From cd5a00633117dc94fda220133a71f67ab184e34a Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez Date: Tue, 24 Mar 2020 20:25:38 +0100 Subject: [PATCH 01/11] Update path for wazuh.yml --- roles/elastic-stack/ansible-kibana/tasks/main.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index efd16de5..2e39391f 100644 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -161,10 +161,15 @@ validate_certs: no status_code: 200, 404 +- name: Create wazuh plugin config directory + file: + path: /usr/share/kibana/optimize/wazuh/config/ + state: directory + - name: Configure Wazuh Kibana Plugin template: src: wazuh.yml.j2 - dest: /usr/share/kibana/plugins/wazuh/wazuh.yml + dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml owner: kibana group: root mode: 0644 From 9cdce6e988d697022ffe6546185157fe9befc66c Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez Date: Thu, 26 Mar 2020 14:43:47 +0100 Subject: [PATCH 02/11] Fix permissions --- roles/elastic-stack/ansible-kibana/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index 2e39391f..27673060 100644 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -165,6 +165,10 @@ file: path: /usr/share/kibana/optimize/wazuh/config/ state: directory + recurse: yes + owner: kibana + group: kibana + mode: '0755' - name: Configure Wazuh Kibana Plugin template: From 605ec63caf4549156b82283d199b5b470cc487ea Mon Sep 17 00:00:00 2001 From: "Manuel J. Bernal" Date: Thu, 2 Apr 2020 15:03:08 +0200 Subject: [PATCH 03/11] Removed duplicated block --- .../ansible-elasticsearch/tasks/Debian.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml index 74c6bcf2..20f4231b 100644 --- a/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml +++ b/roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml @@ -18,16 +18,6 @@ - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 -- name: Update and upgrade apt packages - become: true - apt: - upgrade: yes - update_cache: yes - cache_valid_time: 86400 #One day - when: - - ansible_distribution == "Ubuntu" - - ansible_distribution_major_version | int == 14 - - name: Debian/Ubuntu | Add Elasticsearch GPG key. apt_key: url: "{{ elasticrepo.gpg }}" From 488508815baeedb88e8564c509c05d88ce520081 Mon Sep 17 00:00:00 2001 From: Zenidd Date: Mon, 6 Apr 2020 15:39:33 +0200 Subject: [PATCH 04/11] Removing owner:group and permissions masks to be idempotence compliant --- roles/elastic-stack/ansible-kibana/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index 27673060..2129c0df 100644 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -166,17 +166,11 @@ path: /usr/share/kibana/optimize/wazuh/config/ state: directory recurse: yes - owner: kibana - group: kibana - mode: '0755' - name: Configure Wazuh Kibana Plugin template: src: wazuh.yml.j2 dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml - owner: kibana - group: root - mode: 0644 - name: Reload systemd configuration systemd: From 2d8029d6bfab09ebd5d4f7a16a249bfd3c46fe0a Mon Sep 17 00:00:00 2001 From: Zenidd Date: Mon, 6 Apr 2020 16:41:24 +0200 Subject: [PATCH 05/11] Removing python-cryptography module --- .../ansible-wazuh-manager/tasks/RedHat.yml | 20 ------------------- 1 file changed, 20 deletions(-) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index cb0dbf5a..2e0751fd 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -62,25 +62,6 @@ - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6' - wazuh_manager_config.cluster.disable != 'yes' -- name: CentOS/RedHat 6 | Install python-cryptography module - pip: name=cryptography state=present - register: wazuh_manager_cryptography_package_installed - until: wazuh_manager_cryptography_package_installed is succeeded - environment: - PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}" - LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib" - when: - - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6' - - wazuh_manager_config.cluster.disable != 'yes' - -- name: RedHat/CentOS/Fedora | Install python-cryptography module - package: name=python-cryptography state=present - register: wazuh_manager_cryptography_package_installed - until: wazuh_manager_cryptography_package_installed is succeeded - when: - - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' ) - - wazuh_manager_config.cluster.disable != 'yes' - - name: RedHat/CentOS/Fedora | Install OpenJDK 1.8 yum: name=java-1.8.0-openjdk state=present when: @@ -168,4 +149,3 @@ - ansible_distribution_major_version|int < 6 tags: - init - From 6e12764ff53d8ef8151644b5d9b4c95d39bf98f1 Mon Sep 17 00:00:00 2001 From: Zenidd Date: Wed, 8 Apr 2020 14:06:53 +0200 Subject: [PATCH 06/11] Setting optimize --max-old-space-size default value to 2048mb --- roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index 2ac2cde5..43f413e6 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -50,4 +50,4 @@ build_from_sources: false wazuh_plugin_branch: 3.12-7.6 #Nodejs NODE_OPTIONS -node_options: --max-old-space-size=4096 +node_options: --max-old-space-size=2048 From 6b3f04f32c829c5ddfd71ac21cc8b1aa193ad03f Mon Sep 17 00:00:00 2001 From: "Manuel J. Bernal" Date: Wed, 8 Apr 2020 19:56:44 +0200 Subject: [PATCH 07/11] Bump version --- CHANGELOG.md | 11 +++++++++++ VERSION | 2 +- .../ansible-elasticsearch/defaults/main.yml | 2 +- .../elastic-stack/ansible-kibana/defaults/main.yml | 4 ++-- roles/wazuh/ansible-filebeat/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 8 ++++---- .../wazuh/ansible-wazuh-manager/defaults/main.yml | 14 +++++++------- 7 files changed, 27 insertions(+), 16 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 520661ef..f6eb30c8 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,17 @@ # Change Log All notable changes to this project will be documented in this file. +## [v3.12.1_7.6.2] + +### Added + +- Update to Wazuh v3.12.1 + +### Fixed +- Adjusting Kibana plugin optimization max memory ([@Zenidd](https://github.com/Zenidd)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/404) +- Removed python-cryptography library tasks ([@Zenidd](https://github.com/Zenidd)) [PR#401](https://github.com/wazuh/wazuh-ansible/pull/401) +- Removed duplicated task block ([@manuasir](https://github.com/manuasir)) [PR#400](https://github.com/wazuh/wazuh-ansible/pull/400) + ## [v3.12.0_7.6.1] ### Added diff --git a/VERSION b/VERSION index d6be8992..2856bf05 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4" -REVISION="31140" +REVISION="31210" diff --git a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml index e04f9527..6f2528c3 100644 --- a/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml +++ b/roles/elastic-stack/ansible-elasticsearch/defaults/main.yml @@ -4,7 +4,7 @@ elasticsearch_http_port: 9200 elasticsearch_network_host: 127.0.0.1 elasticsearch_reachable_host: 127.0.0.1 elasticsearch_jvm_xms: null -elastic_stack_version: 7.6.1 +elastic_stack_version: 7.6.2 elasticsearch_lower_disk_requirements: false elasticrepo: diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index 43f413e6..c45711aa 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -5,8 +5,8 @@ elasticsearch_http_port: "9200" elasticsearch_network_host: "127.0.0.1" kibana_server_host: "0.0.0.0" kibana_server_port: "5601" -elastic_stack_version: 7.6.1 -wazuh_version: 3.12.0 +elastic_stack_version: 7.6.2 +wazuh_version: 3.12.1 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp elasticrepo: diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml index 8f06aaf4..cc7de7bf 100644 --- a/roles/wazuh/ansible-filebeat/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -1,5 +1,5 @@ --- -filebeat_version: 7.6.1 +filebeat_version: 7.6.2 filebeat_create_config: true diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 8041962f..0111e76c 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 3.12.0-1 +wazuh_agent_version: 3.12.1-1 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v3.12.0" + branch: "v3.12.1" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -64,8 +64,8 @@ wazuh_winagent_config: auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True md5: 91efaefae4e1977670eab0c768a22a93 -wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.0-1.msi -wazuh_winagent_package_name: wazuh-agent-3.12.0-1.msi +wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.1-1.msi +wazuh_winagent_package_name: wazuh-agent-3.12.1-1.msi wazuh_agent_config: repo: apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main' diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index db4f8841..f409a76c 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,21 +1,21 @@ --- -wazuh_manager_version: 3.12.0-1 +wazuh_manager_version: 3.12.1-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present # Custom packages installation wazuh_custom_packages_installation_manager_enabled: false -wazuh_custom_packages_installation_manager_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-manager_3.12.0-0.3319fimreworksqlite_amd64.deb" -wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-manager-3.12.0-0.3319fimreworksqlite.x86_64.rpm" +wazuh_custom_packages_installation_manager_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/" +wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/" wazuh_custom_packages_installation_api_enabled: false -wazuh_custom_packages_installation_api_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/deb/var/wazuh-api_3.12.0-0.3319fimreworksqlite_amd64.deb" -wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/warehouse/branches/3.12/rpm/var/wazuh-api-3.12.0-0.3319fimreworksqlite.x86_64.rpm" +wazuh_custom_packages_installation_api_deb_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/" +wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws.com/packages-dev.wazuh.com/" # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v3.12.0" + branch: "v3.12.1" user_language: "en" user_no_stop: "y" user_install_type: "server" @@ -40,7 +40,7 @@ wazuh_manager_sources_installation: wazuh_api_sources_installation: enabled: false - branch: "v3.12.0" + branch: "v3.12.1" update: "y" remove: "y" directory: null From b57623b9163329dac64c71c31fb6535162b8de78 Mon Sep 17 00:00:00 2001 From: "Manuel J. Bernal" Date: Wed, 8 Apr 2020 19:59:52 +0200 Subject: [PATCH 08/11] Bump MD5 hash --- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 0111e76c..20aaa015 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -63,7 +63,7 @@ wazuh_winagent_config: # Adding quotes to auth_path_x86 since win_shell outputs error otherwise auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True - md5: 91efaefae4e1977670eab0c768a22a93 + md5: dbbb412cc3eccdccde27a68628cb2042 wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.1-1.msi wazuh_winagent_package_name: wazuh-agent-3.12.1-1.msi wazuh_agent_config: From 0c328081e712bd281ed464f33d9c1af3d9fd94bd Mon Sep 17 00:00:00 2001 From: Zenidd Date: Mon, 13 Apr 2020 10:35:12 +0200 Subject: [PATCH 09/11] Bump version to 3.12.2-7.6.2 --- CHANGELOG.md | 6 ++++++ VERSION | 2 +- roles/elastic-stack/ansible-kibana/defaults/main.yml | 2 +- roles/wazuh/ansible-wazuh-agent/defaults/main.yml | 10 +++++----- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 6 +++--- 5 files changed, 16 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f6eb30c8..87fbdd09 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v3.12.2_7.6.2] + +### Added + +- Update to Wazuh v3.12.2 + ## [v3.12.1_7.6.2] ### Added diff --git a/VERSION b/VERSION index 2856bf05..22dfe1fb 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-ANSIBLE_VERSION="v4" -REVISION="31210" +REVISION="31220" diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml index c45711aa..d3305612 100644 --- a/roles/elastic-stack/ansible-kibana/defaults/main.yml +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -6,7 +6,7 @@ elasticsearch_network_host: "127.0.0.1" kibana_server_host: "0.0.0.0" kibana_server_port: "5601" elastic_stack_version: 7.6.2 -wazuh_version: 3.12.1 +wazuh_version: 3.12.2 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp elasticrepo: diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 20aaa015..632c6173 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 3.12.1-1 +wazuh_agent_version: 3.12.2-1 # Custom packages installation @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v3.12.1" + branch: "v3.12.2" user_language: "y" user_no_stop: "y" user_install_type: "agent" @@ -63,9 +63,9 @@ wazuh_winagent_config: # Adding quotes to auth_path_x86 since win_shell outputs error otherwise auth_path_x86: C:\'Program Files (x86)'\ossec-agent\agent-auth.exe check_md5: True - md5: dbbb412cc3eccdccde27a68628cb2042 -wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.1-1.msi -wazuh_winagent_package_name: wazuh-agent-3.12.1-1.msi + md5: dc64c8bee53df0430e9e03e578ba334d +wazuh_winagent_config_url: https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.2-1.msi +wazuh_winagent_package_name: wazuh-agent-3.12.2-1.msi wazuh_agent_config: repo: apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main' diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index f409a76c..ae936e06 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 3.12.1-1 +wazuh_manager_version: 3.12.2-1 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -15,7 +15,7 @@ wazuh_custom_packages_installation_api_rpm_url: "https://s3-us-west-1.amazonaws. # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v3.12.1" + branch: "v3.12.2" user_language: "en" user_no_stop: "y" user_install_type: "server" @@ -40,7 +40,7 @@ wazuh_manager_sources_installation: wazuh_api_sources_installation: enabled: false - branch: "v3.12.1" + branch: "v3.12.2" update: "y" remove: "y" directory: null From ae52e6fa1f181c860bdb96a32dd2c9964cb240c5 Mon Sep 17 00:00:00 2001 From: Zenidd Date: Mon, 13 Apr 2020 11:05:12 +0200 Subject: [PATCH 10/11] Removing v3.12.1 from changelog --- CHANGELOG.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 87fbdd09..7a102e14 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,12 +7,6 @@ All notable changes to this project will be documented in this file. - Update to Wazuh v3.12.2 -## [v3.12.1_7.6.2] - -### Added - -- Update to Wazuh v3.12.1 - ### Fixed - Adjusting Kibana plugin optimization max memory ([@Zenidd](https://github.com/Zenidd)) [PR#404](https://github.com/wazuh/wazuh-ansible/pull/404) - Removed python-cryptography library tasks ([@Zenidd](https://github.com/Zenidd)) [PR#401](https://github.com/wazuh/wazuh-ansible/pull/401) From a8d24ff3f8300a406fc7ddf23a0762acf04ff37b Mon Sep 17 00:00:00 2001 From: Zenidd Date: Mon, 13 Apr 2020 13:46:11 +0200 Subject: [PATCH 11/11] Removing precise from default vuln-detector config --- roles/wazuh/ansible-wazuh-manager/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index ae936e06..972edec1 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -236,7 +236,6 @@ wazuh_manager_config: providers: - enabled: 'no' os: - - 'precise' - 'trusty' - 'xenial' - 'bionic'