From 68166a49e1465319dd0d45ec5c4b92d6fe3a15b6 Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Mon, 14 Oct 2019 17:01:56 -0500
Subject: [PATCH 01/13] Update Manager templates for integrations

---
 .../ansible-wazuh-manager/defaults/main.yml   | 20 ++++++++
 .../ansible-wazuh-manager/tasks/main.yml      | 10 ++++
 .../var-ossec-etc-ossec-server.conf.j2        | 49 +++++++++++++++++++
 .../ansible-wazuh-manager/vars/aws_creds.yml  | 11 +++++
 .../vars/external_API_creds.yml               |  9 ++++
 5 files changed, 99 insertions(+)
 create mode 100644 roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
 create mode 100644 roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 170a8da5..f1ad3826 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -260,6 +260,26 @@ wazuh_manager_config:
     - server: null
       port: null
       format: null
+  integrations:
+    - name: 'slack'
+      hook_url: <hook_url>
+      alert_level: 10
+      alert_format: 'json'
+    - name: 'pagerduty'
+      api_key: <api_key>
+      alert_level: 10
+  monitor_aws:
+    disable: 'no'
+    internal: '10m'
+    run_on_start: 'yes'
+    skip_on_error: 'yes'
+    s3:
+      - name: 's3-bucket-example-name'
+        bucket_type: 'guardduty'
+        path: 'path'
+        only_logs_after: '1970-JAN-01'
+        access_key: <access key>
+        secret_key: <secret key>
   labels:
     enable: false
     list:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index a1afbb4c..c247e60f 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -200,6 +200,16 @@
   tags:
     - config
 
+- name: Retrieving external API Credentials
+  include_vars: external_API_creds.yml
+  tags:
+    - config
+
+- name: Retrieving AWS Credentials
+  include_vars: aws_creds.yml
+  tags:
+    - config
+
 - name: Retrieving Wazuh-API User Credentials
   include_vars: wazuh_api_creds.yml
   when:
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 65ae38fb..5995d79a 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -530,6 +530,55 @@
 {% endfor %}
 {% endif %}
 
+{% if wazuh_manager_config.integrations is defined %}
+{% for integration in wazuh_manager_config.integrations %}
+{% if integration.name is not none %}
+  <!-- Integration with {{ integration.name }} -->
+  <integration>
+    <name>{{ integration.name }}</name>
+    {% if integration.hook_url is defined %}
+    <hook_url>{{ integration.hook_url }}</hook_url>
+    {% endif %}
+    {% if integration.api_key is defined %}
+    <api_key>{{ integration.api_key }}</api_key>
+    {% endif %}
+    {% if integration.alert_format is defined %}
+    <alert_format>{{ integration.alert_format }}</alert_format>
+    {% endif %}
+    {% if integration.alert_level is defined %}
+    <level>{{ integration.alert_level }}</level>
+    {% endif %}
+    {% if integration.rule_id is defined %}
+    <rule_id>{{ integration.rule_id }}</rule_id>
+    {% endif %}
+  </integration>
+{% endif %}
+{% endfor %}
+{% endif %}
+
+{% if monitor_aws is defined %}
+  <!-- S3 -->
+  <wodle name="aws-s3">
+    <disabled>{{ monitor_aws.disable }}</disabled>
+    <interval>{{ monitor_aws.interval }}</interval>
+    <run_on_start>{{ monitor_aws.run_on_start }}</run_on_start>
+    <skip_on_error>{{ monitor_aws.skip_on_error }}</skip_on_error>
+    {% for bucket in monitor_aws.s3 %}
+    <bucket type="{{ bucket.bucket_type }}">
+      <name>{{ bucket.name }}</name>
+      {% if bucket.path is defined %}
+      <path>{{ bucket.path }}</path>
+      {% endif %}
+      {% if bucket.only_logs_after is defined %}
+      <only_logs_after>{{ bucket.only_logs_after }}</only_logs_after>
+      {% endif %}
+      <access_key>{{ bucket.access_key }}</access_key>
+      <secret_key>{{ bucket.secret_key }}</secret_key>
+    </bucket>
+    {% endfor %}
+  </wodle>
+{% endif %}
+
 {% if wazuh_manager_config.labels.enable == true %}
   <labels>
   {% for label in wazuh_manager_config.labels.list %}
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
new file mode 100644
index 00000000..1a164900
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
@@ -0,0 +1,11 @@
+---
+monitor_aws:
+    disable: 'no'
+    interval: '10m'
+    run_on_start: 'yes'
+    skip_on_error: 'yes'
+    s3:
+      - name: 'S3_bucket'
+        bucket_type: 'guardduty'
+        access_key: ''
+        secret_key: ''
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
new file mode 100644
index 00000000..2d743af0
--- /dev/null
+++ b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
@@ -0,0 +1,9 @@
+#---
+#integrations:
+#  - name: 'slack'
+#    hook_url: <hook_url>
+#    alert_level: 10
+#    alert_format: 'json'
+#  - name: 'pagerduty'
+#    api_key: <api_key>
+#    alert_level: 10

From a49f394858cb93fe902c7960e8e46a6bc9c398ac Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Mon, 14 Oct 2019 17:12:43 -0500
Subject: [PATCH 02/13] Add pseudo credentials for template

---
 .../ansible-wazuh-manager/defaults/main.yml   |  6 ++---
 .../ansible-wazuh-manager/vars/aws_creds.yml  | 22 +++++++++----------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f1ad3826..a5840bec 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -266,7 +266,7 @@ wazuh_manager_config:
       alert_level: 10
       alert_format: 'json'
     - name: 'pagerduty'
-      api_key: <api_key>
+      api_key: '<api_key>'
       alert_level: 10
   monitor_aws:
     disable: 'no'
@@ -278,8 +278,8 @@ wazuh_manager_config:
         bucket_type: 'guardduty'
         path: 'path'
         only_logs_after: '1970-JAN-01'
-        access_key: <access key>
-        secret_key: <secret key>
+        access_key: '<access key>'
+        secret_key: '<secret key>'
   labels:
     enable: false
     list:
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
index 1a164900..6251c292 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
@@ -1,11 +1,11 @@
----
-monitor_aws:
-    disable: 'no'
-    interval: '10m'
-    run_on_start: 'yes'
-    skip_on_error: 'yes'
-    s3:
-      - name: 'S3_bucket'
-        bucket_type: 'guardduty'
-        access_key: ''
-        secret_key: ''
+#---
+#monitor_aws:
+#    disable: 'no'
+#    interval: '10m'
+#    run_on_start: 'yes'
+#    skip_on_error: 'yes'
+#    s3:
+#      - name: 'S3_bucket'
+#        bucket_type: 'guardduty'
+#        access_key: '<access_key>'
+#        secret_key: '<secret_key>'

From dd0c0d24ad15b3d765ffc999a6704c715c05109a Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Mon, 14 Oct 2019 17:25:50 -0500
Subject: [PATCH 03/13] adjust for passing strings

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml         | 2 +-
 .../wazuh/ansible-wazuh-manager/vars/external_API_creds.yml | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index a5840bec..f86d7bf3 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -262,7 +262,7 @@ wazuh_manager_config:
       format: null
   integrations:
     - name: 'slack'
-      hook_url: <hook_url>
+      hook_url: '<hook_url>'
       alert_level: 10
       alert_format: 'json'
     - name: 'pagerduty'
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
index 2d743af0..5b557fea 100644
--- a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
+++ b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
@@ -1,9 +1,9 @@
 #---
 #integrations:
 #  - name: 'slack'
-#    hook_url: <hook_url>
-#    alert_level: 10
+#    hook_url: '<hook_url>'
+#    rule_id: '80102'
 #    alert_format: 'json'
 #  - name: 'pagerduty'
-#    api_key: <api_key>
+#    api_key: '<api_key>'
 #    alert_level: 10

From 0252131041284841e1ecb68f4ea20ec93a098878 Mon Sep 17 00:00:00 2001
From: limitup <17516880+limitup@users.noreply.github.com>
Date: Thu, 31 Oct 2019 08:29:11 -0500
Subject: [PATCH 04/13] Recommended changes

---
 .../ansible-wazuh-manager/defaults/main.yml   | 21 +++++++++++--------
 .../ansible-wazuh-manager/tasks/main.yml      | 10 ---------
 .../ansible-wazuh-manager/vars/aws_creds.yml  | 11 ----------
 .../vars/external_API_creds.yml               |  9 --------
 4 files changed, 12 insertions(+), 39 deletions(-)
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
 delete mode 100644 roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index f86d7bf3..ddc62093 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -261,25 +261,28 @@ wazuh_manager_config:
       port: null
       format: null
   integrations:
-    - name: 'slack'
+    #slack
+    - name: null
       hook_url: '<hook_url>'
       alert_level: 10
       alert_format: 'json'
-    - name: 'pagerduty'
+      rule_id: null
+    #pagerduty
+    - name: null
       api_key: '<api_key>'
-      alert_level: 10
+      alert_level: 12
   monitor_aws:
     disable: 'no'
     internal: '10m'
     run_on_start: 'yes'
     skip_on_error: 'yes'
     s3:
-      - name: 's3-bucket-example-name'
-        bucket_type: 'guardduty'
-        path: 'path'
-        only_logs_after: '1970-JAN-01'
-        access_key: '<access key>'
-        secret_key: '<secret key>'
+      - name: null
+        bucket_type: null
+        path: null
+        only_logs_after: null
+        access_key: null
+        secret_key: null
   labels:
     enable: false
     list:
diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index c247e60f..a1afbb4c 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -200,16 +200,6 @@
   tags:
     - config
 
-- name: Retrieving external API Credentials
-  include_vars: external_API_creds.yml
-  tags:
-    - config
-
-- name: Retrieving AWS Credentials
-  include_vars: aws_creds.yml
-  tags:
-    - config
-
 - name: Retrieving Wazuh-API User Credentials
   include_vars: wazuh_api_creds.yml
   when:
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
deleted file mode 100644
index 6251c292..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/aws_creds.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-#---
-#monitor_aws:
-#    disable: 'no'
-#    interval: '10m'
-#    run_on_start: 'yes'
-#    skip_on_error: 'yes'
-#    s3:
-#      - name: 'S3_bucket'
-#        bucket_type: 'guardduty'
-#        access_key: '<access_key>'
-#        secret_key: '<secret_key>'
diff --git a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml b/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
deleted file mode 100644
index 5b557fea..00000000
--- a/roles/wazuh/ansible-wazuh-manager/vars/external_API_creds.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-#---
-#integrations:
-#  - name: 'slack'
-#    hook_url: '<hook_url>'
-#    rule_id: '80102'
-#    alert_format: 'json'
-#  - name: 'pagerduty'
-#    api_key: '<api_key>'
-#    alert_level: 10

From d9b693066334714840da4db0daa7bf980ecd4095 Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 23 Mar 2020 18:24:27 +0100
Subject: [PATCH 05/13] Update
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ddc62093..81996848 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -273,7 +273,7 @@ wazuh_manager_config:
       alert_level: 12
   monitor_aws:
     disable: 'no'
-    internal: '10m'
+    interval: '10m'
     run_on_start: 'yes'
     skip_on_error: 'yes'
     s3:

From 584950532f658ca0d5d1dd5c1f83b1e61708ddc5 Mon Sep 17 00:00:00 2001
From: Zenidd <jpsaezgutierrez@gmail.com>
Date: Tue, 7 Apr 2020 11:41:00 +0200
Subject: [PATCH 06/13] Replacing Oracle Java with OpenJDK 1.8

---
 .../ansible-wazuh-agent/tasks/RedHat.yml      | 20 ++-----------------
 1 file changed, 2 insertions(+), 18 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
index 8dbd2452..17d97c96 100644
--- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml
@@ -27,30 +27,14 @@
     - not wazuh_agent_sources_installation.enabled
     - not wazuh_custom_packages_installation_agent_enabled
 
-- name: RedHat/CentOS/Fedora | download Oracle Java RPM
-  get_url:
-    url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
-    dest: /tmp/jre-8-linux-x64.rpm
-    headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
-  register: oracle_java_task_rpm_download
-  until: oracle_java_task_rpm_download is succeeded
+- name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
+  yum: name=java-1.8.0-openjdk state=present
   when:
     - wazuh_agent_config.cis_cat.disable == 'no'
     - wazuh_agent_config.cis_cat.install_java == 'yes'
   tags:
     - init
 
-- name: RedHat/CentOS/Fedora | Install Oracle Java RPM
-  package: name=/tmp/jre-8-linux-x64.rpm state=present
-  register: wazuh_agent_java_package_install
-  until: wazuh_agent_java_package_install is succeeded
-  when:
-    - wazuh_agent_config.cis_cat.disable == 'no'
-    - wazuh_agent_config.cis_cat.install_java == 'yes'
-    - oracle_java_task_rpm_download is defined
-  tags:
-    - init
-
 - name: Set Distribution CIS filename for RHEL5
   set_fact:
     cis_distribution_filename: cis_rhel5_linux_rcl.txt

From c6354e2ddc97271bfe9861eec760c33490c6077e Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 20 Apr 2020 16:36:04 +0200
Subject: [PATCH 07/13] Update Kibana optimize task parameters and command

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/elastic-stack/ansible-kibana/tasks/main.yml    | 2 +-
 wazuh-qa                                             | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)
 create mode 160000 wazuh-qa

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index d3305612..00c74381 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -50,4 +50,4 @@ build_from_sources: false
 wazuh_plugin_branch: 3.12-7.6
 
 #Nodejs NODE_OPTIONS
-node_options: --max-old-space-size=2048
+node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536
diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml
index c31f000a..220230c8 100644
--- a/roles/elastic-stack/ansible-kibana/tasks/main.yml
+++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml
@@ -136,7 +136,7 @@
     - not build_from_sources
 
 - name: Kibana optimization (can take a while)
-  shell: NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana --optimize
+  shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli --optimize
   args:
     executable: /bin/bash
   become: yes
diff --git a/wazuh-qa b/wazuh-qa
new file mode 160000
index 00000000..a2057416
--- /dev/null
+++ b/wazuh-qa
@@ -0,0 +1 @@
+Subproject commit a20574168fedf0c3a69116866fc0d1a61062c21c

From a543fc7ed1905295d2870e21ae4c58a5315f3f0b Mon Sep 17 00:00:00 2001
From: "Manuel J. Bernal" <manu.asi2@gmail.com>
Date: Mon, 27 Apr 2020 14:31:06 +0200
Subject: [PATCH 08/13] Added condition disabled in AWS S3 block

---
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml           | 2 +-
 .../templates/var-ossec-etc-ossec-server.conf.j2              | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index ebb9b92f..bc97c541 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -366,7 +366,7 @@ wazuh_manager_config:
       api_key: '<api_key>'
       alert_level: 12
   monitor_aws:
-    disable: 'no'
+    disabled: 'yes'
     interval: '10m'
     run_on_start: 'yes'
     skip_on_error: 'yes'
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 30da0c50..e7ca872e 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -570,10 +570,10 @@
 {% endfor %}
 {% endif %}
 
-{% if monitor_aws is defined %}
+{% if monitor_aws is defined and monitor_aws.disabled == "no" %}
   <!-- S3 -->
   <wodle name="aws-s3">
-    <disabled>{{ monitor_aws.disable }}</disabled>
+    <disabled>{{ monitor_aws.disabled }}</disabled>
     <interval>{{ monitor_aws.interval }}</interval>
     <run_on_start>{{ monitor_aws.run_on_start }}</run_on_start>
     <skip_on_error>{{ monitor_aws.skip_on_error }}</skip_on_error>

From 883ef93af72ff75f718e079800df3c3f8f995573 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 12:22:59 +0200
Subject: [PATCH 09/13] Bump version to 3.12.3_7.6.2

---
 roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +-
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml    | 8 ++++----
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml  | 6 +++---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml
index 00c74381..d1ddb8e1 100644
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1"
 kibana_server_host: "0.0.0.0"
 kibana_server_port: "5601"
 elastic_stack_version: 7.6.2
-wazuh_version: 3.12.2
+wazuh_version: 3.12.3
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
 elasticrepo:
diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 632c6173..fac17bbb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 3.12.2-1
+wazuh_agent_version: 3.12.3-1
 
 
 # Custom packages installation
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: ""
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v3.12.2"
+  branch: "v3.12.3"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"
@@ -64,8 +64,8 @@ wazuh_winagent_config:
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
   md5: dc64c8bee53df0430e9e03e578ba334d
-wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.2-1.msi
-wazuh_winagent_package_name: wazuh-agent-3.12.2-1.msi
+wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.3-1.msi
+wazuh_winagent_package_name: wazuh-agent-3.12.3-1.msi
 wazuh_agent_config:
   repo:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index bc97c541..b4bc040d 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 3.12.2-1
+wazuh_manager_version: 3.12.3-1
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -15,7 +15,7 @@ wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v3.12.2"
+  branch: "v3.12.3"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"
@@ -40,7 +40,7 @@ wazuh_manager_sources_installation:
 
 wazuh_api_sources_installation:
   enabled: false
-  branch: "v3.12.2"
+  branch: "v3.12.3"
   update: "y"
   remove: "y"
   directory: null

From 6b36e63f1c3b5c7d94b2592686be32ff8dc114fb Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 12:23:09 +0200
Subject: [PATCH 10/13] Update CHANGELOG.md

---
 CHANGELOG.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7a102e14..c9b8803d 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,19 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+
+## [v3.12.3_7.6.2]
+
+### Added
+
+- Update to Wazuh v3.12.2
+- AWS S3 block to template ([@limitup](https://github.com/limitup)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/413)
+
+### Changed
+
+- Update Kibana optimize task parameters and command ([@jm404](https://github.com/jm404)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/412)
+- Update Kibana optimize folder and owner ([@jm404](https://github.com/jm404)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/410)
+
 ## [v3.12.2_7.6.2]
 
 ### Added

From e354359e38179228c992bac695b1e03919d03fb0 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 12:25:55 +0200
Subject: [PATCH 11/13] Update Agent Windows MD5

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index fac17bbb..1baf8bdb 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -63,7 +63,7 @@ wazuh_winagent_config:
   # Adding quotes to auth_path_x86 since win_shell outputs error otherwise
   auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe
   check_md5: True
-  md5: dc64c8bee53df0430e9e03e578ba334d
+  md5: 4ae4e930d3ae9d572b07cd9e7207d783
 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.3-1.msi
 wazuh_winagent_package_name: wazuh-agent-3.12.3-1.msi
 wazuh_agent_config:

From 12090632a78621730b976e4b770f64fd7ad84459 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Thu, 30 Apr 2020 17:01:24 +0200
Subject: [PATCH 12/13] Delete "alert_new_files" occurrences

---
 roles/wazuh/ansible-wazuh-agent/defaults/main.yml              | 1 -
 .../templates/var-ossec-etc-ossec-agent.conf.j2                | 1 -
 roles/wazuh/ansible-wazuh-manager/defaults/main.yml            | 3 ---
 3 files changed, 5 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
index 1baf8bdb..dac051a4 100644
--- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml
@@ -86,7 +86,6 @@ wazuh_agent_config:
     frequency: 43200
     scan_on_start: 'yes'
     auto_ignore: 'no'
-    alert_new_files: 'yes'
     win_audit_interval: 60
     skip_nfs: 'yes'
     skip_dev: 'yes'
diff --git a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2 b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
index ee71769e..2ee7f97d 100644
--- a/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2
@@ -201,7 +201,6 @@
   {% if wazuh_agent_config.syscheck is defined %}
   <syscheck>
     <disabled>no</disabled>
-  <!-- <alert_new_files>{{ wazuh_agent_config.syscheck.alert_new_files }}</alert_new_files> -->
     <frequency>{{ wazuh_agent_config.syscheck.frequency }}</frequency>
     {% if ansible_system == "Linux" %}
     <scan_on_start>{{ wazuh_agent_config.syscheck.scan_on_start }}</scan_on_start>
diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index b4bc040d..a046addf 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -152,7 +152,6 @@ wazuh_manager_config:
     frequency: 43200
     scan_on_start: 'yes'
     auto_ignore: 'no'
-    alert_new_files: 'yes'
     ignore:
       - /etc/mtab
       - /etc/hosts.deny
@@ -389,7 +388,6 @@ wazuh_manager_config:
   #   syscheck:
   #     frequency: 43200
   #     scan_on_start: 'yes'
-  #     alert_new_files: 'yes'
   #     ignore:
   #       - /etc/mtab
   #       - /etc/mnttab
@@ -420,7 +418,6 @@ wazuh_manager_config:
   #     frequency: 43200
   #     scan_on_start: 'yes'
   #     auto_ignore: 'no'
-  #     alert_new_files: 'yes'
   #     windows_registry:
   #       - key: 'HKEY_LOCAL_MACHINE\Software\Classes\batfile'
   #         arch: 'both'

From 100ea616edd1786510c6d4af0e9af9d1a2cc1ce9 Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Fri, 1 May 2020 20:08:50 +0200
Subject: [PATCH 13/13] Remove alert_new_files from ossec.conf template

---
 .../templates/var-ossec-etc-ossec-server.conf.j2                 | 1 -
 .../templates/var-ossec-etc-shared-agent.conf.j2                 | 1 -
 2 files changed, 2 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index e7ca872e..53565007 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -294,7 +294,6 @@
   <!-- File integrity monitoring -->
   <syscheck>
     <disabled>{{ wazuh_manager_config.syscheck.disable }}</disabled>
-    <alert_new_files>{{ wazuh_manager_config.syscheck.alert_new_files }}</alert_new_files>
     <frequency>{{ wazuh_manager_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ wazuh_manager_config.syscheck.scan_on_start }}</scan_on_start>
 
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
index f300f22a..78893385 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-shared-agent.conf.j2
@@ -7,7 +7,6 @@
     {% if agent_config.syscheck.auto_ignore is defined %}
     <auto_ignore>{{ agent_config.syscheck.auto_ignore }}</auto_ignore>
     {% endif %}
-    <alert_new_files>{{ agent_config.syscheck.alert_new_files }}</alert_new_files>
     <frequency>{{ agent_config.syscheck.frequency }}</frequency>
     <scan_on_start>{{ agent_config.syscheck.scan_on_start }}</scan_on_start>