From 9ad999cafd4b9c04a7c3048473c5354411eb27ef Mon Sep 17 00:00:00 2001
From: Jose Luis Ruiz <jose@wazuh.com>
Date: Fri, 17 Mar 2017 13:43:02 -0400
Subject: [PATCH] update filebeat repository and documentation

---
 ansible-role-elk/meta/main.yml                |  6 +++---
 ansible-role-elk/tasks/RedHat.yml             |  2 +-
 ansible-role-elk/templates/01-wazuh.conf.j2   |  2 +-
 ansible-role-filebeat/defaults/main.yml       |  2 +-
 ansible-role-filebeat/tasks/setup-Debian.yml  |  4 ++--
 ansible-role-filebeat/tasks/setup-RedHat.yml  | 14 ++++++++------
 ansible-role-filebeat/templates/beats.repo.j2 |  6 ------
 ansible-wazuh-server/meta/main.yml            |  9 +++------
 8 files changed, 19 insertions(+), 26 deletions(-)
 delete mode 100644 ansible-role-filebeat/templates/beats.repo.j2

diff --git a/ansible-role-elk/meta/main.yml b/ansible-role-elk/meta/main.yml
index 073595dd..ee1b06b5 100644
--- a/ansible-role-elk/meta/main.yml
+++ b/ansible-role-elk/meta/main.yml
@@ -1,8 +1,8 @@
 ---
 galaxy_info:
-  author: geerlingguy
-  description: Elasticsearch for Linux.
-  company: "Midwestern Mac, LLC"
+  author: Jose Luis Ruiz
+  description: Elasticsearch Logstash and Kibana for Linux.
+  company: "Wazuh"
   license: "license (BSD, MIT)"
   min_ansible_version: 1.8
   platforms:
diff --git a/ansible-role-elk/tasks/RedHat.yml b/ansible-role-elk/tasks/RedHat.yml
index 51910946..eeecb0c0 100644
--- a/ansible-role-elk/tasks/RedHat.yml
+++ b/ansible-role-elk/tasks/RedHat.yml
@@ -33,7 +33,7 @@
   yum: pkg={{ item }}
        state=present
   with_items:
-    - logstash-5.2.2
+    - logstash-5.1.2
     - elasticsearch-5.2.2
     - kibana-5.2.2
   tags:
diff --git a/ansible-role-elk/templates/01-wazuh.conf.j2 b/ansible-role-elk/templates/01-wazuh.conf.j2
index 3bc0b0af..3684738c 100644
--- a/ansible-role-elk/templates/01-wazuh.conf.j2
+++ b/ansible-role-elk/templates/01-wazuh.conf.j2
@@ -4,7 +4,7 @@
 input {
     beats {
         port => 5000
-        codec => "json"
+        codec => "json_lines"
 #        ssl => true
 #        ssl_certificate => "/etc/logstash/logstash.crt"
 #        ssl_key => "/etc/logstash/logstash.key"
diff --git a/ansible-role-filebeat/defaults/main.yml b/ansible-role-filebeat/defaults/main.yml
index 5e9f7f50..0e194d59 100644
--- a/ansible-role-filebeat/defaults/main.yml
+++ b/ansible-role-filebeat/defaults/main.yml
@@ -16,7 +16,7 @@ filebeat_output_elasticsearch_hosts:
 
 filebeat_output_logstash_enabled: true
 filebeat_output_logstash_hosts:
-  - "192.168.33.172:5000"
+  - "192.168.212.153:5000"
 
 filebeat_enable_logging: true
 filebeat_log_level: debug
diff --git a/ansible-role-filebeat/tasks/setup-Debian.yml b/ansible-role-filebeat/tasks/setup-Debian.yml
index 2bd71fa5..cad5b4d6 100644
--- a/ansible-role-filebeat/tasks/setup-Debian.yml
+++ b/ansible-role-filebeat/tasks/setup-Debian.yml
@@ -4,11 +4,11 @@
 
 - name: Add Elasticsearch apt key.
   apt_key:
-    url: https://packages.elastic.co/GPG-KEY-elasticsearch
+    url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     state: present
 
 - name: Add Filebeat repository.
   apt_repository:
-    repo: 'deb https://packages.elastic.co/beats/apt stable main'
+    repo: 'deb https://artifacts.elastic.co/packages/5.x/apt stable main'
     state: present
     update_cache: yes
diff --git a/ansible-role-filebeat/tasks/setup-RedHat.yml b/ansible-role-filebeat/tasks/setup-RedHat.yml
index abdb7c01..d52e10e3 100644
--- a/ansible-role-filebeat/tasks/setup-RedHat.yml
+++ b/ansible-role-filebeat/tasks/setup-RedHat.yml
@@ -1,11 +1,13 @@
 ---
 - name: Add Elasticsearch GPG key.
   rpm_key:
-    key: https://packages.elastic.co/GPG-KEY-elasticsearch
+    key: https://artifacts.elastic.co/GPG-KEY-elasticsearch
     state: present
 
-- name: Add Filebeat repository.
-  template:
-    src: beats.repo.j2
-    dest: /etc/yum.repos.d/beats.repo
-    mode: 0644
+- name: RedHat | Install Filebeats repo
+  yum_repository:
+    name: elk_repo
+    description: Elastic repository for 5.x packages
+    baseurl: https://artifacts.elastic.co/packages/5.x/yum
+    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    gpgcheck: yes
diff --git a/ansible-role-filebeat/templates/beats.repo.j2 b/ansible-role-filebeat/templates/beats.repo.j2
deleted file mode 100644
index 86f84507..00000000
--- a/ansible-role-filebeat/templates/beats.repo.j2
+++ /dev/null
@@ -1,6 +0,0 @@
-[beats]
-name=Elastic Beats Repository
-baseurl=https://packages.elastic.co/beats/yum/el/$basearch
-enabled=1
-gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch
-gpgcheck=1
diff --git a/ansible-wazuh-server/meta/main.yml b/ansible-wazuh-server/meta/main.yml
index 3c03eb1e..86b379a1 100644
--- a/ansible-wazuh-server/meta/main.yml
+++ b/ansible-wazuh-server/meta/main.yml
@@ -1,17 +1,14 @@
 ---
 galaxy_info:
-  author: Werner Dijkerman
-  description: Installing and maintaining the ossec-server.
-  company: myCompany.Dotcom
+  author: Jose Luis Ruiz
+  description: Installing and maintaining the wazuh-manager.
+  company: wazuh.com
   license: license (GPLv3)
   min_ansible_version: 1.4
   platforms:
   - name: EL
     versions:
     - all
-  - name: Fedora
-    versions:
-    - all
   - name: Ubuntu
     versions:
     - all