Merge branch 'master' into merge-45-into-master

CHANGELOG.md

@@ -1,6 +1,12 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v4.6.0]
+
+### Added
+
+- Update to [Wazuh v4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)
+
 ## [v4.5.0]
 
 ### Added

README.md

@@ -16,6 +16,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb
 
 | Wazuh version | Elastic | ODFE   |
 |---------------|---------|--------|
+| v4.6.0        |         |        |
 | v4.5.0        |         |        |
 | v4.4.1        |         |        |
 | v4.4.0        |         |        |

VERSION

@@ -1,2 +1,2 @@
-WAZUH-ANSIBLE_VERSION="v4.5.0"
-REVISION="40500"
+WAZUH-ANSIBLE_VERSION="v4.6.0"
+REVISION="40600"

roles/elastic-stack/ansible-kibana/defaults/main.yml

@@ -0,0 +1,53 @@
+---
+kibana_node_name: node-1
+
+elasticsearch_http_port: "9200"
+elasticsearch_network_host: "127.0.0.1"
+kibana_server_host: "0.0.0.0"
+kibana_server_port: "5601"
+kibana_conf_path: /etc/kibana
+elastic_stack_version: 7.10.2
+wazuh_version: 4.4.1
+wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
+
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+
+# API credentials
+wazuh_api_credentials:
+  - id: "default"
+    url: "https://localhost"
+    port: 55000
+    username: "wazuh"
+    password: "wazuh"
+
+# Xpack Security
+kibana_xpack_security: false
+kibana_ssl_verification_mode: "full"
+
+elasticsearch_xpack_security_user: elastic
+elasticsearch_xpack_security_password: elastic_pass
+
+node_certs_destination: /etc/kibana/certs
+
+# CA Generation
+master_certs_path: "{{ playbook_dir }}/es_certs"
+generate_CA: true
+ca_cert_name: ""
+
+# Nodejs
+nodejs:
+  repo_dict:
+      debian: "deb"
+      redhat: "rpm"
+  repo_url_ext: "nodesource.com/setup_10.x"
+
+# Build from sources
+build_from_sources: false
+wazuh_plugin_branch: 4.1-7.10
+
+#Nodejs NODE_OPTIONS
+node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536

roles/opendistro/opendistro-kibana/defaults/main.yml

@@ -0,0 +1,60 @@
+---
+
+# Kibana configuration
+elasticsearch_http_port: 9200
+elastic_api_protocol: https
+kibana_conf_path: /etc/kibana
+kibana_node_name: node-1
+kibana_server_host: "0.0.0.0"
+kibana_server_port: "5601"
+kibana_server_name: "kibana"
+kibana_max_payload_bytes: 1048576
+elastic_stack_version: 7.10.2
+wazuh_version: 4.4.1
+wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
+
+# The OpenDistro package repository
+kibana_opendistro_version: 1.13.2-1 # Version includes the - for RedHat family compatibility, replace with = for Debian hosts
+
+package_repos:
+  yum:
+    opendistro:
+      baseurl: 'https://packages.wazuh.com/4.x/yum/'
+      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+  apt:
+    opendistro:
+      baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
+      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+
+# API credentials
+wazuh_api_credentials:
+  - id: "default"
+    url: "https://localhost"
+    port: 55000
+    username: "wazuh"
+    password: "wazuh"
+
+# opendistro Security
+kibana_opendistro_security: true
+kibana_newsfeed_enabled: "false"
+kibana_telemetry_optin: "false"
+kibana_telemetry_enabled: "false"
+
+opendistro_admin_password: changeme
+opendistro_kibana_user: kibanaserver
+opendistro_kibana_password: changeme
+local_certs_path: "{{ playbook_dir }}/opendistro/certificates"
+
+# Nodejs
+nodejs:
+  repo_dict:
+      debian: "deb"
+      redhat: "rpm"
+  repo_url_ext: "nodesource.com/setup_10.x"
+
+# Build from sources
+build_from_sources: false
+wazuh_plugin_branch: 4.1-7.10
+
+#Nodejs NODE_OPTIONS
+node_options: --no-warnings --max-old-space-size=2048 --max-http-header-size=65536

roles/wazuh/ansible-filebeat-oss/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 filebeat_version: 7.10.2
 
-wazuh_template_branch: 4.5
+wazuh_template_branch: 4.6
 
 filebeat_node_name: node-1
 

roles/wazuh/ansible-filebeat/defaults/main.yml

@@ -0,0 +1,36 @@
+---
+filebeat_version: 7.10.2
+
+wazuh_template_branch: v4.4.1
+
+filebeat_create_config: true
+
+filebeat_node_name: node-1
+
+filebeat_output_elasticsearch_hosts:
+  - "localhost:9200"
+
+filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat
+filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
+filebeat_module_package_path: /tmp/
+filebeat_module_destination: /usr/share/filebeat/module
+filebeat_module_folder: /usr/share/filebeat/module/wazuh
+
+# Xpack Security
+filebeat_xpack_security: false
+
+elasticsearch_xpack_security_user: elastic
+elasticsearch_xpack_security_password: elastic_pass
+
+node_certs_destination: /etc/filebeat/certs
+
+# CA Generation
+master_certs_path: "{{ playbook_dir }}/es_certs"
+generate_CA: true
+ca_cert_name: ""
+
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'

roles/wazuh/ansible-wazuh-agent/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-wazuh_agent_version: 4.5.0
+wazuh_agent_version: 4.6.0
 
 # Custom packages installation
 
@@ -11,7 +11,7 @@ wazuh_custom_packages_installation_agent_rpm_url: ""
 
 wazuh_agent_sources_installation:
   enabled: false
-  branch: "v4.5.0"
+  branch: "v4.6.0"
   user_language: "y"
   user_no_stop: "y"
   user_install_type: "agent"

roles/wazuh/ansible-wazuh-manager/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-wazuh_manager_version: 4.5.0
+wazuh_manager_version: 4.6.0
 
 wazuh_manager_fqdn: "wazuh-server"
 wazuh_manager_package_state: present
@@ -12,7 +12,7 @@ wazuh_custom_packages_installation_manager_rpm_url: "https://s3-us-west-1.amazon
 # Sources installation
 wazuh_manager_sources_installation:
   enabled: false
-  branch: "v4.5.0"
+  branch: "v4.6.0"
   user_language: "en"
   user_no_stop: "y"
   user_install_type: "server"

roles/wazuh/check-packages/defaults/main.yml

@@ -1,2 +1,2 @@
 ---
-wazuh_version: 4.5.0
+wazuh_version: 4.6.0

roles/wazuh/vars/repo.yml

@@ -6,7 +6,7 @@ wazuh_repo:
 wazuh_winagent_config_url: "https://packages.wazuh.com/4.x/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
 wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
 
-certs_gen_tool_version: 4.5
+certs_gen_tool_version: 4.6
 
 # Url of certificates generator tool
 certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh"

roles/wazuh/vars/repo_pre-release.yml

@@ -6,7 +6,7 @@ wazuh_repo:
 wazuh_winagent_config_url: "https://packages-dev.wazuh.com/pre-release/windows/wazuh-agent-{{ wazuh_agent_version }}-1.msi"
 wazuh_winagent_package_name: "wazuh-agent-{{ wazuh_agent_version }}-1.msi"
 
-certs_gen_tool_version: 4.5
+certs_gen_tool_version: 4.6
 
 # Url of certificates generator tool
 certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh"

roles/wazuh/wazuh-dashboard/defaults/main.yml

@@ -8,12 +8,12 @@ dashboard_node_name: node-1
 dashboard_server_host: "0.0.0.0"
 dashboard_server_port: "443"
 dashboard_server_name: "dashboard"
-wazuh_version: 4.5.0
+wazuh_version: 4.6.0
 indexer_cluster_nodes:
   - 127.0.0.1
 
 # The Wazuh dashboard package repository
-dashboard_version: "4.5.0"
+dashboard_version: "4.6.0"
 
 # API credentials
 wazuh_api_credentials:

roles/wazuh/wazuh-dashboard/vars/debian.yml

@@ -1,2 +1,2 @@
 ---
-dashboard_version: 4.5.0
+dashboard_version: 4.6.0

roles/wazuh/wazuh-indexer/defaults/main.yml

@@ -1,6 +1,6 @@
 ---
 # Cluster Settings
-indexer_version: 4.5.0
+indexer_version: 4.6.0
 
 single_node: false
 indexer_node_name: node-1