diff --git a/.gitignore b/.gitignore old mode 100644 new mode 100755 diff --git a/.swp b/.swp new file mode 100755 index 00000000..3cc197e0 Binary files /dev/null and b/.swp differ diff --git a/.yamllint b/.yamllint old mode 100644 new mode 100755 diff --git a/CHANGELOG.md b/CHANGELOG.md old mode 100644 new mode 100755 diff --git a/LICENSE b/LICENSE old mode 100644 new mode 100755 diff --git a/Pipfile b/Pipfile old mode 100644 new mode 100755 diff --git a/README.md b/README.md old mode 100644 new mode 100755 diff --git a/VERSION b/VERSION old mode 100644 new mode 100755 diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2 old mode 100644 new mode 100755 diff --git a/molecule/default/INSTALL.rst b/molecule/default/INSTALL.rst old mode 100644 new mode 100755 diff --git a/molecule/default/create.yml b/molecule/default/create.yml old mode 100644 new mode 100755 diff --git a/molecule/default/destroy.yml b/molecule/default/destroy.yml old mode 100644 new mode 100755 diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml old mode 100644 new mode 100755 diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml old mode 100644 new mode 100755 diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml old mode 100644 new mode 100755 diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py old mode 100644 new mode 100755 index 16a32b85..4e6e25d6 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -9,7 +9,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "3.9.2" + return "3.9.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/elasticsearch/Dockerfile.j2 b/molecule/elasticsearch/Dockerfile.j2 old mode 100644 new mode 100755 diff --git a/molecule/elasticsearch/INSTALL.rst b/molecule/elasticsearch/INSTALL.rst old mode 100644 new mode 100755 diff --git a/molecule/elasticsearch/molecule.yml b/molecule/elasticsearch/molecule.yml old mode 100644 new mode 100755 index 9897fe56..20d68047 --- a/molecule/elasticsearch/molecule.yml +++ b/molecule/elasticsearch/molecule.yml @@ -5,6 +5,9 @@ driver: name: docker lint: name: yamllint + options: + config-data: + ignore: .virtualenv platforms: - name: bionic image: solita/ubuntu-systemd:bionic @@ -12,28 +15,29 @@ platforms: ulimits: - nofile:262144:262144 privileged: true - memory_reservation: 1024m + memory_reservation: 2048m - name: xenial image: solita/ubuntu-systemd:xenial privileged: true - memory_reservation: 1024m + memory_reservation: 2048m command: /sbin/init ulimits: - nofile:262144:262144 - - name: trusty - image: ubuntu:trusty - memory_reservation: 1024m - ulimits: - - nofile:262144:262144 +# - name: trusty +# image: ubuntu:trusty +# privileged: true +# memory_reservation: 2048m +# ulimits: +# - nofile:262144:262144 - name: centos6 image: centos:6 privileged: true - memory_reservation: 1024m + memory_reservation: 2048m ulimits: - nofile:262144:262144 - name: centos7 image: milcom/centos7-systemd - memory_reservation: 1024m + memory_reservation: 2048m privileged: true ulimits: - nofile:262144:262144 @@ -48,7 +52,7 @@ provisioner: ANSIBLE_ROLES_PATH: ../../roles lint: name: ansible-lint - enabled: true + enabled: false inventory: group_vars: all: diff --git a/molecule/elasticsearch/playbook.yml b/molecule/elasticsearch/playbook.yml old mode 100644 new mode 100755 diff --git a/molecule/elasticsearch/tests/test_default.py b/molecule/elasticsearch/tests/test_default.py old mode 100644 new mode 100755 index 8b453255..34fce3b3 --- a/molecule/elasticsearch/tests/test_default.py +++ b/molecule/elasticsearch/tests/test_default.py @@ -10,7 +10,7 @@ def test_elasticsearch_is_installed(host): """Test if the elasticsearch package is installed.""" elasticsearch = host.package("elasticsearch") assert elasticsearch.is_installed - assert elasticsearch.version.startswith('6.7.1') + assert elasticsearch.version.startswith('7.1.1') def test_elasticsearch_is_running(host): diff --git a/molecule/external_packages/jdk-8u211-linux-x64.rpm b/molecule/external_packages/jdk-8u211-linux-x64.rpm new file mode 100755 index 00000000..f0fccd61 --- /dev/null +++ b/molecule/external_packages/jdk-8u211-linux-x64.rpm @@ -0,0 +1,117 @@ + + +Unauthorized Request + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Sorry!

In order to download products from Oracle Technology + Network you must agree to the OTN license terms.
Be sure that...
+ Your browser has "cookies" and JavaScript enabled.
+ You clicked on "Accept License" for the product you wish to download.
+ You attempt the download within 30 minutes of accepting the license.
From here you can go...
+ + + + + + + + + + + + + +
Back to Previous Page
Site Map
OTN Homepage
+ +
+ +
+ + + diff --git a/molecule/filebeat/Dockerfile.j2 b/molecule/filebeat/Dockerfile.j2 old mode 100644 new mode 100755 diff --git a/molecule/filebeat/INSTALL.rst b/molecule/filebeat/INSTALL.rst old mode 100644 new mode 100755 diff --git a/molecule/filebeat/molecule.yml b/molecule/filebeat/molecule.yml old mode 100644 new mode 100755 index 4f0bffb6..e456c4ae --- a/molecule/filebeat/molecule.yml +++ b/molecule/filebeat/molecule.yml @@ -5,6 +5,9 @@ driver: name: docker lint: name: yamllint + options: + config-data: + ignore: .virtualenv platforms: - name: trusty image: ubuntu:trusty diff --git a/molecule/filebeat/playbook.yml b/molecule/filebeat/playbook.yml old mode 100644 new mode 100755 diff --git a/molecule/filebeat/prepare.yml b/molecule/filebeat/prepare.yml old mode 100644 new mode 100755 diff --git a/molecule/filebeat/tests/test_default.py b/molecule/filebeat/tests/test_default.py old mode 100644 new mode 100755 index 72ac55d4..a959e48b --- a/molecule/filebeat/tests/test_default.py +++ b/molecule/filebeat/tests/test_default.py @@ -4,3 +4,10 @@ import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def test_filebeat_is_installed(host): + """Test if the elasticsearch package is installed.""" + filebeat = host.package("filebeat") + assert filebeat.is_installed + assert filebeat.version.startswith('7.1.1') diff --git a/molecule/kibana/Dockerfile.j2 b/molecule/kibana/Dockerfile.j2 old mode 100644 new mode 100755 diff --git a/molecule/kibana/INSTALL.rst b/molecule/kibana/INSTALL.rst old mode 100644 new mode 100755 diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml old mode 100644 new mode 100755 index a1e0e3f9..2017a6bd --- a/molecule/kibana/molecule.yml +++ b/molecule/kibana/molecule.yml @@ -5,6 +5,9 @@ driver: name: docker lint: name: yamllint + options: + config-data: + ignore: .virtualenv platforms: - name: bionic image: solita/ubuntu-systemd:bionic @@ -20,11 +23,11 @@ platforms: command: /sbin/init ulimits: - nofile:262144:262144 - - name: trusty - image: ubuntu:trusty - memory_reservation: 1024m - ulimits: - - nofile:262144:262144 +# - name: trusty +# image: ubuntu:trusty +# memory_reservation: 1024m +# ulimits: +# - nofile:262144:262144 - name: centos6 image: centos:6 privileged: true diff --git a/molecule/kibana/playbook.yml b/molecule/kibana/playbook.yml old mode 100644 new mode 100755 diff --git a/molecule/kibana/prepare.yml b/molecule/kibana/prepare.yml old mode 100644 new mode 100755 diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py old mode 100644 new mode 100755 index 936f6cfc..f510aed9 --- a/molecule/kibana/tests/test_default.py +++ b/molecule/kibana/tests/test_default.py @@ -14,7 +14,7 @@ def test_port_kibana_is_open(host): def test_find_correct_elasticsearch_version(host): """Test if we find the kibana/elasticsearch version in package.json""" kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json") - assert kibana.contains("6.7.1") + assert kibana.contains("7.1.1") def test_wazuh_plugin_installed(host): diff --git a/molecule/wazuh-agent/Dockerfile.j2 b/molecule/wazuh-agent/Dockerfile.j2 old mode 100644 new mode 100755 diff --git a/molecule/wazuh-agent/INSTALL.rst b/molecule/wazuh-agent/INSTALL.rst old mode 100644 new mode 100755 diff --git a/molecule/wazuh-agent/molecule.yml b/molecule/wazuh-agent/molecule.yml old mode 100644 new mode 100755 index f64bc114..47c0012f --- a/molecule/wazuh-agent/molecule.yml +++ b/molecule/wazuh-agent/molecule.yml @@ -3,8 +3,13 @@ dependency: name: galaxy driver: name: docker + #lint: + # name: yamllint lint: name: yamllint + options: + config-data: + ignore: .virtualenv platforms: - name: wazuh_server_centos7 image: milcom/centos7-systemd @@ -72,7 +77,6 @@ provisioner: ssl_agent_cert: null ssl_agent_key: null ssl_auto_negotiate: 'no' - lint: name: ansible-lint enabled: true diff --git a/molecule/wazuh-agent/playbook.yml b/molecule/wazuh-agent/playbook.yml old mode 100644 new mode 100755 diff --git a/molecule/wazuh-agent/prepare.yml b/molecule/wazuh-agent/prepare.yml old mode 100644 new mode 100755 diff --git a/molecule/wazuh-agent/tests/test_agents.py b/molecule/wazuh-agent/tests/test_agents.py old mode 100644 new mode 100755 index 5867dc2f..657cc9ee --- a/molecule/wazuh-agent/tests/test_agents.py +++ b/molecule/wazuh-agent/tests/test_agents.py @@ -7,6 +7,11 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('agent') +def get_wazuh_version(): + """This return the version of Wazuh.""" + return "3.9.0" + + def test_ossec_package_installed(Package): ossec = Package('wazuh-agent') assert ossec.is_installed diff --git a/molecule/wazuh-agent/tests/test_manager.py b/molecule/wazuh-agent/tests/test_manager.py old mode 100644 new mode 100755 diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml old mode 100644 new mode 100755 diff --git a/playbooks/wazuh-elastic.yml b/playbooks/wazuh-elastic.yml old mode 100644 new mode 100755 diff --git a/playbooks/wazuh-elastic_stack-distributed.yml b/playbooks/wazuh-elastic_stack-distributed.yml old mode 100644 new mode 100755 diff --git a/playbooks/wazuh-elastic_stack-single.yml b/playbooks/wazuh-elastic_stack-single.yml old mode 100644 new mode 100755 diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml old mode 100644 new mode 100755 diff --git a/playbooks/wazuh-manager.yml b/playbooks/wazuh-manager.yml old mode 100644 new mode 100755 diff --git a/roles/ansible-galaxy/meta/main.yml b/roles/ansible-galaxy/meta/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/README.md b/roles/elastic-stack/ansible-elasticsearch/README.md old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/handlers/main.yml b/roles/elastic-stack/ansible-elasticsearch/handlers/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/meta/main.yml b/roles/elastic-stack/ansible-elasticsearch/meta/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml old mode 100644 new mode 100755 index 1555f443..f6c0e6cc --- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml +++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml @@ -14,17 +14,47 @@ - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 +- name: Update and upgrade apt packages + become: true + apt: + upgrade: yes + update_cache: yes + cache_valid_time: 86400 #One day + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + +- name: Install Oracle Java 8 + become: yes + apt: name=openjdk-8-jdk state=latest + + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + +- name: Update and upgrade apt packages + become: true + apt: + upgrade: yes + update_cache: yes + cache_valid_time: 86400 #One day + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + - name: Debian/Ubuntu | Add Elasticsearch GPG key. apt_key: url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch" state: present + - name: Debian/Ubuntu | Install Elastic repo apt_repository: repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main' state: present filename: 'elastic_repo' update_cache: true + changed_when: false - name: Debian/Ubuntu | Install Elasticsarch apt: diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml old mode 100644 new mode 100755 index 16366dfc..81176ee0 --- a/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml +++ b/roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml @@ -9,6 +9,13 @@ gpgcheck: true changed_when: false +- name: CentOS x.x => x.x < 7.0 | Installing Java + yum: + name: java-1.8.0-openjdk.x86_64 + state: present + when: + - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 7 + - name: RedHat/CentOS/Fedora | Install Elasticsarch package: name=elasticsearch-{{ elastic_stack_version }} state=present tags: install diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml old mode 100644 new mode 100755 index 776f8b36..9678f8cb --- a/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml +++ b/roles/elastic-stack/ansible-elasticsearch/tasks/main.yml @@ -197,7 +197,29 @@ when: - elasticsearch_xpack_security -- name: Reload systemd +- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.conf + lineinfile: + path: /etc/security/limits.conf + line: elasticsearch - memlock unlimited + create: yes + become: yes + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + changed_when: false + +- name: Trusty | set MAX_LOCKED_MEMORY=unlimited in Elasticsearch in /etc/security/limits.d/elasticsearch.conf + lineinfile: + path: /etc/security/limits.d/elasticsearch.conf + line: elasticsearch - memlock unlimited + create: yes + become: yes + changed_when: false + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + +- name: Distribution != one of [ centos 6.*, trusty ] | Reload systemd systemd: daemon_reload=true ignore_errors: true when: @@ -206,6 +228,13 @@ - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<')) - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<')) +- name: Distribution is centos 6.* | Enable Elasticsearch + service: name=elasticsearch enabled=yes + +- name: Distribution is centos 6.* | Start Elasticsearch + service: name=elasticsearch state=started + ignore_errors: true + - name: Ensure Elasticsearch started and enabled service: name: elasticsearch @@ -247,6 +276,5 @@ - import_tasks: "RMRedHat.yml" when: ansible_os_family == "RedHat" - - import_tasks: "RMDebian.yml" when: ansible_os_family == "Debian" diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_nonsystemd.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch_systemd.conf.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/instances.yml.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/jvm.options.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic6-template-alerts.json.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/wazuh-elastic7-template-alerts.json.j2 old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/README.md b/roles/elastic-stack/ansible-kibana/README.md old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/handlers/main.yml b/roles/elastic-stack/ansible-kibana/handlers/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/meta/main.yml b/roles/elastic-stack/ansible-kibana/meta/main.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/tasks/Debian.yml b/roles/elastic-stack/ansible-kibana/tasks/Debian.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml b/roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml b/roles/elastic-stack/ansible-kibana/tasks/RedHat.yml old mode 100644 new mode 100755 diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml old mode 100644 new mode 100755 index 43dfd57e..4e12b1b2 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -16,17 +16,17 @@ - name: Check if certificate exists locally stat: - path: "{{node_certs_destination}}/{{ kibana_node_name }}.crt" + path: "{{ node_certs_destination }}/{{ kibana_node_name }}.crt" register: certificate_file_exists when: - - kibana_xpack_security + - kibana_xpack_security - name: Copy key & certificate files in generator node (locally) synchronize: - src: "{{node_certs_source}}/{{kibana_node_name}}/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/{{ kibana_node_name }}/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - kibana_xpack_security - not certificate_file_exists.stat.exists @@ -34,25 +34,29 @@ - name: Copy ca certificate file in generator node (locally) synchronize: - src: "{{node_certs_source}}/ca/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/ca/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - kibana_xpack_security - not certificate_file_exists.stat.exists tags: xpack-security - + - name: Importing key & certificate files from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{kibana_node_name}}/ {{node_certs_destination}}/" + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/{{ kibana_node_name }}/ {{ node_certs_destination }}/ when: - not node_certs_generator - kibana_xpack_security - not certificate_file_exists.stat.exists tags: xpack-security -- name: Importing ca certificate file from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/" +- name: Importing ca certificate file from generator node + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/ca/ {{ node_certs_destination }}/ when: - not node_certs_generator - kibana_xpack_security @@ -61,14 +65,22 @@ tags: xpack-security - name: Ensuring certificates folder owner - shell: "chown -R kibana: {{node_certs_destination}}/" + file: + path: "{{ node_certs_destination }}/" + state: directory + recurse: yes + owner: kibana + group: kibana when: - check_certs_permissions is defined - kibana_xpack_security tags: xpack-security - name: Ensuring certificates folder owner - shell: "chmod -R 770 {{node_certs_destination}}/" + file: + path: "{{ node_certs_destination }}/" + mode: '0770' + recurse: yes when: - check_certs_permissions is defined - kibana_xpack_security diff --git a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/README.md b/roles/wazuh/ansible-filebeat/README.md old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml old mode 100644 new mode 100755 index cfb892bd..541c0214 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,4 +1,6 @@ --- +filebeat_version: 7.1.1 + filebeat_create_config: true filebeat_prospectors: diff --git a/roles/wazuh/ansible-filebeat/handlers/main.yml b/roles/wazuh/ansible-filebeat/handlers/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/meta/main.yml b/roles/wazuh/ansible-filebeat/meta/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tasks/Debian.yml b/roles/wazuh/ansible-filebeat/tasks/Debian.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml b/roles/wazuh/ansible-filebeat/tasks/RMDebian.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tasks/RedHat.yml b/roles/wazuh/ansible-filebeat/tasks/RedHat.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tasks/config.yml b/roles/wazuh/ansible-filebeat/tasks/config.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tasks/main.yml b/roles/wazuh/ansible-filebeat/tasks/main.yml old mode 100644 new mode 100755 index 2dfa3ecd..7bafcc79 --- a/roles/wazuh/ansible-filebeat/tasks/main.yml +++ b/roles/wazuh/ansible-filebeat/tasks/main.yml @@ -5,26 +5,40 @@ - import_tasks: Debian.yml when: ansible_os_family == 'Debian' -- name: Install Filebeat. - package: name=filebeat state=present +- name: CentOS/RedHat | Install Filebeat. + package: name=filebeat-{{ filebeat_version }} state=present register: filebeat_installing_package until: filebeat_installing_package is succeeded + when: + - ansible_distribution in ['CentOS','RedHat'] tags: - install +- name: Debian/Ubuntu | Install Filebeat. + apt: + name: filebeat={{ filebeat_version }} + state: present + cache_valid_time: 3600 + register: filebeat_installing_package_debian + until: filebeat_installing_package_debian is succeeded + when: + - not (ansible_distribution in ['CentOS','RedHat']) + tags: + - init + - name: Check if certificate exists locally stat: - path: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt" + path: "{{ node_certs_destination }}/{{ filebeat_node_name }}.crt" register: certificate_file_exists when: - filebeat_xpack_security - name: Copy key & certificate files in generator node (locally) synchronize: - src: "{{node_certs_source}}/{{filebeat_node_name}}/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/{{ filebeat_node_name }}/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - filebeat_xpack_security - not certificate_file_exists.stat.exists @@ -32,26 +46,30 @@ - name: Copy ca certificate file in generator node (locally) synchronize: - src: "{{node_certs_source}}/ca/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/ca/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - filebeat_xpack_security - not certificate_file_exists.stat.exists register: check_certs_permissions tags: xpack-security - + - name: Importing key & certificate files from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{filebeat_node_name}}/ {{node_certs_destination}}/" + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/{{ filebeat_node_name }}/ {{ node_certs_destination }}/ when: - not node_certs_generator - filebeat_xpack_security - not certificate_file_exists.stat.exists tags: xpack-security -- name: Importing ca certificate file from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/" +- name: Importing ca certificate file from generator node + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/ca/ {{ node_certs_destination }}/ when: - not node_certs_generator - filebeat_xpack_security @@ -60,7 +78,11 @@ tags: xpack-security - name: Ensuring certificates folder owner - shell: "chmod -R 770 {{node_certs_destination}}/" + file: + path: "{{ node_certs_destination }}/" + mode: '0770' + recurse: yes + when: - check_certs_permissions is defined - filebeat_xpack_security diff --git a/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 b/roles/wazuh/ansible-filebeat/templates/elasticsearch.yml.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 b/roles/wazuh/ansible-filebeat/templates/filebeat.yml.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tests/requirements.yml b/roles/wazuh/ansible-filebeat/tests/requirements.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-filebeat/tests/test.yml b/roles/wazuh/ansible-filebeat/tests/test.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/README.md b/roles/wazuh/ansible-wazuh-agent/README.md old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml old mode 100644 new mode 100755 index e95707e6..ded6d5b9 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,4 +1,5 @@ --- +wazuh_agent_version: 3.9.0 wazuh_managers: - address: 127.0.0.1 port: 1514 @@ -23,10 +24,10 @@ wazuh_winagent_config: install_dir_x86: 'C:\Program Files (x86)\ossec-agent\' auth_path: C:\'Program Files'\ossec-agent\agent-auth.exe auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe - version: '3.9.2' + version: '3.9.3' revision: '1' repo: https://packages.wazuh.com/3.x/windows/ - md5: 43936e7bc7eb51bd186f47dac4a6f477 + md5: c3fdbd6c121ca371b8abcd477ed4e8a4 wazuh_agent_config: active_response: ar_disabled: 'no' diff --git a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/meta/main.yml b/roles/wazuh/ansible-wazuh-agent/meta/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml old mode 100644 new mode 100755 index 76721362..faa28b57 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -5,10 +5,22 @@ - import_tasks: "Debian.yml" when: ansible_os_family == "Debian" -- name: Linux | Install wazuh-agent - package: name=wazuh-agent state=present +- name: Linux CentOS/RedHat | Install wazuh-agent + package: name=wazuh-agent-{{ wazuh_agent_version }}-1 state=present async: 90 - poll: 15 + poll: 30 + when: + - ansible_distribution in ['CentOS','RedHat'] + tags: + - init + +- name: Linux Debian | Install wazuh-agent + apt: + name: "wazuh-agent={{ wazuh_agent_version }}-1" + state: present + cache_valid_time: 3600 + when: + - not (ansible_distribution in ['CentOS','RedHat']) tags: - init diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMDebian.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RMRedHat.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/main.yml b/roles/wazuh/ansible-wazuh-agent/tasks/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-local-internal-options.conf.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/api_pass.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-agent/vars/authd_pass.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/README.md b/roles/wazuh/ansible-wazuh-manager/README.md old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml old mode 100644 new mode 100755 index 8cf7ef58..ffa9bef2 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,4 +1,6 @@ --- +wazuh_manager_api_version: 3.9.0 + wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: latest diff --git a/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/decoders/sample_custom_decoders.xml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml b/roles/wazuh/ansible-wazuh-manager/files/custom_ruleset/rules/sample_custom_rules.xml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/meta/main.yml b/roles/wazuh/ansible-wazuh-manager/meta/main.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml old mode 100644 new mode 100755 index 2715bba0..30e5ec87 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -5,19 +5,38 @@ - import_tasks: "Debian.yml" when: ansible_os_family == "Debian" -- name: Install wazuh-manager, wazuh-api and expect - package: pkg={{ item }} state={{ wazuh_manager_package_state }} +- name: CentOS/RedHat | Install wazuh-manager, wazuh-api + package: pkg={{ item }}-{{ wazuh_manager_api_version }}-1 state={{ wazuh_manager_package_state }} with_items: - wazuh-manager - wazuh-api - - expect register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded when: - - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) + - ansible_distribution in ['CentOS','RedHat'] tags: - init +- name: Debian/Ubuntu | Install wazuh-manager, wazuh-api + apt: + name: "{{ item }}={{ wazuh_manager_api_version }}-1" + state: present + cache_valid_time: 3600 + with_items: + - wazuh-manager + - wazuh-api + register: wazuh_manager_main_packages_installed + until: wazuh_manager_main_packages_installed is succeeded + when: + - not (ansible_distribution in ['CentOS','RedHat']) + tags: init + +- name: Install expect + package: pkg=expect state={{ wazuh_manager_package_state }} + when: + - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) + tags: init + - name: CentOS/RedHat 6 | Enabling python2.7 and sqlite3 replace: path: /etc/init.d/wazuh-manager @@ -30,7 +49,7 @@ - name: Install wazuh-manager and expect (EL5) package: pkg={{ item }} state={{ wazuh_manager_package_state }} with_items: - - wazuh-manager + - wazuh-manager-{{ wazuh_manager_api_version }} - expect register: wazuh_manager_main_packages_installed until: wazuh_manager_main_packages_installed is succeeded diff --git a/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2 b/roles/wazuh/ansible-wazuh-manager/templates/agentless.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/api_user.j2 b/roles/wazuh/ansible-wazuh-manager/templates/api_user.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2 b/roles/wazuh/ansible-wazuh-manager/templates/authd_pass.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2 b/roles/wazuh/ansible-wazuh-manager/templates/cdb_lists.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-api-configuration-config.js.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-local-internal-options.conf.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_decoder.xml.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-rules-local_rules.xml.j2 old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/agentless_creds.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml b/roles/wazuh/ansible-wazuh-manager/vars/authd_pass.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml b/roles/wazuh/ansible-wazuh-manager/vars/cdb_lists.yml old mode 100644 new mode 100755 diff --git a/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/wazuh_api_creds.yml old mode 100644 new mode 100755