afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,842 Commits 1 Branch 0 Tags 3.5 MiB
35e66f83ba
Commit Graph

690 Commits

Author SHA1 Message Date
neonmei
22bc08e190
roles/wazuh-agent: change all delegate_to REST conditionals to be uniform 2020-11-26 16:35:41 -03:00
neonmei
4d2e493cef
roles/wazuh-agent: fix erroneous usage of ansible_host instead of inventory_hostname 2020-11-26 16:34:25 -03:00
neonmei
333816831a
release: bump Wazuh version to 4.0.2 2020-11-23 17:17:04 -03:00
neonmei
30cc6875d6
Merge branch 'master' into feature-role-agent-registration 2020-11-23 14:42:57 -03:00
zenidd
ec831975bb roles/wazuh-agent: remove default agent_name 2020-11-23 17:44:59 +01:00
neonmei
58167dbd1f
roles/wazuh-agent: add message explaining when auto-enrollment registration path is fired or not 2020-11-23 12:18:56 -03:00
neonmei
f7ed5f1f7f
roles/agent: update ossec.conf template to check against explicit yes instead of length 2020-11-23 11:43:59 -03:00
neonmei
5170c206e0
roles/agent: use auto-enrollment by default 2020-11-23 11:41:45 -03:00
neonmei
35c9df9c7e
roles/agent: add comments on role defaults and group registration related tasks 2020-11-23 11:41:17 -03:00
neonmei
7e445c7f55
roles/agent: add wazuh_agent_api_validate to optionally skip agent registry validation task 2020-11-23 11:39:27 -03:00
neonmei
1df3ef8699
roles/agent: for registration rename check_keys->client_keys_file for more clarity, update conditionals length checks to explicit "yes" check 2020-11-23 11:38:07 -03:00
neonmei
a28837a74d
roles/agent: in rest registration method, update manage_agents task 2020-11-23 11:32:01 -03:00
neonmei
a4c4b6cd32
roles/agent: refresh agent validation in rest registration method 2020-11-23 11:29:34 -03:00
neonmei
d4092bf686
roles/agent: update agent registry task with token, nolog and remove when, as it is checked on every task, shuld be applied to block 2020-11-23 11:28:37 -03:00
neonmei
535add6f4c
roles/agent: add nolog variable for registration tasks with credentials output 2020-11-23 11:26:39 -03:00
neonmei
5f6973d8d2
roles/agent: add task for fetching jwt token 2020-11-23 11:25:31 -03:00
neonmei
332ee7ae8b
roles/agent: add task for determining which wazuh_managers to use through register: yes instead of just grabbing the first one on the list, otherwise fallback to first in the list 2020-11-23 11:24:43 -03:00
zenidd
ee1124b7dd Merge master changes 2020-11-23 14:28:59 +01:00
neonmei
1dfe0fdb67
roles/wazuh-agent: fix duplicate variable 2020-11-20 16:16:54 -03:00
neonmei
874e8a08d0
Merge branch 'feature-role-wazuh-manager-vars' 2020-11-20 14:55:44 -03:00
neonmei
b4d2b564b7
roles/wazuh-agent: update api credentials to wazuh:wazuh 2020-11-20 13:40:17 -03:00
neonmei
7fc29b720f
roles/wazuh-agent: remove async from install task and introduce a lock timeout configurable by wazuh_agent_yum_lock_timeout 2020-11-20 12:37:20 -03:00
neonmei
7dc67986d4
roles/wazuh-agent: change package module to yum, as platform is already checked on when 2020-11-20 12:29:08 -03:00
zenidd
ff78ce7d76 roles/wazuh-agent: Fix authd registration verify task. Use authd pass only if size > 0 2020-11-20 14:08:25 +01:00
zenidd
ed7b24ff96 roles/wazuh-agent: set enrollment to enabled by default 2020-11-20 12:36:50 +01:00
zenidd
64cc04f5b0 Merge master changes 2020-11-13 16:55:47 +01:00
zenidd
dac3ddc1fb wazuh-ansible: bump versions, update README 2020-11-13 10:57:20 +01:00
neonmei
8b26658374
roles/wazuh-agent: expand task declaration for clarity 2020-11-12 14:39:17 -03:00
neonmei
1dfd613f0d
roles/wazuh-agent: uncomment api_pass 2020-11-12 14:35:23 -03:00
neonmei
0bbdf231f2
roles/wazuh-agent: remove "is defined" conditionals, as authd_pass is now part of roles default, now check is only against length 2020-11-12 14:34:57 -03:00
neonmei
bab8279f73
roles/wazuh-agent: remove include_vars tasks 2020-11-12 14:29:01 -03:00
neonmei
92ebe86ef6
roles/wazuh-agent: move api_pass and authd_pass from role vars to defaults, lowering precedence required to override them 2020-11-12 14:24:14 -03:00
neonmei
f35ffeed76
Merge branch 'feature-lint-role-wazuh-manager' 2020-11-12 13:07:35 -03:00
neonmei
4156a75395
Merge branch 'feature-lint-role-wazuh-agent' 2020-11-12 13:07:25 -03:00
neonmei
6f5f1106b3
roles/wazuh-agent: add missing mode for file task 2020-11-12 11:42:19 -03:00
neonmei
7634f8cf9b
roles/wazuh-agent: add noqa 208 exception for Windows template task 2020-11-12 11:42:15 -03:00
neonmei
55d3039519
roles/wazuh-agent: change comparison to literal bool 2020-11-12 11:42:11 -03:00
neonmei
8be12f0c5a
roles/filebeat-oss: remove extra file permissions task 2020-11-12 11:33:09 -03:00
neonmei
68b8c6b5a0
roles/filebeat-oss: add missing file mode and ownership for security_actions tasks 2020-11-12 11:32:49 -03:00
neonmei
87e9c8fc23
roles/wazuh-manager: add missing mode and ownership to file module 2020-11-12 11:26:57 -03:00
neonmei
80593c464b
Merge branch 'feature-filebeat-oss-package-fix' 2020-11-10 14:41:39 -03:00
zenidd
0866c54e2b roles/filebeat-oss: minor fix 2020-11-10 18:36:26 +01:00
zenidd
ed8bccb3a4 roles/filebeat-oss: use apt/yum module instead of package 2020-11-10 18:30:13 +01:00
zenidd
52a809158a roles/filebeat-oss: allow installing fixed filebeat version 2020-11-10 17:03:12 +01:00
zenidd
0afaba51fc Fix repository removal task condition 2020-11-10 13:05:05 +01:00
neonmei
0f6ea26123
roles/wazuh_manager: merge uninstall tasks in a single file 2020-11-09 14:04:55 -03:00
neonmei
d44532482a
roles/wazuh_manager: remove nodejs as wazuh-api was migrated to python 
For more information, see: https://github.com/wazuh/wazuh/releases/tag/v4.0.0
 2020-11-09 13:58:23 -03:00
neonmei
a1f4a16fd9
roles/wazuh_manager: add support for role-distributed ansible.cfg setting for hash_behaviour 2020-11-09 13:03:54 -03:00
neonmei
3b5d8651a6
roles/wazuh_manager: reduce depth of wazuh_manager_config by extracting contents into external dictionaries 2020-11-09 11:42:01 -03:00
manuasir
e8ad26a3ca Removed deprecated option 2020-11-03 19:18:10 +01:00
Manuel Gutierrez
a77be1f959
Add custom API user support 2020-10-27 15:02:27 +01:00
Manuel Gutierrez
912d669281
Use standard module format 2020-10-27 15:01:28 +01:00
Manuel Gutierrez
f4b6fa098f
Specify API password requirements on defaults 2020-10-27 15:00:53 +01:00
zenidd
a9f96ff495 Merge branch 'master' into feature-adapt-major-version 2020-10-23 17:30:57 +02:00
Manuel J. Bernal
fec24b4f6d
Merge pull request #467 from wazuh/odfe-1101 
Bump ODFE roles to 1.10.1
 2020-10-23 17:30:00 +02:00
zenidd
9cac95729b Set empty authd pass 2020-10-23 14:04:18 +02:00
zenidd
2f33aa20c5 New major version fixes 2020-10-23 13:21:32 +02:00
zenidd
dee32f7b79 update wazuh agent repos 2020-10-23 12:37:32 +02:00
zenidd
cab1f1d520 update wazuh repos 2020-10-23 12:36:07 +02:00
zenidd
ac7b80d54e Replace APP URL 2020-10-23 11:36:07 +02:00
zenidd
319261d29f Filebeat module version update 2020-10-23 10:42:46 +02:00
zenidd
09408c3b8c Update windows package md5sum 2020-10-23 10:35:15 +02:00
zenidd
8e784694bb Restoring defaulf configuration 2020-10-20 17:52:38 +02:00
zenidd
583f38f19c Merge master changes 2020-10-20 17:44:26 +02:00
zenidd
5ad76a1e36 Bump versions 2020-10-20 17:40:28 +02:00
zenidd
dbd9b1a52a Update wazuh agent MD5 2020-10-19 14:15:35 +02:00
zenidd
0201da6f0f Bump versions 2020-10-15 18:48:18 +02:00
Manuel J. Bernal
6a6fb15654 Remove vuls block from Linux tasks 2020-10-07 17:03:28 +02:00
Manuel J. Bernal
575fcc966a Remove vuls integration 2020-10-07 16:59:46 +02:00
Manuel Gutierrez
48dda652b2
Update year 2020-10-02 13:13:00 +02:00
zenidd
73764f5db2 Adding latests wazuh packages 2020-10-01 15:52:53 +02:00
manuasir
cb615b1bcf Merge branch '3.13' 2020-09-21 18:46:01 +02:00
zenidd
707aad76ad Bump to Wazuh version v3.13.2 2020-09-18 15:06:21 +02:00
Manuel J. Bernal
8adceb5833 Fixed authorization_pass_path XML option 2020-09-02 00:08:43 +02:00
Manuel J. Bernal
33d4aaedf1 Fixed unreadable token 2020-09-01 23:10:42 +02:00
Manuel J. Bernal
54443102f7 WIP: auto-enrollment implementation 2020-09-01 22:55:53 +02:00
Manuel J. Bernal
b117407c16 Fix unreadable token 2020-09-01 17:23:49 +02:00
zenidd
1bc990769b Merge branch 'feature-adapt-major-version' of github.com:wazuh/wazuh-ansible into feature-adapt-major-version 2020-09-01 17:02:14 +02:00
zenidd
4f68e701f0 Regen the install from sources fil 2020-09-01 17:01:28 +02:00
manuasir
27e913619c Merge remote-tracking branch 'origin/feature-github-actions' into feature-adapt-major-version 2020-09-01 15:36:40 +02:00
Manuel J. Bernal
bc7e1fbb8a Added autoenrollment feature to agent ossec.conf template 2020-09-01 15:31:35 +02:00
zenidd
f2e7a75b09 Using latest SearchGuard tool. Fixing Wazuh API credentials template 2020-08-26 14:05:38 +02:00
zenidd
af88cc4de8 Allow redhat sources install 2020-08-26 13:04:03 +02:00
zenidd
62ecf0325a Enabling sources install 2020-08-26 13:00:19 +02:00
zenidd
1f32a2663b remove tasks 2020-08-26 12:53:11 +02:00
zenidd
2deb53272a Adaptation to Wazuh 4.0 and fixes 2020-08-25 16:02:06 +02:00
zenidd
255d262b62 removing unnecessary old api files 2020-08-24 16:15:02 +02:00
zenidd
1117de8d5f Create new API config template file 2020-08-21 16:17:07 +02:00
Manuel J. Bernal
45a14c128c WIP: Adapting to v4.0 2020-08-12 19:45:46 +02:00
manuasir
f2a527b574 Removed restart systemd tasks 2020-07-29 23:55:41 +02:00
manuasir
ca88611678 Changed manager installation task in Debian family 2020-07-28 16:49:04 +02:00
Manuel J. Bernal
e310b7b766 Fixed check_mode when condition 2020-07-23 12:32:47 +02:00
Manuel J. Bernal
3b87adf8a3
Merge pull request #194 from dsroark-dt/async_ignore_check_mode 
ignore check mode for async tasks
 2020-07-21 19:06:05 +02:00
Manuel J. Bernal
dd77cb9c20 Added condition to ossec.conf template 2020-07-16 18:26:16 +02:00
Manuel J. Bernal
a6ad44e4b9 Added new options to agent's ossec.conf 2020-07-16 18:03:54 +02:00
Manuel J. Bernal
882780de2c Added new ossec.conf settings 2020-07-14 13:02:07 +02:00
Manuel J. Bernal
970b03a9f2 Bump version 2020-07-14 12:53:55 +02:00
Manuel J. Bernal
ece42099fe
Merge pull request #443 from wazuh/opendistro-demo 
Update Opendistro tasks
 2020-07-06 20:15:09 +02:00
Hadrien
d6f3d91a46
update check on windows wazuh_agent_authd.agent_name's definition 2020-06-29 18:54:37 +02:00
Jose M
70f534693e
Fix syntax error on filebeat.yml.j2 2020-06-26 13:10:38 +02:00
Jose M
4b8f519256
Make filebeat.yml use node name instaed of inventory_hostname 2020-06-26 13:04:26 +02:00
Jose M
c72ac56b39
Make certs import for Filebeat use 'filebeat_node_name' var 2020-06-26 12:51:29 +02:00
Jose M
799827aa88
Fix syntax error in local_certs_path 2020-06-26 11:26:47 +02:00
Jose M
eab58033b7
Change local_certs_path for Kibana and Filebeat 2020-06-26 11:14:02 +02:00
Zenidd
d82d1b51d1 Adding variable to parametrize elastic template URL 2020-06-23 17:19:37 +02:00
Zenidd
600dd40896 Adding dynamic template fetch to filebeat-oss 2020-06-23 17:03:33 +02:00
Zenidd
eb276a1f73 Handlers refactor 2020-06-23 17:01:32 +02:00
Zenidd
d907793953 Bump to version v3.13.0_7.7.1 2020-06-23 16:51:53 +02:00
Manuel J. Bernal
f5af77811d
Merge pull request #423 from wazuh/feature-422-fix-filebeat-module-var 
Test #422 fix filebeat module
 2020-06-19 19:00:51 +02:00
Manuel J. Bernal
575ddae995
Merge branch 'devel' into feature-422-fix-filebeat-module-var 2020-06-19 16:28:38 +02:00
Manuel J. Bernal
2212adb5bf
Merge branch 'devel' into wazuh-agent-fixes 2020-06-19 16:25:09 +02:00
Manuel J. Bernal
37dfb5fe12 Resolving conflicts 2020-06-19 12:49:59 +02:00
Manuel J. Bernal
6c630f27d5 Resolved conflicts 2020-06-19 12:46:09 +02:00
Manuel J. Bernal
356f232411
Merge pull request #424 from wazuh/feature-kibana-opendistro 
OpenDistro: Kibana + Filebeat-oss
 2020-06-18 18:04:49 +02:00
Manuel Gutierrez
9246d7d694
Merge pull request #429 from wazuh/PR425 
Merge PR425
 2020-06-18 11:46:13 +02:00
Manuel Gutierrez
517fc31932
Merge branch 'master' into devel 2020-06-17 11:03:06 +02:00
Manuel Gutierrez
a3ef437df4
Use relative path by default for certs 2020-06-16 17:33:36 +02:00
Manuel Gutierrez
0b456a25f0
Remove flag to allow exec on deleted cert 2020-06-12 17:38:17 +02:00
Manuel Gutierrez
68cfc2fb10
Remove extra include_tasks 2020-06-12 17:37:02 +02:00
Manuel J. Bernal
79d58c3917 Added support for Filebeat-oss and several improvements 2020-06-04 21:17:33 +02:00
Zenidd
668eaacf96 Replacing root owner with ossec for local decoders/rules 2020-05-29 12:25:18 +02:00
Manuel J. Bernal
f21a7e9c1c - Refactoring security local actions 
- Added Filebeat OSS repositories
 2020-05-26 21:06:16 +02:00
Pablo Escobar
d9f7e79b7d always use 0770 for the certs folder 2020-05-23 13:20:19 +02:00
Pablo Escobar
f43b885dc8 fix permission override and broken idempotence 2020-05-22 19:28:05 +02:00
Manuel J. Bernal
fdc3b0f55c Lint changes 2020-05-14 18:13:53 +02:00
Manuel J. Bernal
253f05b323
Merge pull request #422 from pescobar/filebeat_role_fix_var_override 
fix override of var "filebeat_module_folder"
 2020-05-14 17:12:52 +02:00
Pablo Escobar
6073873837 apply permissions 0755 2020-05-13 15:53:43 +02:00
Pablo Escobar
e7bcd54a91 remove leftover debug line 2020-05-13 14:32:09 +02:00
Pablo Escobar
3d74c3a3c3 fix override of var filebeat_module_folder 2020-05-13 13:44:40 +02:00
Manuel J. Bernal
8b278f316b
Merge branch 'feature-126-delegate-registration' into 126-agent-registration 2020-05-12 21:47:29 +02:00
Jose M
459ac46310
Fix API from sources installation conditional 2020-05-08 20:05:28 +02:00
Jose M
100ea616ed
Remove alert_new_files from ossec.conf template 2020-05-01 20:08:50 +02:00
Jose M
12090632a7
Delete "alert_new_files" occurrences 2020-04-30 17:01:24 +02:00
Jose M
e354359e38
Update Agent Windows MD5 2020-04-30 12:25:55 +02:00
Jose M
883ef93af7
Bump version to 3.12.3_7.6.2 2020-04-30 12:22:59 +02:00
Manuel J. Bernal
a543fc7ed1 Added condition disabled in AWS S3 block 2020-04-27 14:31:06 +02:00
Manuel J. Bernal
d1242dbea9
Merge pull request #276 from limitup/3.10.2_7.3.2 
Update Manager templates for integrations
 2020-04-27 14:20:28 +02:00
Manuel J. Bernal
903e5d53d1
Merge pull request #402 from wazuh/feature-345-oracle2openjdk 
Replacing Oracle Java with OpenJDK 1.8
 2020-04-15 13:38:59 +02:00
Zenidd
a8d24ff3f8 Removing precise from default vuln-detector config 2020-04-13 13:46:11 +02:00
Zenidd
0c328081e7 Bump version to 3.12.2-7.6.2 2020-04-13 10:35:12 +02:00
Christos Pollalis
ae40cb4582 Split "Copy CA, SSL key and cert for authd" task 
of the wazuh-agent playbook to allow one to perform either manager
or agent verification, or both.
 2020-04-11 18:26:13 +03:00
Christos Pollalis
f6e020631e Make agent registration via the rest API idempotent 
Check whether an error was returned by the HTTP POST to the `agents/`
endpoint before invoking `/var/ossec/bin/manage_agents` in order to
register a new agent.

It seems like that if an agent has already been registered under the
given name, the HTTP POST will return an error that'll cause the next
task, which is meant to retrieve the agent information, to be skipped.
That'll cause the agent registration task to fail in return. Instead,
this change will cause the aforementioned task to be skipped, too. So,
if an agent has already been successfully registered and the playbook
is re-run, it'll run all the way to the end.

If anything goes wrong (during the registration process) and the agent
fails to start, the `restart wazuh-agent` handler will still fail.
 2020-04-11 02:15:42 +03:00
Manuel J. Bernal
b57623b916 Bump MD5 hash 2020-04-08 19:59:52 +02:00
Manuel J. Bernal
6b3f04f32c Bump version 2020-04-08 19:56:44 +02:00
Zenidd
584950532f Replacing Oracle Java with OpenJDK 1.8 2020-04-07 11:41:00 +02:00
Zenidd
2d8029d6bf Removing python-cryptography module 2020-04-07 10:20:33 +02:00
Jose M. Garcia
67305df536
Merge branch 'devel' into async_ignore_check_mode 2020-03-31 12:37:53 +02:00
Zenidd
02d945bed4 Empty custom agent packages url 2020-03-25 18:07:29 +01:00
Zenidd
1d6988768f Minor jinja template fixes 2020-03-25 16:23:46 +01:00
Zenidd
6b57e195b8 jinja template fixes 2020-03-25 15:50:47 +01:00