 8

---
 .../installation_from_custom_packages.yml     | 32 +++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
index ae837c9a..fcc61a22 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
@@ -17,18 +17,46 @@
       - ansible_os_family|lower == "debian"
 
   - block:
-    - name: Install Wazuh Manager from .rpm packages
+    - name: Install Wazuh Manager from .rpm packages | yum
       yum:
         name: "{{ wazuh_custom_packages_installation_manager_rpm_url }}"
         state: present
       when:
         - wazuh_custom_packages_installation_manager_enabled
+        - not (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8")
+        - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
+        - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
 
-    - name: Install Wazuh API from .rpm packages
+    - name: Install Wazuh Manager from .rpm packages | dnf
+      dnf:
+        name: "{{ wazuh_custom_packages_installation_manager_rpm_url }}"
+        state: present
+      when:
+        - wazuh_custom_packages_installation_manager_enabled
+        - (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8") or
+          (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8") or
+          (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
+
+
+    - name: Install Wazuh API from .rpm packages | yum
       yum:
         name: "{{ wazuh_custom_packages_installation_api_rpm_url }}"
         state: present
       when:
         - wazuh_custom_packages_installation_api_enabled
+        - not (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8")
+        - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
+        - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
+
+    - name: Install Wazuh Manager from .rpm packages | dnf
+      dnf:
+        name: "{{ wazuh_custom_packages_installation_api_rpm_url }}"
+        state: present
+      when:
+        - wazuh_custom_packages_installation_api_enabled
+        - (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8") or
+          (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8") or
+          (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
+
     when:
       - ansible_os_family|lower == "redhat"
\ No newline at end of file

From cf20e52938e9ca1ba45f9fcdd39d7c5f89d5913b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 2 Mar 2020 22:47:53 +0100
Subject: [PATCH 617/714] Fix typo in .rpm package installation task using dnf

---
 .../tasks/installation_from_custom_packages.yml                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
index fcc61a22..6472a3d6 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
@@ -48,7 +48,7 @@
         - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
         - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
 
-    - name: Install Wazuh Manager from .rpm packages | dnf
+    - name: Install Wazuh API from .rpm packages | dnf
       dnf:
         name: "{{ wazuh_custom_packages_installation_api_rpm_url }}"
         state: present

From 4982b2868d4e23a7bd9f40833104fc8a7283e95e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 3 Mar 2020 13:14:13 +0100
Subject: [PATCH 618/714] Fix conditionals error related with AL2 custom
 packages installation

---
 .../tasks/installation_from_custom_packages.yml       |  4 +---
 .../tasks/installation_from_custom_packages.yml       | 11 +++--------
 2 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
index ddd9b50d..aa50004f 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_custom_packages.yml
@@ -16,7 +16,6 @@
       - wazuh_custom_packages_installation_agent_enabled
       - not (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8")
       - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
-      - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
 
   - name: Install Wazuh Agent from .rpm packages | dnf
     dnf:
@@ -26,5 +25,4 @@
       - ansible_os_family|lower == "redhat"
       - wazuh_custom_packages_installation_agent_enabled
       - (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8") or
-        (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8") or
-        (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
\ No newline at end of file
+        (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
\ No newline at end of file
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
index 0fb46187..0dc9808d 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_custom_packages.yml
@@ -27,7 +27,6 @@
         - wazuh_custom_packages_installation_manager_enabled
         - not (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8")
         - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
-        - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
 
     - name: Install Wazuh Manager from .rpm packages | dnf
       dnf:
@@ -36,9 +35,7 @@
       when:
         - wazuh_custom_packages_installation_manager_enabled
         - (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8") or
-          (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8") or
-          (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
-
+          (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
 
     - name: Install Wazuh API from .rpm packages | yum
       yum:
@@ -48,7 +45,6 @@
         - wazuh_custom_packages_installation_api_enabled
         - not (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8")
         - not (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
-        - not (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
         - wazuh_manager_config.cluster.node_type == "master"
 
     - name: Install Wazuh API from .rpm packages | dnf
@@ -58,9 +54,8 @@
       when:
         - wazuh_custom_packages_installation_api_enabled
         - (ansible_distribution|lower == "centos" and ansible_distribution_major_version >= "8") or
-          (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8") or
-          (ansible_distribution|lower == "amazon" and ansible_distribution_major_version >= "2")
+          (ansible_distribution|lower == "redhat" and ansible_distribution_major_version >= "8")
         - wazuh_manager_config.cluster.node_type == "master"
-        
+
     when:
       - ansible_os_family|lower == "redhat"
\ No newline at end of file

From 3f0e0325806eb77f678cef30d45515a2d78d1e29 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 5 Mar 2020 16:44:02 +0100
Subject: [PATCH 619/714] Bump version

---
 CHANGELOG.md                                  | 20 +++++++++++++++++++
 VERSION                                       |  4 ++--
 .../ansible-elasticsearch/defaults/main.yml   |  2 +-
 .../ansible-kibana/defaults/main.yml          |  6 +++---
 .../wazuh/ansible-filebeat/defaults/main.yml  |  2 +-
 .../ansible-wazuh-agent/defaults/main.yml     |  8 ++++----
 .../ansible-wazuh-manager/defaults/main.yml   |  6 +++---
 7 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 987939a3..213cb432 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,26 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.11.4_7.6.1]
+
+### Added
+
+- Update to Wazuh v3.11.4
+- Support for RHEL/CentOS 8 ([@jm404](https://github.com/jm404)) [PR#377](https://github.com/wazuh/wazuh-ansible/pull/377)
+
+### Changed
+
+- Disabled shared configuration by default ([@jm404](https://github.com/jm404)) [PR#369](https://github.com/wazuh/wazuh-ansible/pull/369)
+- Add chdir argument to Wazuh Kibana Plugin installation tasks ([@jm404](https://github.com/jm404)) [PR#375](https://github.com/wazuh/wazuh-ansible/pull/375)
+- Adjustments for systems without (direct) internet connection ([@joschneid](https://github.com/joschneid)) [PR#348](https://github.com/wazuh/wazuh-ansible/pull/348)
+
+### Fixed
+
+- Avoid to install Wazuh API in worker nodes ([@manuasir](https://github.com/manuasir)) [PR#371](https://github.com/wazuh/wazuh-ansible/pull/371)
+- Conditionals of custom Wazuh packages installation tasks ([@rshad](https://github.com/rshad)) [PR#372](https://github.com/wazuh/wazuh-ansible/pull/372)
+- Fix Ansible elastic_stack-distributed template ([@francobep](https://github.com/francobep)) [PR#352](https://github.com/wazuh/wazuh-ansible/pull/352)
+- Fix manager API verification ([@Zenidd](https://github.com/Zenidd)) [PR#360](https://github.com/wazuh/wazuh-ansible/pull/360)
+
 ## [v3.11.3_7.5.2]
 
 ### Added
diff --git a/VERSION b/VERSION
index a70bc633..d6be8992 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v3.11.3"
-REVISION="31130"
+WAZUH-ANSIBLE_VERSION="v4"
+REVISION="31140"
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index b9aa470d..e04f9527 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.5.2
+elastic_stack_version: 7.6.1
 elasticsearch_lower_disk_requirements: false
 
 elasticrepo:
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 774f819e..cd25eec2 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.5.2
-wazuh_version: 3.11.3
+elastic_stack_version: 7.6.1
+wazuh_version: 3.11.4
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 elasticrepo:
@@ -47,4 +47,4 @@ nodejs:
 
 # Build from sources
 build_from_sources: false
-wazuh_plugin_branch: 3.11-7.5
+wazuh_plugin_branch: 3.11-7.6
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index c54d62e7..8f06aaf4 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.5.2
+filebeat_version: 7.6.1
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index a5e0a8c0..6270b94d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.11.3-1
+wazuh_agent_version: 3.11.4-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "https://s3-us-west-1.amazonaw
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.11.3"
+  branch: "v3.11.4"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -61,8 +61,8 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   md5: e4623e7cd3f2fc6ac8a313cbdd7c3cba
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.3-1.msi
-wazuh_winagent_package_name: wazuh-agent-3.11.3-1.msi
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f955ddc4..0da6165c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 3.11.3-1
+wazuh_manager_version: 3.11.4-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -15,7 +15,7 @@ wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.11.3"
+  branch: "v3.11.4"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -40,7 +40,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.11.3"
+  branch: "v3.11.4"
   update: "y"
   remove: "y"
   directory: null

From c3dd95c8cea59021da8a8fc60071c098210498b6 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 5 Mar 2020 16:53:15 +0100
Subject: [PATCH 620/714] Bump MD5 agent

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 6270b94d..186cac9d 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,8 +60,8 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  md5: e4623e7cd3f2fc6ac8a313cbdd7c3cba
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
+  md5: 87ce22038688efb44d95f9daff472056
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.3-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
 wazuh_agent_config:
   repo:

From 3fe48ea7fd5cd4ba49858e648f0f36a8e4ecd343 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Mar 2020 09:45:23 +0100
Subject: [PATCH 621/714] Remove conditioinal from task that checks NodeJS

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index c1d91434..8ef1c2cb 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -11,8 +11,6 @@
   stat:
     path: /usr/bin/node
   register: node_service_status
-  when:
-    - wazuh_manager_config.cluster.node_type == "master"
 
 - name: Install NodeJS repository
   block:

From 58f0484cdaa6c3e10bba2117b6a44552d5b94e3b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Mar 2020 09:47:27 +0100
Subject: [PATCH 622/714] Bump Windows Agent version

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 186cac9d..c7014e2a 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -61,7 +61,7 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   md5: 87ce22038688efb44d95f9daff472056
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.3-1.msi
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
 wazuh_agent_config:
   repo:

From ab0a6aaaf39493a556791ce5399b40591995479a Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Mar 2020 14:08:12 +0100
Subject: [PATCH 623/714] Remove Windows MD5 verification

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 -
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 9 ---------
 2 files changed, 10 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index c7014e2a..fbb278eb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,7 +60,6 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
-  md5: 87ce22038688efb44d95f9daff472056
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
 wazuh_agent_config:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index dc9b8fe0..0b844d0a 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -30,15 +30,6 @@
   when:
     - not wazuh_package_downloaded.stat.exists
 
-- name: Windows | Verify the Wazuh Agent installer
-  win_stat:
-    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
-    get_checksum: true
-    checksum_algorithm: md5
-  register: wazuh_agent_status
-  failed_when:
-    - wazuh_agent_status.stat.checksum != wazuh_winagent_config.md5
-
 - name: Windows | Install Agent if not already installed
   win_package:
     path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"

From 91948198a093ad10c0f2b208877f44c8034e853b Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Mar 2020 14:56:32 +0100
Subject: [PATCH 624/714] Revert "Merge pull request #381 from
 wazuh/remove_windows_md5_check"

This reverts commit 4cc3e077a01750a8386fd486dc7a72dd790a01c2, reversing
changes made to 52a81af988a00abd60483f1ccacab34ddd2c9b76.
---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index fbb278eb..c7014e2a 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,6 +60,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
+  md5: 87ce22038688efb44d95f9daff472056
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
 wazuh_agent_config:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 0b844d0a..dc9b8fe0 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -30,6 +30,15 @@
   when:
     - not wazuh_package_downloaded.stat.exists
 
+- name: Windows | Verify the Wazuh Agent installer
+  win_stat:
+    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
+    get_checksum: true
+    checksum_algorithm: md5
+  register: wazuh_agent_status
+  failed_when:
+    - wazuh_agent_status.stat.checksum != wazuh_winagent_config.md5
+
 - name: Windows | Install Agent if not already installed
   win_package:
     path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"

From 2651bc53868dd533e1759bba0961372876271f68 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Mar 2020 14:57:12 +0100
Subject: [PATCH 625/714] Revert "Merge pull request #381 from
 wazuh/remove_windows_md5_check"

This reverts commit 4cc3e077a01750a8386fd486dc7a72dd790a01c2, reversing
changes made to 52a81af988a00abd60483f1ccacab34ddd2c9b76.
---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index fbb278eb..c7014e2a 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,6 +60,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
+  md5: 87ce22038688efb44d95f9daff472056
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
 wazuh_agent_config:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 0b844d0a..dc9b8fe0 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -30,6 +30,15 @@
   when:
     - not wazuh_package_downloaded.stat.exists
 
+- name: Windows | Verify the Wazuh Agent installer
+  win_stat:
+    path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"
+    get_checksum: true
+    checksum_algorithm: md5
+  register: wazuh_agent_status
+  failed_when:
+    - wazuh_agent_status.stat.checksum != wazuh_winagent_config.md5
+
 - name: Windows | Install Agent if not already installed
   win_package:
     path: "{{ wazuh_winagent_config.download_dir }}{{ wazuh_winagent_package_name }}"

From 3b166ea617801ea54658af109f03184d13b01d63 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 9 Mar 2020 15:07:21 +0100
Subject: [PATCH 626/714] Add flag to enable/disable Windows MD5 check

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index c7014e2a..039e5960 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -60,6 +60,7 @@ wazuh_winagent_config:
   auth_path: C:\Program Files\ossec-agent\agent-auth.exe
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
+  check_md5: True
   md5: 87ce22038688efb44d95f9daff472056
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index dc9b8fe0..461249e9 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -38,6 +38,8 @@
   register: wazuh_agent_status
   failed_when:
     - wazuh_agent_status.stat.checksum != wazuh_winagent_config.md5
+  when:
+    - wazuh_winagent_config.check_md5
 
 - name: Windows | Install Agent if not already installed
   win_package:

From efcb55b52362b517b3b9343f0b2183d7a8ef149e Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 9 Mar 2020 18:27:05 +0100
Subject: [PATCH 627/714] Setting restrictive permissions on filebeat related
 files

---
 roles/wazuh/ansible-filebeat/tasks/config.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-filebeat/tasks/config.yml b/roles/wazuh/ansible-filebeat/tasks/config.yml
index ce63503d..d45b06e8 100644
--- a/roles/wazuh/ansible-filebeat/tasks/config.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/config.yml
@@ -5,7 +5,7 @@
     dest: "/etc/filebeat/filebeat.yml"
     owner: root
     group: root
-    mode: 0644
+    mode: 0400
   notify: restart filebeat
   tags: configure
 
@@ -15,7 +15,7 @@
     dest: "/etc/filebeat/wazuh-template.json"
     owner: root
     group: root
-    mode: 0644
+    mode: 0400
   notify: restart filebeat
   tags: configure
 
@@ -30,7 +30,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ filebeat_ssl_dir }}/{{ item | basename }}"
-    mode: 0644
+    mode: 0400
   with_items:
     - "{{ filebeat_ssl_key_file }}"
     - "{{ filebeat_ssl_certificate_file }}"

From ba424e944a5d9b1c004094ad0a89fc6a7acc4d62 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 10 Mar 2020 15:26:33 +0100
Subject: [PATCH 628/714] Minor style fix

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index cd25eec2..300efaff 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -43,7 +43,7 @@ nodejs:
   repo_dict:
       debian: "deb"
       redhat: "rpm"
-  repo_url_ext: "nodesource.com/setup_8.x" 
+  repo_url_ext: "nodesource.com/setup_8.x"
 
 # Build from sources
 build_from_sources: false

From 163c89dbabcb822d18d58a7d4ddae65c16587dd6 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 10 Mar 2020 15:23:35 +0100
Subject: [PATCH 629/714] Adding nodejs recommended node_options and plugin
 optimization

---
 .../ansible-kibana/defaults/main.yml            |  5 ++++-
 .../ansible-kibana/tasks/build_wazuh_plugin.yml |  4 +---
 .../elastic-stack/ansible-kibana/tasks/main.yml | 17 ++++++++++++++---
 3 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index cd25eec2..dcc2bf8a 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -43,8 +43,11 @@ nodejs:
   repo_dict:
       debian: "deb"
       redhat: "rpm"
-  repo_url_ext: "nodesource.com/setup_8.x" 
+  repo_url_ext: "nodesource.com/setup_8.x"
 
 # Build from sources
 build_from_sources: false
 wazuh_plugin_branch: 3.11-7.6
+
+#Nodejs NODE_OPTIONS
+node_options: --max-old-space-size=4096
\ No newline at end of file
diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 37cfd7dc..5fb74823 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -63,9 +63,7 @@
       chdir: "/tmp/app/build"
 
   - name: Install Wazuh Plugin (can take a while)
-    shell: "/usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}"
-    environment:
-      NODE_OPTIONS: "--max-old-space-size=3072"
+    shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}'
     args:
       executable: /bin/bash
       creates: /usr/share/kibana/plugins/wazuh/package.json
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c0d663cc..72f229ae 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -62,6 +62,12 @@
     - kibana_xpack_security
   tags: xpack-security
 
+- name: Node configuration
+  replace:
+    path: /usr/share/kibana/bin/kibana
+    regexp: 'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\" NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
+    replace: 'NODE_OPTIONS="--no-warnings {{node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
+
 - name: Ensuring certificates folder owner
   file:
     path: "{{ node_certs_destination }}/"
@@ -119,9 +125,7 @@
 
 
 - name: Install Wazuh Plugin (can take a while)
-  shell: "/usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
-  environment:
-    NODE_OPTIONS: "--max-old-space-size=3072"
+  shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
@@ -135,6 +139,13 @@
   when:
     - not build_from_sources
 
+- name: Kibana optimization (can take a while)
+  shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana --optimize --allow-root'
+  args:
+    executable: /bin/bash
+  become: yes
+  become_user: kibana
+
 - name: Wait for Elasticsearch port
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}
 

From cfd2de0610c40f9c99d27f313ebbcb1ecfa34dc1 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 11 Mar 2020 15:59:48 +0100
Subject: [PATCH 630/714] node_options scope improvements

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 3 ++-
 roles/elastic-stack/ansible-kibana/tasks/main.yml    | 5 +++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index dcc2bf8a..a237607a 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,4 +50,5 @@ build_from_sources: false
 wazuh_plugin_branch: 3.11-7.6
 
 #Nodejs NODE_OPTIONS
-node_options: --max-old-space-size=4096
\ No newline at end of file
+# kibana_script_node_options: --max-old-space-size=4096
+node_options: --max-old-space-size=4096
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 72f229ae..163605cc 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -62,11 +62,12 @@
     - kibana_xpack_security
   tags: xpack-security
 
-- name: Node configuration
+- name: Kibana script additional configuration for node
   replace:
     path: /usr/share/kibana/bin/kibana
     regexp: 'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\" NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
-    replace: 'NODE_OPTIONS="--no-warnings {{node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
+    replace: 'NODE_OPTIONS="--no-warnings {{kibana_script_node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
+  when: kibana_script_node_options is defined
 
 - name: Ensuring certificates folder owner
   file:

From a4465eb82fd9c87778712c035330a977558bbf46 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 11 Mar 2020 16:27:44 +0100
Subject: [PATCH 631/714] node options variable improvements

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index a237607a..f62e114a 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,5 +50,5 @@ build_from_sources: false
 wazuh_plugin_branch: 3.11-7.6
 
 #Nodejs NODE_OPTIONS
-# kibana_script_node_options: --max-old-space-size=4096
+kibana_script_node_options: "--max-old-space-size=4096"
 node_options: --max-old-space-size=4096
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 163605cc..8fad346a 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -67,7 +67,7 @@
     path: /usr/share/kibana/bin/kibana
     regexp: 'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\" NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
     replace: 'NODE_OPTIONS="--no-warnings {{kibana_script_node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
-  when: kibana_script_node_options is defined
+  when: kibana_script_node_options != ""
 
 - name: Ensuring certificates folder owner
   file:

From 9dc91b88775e901c91f34b3ea591431b78e4c683 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 11 Mar 2020 17:55:28 +0100
Subject: [PATCH 632/714] Adding lint fixes

---
 .../ansible-kibana/defaults/main.yml            |  2 +-
 .../ansible-kibana/tasks/build_wazuh_plugin.yml |  2 +-
 .../elastic-stack/ansible-kibana/tasks/main.yml | 17 ++++++++++++-----
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index f62e114a..79078f7b 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,5 +50,5 @@ build_from_sources: false
 wazuh_plugin_branch: 3.11-7.6
 
 #Nodejs NODE_OPTIONS
-kibana_script_node_options: "--max-old-space-size=4096"
+kibana_script_node_options: ""
 node_options: --max-old-space-size=4096
diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 5fb74823..e2b0bb50 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -63,7 +63,7 @@
       chdir: "/tmp/app/build"
 
   - name: Install Wazuh Plugin (can take a while)
-    shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}'
+    shell: 'NODE_OPTIONS=" {{node_options}} " /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}'
     args:
       executable: /bin/bash
       creates: /usr/share/kibana/plugins/wazuh/package.json
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 8fad346a..e6c7f52d 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -65,9 +65,14 @@
 - name: Kibana script additional configuration for node
   replace:
     path: /usr/share/kibana/bin/kibana
-    regexp: 'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\" NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
-    replace: 'NODE_OPTIONS="--no-warnings {{kibana_script_node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
-  when: kibana_script_node_options != ""
+    regexp: >-
+      'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\"
+      NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
+    replace: >-
+      'NODE_OPTIONS="--no-warnings {{kibana_script_node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}"
+      NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
+  when: kibana_script_node_options | length > 0
+
 
 - name: Ensuring certificates folder owner
   file:
@@ -126,7 +131,9 @@
 
 
 - name: Install Wazuh Plugin (can take a while)
-  shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
+  shell: >-
+    'NODE_OPTIONS=" {{node_options}} " /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}
+    -{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
@@ -141,7 +148,7 @@
     - not build_from_sources
 
 - name: Kibana optimization (can take a while)
-  shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana --optimize --allow-root'
+  shell: 'NODE_OPTIONS=" {{node_options}} " /usr/share/kibana/bin/kibana --optimize'
   args:
     executable: /bin/bash
   become: yes

From efd55e5a5b0717f1957f10ed811a06bd233c1383 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 11 Mar 2020 18:11:00 +0100
Subject: [PATCH 633/714] Minor linting fix

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index e6c7f52d..7c78baa6 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -153,6 +153,8 @@
     executable: /bin/bash
   become: yes
   become_user: kibana
+  tags:
+    - skip_ansible_lint
 
 - name: Wait for Elasticsearch port
   wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}

From 83aa5de3ef9e3df80d582f1a4ad313b6ec5c0469 Mon Sep 17 00:00:00 2001
From: manuasir <manuel.jimenez@wazuh.com>
Date: Wed, 11 Mar 2020 18:21:25 +0100
Subject: [PATCH 634/714] Bump NodeJS version to 10.x

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index cd25eec2..692b85ad 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -43,7 +43,7 @@ nodejs:
   repo_dict:
       debian: "deb"
       redhat: "rpm"
-  repo_url_ext: "nodesource.com/setup_8.x" 
+  repo_url_ext: "nodesource.com/setup_10.x"
 
 # Build from sources
 build_from_sources: false

From c0670f02afd26e1314f9287b1604024d786a3599 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Thu, 12 Mar 2020 09:06:18 +0100
Subject: [PATCH 635/714] Lint fixes

---
 .../ansible-kibana/tasks/build_wazuh_plugin.yml             | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml           | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index e2b0bb50..141438af 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -63,7 +63,7 @@
       chdir: "/tmp/app/build"
 
   - name: Install Wazuh Plugin (can take a while)
-    shell: 'NODE_OPTIONS=" {{node_options}} " /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}'
+    shell: 'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}'
     args:
       executable: /bin/bash
       creates: /usr/share/kibana/plugins/wazuh/package.json
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 7c78baa6..2241c900 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -69,7 +69,7 @@
       'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\"
       NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
     replace: >-
-      'NODE_OPTIONS="--no-warnings {{kibana_script_node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}"
+      'NODE_OPTIONS="--no-warnings {{ kibana_script_node_options }} --max-http-header-size=65536 ${NODE_OPTIONS}"
       NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
   when: kibana_script_node_options | length > 0
 
@@ -132,7 +132,7 @@
 
 - name: Install Wazuh Plugin (can take a while)
   shell: >-
-    'NODE_OPTIONS=" {{node_options}} " /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}
+    'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}
     -{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
   args:
     executable: /bin/bash
@@ -148,7 +148,7 @@
     - not build_from_sources
 
 - name: Kibana optimization (can take a while)
-  shell: 'NODE_OPTIONS=" {{node_options}} " /usr/share/kibana/bin/kibana --optimize'
+  shell: 'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana --optimize'
   args:
     executable: /bin/bash
   become: yes

From b4bd4b334cea2262b5413344d5839a2146e8d530 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Thu, 12 Mar 2020 10:47:28 +0100
Subject: [PATCH 636/714] multiline wrap with whitespace in a correct column

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 2241c900..53571026 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -132,8 +132,8 @@
 
 - name: Install Wazuh Plugin (can take a while)
   shell: >-
-    'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}
-    -{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
+    'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install
+    {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json

From 3d2cce76fa7ee8a972f4f6ef86bed4982744bc73 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Thu, 12 Mar 2020 11:50:02 +0100
Subject: [PATCH 637/714] multiline wrapping fix

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 53571026..118945ae 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -131,9 +131,8 @@
 
 
 - name: Install Wazuh Plugin (can take a while)
-  shell: >-
-    'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install
-    {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip'
+  shell: "NODE_OPTIONS=\" {{ node_options }} \" /usr/share/kibana/bin/kibana-plugin \
+         install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json

From dab2f69b68dc7246c0a0356395d7c6354b962a64 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Thu, 12 Mar 2020 15:02:28 +0100
Subject: [PATCH 638/714] removing single quotes

---
 .../ansible-kibana/tasks/build_wazuh_plugin.yml   |  2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 15 ++++++++-------
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index 141438af..cd22f42e 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -63,7 +63,7 @@
       chdir: "/tmp/app/build"
 
   - name: Install Wazuh Plugin (can take a while)
-    shell: 'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}'
+    shell: NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}
     args:
       executable: /bin/bash
       creates: /usr/share/kibana/plugins/wazuh/package.json
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 118945ae..8c8ed588 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -66,11 +66,11 @@
   replace:
     path: /usr/share/kibana/bin/kibana
     regexp: >-
-      'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\"
-      NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}'
+      NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\"
+      NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}
     replace: >-
-      'NODE_OPTIONS="--no-warnings {{ kibana_script_node_options }} --max-http-header-size=65536 ${NODE_OPTIONS}"
-      NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}'
+      NODE_OPTIONS="--no-warnings {{ kibana_script_node_options }} --max-http-header-size=65536 ${NODE_OPTIONS}"
+      NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}
   when: kibana_script_node_options | length > 0
 
 
@@ -131,8 +131,9 @@
 
 
 - name: Install Wazuh Plugin (can take a while)
-  shell: "NODE_OPTIONS=\" {{ node_options }} \" /usr/share/kibana/bin/kibana-plugin \
-         install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip"
+  shell: >-
+    NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install
+    {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip
   args:
     executable: /bin/bash
     creates: /usr/share/kibana/plugins/wazuh/package.json
@@ -147,7 +148,7 @@
     - not build_from_sources
 
 - name: Kibana optimization (can take a while)
-  shell: 'NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana --optimize'
+  shell: NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana --optimize
   args:
     executable: /bin/bash
   become: yes

From b9a8dfff8abcbe123f9baa125f498b6a18d5457e Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Fri, 13 Mar 2020 09:29:54 +0100
Subject: [PATCH 639/714] fix to pass the indempotence test

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 8c8ed588..1900777b 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -153,6 +153,7 @@
     executable: /bin/bash
   become: yes
   become_user: kibana
+  changed_when: false
   tags:
     - skip_ansible_lint
 

From 84b5510e3010f88da3863a53d416c789786fbded Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Fri, 13 Mar 2020 12:11:07 +0100
Subject: [PATCH 640/714] Removing whitespaces surrounding node_options var

---
 .../elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml             | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index cd22f42e..a674a95f 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -63,7 +63,7 @@
       chdir: "/tmp/app/build"
 
   - name: Install Wazuh Plugin (can take a while)
-    shell: NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}
+    shell: NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install file:///tmp/app/build/{{ wazuhapp_package_name.stdout }}
     args:
       executable: /bin/bash
       creates: /usr/share/kibana/plugins/wazuh/package.json
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 1900777b..dc7c3696 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -132,7 +132,7 @@
 
 - name: Install Wazuh Plugin (can take a while)
   shell: >-
-    NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana-plugin install
+    NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install
     {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip
   args:
     executable: /bin/bash
@@ -148,7 +148,7 @@
     - not build_from_sources
 
 - name: Kibana optimization (can take a while)
-  shell: NODE_OPTIONS=" {{ node_options }} " /usr/share/kibana/bin/kibana --optimize
+  shell: NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana --optimize
   args:
     executable: /bin/bash
   become: yes

From f4b70ab1c643b60b71236802ed04d143b76ea1ca Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Fri, 13 Mar 2020 12:27:18 +0100
Subject: [PATCH 641/714] removing kibana script extra node options

---
 .../elastic-stack/ansible-kibana/defaults/main.yml  |  1 -
 roles/elastic-stack/ansible-kibana/tasks/main.yml   | 13 -------------
 2 files changed, 14 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index da865a38..e930eae7 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,5 +50,4 @@ build_from_sources: false
 wazuh_plugin_branch: 3.11-7.6
 
 #Nodejs NODE_OPTIONS
-kibana_script_node_options: ""
 node_options: --max-old-space-size=4096
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index dc7c3696..b43b3755 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -62,18 +62,6 @@
     - kibana_xpack_security
   tags: xpack-security
 
-- name: Kibana script additional configuration for node
-  replace:
-    path: /usr/share/kibana/bin/kibana
-    regexp: >-
-      NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\"
-      NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}
-    replace: >-
-      NODE_OPTIONS="--no-warnings {{ kibana_script_node_options }} --max-http-header-size=65536 ${NODE_OPTIONS}"
-      NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}
-  when: kibana_script_node_options | length > 0
-
-
 - name: Ensuring certificates folder owner
   file:
     path: "{{ node_certs_destination }}/"
@@ -129,7 +117,6 @@
     - build_from_sources is defined
     - build_from_sources
 
-
 - name: Install Wazuh Plugin (can take a while)
   shell: >-
     NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install

From 3ba86f7cd8d30da34a81373881f7bf7ada71b681 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Fri, 13 Mar 2020 14:15:50 +0100
Subject: [PATCH 642/714] minor fix

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 7f5d17c8..e930eae7 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -43,11 +43,7 @@ nodejs:
   repo_dict:
       debian: "deb"
       redhat: "rpm"
-<<<<<<< HEAD
-  repo_url_ext: "nodesource.com/setup_8.x"
-=======
   repo_url_ext: "nodesource.com/setup_10.x"
->>>>>>> feature-node_options-variable
 
 # Build from sources
 build_from_sources: false

From eff4b38bedf6091786e26bf55c8ceef51f47cf61 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 17 Mar 2020 12:17:49 +0100
Subject: [PATCH 643/714] Restricting too open xpack and kibana permissions

---
 .../ansible-elasticsearch/tasks/xpack_security.yml            | 4 ++--
 roles/elastic-stack/ansible-kibana/tasks/main.yml             | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index e9261956..82f3b081 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -35,7 +35,7 @@
   copy:
     src: "{{ master_certs_path }}/ca/{{ ca_key_name }}"
     dest: "{{ node_certs_source }}/{{ ca_key_name }}"
-    mode: '0664'
+    mode: '0440'
   when:
    - not generate_CA
    - node_certs_generator
@@ -45,7 +45,7 @@
   copy:
     src: "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
     dest: "{{ node_certs_source }}/{{ ca_cert_name }}"
-    mode: '0664'
+    mode: '0440'
   when:
     - not generate_CA
     - node_certs_generator
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index b43b3755..ad4a3e4c 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -41,7 +41,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0664'
+    mode: '0444'
   with_items:
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"

From c6a3dda23ac56d0e35bc208586d1a7cb8ffa3af8 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 17 Mar 2020 15:50:22 +0100
Subject: [PATCH 644/714] Restricting already existing cert permissions and
 setting missing ones

---
 .../ansible-elasticsearch/tasks/xpack_security.yml              | 2 ++
 roles/elastic-stack/ansible-kibana/tasks/main.yml               | 1 +
 roles/wazuh/ansible-filebeat/tasks/main.yml                     | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 82f3b081..664d1b4d 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -149,6 +149,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    mode: '0444'
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
@@ -163,6 +164,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    mode: '0444'
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index ad4a3e4c..80bdeca9 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -28,6 +28,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    mode: '0444'
   with_items:
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index 07bc94ea..b5b4cba8 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -30,6 +30,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    mode: '0444'
   with_items:
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.key"
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.crt"
@@ -43,6 +44,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    mode: '0444'
   with_items:
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.key"
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.crt"

From 33fceff612a3f97c291c03158759b0ea0ad356f4 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 17 Mar 2020 16:40:39 +0100
Subject: [PATCH 645/714] Normalization to octal for permissions asignations

---
 .../ansible-elasticsearch/tasks/xpack_security.yml | 14 +++++++-------
 .../ansible-kibana/tasks/build_wazuh_plugin.yml    |  2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml  |  8 ++++----
 .../tasks/installation_from_sources.yml            |  6 +++---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml   |  2 +-
 5 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 664d1b4d..6eff899f 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -35,7 +35,7 @@
   copy:
     src: "{{ master_certs_path }}/ca/{{ ca_key_name }}"
     dest: "{{ node_certs_source }}/{{ ca_key_name }}"
-    mode: '0440'
+    mode: 0440
   when:
    - not generate_CA
    - node_certs_generator
@@ -45,7 +45,7 @@
   copy:
     src: "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
     dest: "{{ node_certs_source }}/{{ ca_cert_name }}"
-    mode: '0440'
+    mode: 0440
   when:
     - not generate_CA
     - node_certs_generator
@@ -100,7 +100,7 @@
   file:
     path: "{{ master_certs_path }}"
     state: directory
-    mode: '0700'
+    mode: 0700
   delegate_to: "127.0.0.1"
   when:
     - node_certs_generator
@@ -109,7 +109,7 @@
   file:
     path: "{{ master_certs_path }}/ca/"
     state: directory
-    mode: '0700'
+    mode: 0700
   delegate_to: "127.0.0.1"
   when:
     - node_certs_generator
@@ -149,7 +149,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0444'
+    mode: 0444
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
@@ -164,7 +164,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0444'
+    mode: 0444
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
@@ -178,7 +178,7 @@
 - name: Ensuring folder permissions
   file:
     path: "{{ node_certs_destination }}/"
-    mode: '0774'
+    mode: 0774
     state: directory
     recurse: yes
   when:
diff --git a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
index a674a95f..b7ceb87f 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/build_wazuh_plugin.yml
@@ -14,7 +14,7 @@
     get_url:
       url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
       dest: "/tmp/setup_nodejs_repo.sh"
-      mode: "0700"
+      mode: 0700
 
   - name: Execute downloaded script to install Nodejs repo
     command: /tmp/setup_nodejs_repo.sh
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 80bdeca9..a31950bf 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -28,7 +28,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0444'
+    mode: 0444
   with_items:
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
@@ -42,7 +42,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0444'
+    mode: 0444
   with_items:
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
@@ -66,7 +66,7 @@
 - name: Ensuring certificates folder owner
   file:
     path: "{{ node_certs_destination }}/"
-    mode: '0770'
+    mode: 0770
     recurse: yes
   when:
     - kibana_xpack_security
@@ -79,7 +79,7 @@
     dest: /etc/kibana/kibana.yml
     owner: root
     group: root
-    mode: '0664'
+    mode: 0664
   notify: restart kibana
   tags: configure
 
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index c83aaff1..e019d2f9 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -60,7 +60,7 @@
           path: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}"
           state: directory
 
-    # When downloading "v3.11.0" extracted folder name is 3.11.0. 
+    # When downloading "v3.11.0" extracted folder name is 3.11.0.
 
     # Explicitly creating the folder with proper naming and striping first level in .tar.gz file
 
@@ -91,7 +91,7 @@
           dest: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}/etc/preloaded-vars.conf"
           owner: root
           group: root
-          mode: '644'
+          mode: 0644
 
       - name: Executing "install.sh" script to build and install the Wazuh Manager
         shell: ./install.sh > /tmp/build_wazuh_manager_log.txt
@@ -167,7 +167,7 @@
           dest: "/tmp/wazuh-api/configuration/preloaded_vars.conf"
           owner: root
           group: root
-          mode: '644'
+          mode: 0644
 
       - name: Execute Wazuh API installation script
         shell: ./install_api.sh > /tmp/build_wazuh_api_log.txt
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 8ef1c2cb..1f354ca3 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -18,7 +18,7 @@
       get_url:
         url: "https://{{ nodejs['repo_dict'][ansible_os_family|lower] }}.{{ nodejs['repo_url_ext'] }}"
         dest: /etc/nodejs.sh
-        mode: '0775'
+        mode: 0775
       changed_when: false
 
     - name: Run NodeJS bash script

From 4b9fb53549acd8a0fd2712ce59953827a3125f05 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 17 Mar 2020 18:21:33 +0100
Subject: [PATCH 646/714] Removing readall perms in certs files. Minor syntax
 normalizations

---
 .../ansible-elasticsearch/tasks/xpack_security.yml          | 4 ++--
 roles/elastic-stack/ansible-kibana/tasks/main.yml           | 6 +++---
 roles/wazuh/ansible-filebeat/tasks/main.yml                 | 6 +++---
 .../ansible-wazuh-agent/tasks/installation_from_sources.yml | 2 +-
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 6eff899f..47438f98 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -149,7 +149,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: 0444
+    mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
@@ -164,7 +164,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: 0444
+    mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.crt"
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index a31950bf..efd16de5 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -28,7 +28,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: 0444
+    mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
@@ -42,7 +42,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: 0444
+    mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
     - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
@@ -79,7 +79,7 @@
     dest: /etc/kibana/kibana.yml
     owner: root
     group: root
-    mode: 0664
+    mode: 0644
   notify: restart kibana
   tags: configure
 
diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml
index b5b4cba8..4948c252 100644
--- a/roles/wazuh/ansible-filebeat/tasks/main.yml
+++ b/roles/wazuh/ansible-filebeat/tasks/main.yml
@@ -30,7 +30,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0444'
+    mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.key"
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.crt"
@@ -44,7 +44,7 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
-    mode: '0444'
+    mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.key"
     - "{{ master_certs_path }}/{{ filebeat_node_name }}/{{ filebeat_node_name }}.crt"
@@ -57,7 +57,7 @@
 - name: Ensuring folder & certs permissions
   file:
     path: "{{ node_certs_destination }}/"
-    mode: '0774'
+    mode: 0774
     state: directory
     recurse: yes
   when:
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
index 69934631..73b3e6ce 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/installation_from_sources.yml
@@ -76,7 +76,7 @@
       dest: "/tmp/wazuh-{{ wazuh_agent_sources_installation.branch }}/etc/preloaded-vars.conf"
       owner: root
       group: root
-      mode: '644'
+      mode: 0644
     changed_when: false
 
   - name: Executing "install.sh" script to build and install the Wazuh Agent

From c63756d541dc64cd052943e24c4297136c7f9ae1 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Fri, 20 Mar 2020 21:35:18 +0100
Subject: [PATCH 647/714] Fix list check if it's empty

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index 5465f393..27819956 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -76,7 +76,7 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
-        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups != None %}
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups | length > 0 %}
         -G "{{ wazuh_agent_authd.groups | join(',') }}"
         {% endif %}
       register: agent_auth_output

From b67a5e5e97e274705b023986e8ded6cf4e22de97 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 23 Mar 2020 12:47:58 +0100
Subject: [PATCH 648/714] Adding new registration_adress ansible var

---
 roles/wazuh/ansible-wazuh-agent/README.md        |  3 ++-
 .../wazuh/ansible-wazuh-agent/defaults/main.yml  |  1 +
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml  | 16 ++++++++--------
 .../wazuh/ansible-wazuh-agent/tasks/Windows.yml  |  4 ++--
 4 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/README.md b/roles/wazuh/ansible-wazuh-agent/README.md
index 9709d9b3..e43ddb87 100644
--- a/roles/wazuh/ansible-wazuh-agent/README.md
+++ b/roles/wazuh/ansible-wazuh-agent/README.md
@@ -37,11 +37,12 @@ The following is an example of how this role can be used:
              api_proto: 'http'
              api_user: 'ansible'
          wazuh_agent_authd:
+           registration_address: 127.0.0.1
            enable: true
            port: 1515
            ssl_agent_ca: null
            ssl_auto_negotiate: 'no'
-     
+
 
 License and copyright
 ---------------------
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 039e5960..31aaa7dc 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -43,6 +43,7 @@ wazuh_profile_centos: 'centos, centos7, centos7.6'
 wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
 wazuh_auto_restart: 'yes'
 wazuh_agent_authd:
+  registration_address: 127.0.0.1
   enable: false
   port: 1515
   agent_name: null
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index c1c701fc..c83ca90d 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -68,7 +68,7 @@
         {% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
         -A {{ wazuh_agent_authd.agent_name }}
         {% endif %}
-        -m {{ wazuh_managers.0.address }}
+        -m {{ wazuh_agent_authd.registration_address }}
         -p {{ wazuh_agent_authd.port }}
         {% if wazuh_agent_nat %} -I "any" {% endif %}
         {% if authd_pass is defined %} -P {{ authd_pass }} {% endif %}
@@ -88,13 +88,13 @@
         agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
       when:
         - not check_keys.stat.exists or check_keys.stat.size == 0
-        - wazuh_managers.0.address is not none
+        - wazuh_agent_authd.registration_address is not none
 
     - name: Linux | Verify agent registration
       shell: echo {{ agent_auth_output }} | grep "Valid key created"
       when:
         - not check_keys.stat.exists or check_keys.stat.size == 0
-        - wazuh_managers.0.address is not none
+        - wazuh_agent_authd.registration_address is not none
 
   when: wazuh_agent_authd.enable
   tags:
@@ -109,7 +109,7 @@
 
     - name: Linux | Create the agent key via rest-API
       uri:
-        url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/"
+        url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/"
         validate_certs: false
         method: POST
         body: '{"name":"{{ agent_name }}"}'
@@ -126,13 +126,13 @@
         agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
       when:
         - not check_keys.stat.exists or check_keys.stat.size == 0
-        - wazuh_managers.0.address is not none
+        - wazuh_agent_authd.registration_address is not none
       become: false
       ignore_errors: true
 
     - name: Linux | Retieve new agent data via rest-API
       uri:
-        url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
+        url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
         validate_certs: false
         method: GET
         return_content: true
@@ -140,7 +140,7 @@
         password: "{{ api_pass }}"
       when:
         - not check_keys.stat.exists or check_keys.stat.size == 0
-        - wazuh_managers.0.address is not none
+        - wazuh_agent_authd.registration_address is not none
         - newagent_api.json.error == 0
       register: newagentdata_api
       delegate_to: localhost
@@ -158,7 +158,7 @@
       register: manage_agents_output
       when:
         - not check_keys.stat.exists or check_keys.stat.size == 0
-        - wazuh_managers.0.address is not none
+        - wazuh_agent_authd.registration_address is not none
         - newagent_api.changed
       notify: restart wazuh-agent
 
diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
index 461249e9..bac0e1dc 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
@@ -61,7 +61,7 @@
 - name: Windows | Register agent
   win_shell: >
     {{ wazuh_agent_win_auth_path }}
-    -m {{ wazuh_managers.0.address }}
+    -m {{ wazuh_agent_authd.registration_address }}
     -p {{ wazuh_agent_authd.port }}
     {% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
     {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
@@ -70,7 +70,7 @@
   when:
     - wazuh_agent_authd.enable
     - not check_windows_key.stat.exists or check_windows_key.stat.size == 0
-    - wazuh_managers.0.address is not none
+    - wazuh_agent_authd.registration_address is not none
   tags:
     - config
 

From d75f75b76b46027db5d25af995d0e6cd6e900b95 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 23 Mar 2020 14:01:57 +0100
Subject: [PATCH 649/714] Fixes #390 . Removed bad formed XML comments.

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2                  | 1 -
 .../templates/var-ossec-etc-ossec-server.conf.j2                 | 1 -
 .../templates/var-ossec-etc-shared-agent.conf.j2                 | 1 -
 3 files changed, 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 128ba142..0c640cdc 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -203,7 +203,6 @@
   <syscheck>
     <disabled>no</disabled>
   <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
-    <!-- Frequency that syscheck is executed -- default every 20 hours -->
     <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
     {% if ansible_system == "Linux" %}
     <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 43853bec..d4340c9b 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -295,7 +295,6 @@
   <syscheck>
     <disabled>{{ wazuh_manager_config.syscheck.disable }}</disabled>
     <alert_new_files>{{ wazuh_manager_config.syscheck.alert_new_files }}</alert_new_files>
-    <!-- Frequency that syscheck is executed -- default every 20 hours -->
     <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>
 
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index 00fdcd01..f300f22a 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -8,7 +8,6 @@
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
     {% endif %}
     <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
-    <!-- Frequency that syscheck is executed -- default every 20 hours -->
     <frequency>{{ agent_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ agent_config.syscheck.scan_on_start }}</scan_on_start>
 

From ec481c790a2640d740d141a94dc82bbeb2ce88bf Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 23 Mar 2020 15:37:52 +0100
Subject: [PATCH 650/714] Fixing lint warnings

---
 roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
index c83ca90d..1a9076be 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
@@ -132,7 +132,9 @@
 
     - name: Linux | Retieve new agent data via rest-API
       uri:
-        url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
+        url: >-
+          "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address
+          }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
         validate_certs: false
         method: GET
         return_content: true

From 0f1d958ff2e9f99611c57841324c33384594c8a4 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 23 Mar 2020 17:57:22 +0100
Subject: [PATCH 651/714] Added registration address var to default wazuh-agent
 playbook

---
 playbooks/wazuh-agent.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
index 8c7eaa69..5e1fcacc 100644
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@@ -11,6 +11,7 @@
         api_proto: 'http'
         api_user: ansible
     wazuh_agent_authd:
+      registration_address: <registration IP>
       enable: true
       port: 1515
       ssl_agent_ca: null

From d9b693066334714840da4db0daa7bf980ecd4095 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 23 Mar 2020 18:24:27 +0100
Subject: [PATCH 652/714] Update
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ddc62093..81996848 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -273,7 +273,7 @@ wazuh_manager_config:
       alert_level: 12
   monitor_aws:
     disable: 'no'
-    internal: '10m'
+    interval: '10m'
     run_on_start: 'yes'
     skip_on_error: 'yes'
     s3:

From e27d0d33102c631e0ecabb4d3bdcaaafa16735e7 Mon Sep 17 00:00:00 2001
From: Rshad Zhran <rashzk95@gmail.com>
Date: Mon, 23 Mar 2020 20:32:12 +0100
Subject: [PATCH 653/714] Remove agent groups redundant list

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 3 +--
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml    | 4 ++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 86b0205b..8b4151de 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -410,5 +410,4 @@ nodejs:
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_10.x"
 
-agent_groups:
-  groups: [] # groups to create
+agent_groups: [] # groups to create
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 254b7e88..eaabdb77 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -354,9 +354,9 @@
 - name: Create agent groups
   command: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
   with_items:
-    - "{{ agent_groups.groups }}"
+    - "{{ agent_groups }}"
   when:
-    - ( agent_groups.groups is defined) and ( agent_groups.groups|length > 0)
+    - ( agent_groups is defined) and ( agent_groups|length > 0)
   tags: molecule-idempotence-notest
 
 - include_tasks: "RMRedHat.yml"

From 1f2670f74ecf8de4b595a4faf2676b192dc14d4e Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 24 Mar 2020 12:42:45 +0100
Subject: [PATCH 654/714] Rule paths are now relative to playbooks

---
 playbooks/wazuh-agent.yml                     |  2 +-
 playbooks/wazuh-elastic.yml                   |  2 +-
 playbooks/wazuh-elastic_stack-distributed.yml | 16 ++++++++--------
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml
index 5e1fcacc..806b07c0 100644
--- a/playbooks/wazuh-agent.yml
+++ b/playbooks/wazuh-agent.yml
@@ -1,7 +1,7 @@
 ---
 - hosts: <your wazuh agents hosts>
   roles:
-    - /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-agent
+    - ../roles/wazuh/ansible-wazuh-agent
   vars:
     wazuh_managers:
       - address: <your manager IP>
diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml
index eda19931..6c372889 100644
--- a/playbooks/wazuh-elastic.yml
+++ b/playbooks/wazuh-elastic.yml
@@ -1,5 +1,5 @@
 ---
 - hosts: <YOUR_ELASTICSEARCH_IP>
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+    - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: '<YOUR_ELASTICSEARCH_IP>'
diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml
index 16abfcf5..c0c14054 100644
--- a/playbooks/wazuh-elastic_stack-distributed.yml
+++ b/playbooks/wazuh-elastic_stack-distributed.yml
@@ -2,7 +2,7 @@
 
 - hosts: <node-1 IP>
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+    - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: <node-1 IP>
       elasticsearch_node_name: node-1
       elasticsearch_bootstrap_node: true
@@ -33,7 +33,7 @@
 
 - hosts: <node-2 IP>
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+    - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: <node-2 IP>
       elasticsearch_node_name: node-2
       single_node: false
@@ -46,7 +46,7 @@
 
 - hosts: <node-3 IP>
   roles:
-    - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+    - role: ../roles/elastic-stack/ansible-elasticsearch
       elasticsearch_network_host: <node-3 IP>
       elasticsearch_node_name: node-3
       single_node: false
@@ -60,21 +60,21 @@
 
 # - hosts: 172.16.0.162
 #   roles:
-#     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-wazuh-manager
+#     - role: ../roles/wazuh/ansible-wazuh-manager
 
-#     - role: /etc/ansible/roles/wazuh-ansible/roles/wazuh/ansible-filebeat
+#     - role: ../roles/wazuh/ansible-filebeat
 #       filebeat_output_elasticsearch_hosts: 172.16.0.161:9200
 #       filebeat_xpack_security: true
 #       filebeat_node_name: node-2
 #       node_certs_generator: false
 #       elasticsearch_xpack_security_password: elastic_pass
 
-#     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-elasticsearch
+#     - role: ../roles/elastic-stack/ansible-elasticsearch
 #       elasticsearch_network_host: 172.16.0.162
 #       node_name: node-2
 #       elasticsearch_bootstrap_node: false
 #       elasticsearch_master_candidate: true
-#       elasticsearch_discovery_nodes: 
+#       elasticsearch_discovery_nodes:
 #         - 172.16.0.161
 #         - 172.16.0.162
 #       elasticsearch_xpack_security: true
@@ -83,7 +83,7 @@
 
 # - hosts: 172.16.0.163
 #   roles:
-#     - role: /etc/ansible/roles/wazuh-ansible/roles/elastic-stack/ansible-kibana
+#     - role: ../roles/elastic-stack/ansible-kibana
 #       kibana_xpack_security: true
 #       kibana_node_name: node-3
 #       elasticsearch_network_host: 172.16.0.161

From 14e2a6bb4730e4e6068a4a474b8bcec5dee293bb Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Mar 2020 16:46:01 +0100
Subject: [PATCH 655/714] Bump versions to 3.12.0_7.6.1

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml |  2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 10 +++++-----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  |  6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index e930eae7..7223db60 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.6.1
-wazuh_version: 3.11.4
+wazuh_version: 3.12.0
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 elasticrepo:
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 05b0fe8b..b2808488 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.11.4-1
+wazuh_agent_version: 3.12.0-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "https://s3-us-west-1.amazonaw
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.11.4"
+  branch: "v3.12.0"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -63,9 +63,9 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
-  md5: 87ce22038688efb44d95f9daff472056
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.11.4-1.msi
-wazuh_winagent_package_name: wazuh-agent-3.11.4-1.msi
+  md5: 91efaefae4e1977670eab0c768a22a93
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.0-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.12.0-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 8b4151de..a4ce627f 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 3.11.4-1
+wazuh_manager_version: 3.12.0-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -15,7 +15,7 @@ wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.11.4"
+  branch: "v3.12.0"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -40,7 +40,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.11.4"
+  branch: "v3.12.0"
   update: "y"
   remove: "y"
   directory: null

From dfc7bbf4b36fd33e29beebb479076ac7ab15e6bf Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 24 Mar 2020 18:21:46 +0100
Subject: [PATCH 656/714] Updates to adapt ossec.conf templates to Wazuh v3.12
 default ones

---
 .../ansible-wazuh-agent/defaults/main.yml     | 136 +++++-------------
 .../var-ossec-etc-ossec-agent.conf.j2         |  28 +++-
 2 files changed, 61 insertions(+), 103 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index b2808488..75c21d3c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -87,8 +87,17 @@ wazuh_agent_config:
     scan_on_start: 'yes'
     auto_ignore: 'no'
     alert_new_files: 'yes'
-    win_audit_interval: 300
+    win_audit_interval: 60
     skip_nfs: 'yes'
+    skip_dev: 'yes'
+    skip_proc: 'yes'
+    skip_sys: 'yes'
+    process_priority: 10
+    max_eps: 100
+    sync_enabled: 'yes'
+    sync_interval: '5m'
+    sync_max_interval: '1h'
+    sync_max_eps: 10
     ignore:
       - /etc/mtab
       - /etc/hosts.deny
@@ -114,106 +123,39 @@ wazuh_agent_config:
       - /etc/ssl/private.key
     directories:
       - dirs: /etc,/usr/bin,/usr/sbin
-        checks: 'check_all="yes"'
+        checks: ''
       - dirs: /bin,/sbin,/boot
-        checks: 'check_all="yes"'
+        checks: ''
     win_directories:
-      - dirs: '%WINDIR%\regedit.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\system.ini'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\win.ini'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\at.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\attrib.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\cacls.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\cmd.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\drivers\etc'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\eventcreate.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\ftp.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\lsass.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\net.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\net1.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\netsh.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\reg.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\regedt32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\regsvr32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\runas.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\sc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\schtasks.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\sethc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\subst.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\wbem\WMIC.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\WindowsPowerShell\v1.0\powershell.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\winrm.vbs'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\at.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\attrib.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\cacls.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\cmd.exe'
-        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%'
+        checks: 'recursion_level="0" restrict="regedit.exe$|system.ini$|win.ini$"'
+      - dirs: '%WINDIR%\SysNative'
+        checks: >-
+          recursion_level="0" restrict="at.exe$|attrib.exe$|cacls.exe$|cmd.exe$|eventcreate.exe$|ftp.exe$|lsass.exe$|
+          net.exe$|net1.exe$|netsh.exe$|reg.exe$|regedt32.exe|regsvr32.exe|runas.exe|sc.exe|schtasks.exe|sethc.exe|subst.exe$"
+      - dirs: '%WINDIR%\SysNative\drivers\etc%'
+        checks: 'recursion_level="0"'
+      - dirs: '%WINDIR%\SysNative\wbem'
+        checks: 'recursion_level="0" restrict="WMIC.exe$"'
+      - dirs: '%WINDIR%\SysNative\WindowsPowerShell\v1.0'
+        checks: 'recursion_level="0" restrict="powershell.exe$"'
+      - dirs: '%WINDIR%\SysNative'
+        checks: 'recursion_level="0" restrict="winrm.vbs$"'
+      - dirs: '%WINDIR%\System32'
+        checks: >-
+          recursion_level="0" restrict="at.exe$|attrib.exe$|cacls.exe$|cmd.exe$|eventcreate.exe$|ftp.exe$|lsass.exe$|net.exe$|net1.exe$|
+          netsh.exe$|reg.exe$|regedit.exe$|regedt32.exe$|regsvr32.exe$|runas.exe$|sc.exe$|schtasks.exe$|sethc.exe$|subst.exe$"
       - dirs: '%WINDIR%\System32\drivers\etc'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\eventcreate.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\ftp.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\net.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\net1.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\netsh.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\reg.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\regedit.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\regedt32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\regsvr32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\runas.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\sc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\schtasks.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\sethc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\subst.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\wbem\WMIC.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\WindowsPowerShell\v1.0\powershell.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\winrm.vbs'
-        checks: 'check_all="yes"'
+        checks: 'recursion_level="0"'
+      - dirs: '%WINDIR%\System32\wbem'
+        checks: 'recursion_level="0" restrict="WMIC.exe$"'
+      - dirs: '%WINDIR%\System32\WindowsPowerShell\v1.0'
+        checks: 'recursion_level="0" restrict="powershell.exe$"'
+      - dirs: '%WINDIR%\System32'
+        checks: 'recursion_level="0" restrict="winrm.vbs$"'
       - dirs: '%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\Startup'
-        checks: 'check_all="yes" realtime="yes"'
+        checks: 'realtime="yes"'
+
     windows_registry:
       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\cmdfile'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 0c640cdc..28b6828a 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -61,7 +61,6 @@
     <skip_nfs>yes</skip_nfs>
     {% endif %}
     {% if ansible_os_family == "Windows" %}
-    <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
     <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
     <windows_malware>./shared/win_malware_rcl.txt</windows_malware>
     {% endif %}
@@ -186,13 +185,13 @@
   {% if wazuh_agent_config.sca.skip_nfs | length > 0 %}
     <skip_nfs>yes</skip_nfs>
   {% endif %}
-  {% if wazuh_agent_config.sca.day | length > 0 %}  
+  {% if wazuh_agent_config.sca.day | length > 0 %}
     <day>yes</day>
   {% endif %}
-  {% if wazuh_agent_config.sca.wday | length > 0 %}  
+  {% if wazuh_agent_config.sca.wday | length > 0 %}
     <wday>yes</wday>
   {% endif %}
-  {% if wazuh_agent_config.sca.time | length > 0 %}  
+  {% if wazuh_agent_config.sca.time | length > 0 %}
     <time>yes</time>
   {% endif %}
   </sca>
@@ -246,8 +245,11 @@
     {% for no_diff in wazuh_agent_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
     {% endfor %}
-    
+
     <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
+    <skip_dev>{{ wazuh_agent_config.syscheck.skip_dev }}</skip_dev>
+    <skip_proc>{{ wazuh_agent_config.syscheck.skip_proc }}</skip_proc>
+    <skip_sys>{{ wazuh_agent_config.syscheck.skip_sys }}</skip_sys>
     {% endif %}
 
     {% if ansible_os_family == "Windows" %}
@@ -274,6 +276,20 @@
     <!-- Frequency for ACL checking (seconds) -->
     <windows_audit_interval>{{ wazuh_agent_config.syscheck.win_audit_interval }}</windows_audit_interval>
     {% endif %}
+
+      <!-- Nice value for Syscheck module -->
+    <process_priority>{{ wazuh_agent_config.syscheck.process_priority }}</process_priority>
+
+    <!-- Maximum output throughput -->
+    <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+
+    <!-- Database synchronization settings -->
+    <synchronization>
+      <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
+      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+    </synchronization>
   </syscheck>
   {% endif %}
 
@@ -292,7 +308,7 @@
   <!-- Files to monitor (localfiles) -->
   {% if ansible_system == "Linux" %}
   {% for localfile in wazuh_agent_config.localfiles.linux %}
-  
+
   <localfile>
     <log_format>{{ localfile.format }}</log_format>
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}

From 2cdc6fd7310990f74d4ae410b0cff152206e024a Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Tue, 24 Mar 2020 18:31:13 +0100
Subject: [PATCH 657/714] Updated elasticsearch template

---
 .../templates/wazuh-elastic7-template-alerts.json.j2           | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
index 06af6322..0b153fd4 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2
@@ -531,6 +531,9 @@
           "sha1_before": {
             "type": "keyword"
           },
+          "hard_links": {
+            "type": "keyword"
+          },
           "sha1_after": {
             "type": "keyword"
           },

From bee5986b0301bbdbd2b229389fac4dc88ab1ee23 Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Mar 2020 20:24:59 +0100
Subject: [PATCH 658/714] Bump branch when building from sources

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 7223db60..2ac2cde5 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -47,7 +47,7 @@ nodejs:
 
 # Build from sources
 build_from_sources: false
-wazuh_plugin_branch: 3.11-7.6
+wazuh_plugin_branch: 3.12-7.6
 
 #Nodejs NODE_OPTIONS
 node_options: --max-old-space-size=4096

From c872140f28e54abda5c7cf8f8dccc3537e3a3dbb Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Mar 2020 20:25:38 +0100
Subject: [PATCH 659/714] Update path for wazuh.yml

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index efd16de5..2e39391f 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -161,10 +161,15 @@
     validate_certs: no
     status_code: 200, 404
 
+- name: Create wazuh plugin config directory
+  file:
+    path: /usr/share/kibana/optimize/wazuh/config/
+    state: directory
+
 - name: Configure Wazuh Kibana Plugin
   template:
     src: wazuh.yml.j2
-    dest: /usr/share/kibana/plugins/wazuh/wazuh.yml
+    dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml
     owner: kibana
     group: root
     mode: 0644

From 52f4907847affe4b4edde48838434b4ed480e386 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 24 Mar 2020 18:21:46 +0100
Subject: [PATCH 660/714] Updates to adapt ossec.conf templates to Wazuh v3.12
 default ones

---
 .../ansible-wazuh-agent/defaults/main.yml     | 136 +++++-------------
 .../var-ossec-etc-ossec-agent.conf.j2         |  28 +++-
 2 files changed, 61 insertions(+), 103 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 05b0fe8b..2e5bf4f0 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -87,8 +87,17 @@ wazuh_agent_config:
     scan_on_start: 'yes'
     auto_ignore: 'no'
     alert_new_files: 'yes'
-    win_audit_interval: 300
+    win_audit_interval: 60
     skip_nfs: 'yes'
+    skip_dev: 'yes'
+    skip_proc: 'yes'
+    skip_sys: 'yes'
+    process_priority: 10
+    max_eps: 100
+    sync_enabled: 'yes'
+    sync_interval: '5m'
+    sync_max_interval: '1h'
+    sync_max_eps: 10
     ignore:
       - /etc/mtab
       - /etc/hosts.deny
@@ -114,106 +123,39 @@ wazuh_agent_config:
       - /etc/ssl/private.key
     directories:
       - dirs: /etc,/usr/bin,/usr/sbin
-        checks: 'check_all="yes"'
+        checks: ''
       - dirs: /bin,/sbin,/boot
-        checks: 'check_all="yes"'
+        checks: ''
     win_directories:
-      - dirs: '%WINDIR%\regedit.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\system.ini'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\win.ini'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\at.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\attrib.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\cacls.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\cmd.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\drivers\etc'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\eventcreate.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\ftp.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\lsass.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\net.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\net1.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\netsh.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\reg.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\regedt32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\regsvr32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\runas.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\sc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\schtasks.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\sethc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\subst.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\wbem\WMIC.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\WindowsPowerShell\v1.0\powershell.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\SysNative\winrm.vbs'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\at.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\attrib.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\cacls.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\cmd.exe'
-        checks: 'check_all="yes"'
+      - dirs: '%WINDIR%'
+        checks: 'recursion_level="0" restrict="regedit.exe$|system.ini$|win.ini$"'
+      - dirs: '%WINDIR%\SysNative'
+        checks: >-
+          recursion_level="0" restrict="at.exe$|attrib.exe$|cacls.exe$|cmd.exe$|eventcreate.exe$|ftp.exe$|lsass.exe$|
+          net.exe$|net1.exe$|netsh.exe$|reg.exe$|regedt32.exe|regsvr32.exe|runas.exe|sc.exe|schtasks.exe|sethc.exe|subst.exe$"
+      - dirs: '%WINDIR%\SysNative\drivers\etc%'
+        checks: 'recursion_level="0"'
+      - dirs: '%WINDIR%\SysNative\wbem'
+        checks: 'recursion_level="0" restrict="WMIC.exe$"'
+      - dirs: '%WINDIR%\SysNative\WindowsPowerShell\v1.0'
+        checks: 'recursion_level="0" restrict="powershell.exe$"'
+      - dirs: '%WINDIR%\SysNative'
+        checks: 'recursion_level="0" restrict="winrm.vbs$"'
+      - dirs: '%WINDIR%\System32'
+        checks: >-
+          recursion_level="0" restrict="at.exe$|attrib.exe$|cacls.exe$|cmd.exe$|eventcreate.exe$|ftp.exe$|lsass.exe$|net.exe$|net1.exe$|
+          netsh.exe$|reg.exe$|regedit.exe$|regedt32.exe$|regsvr32.exe$|runas.exe$|sc.exe$|schtasks.exe$|sethc.exe$|subst.exe$"
       - dirs: '%WINDIR%\System32\drivers\etc'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\eventcreate.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\ftp.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\net.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\net1.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\netsh.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\reg.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\regedit.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\regedt32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\regsvr32.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\runas.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\sc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\schtasks.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\sethc.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\subst.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\wbem\WMIC.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\WindowsPowerShell\v1.0\powershell.exe'
-        checks: 'check_all="yes"'
-      - dirs: '%WINDIR%\System32\winrm.vbs'
-        checks: 'check_all="yes"'
+        checks: 'recursion_level="0"'
+      - dirs: '%WINDIR%\System32\wbem'
+        checks: 'recursion_level="0" restrict="WMIC.exe$"'
+      - dirs: '%WINDIR%\System32\WindowsPowerShell\v1.0'
+        checks: 'recursion_level="0" restrict="powershell.exe$"'
+      - dirs: '%WINDIR%\System32'
+        checks: 'recursion_level="0" restrict="winrm.vbs$"'
       - dirs: '%PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\Startup'
-        checks: 'check_all="yes" realtime="yes"'
+        checks: 'realtime="yes"'
+
     windows_registry:
       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\cmdfile'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 0c640cdc..28b6828a 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -61,7 +61,6 @@
     <skip_nfs>yes</skip_nfs>
     {% endif %}
     {% if ansible_os_family == "Windows" %}
-    <windows_audit>./shared/win_audit_rcl.txt</windows_audit>
     <windows_apps>./shared/win_applications_rcl.txt</windows_apps>
     <windows_malware>./shared/win_malware_rcl.txt</windows_malware>
     {% endif %}
@@ -186,13 +185,13 @@
   {% if wazuh_agent_config.sca.skip_nfs | length > 0 %}
     <skip_nfs>yes</skip_nfs>
   {% endif %}
-  {% if wazuh_agent_config.sca.day | length > 0 %}  
+  {% if wazuh_agent_config.sca.day | length > 0 %}
     <day>yes</day>
   {% endif %}
-  {% if wazuh_agent_config.sca.wday | length > 0 %}  
+  {% if wazuh_agent_config.sca.wday | length > 0 %}
     <wday>yes</wday>
   {% endif %}
-  {% if wazuh_agent_config.sca.time | length > 0 %}  
+  {% if wazuh_agent_config.sca.time | length > 0 %}
     <time>yes</time>
   {% endif %}
   </sca>
@@ -246,8 +245,11 @@
     {% for no_diff in wazuh_agent_config.syscheck.no_diff %}
     <nodiff>{{ no_diff }}</nodiff>
     {% endfor %}
-    
+
     <skip_nfs>{{ wazuh_agent_config.syscheck.skip_nfs }}</skip_nfs>
+    <skip_dev>{{ wazuh_agent_config.syscheck.skip_dev }}</skip_dev>
+    <skip_proc>{{ wazuh_agent_config.syscheck.skip_proc }}</skip_proc>
+    <skip_sys>{{ wazuh_agent_config.syscheck.skip_sys }}</skip_sys>
     {% endif %}
 
     {% if ansible_os_family == "Windows" %}
@@ -274,6 +276,20 @@
     <!-- Frequency for ACL checking (seconds) -->
     <windows_audit_interval>{{ wazuh_agent_config.syscheck.win_audit_interval }}</windows_audit_interval>
     {% endif %}
+
+      <!-- Nice value for Syscheck module -->
+    <process_priority>{{ wazuh_agent_config.syscheck.process_priority }}</process_priority>
+
+    <!-- Maximum output throughput -->
+    <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+
+    <!-- Database synchronization settings -->
+    <synchronization>
+      <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
+      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+    </synchronization>
   </syscheck>
   {% endif %}
 
@@ -292,7 +308,7 @@
   <!-- Files to monitor (localfiles) -->
   {% if ansible_system == "Linux" %}
   {% for localfile in wazuh_agent_config.localfiles.linux %}
-  
+
   <localfile>
     <log_format>{{ localfile.format }}</log_format>
     {% if localfile.format == 'command' or localfile.format == 'full_command' %}

From cd5a00633117dc94fda220133a71f67ab184e34a Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Tue, 24 Mar 2020 20:25:38 +0100
Subject: [PATCH 661/714] Update path for wazuh.yml

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index efd16de5..2e39391f 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -161,10 +161,15 @@
     validate_certs: no
     status_code: 200, 404
 
+- name: Create wazuh plugin config directory
+  file:
+    path: /usr/share/kibana/optimize/wazuh/config/
+    state: directory
+
 - name: Configure Wazuh Kibana Plugin
   template:
     src: wazuh.yml.j2
-    dest: /usr/share/kibana/plugins/wazuh/wazuh.yml
+    dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml
     owner: kibana
     group: root
     mode: 0644

From f625f0b310fe3a15d11a970535121d8de3426f34 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 12:49:49 +0100
Subject: [PATCH 662/714] Updating manager configuration templates and vars

---
 .../ansible-wazuh-agent/defaults/main.yml     |  4 ---
 .../ansible-wazuh-manager/defaults/main.yml   | 19 +++++++----
 .../var-ossec-etc-ossec-server.conf.j2        | 33 ++++++++++++++++---
 3 files changed, 40 insertions(+), 16 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 2e5bf4f0..7df27cc9 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -111,11 +111,7 @@ wazuh_agent_config:
       - /etc/cups/certs
       - /etc/dumpdates
       - /etc/svc/volatile
-      - /sys/kernel/security
-      - /sys/kernel/debug
-      - /dev/core
     ignore_linux_type:
-      - '^/proc'
       - '.log$|.swp$'
     ignore_win:
       - '.log$|.htm$|.jpg$|.png$|.chm$|.pnf$|.evtx$'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 8b4151de..ffd2925c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -105,7 +105,7 @@ wazuh_manager_config:
   authd:
     enable: true
     port: 1515
-    use_source_ip: 'yes'
+    use_source_ip: 'no'
     force_insert: 'yes'
     force_time: 0
     purge: 'yes'
@@ -166,24 +166,29 @@ wazuh_manager_config:
       - /etc/cups/certs
       - /etc/dumpdates
       - /etc/svc/volatile
-      - /sys/kernel/security
-      - /sys/kernel/debug
-      - /dev/core
     ignore_linux_type:
-      - '^/proc'
       - '.log$|.swp$'
     no_diff:
       - /etc/ssl/private.key
     directories:
       - dirs: /etc,/usr/bin,/usr/sbin
-        checks: 'check_all="yes"'
+        checks: ''
       - dirs: /bin,/sbin,/boot
-        checks: 'check_all="yes"'
+        checks: ''
     auto_ignore_frequency:
       frequency: 'frequency="10"'
       timeframe: 'timeframe="3600"'
       value: 'no'
     skip_nfs: 'yes'
+    skip_dev: 'yes'
+    skip_proc: 'yes'
+    skip_sys: 'yes'
+    process_priority: 10
+    max_eps: 100
+    sync_enabled: 'yes'
+    sync_interval: '5m'
+    sync_max_interval: '1h'
+    sync_max_eps: 10
   rootcheck:
     frequency: 43200
   openscap:
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index d4340c9b..1a6b59c7 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -245,13 +245,13 @@
   {% if wazuh_manager_config.sca.skip_nfs | length > 0 %}
     <skip_nfs>yes</skip_nfs>
   {% endif %}
-  {% if wazuh_manager_config.sca.day | length > 0 %}  
+  {% if wazuh_manager_config.sca.day | length > 0 %}
     <day>yes</day>
   {% endif %}
-  {% if wazuh_manager_config.sca.wday | length > 0 %}  
+  {% if wazuh_manager_config.sca.wday | length > 0 %}
     <wday>yes</wday>
   {% endif %}
-  {% if wazuh_manager_config.sca.time | length > 0 %}  
+  {% if wazuh_manager_config.sca.time | length > 0 %}
     <time>yes</time>
   {% endif %}
   </sca>
@@ -332,6 +332,29 @@
     {% if wazuh_manager_config.syscheck.skip_nfs is defined %}
     <skip_nfs>{{ wazuh_manager_config.syscheck.skip_nfs }}</skip_nfs>
     {% endif %}
+    {% if wazuh_manager_config.syscheck.skip_dev is defined %}
+    <skip_dev>{{ wazuh_manager_config.syscheck.skip_dev }}</skip_dev>
+    {% endif %}
+    {% if wazuh_manager_config.syscheck.skip_proc is defined %}
+    <skip_proc>{{ wazuh_manager_config.syscheck.skip_proc }}</skip_proc>
+    {% endif %}
+    {% if wazuh_manager_config.syscheck.skip_sys is defined %}
+    <skip_sys>{{ wazuh_manager_config.syscheck.skip_sys }}</skip_sys>
+    {% endif %}
+
+    <!-- Nice value for Syscheck module -->
+    <process_priority>{{ wazuh_agent_config.syscheck.process_priority }}</process_priority>
+
+    <!-- Maximum output throughput -->
+    <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+
+    <!-- Database synchronization settings -->
+    <synchronization>
+      <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
+      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+    </synchronization>
   </syscheck>
 
   <global>
@@ -470,7 +493,7 @@
 {% endfor %}
 {% endif -%}
 
-{% if ansible_os_family == "RedHat" %}  
+{% if ansible_os_family == "RedHat" %}
 {% for localfile in wazuh_manager_config.localfiles.centos %}
 
   <localfile>
@@ -578,7 +601,7 @@
     {% endif %}
     {% if wazuh_manager_config.authd.ciphers is not none %}
     <ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers>
-    {% endif %}    
+    {% endif %}
     {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
     <ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
     {% endif %}

From 245f4e7d6badda72c716bceada8198df2500f701 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 15:33:55 +0100
Subject: [PATCH 663/714] jinja template fixes

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2             | 6 +++---
 .../templates/var-ossec-etc-ossec-server.conf.j2            | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 28b6828a..ee71769e 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -286,9 +286,9 @@
     <!-- Database synchronization settings -->
     <synchronization>
       <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
-      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
-      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
-      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+      <interval>{{ wazuh_agent_config.syscheck.sync_interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.sync_max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.sync_max_eps }}</max_eps>
     </synchronization>
   </syscheck>
   {% endif %}
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 1a6b59c7..88620e7d 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -351,9 +351,9 @@
     <!-- Database synchronization settings -->
     <synchronization>
       <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
-      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
-      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
-      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+      <interval>{{ wazuh_agent_config.syscheck.sync_interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.sync_max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.sync_max_eps }}</max_eps>
     </synchronization>
   </syscheck>
 

From 0019c7fdf28b83d57d6994567b7dc1803b211af2 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 12:49:49 +0100
Subject: [PATCH 664/714] Updating manager configuration templates and vars

---
 .../ansible-wazuh-agent/defaults/main.yml     |  4 ---
 .../ansible-wazuh-manager/defaults/main.yml   | 19 +++++++----
 .../var-ossec-etc-ossec-server.conf.j2        | 33 ++++++++++++++++---
 3 files changed, 40 insertions(+), 16 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 75c21d3c..953da95e 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -111,11 +111,7 @@ wazuh_agent_config:
       - /etc/cups/certs
       - /etc/dumpdates
       - /etc/svc/volatile
-      - /sys/kernel/security
-      - /sys/kernel/debug
-      - /dev/core
     ignore_linux_type:
-      - '^/proc'
       - '.log$|.swp$'
     ignore_win:
       - '.log$|.htm$|.jpg$|.png$|.chm$|.pnf$|.evtx$'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index a4ce627f..db4f8841 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -105,7 +105,7 @@ wazuh_manager_config:
   authd:
     enable: true
     port: 1515
-    use_source_ip: 'yes'
+    use_source_ip: 'no'
     force_insert: 'yes'
     force_time: 0
     purge: 'yes'
@@ -166,24 +166,29 @@ wazuh_manager_config:
       - /etc/cups/certs
       - /etc/dumpdates
       - /etc/svc/volatile
-      - /sys/kernel/security
-      - /sys/kernel/debug
-      - /dev/core
     ignore_linux_type:
-      - '^/proc'
       - '.log$|.swp$'
     no_diff:
       - /etc/ssl/private.key
     directories:
       - dirs: /etc,/usr/bin,/usr/sbin
-        checks: 'check_all="yes"'
+        checks: ''
       - dirs: /bin,/sbin,/boot
-        checks: 'check_all="yes"'
+        checks: ''
     auto_ignore_frequency:
       frequency: 'frequency="10"'
       timeframe: 'timeframe="3600"'
       value: 'no'
     skip_nfs: 'yes'
+    skip_dev: 'yes'
+    skip_proc: 'yes'
+    skip_sys: 'yes'
+    process_priority: 10
+    max_eps: 100
+    sync_enabled: 'yes'
+    sync_interval: '5m'
+    sync_max_interval: '1h'
+    sync_max_eps: 10
   rootcheck:
     frequency: 43200
   openscap:
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index d4340c9b..1a6b59c7 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -245,13 +245,13 @@
   {% if wazuh_manager_config.sca.skip_nfs | length > 0 %}
     <skip_nfs>yes</skip_nfs>
   {% endif %}
-  {% if wazuh_manager_config.sca.day | length > 0 %}  
+  {% if wazuh_manager_config.sca.day | length > 0 %}
     <day>yes</day>
   {% endif %}
-  {% if wazuh_manager_config.sca.wday | length > 0 %}  
+  {% if wazuh_manager_config.sca.wday | length > 0 %}
     <wday>yes</wday>
   {% endif %}
-  {% if wazuh_manager_config.sca.time | length > 0 %}  
+  {% if wazuh_manager_config.sca.time | length > 0 %}
     <time>yes</time>
   {% endif %}
   </sca>
@@ -332,6 +332,29 @@
     {% if wazuh_manager_config.syscheck.skip_nfs is defined %}
     <skip_nfs>{{ wazuh_manager_config.syscheck.skip_nfs }}</skip_nfs>
     {% endif %}
+    {% if wazuh_manager_config.syscheck.skip_dev is defined %}
+    <skip_dev>{{ wazuh_manager_config.syscheck.skip_dev }}</skip_dev>
+    {% endif %}
+    {% if wazuh_manager_config.syscheck.skip_proc is defined %}
+    <skip_proc>{{ wazuh_manager_config.syscheck.skip_proc }}</skip_proc>
+    {% endif %}
+    {% if wazuh_manager_config.syscheck.skip_sys is defined %}
+    <skip_sys>{{ wazuh_manager_config.syscheck.skip_sys }}</skip_sys>
+    {% endif %}
+
+    <!-- Nice value for Syscheck module -->
+    <process_priority>{{ wazuh_agent_config.syscheck.process_priority }}</process_priority>
+
+    <!-- Maximum output throughput -->
+    <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+
+    <!-- Database synchronization settings -->
+    <synchronization>
+      <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
+      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+    </synchronization>
   </syscheck>
 
   <global>
@@ -470,7 +493,7 @@
 {% endfor %}
 {% endif -%}
 
-{% if ansible_os_family == "RedHat" %}  
+{% if ansible_os_family == "RedHat" %}
 {% for localfile in wazuh_manager_config.localfiles.centos %}
 
   <localfile>
@@ -578,7 +601,7 @@
     {% endif %}
     {% if wazuh_manager_config.authd.ciphers is not none %}
     <ciphers>{{wazuh_manager_config.authd.ciphers}}</ciphers>
-    {% endif %}    
+    {% endif %}
     {% if wazuh_manager_config.authd.ssl_agent_ca is not none %}
     <ssl_agent_ca>/var/ossec/etc/{{wazuh_manager_config.authd.ssl_agent_ca | basename}}</ssl_agent_ca>
     {% endif %}

From 6b57e195b868dc74183c020abe614c55118a7007 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 15:33:55 +0100
Subject: [PATCH 665/714] jinja template fixes

---
 .../templates/var-ossec-etc-ossec-agent.conf.j2             | 6 +++---
 .../templates/var-ossec-etc-ossec-server.conf.j2            | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index 28b6828a..ee71769e 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -286,9 +286,9 @@
     <!-- Database synchronization settings -->
     <synchronization>
       <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
-      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
-      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
-      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+      <interval>{{ wazuh_agent_config.syscheck.sync_interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.sync_max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.sync_max_eps }}</max_eps>
     </synchronization>
   </syscheck>
   {% endif %}
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 1a6b59c7..88620e7d 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -351,9 +351,9 @@
     <!-- Database synchronization settings -->
     <synchronization>
       <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
-      <interval>{{ wazuh_agent_config.syscheck.interval }}</interval>
-      <max_interval>{{ wazuh_agent_config.syscheck.max_interval }}</max_interval>
-      <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+      <interval>{{ wazuh_agent_config.syscheck.sync_interval }}</interval>
+      <max_interval>{{ wazuh_agent_config.syscheck.sync_max_interval }}</max_interval>
+      <max_eps>{{ wazuh_agent_config.syscheck.sync_max_eps }}</max_eps>
     </synchronization>
   </syscheck>
 

From 1d6988768f5da3f8fa5bad0c047188e5f8726dab Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 16:23:46 +0100
Subject: [PATCH 666/714] Minor jinja template fixes

---
 .../templates/var-ossec-etc-ossec-server.conf.j2     | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 88620e7d..998900b2 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -343,17 +343,17 @@
     {% endif %}
 
     <!-- Nice value for Syscheck module -->
-    <process_priority>{{ wazuh_agent_config.syscheck.process_priority }}</process_priority>
+    <process_priority>{{ wazuh_manager_config.syscheck.process_priority }}</process_priority>
 
     <!-- Maximum output throughput -->
-    <max_eps>{{ wazuh_agent_config.syscheck.max_eps }}</max_eps>
+    <max_eps>{{ wazuh_manager_config.syscheck.max_eps }}</max_eps>
 
     <!-- Database synchronization settings -->
     <synchronization>
-      <enabled>{{ wazuh_agent_config.syscheck.sync_enabled }}</enabled>
-      <interval>{{ wazuh_agent_config.syscheck.sync_interval }}</interval>
-      <max_interval>{{ wazuh_agent_config.syscheck.sync_max_interval }}</max_interval>
-      <max_eps>{{ wazuh_agent_config.syscheck.sync_max_eps }}</max_eps>
+      <enabled>{{ wazuh_manager_config.syscheck.sync_enabled }}</enabled>
+      <interval>{{ wazuh_manager_config.syscheck.sync_interval }}</interval>
+      <max_interval>{{ wazuh_manager_config.syscheck.sync_max_interval }}</max_interval>
+      <max_eps>{{ wazuh_manager_config.syscheck.sync_max_eps }}</max_eps>
     </synchronization>
   </syscheck>
 

From ec9a4b61c7e8f5d94a69dd00b710a3274c3e6dec Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 17:57:38 +0100
Subject: [PATCH 667/714] v3.12 changelog

---
 CHANGELOG.md | 38 ++++++++++++++++++++++++++++----------
 1 file changed, 28 insertions(+), 10 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 213cb432..60673b65 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,25 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.12.0_7.6.1]
+
+### Added
+
+- Update to Wazuh v3.12.0
+- Added registration address variable to wazuh-agent playbook ([@Zenidd](https://github.com/Zenidd)) [PR#392](https://github.com/wazuh/wazuh-ansible/pull/392)
+
+### Changed
+
+- Bump NodeJS version to 10.x ([@manuasir](https://github.com/manuasir)) [PR#386](https://github.com/wazuh/wazuh-ansible/pull/386)
+- Add flag to enable/disable Windows MD5 check ([@jm404](https://github.com/jm404)) [PR#383](https://github.com/wazuh/wazuh-ansible/pull/383)
+- Rule paths are now relative to playbooks. ([@Zenidd ](https://github.com/Zenidd)) [PR#393](https://github.com/wazuh/wazuh-ansible/pull/393)
+
+### Fixed
+
+- Removed bad formed XML comments. ([@manuasir](https://github.com/manuasir)) [PR#391](https://github.com/wazuh/wazuh-ansible/pull/391)
+- NodeJS node_options variable and Kibana plugin optimization fix. ([@Zenidd](https://github.com/Zenidd)) [PR#385](https://github.com/wazuh/wazuh-ansible/pull/385)
+- Restrictive permissions for certificate files. ([@Zenidd](https://github.com/Zenidd)) [PR#382](https://github.com/wazuh/wazuh-ansible/pull/382)
+
 ## [v3.11.4_7.6.1]
 
 ### Added
@@ -70,7 +89,7 @@ All notable changes to this project will be documented in this file.
 - Added support for environments with low disk space ([@xr09](https://github.com/xr09)) [PR#281](https://github.com/wazuh/wazuh-ansible/pull/281)
 
 - Add parameters to configure an Elasticsearch coordinating node ([@jm404](https://github.com/jm404)) [PR#292](https://github.com/wazuh/wazuh-ansible/pull/292)
- 
+
 
 ### Changed
 
@@ -121,7 +140,7 @@ All notable changes to this project will be documented in this file.
 
 ### Added
 
-- Update to Wazuh v3.10.0 
+- Update to Wazuh v3.10.0
 
 ### Changed
 
@@ -143,14 +162,14 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.9.5_7.2.1]
 
-### Added 
+### Added
 
 - Update to Wazuh v3.9.5
 - Update to Elastic Stack to v7.2.1
 
 ## [v3.9.4_7.2.0]
 
-### Added 
+### Added
 
 - Support for registring agents behind NAT [@jheikki100](https://github.com/jheikki100) [#208](https://github.com/wazuh/wazuh-ansible/pull/208)
 
@@ -164,7 +183,7 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.9.3_7.2.0]
 
-### Added 
+### Added
 - Update to Wazuh v3.9.3 ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
 - Added Versioning Control for Wazuh stack's components installation, so now it's possible to specify which package to install for wazuh-manager, wazuh-agent, Filebeat, Elasticsearch and Kibana. ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
 - Fixes for Molecule testing issues. Issues such as Ansible-Lint and None-Idempotent tasks. ([rshad](https://github.com/rshad) [PR#206](https://github.com/wazuh/wazuh-ansible/pull/206#))
@@ -174,7 +193,7 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.9.2_7.1.1]
 
-### Added 
+### Added
 
 - Update to Wazuh v3.9.2
 - Support for Elastic 7
@@ -182,13 +201,13 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.9.2_6.8.0]
 
-### Added 
+### Added
 
 - Update to Wazuh v3.9.2
 
 ## [v3.9.1]
 
-### Added 
+### Added
 
 - Update to Wazuh v3.9.1
 - Support for ELK v6.8.0
@@ -216,7 +235,7 @@ All notable changes to this project will be documented in this file.
 
 ## [v3.8.2]
 
-### Changed 
+### Changed
 
 - Update to Wazuh version v3.8.2. ([#150](https://github.com/wazuh/wazuh-ansible/pull/150))
 
@@ -316,4 +335,3 @@ Roles:
    - ansible-filebeat: This role is prepared to install filebeat on the host that runs it.
    - ansible-wazuh-manager: With this role we will install Wazuh manager and Wazuh API on the host that runs it.
    - ansible-wazuh-agent: Using this role we will install Wazuh agent on the host that runs it and is able to register it.
-

From 02d945bed402b9d0a7ebfe69130841d29013a2b8 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 18:07:29 +0100
Subject: [PATCH 668/714] Empty custom agent packages url

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 953da95e..8041962f 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -5,8 +5,8 @@ wazuh_agent_version: 3.12.0-1
 # Custom packages installation
 
 wazuh_custom_packages_installation_agent_enabled: false
-wazuh_custom_packages_installation_agent_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-agent_3.12.0-0.3319fimreworksqlite_amd64.deb"
-wazuh_custom_packages_installation_agent_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-agent-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
+wazuh_custom_packages_installation_agent_deb_url: ""
+wazuh_custom_packages_installation_agent_rpm_url: ""
 
 # Sources installation
 

From f518635a11142d673ad18ac5f44071615f6a68b7 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 25 Mar 2020 18:20:30 +0100
Subject: [PATCH 669/714] Changelog minor fix

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 60673b65..520661ef 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,8 @@ All notable changes to this project will be documented in this file.
 - Bump NodeJS version to 10.x ([@manuasir](https://github.com/manuasir)) [PR#386](https://github.com/wazuh/wazuh-ansible/pull/386)
 - Add flag to enable/disable Windows MD5 check ([@jm404](https://github.com/jm404)) [PR#383](https://github.com/wazuh/wazuh-ansible/pull/383)
 - Rule paths are now relative to playbooks. ([@Zenidd ](https://github.com/Zenidd)) [PR#393](https://github.com/wazuh/wazuh-ansible/pull/393)
+- Add the option to create agent groups and add an agent to 1 or more group. ([@rshad](https://github.com/rshad)) [PR#361](https://github.com/wazuh/wazuh-ansible/pull/361)
+
 
 ### Fixed
 

From 9cdce6e988d697022ffe6546185157fe9befc66c Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Thu, 26 Mar 2020 14:43:47 +0100
Subject: [PATCH 670/714] Fix permissions

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 2e39391f..27673060 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -165,6 +165,10 @@
   file:
     path: /usr/share/kibana/optimize/wazuh/config/
     state: directory
+    recurse: yes
+    owner: kibana
+    group: kibana
+    mode: '0755'
 
 - name: Configure Wazuh Kibana Plugin
   template:

From 605ec63caf4549156b82283d199b5b470cc487ea Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 2 Apr 2020 15:03:08 +0200
Subject: [PATCH 671/714] Removed duplicated block

---
 .../ansible-elasticsearch/tasks/Debian.yml             | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
index 74c6bcf2..20f4231b 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml
@@ -18,16 +18,6 @@
     - ansible_distribution == "Ubuntu"
     - ansible_distribution_major_version | int == 14
 
-- name: Update and upgrade apt packages
-  become: true
-  apt:
-    upgrade: yes
-    update_cache: yes
-    cache_valid_time: 86400 #One day
-  when:
-    - ansible_distribution == "Ubuntu"
-    - ansible_distribution_major_version | int == 14
-
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
     url: "{{ elasticrepo.gpg }}"

From 488508815baeedb88e8564c509c05d88ce520081 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 6 Apr 2020 15:39:33 +0200
Subject: [PATCH 672/714] Removing owner:group and permissions masks to be
 idempotence compliant

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 27673060..2129c0df 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -166,17 +166,11 @@
     path: /usr/share/kibana/optimize/wazuh/config/
     state: directory
     recurse: yes
-    owner: kibana
-    group: kibana
-    mode: '0755'
 
 - name: Configure Wazuh Kibana Plugin
   template:
     src: wazuh.yml.j2
     dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml
-    owner: kibana
-    group: root
-    mode: 0644
 
 - name: Reload systemd configuration
   systemd:

From 2d8029d6bfab09ebd5d4f7a16a249bfd3c46fe0a Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 6 Apr 2020 16:41:24 +0200
Subject: [PATCH 673/714] Removing python-cryptography module

---
 .../ansible-wazuh-manager/tasks/RedHat.yml    | 20 -------------------
 1 file changed, 20 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
index cb0dbf5a..2e0751fd 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml
@@ -62,25 +62,6 @@
     - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
     - wazuh_manager_config.cluster.disable != 'yes'
 
-- name: CentOS/RedHat 6 | Install python-cryptography module
-  pip: name=cryptography state=present
-  register: wazuh_manager_cryptography_package_installed
-  until: wazuh_manager_cryptography_package_installed is succeeded
-  environment:
-    PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}"
-    LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib"
-  when:
-    - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
-    - wazuh_manager_config.cluster.disable != 'yes'
-
-- name: RedHat/CentOS/Fedora | Install python-cryptography module
-  package: name=python-cryptography state=present
-  register: wazuh_manager_cryptography_package_installed
-  until: wazuh_manager_cryptography_package_installed is succeeded
-  when:
-    - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' )
-    - wazuh_manager_config.cluster.disable != 'yes'
-
 - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
   yum: name=java-1.8.0-openjdk state=present
   when:
@@ -168,4 +149,3 @@
     - ansible_distribution_major_version|int < 6
   tags:
     - init
-

From 584950532f658ca0d5d1dd5c1f83b1e61708ddc5 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 7 Apr 2020 11:41:00 +0200
Subject: [PATCH 674/714] Replacing Oracle Java with OpenJDK 1.8

---
 .../ansible-wazuh-agent/tasks/RedHat.yml      | 20 ++-----------------
 1 file changed, 2 insertions(+), 18 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 8dbd2452..17d97c96 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -27,30 +27,14 @@
     - not wazuh_agent_sources_installation.enabled
     - not wazuh_custom_packages_installation_agent_enabled
 
-- name: RedHat/CentOS/Fedora | download Oracle Java RPM
-  get_url:
-    url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
-    dest: /tmp/jre-8-linux-x64.rpm
-    headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
-  register: oracle_java_task_rpm_download
-  until: oracle_java_task_rpm_download is succeeded
+- name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
+  yum: name=java-1.8.0-openjdk state=present
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
     - wazuh_agent_config.cis_cat.install_java == 'yes'
   tags:
     - init
 
-- name: RedHat/CentOS/Fedora | Install Oracle Java RPM
-  package: name=/tmp/jre-8-linux-x64.rpm state=present
-  register: wazuh_agent_java_package_install
-  until: wazuh_agent_java_package_install is succeeded
-  when:
-    - wazuh_agent_config.cis_cat.disable == 'no'
-    - wazuh_agent_config.cis_cat.install_java == 'yes'
-    - oracle_java_task_rpm_download is defined
-  tags:
-    - init
-
 - name: Set Distribution CIS filename for RHEL5
   set_fact:
     cis_distribution_filename: cis_rhel5_linux_rcl.txt

From dbeb8b31fb18d802f23780df5f8070f946caddf9 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Tue, 7 Apr 2020 18:54:12 +0200
Subject: [PATCH 675/714] First OpenDistro default installation

---
 playbooks/wazuh-opendistro.yml                |   4 +
 .../defaults/main.yml                         |  19 +++
 .../handlers/main.yml                         |   3 +
 .../opendistro-elasticsearch/meta/main.yml    |  24 ++++
 .../tasks/RMRedHat.yml                        |   6 +
 .../opendistro-elasticsearch/tasks/RedHat.yml |  36 ++++++
 .../opendistro-elasticsearch/tasks/main.yml   |  58 +++++++++
 .../templates/jvm.options.j2                  | 117 ++++++++++++++++++
 8 files changed, 267 insertions(+)
 create mode 100644 playbooks/wazuh-opendistro.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/defaults/main.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/handlers/main.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/meta/main.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/tasks/RMRedHat.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/tasks/main.yml
 create mode 100644 roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2

diff --git a/playbooks/wazuh-opendistro.yml b/playbooks/wazuh-opendistro.yml
new file mode 100644
index 00000000..d146ee3c
--- /dev/null
+++ b/playbooks/wazuh-opendistro.yml
@@ -0,0 +1,4 @@
+---
+- hosts: 172.16.0.161
+  roles:
+    - role: ../roles/opendistro/opendistro-elasticsearch
diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
new file mode 100644
index 00000000..f6dd905b
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -0,0 +1,19 @@
+---
+# The OpenDistro version
+opendistro_version: 1.6.0
+
+# The OpenDistro package repository
+package_repos:
+  yum: 
+    opendistro: 
+      baseurl: 'https://d3g5vo6xdbdb9a.cloudfront.net/yum/noarch/'
+      gpg: 'https://d3g5vo6xdbdb9a.cloudfront.net/GPG-KEY-opendistroforelasticsearch'
+    elasticsearch_oss:
+      baseurl: 'https://artifacts.elastic.co/packages/oss-7.x/yum'
+      gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+
+# Security password
+opendistro_security_password: admin
+
+# Set JVM memory limits
+elasticsearch_jvm_xms: null
\ No newline at end of file
diff --git a/roles/opendistro/opendistro-elasticsearch/handlers/main.yml b/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
new file mode 100644
index 00000000..a4c1162a
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
@@ -0,0 +1,3 @@
+---
+- name: restart elasticsearch
+  service: name=elasticsearch state=restarted
diff --git a/roles/opendistro/opendistro-elasticsearch/meta/main.yml b/roles/opendistro/opendistro-elasticsearch/meta/main.yml
new file mode 100644
index 00000000..e09933c7
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/meta/main.yml
@@ -0,0 +1,24 @@
+---
+galaxy_info:
+  author: Wazuh
+  description: Installing and maintaining Opendistro server.
+  company: wazuh.com
+  license: license (GPLv3)
+  min_ansible_version: 2.0
+  platforms:
+    - name: EL
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: Debian
+      versions:
+        - all
+    - name: Fedora
+      versions:
+        - all
+  galaxy_tags:
+    - web
+    - system
+    - monitoring
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RMRedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RMRedHat.yml
new file mode 100644
index 00000000..46989361
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RMRedHat.yml
@@ -0,0 +1,6 @@
+---
+- name: RedHat/CentOS/Fedora | Remove Elasticsearch repository (and clean up left-over metadata)
+  yum_repository:
+    name: elastic_repo_7
+    state: absent
+  changed_when: false
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
new file mode 100644
index 00000000..c212b007
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -0,0 +1,36 @@
+---
+
+- name: RedHat/CentOS/Fedora | Add OpenDistro repo
+  yum_repository:
+    file: opendistro
+    name: opendistro_repo
+    description: Opendistro yum repository
+    baseurl: "{{ package_repos.yum.opendistro.baseurl }}"
+    gpgkey: "{{ package_repos.yum.opendistro.gpg }}"
+    gpgcheck: true
+  changed_when: false
+
+- name: RedHat/CentOS/Fedora | Add Elasticsearch-oss repo
+  yum_repository:
+    file: opendistro
+    name: elasticsearch_oss_repo
+    description: Elasticsearch-oss yum repository
+    baseurl: "{{ package_repos.yum.elasticsearch_oss.baseurl }}"
+    gpgkey: "{{ package_repos.yum.elasticsearch_oss.gpg }}"
+    gpgcheck: true
+  changed_when: false
+
+- name: RedHat/CentOS/Fedora | Install OpenJDK 11
+  yum: name=java-11-openjdk-devel state=present
+
+- name: RedHat/CentOS/Fedora | Install OpenDistro dependencies
+  yum:
+    name: "{{ packages }}"
+  vars:
+    packages:
+    - wget
+    - unzip
+
+- name: RedHat/CentOS/Fedora | Install OpenDistro
+  package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
+  tags: install
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
new file mode 100644
index 00000000..b58afe7a
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -0,0 +1,58 @@
+---
+- import_tasks: RedHat.yml
+  when: ansible_os_family == 'RedHat'
+
+- import_tasks: Debian.yml
+  when: ansible_os_family == "Debian"
+
+- name: Configure OpenDistro Elasticsearch JVM memmory.
+  template:
+    src: jvm.options.j2
+    dest: /etc/elasticsearch/jvm.options
+    owner: root
+    group: elasticsearch
+    mode: 0660
+  notify: restart elasticsearch
+  tags: configure
+
+# fix in new PR (ignore_errors)
+
+- import_tasks: "RMRedHat.yml"
+  when: ansible_os_family == "RedHat"
+
+
+- name: Ensure Elasticsearch started and enabled
+  service:
+    name: elasticsearch
+    enabled: true
+    state: started
+  tags:
+    - configure
+    - init
+
+- name: Make sure Elasticsearch is running before proceeding
+  wait_for: host=localhost port=9200 delay=3 timeout=400
+  tags:
+    - configure
+    - init
+
+- import_tasks: "RMRedHat.yml"
+  when: ansible_os_family == "RedHat"
+
+- import_tasks: "RMDebian.yml"
+  when: ansible_os_family == "Debian"
+
+- name: Wait for Elasticsearch API
+  uri:
+    url: "https://localhost:9200/_cluster/health/"
+    user: "admin" # Default Elasticsearch user is always "elastic"
+    password: "{{ opendistro_security_password }}"
+    validate_certs: no
+    status_code: 200,401
+    return_content: yes
+    timeout: 4
+  register: _result
+  until: (  _result.json is defined) and (_result.json.status == "green")
+  retries: 24
+  delay: 5
+
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2 b/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2
new file mode 100644
index 00000000..c43ce401
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2
@@ -0,0 +1,117 @@
+#jinja2: trim_blocks:False
+# {{ ansible_managed }}
+## JVM configuration
+
+################################################################
+## IMPORTANT: JVM heap size
+################################################################
+##
+## You should always set the min and max JVM heap
+## size to the same value. For example, to set
+## the heap to 4 GB, set:
+##
+## -Xms4g
+## -Xmx4g
+##
+## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
+## for more information
+##
+################################################################
+
+# Xms represents the initial size of total heap space
+# Xmx represents the maximum size of total heap space
+
+# Xms represents the initial size of total heap space
+# Xmx represents the maximum size of total heap space
+{% if elasticsearch_jvm_xms is not none %}
+{% if elasticsearch_jvm_xms < 32000 %}
+-Xms{{ elasticsearch_jvm_xms }}m
+-Xmx{{ elasticsearch_jvm_xms }}m
+{% else %}
+-Xms32000m
+-Xmx32000m
+{% endif %}
+{% else %}
+-Xms{% if ansible_memtotal_mb < 64000 %}{{ ((ansible_memtotal_mb|int)/2)|int }}m{% else %}32000m{% endif %}
+-Xmx{% if ansible_memtotal_mb < 64000 %}{{ ((ansible_memtotal_mb|int)/2)|int }}m{% else %}32000m{% endif %}
+{% endif %}
+
+################################################################
+## Expert settings
+################################################################
+##
+## All settings below this section are considered
+## expert settings. Don't tamper with them unless
+## you understand what you are doing
+##
+################################################################
+
+## GC configuration
+-XX:+UseConcMarkSweepGC
+-XX:CMSInitiatingOccupancyFraction=75
+-XX:+UseCMSInitiatingOccupancyOnly
+
+## optimizations
+
+# pre-touch memory pages used by the JVM during initialization
+-XX:+AlwaysPreTouch
+
+## basic
+
+# force the server VM
+-server
+
+# explicitly set the stack size
+-Xss1m
+
+# set to headless, just in case
+-Djava.awt.headless=true
+
+# ensure UTF-8 encoding by default (e.g. filenames)
+-Dfile.encoding=UTF-8
+
+# use our provided JNA always versus the system one
+-Djna.nosys=true
+
+# turn off a JDK optimization that throws away stack traces for common
+# exceptions because stack traces are important for debugging
+-XX:-OmitStackTraceInFastThrow
+
+# flags to configure Netty
+-Dio.netty.noUnsafe=true
+-Dio.netty.noKeySetOptimization=true
+-Dio.netty.recycler.maxCapacityPerThread=0
+
+# log4j 2
+-Dlog4j.shutdownHookEnabled=false
+-Dlog4j2.disable.jmx=true
+
+## heap dumps
+
+# generate a heap dump when an allocation from the Java heap fails
+# heap dumps are created in the working directory of the JVM
+-XX:+HeapDumpOnOutOfMemoryError
+
+# specify an alternative path for heap dumps
+# ensure the directory exists and has sufficient space
+-XX:HeapDumpPath=/var/lib/elasticsearch
+
+## GC logging
+
+#-XX:+PrintGCDetails
+#-XX:+PrintGCTimeStamps
+#-XX:+PrintGCDateStamps
+#-XX:+PrintClassHistogram
+#-XX:+PrintTenuringDistribution
+#-XX:+PrintGCApplicationStoppedTime
+
+# log GC status to a file with time stamps
+# ensure the directory exists
+#-Xloggc:${loggc}
+
+# By default, the GC log file will not rotate.
+# By uncommenting the lines below, the GC log file
+# will be rotated every 128MB at most 32 times.
+#-XX:+UseGCLogFileRotation
+#-XX:NumberOfGCLogFiles=32
+#-XX:GCLogFileSize=128M

From 6e12764ff53d8ef8151644b5d9b4c95d39bf98f1 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Wed, 8 Apr 2020 14:06:53 +0200
Subject: [PATCH 676/714] Setting optimize --max-old-space-size default value
 to 2048mb

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 2ac2cde5..43f413e6 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,4 +50,4 @@ build_from_sources: false
 wazuh_plugin_branch: 3.12-7.6
 
 #Nodejs NODE_OPTIONS
-node_options: --max-old-space-size=4096
+node_options: --max-old-space-size=2048

From 9fc2b1e3c493ecc33cf34a708b7b1362d989bb4c Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 8 Apr 2020 17:38:44 +0200
Subject: [PATCH 677/714] Added opendistro tasks and templates

---
 .../defaults/main.yml                         |  69 ++++++++++-
 .../opendistro-elasticsearch/tasks/RedHat.yml | 115 ++++++++++++++++++
 .../opendistro-elasticsearch/tasks/main.yml   |  21 +---
 .../templates/elasticsearch.yml.j2            |  22 ++++
 .../templates/tlsconfig.yml.j2                |  47 +++++++
 5 files changed, 257 insertions(+), 17 deletions(-)
 create mode 100644 roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2
 create mode 100644 roles/opendistro/opendistro-elasticsearch/templates/tlsconfig.yml.j2

diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
index f6dd905b..f1bff651 100644
--- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -2,6 +2,19 @@
 # The OpenDistro version
 opendistro_version: 1.6.0
 
+elasticsearch_cluster_name: wazuh-cluster
+
+# Minimum master nodes in cluster, 2 for 3 nodes elasticsearch cluster
+minimum_master_nodes: 2
+
+# Elasticsearch version
+es_version: "7.3.2"
+es_major_version: "7.x"
+
+# Configure hostnames for Elasticsearch nodes
+# Example es1.example.com, es2.example.com
+domain_name: example.com
+
 # The OpenDistro package repository
 package_repos:
   yum: 
@@ -12,8 +25,60 @@ package_repos:
       baseurl: 'https://artifacts.elastic.co/packages/oss-7.x/yum'
       gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
 
+populate_inventory_to_hosts_file: true
+
+es_plugin_bin_path: /usr/share/elasticsearch/bin/elasticsearch-plugin
+es_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
+es_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools
+
+es_nodes: |-
+        {% for item in groups['es-cluster'] -%}
+          {{ hostvars[item]['ip'] }}{% if not loop.last %}","{% endif %}
+        {%- endfor %}
+
 # Security password
 opendistro_security_password: admin
-
 # Set JVM memory limits
-elasticsearch_jvm_xms: null
\ No newline at end of file
+opendistro_jvm_xms: null
+
+opendistro_http_port: 9200
+opendistro_network_host: 127.0.0.1
+opendistro_reachable_host: 127.0.0.1
+opendistro_jvm_xms: null
+elastic_stack_version: 7.6.1
+opendistro_lower_disk_requirements: false
+
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-opendistro'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+
+# Cluster Settings
+single_node: true
+opendistro_cluster_name: wazuh
+opendistro_node_name: node-1
+opendistro_bootstrap_node: false
+opendistro_node_master: false
+opendistro_cluster_nodes:
+  - 127.0.0.1
+opendistro_discovery_nodes:
+  - 127.0.0.1
+opendistro_node_data: true
+opendistro_node_ingest: true
+
+# X-Pack Security 
+opendistro_xpack_security: false
+opendistro_xpack_security_user: elastic
+opendistro_xpack_security_password: elastic_pass
+
+node_certs_generator: false
+node_certs_source: /usr/share/elasticsearch
+node_certs_destination: /etc/elasticsearch/certs
+
+# CA generation
+master_certs_path: /es_certs
+generate_CA: true
+ca_key_name: ""
+ca_cert_name: ""
+ca_password: ""
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index c212b007..64b48b7f 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -34,3 +34,118 @@
 - name: RedHat/CentOS/Fedora | Install OpenDistro
   package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
   tags: install
+
+## Here we are going to use self-signed certificates for Transport (Node-Node communication) & REST API layer
+## Using searchguard offline TLS tool to create node & root certificates
+- name: RedHat/CentOS/Fedora | Create local temporary directory for certificates generation
+  local_action:
+    module: file
+    path: /tmp/opendistro-nodecerts
+    state: directory
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Download certificates generation tool
+  local_action:
+    module: get_url
+    url: https://search.maven.org/remotecontent?filepath=com/floragunn/search-guard-tlstool/1.5/search-guard-tlstool-1.5.zip
+    dest: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Extract the certificates generation tool
+  local_action: command chdir=/tmp/opendistro-nodecerts tar -xvf search-guard-tlstool.zip
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Add the execution bit to the binary
+  local_action:
+    module: file
+    dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
+    mode: a+x
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
+  local_action:
+    module: template
+    src: tlsconfig.yml
+    dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Generate the node & admin certificates in local
+  local_action:
+    module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Copy the node & admin certificates to Elasticsearch cluster
+  copy:
+    src: "/tmp/opendistro-nodecerts/config/{{ item }}"
+    dest: /etc/elasticsearch/
+    mode: 0644
+  with_items:
+    - root-ca.pem
+    - root-ca.key
+    - "{{ inventory_hostname }}.key"
+    - "{{ inventory_hostname }}.pem"
+    - "{{ inventory_hostname }}_http.key"
+    - "{{ inventory_hostname }}_http.pem"
+    - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
+    - admin.key
+    - admin.pem
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Copy the opendistro security configuration file to cluster
+  blockinfile:
+    block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
+    dest: "{{ conf_dir }}/elasticsearch.yml"
+    backup: yes
+    insertafter: EOF
+    marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Prepare the opendistro security configuration file
+  command: sed -i 's/searchguard/opendistro_security/g' {{ conf_dir }}/elasticsearch.yml
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Restart elasticsearch with security configuration
+  systemd:
+    name: elasticsearch
+    state: restarted
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Copy the opendistro security internal users template
+  template:
+    src: internal_users.yml
+    dest: "{{ es_sec_plugin_conf_path }}/internal_users.yml"
+    mode: 0644
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Set the Admin user password
+  shell: >
+    sed -i 's,{{ admin_password }},'$(sh {{ es_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
+    {{ es_sec_plugin_conf_path }}/internal_users.yml
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Set the kibanaserver user pasword
+  shell: >
+    sed -i 's,{{ kibanaserver_password }},'$(sh {{ es_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
+    {{ es_sec_plugin_conf_path }}/internal_users.yml
+  run_once: true
+  when: install.changed
+
+- name: RedHat/CentOS/Fedora | Initialize the opendistro security index in elasticsearch
+  shell: >
+    sh {{ es_sec_plugin_tools_path }}/securityadmin.sh
+    -cacert {{ conf_dir }}/root-ca.pem
+    -cert {{ conf_dir }}/admin.pem
+    -key {{ conf_dir }}/admin.key
+    -cd {{ es_sec_plugin_conf_path }}/
+    -nhnv -icl
+    -h {{ hostvars[inventory_hostname]['ip'] }}
+  run_once: true
+  when: install.changed
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index b58afe7a..9f4c438c 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -11,7 +11,8 @@
     dest: /etc/elasticsearch/jvm.options
     owner: root
     group: elasticsearch
-    mode: 0660
+    mode: 0644
+    force: yes
   notify: restart elasticsearch
   tags: configure
 
@@ -20,6 +21,10 @@
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
 
+- name: Copy Configuration File
+  template: src=elasticsearch.yml dest={{conf_dir}}/elasticsearch.yml group=elasticsearch mode=0644 backup=yes
+  register: system_change
+  notify: restart elasticsearch
 
 - name: Ensure Elasticsearch started and enabled
   service:
@@ -42,17 +47,3 @@
 - import_tasks: "RMDebian.yml"
   when: ansible_os_family == "Debian"
 
-- name: Wait for Elasticsearch API
-  uri:
-    url: "https://localhost:9200/_cluster/health/"
-    user: "admin" # Default Elasticsearch user is always "elastic"
-    password: "{{ opendistro_security_password }}"
-    validate_certs: no
-    status_code: 200,401
-    return_content: yes
-    timeout: 4
-  register: _result
-  until: (  _result.json is defined) and (_result.json.status == "green")
-  retries: 24
-  delay: 5
-
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2 b/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2
new file mode 100644
index 00000000..6b025674
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2
@@ -0,0 +1,22 @@
+cluster.name: "{{ elasticsearch_cluster_name }}"
+
+node.name: "{{ inventory_hostname }}"
+
+path.data: /var/lib/elasticsearch
+
+path.logs: /var/log/elasticsearch
+
+network.host: "{{ hostvars[inventory_hostname]['ip'] }}"
+
+http.port: "{{ opendistro_http_port }}"
+
+discovery.seed_hosts: ["{{ es_nodes }}"]
+
+cluster.initial_master_nodes: ["{{ es_nodes }}"]
+
+discovery.zen.minimum_master_nodes: "{{ minimum_master_nodes }}"
+opendistro_security.allow_default_init_securityindex: true
+opendistro_security.audit.type: internal_elasticsearch
+opendistro_security.enable_snapshot_restore_privilege: true
+opendistro_security.check_snapshot_restore_write_privileges: true
+opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/tlsconfig.yml.j2 b/roles/opendistro/opendistro-elasticsearch/templates/tlsconfig.yml.j2
new file mode 100644
index 00000000..85792a6a
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/templates/tlsconfig.yml.j2
@@ -0,0 +1,47 @@
+ca:
+   root:
+      dn: CN=root.ca.{{ domain_name }},OU=CA,O={{ domain_name }}\, Inc.,DC={{ domain_name }}
+      keysize: 2048
+      validityDays: 730
+      pkPassword: none
+      file: root-ca.pem
+
+### Default values and global settings
+defaults:
+      validityDays: 730
+      pkPassword: none
+      # Set this to true in order to generate config and certificates for
+      # the HTTP interface of nodes
+      httpsEnabled: true
+      reuseTransportCertificatesForHttp: false
+      verifyHostnames: false
+      resolveHostnames: false
+
+
+###
+### Nodes
+###
+#
+# Specify the nodes of your ES cluster here
+#
+nodes:
+{% for item in groups['es-cluster'] %}
+  - name: {{ item }}
+    dn: CN={{ item }}.{{ domain_name }},OU=Ops,O={{ domain_name }}\, Inc.,DC={{ domain_name }}
+    dns: {{ item }}.{{ domain_name }}
+    ip: {{ hostvars[item]['ip'] }}
+{% endfor %}
+
+###
+### Clients
+###
+#
+# Specify the clients that shall access your ES cluster with certificate authentication here
+#
+# At least one client must be an admin user (i.e., a super-user). Admin users can
+# be specified with the attribute admin: true
+#
+clients:
+  - name: admin
+    dn: CN=admin.{{ domain_name }},OU=Ops,O={{ domain_name }}\, Inc.,DC={{ domain_name }}
+    admin: true

From 6b3f04f32c829c5ddfd71ac21cc8b1aa193ad03f Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 8 Apr 2020 19:56:44 +0200
Subject: [PATCH 678/714] Bump version

---
 CHANGELOG.md                                       | 11 +++++++++++
 VERSION                                            |  2 +-
 .../ansible-elasticsearch/defaults/main.yml        |  2 +-
 .../elastic-stack/ansible-kibana/defaults/main.yml |  4 ++--
 roles/wazuh/ansible-filebeat/defaults/main.yml     |  2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml  |  8 ++++----
 .../wazuh/ansible-wazuh-manager/defaults/main.yml  | 14 +++++++-------
 7 files changed, 27 insertions(+), 16 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 520661ef..f6eb30c8 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,17 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.12.1_7.6.2]
+
+### Added
+
+- Update to Wazuh v3.12.1
+
+### Fixed
+- Adjusting Kibana plugin optimization max memory ([@Zenidd](https://github.com/Zenidd)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/404)
+- Removed python-cryptography library tasks ([@Zenidd](https://github.com/Zenidd)) [PR#401](https://github.com/wazuh/wazuh-ansible/pull/401)
+- Removed duplicated task block ([@manuasir](https://github.com/manuasir)) [PR#400](https://github.com/wazuh/wazuh-ansible/pull/400)
+
 ## [v3.12.0_7.6.1]
 
 ### Added
diff --git a/VERSION b/VERSION
index d6be8992..2856bf05 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v4"
-REVISION="31140"
+REVISION="31210"
diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
index e04f9527..6f2528c3 100644
--- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml
@@ -4,7 +4,7 @@ elasticsearch_http_port: 9200
 elasticsearch_network_host: 127.0.0.1
 elasticsearch_reachable_host: 127.0.0.1
 elasticsearch_jvm_xms: null
-elastic_stack_version: 7.6.1
+elastic_stack_version: 7.6.2
 elasticsearch_lower_disk_requirements: false
 
 elasticrepo:
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 43f413e6..c45711aa 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -5,8 +5,8 @@ elasticsearch_http_port: "9200"
 elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
-elastic_stack_version: 7.6.1
-wazuh_version: 3.12.0
+elastic_stack_version: 7.6.2
+wazuh_version: 3.12.1
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 elasticrepo:
diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml
index 8f06aaf4..cc7de7bf 100644
--- a/roles/wazuh/ansible-filebeat/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-filebeat_version: 7.6.1
+filebeat_version: 7.6.2
 
 filebeat_create_config: true
 
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 8041962f..0111e76c 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.12.0-1
+wazuh_agent_version: 3.12.1-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: ""
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.12.0"
+  branch: "v3.12.1"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -64,8 +64,8 @@ wazuh_winagent_config:
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
   md5: 91efaefae4e1977670eab0c768a22a93
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.0-1.msi
-wazuh_winagent_package_name: wazuh-agent-3.12.0-1.msi
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.1-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.12.1-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index db4f8841..f409a76c 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,21 +1,21 @@
 ---
-wazuh_manager_version: 3.12.0-1
+wazuh_manager_version: 3.12.1-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
 
 # Custom packages installation
 wazuh_custom_packages_installation_manager_enabled: false
-wazuh_custom_packages_installation_manager_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-manager_3.12.0-0.3319fimreworksqlite_amd64.deb"
-wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-manager-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
+wazuh_custom_packages_installation_manager_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/"
+wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/"
 wazuh_custom_packages_installation_api_enabled: false
-wazuh_custom_packages_installation_api_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-api_3.12.0-0.3319fimreworksqlite_amd64.deb"
-wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-api-3.12.0-0.3319fimreworksqlite.x86_64.rpm"
+wazuh_custom_packages_installation_api_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/"
+wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/"
 
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.12.0"
+  branch: "v3.12.1"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -40,7 +40,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.12.0"
+  branch: "v3.12.1"
   update: "y"
   remove: "y"
   directory: null

From b57623b9163329dac64c71c31fb6535162b8de78 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 8 Apr 2020 19:59:52 +0200
Subject: [PATCH 679/714] Bump MD5 hash

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 0111e76c..20aaa015 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -63,7 +63,7 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
-  md5: 91efaefae4e1977670eab0c768a22a93
+  md5: dbbb412cc3eccdccde27a68628cb2042
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.1-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.12.1-1.msi
 wazuh_agent_config:

From 0c328081e712bd281ed464f33d9c1af3d9fd94bd Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 13 Apr 2020 10:35:12 +0200
Subject: [PATCH 680/714] Bump version to 3.12.2-7.6.2

---
 CHANGELOG.md                                         |  6 ++++++
 VERSION                                              |  2 +-
 roles/elastic-stack/ansible-kibana/defaults/main.yml |  2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 10 +++++-----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  |  6 +++---
 5 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f6eb30c8..87fbdd09 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.12.2_7.6.2]
+
+### Added
+
+- Update to Wazuh v3.12.2
+
 ## [v3.12.1_7.6.2]
 
 ### Added
diff --git a/VERSION b/VERSION
index 2856bf05..22dfe1fb 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v4"
-REVISION="31210"
+REVISION="31220"
diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index c45711aa..d3305612 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.6.2
-wazuh_version: 3.12.1
+wazuh_version: 3.12.2
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 elasticrepo:
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 20aaa015..632c6173 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.12.1-1
+wazuh_agent_version: 3.12.2-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: ""
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.12.1"
+  branch: "v3.12.2"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -63,9 +63,9 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
-  md5: dbbb412cc3eccdccde27a68628cb2042
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.1-1.msi
-wazuh_winagent_package_name: wazuh-agent-3.12.1-1.msi
+  md5: dc64c8bee53df0430e9e03e578ba334d
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.2-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.12.2-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f409a76c..ae936e06 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 3.12.1-1
+wazuh_manager_version: 3.12.2-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -15,7 +15,7 @@ wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.12.1"
+  branch: "v3.12.2"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -40,7 +40,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.12.1"
+  branch: "v3.12.2"
   update: "y"
   remove: "y"
   directory: null

From ae52e6fa1f181c860bdb96a32dd2c9964cb240c5 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 13 Apr 2020 11:05:12 +0200
Subject: [PATCH 681/714] Removing v3.12.1 from changelog

---
 CHANGELOG.md | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 87fbdd09..7a102e14 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,12 +7,6 @@ All notable changes to this project will be documented in this file.
 
 - Update to Wazuh v3.12.2
 
-## [v3.12.1_7.6.2]
-
-### Added
-
-- Update to Wazuh v3.12.1
-
 ### Fixed
 - Adjusting Kibana plugin optimization max memory ([@Zenidd](https://github.com/Zenidd)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/404)
 - Removed python-cryptography library tasks ([@Zenidd](https://github.com/Zenidd)) [PR#401](https://github.com/wazuh/wazuh-ansible/pull/401)

From a8d24ff3f8300a406fc7ddf23a0762acf04ff37b Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Mon, 13 Apr 2020 13:46:11 +0200
Subject: [PATCH 682/714] Removing precise from default vuln-detector config

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ae936e06..972edec1 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -236,7 +236,6 @@ wazuh_manager_config:
     providers:
       - enabled: 'no'
         os:
-          - 'precise'
           - 'trusty'
           - 'xenial'
           - 'bionic'

From d50f89b233bc04a8da680e717193beabf95e6506 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 14 Apr 2020 13:58:13 +0200
Subject: [PATCH 683/714] Update Kibana optimize fodler permissions and onwer

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index 2129c0df..c26741ca 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -166,11 +166,17 @@
     path: /usr/share/kibana/optimize/wazuh/config/
     state: directory
     recurse: yes
+    owner: kibana
+    group: kibana
+    mode: 0751
 
 - name: Configure Wazuh Kibana Plugin
   template:
     src: wazuh.yml.j2
     dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml
+    owner: kibana
+    group: kibana
+    mode: 0644
 
 - name: Reload systemd configuration
   systemd:

From ddde86e0a98b9c6caa4565aacc07cc4cb300c732 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Tue, 14 Apr 2020 16:02:34 +0200
Subject: [PATCH 684/714] Add changed_when:False and update permissions on
 Wazuh Plugin

---
 roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c26741ca..c31f000a 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -169,6 +169,7 @@
     owner: kibana
     group: kibana
     mode: 0751
+  changed_when: False
 
 - name: Configure Wazuh Kibana Plugin
   template:
@@ -176,7 +177,8 @@
     dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml
     owner: kibana
     group: kibana
-    mode: 0644
+    mode: 0751
+  changed_when: False
 
 - name: Reload systemd configuration
   systemd:

From c6354e2ddc97271bfe9861eec760c33490c6077e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 20 Apr 2020 16:36:04 +0200
Subject: [PATCH 685/714] Update Kibana optimize task parameters and command

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml    | 2 +-
 wazuh-qa                                             | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)
 create mode 160000 wazuh-qa

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index d3305612..00c74381 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,4 +50,4 @@ build_from_sources: false
 wazuh_plugin_branch: 3.12-7.6
 
 #Nodejs NODE_OPTIONS
-node_options: --max-old-space-size=2048
+node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c31f000a..220230c8 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -136,7 +136,7 @@
     - not build_from_sources
 
 - name: Kibana optimization (can take a while)
-  shell: NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana --optimize
+  shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli --optimize
   args:
     executable: /bin/bash
   become: yes
diff --git a/wazuh-qa b/wazuh-qa
new file mode 160000
index 00000000..a2057416
--- /dev/null
+++ b/wazuh-qa
@@ -0,0 +1 @@
+Subproject commit a20574168fedf0c3a69116866fc0d1a61062c21c

From 7bed850905a8c89caa6c90615c6f77693b6b33b9 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 24 Apr 2020 18:07:37 +0200
Subject: [PATCH 686/714] Changes tasks

---
 playbooks/wazuh-opendistro.yml                       |  2 +-
 .../opendistro-elasticsearch/defaults/main.yml       |  2 +-
 .../opendistro-elasticsearch/tasks/RedHat.yml        | 12 +++---------
 .../opendistro-elasticsearch/tasks/main.yml          |  9 +--------
 4 files changed, 6 insertions(+), 19 deletions(-)

diff --git a/playbooks/wazuh-opendistro.yml b/playbooks/wazuh-opendistro.yml
index d146ee3c..ede8ca93 100644
--- a/playbooks/wazuh-opendistro.yml
+++ b/playbooks/wazuh-opendistro.yml
@@ -1,4 +1,4 @@
 ---
-- hosts: 172.16.0.161
+- hosts: es-cluster
   roles:
     - role: ../roles/opendistro/opendistro-elasticsearch
diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
index f1bff651..8c791a04 100644
--- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -13,7 +13,7 @@ es_major_version: "7.x"
 
 # Configure hostnames for Elasticsearch nodes
 # Example es1.example.com, es2.example.com
-domain_name: example.com
+domain_name: wazuh.com
 
 # The OpenDistro package repository
 package_repos:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index 64b48b7f..642e7f41 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -43,20 +43,17 @@
     path: /tmp/opendistro-nodecerts
     state: directory
   run_once: true
-  when: install.changed
 
 - name: RedHat/CentOS/Fedora | Download certificates generation tool
   local_action:
     module: get_url
     url: https://search.maven.org/remotecontent?filepath=com/floragunn/search-guard-tlstool/1.5/search-guard-tlstool-1.5.zip
     dest: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
-  run_once: true
-  when: install.changed
+  run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
 
 - name: RedHat/CentOS/Fedora | Extract the certificates generation tool
-  local_action: command chdir=/tmp/opendistro-nodecerts tar -xvf search-guard-tlstool.zip
+  local_action: command chdir=/tmp/opendistro-nodecerts unzip search-guard-tlstool.zip
   run_once: true
-  when: install.changed
 
 - name: RedHat/CentOS/Fedora | Add the execution bit to the binary
   local_action:
@@ -64,21 +61,18 @@
     dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
     mode: a+x
   run_once: true
-  when: install.changed
 
 - name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
   local_action:
     module: template
-    src: tlsconfig.yml
+    src: ../templates/tlsconfig.yml
     dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
   run_once: true
-  when: install.changed
 
 - name: RedHat/CentOS/Fedora | Generate the node & admin certificates in local
   local_action:
     module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/
   run_once: true
-  when: install.changed
 
 - name: RedHat/CentOS/Fedora | Copy the node & admin certificates to Elasticsearch cluster
   copy:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index 9f4c438c..f8727637 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -2,9 +2,6 @@
 - import_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
 
-- import_tasks: Debian.yml
-  when: ansible_os_family == "Debian"
-
 - name: Configure OpenDistro Elasticsearch JVM memmory.
   template:
     src: jvm.options.j2
@@ -42,8 +39,4 @@
     - init
 
 - import_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
-
-- import_tasks: "RMDebian.yml"
-  when: ansible_os_family == "Debian"
-
+  when: ansible_os_family == "RedHat"
\ No newline at end of file

From b91ea1c6aa05e27bede9c6afbdd912aeccd61fd7 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 27 Apr 2020 14:00:49 +0200
Subject: [PATCH 687/714] Fixed register install

---
 roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index 642e7f41..9558094a 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -33,7 +33,7 @@
 
 - name: RedHat/CentOS/Fedora | Install OpenDistro
   package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
-  tags: install
+  register: install
 
 ## Here we are going to use self-signed certificates for Transport (Node-Node communication) & REST API layer
 ## Using searchguard offline TLS tool to create node & root certificates
@@ -65,7 +65,7 @@
 - name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
   local_action:
     module: template
-    src: ../templates/tlsconfig.yml
+    src: opendistro/opendistro-elasticsearch/templates/tlsconfig.yml
     dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
   run_once: true
 

From a543fc7ed1905295d2870e21ae4c58a5315f3f0b Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 27 Apr 2020 14:31:06 +0200
Subject: [PATCH 688/714] Added condition disabled in AWS S3 block

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml           | 2 +-
 .../templates/var-ossec-etc-ossec-server.conf.j2              | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ebb9b92f..bc97c541 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -366,7 +366,7 @@ wazuh_manager_config:
       api_key: '<api_key>'
       alert_level: 12
   monitor_aws:
-    disable: 'no'
+    disabled: 'yes'
     interval: '10m'
     run_on_start: 'yes'
     skip_on_error: 'yes'
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 30da0c50..e7ca872e 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -570,10 +570,10 @@
 {% endfor %}
 {% endif %}
 
-{% if monitor_aws is defined %}
+{% if monitor_aws is defined and monitor_aws.disabled == "no" %}
   <!-- S3 -->
   <wodle name="aws-s3">
-    <disabled>{{ monitor_aws.disable }}</disabled>
+    <disabled>{{ monitor_aws.disabled }}</disabled>
     <interval>{{ monitor_aws.interval }}</interval>
     <run_on_start>{{ monitor_aws.run_on_start }}</run_on_start>
     <skip_on_error>{{ monitor_aws.skip_on_error }}</skip_on_error>

From 53ad5c62ccb9b09f80f7c0b1743610346a5fc93d Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 27 Apr 2020 15:26:13 +0200
Subject: [PATCH 689/714] Fixed unzip task and added templates

---
 .../opendistro-elasticsearch/tasks/RedHat.yml          | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index 9558094a..dca70b8d 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -52,8 +52,10 @@
   run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
 
 - name: RedHat/CentOS/Fedora | Extract the certificates generation tool
-  local_action: command chdir=/tmp/opendistro-nodecerts unzip search-guard-tlstool.zip
-  run_once: true
+  local_action:
+    module: unarchive
+    src: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
+    dest: /tmp/opendistro-nodecerts/
 
 - name: RedHat/CentOS/Fedora | Add the execution bit to the binary
   local_action:
@@ -65,7 +67,7 @@
 - name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
   local_action:
     module: template
-    src: opendistro/opendistro-elasticsearch/templates/tlsconfig.yml
+    src: "templates/tlsconfig.yml.j2"
     dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
   run_once: true
 
@@ -112,7 +114,7 @@
 
 - name: RedHat/CentOS/Fedora | Copy the opendistro security internal users template
   template:
-    src: internal_users.yml
+    src: "templates/internal_users.yml.j2"
     dest: "{{ es_sec_plugin_conf_path }}/internal_users.yml"
     mode: 0644
   run_once: true

From ae160cf6c33d50b0658e6071886988ee8cfbe9d8 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 29 Apr 2020 15:54:29 +0200
Subject: [PATCH 690/714] Decoupled local actions and updated SearchGuard
 certificate generator binary

---
 .../tasks/LocalActions.yml                    | 40 +++++++++++++++++++
 .../opendistro-elasticsearch/tasks/RedHat.yml | 40 -------------------
 .../opendistro-elasticsearch/tasks/main.yml   | 11 ++++-
 3 files changed, 49 insertions(+), 42 deletions(-)
 create mode 100644 roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
new file mode 100644
index 00000000..e33ce7e5
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
@@ -0,0 +1,40 @@
+---
+
+- name: RedHat/CentOS/Fedora | Create local temporary directory for certificates generation
+  local_action:
+    module: file
+    path: /tmp/opendistro-nodecerts
+    state: directory
+  run_once: true
+
+- name: RedHat/CentOS/Fedora | Download certificates generation tool
+  local_action:
+    module: get_url
+    url: https://releases.floragunn.com/search-guard-tlstool/1.7/search-guard-tlstool-1.7.zip
+    dest: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
+  run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
+
+- name: RedHat/CentOS/Fedora | Extract the certificates generation tool
+  local_action:
+    module: unarchive
+    src: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
+    dest: /tmp/opendistro-nodecerts/
+
+- name: RedHat/CentOS/Fedora | Add the execution bit to the binary
+  local_action:
+    module: file
+    dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
+    mode: a+x
+  run_once: true
+
+- name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
+  local_action:
+    module: template
+    src: "templates/tlsconfig.yml.j2"
+    dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
+  run_once: true
+
+- name: RedHat/CentOS/Fedora | Generate the node & admin certificates in local
+  local_action:
+    module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/ -f
+  run_once: true
\ No newline at end of file
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index dca70b8d..d396960b 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -35,46 +35,6 @@
   package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
   register: install
 
-## Here we are going to use self-signed certificates for Transport (Node-Node communication) & REST API layer
-## Using searchguard offline TLS tool to create node & root certificates
-- name: RedHat/CentOS/Fedora | Create local temporary directory for certificates generation
-  local_action:
-    module: file
-    path: /tmp/opendistro-nodecerts
-    state: directory
-  run_once: true
-
-- name: RedHat/CentOS/Fedora | Download certificates generation tool
-  local_action:
-    module: get_url
-    url: https://search.maven.org/remotecontent?filepath=com/floragunn/search-guard-tlstool/1.5/search-guard-tlstool-1.5.zip
-    dest: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
-  run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
-
-- name: RedHat/CentOS/Fedora | Extract the certificates generation tool
-  local_action:
-    module: unarchive
-    src: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
-    dest: /tmp/opendistro-nodecerts/
-
-- name: RedHat/CentOS/Fedora | Add the execution bit to the binary
-  local_action:
-    module: file
-    dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
-    mode: a+x
-  run_once: true
-
-- name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
-  local_action:
-    module: template
-    src: "templates/tlsconfig.yml.j2"
-    dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
-  run_once: true
-
-- name: RedHat/CentOS/Fedora | Generate the node & admin certificates in local
-  local_action:
-    module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/
-  run_once: true
 
 - name: RedHat/CentOS/Fedora | Copy the node & admin certificates to Elasticsearch cluster
   copy:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index f8727637..728f4970 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -1,10 +1,12 @@
 ---
+- import_tasks: LocalActions.yml
+
 - import_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
 
 - name: Configure OpenDistro Elasticsearch JVM memmory.
   template:
-    src: jvm.options.j2
+    src: "templates/jvm.options.j2"
     dest: /etc/elasticsearch/jvm.options
     owner: root
     group: elasticsearch
@@ -19,7 +21,12 @@
   when: ansible_os_family == "RedHat"
 
 - name: Copy Configuration File
-  template: src=elasticsearch.yml dest={{conf_dir}}/elasticsearch.yml group=elasticsearch mode=0644 backup=yes
+  template: 
+    src: "templates/elasticsearch.ym.j2"
+    dest: "{{conf_dir}}/elasticsearch.yml"
+    group: elasticsearch
+    mode: 0644
+    backup: yes
   register: system_change
   notify: restart elasticsearch
 

From 7e47b561e0b1f235b54230b47d11c35409250737 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 29 Apr 2020 16:51:49 +0200
Subject: [PATCH 691/714] Added internal_users template

---
 .../templates/internal_users.yml.j2           | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2

diff --git a/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2 b/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
new file mode 100644
index 00000000..7bb089f3
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
@@ -0,0 +1,21 @@
+---
+# This is the internal user database
+# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
+
+_meta:
+  type: "internalusers"
+  config_version: 2
+
+# Define your internal users here
+
+admin:
+  hash: "{{ admin_password }}"
+  reserved: true
+  backend_roles:
+  - "admin"
+  description: "admin user"
+
+kibanaserver:
+  hash: "{{ kibanaserver_password }}"
+  reserved: true
+  description: "kibanaserver user"

From 34920f5fe560fcc479581efcfb2e4c88df744960 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 29 Apr 2020 17:27:34 +0200
Subject: [PATCH 692/714] Added task to check if root ca already exist

---
 .../opendistro-elasticsearch/tasks/LocalActions.yml   | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
index e33ce7e5..432a4423 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
@@ -34,7 +34,14 @@
     dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
   run_once: true
 
+- name: RedHat/CentOS/Fedora | Check if root CA file exists
+  local_action:
+    module: stat 
+    path: /tmp/opendistro-nodecerts/config/root-ca.key
+  register: root_ca_file
+
 - name: RedHat/CentOS/Fedora | Generate the node & admin certificates in local
   local_action:
-    module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/ -f
-  run_once: true
\ No newline at end of file
+    module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/ -f -o
+  run_once: true
+  when: root_ca_file.stat.exists == False
\ No newline at end of file

From 7269b15041d6417cfc5d7a2a221bbd4d421d7cf0 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 29 Apr 2020 18:01:11 +0200
Subject: [PATCH 693/714] Modified several variables

---
 .../defaults/main.yml                         | 31 +++----------------
 .../opendistro-elasticsearch/tasks/RedHat.yml | 24 +++++++-------
 .../opendistro-elasticsearch/tasks/main.yml   |  4 +--
 .../templates/elasticsearch.yml.j2            |  2 +-
 .../templates/jvm.options.j2                  |  8 ++---
 5 files changed, 23 insertions(+), 46 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
index 8c791a04..bca544e6 100644
--- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -1,7 +1,6 @@
 ---
 # The OpenDistro version
 opendistro_version: 1.6.0
-
 elasticsearch_cluster_name: wazuh-cluster
 
 # Minimum master nodes in cluster, 2 for 3 nodes elasticsearch cluster
@@ -25,12 +24,9 @@ package_repos:
       baseurl: 'https://artifacts.elastic.co/packages/oss-7.x/yum'
       gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
 
-populate_inventory_to_hosts_file: true
-
-es_plugin_bin_path: /usr/share/elasticsearch/bin/elasticsearch-plugin
-es_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
-es_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools
-
+opendistro_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig
+opendistro_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools
+opendistro_conf_path: /etc/elasticsearch/
 es_nodes: |-
         {% for item in groups['es-cluster'] -%}
           {{ hostvars[item]['ip'] }}{% if not loop.last %}","{% endif %}
@@ -42,11 +38,6 @@ opendistro_security_password: admin
 opendistro_jvm_xms: null
 
 opendistro_http_port: 9200
-opendistro_network_host: 127.0.0.1
-opendistro_reachable_host: 127.0.0.1
-opendistro_jvm_xms: null
-elastic_stack_version: 7.6.1
-opendistro_lower_disk_requirements: false
 
 elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
@@ -54,6 +45,7 @@ elasticrepo:
   gpg: 'https://artifacts.elastic.co/GPG-KEY-opendistro'
   key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
+opendistro_admin_password: Test@123
 # Cluster Settings
 single_node: true
 opendistro_cluster_name: wazuh
@@ -67,18 +59,3 @@ opendistro_discovery_nodes:
 opendistro_node_data: true
 opendistro_node_ingest: true
 
-# X-Pack Security 
-opendistro_xpack_security: false
-opendistro_xpack_security_user: elastic
-opendistro_xpack_security_password: elastic_pass
-
-node_certs_generator: false
-node_certs_source: /usr/share/elasticsearch
-node_certs_destination: /etc/elasticsearch/certs
-
-# CA generation
-master_certs_path: /es_certs
-generate_CA: true
-ca_key_name: ""
-ca_cert_name: ""
-ca_password: ""
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index d396960b..b2170af1 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -56,14 +56,14 @@
 - name: RedHat/CentOS/Fedora | Copy the opendistro security configuration file to cluster
   blockinfile:
     block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
-    dest: "{{ conf_dir }}/elasticsearch.yml"
+    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
     backup: yes
     insertafter: EOF
     marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Prepare the opendistro security configuration file
-  command: sed -i 's/searchguard/opendistro_security/g' {{ conf_dir }}/elasticsearch.yml
+  command: sed -i 's/searchguard/opendistro_security/g' {{ opendistro_conf_path }}/elasticsearch.yml
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Restart elasticsearch with security configuration
@@ -75,32 +75,32 @@
 - name: RedHat/CentOS/Fedora | Copy the opendistro security internal users template
   template:
     src: "templates/internal_users.yml.j2"
-    dest: "{{ es_sec_plugin_conf_path }}/internal_users.yml"
+    dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
     mode: 0644
   run_once: true
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Set the Admin user password
   shell: >
-    sed -i 's,{{ admin_password }},'$(sh {{ es_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
-    {{ es_sec_plugin_conf_path }}/internal_users.yml
+    sed -i 's,{{ admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
+    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
   run_once: true
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Set the kibanaserver user pasword
   shell: >
-    sed -i 's,{{ kibanaserver_password }},'$(sh {{ es_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
-    {{ es_sec_plugin_conf_path }}/internal_users.yml
+    sed -i 's,{{ kibanaserver_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
+    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
   run_once: true
   when: install.changed
 
 - name: RedHat/CentOS/Fedora | Initialize the opendistro security index in elasticsearch
   shell: >
-    sh {{ es_sec_plugin_tools_path }}/securityadmin.sh
-    -cacert {{ conf_dir }}/root-ca.pem
-    -cert {{ conf_dir }}/admin.pem
-    -key {{ conf_dir }}/admin.key
-    -cd {{ es_sec_plugin_conf_path }}/
+    sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
+    -cacert {{ opendistro_conf_path }}/root-ca.pem
+    -cert {{ opendistro_conf_path }}/admin.pem
+    -key {{ opendistro_conf_path }}/admin.key
+    -cd {{ opendistro_sec_plugin_conf_path }}/
     -nhnv -icl
     -h {{ hostvars[inventory_hostname]['ip'] }}
   run_once: true
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index 728f4970..bdfb6be8 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -22,8 +22,8 @@
 
 - name: Copy Configuration File
   template: 
-    src: "templates/elasticsearch.ym.j2"
-    dest: "{{conf_dir}}/elasticsearch.yml"
+    src: "templates/elasticsearch.yml.j2"
+    dest: "{{opendistro_conf_path}}/elasticsearch.yml"
     group: elasticsearch
     mode: 0644
     backup: yes
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2 b/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2
index 6b025674..58a8ece2 100644
--- a/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/opendistro/opendistro-elasticsearch/templates/elasticsearch.yml.j2
@@ -1,4 +1,4 @@
-cluster.name: "{{ elasticsearch_cluster_name }}"
+cluster.name: "{{ opendistro_cluster_name }}"
 
 node.name: "{{ inventory_hostname }}"
 
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2 b/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2
index c43ce401..de69125c 100644
--- a/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2
+++ b/roles/opendistro/opendistro-elasticsearch/templates/jvm.options.j2
@@ -23,10 +23,10 @@
 
 # Xms represents the initial size of total heap space
 # Xmx represents the maximum size of total heap space
-{% if elasticsearch_jvm_xms is not none %}
-{% if elasticsearch_jvm_xms < 32000 %}
--Xms{{ elasticsearch_jvm_xms }}m
--Xmx{{ elasticsearch_jvm_xms }}m
+{% if opendistro_jvm_xms is not none %}
+{% if opendistro_jvm_xms < 32000 %}
+-Xms{{ opendistro_jvm_xms }}m
+-Xmx{{ opendistro_jvm_xms }}m
 {% else %}
 -Xms32000m
 -Xmx32000m

From 883ef93af72ff75f718e079800df3c3f8f995573 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 12:22:59 +0200
Subject: [PATCH 694/714] Bump version to 3.12.3_7.6.2

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 6 +++---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 00c74381..d1ddb8e1 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.6.2
-wazuh_version: 3.12.2
+wazuh_version: 3.12.3
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 elasticrepo:
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 632c6173..fac17bbb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.12.2-1
+wazuh_agent_version: 3.12.3-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: ""
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.12.2"
+  branch: "v3.12.3"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -64,8 +64,8 @@ wazuh_winagent_config:
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
   md5: dc64c8bee53df0430e9e03e578ba334d
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.2-1.msi
-wazuh_winagent_package_name: wazuh-agent-3.12.2-1.msi
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.3-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.12.3-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index bc97c541..b4bc040d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 3.12.2-1
+wazuh_manager_version: 3.12.3-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -15,7 +15,7 @@ wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.12.2"
+  branch: "v3.12.3"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -40,7 +40,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.12.2"
+  branch: "v3.12.3"
   update: "y"
   remove: "y"
   directory: null

From 6b36e63f1c3b5c7d94b2592686be32ff8dc114fb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 12:23:09 +0200
Subject: [PATCH 695/714] Update CHANGELOG.md

---
 CHANGELOG.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7a102e14..c9b8803d 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,19 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+
+## [v3.12.3_7.6.2]
+
+### Added
+
+- Update to Wazuh v3.12.2
+- AWS S3 block to template ([@limitup](https://github.com/limitup)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/413)
+
+### Changed
+
+- Update Kibana optimize task parameters and command ([@jm404](https://github.com/jm404)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/412)
+- Update Kibana optimize folder and owner ([@jm404](https://github.com/jm404)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/410)
+
 ## [v3.12.2_7.6.2]
 
 ### Added

From e354359e38179228c992bac695b1e03919d03fb0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 12:25:55 +0200
Subject: [PATCH 696/714] Update Agent Windows MD5

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index fac17bbb..1baf8bdb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -63,7 +63,7 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
-  md5: dc64c8bee53df0430e9e03e578ba334d
+  md5: 4ae4e930d3ae9d572b07cd9e7207d783
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.3-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.12.3-1.msi
 wazuh_agent_config:

From 12090632a78621730b976e4b770f64fd7ad84459 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 17:01:24 +0200
Subject: [PATCH 697/714] Delete "alert_new_files" occurrences

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml              | 1 -
 .../templates/var-ossec-etc-ossec-agent.conf.j2                | 1 -
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml            | 3 ---
 3 files changed, 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 1baf8bdb..dac051a4 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -86,7 +86,6 @@ wazuh_agent_config:
     frequency: 43200
     scan_on_start: 'yes'
     auto_ignore: 'no'
-    alert_new_files: 'yes'
     win_audit_interval: 60
     skip_nfs: 'yes'
     skip_dev: 'yes'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index ee71769e..2ee7f97d 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -201,7 +201,6 @@
   {% if wazuh_agent_config.syscheck is defined %}
   <syscheck>
     <disabled>no</disabled>
-  <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
     <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
     {% if ansible_system == "Linux" %}
     <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b4bc040d..a046addf 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -152,7 +152,6 @@ wazuh_manager_config:
     frequency: 43200
     scan_on_start: 'yes'
     auto_ignore: 'no'
-    alert_new_files: 'yes'
     ignore:
       - /etc/mtab
       - /etc/hosts.deny
@@ -389,7 +388,6 @@ wazuh_manager_config:
   #   syscheck:
   #     frequency: 43200
   #     scan_on_start: 'yes'
-  #     alert_new_files: 'yes'
   #     ignore:
   #       - /etc/mtab
   #       - /etc/mnttab
@@ -420,7 +418,6 @@ wazuh_manager_config:
   #     frequency: 43200
   #     scan_on_start: 'yes'
   #     auto_ignore: 'no'
-  #     alert_new_files: 'yes'
   #     windows_registry:
   #       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
   #         arch: 'both'

From c99d554e2f2fd0dd3ecfb8d55156e120ef56379e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 17:57:01 +0200
Subject: [PATCH 698/714] Delete alert_new_files references in jinja templates

---
 .../templates/var-ossec-etc-ossec-server.conf.j2                 | 1 -
 .../templates/var-ossec-etc-shared-agent.conf.j2                 | 1 -
 2 files changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index e7ca872e..53565007 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -294,7 +294,6 @@
   <!-- File integrity monitoring -->
   <syscheck>
     <disabled>{{ wazuh_manager_config.syscheck.disable }}</disabled>
-    <alert_new_files>{{ wazuh_manager_config.syscheck.alert_new_files }}</alert_new_files>
     <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>
 
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index f300f22a..78893385 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -7,7 +7,6 @@
     {% if agent_config.syscheck.auto_ignore is defined %}
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
     {% endif %}
-    <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
     <frequency>{{ agent_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ agent_config.syscheck.scan_on_start }}</scan_on_start>
 

From 100ea616edd1786510c6d4af0e9af9d1a2cc1ce9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 1 May 2020 20:08:50 +0200
Subject: [PATCH 699/714] Remove alert_new_files from ossec.conf template

---
 .../templates/var-ossec-etc-ossec-server.conf.j2                 | 1 -
 .../templates/var-ossec-etc-shared-agent.conf.j2                 | 1 -
 2 files changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index e7ca872e..53565007 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -294,7 +294,6 @@
   <!-- File integrity monitoring -->
   <syscheck>
     <disabled>{{ wazuh_manager_config.syscheck.disable }}</disabled>
-    <alert_new_files>{{ wazuh_manager_config.syscheck.alert_new_files }}</alert_new_files>
     <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>
 
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index f300f22a..78893385 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -7,7 +7,6 @@
     {% if agent_config.syscheck.auto_ignore is defined %}
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
     {% endif %}
-    <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
     <frequency>{{ agent_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ agent_config.syscheck.scan_on_start }}</scan_on_start>
 

From d19c8e70e14bef35815e1188a415e25438d25e52 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Wed, 6 May 2020 15:17:01 +0200
Subject: [PATCH 700/714] Delete wazuh-qa

---
 wazuh-qa | 1 -
 1 file changed, 1 deletion(-)
 delete mode 160000 wazuh-qa

diff --git a/wazuh-qa b/wazuh-qa
deleted file mode 160000
index a2057416..00000000
--- a/wazuh-qa
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit a20574168fedf0c3a69116866fc0d1a61062c21c

From e899b1c6020efd1d87291e1294ced56f9ca34cf4 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Wed, 6 May 2020 17:33:53 +0200
Subject: [PATCH 701/714] WIP: Testing first secured cluster deployment

---
 .../opendistro-elasticsearch/tasks/RedHat.yml |  75 -----------
 .../opendistro-elasticsearch/tasks/main.yml   | 125 +++++++++++++++---
 2 files changed, 107 insertions(+), 93 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index b2170af1..b3318193 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -30,78 +30,3 @@
     packages:
     - wget
     - unzip
-
-- name: RedHat/CentOS/Fedora | Install OpenDistro
-  package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
-  register: install
-
-
-- name: RedHat/CentOS/Fedora | Copy the node & admin certificates to Elasticsearch cluster
-  copy:
-    src: "/tmp/opendistro-nodecerts/config/{{ item }}"
-    dest: /etc/elasticsearch/
-    mode: 0644
-  with_items:
-    - root-ca.pem
-    - root-ca.key
-    - "{{ inventory_hostname }}.key"
-    - "{{ inventory_hostname }}.pem"
-    - "{{ inventory_hostname }}_http.key"
-    - "{{ inventory_hostname }}_http.pem"
-    - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
-    - admin.key
-    - admin.pem
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Copy the opendistro security configuration file to cluster
-  blockinfile:
-    block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
-    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
-    backup: yes
-    insertafter: EOF
-    marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Prepare the opendistro security configuration file
-  command: sed -i 's/searchguard/opendistro_security/g' {{ opendistro_conf_path }}/elasticsearch.yml
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Restart elasticsearch with security configuration
-  systemd:
-    name: elasticsearch
-    state: restarted
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Copy the opendistro security internal users template
-  template:
-    src: "templates/internal_users.yml.j2"
-    dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
-    mode: 0644
-  run_once: true
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Set the Admin user password
-  shell: >
-    sed -i 's,{{ admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
-    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
-  run_once: true
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Set the kibanaserver user pasword
-  shell: >
-    sed -i 's,{{ kibanaserver_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
-    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
-  run_once: true
-  when: install.changed
-
-- name: RedHat/CentOS/Fedora | Initialize the opendistro security index in elasticsearch
-  shell: >
-    sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
-    -cacert {{ opendistro_conf_path }}/root-ca.pem
-    -cert {{ opendistro_conf_path }}/admin.pem
-    -key {{ opendistro_conf_path }}/admin.key
-    -cd {{ opendistro_sec_plugin_conf_path }}/
-    -nhnv -icl
-    -h {{ hostvars[inventory_hostname]['ip'] }}
-  run_once: true
-  when: install.changed
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index bdfb6be8..bf7c6e06 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -4,6 +4,110 @@
 - import_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
 
+- name: Install OpenDistro
+  package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
+  register: install
+
+- name: Copy the node & admin certificates to Elasticsearch cluster
+  copy:
+    src: "/tmp/opendistro-nodecerts/config/{{ item }}"
+    dest: /etc/elasticsearch/
+    mode: 0644
+  with_items:
+    - root-ca.pem
+    - root-ca.key
+    - "{{ inventory_hostname }}.key"
+    - "{{ inventory_hostname }}.pem"
+    - "{{ inventory_hostname }}_http.key"
+    - "{{ inventory_hostname }}_http.pem"
+    - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
+    - admin.key
+    - admin.pem
+  when: install.changed
+
+- name: Remove demo certs
+  file:
+    path: "{{ item }}"
+    state: absent
+  with_items:
+    - "{{opendistro_conf_path}}/kirk.pem"
+    - "{{opendistro_conf_path}}/kirk-key.pem"
+    - "{{opendistro_conf_path}}/esnode.pem"
+    - "{{opendistro_conf_path}}/esnode-key.pem"
+  when: install.changed
+
+- name: Remove elasticsearch configuration file
+  file:
+    path: "{{opendistro_conf_path}}/elasticsearch.yml"
+    state: absent
+  when: install.changed
+  
+- name: Copy Configuration File
+  blockinfile:
+    block: "{{ lookup('template', 'elasticsearch.yml.j2') }}"
+    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
+    create: true
+    group: elasticsearch
+    mode: 0640
+    marker: "## {mark} Opendistro general settings ##"
+  when: install.changed
+
+- name: Copy the opendistro security configuration file to cluster
+  blockinfile:
+    block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
+    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
+    insertafter: EOF
+    marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
+  when: install.changed
+
+- name: Prepare the opendistro security configuration file
+  replace:
+    path: "{{ opendistro_conf_path }}/elasticsearch.yml"
+    regexp: 'searchguard'
+    replace: 'opendistro_security'
+  tags: local
+  when: install.changed
+
+- name: Restart elasticsearch with security configuration
+  systemd:
+    name: elasticsearch
+    state: restarted
+  when: install.changed
+
+- name: Copy the opendistro security internal users template
+  template:
+    src: "templates/internal_users.yml.j2"
+    dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
+    mode: 0644
+  run_once: true
+  when: install.changed
+
+- name: Set the Admin user password
+  shell: >
+    sed -i 's,{{ admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
+    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
+  run_once: true
+  when: install.changed
+
+- name: Set the kibanaserver user pasword
+  shell: >
+    sed -i 's,{{ kibanaserver_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
+    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
+  run_once: true
+  when: install.changed
+
+- name: Initialize the opendistro security index in elasticsearch
+  shell: >
+    sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
+    -cacert {{ opendistro_conf_path }}/root-ca.pem
+    -cert {{ opendistro_conf_path }}/admin.pem
+    -key {{ opendistro_conf_path }}/admin.key
+    -cd {{ opendistro_sec_plugin_conf_path }}/
+    -nhnv -icl
+    -h {{ hostvars[inventory_hostname]['ip'] }}
+  run_once: true
+  when: install.changed
+
 - name: Configure OpenDistro Elasticsearch JVM memmory.
   template:
     src: "templates/jvm.options.j2"
@@ -13,22 +117,7 @@
     mode: 0644
     force: yes
   notify: restart elasticsearch
-  tags: configure
-
-# fix in new PR (ignore_errors)
-
-- import_tasks: "RMRedHat.yml"
-  when: ansible_os_family == "RedHat"
-
-- name: Copy Configuration File
-  template: 
-    src: "templates/elasticsearch.yml.j2"
-    dest: "{{opendistro_conf_path}}/elasticsearch.yml"
-    group: elasticsearch
-    mode: 0644
-    backup: yes
-  register: system_change
-  notify: restart elasticsearch
+  tags: opendistro
 
 - name: Ensure Elasticsearch started and enabled
   service:
@@ -36,13 +125,13 @@
     enabled: true
     state: started
   tags:
-    - configure
+    - opendistro
     - init
 
 - name: Make sure Elasticsearch is running before proceeding
   wait_for: host=localhost port=9200 delay=3 timeout=400
   tags:
-    - configure
+    - opendistro
     - init
 
 - import_tasks: "RMRedHat.yml"

From 5fd4988a888e207dc25320019ef0b37d57e5e0f3 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 7 May 2020 14:40:58 +0200
Subject: [PATCH 702/714] Fixed typo

---
 roles/opendistro/opendistro-elasticsearch/tasks/main.yml        | 2 +-
 .../opendistro-elasticsearch/templates/internal_users.yml.j2    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index bf7c6e06..88ad8711 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -84,7 +84,7 @@
 
 - name: Set the Admin user password
   shell: >
-    sed -i 's,{{ admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ admin_password }} | tail -1)','
+    sed -i 's,{{ opendistro_admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }} | tail -1)','
     {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
   run_once: true
   when: install.changed
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2 b/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
index 7bb089f3..f39bbf50 100644
--- a/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
+++ b/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
@@ -9,7 +9,7 @@ _meta:
 # Define your internal users here
 
 admin:
-  hash: "{{ admin_password }}"
+  hash: "{{ opendistro_admin_password }}"
   reserved: true
   backend_roles:
   - "admin"

From 77c30c3bf0e496138bb29024de8bf41765fc7adb Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 7 May 2020 14:50:01 +0200
Subject: [PATCH 703/714] Added Kibana admin password

---
 roles/opendistro/opendistro-elasticsearch/defaults/main.yml    | 3 ++-
 roles/opendistro/opendistro-elasticsearch/tasks/main.yml       | 2 +-
 .../opendistro-elasticsearch/templates/internal_users.yml.j2   | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
index bca544e6..b71b67de 100644
--- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -45,7 +45,8 @@ elasticrepo:
   gpg: 'https://artifacts.elastic.co/GPG-KEY-opendistro'
   key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
 
-opendistro_admin_password: Test@123
+opendistro_admin_password: changeme
+opendistro_kibana_password: changeme
 # Cluster Settings
 single_node: true
 opendistro_cluster_name: wazuh
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index 88ad8711..7174a27f 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -91,7 +91,7 @@
 
 - name: Set the kibanaserver user pasword
   shell: >
-    sed -i 's,{{ kibanaserver_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ kibanaserver_password }} | tail -1)','
+    sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)','
     {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
   run_once: true
   when: install.changed
diff --git a/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2 b/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
index f39bbf50..471a5c28 100644
--- a/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
+++ b/roles/opendistro/opendistro-elasticsearch/templates/internal_users.yml.j2
@@ -16,6 +16,6 @@ admin:
   description: "admin user"
 
 kibanaserver:
-  hash: "{{ kibanaserver_password }}"
+  hash: "{{ opendistro_kibana_password }}"
   reserved: true
   description: "kibanaserver user"

From 0c04b22b0f8b49a36e6af4be2d7c6cec3ac1e864 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 7 May 2020 19:12:43 +0200
Subject: [PATCH 704/714] Checking API status

---
 .../opendistro-elasticsearch/tasks/main.yml   | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index 7174a27f..ea56183e 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -128,11 +128,20 @@
     - opendistro
     - init
 
-- name: Make sure Elasticsearch is running before proceeding
-  wait_for: host=localhost port=9200 delay=3 timeout=400
-  tags:
-    - opendistro
-    - init
+- name: Wait for Elasticsearch API
+  uri:
+    url: "https://{{ es_nodes.split(',')[0].split('\"')[0] }}:9200/_cluster/health/"
+    user: "admin" # Default OpenDistro user is always "admin"
+    password: "{{ opendistro_admin_password }}"
+    validate_certs: no
+    status_code: 200,401
+    return_content: yes
+    timeout: 4
+  register: _result
+  until: (  _result.json is defined) and (_result.json.status == "green")
+  retries: 24
+  delay: 5
+  tags: debug
 
 - import_tasks: "RMRedHat.yml"
   when: ansible_os_family == "RedHat"
\ No newline at end of file

From e83c6f8d86cf1d34701bd16ab6bbd2a99bf0bd88 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Thu, 7 May 2020 20:03:39 +0200
Subject: [PATCH 705/714] Refactor of production ready actions

---
 .../tasks/LocalActions.yml                    | 82 ++++++++--------
 .../opendistro-elasticsearch/tasks/RedHat.yml | 58 ++++++------
 .../tasks/SecurityActions.yml                 | 88 ++++++++++++++++++
 .../opendistro-elasticsearch/tasks/main.yml   | 93 ++-----------------
 4 files changed, 168 insertions(+), 153 deletions(-)
 create mode 100644 roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
index 432a4423..8ff56b64 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
@@ -1,47 +1,51 @@
 ---
+- block:
 
-- name: RedHat/CentOS/Fedora | Create local temporary directory for certificates generation
-  local_action:
-    module: file
-    path: /tmp/opendistro-nodecerts
-    state: directory
-  run_once: true
+  - name: Local action | Create local temporary directory for certificates generation
+    local_action:
+      module: file
+      path: /tmp/opendistro-nodecerts
+      state: directory
+    run_once: true
+    
+  - name: Local action | Download certificates generation tool
+    local_action:
+      module: get_url
+      url: https://releases.floragunn.com/search-guard-tlstool/1.7/search-guard-tlstool-1.7.zip
+      dest: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
+    run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
 
-- name: RedHat/CentOS/Fedora | Download certificates generation tool
-  local_action:
-    module: get_url
-    url: https://releases.floragunn.com/search-guard-tlstool/1.7/search-guard-tlstool-1.7.zip
-    dest: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
-  run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
+  - name: Local action | Extract the certificates generation tool
+    local_action:
+      module: unarchive
+      src: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
+      dest: /tmp/opendistro-nodecerts/
 
-- name: RedHat/CentOS/Fedora | Extract the certificates generation tool
-  local_action:
-    module: unarchive
-    src: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
-    dest: /tmp/opendistro-nodecerts/
+  - name: Local action | Add the execution bit to the binary
+    local_action:
+      module: file
+      dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
+      mode: a+x
+    run_once: true
 
-- name: RedHat/CentOS/Fedora | Add the execution bit to the binary
-  local_action:
-    module: file
-    dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
-    mode: a+x
-  run_once: true
+  - name: Local action | Prepare the certificates generation template file
+    local_action:
+      module: template
+      src: "templates/tlsconfig.yml.j2"
+      dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
+    run_once: true
 
-- name: RedHat/CentOS/Fedora | Prepare the certificates generation template file
-  local_action:
-    module: template
-    src: "templates/tlsconfig.yml.j2"
-    dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
-  run_once: true
+  - name: Local action | Check if root CA file exists
+    local_action:
+      module: stat 
+      path: /tmp/opendistro-nodecerts/config/root-ca.key
+    register: root_ca_file
 
-- name: RedHat/CentOS/Fedora | Check if root CA file exists
-  local_action:
-    module: stat 
-    path: /tmp/opendistro-nodecerts/config/root-ca.key
-  register: root_ca_file
+  - name: Local action | Generate the node & admin certificates in local
+    local_action:
+      module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/ -f -o
+    run_once: true
+    when: root_ca_file.stat.exists == False
 
-- name: RedHat/CentOS/Fedora | Generate the node & admin certificates in local
-  local_action:
-    module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/ -f -o
-  run_once: true
-  when: root_ca_file.stat.exists == False
\ No newline at end of file
+  tags:
+  - generate-certs
\ No newline at end of file
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index b3318193..68459544 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -1,32 +1,36 @@
 ---
+- block:
 
-- name: RedHat/CentOS/Fedora | Add OpenDistro repo
-  yum_repository:
-    file: opendistro
-    name: opendistro_repo
-    description: Opendistro yum repository
-    baseurl: "{{ package_repos.yum.opendistro.baseurl }}"
-    gpgkey: "{{ package_repos.yum.opendistro.gpg }}"
-    gpgcheck: true
-  changed_when: false
+  - name: RedHat/CentOS/Fedora | Add OpenDistro repo
+    yum_repository:
+      file: opendistro
+      name: opendistro_repo
+      description: Opendistro yum repository
+      baseurl: "{{ package_repos.yum.opendistro.baseurl }}"
+      gpgkey: "{{ package_repos.yum.opendistro.gpg }}"
+      gpgcheck: true
+    changed_when: false
 
-- name: RedHat/CentOS/Fedora | Add Elasticsearch-oss repo
-  yum_repository:
-    file: opendistro
-    name: elasticsearch_oss_repo
-    description: Elasticsearch-oss yum repository
-    baseurl: "{{ package_repos.yum.elasticsearch_oss.baseurl }}"
-    gpgkey: "{{ package_repos.yum.elasticsearch_oss.gpg }}"
-    gpgcheck: true
-  changed_when: false
+  - name: RedHat/CentOS/Fedora | Add Elasticsearch-oss repo
+    yum_repository:
+      file: opendistro
+      name: elasticsearch_oss_repo
+      description: Elasticsearch-oss yum repository
+      baseurl: "{{ package_repos.yum.elasticsearch_oss.baseurl }}"
+      gpgkey: "{{ package_repos.yum.elasticsearch_oss.gpg }}"
+      gpgcheck: true
+    changed_when: false
 
-- name: RedHat/CentOS/Fedora | Install OpenJDK 11
-  yum: name=java-11-openjdk-devel state=present
+  - name: RedHat/CentOS/Fedora | Install OpenJDK 11
+    yum: name=java-11-openjdk-devel state=present
 
-- name: RedHat/CentOS/Fedora | Install OpenDistro dependencies
-  yum:
-    name: "{{ packages }}"
-  vars:
-    packages:
-    - wget
-    - unzip
+  - name: RedHat/CentOS/Fedora | Install OpenDistro dependencies
+    yum:
+      name: "{{ packages }}"
+    vars:
+      packages:
+      - wget
+      - unzip
+
+  tags:
+  - install
\ No newline at end of file
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
new file mode 100644
index 00000000..c6323fde
--- /dev/null
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
@@ -0,0 +1,88 @@
+- block:
+
+  - name: Remove demo certs
+    file:
+      path: "{{ item }}"
+      state: absent
+    with_items:
+      - "{{opendistro_conf_path}}/kirk.pem"
+      - "{{opendistro_conf_path}}/kirk-key.pem"
+      - "{{opendistro_conf_path}}/esnode.pem"
+      - "{{opendistro_conf_path}}/esnode-key.pem"
+    when: install.changed
+
+  - name: Copy the node & admin certificates to Elasticsearch cluster
+    copy:
+      src: "/tmp/opendistro-nodecerts/config/{{ item }}"
+      dest: /etc/elasticsearch/
+      mode: 0644
+    with_items:
+      - root-ca.pem
+      - root-ca.key
+      - "{{ inventory_hostname }}.key"
+      - "{{ inventory_hostname }}.pem"
+      - "{{ inventory_hostname }}_http.key"
+      - "{{ inventory_hostname }}_http.pem"
+      - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
+      - admin.key
+      - admin.pem
+    when: install.changed
+
+  - name: Copy the opendistro security configuration file to cluster
+    blockinfile:
+      block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
+      dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
+      insertafter: EOF
+      marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
+    when: install.changed
+
+  - name: Prepare the opendistro security configuration file
+    replace:
+      path: "{{ opendistro_conf_path }}/elasticsearch.yml"
+      regexp: 'searchguard'
+      replace: 'opendistro_security'
+    tags: local
+    when: install.changed
+
+  - name: Restart elasticsearch with security configuration
+    systemd:
+      name: elasticsearch
+      state: restarted
+    when: install.changed
+
+  - name: Copy the opendistro security internal users template
+    template:
+      src: "templates/internal_users.yml.j2"
+      dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
+      mode: 0644
+    run_once: true
+    when: install.changed
+
+  - name: Set the Admin user password
+    shell: >
+      sed -i 's,{{ opendistro_admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }} | tail -1)','
+      {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
+    run_once: true
+    when: install.changed
+
+  - name: Set the kibanaserver user pasword
+    shell: >
+      sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)','
+      {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
+    run_once: true
+    when: install.changed
+
+  - name: Initialize the opendistro security index in elasticsearch
+    shell: >
+      sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
+      -cacert {{ opendistro_conf_path }}/root-ca.pem
+      -cert {{ opendistro_conf_path }}/admin.pem
+      -key {{ opendistro_conf_path }}/admin.key
+      -cd {{ opendistro_sec_plugin_conf_path }}/
+      -nhnv -icl
+      -h {{ hostvars[inventory_hostname]['ip'] }}
+    run_once: true
+    when: install.changed
+
+  tags:
+    - production_ready
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index ea56183e..94f4ab91 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -1,4 +1,5 @@
 ---
+
 - import_tasks: LocalActions.yml
 
 - import_tasks: RedHat.yml
@@ -7,40 +8,14 @@
 - name: Install OpenDistro
   package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
   register: install
-
-- name: Copy the node & admin certificates to Elasticsearch cluster
-  copy:
-    src: "/tmp/opendistro-nodecerts/config/{{ item }}"
-    dest: /etc/elasticsearch/
-    mode: 0644
-  with_items:
-    - root-ca.pem
-    - root-ca.key
-    - "{{ inventory_hostname }}.key"
-    - "{{ inventory_hostname }}.pem"
-    - "{{ inventory_hostname }}_http.key"
-    - "{{ inventory_hostname }}_http.pem"
-    - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
-    - admin.key
-    - admin.pem
-  when: install.changed
-
-- name: Remove demo certs
-  file:
-    path: "{{ item }}"
-    state: absent
-  with_items:
-    - "{{opendistro_conf_path}}/kirk.pem"
-    - "{{opendistro_conf_path}}/kirk-key.pem"
-    - "{{opendistro_conf_path}}/esnode.pem"
-    - "{{opendistro_conf_path}}/esnode-key.pem"
-  when: install.changed
+  tags: install
 
 - name: Remove elasticsearch configuration file
   file:
     path: "{{opendistro_conf_path}}/elasticsearch.yml"
     state: absent
   when: install.changed
+  tags: install
   
 - name: Copy Configuration File
   blockinfile:
@@ -51,62 +26,9 @@
     mode: 0640
     marker: "## {mark} Opendistro general settings ##"
   when: install.changed
+  tags: install
 
-- name: Copy the opendistro security configuration file to cluster
-  blockinfile:
-    block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
-    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
-    insertafter: EOF
-    marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
-  when: install.changed
-
-- name: Prepare the opendistro security configuration file
-  replace:
-    path: "{{ opendistro_conf_path }}/elasticsearch.yml"
-    regexp: 'searchguard'
-    replace: 'opendistro_security'
-  tags: local
-  when: install.changed
-
-- name: Restart elasticsearch with security configuration
-  systemd:
-    name: elasticsearch
-    state: restarted
-  when: install.changed
-
-- name: Copy the opendistro security internal users template
-  template:
-    src: "templates/internal_users.yml.j2"
-    dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
-    mode: 0644
-  run_once: true
-  when: install.changed
-
-- name: Set the Admin user password
-  shell: >
-    sed -i 's,{{ opendistro_admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }} | tail -1)','
-    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
-  run_once: true
-  when: install.changed
-
-- name: Set the kibanaserver user pasword
-  shell: >
-    sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)','
-    {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
-  run_once: true
-  when: install.changed
-
-- name: Initialize the opendistro security index in elasticsearch
-  shell: >
-    sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
-    -cacert {{ opendistro_conf_path }}/root-ca.pem
-    -cert {{ opendistro_conf_path }}/admin.pem
-    -key {{ opendistro_conf_path }}/admin.key
-    -cd {{ opendistro_sec_plugin_conf_path }}/
-    -nhnv -icl
-    -h {{ hostvars[inventory_hostname]['ip'] }}
-  run_once: true
-  when: install.changed
+- import_tasks: SecurityActions.yml
 
 - name: Configure OpenDistro Elasticsearch JVM memmory.
   template:
@@ -117,16 +39,13 @@
     mode: 0644
     force: yes
   notify: restart elasticsearch
-  tags: opendistro
+  tags: install
 
 - name: Ensure Elasticsearch started and enabled
   service:
     name: elasticsearch
     enabled: true
     state: started
-  tags:
-    - opendistro
-    - init
 
 - name: Wait for Elasticsearch API
   uri:

From 3c6e08c7cf0ecf5890555cf6bde5fc07a0c24bfd Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 8 May 2020 14:43:30 +0200
Subject: [PATCH 706/714] Modified task, from shell to command module

---
 .../opendistro-elasticsearch/tasks/SecurityActions.yml        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
index c6323fde..765285aa 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
@@ -73,8 +73,8 @@
     when: install.changed
 
   - name: Initialize the opendistro security index in elasticsearch
-    shell: >
-      sh {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
+    command: >
+      {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
       -cacert {{ opendistro_conf_path }}/root-ca.pem
       -cert {{ opendistro_conf_path }}/admin.pem
       -key {{ opendistro_conf_path }}/admin.key

From d7be137e6e2f3791d0a18d968348c690897f995b Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 8 May 2020 15:54:23 +0200
Subject: [PATCH 707/714] Ansible linting compliant variables

---
 .../opendistro-elasticsearch/tasks/SecurityActions.yml    | 8 ++++----
 roles/opendistro/opendistro-elasticsearch/tasks/main.yml  | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
index 765285aa..390df69c 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
@@ -5,10 +5,10 @@
       path: "{{ item }}"
       state: absent
     with_items:
-      - "{{opendistro_conf_path}}/kirk.pem"
-      - "{{opendistro_conf_path}}/kirk-key.pem"
-      - "{{opendistro_conf_path}}/esnode.pem"
-      - "{{opendistro_conf_path}}/esnode-key.pem"
+      - "{{ opendistro_conf_path }}/kirk.pem"
+      - "{{ opendistro_conf_path }}/kirk-key.pem"
+      - "{{ opendistro_conf_path }}/esnode.pem"
+      - "{{ opendistro_conf_path }}/esnode-key.pem"
     when: install.changed
 
   - name: Copy the node & admin certificates to Elasticsearch cluster
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index 94f4ab91..6547b03a 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -12,7 +12,7 @@
 
 - name: Remove elasticsearch configuration file
   file:
-    path: "{{opendistro_conf_path}}/elasticsearch.yml"
+    path: "{{ opendistro_conf_path }}/elasticsearch.yml"
     state: absent
   when: install.changed
   tags: install

From 8fd684927581a0bb7c969a3728fa7b7ce0d9f0ad Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 8 May 2020 15:55:13 +0200
Subject: [PATCH 708/714] Tasks in YAML format

---
 roles/opendistro/opendistro-elasticsearch/handlers/main.yml | 3 ++-
 roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml  | 3 ++-
 roles/opendistro/opendistro-elasticsearch/tasks/main.yml    | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/handlers/main.yml b/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
index a4c1162a..c2836edc 100644
--- a/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
@@ -1,3 +1,4 @@
 ---
 - name: restart elasticsearch
-  service: name=elasticsearch state=restarted
+  service: name=elasticsearch
+  state: restarted
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index 68459544..3511c7c4 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -22,7 +22,8 @@
     changed_when: false
 
   - name: RedHat/CentOS/Fedora | Install OpenJDK 11
-    yum: name=java-11-openjdk-devel state=present
+    yum: name=java-11-openjdk-devel 
+    state: present
 
   - name: RedHat/CentOS/Fedora | Install OpenDistro dependencies
     yum:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index 6547b03a..fbc9dea6 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -6,7 +6,8 @@
   when: ansible_os_family == 'RedHat'
 
 - name: Install OpenDistro
-  package: name=opendistroforelasticsearch-{{ opendistro_version }} state=present
+  package: name=opendistroforelasticsearch-{{ opendistro_version }} 
+  state: present
   register: install
   tags: install
 

From 9152d07ac1b7780f96bff074b91d5822f0f0125e Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 8 May 2020 15:56:00 +0200
Subject: [PATCH 709/714] When statement at block level

---
 .../opendistro-elasticsearch/tasks/SecurityActions.yml | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
index 390df69c..8572d864 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
@@ -9,7 +9,6 @@
       - "{{ opendistro_conf_path }}/kirk-key.pem"
       - "{{ opendistro_conf_path }}/esnode.pem"
       - "{{ opendistro_conf_path }}/esnode-key.pem"
-    when: install.changed
 
   - name: Copy the node & admin certificates to Elasticsearch cluster
     copy:
@@ -26,7 +25,6 @@
       - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
       - admin.key
       - admin.pem
-    when: install.changed
 
   - name: Copy the opendistro security configuration file to cluster
     blockinfile:
@@ -34,7 +32,6 @@
       dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
       insertafter: EOF
       marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
-    when: install.changed
 
   - name: Prepare the opendistro security configuration file
     replace:
@@ -42,13 +39,11 @@
       regexp: 'searchguard'
       replace: 'opendistro_security'
     tags: local
-    when: install.changed
 
   - name: Restart elasticsearch with security configuration
     systemd:
       name: elasticsearch
       state: restarted
-    when: install.changed
 
   - name: Copy the opendistro security internal users template
     template:
@@ -56,21 +51,18 @@
       dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
       mode: 0644
     run_once: true
-    when: install.changed
 
   - name: Set the Admin user password
     shell: >
       sed -i 's,{{ opendistro_admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }} | tail -1)','
       {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
     run_once: true
-    when: install.changed
 
   - name: Set the kibanaserver user pasword
     shell: >
       sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)','
       {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
     run_once: true
-    when: install.changed
 
   - name: Initialize the opendistro security index in elasticsearch
     command: >
@@ -82,7 +74,7 @@
       -nhnv -icl
       -h {{ hostvars[inventory_hostname]['ip'] }}
     run_once: true
-    when: install.changed
 
   tags:
     - production_ready
+  when: install.changed
\ No newline at end of file

From a2fe75775e3cab2ef2d4bd246f8379245f066a3e Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 8 May 2020 18:43:01 +0200
Subject: [PATCH 710/714] Added new variables

---
 .../defaults/main.yml                         | 13 ++++--------
 .../tasks/LocalActions.yml                    | 20 +++++++++----------
 .../tasks/SecurityActions.yml                 |  4 ++--
 3 files changed, 16 insertions(+), 21 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
index b71b67de..9103b4ad 100644
--- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -39,6 +39,9 @@ opendistro_jvm_xms: null
 
 opendistro_http_port: 9200
 
+# Url of Search Guard certificates generator tool
+certs_gen_tool_url: https://releases.floragunn.com/search-guard-tlstool/1.7/search-guard-tlstool-1.7.zip
+
 elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
   yum: 'https://artifacts.elastic.co/packages/7.x/yum'
@@ -50,13 +53,5 @@ opendistro_kibana_password: changeme
 # Cluster Settings
 single_node: true
 opendistro_cluster_name: wazuh
-opendistro_node_name: node-1
-opendistro_bootstrap_node: false
-opendistro_node_master: false
-opendistro_cluster_nodes:
-  - 127.0.0.1
-opendistro_discovery_nodes:
-  - 127.0.0.1
-opendistro_node_data: true
-opendistro_node_ingest: true
 
+local_certs_path: /tmp/opendistro-nodecerts
\ No newline at end of file
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
index 8ff56b64..50d4016c 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
@@ -4,27 +4,27 @@
   - name: Local action | Create local temporary directory for certificates generation
     local_action:
       module: file
-      path: /tmp/opendistro-nodecerts
+      path: {{ local_certs_path }}
       state: directory
     run_once: true
     
   - name: Local action | Download certificates generation tool
     local_action:
       module: get_url
-      url: https://releases.floragunn.com/search-guard-tlstool/1.7/search-guard-tlstool-1.7.zip
-      dest: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
-    run_once: /tmp/opendistro-nodecerts/search-guard-tlstool.zip
+      url: "{{ certs_gen_tool_url }}"
+      dest: "{{ local_certs_path }}/search-guard-tlstool-1.7.zip"
+    run_once: "{{ local_certs_path }}/search-guard-tlstool.zip"
 
   - name: Local action | Extract the certificates generation tool
     local_action:
       module: unarchive
-      src: /tmp/opendistro-nodecerts/search-guard-tlstool-1.7.zip
-      dest: /tmp/opendistro-nodecerts/
+      src: "{{ local_certs_path }}/search-guard-tlstool-1.7.zip"
+      dest: "{{ local_certs_path }}/"
 
   - name: Local action | Add the execution bit to the binary
     local_action:
       module: file
-      dest: /tmp/opendistro-nodecerts/tools/sgtlstool.sh
+      dest: "{{ local_certs_path }}/tools/sgtlstool.sh"
       mode: a+x
     run_once: true
 
@@ -32,18 +32,18 @@
     local_action:
       module: template
       src: "templates/tlsconfig.yml.j2"
-      dest: /tmp/opendistro-nodecerts/config/tlsconfig.yml
+      dest: "{{ local_certs_path }}/config/tlsconfig.yml"
     run_once: true
 
   - name: Local action | Check if root CA file exists
     local_action:
       module: stat 
-      path: /tmp/opendistro-nodecerts/config/root-ca.key
+      path: "{{ local_certs_path }}/config/root-ca.key"
     register: root_ca_file
 
   - name: Local action | Generate the node & admin certificates in local
     local_action:
-      module: command /tmp/opendistro-nodecerts/tools/sgtlstool.sh -c /tmp/opendistro-nodecerts/config/tlsconfig.yml -ca -crt -t /tmp/opendistro-nodecerts/config/ -f -o
+      module: command {{ local_certs_path }}/tools/sgtlstool.sh -c {{ local_certs_path }}/config/tlsconfig.yml -ca -crt -t {{ local_certs_path }}/config/ -f -o
     run_once: true
     when: root_ca_file.stat.exists == False
 
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
index 8572d864..3c8293f5 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
@@ -12,7 +12,7 @@
 
   - name: Copy the node & admin certificates to Elasticsearch cluster
     copy:
-      src: "/tmp/opendistro-nodecerts/config/{{ item }}"
+      src: "{{ local_certs_path }}/config/{{ item }}"
       dest: /etc/elasticsearch/
       mode: 0644
     with_items:
@@ -28,7 +28,7 @@
 
   - name: Copy the opendistro security configuration file to cluster
     blockinfile:
-      block: "{{ lookup('file', '/tmp/opendistro-nodecerts/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
+      block: "{{ lookup('file', '{{ local_certs_path }}/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
       dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
       insertafter: EOF
       marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"

From 459ac4631034c75a4e3f9c9963d9bb742edd6c92 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 8 May 2020 20:05:28 +0200
Subject: [PATCH 711/714] Fix API from sources installation conditional

---
 .../ansible-wazuh-manager/tasks/installation_from_sources.yml   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
index e019d2f9..2fa00fe7 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml
@@ -123,7 +123,7 @@
       path: /var/ossec/api/app.js
     register: wazuh_api
     when:
-      - wazuh_manager_config.cluster.node_type == "master"
+      - wazuh_manager_config.cluster.node_type == "master" or wazuh_manager_config.cluster.node_type == "worker"
 
   - name: Install Wazuh API from sources
     block:

From cf14f400ba417965a8fdf98f71faaa1c9072f88c Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Fri, 8 May 2020 20:44:30 +0200
Subject: [PATCH 712/714] Linting and improving variables

---
 roles/opendistro/opendistro-elasticsearch/defaults/main.yml | 3 ++-
 roles/opendistro/opendistro-elasticsearch/handlers/main.yml | 5 +++--
 .../opendistro-elasticsearch/tasks/LocalActions.yml         | 6 +++---
 roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml  | 5 +++--
 roles/opendistro/opendistro-elasticsearch/tasks/main.yml    | 5 +++--
 5 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
index 9103b4ad..0c8f8f1f 100644
--- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml
@@ -39,8 +39,9 @@ opendistro_jvm_xms: null
 
 opendistro_http_port: 9200
 
+certs_gen_tool_version: 1.7
 # Url of Search Guard certificates generator tool
-certs_gen_tool_url: https://releases.floragunn.com/search-guard-tlstool/1.7/search-guard-tlstool-1.7.zip
+certs_gen_tool_url: "https://releases.floragunn.com/search-guard-tlstool/{{ certs_gen_tool_version }}/search-guard-tlstool-{{ certs_gen_tool_version }}.zip"
 
 elasticrepo:
   apt: 'https://artifacts.elastic.co/packages/7.x/apt'
diff --git a/roles/opendistro/opendistro-elasticsearch/handlers/main.yml b/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
index c2836edc..95f5868b 100644
--- a/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/handlers/main.yml
@@ -1,4 +1,5 @@
 ---
 - name: restart elasticsearch
-  service: name=elasticsearch
-  state: restarted
+  service: 
+    name: elasticsearch
+    state: restarted
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
index 50d4016c..60379616 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
@@ -4,7 +4,7 @@
   - name: Local action | Create local temporary directory for certificates generation
     local_action:
       module: file
-      path: {{ local_certs_path }}
+      path: "{{ local_certs_path }}"
       state: directory
     run_once: true
     
@@ -12,8 +12,8 @@
     local_action:
       module: get_url
       url: "{{ certs_gen_tool_url }}"
-      dest: "{{ local_certs_path }}/search-guard-tlstool-1.7.zip"
-    run_once: "{{ local_certs_path }}/search-guard-tlstool.zip"
+      dest: "{{ local_certs_path }}/search-guard-tlstool-{{ certs_gen_tool_version }}.zip"
+    run_once: true
 
   - name: Local action | Extract the certificates generation tool
     local_action:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
index 3511c7c4..1a2eed56 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml
@@ -22,8 +22,9 @@
     changed_when: false
 
   - name: RedHat/CentOS/Fedora | Install OpenJDK 11
-    yum: name=java-11-openjdk-devel 
-    state: present
+    yum:
+      name: java-11-openjdk-devel 
+      state: present
 
   - name: RedHat/CentOS/Fedora | Install OpenDistro dependencies
     yum:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index fbc9dea6..d8f51f81 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -6,8 +6,9 @@
   when: ansible_os_family == 'RedHat'
 
 - name: Install OpenDistro
-  package: name=opendistroforelasticsearch-{{ opendistro_version }} 
-  state: present
+  package:
+    name: opendistroforelasticsearch-{{ opendistro_version }} 
+    state: present
   register: install
   tags: install
 

From 9742c4984cb929d99733ffe8cee77ebae90933b5 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 11 May 2020 13:56:03 +0200
Subject: [PATCH 713/714] Changed task description

---
 .../opendistro-elasticsearch/tasks/SecurityActions.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
index 3c8293f5..056af1e4 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
@@ -26,14 +26,14 @@
       - admin.key
       - admin.pem
 
-  - name: Copy the opendistro security configuration file to cluster
+  - name: Copy the OpenDistrosecurity configuration file to cluster
     blockinfile:
       block: "{{ lookup('file', '{{ local_certs_path }}/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
       dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
       insertafter: EOF
       marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
 
-  - name: Prepare the opendistro security configuration file
+  - name: Prepare the OpenDistrosecurity configuration file
     replace:
       path: "{{ opendistro_conf_path }}/elasticsearch.yml"
       regexp: 'searchguard'
@@ -45,7 +45,7 @@
       name: elasticsearch
       state: restarted
 
-  - name: Copy the opendistro security internal users template
+  - name: Copy the OpenDistrosecurity internal users template
     template:
       src: "templates/internal_users.yml.j2"
       dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
@@ -58,13 +58,13 @@
       {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
     run_once: true
 
-  - name: Set the kibanaserver user pasword
+  - name: Set the kibanaserver role/user pasword
     shell: >
       sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)','
       {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
     run_once: true
 
-  - name: Initialize the opendistro security index in elasticsearch
+  - name: Initialize the OpenDistrosecurity index in elasticsearch
     command: >
       {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
       -cacert {{ opendistro_conf_path }}/root-ca.pem

From eb9925a901a70f70da61aec99b0309fac4348658 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 11 May 2020 15:18:11 +0200
Subject: [PATCH 714/714] Fixed variables and renamed files

---
 .../tasks/{LocalActions.yml => local_actions.yml}         | 0
 roles/opendistro/opendistro-elasticsearch/tasks/main.yml  | 4 ++--
 .../tasks/{SecurityActions.yml => security_actions.yml}   | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)
 rename roles/opendistro/opendistro-elasticsearch/tasks/{LocalActions.yml => local_actions.yml} (100%)
 rename roles/opendistro/opendistro-elasticsearch/tasks/{SecurityActions.yml => security_actions.yml} (89%)

diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/local_actions.yml
similarity index 100%
rename from roles/opendistro/opendistro-elasticsearch/tasks/LocalActions.yml
rename to roles/opendistro/opendistro-elasticsearch/tasks/local_actions.yml
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
index d8f51f81..c8941208 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 
-- import_tasks: LocalActions.yml
+- import_tasks: local_actions.yml
 
 - import_tasks: RedHat.yml
   when: ansible_os_family == 'RedHat'
@@ -30,7 +30,7 @@
   when: install.changed
   tags: install
 
-- import_tasks: SecurityActions.yml
+- import_tasks: security_actions.yml
 
 - name: Configure OpenDistro Elasticsearch JVM memmory.
   template:
diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml b/roles/opendistro/opendistro-elasticsearch/tasks/security_actions.yml
similarity index 89%
rename from roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
rename to roles/opendistro/opendistro-elasticsearch/tasks/security_actions.yml
index 056af1e4..1fee6fef 100644
--- a/roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
+++ b/roles/opendistro/opendistro-elasticsearch/tasks/security_actions.yml
@@ -26,14 +26,14 @@
       - admin.key
       - admin.pem
 
-  - name: Copy the OpenDistrosecurity configuration file to cluster
+  - name: Copy the OpenDistro security configuration file to cluster
     blockinfile:
       block: "{{ lookup('file', '{{ local_certs_path }}/config/{{ inventory_hostname }}_elasticsearch_config_snippet.yml') }}"
       dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
       insertafter: EOF
       marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
 
-  - name: Prepare the OpenDistrosecurity configuration file
+  - name: Prepare the OpenDistro security configuration file
     replace:
       path: "{{ opendistro_conf_path }}/elasticsearch.yml"
       regexp: 'searchguard'
@@ -45,7 +45,7 @@
       name: elasticsearch
       state: restarted
 
-  - name: Copy the OpenDistrosecurity internal users template
+  - name: Copy the OpenDistro security internal users template
     template:
       src: "templates/internal_users.yml.j2"
       dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
@@ -64,7 +64,7 @@
       {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
     run_once: true
 
-  - name: Initialize the OpenDistrosecurity index in elasticsearch
+  - name: Initialize the OpenDistro security index in elasticsearch
     command: >
       {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
       -cacert {{ opendistro_conf_path }}/root-ca.pem