From 82547c0c86438bc87157e17105a96cbe4179da54 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Mon, 8 Mar 2021 17:14:56 +0100 Subject: [PATCH 01/20] 4.1.2 Bump --- CHANGELOG.md | 6 ++++++ README.md | 2 +- molecule/default/tests/test_default.py | 2 +- molecule/distributed-wazuh-elk-xpack/group_vars/all.yml | 6 +++--- .../distributed-wazuh-elk-xpack/tests/test_default.py | 2 +- molecule/distributed-wazuh-elk/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-elk/tests/test_default.py | 2 +- molecule/distributed-wazuh-odfe/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-odfe/tests/test_default.py | 2 +- pyproject.toml | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +- roles/opendistro/opendistro-kibana/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++---- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- 16 files changed, 31 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9693e624..5aadbc68 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.1.2] + +### Added + +- Update to [Wazuh v4.1.2](https://github.com/wazuh/wazuh/blob/v4.1.2/CHANGELOG.md#v411) + ## [v4.1.1] ### Added diff --git a/README.md b/README.md index 66a3cbb9..6039c486 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack. | Wazuh version | Elastic | ODFE | |---------------|---------|--------| -| v4.1.1 | 7.10.0 | 1.12.0 | +| v4.1.2 | 7.10.0 | 1.12.0 | ## Documentation diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index e2553f2b..1494b9dc 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.1" + return "4.1.2" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml index 0ddad67f..b959b161 100644 --- a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml @@ -18,11 +18,11 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.1.1-1 -wazuh_agent_version: 4.1.1-1 +wazuh_manager_version: 4.1.2-1 +wazuh_agent_version: 4.1.2-1 # Kibana role appends it automatically. -wazuh_version: 4.1.1 +wazuh_version: 4.1.2 ######################################################## diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py index df94fa34..077520a8 100644 --- a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py +++ b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.1" + return "4.1.2" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk/group_vars/all.yml b/molecule/distributed-wazuh-elk/group_vars/all.yml index eee90788..b1844a34 100644 --- a/molecule/distributed-wazuh-elk/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk/group_vars/all.yml @@ -16,8 +16,8 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.1.1-1 -wazuh_agent_version: 4.1.1-1 +wazuh_manager_version: 4.1.2-1 +wazuh_agent_version: 4.1.2-1 # Kibana role appends it automatically. -wazuh_version: 4.1.1 +wazuh_version: 4.1.2 diff --git a/molecule/distributed-wazuh-elk/tests/test_default.py b/molecule/distributed-wazuh-elk/tests/test_default.py index df94fa34..077520a8 100644 --- a/molecule/distributed-wazuh-elk/tests/test_default.py +++ b/molecule/distributed-wazuh-elk/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.1" + return "4.1.2" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml index 521f8994..823db86b 100644 --- a/molecule/distributed-wazuh-odfe/group_vars/all.yml +++ b/molecule/distributed-wazuh-odfe/group_vars/all.yml @@ -40,8 +40,8 @@ filebeat_version: 7.10.0 kibana_opendistro_version: 1.12.0-1 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.1.1-1 -wazuh_agent_version: 4.1.1-1 +wazuh_manager_version: 4.1.2-1 +wazuh_agent_version: 4.1.2-1 # Kibana role appends it automatically. -wazuh_version: 4.1.1 +wazuh_version: 4.1.2 diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py index e2553f2b..1494b9dc 100644 --- a/molecule/distributed-wazuh-odfe/tests/test_default.py +++ b/molecule/distributed-wazuh-odfe/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.1" + return "4.1.2" def test_wazuh_packages_are_installed(host): diff --git a/pyproject.toml b/pyproject.toml index fc3313b6..fb9d0d3b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "wazuh-ansible" -version = "4.1.1" +version = "4.1.2" description = "" authors = ["neonmei "] diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index be7a8820..783bda2b 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -7,7 +7,7 @@ kibana_server_host: "0.0.0.0" kibana_server_port: "5601" kibana_conf_path: /etc/kibana elastic_stack_version: 7.10.2 -wazuh_version: 4.1.1 +wazuh_version: 4.1.2 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana elasticrepo: diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index a04db4e1..a68d7c9a 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -10,7 +10,7 @@ kibana_server_port: "5601" kibana_server_name: "kibana" kibana_max_payload_bytes: 1048576 elastic_stack_version: 7.10.0 -wazuh_version: 4.1.1 +wazuh_version: 4.1.2 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana # The OpenDistro package repository diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 1c061daf..37ffe303 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.0 -wazuh_template_branch: v4.1.1 +wazuh_template_branch: v4.1.2 filebeat_output_elasticsearch_hosts: - "localhost:9200" diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index 1e584269..94d28368 100644 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.1.1 +wazuh_template_branch: v4.1.2 filebeat_create_config: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 2d7b8423..f6d696c5 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.1.1-1 +wazuh_agent_version: 4.1.2-1 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.1.1" + branch: "v4.1.2" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -55,8 +55,8 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.1.1-1.msi -wazuh_winagent_package_name: wazuh-agent-4.1.1-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.1.2-1.msi +wazuh_winagent_package_name: wazuh-agent-4.1.2-1.msi wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 30652aa6..44e8f9f4 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.1.1-1 +wazuh_manager_version: 4.1.2-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.1.1" + branch: "v4.1.2" user_language: "en" user_no_stop: "y" user_install_type: "server" From 4f2f698bca1c8fac577575f90f4d36fbf66d0166 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Mon, 8 Mar 2021 19:02:09 +0100 Subject: [PATCH 02/20] Updated disconnection time in template --- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 44e8f9f4..b4f4c12c 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -71,8 +71,8 @@ wazuh_manager_globals: - '^localhost.localdomain$' - '127.0.0.53' -wazuh_manager_agent_disconnection_time: '20s' -wazuh_manager_agents_disconnection_alert_time: '100s' +wazuh_manager_agent_disconnection_time: '10m' +wazuh_manager_agents_disconnection_alert_time: '0' ## Alerts wazuh_manager_log_level: 3 From ef94835bab73115cfdabe5eb109919344a0a1904 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Tue, 9 Mar 2021 18:43:44 +0100 Subject: [PATCH 03/20] Update CHANGELOG.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Víctor Moreno Jiménez --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5aadbc68..bd120b74 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file. ### Added -- Update to [Wazuh v4.1.2](https://github.com/wazuh/wazuh/blob/v4.1.2/CHANGELOG.md#v411) +- Update to [Wazuh v4.1.2](https://github.com/wazuh/wazuh/blob/v4.1.2/CHANGELOG.md#v412) ## [v4.1.1] From 325e18911d2503219fe3199f8d00538713561bb0 Mon Sep 17 00:00:00 2001 From: neonmei Date: Tue, 15 Dec 2020 14:53:45 -0300 Subject: [PATCH 04/20] roles: rename references of ossec-control to wazuh-control --- .../tasks/installation_from_sources.yml | 6 +++--- roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml index c382bc0e..ea4db631 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml @@ -2,8 +2,8 @@ # Wazuh Manager - name: Check if Wazuh Manager is already installed stat: - path: "{{ wazuh_dir }}/bin/ossec-control" - register: wazuh_ossec_control + path: /var/ossec/bin/wazuh-control + register: wazuh_control_path - name: Installing Wazuh Manager from sources block: @@ -114,7 +114,7 @@ state: absent when: - - not wazuh_ossec_control.stat.exists + - not wazuh_control_path.stat.exists - wazuh_manager_sources_installation.enabled tags: - manager diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 159f875d..b28444ee 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -197,7 +197,7 @@ - config - name: Enable client-syslog - command: "{{ wazuh_dir }}/bin/ossec-control enable client-syslog" + command: "{{ wazuh_dir }}/bin/wazuh-control enable client-syslog" notify: restart wazuh-manager when: - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout @@ -219,7 +219,7 @@ - config - name: Enable ossec-agentlessd - command: "{{ wazuh_dir }}/bin/ossec-control enable agentless" + command: "{{ wazuh_dir }}/bin/wazuh-control enable agentless" notify: restart wazuh-manager when: - agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout From 208edeaf7c56c00fef79fdbb83ba16cb6963e9e9 Mon Sep 17 00:00:00 2001 From: Victor Moreno Jimenez Date: Thu, 25 Mar 2021 12:18:34 +0100 Subject: [PATCH 05/20] Fix typo in playbook --- .../ansible-wazuh-manager/tasks/installation_from_sources.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml index ea4db631..8bd4a10c 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml @@ -2,7 +2,7 @@ # Wazuh Manager - name: Check if Wazuh Manager is already installed stat: - path: /var/ossec/bin/wazuh-control + path: "{{ wazuh_dir }}/bin/wazuh-control" register: wazuh_control_path - name: Installing Wazuh Manager from sources From 823fd336d39179376234d9e3d11d7e853c38b4c1 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 09:55:05 +0200 Subject: [PATCH 06/20] Add dependencies to install Wazuh manager from sources --- roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 6 ++++++ roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index 9d76fc7f..db734fe1 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -97,6 +97,12 @@ tags: - config +- name: Install dependencies to build from sources + apt: + name: ['make', 'gcc', 'automake', 'autoconf', 'libtool', 'tar', 'libssl-dev', 'g++'] + state: present + when: wazuh_manager_sources_installation.enabled + - name: Debian/Ubuntu | Install wazuh-manager apt: name: diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index ebbf08c9..d7a4c8d3 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -92,6 +92,12 @@ when: - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" +- name: Install dependencies to build from sources + yum: + name: ['make', 'gcc', 'automake', 'autoconf', 'libtool', 'tar', 'openssl-devel', 'gcc-c++'] + state: present + when: wazuh_manager_sources_installation.enabled + - name: CentOS/RedHat/Amazon | Install wazuh-manager package: name: "wazuh-manager-{{ wazuh_manager_version }}" From ef79065de6b16622e11b7952a69a5f6c71cf7e1e Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 10:02:53 +0200 Subject: [PATCH 07/20] Install cmake when installing from sources --- .../tasks/install_cmake.yml | 40 +++++++++++++++++++ .../tasks/installation_from_sources.yml | 5 +++ .../vars/install_cmake.yml | 4 ++ 3 files changed, 49 insertions(+) create mode 100644 roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml create mode 100644 roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml b/roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml new file mode 100644 index 00000000..9940c700 --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml @@ -0,0 +1,40 @@ +--- + +# Vars +# cmake_download_url: http://packages.wazuh.com/utils/cmake/cmake-3.18.3.tar.gz +# cmake_version: 3.18.3 +# + - name: Include CMake install vars + include_vars: install_cmake.yml + + - name: Download CMake sources + get_url: + url: "{{ cmake_download_url }}" + dest: "/tmp/cmake-{{ cmake_version }}.tar.gz" + register: cmake_download + + - name: Unpack CMake + unarchive: + copy: no + dest: /tmp/ + src: "{{ cmake_download.dest }}" + when: cmake_download.changed + register: cmake_unpack + + - name: Configure CMake + command: "./bootstrap" + args: + chdir: "/tmp/cmake-{{ cmake_version }}" + when: cmake_unpack.changed + register: cmake_configure + + - name: Install CMake + shell: make && make install + args: + chdir: "/tmp/cmake-{{ cmake_version }}" + when: cmake_configure.changed + + - name: Delete installation files + file: + state: absent + path: "/tmp/cmake-{{ cmake_version }}" \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml index 8bd4a10c..74818bc5 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml @@ -18,6 +18,9 @@ - tar state: present + - name: Install CMake + include_tasks: install_cmake.yml + - name: Removing old files file: path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz" @@ -102,6 +105,8 @@ changed_when: installation_result == 0 args: chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}" + environment: + PATH: /usr/local/bin:{{ ansible_env.PATH }} - name: Cleanup downloaded files file: diff --git a/roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml b/roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml new file mode 100644 index 00000000..cda00c6e --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml @@ -0,0 +1,4 @@ +# Install cmake vars + +cmake_version: 3.18.3 +cmake_download_url: "http://packages.wazuh.com/utils/cmake/cmake-{{ cmake_version }}.tar.gz" \ No newline at end of file From 292b4402b3651be122d57dbfe554831e8cb519c1 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 10:52:57 +0200 Subject: [PATCH 08/20] Remove deprecated pai.yaml from wazuh-manager installation --- roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index b28444ee..61409a40 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -141,19 +141,6 @@ when: - shared_agent_config is defined -- name: Installing the api.yaml (api configuration) - template: src=api.yaml.j2 - dest="{{ wazuh_dir }}/api/configuration/api.yaml" - owner=root - group=ossec - mode=0640 - notify: restart wazuh-manager - when: - - wazuh_manager_config.cluster.node_type == "master" - tags: - - init - - config - - name: Installing the local_internal_options.conf template: src=var-ossec-etc-local-internal-options.conf.j2 dest="{{ wazuh_dir }}/etc/local_internal_options.conf" From 34f06a85abb31dffd284282c513da4285e1cf92f Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 12:57:12 +0200 Subject: [PATCH 09/20] Add apt repo for opendistro and openjdk --- roles/opendistro/opendistro-elasticsearch/defaults/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml index b86dd656..232f3a20 100644 --- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml @@ -32,6 +32,12 @@ package_repos: opendistro: baseurl: 'https://packages.wazuh.com/4.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + apt: + opendistro: + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + openjdk: + baseurl: 'deb http://deb.debian.org/debian stretch-backports main' opendistro_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig opendistro_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools From e2ce83af3d5ed49d1a7db2bb589f92a240ddbcdd Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 12:58:01 +0200 Subject: [PATCH 10/20] Move opendistro install to task specific OS --- .../opendistro/opendistro-elasticsearch/tasks/RedHat.yml | 7 +++++++ roles/opendistro/opendistro-elasticsearch/tasks/main.yml | 8 ++------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml index 08105af1..ee2482f6 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml @@ -39,5 +39,12 @@ - wget - unzip + - name: Install OpenDistro + package: + name: opendistroforelasticsearch-{{ opendistro_version }} + state: present + register: install + tags: install + tags: - install diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index b7c962ed..ddb261c3 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -8,12 +8,8 @@ - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' - - name: Install OpenDistro - package: - name: opendistroforelasticsearch-{{ opendistro_version }} - state: present - register: install - tags: install + - import_tasks: Debian.yml + when: ansible_os_family == 'Debian' - name: Remove elasticsearch configuration file file: From 31dc9952e84985e0220c735c7cb852243544e724 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 12:58:41 +0200 Subject: [PATCH 11/20] Add apt repo to Kibana --- roles/opendistro/opendistro-kibana/defaults/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index 9a19c3a0..d466fbab 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -21,7 +21,10 @@ package_repos: opendistro: baseurl: 'https://packages.wazuh.com/4.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' - + apt: + opendistro: + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' # API credentials wazuh_api_credentials: @@ -38,7 +41,7 @@ kibana_telemetry_optin: "false" kibana_telemetry_enabled: "false" opendistro_admin_password: changeme -opendistro_kibana_user: admin +opendistro_kibana_user: changeme opendistro_kibana_password: changeme local_certs_path: "{{ playbook_dir }}/opendistro/certificates" From ee9a529f670a88d67c92cf0d72a0260901d40b1c Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 12:59:21 +0200 Subject: [PATCH 12/20] Add deb support to kibana task --- roles/opendistro/opendistro-kibana/tasks/RedHat.yml | 6 ++++++ roles/opendistro/opendistro-kibana/tasks/main.yml | 8 ++------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/roles/opendistro/opendistro-kibana/tasks/RedHat.yml b/roles/opendistro/opendistro-kibana/tasks/RedHat.yml index 70b5b70a..4407e165 100644 --- a/roles/opendistro/opendistro-kibana/tasks/RedHat.yml +++ b/roles/opendistro/opendistro-kibana/tasks/RedHat.yml @@ -10,5 +10,11 @@ gpgkey: "{{ package_repos.yum.opendistro.gpg }}" gpgcheck: true + - name: Install Kibana + package: + name: "opendistroforelasticsearch-kibana-{{ kibana_opendistro_version }}" + state: present + register: install + tags: - install diff --git a/roles/opendistro/opendistro-kibana/tasks/main.yml b/roles/opendistro/opendistro-kibana/tasks/main.yml index 41980054..8a169664 100755 --- a/roles/opendistro/opendistro-kibana/tasks/main.yml +++ b/roles/opendistro/opendistro-kibana/tasks/main.yml @@ -11,12 +11,8 @@ - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' -- name: Install Kibana - package: - name: "opendistroforelasticsearch-kibana-{{ kibana_opendistro_version }}" - state: present - register: install - tags: install +- import_tasks: Debian.yml + when: ansible_os_family == 'Debian' - name: Remove Kibana configuration file file: From a7991778d98b974fb5e77afee4f03e55cc2ee5e6 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 12:59:57 +0200 Subject: [PATCH 13/20] Debian support elastic/kibana --- .../opendistro-elasticsearch/tasks/Debian.yml | 43 +++++++++++++++++++ .../opendistro-kibana/tasks/Debian.yml | 23 ++++++++++ .../opendistro-kibana/vars/debian.yml | 3 ++ 3 files changed, 69 insertions(+) create mode 100644 roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml create mode 100644 roles/opendistro/opendistro-kibana/tasks/Debian.yml create mode 100644 roles/opendistro/opendistro-kibana/vars/debian.yml diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml new file mode 100644 index 00000000..41011ddc --- /dev/null +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -0,0 +1,43 @@ + +--- + +#- name: Install OpenDistro dependencies +# apt: +# name: [ +# 'unzip', 'wget', 'curl', +# 'apt-transport-https', software-properties-common +# ] +# state: present + +- name: Add openjdk repository + apt_repository: + repo: "{{ package_repos.apt.openjdk.baseurl }}" + state: present + update_cache: yes + +- name: Install openjdk-11-jdk + apt: + name: openjdk-11-jdk + state: present + environment: + JAVA_HOME: /usr + +- name: Add Opendistro repository + block: + - name: Add apt repository signing key + apt_key: + url: "{{ package_repos.apt.opendistro.gpg }}" + state: present + + - name: Add Opendistro repository + apt_repository: + repo: "{{ package_repos.apt.opendistro.baseurl }}" + state: present + update_cache: yes + +- name: Install OpenDistro + apt: + name: opendistroforelasticsearch={{ opendistro_version }}-1 + state: present + register: install + tags: install \ No newline at end of file diff --git a/roles/opendistro/opendistro-kibana/tasks/Debian.yml b/roles/opendistro/opendistro-kibana/tasks/Debian.yml new file mode 100644 index 00000000..140b2582 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/tasks/Debian.yml @@ -0,0 +1,23 @@ +--- +- block: + + - include_vars: debian.yml + - name: Add apt repository signing key + apt_key: + url: "{{ package_repos.apt.opendistro.gpg }}" + state: present + + - name: Debian systems | Add OpenDistro repo + apt_repository: + repo: "{{ package_repos.apt.opendistro.baseurl }}" + state: present + update_cache: yes + + - name: Install Kibana + apt: + name: "opendistroforelasticsearch-kibana={{ kibana_opendistro_version }}" + state: present + register: install + + tags: + - install \ No newline at end of file diff --git a/roles/opendistro/opendistro-kibana/vars/debian.yml b/roles/opendistro/opendistro-kibana/vars/debian.yml new file mode 100644 index 00000000..14c7aa99 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/vars/debian.yml @@ -0,0 +1,3 @@ +--- + +kibana_opendistro_version: 1.12.0 \ No newline at end of file From d753c0ddeeb6a34756b3d18a459b574748bd6967 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 13:46:26 +0200 Subject: [PATCH 14/20] Remove conditional install.changed --- roles/opendistro/opendistro-elasticsearch/tasks/main.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index ddb261c3..e3b9aceb 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -15,7 +15,6 @@ file: path: "{{ opendistro_conf_path }}/elasticsearch.yml" state: absent - when: install.changed tags: install - name: Copy Configuration File @@ -26,13 +25,12 @@ group: elasticsearch mode: 0640 marker: "## {mark} Opendistro general settings ##" - when: install.changed tags: install - include_tasks: security_actions.yml tags: - security - when: install.changed + - name: Configure OpenDistro Elasticsearch JVM memmory. template: From df92f85cbe761f28be9518806413867708e648fa Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 31 Mar 2021 15:05:36 +0200 Subject: [PATCH 15/20] Add ansible_shell_allow_world_readable_temp parameter to playbooks which uses opendistro-kibana role due to error with Debian hosts --- playbooks/wazuh-kibana.yml | 3 ++- playbooks/wazuh-odfe-production-ready.yml | 1 + playbooks/wazuh-odfe-single.yml | 3 ++- playbooks/wazuh-opendistro-kibana.yml | 2 ++ 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml index 200f4891..09fe054f 100644 --- a/playbooks/wazuh-kibana.yml +++ b/playbooks/wazuh-kibana.yml @@ -3,4 +3,5 @@ roles: - role: ../roles/elastic-stack/ansible-kibana elasticsearch_network_host: - + vars: + ansible_shell_allow_world_readable_temp: true diff --git a/playbooks/wazuh-odfe-production-ready.yml b/playbooks/wazuh-odfe-production-ready.yml index b6cba365..75cc30e9 100644 --- a/playbooks/wazuh-odfe-production-ready.yml +++ b/playbooks/wazuh-odfe-production-ready.yml @@ -186,3 +186,4 @@ node6: name: node-6 ip: "{{ hostvars.kibana.private_ip }}" + ansible_shell_allow_world_readable_temp: true diff --git a/playbooks/wazuh-odfe-single.yml b/playbooks/wazuh-odfe-single.yml index ce98cfaf..d3543aa4 100644 --- a/playbooks/wazuh-odfe-single.yml +++ b/playbooks/wazuh-odfe-single.yml @@ -18,4 +18,5 @@ instances: node1: name: node-1 # Important: must be equal to elasticsearch_node_name. - ip: \ No newline at end of file + ip: + ansible_shell_allow_world_readable_temp: true \ No newline at end of file diff --git a/playbooks/wazuh-opendistro-kibana.yml b/playbooks/wazuh-opendistro-kibana.yml index fa3600c1..8d195ad5 100644 --- a/playbooks/wazuh-opendistro-kibana.yml +++ b/playbooks/wazuh-opendistro-kibana.yml @@ -2,3 +2,5 @@ - hosts: es1 roles: - role: ../roles/opendistro/opendistro-kibana + vars: + ansible_shell_allow_world_readable_temp: true From 38c4942ee87bfbd375483b6c9b3a09520672eba2 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Tue, 13 Apr 2021 16:21:17 +0200 Subject: [PATCH 16/20] Bump to v4.2.0 --- CHANGELOG.md | 6 ++++++ README.md | 2 ++ molecule/default/tests/test_default.py | 2 +- molecule/distributed-wazuh-elk-xpack/group_vars/all.yml | 6 +++--- .../distributed-wazuh-elk-xpack/tests/test_default.py | 2 +- molecule/distributed-wazuh-elk/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-elk/tests/test_default.py | 2 +- molecule/distributed-wazuh-odfe/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-odfe/tests/test_default.py | 2 +- pyproject.toml | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +- roles/opendistro/opendistro-kibana/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++---- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- 16 files changed, 32 insertions(+), 24 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 48f22d86..0456219e 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.2.0] + +### Added + +- Update to [Wazuh v4.2.0](https://github.com/wazuh/wazuh/blob/v4.2.0/CHANGELOG.md#v420) + ## [v4.1.4] ### Added diff --git a/README.md b/README.md index 16233f66..76a308ce 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,8 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack. | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.2.0 | 7.10.0 | 1.12.0 | +|---------------|---------|--------| | v4.1.4 | 7.10.0 | 1.12.0 | |---------------|---------|--------| | v4.1.3 | 7.10.0 | 1.12.0 | diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index 54a2c114..07b66ff0 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.4" + return "4.2.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml index 9e91eaad..8c5b9a7a 100644 --- a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml @@ -18,11 +18,11 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.1.4-1 -wazuh_agent_version: 4.1.4-1 +wazuh_manager_version: 4.2.0-1 +wazuh_agent_version: 4.2.0-1 # Kibana role appends it automatically. -wazuh_version: 4.1.4 +wazuh_version: 4.2.0 ######################################################## diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py index fe444218..f84cbb7a 100644 --- a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py +++ b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.4" + return "4.2.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk/group_vars/all.yml b/molecule/distributed-wazuh-elk/group_vars/all.yml index 4b4d47ae..bfb56ca5 100644 --- a/molecule/distributed-wazuh-elk/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk/group_vars/all.yml @@ -16,8 +16,8 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.1.4-1 -wazuh_agent_version: 4.1.4-1 +wazuh_manager_version: 4.2.0-1 +wazuh_agent_version: 4.2.0-1 # Kibana role appends it automatically. -wazuh_version: 4.1.4 +wazuh_version: 4.2.0 diff --git a/molecule/distributed-wazuh-elk/tests/test_default.py b/molecule/distributed-wazuh-elk/tests/test_default.py index fe444218..f84cbb7a 100644 --- a/molecule/distributed-wazuh-elk/tests/test_default.py +++ b/molecule/distributed-wazuh-elk/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.4" + return "4.2.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml index 7807b5d6..c58872e5 100644 --- a/molecule/distributed-wazuh-odfe/group_vars/all.yml +++ b/molecule/distributed-wazuh-odfe/group_vars/all.yml @@ -40,8 +40,8 @@ filebeat_version: 7.10.0 kibana_opendistro_version: 1.12.0-1 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.1.4-1 -wazuh_agent_version: 4.1.4-1 +wazuh_manager_version: 4.2.0-1 +wazuh_agent_version: 4.2.0-1 # Kibana role appends it automatically. -wazuh_version: 4.1.4 +wazuh_version: 4.2.0 diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py index 54a2c114..07b66ff0 100644 --- a/molecule/distributed-wazuh-odfe/tests/test_default.py +++ b/molecule/distributed-wazuh-odfe/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.1.4" + return "4.2.0" def test_wazuh_packages_are_installed(host): diff --git a/pyproject.toml b/pyproject.toml index ccc294da..ec1c35e3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "wazuh-ansible" -version = "4.1.4" +version = "4.2.0" description = "" authors = ["neonmei "] diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index 437f0a78..916b4aa2 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -7,7 +7,7 @@ kibana_server_host: "0.0.0.0" kibana_server_port: "5601" kibana_conf_path: /etc/kibana elastic_stack_version: 7.10.2 -wazuh_version: 4.1.4 +wazuh_version: 4.2.0 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana elasticrepo: diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index 9a19c3a0..dbf4ab73 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -10,7 +10,7 @@ kibana_server_port: "5601" kibana_server_name: "kibana" kibana_max_payload_bytes: 1048576 elastic_stack_version: 7.10.0 -wazuh_version: 4.1.4 +wazuh_version: 4.2.0 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana # The OpenDistro package repository diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 63b18a6f..b452e481 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.0 -wazuh_template_branch: v4.1.4 +wazuh_template_branch: v4.2.0 filebeat_output_elasticsearch_hosts: - "localhost:9200" diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index 706ad4e5..ca375b6f 100644 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.1.4 +wazuh_template_branch: v4.2.0 filebeat_create_config: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 6167a4c9..8fc9007b 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.1.4-1 +wazuh_agent_version: 4.2.0-1 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.1.4" + branch: "v4.2.0" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -55,8 +55,8 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.1.4-1.msi -wazuh_winagent_package_name: wazuh-agent-4.1.4-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.2.0-1.msi +wazuh_winagent_package_name: wazuh-agent-4.2.0-1.msi wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index e4e58099..c6c4e956 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.1.4-1 +wazuh_manager_version: 4.2.0-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.1.4" + branch: "v4.2.0" user_language: "en" user_no_stop: "y" user_install_type: "server" From 4b6105fd3d00de8fb35d58f2da3c6cceb1ffca2b Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Wed, 14 Apr 2021 08:04:11 +0200 Subject: [PATCH 17/20] Bump to v4.3.0 --- CHANGELOG.md | 6 ++++++ README.md | 2 ++ molecule/default/tests/test_default.py | 2 +- molecule/distributed-wazuh-elk-xpack/group_vars/all.yml | 6 +++--- .../distributed-wazuh-elk-xpack/tests/test_default.py | 2 +- molecule/distributed-wazuh-elk/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-elk/tests/test_default.py | 2 +- molecule/distributed-wazuh-odfe/group_vars/all.yml | 6 +++--- molecule/distributed-wazuh-odfe/tests/test_default.py | 2 +- pyproject.toml | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +- roles/opendistro/opendistro-kibana/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-filebeat/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++---- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 4 ++-- 16 files changed, 32 insertions(+), 24 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0456219e..30f45299 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.3.0] + +### Added + +- Update to [Wazuh v4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430) + ## [v4.2.0] ### Added diff --git a/README.md b/README.md index 76a308ce..395b15a7 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,8 @@ These playbooks install and configure Wazuh agent, manager and Elastic Stack. | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.3.0 | 7.10.0 | 1.12.0 | +|---------------|---------|--------| | v4.2.0 | 7.10.0 | 1.12.0 | |---------------|---------|--------| | v4.1.4 | 7.10.0 | 1.12.0 | diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index 07b66ff0..b972568a 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.0" + return "4.3.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml index 8c5b9a7a..a9d29f28 100644 --- a/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk-xpack/group_vars/all.yml @@ -18,11 +18,11 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.2.0-1 -wazuh_agent_version: 4.2.0-1 +wazuh_manager_version: 4.3.0-1 +wazuh_agent_version: 4.3.0-1 # Kibana role appends it automatically. -wazuh_version: 4.2.0 +wazuh_version: 4.3.0 ######################################################## diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py index f84cbb7a..1213c959 100644 --- a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py +++ b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.0" + return "4.3.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-elk/group_vars/all.yml b/molecule/distributed-wazuh-elk/group_vars/all.yml index bfb56ca5..3124a9c9 100644 --- a/molecule/distributed-wazuh-elk/group_vars/all.yml +++ b/molecule/distributed-wazuh-elk/group_vars/all.yml @@ -16,8 +16,8 @@ elastic_stack_version: 7.10.2 filebeat_version: 7.10.2 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.2.0-1 -wazuh_agent_version: 4.2.0-1 +wazuh_manager_version: 4.3.0-1 +wazuh_agent_version: 4.3.0-1 # Kibana role appends it automatically. -wazuh_version: 4.2.0 +wazuh_version: 4.3.0 diff --git a/molecule/distributed-wazuh-elk/tests/test_default.py b/molecule/distributed-wazuh-elk/tests/test_default.py index f84cbb7a..1213c959 100644 --- a/molecule/distributed-wazuh-elk/tests/test_default.py +++ b/molecule/distributed-wazuh-elk/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.0" + return "4.3.0" def test_wazuh_packages_are_installed(host): diff --git a/molecule/distributed-wazuh-odfe/group_vars/all.yml b/molecule/distributed-wazuh-odfe/group_vars/all.yml index c58872e5..afd3c9b3 100644 --- a/molecule/distributed-wazuh-odfe/group_vars/all.yml +++ b/molecule/distributed-wazuh-odfe/group_vars/all.yml @@ -40,8 +40,8 @@ filebeat_version: 7.10.0 kibana_opendistro_version: 1.12.0-1 # Debian packages need the ${VERSION}-1 -wazuh_manager_version: 4.2.0-1 -wazuh_agent_version: 4.2.0-1 +wazuh_manager_version: 4.3.0-1 +wazuh_agent_version: 4.3.0-1 # Kibana role appends it automatically. -wazuh_version: 4.2.0 +wazuh_version: 4.3.0 diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py index 07b66ff0..b972568a 100644 --- a/molecule/distributed-wazuh-odfe/tests/test_default.py +++ b/molecule/distributed-wazuh-odfe/tests/test_default.py @@ -8,7 +8,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def get_wazuh_version(): """This return the version of Wazuh.""" - return "4.2.0" + return "4.3.0" def test_wazuh_packages_are_installed(host): diff --git a/pyproject.toml b/pyproject.toml index ec1c35e3..550e0acf 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "wazuh-ansible" -version = "4.2.0" +version = "4.3.0" description = "" authors = ["neonmei "] diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index 916b4aa2..b6e50c08 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -7,7 +7,7 @@ kibana_server_host: "0.0.0.0" kibana_server_port: "5601" kibana_conf_path: /etc/kibana elastic_stack_version: 7.10.2 -wazuh_version: 4.2.0 +wazuh_version: 4.3.0 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana elasticrepo: diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index dffa0fc1..71d1fcd1 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -10,7 +10,7 @@ kibana_server_port: "5601" kibana_server_name: "kibana" kibana_max_payload_bytes: 1048576 elastic_stack_version: 7.10.0 -wazuh_version: 4.2.0 +wazuh_version: 4.3.0 wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana # The OpenDistro package repository diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index b452e481..1df647d0 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.0 -wazuh_template_branch: v4.2.0 +wazuh_template_branch: v4.3.0 filebeat_output_elasticsearch_hosts: - "localhost:9200" diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index ca375b6f..5dcd2834 100644 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.2.0 +wazuh_template_branch: v4.3.0 filebeat_create_config: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 8fc9007b..a311d36f 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.2.0-1 +wazuh_agent_version: 4.3.0-1 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.2.0" + branch: "v4.3.0" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -55,8 +55,8 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 8ffa75d13280f1aa6ffca54f4273df4d -wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.2.0-1.msi -wazuh_winagent_package_name: wazuh-agent-4.2.0-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/4.x/windows/wazuh-agent-4.3.0-1.msi +wazuh_winagent_package_name: wazuh-agent-4.3.0-1.msi wazuh_dir: "/var/ossec" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index c6c4e956..16a88ef6 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.2.0-1 +wazuh_manager_version: 4.3.0-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.2.0" + branch: "v4.3.0" user_language: "en" user_no_stop: "y" user_install_type: "server" From f1f137a9d284a5ad056d92c1e55dbd47a805498d Mon Sep 17 00:00:00 2001 From: Victor Moreno Jimenez Date: Tue, 16 Mar 2021 18:50:34 +0100 Subject: [PATCH 18/20] Working in #546. Rename users and group according to Wazuh standard --- molecule/default/tests/test_default.py | 4 +-- .../tests/test_default.py | 4 +-- .../tests/test_default.py | 4 +-- .../tests/test_default.py | 4 +-- .../wazuh/ansible-wazuh-agent/tasks/Linux.yml | 8 ++--- .../ansible-wazuh-manager/defaults/main.yml | 2 +- .../ansible-wazuh-manager/tasks/main.yml | 30 +++++++++---------- 7 files changed, 28 insertions(+), 28 deletions(-) diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index b972568a..e142551b 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -46,8 +46,8 @@ def test_wazuh_services_are_running(host): @pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), - ("/var/ossec/etc/rules/local_rules.xml", "ossec", "ossec", 0o640), - ("/var/ossec/etc/lists/audit-keys", "ossec", "ossec", 0o660), + ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), + ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), ]) def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): """Test Wazuh related files exist and have proper owners and mode.""" diff --git a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py index 1213c959..75940cf0 100644 --- a/molecule/distributed-wazuh-elk-xpack/tests/test_default.py +++ b/molecule/distributed-wazuh-elk-xpack/tests/test_default.py @@ -46,8 +46,8 @@ def test_wazuh_services_are_running(host): @pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), - ("/var/ossec/etc/rules/local_rules.xml", "ossec", "ossec", 0o640), - ("/var/ossec/etc/lists/audit-keys", "ossec", "ossec", 0o660), + ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), + ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), ]) def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): """Test Wazuh related files exist and have proper owners and mode.""" diff --git a/molecule/distributed-wazuh-elk/tests/test_default.py b/molecule/distributed-wazuh-elk/tests/test_default.py index 1213c959..75940cf0 100644 --- a/molecule/distributed-wazuh-elk/tests/test_default.py +++ b/molecule/distributed-wazuh-elk/tests/test_default.py @@ -46,8 +46,8 @@ def test_wazuh_services_are_running(host): @pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), - ("/var/ossec/etc/rules/local_rules.xml", "ossec", "ossec", 0o640), - ("/var/ossec/etc/lists/audit-keys", "ossec", "ossec", 0o660), + ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), + ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), ]) def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): """Test Wazuh related files exist and have proper owners and mode.""" diff --git a/molecule/distributed-wazuh-odfe/tests/test_default.py b/molecule/distributed-wazuh-odfe/tests/test_default.py index b972568a..e142551b 100644 --- a/molecule/distributed-wazuh-odfe/tests/test_default.py +++ b/molecule/distributed-wazuh-odfe/tests/test_default.py @@ -46,8 +46,8 @@ def test_wazuh_services_are_running(host): @pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), - ("/var/ossec/etc/rules/local_rules.xml", "ossec", "ossec", 0o640), - ("/var/ossec/etc/lists/audit-keys", "ossec", "ossec", 0o660), + ("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), + ("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), ]) def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): """Test Wazuh related files exist and have proper owners and mode.""" diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml index ee628416..9f4127dd 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml @@ -223,7 +223,7 @@ src: var-ossec-etc-ossec-agent.conf.j2 dest: "{{ wazuh_dir }}/etc/ossec.conf" owner: root - group: ossec + group: wazuh mode: 0644 notify: restart wazuh-agent tags: @@ -235,7 +235,7 @@ src: var-ossec-etc-local-internal-options.conf.j2 dest: "{{ wazuh_dir }}/etc/local_internal_options.conf" owner: root - group: ossec + group: wazuh mode: 0640 notify: restart wazuh-agent tags: @@ -246,8 +246,8 @@ template: src: authd_pass.j2 dest: "{{ wazuh_dir }}/etc/authd.pass" - owner: ossec - group: ossec + owner: wazuh + group: wazuh mode: 0640 when: - wazuh_agent_config.enrollment.enabled == 'yes' diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 16a88ef6..8167fc86 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -61,7 +61,7 @@ wazuh_manager_mailto: - 'admin@example.net' wazuh_manager_email_smtp_server: smtp.example.wazuh.com -wazuh_manager_email_from: ossecm@example.wazuh.com +wazuh_manager_email_from: wazuh@example.wazuh.com wazuh_manager_email_maxperhour: 12 wazuh_manager_email_queue_size: 131072 wazuh_manager_email_log_source: 'alerts.log' diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 61409a40..b7640a5c 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -81,8 +81,8 @@ - name: Installing the local_rules.xml (default local_rules.xml) template: src=var-ossec-rules-local_rules.xml.j2 dest="{{ wazuh_dir }}/etc/rules/local_rules.xml" - owner=ossec - group=ossec + owner=wazuh + group=wazuh mode=0640 notify: restart wazuh-manager tags: @@ -93,8 +93,8 @@ - name: Adding local rules files copy: src="{{ wazuh_manager_config.ruleset.rules_path }}" dest="{{ wazuh_dir }}/etc/rules/" - owner=ossec - group=ossec + owner=wazuh + group=wazuh mode=0640 notify: restart wazuh-manager tags: @@ -105,8 +105,8 @@ - name: Installing the local_decoder.xml template: src=var-ossec-rules-local_decoder.xml.j2 dest="{{ wazuh_dir }}/etc/decoders/local_decoder.xml" - owner=ossec - group=ossec + owner=wazuh + group=wazuh mode=0640 notify: restart wazuh-manager tags: @@ -117,8 +117,8 @@ - name: Adding local decoders files copy: src="{{ wazuh_manager_config.ruleset.decoders_path }}" dest="{{ wazuh_dir }}/etc/decoders/" - owner=ossec - group=ossec + owner=wazuh + group=wazuh mode=0640 notify: restart wazuh-manager tags: @@ -130,8 +130,8 @@ template: src: var-ossec-etc-shared-agent.conf.j2 dest: "{{ wazuh_dir }}/etc/shared/default/agent.conf" - owner: ossec - group: ossec + owner: wazuh + group: wazuh mode: 0640 validate: "{{ wazuh_dir }}/bin/verify-agent-conf -f %s" notify: restart wazuh-manager @@ -145,7 +145,7 @@ template: src=var-ossec-etc-local-internal-options.conf.j2 dest="{{ wazuh_dir }}/etc/local_internal_options.conf" owner=root - group=ossec + group=wazuh mode=0640 notify: restart wazuh-manager tags: @@ -228,7 +228,7 @@ src: var-ossec-etc-ossec-server.conf.j2 dest: "{{ wazuh_dir }}/etc/ossec.conf" owner: root - group: ossec + group: wazuh mode: 0644 notify: restart wazuh-manager tags: @@ -239,8 +239,8 @@ template: src: authd_pass.j2 dest: "{{ wazuh_dir }}/etc/authd.pass" - owner: ossec - group: ossec + owner: wazuh + group: wazuh mode: 0640 no_log: true notify: restart wazuh-manager @@ -257,7 +257,7 @@ src: create_user.py dest: "{{ wazuh_dir }}/framework/scripts/create_user.py" owner: root - group: ossec + group: wazuh mode: 0644 - name: Execute create_user script From 7eff9179a2da2187e2d3df0263d05bb708a6fe8c Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Mon, 19 Apr 2021 09:42:09 +0200 Subject: [PATCH 19/20] #570. Rename Windows agent from OssecSvc to WazuhSvc --- roles/wazuh/ansible-wazuh-agent/handlers/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml index 1858906b..84f3ff45 100644 --- a/roles/wazuh/ansible-wazuh-agent/handlers/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/handlers/main.yml @@ -3,4 +3,4 @@ service: name=wazuh-agent state=restarted enabled=yes - name: Windows | Restart Wazuh Agent - win_service: name=OssecSvc start_mode=auto state=restarted + win_service: name=WazuhSvc start_mode=auto state=restarted From 74e96ba8a9f4029f29fd3a01788b64f389cb2ae8 Mon Sep 17 00:00:00 2001 From: VictorMorenoJimenez Date: Tue, 20 Apr 2021 15:59:12 +0200 Subject: [PATCH 20/20] #497. Change firewall-drop.sh according to new active-response changes. Now script is a C binary instead --- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 8167fc86..4830f1b5 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -259,7 +259,7 @@ wazuh_manager_commands: executable: 'restart-ossec.sh' expect: '' - name: 'firewall-drop' - executable: 'firewall-drop.sh' + executable: 'firewall-drop' expect: 'srcip' timeout_allowed: 'yes' - name: 'host-deny'