afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
885 Commits 1 Branch 0 Tags 3.5 MiB
0e196abb51
Commit Graph

433 Commits

Author SHA1 Message Date
Jose M
c6e14f23a0 Update Filebeat certificate imports 2019-07-30 17:44:37 +02:00
Jose M
a305d4ff6f Add Filebeat default parameter 2019-07-30 17:37:05 +02:00
Jose M
229f273e27 Fix Kibana APP installation by becoming user kibana 2019-07-30 17:36:31 +02:00
Jose M
2656feac52 Update kibana certs importing 2019-07-30 17:36:09 +02:00
Jose M
431bc16343 Add default value master_certs_destination for kibana 2019-07-30 17:35:39 +02:00
Jose M
fbbf79a153 Remove daemon reload and centos 6 blocks 2019-07-30 17:35:20 +02:00
Jose M
d877738d45 Removing unneeded blocks and commenting latest implementation for centos and trusty 2019-07-30 15:18:55 +02:00
Jose M
db44b6f450 Modified template to accept newly defined variables 2019-07-30 14:27:33 +02:00
Jose M
5d4e53b089 Modified task propagation of certificates 2019-07-30 14:27:10 +02:00
Jose M
337e3de09f Add master_certs_destination parameter 2019-07-30 14:26:15 +02:00
Manuel J. Bernal
befe2b6a98
Merge pull request #212 from wazuh/3.9.3_7.2.0_issue_#184 
Fixes for Elasticsearch issue #184 -  Testing Elasticsearch functionality when network.host is not localhost.
 2019-07-24 15:20:29 +02:00
rshad
125b2114e6 changed elasticssearch: network.host from 0.0.0.0 to 127.0.0.1 2019-07-24 12:41:52 +00:00
rshad
fcb584ab20 fixed linting errors by refactoring ansible tests and change a variable name 2019-07-24 10:49:17 +00:00
Manuel J. Bernal
8d267f5a5b
Merge pull request #204 from ionphractal/use-tcp 
Use tcp for all connections
 2019-07-24 12:02:32 +02:00
rshad
8575aecc88 fixed the problem by adding a new variable to test the connectivity to Elastic 2019-07-23 19:36:09 +00:00
Jani Heikkinen
8db9700f02 added wazuh_agent_nat boolean variable for agents behind nat 2019-07-18 09:00:39 +00:00
Rshad Zhran
14cd09a034 version bumping .. 2019-07-17 13:27:43 +02:00
Rshad Zhran
84c0df02dc Adapted: become: yes -> become:true 2019-07-17 12:58:44 +02:00
Rshad Zhran
2150d71a60 changing permissions 2019-07-17 12:21:19 +02:00
Rshad Zhran
687797a66c ignored Ubuntu Trusty in Testing 2019-07-16 17:23:09 +02:00
Rshad Zhran
fc38d565d9 fixed Elasticsearch installation's issues related to Idempotence test - Test passed successfully 2019-07-16 12:29:07 +02:00
Rshad Zhran
eb70809add fixed Elasticsearch installation's issues caused by the absense of Java in Ubuntu Trusty 2019-07-15 17:06:13 +02:00
Michael Both
9605280db0 Use tcp for all connections 2019-07-15 14:32:19 +02:00
Rshad Zhran
df428f5f52 fixed elasticsearch installation for Centos 6.* - Adding Java Installation 2019-07-15 14:04:13 +02:00
rshad
d08b013224 Kibana test is probably fixed, saving changes ... 2019-07-12 14:24:31 +00:00
rshad
873e9759ae Versioning and Ansible-Linting fixes are introduced to wazuh-agent and filebeat installations and testings 2019-07-12 13:06:02 +00:00
rshad
5d006cbc3a adapted wazuh-manager installation so it takes into account the package version - Differentiating between CentOS/RedHat and Debian 2019-07-09 15:31:38 +00:00
rshad
a48169d53f modified molecule.yml for wazuh-agent and elasticsearch - Lint 2019-07-08 09:27:01 +00:00
manuasir
76372da8d9 Fetching tests and workarounds 2019-07-04 12:23:59 +02:00
manuasir
6609cc9aa7 Modifying variable names 2019-07-04 12:05:37 +02:00
Jose M
72894d4a25 Fix conditions error on ES, Kibana and Filebeat 2019-07-03 14:09:46 +02:00
Jose M
4539f368b6 Add certificate imports and fix folder permissions to filebeat 2019-07-02 19:09:36 +02:00
Jose M
7924f89dc2 Update filebeat default variables 2019-07-02 19:09:17 +02:00
Jose M
3f6226297b Add copy of certificates and folder permissions fix to Kibana. 2019-07-02 19:09:01 +02:00
Jose M
f52fb8cb9a Add kibana default variables 2019-07-02 19:08:31 +02:00
Jose M
7998f034b8 Include discovery seed hosts on boostraper node. 2019-07-02 19:08:09 +02:00
Jose M
5787b348fe Upgrade elasticsearch tasks. Fix permissions. 2019-07-02 19:07:37 +02:00
Jose M
e3cd8731f3 Fix instances and certs.zip checks and generation. 2019-07-02 10:47:32 +02:00
Jose M
2b18745cd0 Add XPack settings to Kibana template 2019-07-01 18:04:40 +02:00
Jose M
2656d89933 Add XPack default variables for Kibana 2019-07-01 18:04:26 +02:00
Jose M
ddc01dcc23 Add 'elasticsearch_xpack_security_user' to elasticsearth defaults 2019-07-01 18:04:03 +02:00
Jose M
ab8cdd13c6 Added task to remove certs file after propagation. 2019-07-01 16:07:10 +02:00
Jose M
3ff5a194df Update Filebeat for XPack Security 2019-07-01 15:51:23 +02:00
Jose M
6cffed9218 Add required default attributes XPack in Filebeat. 2019-07-01 15:50:48 +02:00
Jose M
fdb1113a19 Add task to configure ES bootstrap password. 2019-07-01 15:50:06 +02:00
Jose M
d78393115f Add default ' elasticsearch_xpack_security_password' variable 2019-07-01 15:49:38 +02:00
Jose M
db6f69cfb8 Rename importing blocks 2019-07-01 12:31:03 +02:00
Jose M
bd32839f27 Add Xpack http security to elasticsearch template. 2019-07-01 12:00:48 +02:00
Jose M
54885a9e0d Remove deprecated import of wazuh template. 2019-07-01 11:57:15 +02:00
Jose M
5d8286f0de Import ca certificate in remote nodes. 2019-07-01 11:53:19 +02:00
Jose M
2525dbd2af Copy .key and .crt in generator node (locally) 2019-07-01 11:52:25 +02:00
Jose M
a1e6dec7b4 Rename node_generate_certs in instances template. 2019-06-28 18:15:00 +02:00
Jose M
c27c3c16ab Enabled xpack security fields 2019-06-28 18:14:48 +02:00
Jose M
40b6979a29 Reorganized main.yml. Acded task to copy certs locally. 2019-06-28 18:14:36 +02:00
Jose M
1d718f55d3 Add default variables for Xpack and Rsync 2019-06-28 18:14:01 +02:00
manuasir
3ea96a8e8d Merge branch 'elk-sercurity-dev' of https://github.com/wazuh/wazuh-ansible into elk-sercurity-dev 2019-06-28 15:20:18 +02:00
manuasir
02e4bd951b Check if the certificates exist or not 2019-06-28 15:20:14 +02:00
Jose M
7fe831d6ee Remove quotes from node master option. 2019-06-28 14:56:43 +02:00
mohamed-aziz
19622360b1 Fix elasticsearch config bug requiring lowercase boolean value 2019-06-28 12:51:02 +01:00
Jose M
d3170139a0 Add xpack parameters to elasticsearch.yml 2019-06-28 12:51:01 +02:00
Jose M
e76dc5dcab Update main.yml to add rsync 2019-06-28 12:50:19 +02:00
Jose M
071e354fbd Adapted template to render nodes. 2019-06-28 10:40:30 +02:00
Jose M
4473c01032 Changed format of instances template. Name is required 2019-06-28 10:11:36 +02:00
Jose M
42fb6bf937 Get node master value for template. Rename cluster to discovery block. 2019-06-28 10:11:16 +02:00
Jose M
ed9b411b63 Add 'node_generate_certs' condition to shell block 2019-06-28 10:10:22 +02:00
Jose M
f0c6d0fcac Add elasticsearch_discover_nodes parameter 2019-06-28 10:09:39 +02:00
manuasir
48746b9f5a New task for generating instances.yml file 2019-06-26 19:37:02 +02:00
manuasir
090514b9c5 New tasks for checking instances.yml file 2019-06-26 19:05:46 +02:00
manuasir
7194675f02 Added new template for instances.yml file 2019-06-26 19:05:17 +02:00
manuasir
dda93ebd15 Added new conditions and variables to tasks 2019-06-26 18:52:58 +02:00
manuasir
0e9996b472 Added new variable for enabling xpack security 2019-06-26 17:01:06 +02:00
manuasir
a18a235b13 Modifying template for allowing xpack.security 2019-06-26 17:00:54 +02:00
manuasir
11721ebe14 Added new tasks for xpack security 2019-06-26 17:00:40 +02:00
manuasir
eb66e7d4cb Passing tests 2019-06-14 17:12:49 +02:00
Manuel J. Bernal
42a7f0604e Changed README 2019-06-13 17:53:45 +02:00
Manuel J. Bernal
6b95e304b6 Supporting ELK 7 cluster 2019-06-13 17:49:05 +02:00
Manuel J. Bernal
7619b44426 Added changes for ELK 7 2019-06-12 21:11:12 +02:00
Manuel J. Bernal
a92b7ad284 Supporting cluster node types 2019-06-12 21:03:55 +02:00
manuasir
3ac36b05f8 Deleted Logstash and added new Filebeat.yml template 2019-06-06 17:24:18 +02:00
Okynos
874a05b3ca
Added a testing purposes workaround 2019-06-03 18:53:25 -07:00
Manuel J. Bernal
bfc3d4e4e1 Bump version 2019-05-21 21:05:44 +02:00
Werner Dijkerman
4658fe7a4e Fix merge issue 2019-05-06 19:07:24 +02:00
Werner Dijkerman
a3425d04ac Added comments in tests;Added some skip tasks 2019-05-06 18:56:14 +02:00
Werner Dijkerman
e5b0e2b40e Added tests for Logstash 2019-05-03 16:34:09 +02:00
Werner Dijkerman
6e3b92bcc4 Added Molecule test for the Elasticsearch role 2019-04-30 19:17:56 +02:00
manuasir
3c56b74d1e Bump version. 2019-04-30 18:07:30 +02:00
jm404
cd3fcc7857 Fixed linting problems for molecule tests. 2019-04-30 17:00:44 +02:00
jm404
bcd535351b Adding openjdk repository for Ubuntu 14.04. 2019-04-30 16:59:29 +02:00
jm404
2716f2c7bf Fixed conflicts. 2019-04-29 17:42:48 +02:00
Werner Dijkerman
06589471f0 Fixed typo 2019-04-29 15:57:22 +02:00
Werner Dijkerman
af758690a1 Added molecule test for the Wazuh Agent 2019-04-27 15:26:18 +02:00
l
9e22760911 Fixing whitespaces 2019-04-24 17:41:27 +02:00
l
b84aecfa67 Fixing syntax error at Debian tasks 2019-04-24 17:30:40 +02:00
l
a29eb8faf4 Using OpenJDK for cis-cat and for elastic at Debian based distros 2019-04-24 16:45:29 +02:00
l
32e3d45ced Changing CentOS install from Oracle JDK to OpenJDK 2019-04-24 13:35:29 +02:00
Werner Dijkerman
fa7a5e6b91 Added some tests with Testinfra 2019-04-16 20:36:31 +02:00
Werner Dijkerman
41f7be184e Added retries for tasks that work with "3rd" party services 2019-04-16 19:16:54 +02:00
Werner Dijkerman
dc8438401f Added where possible the wazuh-manager role idempotent. Have to disable this because of issue #107 2019-04-16 19:09:36 +02:00
Werner Dijkerman
8291e4ab9f Added a successful installation on provided Docker containers with Molecule 2019-04-15 21:52:08 +02:00
Manuel J. Bernal
1c4b87b60e
Merge branch '3.9' into add-molecule-tests 2019-04-15 11:05:27 +02:00
l
78de851347 Updating elastic stack version to 6.7.1 2019-04-11 19:36:01 +02:00
Manuel J. Bernal
96012df2fc
Merge branch '3.9' into active_response 2019-04-04 10:45:17 +02:00
l
ce4665ef3e Fixing default active response 2019-04-04 10:22:33 +02:00
Manuel J. Bernal
deaffd9c8e
Merge pull request #159 from kravietz/email_fix 
Email fix
 2019-04-03 15:02:31 +02:00
l
29301b0044 Adding alias to agent config file template 2019-04-03 12:20:59 +02:00
Manuel J. Bernal
07dacae92d
Merge pull request #110 from wazuh/3.7-concurrent-packages 
Installing concurrent apt packages
 2019-04-01 17:30:30 +02:00
l
7e284b8dd4 Using apt list at kibana 2019-04-01 12:59:39 +02:00
l
a9344cf181 Using list instead of iterating over one to install packages 2019-04-01 12:23:48 +02:00
Manuel J. Bernal
968e7f8206
Merge pull request #146 from perryk/fix_couple_warning_pk1 
Fix a couple of minor warnings from default 3.8 manager role
 2019-03-28 18:08:10 +01:00
Pawel Krawczyk
7381dc8b2b Fix wazuh_manager_config.email_notification 
There's no need for a complicated if..then condition here since the
value is expected to be yes/no only
 2019-03-22 00:03:42 +00:00
Pawel Krawczyk
f96ab0a317 Add flag to accept remote commands from manager 
Without this flag the agent will not accept any system check
commands (`command` and `full_command`) configured in the Wazuh
Manager settings to cascade down to agents.
 2019-02-20 13:31:24 +00:00
Pawel Krawczyk
bcd327280e Do not report virtual filesystems in df 
Tell `df` not to report on virtual filesystems such as `squashfs` (used
by `snapd` and always at 100%), `tmpfs` (memory-only) and `devtmpfs`
(used by `udev`)
 2019-02-18 13:01:42 +00:00
Pawel Krawczyk
81058daf1b Replace netstat with ss 
The `ss` program is now the official replacement for `netstat` which
is deprecated in most Linux distributions. Also replace the messy sed
rules which do not work on all versions with a clean command-line that
just displays the key information that does **not** change on every
command run (e.g. PID) resulting in false positives.
 2019-02-18 12:59:48 +00:00
Pawel Krawczyk
68cd434466 do no include syscheck section if not defined 2019-02-17 20:03:40 +00:00
Pawel Krawczyk
a94038201a typo 2019-02-17 20:03:30 +00:00
Pawel Krawczyk
58a76a8c08 Enable active-response section 
As of now the whole active-response section was commented out and
inactive
 2019-02-17 00:16:31 +00:00
jjediny
e1aeff0fd6 adding back .yamllint pretask and results 2019-02-11 23:31:38 -05:00
jjediny
451792356c initial minimal working molecule testing suite with circleci WIP for https://github.com/wazuh/wazuh-ansible/issues/138 2019-02-10 13:19:45 -05:00
AlfonsoRBJ
2030751eac Update to Wazuh version v3.8.2 2019-01-30 17:02:33 +01:00
AlfonsoRBJ
a0b3fae9d2 Update to Wazuh version 3.8.1 (#148) 2019-01-24 15:09:45 +01:00
Perry Kollmorgen
1b51b2dc11 Fix warning from vul_detector config for Redhat Feed Name #145 
The value for the Redhat Feed Name in the ossec.conf template no longer
requires a version. i.e the value should be "redhat" rather "redhat-7"
or similar.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/wodle-vuln-detector.html#feed
https://github.com/wazuh/wazuh/pull/2137
 2019-01-21 09:12:35 +10:00
Perry Kollmorgen
72b0f672d6 Fix warning from cluster interval option in defaults #145 
The interval option in the cluster section in the defaults has been
depreciated and no longer requires to be set.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/cluster.html#interval
 2019-01-21 09:10:45 +10:00
AlfonsoRBJ
df95a75b6b
Merge pull request #143 from wazuh/PR-java-path 
Fix oracle java cookies
 2019-01-18 16:35:59 +01:00
cadoming
37bfa5be17 3.8 release 2019-01-18 15:11:40 +00:00
Carlos Dominguez
d4b2de38de
delete save file 2019-01-17 17:03:17 +01:00
cadoming
949aa7f043 adapt new version (3.8.0-6.5.4) 2019-01-17 15:42:11 +00:00
cadoming
61260986c0 fixed java path 2019-01-16 16:16:06 +00:00
Carlos Dominguez
236e76f73d Fixes typos (#130) 2019-01-14 09:19:02 +01:00
Carlos Dominguez
e97a0ff7a3 Labels configuration (#135) 2019-01-14 09:12:09 +01:00
Carlos Dominguez
59008bda4d delete useless files (#137) 2019-01-14 09:07:47 +01:00
Carlos Dominguez
492c25eeaf
Merge pull request #133 from singuliere/agent-cleanup 
cleanup: move redundant tags to the outer block
 2019-01-11 15:20:05 +01:00
Carlos Dominguez
21fbe85010
Merge pull request #132 from paulcalabro/master 
wazuh_manager_fqdn is a scalar not a sequence
 2019-01-11 15:16:52 +01:00
Carlos Dominguez
e644b1e231
Merge pull request #120 from saez0pub/3.7 
FIX multiple remote connection
 2019-01-10 13:18:17 +01:00
Carlos Dominguez
02736e1ab3
Merge branch '3.7' into Issue_78-windows_ossec_conf 2019-01-10 13:11:03 +01:00
Carlos Dominguez
c50d2b3828
Merge pull request #117 from wazuh/Issue_91-single_agent_name 
Custom name for single agent registration
 2019-01-10 12:09:46 +01:00
singuliere
d33b5c90c3
cleanup: move redundant tags to the outer block 2019-01-10 10:01:06 +01:00
Paul Calabro
0565486e6d
wazuh_manager_fqdn is a sequence not a scalar 
Updated to `~` to reflect a null string, similar to [] for an empty sequence.
 2019-01-09 20:51:48 -07:00
Jean Prat
1e2e1f1f30
FIX multiple remote connection 2019-01-04 16:26:26 +01:00
cadoming
620bf04835 ossec.conf for windows agents 2019-01-03 09:35:40 +00:00
Paul Calabro
204ad3c6ff Fixed a couple linting issues with yamllint and ansible-review (#111) 
- yamllint: "truthy value should be true or false"
   (Docs: https://github.com/adrienverge/yamllint/blob/master/yamllint/rules/truthy.py)
- ansible-review: "WARN: Best practice "Use YAML format for tasks and handlers rather than key=value" not met:"
  (Docs: 2aacd7462f/lib/ansiblereview/tasks.py)
 2018-12-27 12:57:24 +01:00
Carlos Dominguez
e94a0cf473 change installation directory (#116) 2018-12-27 12:52:27 +01:00
cadoming
b5dd470c2c custom name for single agent registration 2018-12-27 10:49:34 +00:00
AlfonsoRBJ
2d8283d560
Merge branch '3.7' into Issue_95-default_configuration 2018-12-20 18:20:43 +01:00
Carlos Dominguez
e6ba94d4b9 exception reload systemd task (#114) 2018-12-20 17:58:55 +01:00
AlfonsoRBJ
99c3981874 Update Elastic-Stack to version 6.5.4 2018-12-20 16:45:38 +01:00
AlfonsoRBJ
6fb31c3fa3 Addapt Wazuh-Ansible to Wazuh 3.7.2 2018-12-20 15:36:54 +01:00
manuasir
96390a2d46 Installing apt packages concurrently, related #109 2018-12-19 10:22:40 +01:00
Luis Gil Guijarro
cd64a52eb2 Updating to Elastic Stack to 6.5.3 and Wazuh 3.7.1 2018-12-14 18:40:40 +01:00
cadoming
1cc33d7266 cdb_lists.yml update 2018-12-14 10:54:59 +00:00
root
852d5909eb os_family localfiles 2018-12-13 13:42:15 +00:00
root
23aeeffff2 default configuration update v1 2018-12-13 10:59:13 +00:00
Luis Gil Guijarro
139b1988fe Add authlog fix to localfile (#99) 2018-12-10 18:39:23 +01:00
cadoming
794beeae15 custom_ruleset relative path 2018-12-10 11:02:37 +00:00
cadoming
50b5e774de fix defaults/main.yml 2018-12-05 12:56:15 +00:00
cadoming
c226c6f44d Moved custom_ruleset files 2018-12-05 12:01:36 +00:00
cadoming
53322bbec8 Multiple IPs option 2018-11-20 10:49:37 +00:00
AlfonsoRBJ
28d6ecae5d
Merge branch '3.7' into Issue-77_conflict_configurations 2018-11-16 12:30:00 +01:00
AlfonsoRBJ
1369b3df41
Merge branch '3.7' into Issue-34_local_internal_options 2018-11-16 12:20:42 +01:00
AlfonsoRBJ
99a6a3d6b0
Merge branch '3.7' into Issue-88_version_windows_installer 2018-11-16 11:38:34 +01:00
cadoming
bdf913453e Added windows task 2018-11-16 10:34:41 +00:00
cadoming
f2b3ac68bb agent configuration and monitoring 2018-11-15 12:16:05 +00:00
cadoming
6fe87697f1 Changed windows agent version 2018-11-15 10:40:57 +00:00
cadoming
8ef5e65eb7 include template local_internal_options.conf 2018-11-14 12:13:58 +00:00
cadoming
5c1f2ed783 clean old code for windows agent 2018-11-14 10:39:25 +00:00
AlfonsoRBJ
62938ff894
Merge pull request #71 from wazuh/Amazon-Linux-support 
Support for Amazon Linux added
 2018-11-12 16:41:29 +01:00
AlfonsoRBJ
d36fdb8f4f
Merge pull request #84 from wazuh/ISSUE_83 
include logall_json label
 2018-11-12 16:11:24 +01:00
AlfonsoRBJ
fcf7bf4b00
Merge pull request #79 from wazuh/PR-54_new_structure 
client.keys registration triggers
 2018-11-12 14:13:04 +01:00
root
4f2a080eb3 include logall_json label 2018-11-12 11:05:49 +00:00
AlfonsoRBJ
cf11aea81a
Merge pull request #81 from wazuh/PR-62_add_local_rules 
adding custom rules/decoders files
 2018-11-09 16:29:03 +01:00
root
87cd7c214f adding custom rules/decoders files 2018-11-09 10:35:52 +00:00
root
1007255e4a change syntax erros 2018-11-07 12:17:28 +00:00
root
ea7b685633 new changes 2018-11-07 12:11:44 +00:00
root
5c3b767f34 API configuration 2018-11-07 11:34:02 +00:00
root
5298084a62 client.keys registration triggers 2018-11-06 10:48:02 +00:00
AlfonsoRBJ
52084d66d5
Merge pull request #76 from wazuh/PR-55_new_structure 
validate agent.conf in manager
 2018-11-02 17:42:19 +01:00
AlfonsoRBJ
3d4e3ff67b
Merge pull request #75 from wazuh/PR-52_new_structure 
active_response_disable configuration
 2018-11-02 17:19:49 +01:00
AlfonsoRBJ
3bed9cb6b7
Merge pull request #74 from wazuh/PR-47_new_structure 
agent and manager grouping task
 2018-11-02 16:45:10 +01:00
root
539f94d9c1 validate agent.conf in manager 2018-11-02 10:31:00 +00:00
root
33e9150dcd active_response_disable configuration 2018-10-31 11:50:37 +00:00
root
dcd7b1a6fd agent and manager grouping task 2018-10-31 10:49:45 +00:00
root
9f4781cd9b test 2018-10-30 11:35:38 +00:00
AlfonsoRBJ
2c4c6fc59c Support for Amazon Linux added 
Logstash bug fixed for single server installation on Amazon Linux
 2018-10-19 16:40:13 +02:00
Jesús Linares
1bd21e381b
Restructure repository (#66) 2018-10-04 12:40:10 +02:00