diff --git a/CHANGELOG.md b/CHANGELOG.md index 0baf6c61..cefad37b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v4.6.0] + +### Added + +- Update to [Wazuh v4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460) + ## [v4.5.0] ### Added diff --git a/README.md b/README.md index a060a0ff..122260b2 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb | Wazuh version | Elastic | ODFE | |---------------|---------|--------| +| v4.6.0 | | | | v4.5.0 | | | | v4.4.1 | | | | v4.4.0 | | | diff --git a/VERSION b/VERSION index 8bd134ba..a434bd26 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-ANSIBLE_VERSION="v4.5.0" -REVISION="40500" +WAZUH-ANSIBLE_VERSION="v4.6.0" +REVISION="40600" diff --git a/roles/elastic-stack/ansible-kibana/defaults/main.yml b/roles/elastic-stack/ansible-kibana/defaults/main.yml new file mode 100644 index 00000000..778b4f48 --- /dev/null +++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml @@ -0,0 +1,53 @@ +--- +kibana_node_name: node-1 + +elasticsearch_http_port: "9200" +elasticsearch_network_host: "127.0.0.1" +kibana_server_host: "0.0.0.0" +kibana_server_port: "5601" +kibana_conf_path: /etc/kibana +elastic_stack_version: 7.10.2 +wazuh_version: 4.4.1 +wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana + +elasticrepo: + apt: 'https://artifacts.elastic.co/packages/7.x/apt' + yum: 'https://artifacts.elastic.co/packages/7.x/yum' + gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' + key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4' + +# API credentials +wazuh_api_credentials: + - id: "default" + url: "https://localhost" + port: 55000 + username: "wazuh" + password: "wazuh" + +# Xpack Security +kibana_xpack_security: false +kibana_ssl_verification_mode: "full" + +elasticsearch_xpack_security_user: elastic +elasticsearch_xpack_security_password: elastic_pass + +node_certs_destination: /etc/kibana/certs + +# CA Generation +master_certs_path: "{{ playbook_dir }}/es_certs" +generate_CA: true +ca_cert_name: "" + +# Nodejs +nodejs: + repo_dict: + debian: "deb" + redhat: "rpm" + repo_url_ext: "nodesource.com/setup_10.x" + +# Build from sources +build_from_sources: false +wazuh_plugin_branch: 4.1-7.10 + +#Nodejs NODE_OPTIONS +node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536 diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml new file mode 100644 index 00000000..165a0891 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -0,0 +1,60 @@ +--- + +# Kibana configuration +elasticsearch_http_port: 9200 +elastic_api_protocol: https +kibana_conf_path: /etc/kibana +kibana_node_name: node-1 +kibana_server_host: "0.0.0.0" +kibana_server_port: "5601" +kibana_server_name: "kibana" +kibana_max_payload_bytes: 1048576 +elastic_stack_version: 7.10.2 +wazuh_version: 4.4.1 +wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana + +# The OpenDistro package repository +kibana_opendistro_version: 1.13.2-1 # Version includes the - for RedHat family compatibility, replace with = for Debian hosts + +package_repos: + yum: + opendistro: + baseurl: 'https://packages.wazuh.com/4.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + apt: + opendistro: + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + +# API credentials +wazuh_api_credentials: + - id: "default" + url: "https://localhost" + port: 55000 + username: "wazuh" + password: "wazuh" + +# opendistro Security +kibana_opendistro_security: true +kibana_newsfeed_enabled: "false" +kibana_telemetry_optin: "false" +kibana_telemetry_enabled: "false" + +opendistro_admin_password: changeme +opendistro_kibana_user: kibanaserver +opendistro_kibana_password: changeme +local_certs_path: "{{ playbook_dir }}/opendistro/certificates" + +# Nodejs +nodejs: + repo_dict: + debian: "deb" + redhat: "rpm" + repo_url_ext: "nodesource.com/setup_10.x" + +# Build from sources +build_from_sources: false +wazuh_plugin_branch: 4.1-7.10 + +#Nodejs NODE_OPTIONS +node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536 diff --git a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml index 485917d4..fcaf6739 100644 --- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml +++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml @@ -1,7 +1,7 @@ --- filebeat_version: 7.10.2 -wazuh_template_branch: 4.5 +wazuh_template_branch: 4.6 filebeat_node_name: node-1 diff --git a/roles/wazuh/ansible-filebeat/defaults/main.yml b/roles/wazuh/ansible-filebeat/defaults/main.yml new file mode 100644 index 00000000..61cbfc4f --- /dev/null +++ b/roles/wazuh/ansible-filebeat/defaults/main.yml @@ -0,0 +1,36 @@ +--- +filebeat_version: 7.10.2 + +wazuh_template_branch: v4.4.1 + +filebeat_create_config: true + +filebeat_node_name: node-1 + +filebeat_output_elasticsearch_hosts: + - "localhost:9200" + +filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat +filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz +filebeat_module_package_path: /tmp/ +filebeat_module_destination: /usr/share/filebeat/module +filebeat_module_folder: /usr/share/filebeat/module/wazuh + +# Xpack Security +filebeat_xpack_security: false + +elasticsearch_xpack_security_user: elastic +elasticsearch_xpack_security_password: elastic_pass + +node_certs_destination: /etc/filebeat/certs + +# CA Generation +master_certs_path: "{{ playbook_dir }}/es_certs" +generate_CA: true +ca_cert_name: "" + +elasticrepo: + apt: 'https://artifacts.elastic.co/packages/7.x/apt' + yum: 'https://artifacts.elastic.co/packages/7.x/yum' + gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch' + key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4' diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 84ab7126..d130322a 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_agent_version: 4.5.0 +wazuh_agent_version: 4.6.0 # Custom packages installation @@ -11,7 +11,7 @@ wazuh_custom_packages_installation_agent_rpm_url: "" wazuh_agent_sources_installation: enabled: false - branch: "v4.5.0" + branch: "v4.6.0" user_language: "y" user_no_stop: "y" user_install_type: "agent" diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index cfc09f1e..93b0aba7 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,5 @@ --- -wazuh_manager_version: 4.5.0 +wazuh_manager_version: 4.6.0 wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: present @@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon # Sources installation wazuh_manager_sources_installation: enabled: false - branch: "v4.5.0" + branch: "v4.6.0" user_language: "en" user_no_stop: "y" user_install_type: "server" diff --git a/roles/wazuh/check-packages/defaults/main.yml b/roles/wazuh/check-packages/defaults/main.yml index d6fbfba3..a2a352c2 100644 --- a/roles/wazuh/check-packages/defaults/main.yml +++ b/roles/wazuh/check-packages/defaults/main.yml @@ -1,2 +1,2 @@ --- -wazuh_version: 4.5.0 +wazuh_version: 4.6.0 diff --git a/roles/wazuh/vars/repo.yml b/roles/wazuh/vars/repo.yml index 2dd92669..d8e761fb 100644 --- a/roles/wazuh/vars/repo.yml +++ b/roles/wazuh/vars/repo.yml @@ -6,7 +6,7 @@ wazuh_repo: wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" -certs_gen_tool_version: 4.5 +certs_gen_tool_version: 4.6 # Url of certificates generator tool certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" \ No newline at end of file diff --git a/roles/wazuh/vars/repo_pre-release.yml b/roles/wazuh/vars/repo_pre-release.yml index 3eaf6ca1..e5aaec25 100644 --- a/roles/wazuh/vars/repo_pre-release.yml +++ b/roles/wazuh/vars/repo_pre-release.yml @@ -6,7 +6,7 @@ wazuh_repo: wazuh_winagent_config_url: "https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi" wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi" -certs_gen_tool_version: 4.5 +certs_gen_tool_version: 4.6 # Url of certificates generator tool certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh" \ No newline at end of file diff --git a/roles/wazuh/wazuh-dashboard/defaults/main.yml b/roles/wazuh/wazuh-dashboard/defaults/main.yml index 6ec50215..d0523d72 100644 --- a/roles/wazuh/wazuh-dashboard/defaults/main.yml +++ b/roles/wazuh/wazuh-dashboard/defaults/main.yml @@ -8,12 +8,12 @@ dashboard_node_name: node-1 dashboard_server_host: "0.0.0.0" dashboard_server_port: "443" dashboard_server_name: "dashboard" -wazuh_version: 4.5.0 +wazuh_version: 4.6.0 indexer_cluster_nodes: - 127.0.0.1 # The Wazuh dashboard package repository -dashboard_version: "4.5.0" +dashboard_version: "4.6.0" # API credentials wazuh_api_credentials: diff --git a/roles/wazuh/wazuh-dashboard/vars/debian.yml b/roles/wazuh/wazuh-dashboard/vars/debian.yml index 050a395b..e4b409bb 100644 --- a/roles/wazuh/wazuh-dashboard/vars/debian.yml +++ b/roles/wazuh/wazuh-dashboard/vars/debian.yml @@ -1,2 +1,2 @@ --- -dashboard_version: 4.5.0 +dashboard_version: 4.6.0 diff --git a/roles/wazuh/wazuh-indexer/defaults/main.yml b/roles/wazuh/wazuh-indexer/defaults/main.yml index ba2c69a5..974d089d 100644 --- a/roles/wazuh/wazuh-indexer/defaults/main.yml +++ b/roles/wazuh/wazuh-indexer/defaults/main.yml @@ -1,6 +1,6 @@ --- # Cluster Settings -indexer_version: 4.5.0 +indexer_version: 4.6.0 single_node: false indexer_node_name: node-1