From 16ea37e7389b4118878e759a978e2a13a0505cc3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 13 Feb 2024 10:27:59 +0100 Subject: [PATCH 1/5] Bump version to 5.0.0 --- CHANGELOG.md | 6 ++++++ README.md | 1 + VERSION | 4 ++-- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +- roles/wazuh/check-packages/defaults/main.yml | 2 +- roles/wazuh/wazuh-dashboard/defaults/main.yml | 4 ++-- roles/wazuh/wazuh-dashboard/vars/debian.yml | 2 +- roles/wazuh/wazuh-indexer/defaults/main.yml | 2 +- 10 files changed, 17 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 54dfee67..69f4d16f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v5.0.0] + +### Added + +- Update to [Wazuh v5.0.0](https://github.com/wazuh/wazuh/blob/v5.0.0/CHANGELOG.md#500) + ## [v4.9.0] ### Added diff --git a/README.md b/README.md index 4aa6a5a5..e25cc7c9 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v5.0.0 | | | | v4.9.0 | | | | v4.8.2 | | | | v4.8.1 | | | diff --git a/VERSION b/VERSION index 844c4702..13bc9fe8 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-ANSIBLE_VERSION="v4.9.0" -REVISION="40900" +WAZUH-ANSIBLE_VERSION="v5.0.0" +REVISION="50000" diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index a28f06bd..3e42fa1e 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: v4.9.0 +wazuh_template_branch: v5.0.0 filebeat_node_name: node-1 diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 566fb056..fb8ec3d7 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.9.0 +wazuh_agent_version: 5.0.0 # Custom packages installation diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index eb976fba..0c546b01 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.9.0 +wazuh_manager_version: 5.0.0 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present diff --git a/roles/wazuh/check-packages/defaults/main.yml b/roles/wazuh/check-packages/defaults/main.yml index 77432076..131b85c7 100644 --- a/roles/wazuh/check-packages/defaults/main.yml +++ b/roles/wazuh/check-packages/defaults/main.yml @@ -1,2 +1,2 @@ --- -wazuh_version: 4.9.0 +wazuh_version: 5.0.0 diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index e5e48438..fef884c1 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -8,12 +8,12 @@ dashboard_node_name: node-1 dashboard_server_host: "0.0.0.0" dashboard_server_port: "443" dashboard_server_name: "dashboard" -wazuh_version: 4.9.0 +wazuh_version: 5.0.0 indexer_cluster_nodes: - 127.0.0.1 # The Wazuh dashboard package repository -dashboard_version: "4.9.0" +dashboard_version: "5.0.0" # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-dashboard/vars/debian.yml b/roles/wazuh/wazuh-dashboard/vars/debian.yml index 940a66df..77bd8e4d 100644 --- a/roles/wazuh/wazuh-dashboard/vars/debian.yml +++ b/roles/wazuh/wazuh-dashboard/vars/debian.yml @@ -1,2 +1,2 @@ --- -dashboard_version: 4.9.0 +dashboard_version: 5.0.0 diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index da7be34c..f5b35dac 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -1,6 +1,6 @@ --- # Cluster Settings -indexer_version: 4.9.0 +indexer_version: 5.0.0 single_node: false indexer_node_name: node-1 From ea1b6f950651b3c987e669d0a6a9e03d58d630fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Wed, 10 Apr 2024 13:01:37 +0200 Subject: [PATCH 2/5] Changed 4.x occurrences to 5.x and 4.9 to 5.0 --- roles/wazuh/vars/repo.yml | 16 ++++++++-------- roles/wazuh/vars/repo_pre-release.yml | 2 +- roles/wazuh/vars/repo_staging.yml | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/wazuh/vars/repo.yml b/roles/wazuh/vars/repo.yml index c9e6e203..defc8c1a 100644 --- a/roles/wazuh/vars/repo.yml +++ b/roles/wazuh/vars/repo.yml @@ -1,19 +1,19 @@ wazuh_repo: - apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - yum: 'https://packages.wazuh.com/4.x/yum/' + apt: 'deb https://packages.wazuh.com/5.x/apt/ stable main' + yum: 'https://packages.wazuh.com/5.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' -wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" +wazuh_winagent_config_url: "https://packages.wazuh.com/5.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" -wazuh_winagent_sha512_url: "https://packages.wazuh.com/4.x/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" -filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat +wazuh_winagent_sha512_url: "https://packages.wazuh.com/5.x/checksums/wazuh/{{ wazuh_agent_version }}/wazuh-agent-{{ wazuh_agent_version }}-1.msi.sha512" +filebeat_module_package_url: https://packages.wazuh.com/5.x/filebeat wazuh_macos_intel_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.intel64.pkg" wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg" -wazuh_macos_intel_package_url: "https://packages.wazuh.com/4.x/macos/{{ wazuh_macos_intel_package_name }}" -wazuh_macos_arm_package_url: "https://packages.wazuh.com/4.x/macos/{{ wazuh_macos_arm_package_name }}" +wazuh_macos_intel_package_url: "https://packages.wazuh.com/5.x/macos/{{ wazuh_macos_intel_package_name }}" +wazuh_macos_arm_package_url: "https://packages.wazuh.com/5.x/macos/{{ wazuh_macos_arm_package_name }}" -certs_gen_tool_version: 4.9 +certs_gen_tool_version: 5.0 # Url of certificates generator tool certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" diff --git a/roles/wazuh/vars/repo_pre-release.yml b/roles/wazuh/vars/repo_pre-release.yml index 1e12af7c..1d87ee76 100644 --- a/roles/wazuh/vars/repo_pre-release.yml +++ b/roles/wazuh/vars/repo_pre-release.yml @@ -13,7 +13,7 @@ wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg wazuh_macos_intel_package_url: "https://packages-dev.wazuh.com/staging/pre-release/{{ wazuh_macos_intel_package_name }}" wazuh_macos_arm_package_url: "https://packages-dev.wazuh.com/pre-release/macos/{{ wazuh_macos_arm_package_name }}" -certs_gen_tool_version: 4.9 +certs_gen_tool_version: 5.0 # Url of certificates generator tool certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" diff --git a/roles/wazuh/vars/repo_staging.yml b/roles/wazuh/vars/repo_staging.yml index b1732cd4..21008579 100644 --- a/roles/wazuh/vars/repo_staging.yml +++ b/roles/wazuh/vars/repo_staging.yml @@ -14,7 +14,7 @@ wazuh_macos_arm_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.arm64.pkg wazuh_macos_intel_package_url: "https://packages-dev.wazuh.com/staging/macos/{{ wazuh_macos_intel_package_name }}" wazuh_macos_arm_package_url: "https://packages-dev.wazuh.com/staging/macos/{{ wazuh_macos_arm_package_name }}" -certs_gen_tool_version: 4.9 +certs_gen_tool_version: 5.0 # Url of certificates generator tool certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" From 0dc34dc9446550b920290d808b5c9b556bc02984 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Thu, 11 Apr 2024 09:51:45 +0200 Subject: [PATCH 3/5] changed more references from 4.x to 5.x --- roles/wazuh/ansible-filebeat-oss/defaults/main.yml | 4 ++-- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +- roles/wazuh/check-packages/scripts/check_packages.sh | 2 +- roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 3e42fa1e..aeefa605 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -22,7 +22,7 @@ filebeat_ssl_dir: /etc/pki/filebeat local_certs_path: "{{ playbook_dir }}/indexer/certificates" filebeatrepo: - apt: 'deb https://packages.wazuh.com/4.x/apt/ stable main' - yum: 'https://packages.wazuh.com/4.x/yum/' + apt: 'deb https://packages.wazuh.com/5.x/apt/ stable main' + yum: 'https://packages.wazuh.com/5.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145' \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index fb8ec3d7..3adcb206 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -65,7 +65,7 @@ wazuh_managers: retry_interval: 5 register: yes -## Authentication Method: Enrollment section (4.x) +## Authentication Method: Enrollment section (5.x) # For more information see: # * https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/client.html#enrollment diff --git a/roles/wazuh/check-packages/scripts/check_packages.sh b/roles/wazuh/check-packages/scripts/check_packages.sh index 20c62047..1fbd397b 100755 --- a/roles/wazuh/check-packages/scripts/check_packages.sh +++ b/roles/wazuh/check-packages/scripts/check_packages.sh @@ -9,7 +9,7 @@ checkPackages(){ ## Set S3 Bucket URL if [ $1 == "production" ]; then echo "production" - PACKAGES_URL=https://packages.wazuh.com/4.x/ + PACKAGES_URL=https://packages.wazuh.com/5.x/ elif [ $1 == "pre-release" ]; then echo "pre-release" PACKAGES_URL=https://packages-dev.wazuh.com/pre-release/ diff --git a/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 b/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 index 5755a366..d3ab99a0 100644 --- a/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 +++ b/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 @@ -21,7 +21,7 @@ # ------------------------------- Index patterns ------------------------------- # # Default index pattern to use. -#pattern: wazuh-alerts-4.x-* +#pattern: wazuh-alerts-5.x-* # # ----------------------------------- Checks ----------------------------------- # @@ -92,17 +92,17 @@ # Default: 900 (s) #wazuh.monitoring.frequency: 900 # -# Configure wazuh-monitoring-4.x-* indices shards and replicas. +# Configure wazuh-monitoring-5.x-* indices shards and replicas. #wazuh.monitoring.shards: 2 #wazuh.monitoring.replicas: 0 # -# Configure wazuh-monitoring-4.x-* indices custom creation interval. +# Configure wazuh-monitoring-5.x-* indices custom creation interval. # Values: h (hourly), d (daily), w (weekly), m (monthly) # Default: d #wazuh.monitoring.creation: d # # Default index pattern to use for Wazuh monitoring -#wazuh.monitoring.pattern: wazuh-monitoring-4.x-* +#wazuh.monitoring.pattern: wazuh-monitoring-5.x-* # # # ------------------------------- App privileges -------------------------------- From f2e3248cf5739ebd9c5295d7ea9ef0261b265828 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 21 May 2024 07:24:49 -0300 Subject: [PATCH 4/5] change wazuh api username --- playbooks/wazuh-agent.yml | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 4 ++-- roles/opendistro/opendistro-kibana/defaults/main.yml | 4 ++-- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++-- roles/wazuh/wazuh-dashboard/defaults/main.yml | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml index 16ff48ae..0d37a1f4 100644 --- a/playbooks/wazuh-agent.yml +++ b/playbooks/wazuh-agent.yml @@ -11,6 +11,6 @@ protocol: tcp api_port: 55000 api_proto: 'https' - api_user: wazuh + api_user: wazuh-wui max_retries: 5 retry_interval: 5 \ No newline at end of file diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index 2a911a4e..be905bec 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -21,8 +21,8 @@ wazuh_api_credentials: - id: "default" url: "https://localhost" port: 55000 - username: "wazuh" - password: "wazuh" + username: "wazuh-wui" + password: "wazuh-wui" # Xpack Security kibana_xpack_security: false diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index 1099b158..edca3551 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -31,8 +31,8 @@ wazuh_api_credentials: - id: "default" url: "https://localhost" port: 55000 - username: "wazuh" - password: "wazuh" + username: "wazuh-wui" + password: "wazuh-wui" # opendistro Security kibana_opendistro_security: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 3adcb206..4f403efd 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -10,7 +10,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_yum_lock_timeout: 30 # We recommend the use of ansible-vault to protect Wazuh, api, agentless and authd credentials. -api_pass: wazuh +api_pass: wazuh-wui authd_pass: '' wazuh_api_reachable_from_agent: yes @@ -60,7 +60,7 @@ wazuh_managers: protocol: tcp api_port: 55000 api_proto: https - api_user: wazuh + api_user: wazuh-wui max_retries: 5 retry_interval: 5 register: yes diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index fef884c1..cd36faa1 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -20,8 +20,8 @@ wazuh_api_credentials: - id: "default" url: "https://localhost" port: 55000 - username: "wazuh" - password: "wazuh" + username: "wazuh-wui" + password: "wazuh-wui" # Dashboard Security dashboard_security: true From caaac9ffe13738701a1843b227cf1b5ab30d3866 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 22 May 2024 04:59:44 -0300 Subject: [PATCH 5/5] revert old yamls --- playbooks/wazuh-agent.yml | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 4 ++-- roles/opendistro/opendistro-kibana/defaults/main.yml | 4 ++-- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/playbooks/wazuh-agent.yml b/playbooks/wazuh-agent.yml index 0d37a1f4..16ff48ae 100644 --- a/playbooks/wazuh-agent.yml +++ b/playbooks/wazuh-agent.yml @@ -11,6 +11,6 @@ protocol: tcp api_port: 55000 api_proto: 'https' - api_user: wazuh-wui + api_user: wazuh max_retries: 5 retry_interval: 5 \ No newline at end of file diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index be905bec..2a911a4e 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -21,8 +21,8 @@ wazuh_api_credentials: - id: "default" url: "https://localhost" port: 55000 - username: "wazuh-wui" - password: "wazuh-wui" + username: "wazuh" + password: "wazuh" # Xpack Security kibana_xpack_security: false diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index edca3551..1099b158 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -31,8 +31,8 @@ wazuh_api_credentials: - id: "default" url: "https://localhost" port: 55000 - username: "wazuh-wui" - password: "wazuh-wui" + username: "wazuh" + password: "wazuh" # opendistro Security kibana_opendistro_security: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 4f403efd..3adcb206 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -10,7 +10,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_yum_lock_timeout: 30 # We recommend the use of ansible-vault to protect Wazuh, api, agentless and authd credentials. -api_pass: wazuh-wui +api_pass: wazuh authd_pass: '' wazuh_api_reachable_from_agent: yes @@ -60,7 +60,7 @@ wazuh_managers: protocol: tcp api_port: 55000 api_proto: https - api_user: wazuh-wui + api_user: wazuh max_retries: 5 retry_interval: 5 register: yes