afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
737 Commits 1 Branch 0 Tags 3.5 MiB
8a69a6e922
Commit Graph

305 Commits

Author SHA1 Message Date
Jose M
3d3b3bc1d0 Fix permissions and add password option 2019-08-08 17:41:53 +02:00
manuasir
c171f3905b Bump version 2019-08-07 12:00:39 +02:00
Jose M
5ca2237264 Updated template to avoid hardcoding the ca format. 2019-08-05 15:06:04 +02:00
Jose M
af0e2f0756 Add copy block to import node's certificate with custom CA name 2019-08-05 15:05:49 +02:00
Jose M
09647b731b Fix typo in task name 2019-08-05 15:05:17 +02:00
Jose M
101a006178 Add folder verification and fix linting 2019-08-05 15:04:27 +02:00
Jose M
c547e90502 Add verification to ensure ca folder is created 2019-08-05 15:04:05 +02:00
Jose M
4b8303ece2 Fix custom CA generation command 2019-08-05 15:02:33 +02:00
Jose M
39d8e5978b Fix conditionals of custom CA 2019-08-05 15:01:59 +02:00
Jose M
01d4cfc128 Implemented tasks to import custom key and cert from Ansible master 2019-08-05 15:01:21 +02:00
Jose M
8234bb11d2 Add required variables to use custom CA. 2019-08-05 15:00:00 +02:00
Jose M
f8bda2f7c7 Move xpack_security tasks from main.yml to xpack_security.yml 2019-08-05 12:34:42 +02:00
Jose M
9580056b74 Fix naming on xpack security conditionals 2019-07-31 01:16:36 +02:00
Jose M
0cc4838e1d Copy certificates from master now depends on xpack enabled 2019-07-31 00:51:49 +02:00
Jose M
9734ac2304 Remove check_certs_permission parameter 2019-07-31 00:50:17 +02:00
Jose M
5c18d5bed5 Update conditionals 2019-07-31 00:49:43 +02:00
Jose M
1d8f8c5253 Fix shell comands 2019-07-31 00:49:25 +02:00
Jose M
2104183cdb Modify wait_for with previous variable 2019-07-31 00:48:20 +02:00
Jose M
45356ee3ef Delete certs.zip in generator node 2019-07-31 00:46:54 +02:00
Jose M
ed4b2e7947 Add unzip dependency installation 2019-07-31 00:46:22 +02:00
Jose M
d027092f63 Remove "elasticsearch_network" parameter 2019-07-31 00:45:57 +02:00
Jose M
af6e5cb816 Merge 3.9.4_7.2.0 2019-07-30 18:15:32 +02:00
Jose M
c6e14f23a0 Update Filebeat certificate imports 2019-07-30 17:44:37 +02:00
Jose M
a305d4ff6f Add Filebeat default parameter 2019-07-30 17:37:05 +02:00
Jose M
229f273e27 Fix Kibana APP installation by becoming user kibana 2019-07-30 17:36:31 +02:00
Jose M
2656feac52 Update kibana certs importing 2019-07-30 17:36:09 +02:00
Jose M
431bc16343 Add default value master_certs_destination for kibana 2019-07-30 17:35:39 +02:00
Jose M
fbbf79a153 Remove daemon reload and centos 6 blocks 2019-07-30 17:35:20 +02:00
Jose M
d877738d45 Removing unneeded blocks and commenting latest implementation for centos and trusty 2019-07-30 15:18:55 +02:00
Jose M
db44b6f450 Modified template to accept newly defined variables 2019-07-30 14:27:33 +02:00
Jose M
5d4e53b089 Modified task propagation of certificates 2019-07-30 14:27:10 +02:00
Jose M
337e3de09f Add master_certs_destination parameter 2019-07-30 14:26:15 +02:00
Manuel J. Bernal
befe2b6a98
Merge pull request #212 from wazuh/3.9.3_7.2.0_issue_#184 
Fixes for Elasticsearch issue #184 -  Testing Elasticsearch functionality when network.host is not localhost.
 2019-07-24 15:20:29 +02:00
rshad
125b2114e6 changed elasticssearch: network.host from 0.0.0.0 to 127.0.0.1 2019-07-24 12:41:52 +00:00
rshad
fcb584ab20 fixed linting errors by refactoring ansible tests and change a variable name 2019-07-24 10:49:17 +00:00
Manuel J. Bernal
8d267f5a5b
Merge pull request #204 from ionphractal/use-tcp 
Use tcp for all connections
 2019-07-24 12:02:32 +02:00
rshad
8575aecc88 fixed the problem by adding a new variable to test the connectivity to Elastic 2019-07-23 19:36:09 +00:00
Jani Heikkinen
8db9700f02 added wazuh_agent_nat boolean variable for agents behind nat 2019-07-18 09:00:39 +00:00
Rshad Zhran
14cd09a034 version bumping .. 2019-07-17 13:27:43 +02:00
Rshad Zhran
84c0df02dc Adapted: become: yes -> become:true 2019-07-17 12:58:44 +02:00
Rshad Zhran
2150d71a60 changing permissions 2019-07-17 12:21:19 +02:00
Rshad Zhran
687797a66c ignored Ubuntu Trusty in Testing 2019-07-16 17:23:09 +02:00
Rshad Zhran
fc38d565d9 fixed Elasticsearch installation's issues related to Idempotence test - Test passed successfully 2019-07-16 12:29:07 +02:00
Rshad Zhran
eb70809add fixed Elasticsearch installation's issues caused by the absense of Java in Ubuntu Trusty 2019-07-15 17:06:13 +02:00
Michael Both
9605280db0 Use tcp for all connections 2019-07-15 14:32:19 +02:00
Rshad Zhran
df428f5f52 fixed elasticsearch installation for Centos 6.* - Adding Java Installation 2019-07-15 14:04:13 +02:00
rshad
d08b013224 Kibana test is probably fixed, saving changes ... 2019-07-12 14:24:31 +00:00
rshad
873e9759ae Versioning and Ansible-Linting fixes are introduced to wazuh-agent and filebeat installations and testings 2019-07-12 13:06:02 +00:00
rshad
5d006cbc3a adapted wazuh-manager installation so it takes into account the package version - Differentiating between CentOS/RedHat and Debian 2019-07-09 15:31:38 +00:00
rshad
a48169d53f modified molecule.yml for wazuh-agent and elasticsearch - Lint 2019-07-08 09:27:01 +00:00
manuasir
76372da8d9 Fetching tests and workarounds 2019-07-04 12:23:59 +02:00
manuasir
6609cc9aa7 Modifying variable names 2019-07-04 12:05:37 +02:00
Jose M
72894d4a25 Fix conditions error on ES, Kibana and Filebeat 2019-07-03 14:09:46 +02:00
Jose M
4539f368b6 Add certificate imports and fix folder permissions to filebeat 2019-07-02 19:09:36 +02:00
Jose M
7924f89dc2 Update filebeat default variables 2019-07-02 19:09:17 +02:00
Jose M
3f6226297b Add copy of certificates and folder permissions fix to Kibana. 2019-07-02 19:09:01 +02:00
Jose M
f52fb8cb9a Add kibana default variables 2019-07-02 19:08:31 +02:00
Jose M
7998f034b8 Include discovery seed hosts on boostraper node. 2019-07-02 19:08:09 +02:00
Jose M
5787b348fe Upgrade elasticsearch tasks. Fix permissions. 2019-07-02 19:07:37 +02:00
Jose M
e3cd8731f3 Fix instances and certs.zip checks and generation. 2019-07-02 10:47:32 +02:00
Jose M
2b18745cd0 Add XPack settings to Kibana template 2019-07-01 18:04:40 +02:00
Jose M
2656d89933 Add XPack default variables for Kibana 2019-07-01 18:04:26 +02:00
Jose M
ddc01dcc23 Add 'elasticsearch_xpack_security_user' to elasticsearth defaults 2019-07-01 18:04:03 +02:00
Jose M
ab8cdd13c6 Added task to remove certs file after propagation. 2019-07-01 16:07:10 +02:00
Jose M
3ff5a194df Update Filebeat for XPack Security 2019-07-01 15:51:23 +02:00
Jose M
6cffed9218 Add required default attributes XPack in Filebeat. 2019-07-01 15:50:48 +02:00
Jose M
fdb1113a19 Add task to configure ES bootstrap password. 2019-07-01 15:50:06 +02:00
Jose M
d78393115f Add default ' elasticsearch_xpack_security_password' variable 2019-07-01 15:49:38 +02:00
Jose M
db6f69cfb8 Rename importing blocks 2019-07-01 12:31:03 +02:00
Jose M
bd32839f27 Add Xpack http security to elasticsearch template. 2019-07-01 12:00:48 +02:00
Jose M
54885a9e0d Remove deprecated import of wazuh template. 2019-07-01 11:57:15 +02:00
Jose M
5d8286f0de Import ca certificate in remote nodes. 2019-07-01 11:53:19 +02:00
Jose M
2525dbd2af Copy .key and .crt in generator node (locally) 2019-07-01 11:52:25 +02:00
Jose M
a1e6dec7b4 Rename node_generate_certs in instances template. 2019-06-28 18:15:00 +02:00
Jose M
c27c3c16ab Enabled xpack security fields 2019-06-28 18:14:48 +02:00
Jose M
40b6979a29 Reorganized main.yml. Acded task to copy certs locally. 2019-06-28 18:14:36 +02:00
Jose M
1d718f55d3 Add default variables for Xpack and Rsync 2019-06-28 18:14:01 +02:00
manuasir
3ea96a8e8d Merge branch 'elk-sercurity-dev' of https://github.com/wazuh/wazuh-ansible into elk-sercurity-dev 2019-06-28 15:20:18 +02:00
manuasir
02e4bd951b Check if the certificates exist or not 2019-06-28 15:20:14 +02:00
Jose M
7fe831d6ee Remove quotes from node master option. 2019-06-28 14:56:43 +02:00
mohamed-aziz
19622360b1 Fix elasticsearch config bug requiring lowercase boolean value 2019-06-28 12:51:02 +01:00
Jose M
d3170139a0 Add xpack parameters to elasticsearch.yml 2019-06-28 12:51:01 +02:00
Jose M
e76dc5dcab Update main.yml to add rsync 2019-06-28 12:50:19 +02:00
Jose M
071e354fbd Adapted template to render nodes. 2019-06-28 10:40:30 +02:00
Jose M
4473c01032 Changed format of instances template. Name is required 2019-06-28 10:11:36 +02:00
Jose M
42fb6bf937 Get node master value for template. Rename cluster to discovery block. 2019-06-28 10:11:16 +02:00
Jose M
ed9b411b63 Add 'node_generate_certs' condition to shell block 2019-06-28 10:10:22 +02:00
Jose M
f0c6d0fcac Add elasticsearch_discover_nodes parameter 2019-06-28 10:09:39 +02:00
manuasir
48746b9f5a New task for generating instances.yml file 2019-06-26 19:37:02 +02:00
manuasir
090514b9c5 New tasks for checking instances.yml file 2019-06-26 19:05:46 +02:00
manuasir
7194675f02 Added new template for instances.yml file 2019-06-26 19:05:17 +02:00
manuasir
dda93ebd15 Added new conditions and variables to tasks 2019-06-26 18:52:58 +02:00
manuasir
0e9996b472 Added new variable for enabling xpack security 2019-06-26 17:01:06 +02:00
manuasir
a18a235b13 Modifying template for allowing xpack.security 2019-06-26 17:00:54 +02:00
manuasir
11721ebe14 Added new tasks for xpack security 2019-06-26 17:00:40 +02:00
manuasir
eb66e7d4cb Passing tests 2019-06-14 17:12:49 +02:00
Manuel J. Bernal
42a7f0604e Changed README 2019-06-13 17:53:45 +02:00
Manuel J. Bernal
6b95e304b6 Supporting ELK 7 cluster 2019-06-13 17:49:05 +02:00
Manuel J. Bernal
7619b44426 Added changes for ELK 7 2019-06-12 21:11:12 +02:00
Manuel J. Bernal
a92b7ad284 Supporting cluster node types 2019-06-12 21:03:55 +02:00
manuasir
3ac36b05f8 Deleted Logstash and added new Filebeat.yml template 2019-06-06 17:24:18 +02:00
Okynos
874a05b3ca
Added a testing purposes workaround 2019-06-03 18:53:25 -07:00
Manuel J. Bernal
bfc3d4e4e1 Bump version 2019-05-21 21:05:44 +02:00
Werner Dijkerman
4658fe7a4e Fix merge issue 2019-05-06 19:07:24 +02:00
Werner Dijkerman
a3425d04ac Added comments in tests;Added some skip tasks 2019-05-06 18:56:14 +02:00
Werner Dijkerman
e5b0e2b40e Added tests for Logstash 2019-05-03 16:34:09 +02:00
Werner Dijkerman
6e3b92bcc4 Added Molecule test for the Elasticsearch role 2019-04-30 19:17:56 +02:00
manuasir
3c56b74d1e Bump version. 2019-04-30 18:07:30 +02:00
jm404
cd3fcc7857 Fixed linting problems for molecule tests. 2019-04-30 17:00:44 +02:00
jm404
bcd535351b Adding openjdk repository for Ubuntu 14.04. 2019-04-30 16:59:29 +02:00
jm404
2716f2c7bf Fixed conflicts. 2019-04-29 17:42:48 +02:00
Werner Dijkerman
06589471f0 Fixed typo 2019-04-29 15:57:22 +02:00
Werner Dijkerman
af758690a1 Added molecule test for the Wazuh Agent 2019-04-27 15:26:18 +02:00
l
9e22760911 Fixing whitespaces 2019-04-24 17:41:27 +02:00
l
b84aecfa67 Fixing syntax error at Debian tasks 2019-04-24 17:30:40 +02:00
l
a29eb8faf4 Using OpenJDK for cis-cat and for elastic at Debian based distros 2019-04-24 16:45:29 +02:00
l
32e3d45ced Changing CentOS install from Oracle JDK to OpenJDK 2019-04-24 13:35:29 +02:00
Werner Dijkerman
fa7a5e6b91 Added some tests with Testinfra 2019-04-16 20:36:31 +02:00
Werner Dijkerman
41f7be184e Added retries for tasks that work with "3rd" party services 2019-04-16 19:16:54 +02:00
Werner Dijkerman
dc8438401f Added where possible the wazuh-manager role idempotent. Have to disable this because of issue #107 2019-04-16 19:09:36 +02:00
Werner Dijkerman
8291e4ab9f Added a successful installation on provided Docker containers with Molecule 2019-04-15 21:52:08 +02:00
Manuel J. Bernal
1c4b87b60e
Merge branch '3.9' into add-molecule-tests 2019-04-15 11:05:27 +02:00
l
78de851347 Updating elastic stack version to 6.7.1 2019-04-11 19:36:01 +02:00
Manuel J. Bernal
96012df2fc
Merge branch '3.9' into active_response 2019-04-04 10:45:17 +02:00
l
ce4665ef3e Fixing default active response 2019-04-04 10:22:33 +02:00
Manuel J. Bernal
deaffd9c8e
Merge pull request #159 from kravietz/email_fix 
Email fix
 2019-04-03 15:02:31 +02:00
l
29301b0044 Adding alias to agent config file template 2019-04-03 12:20:59 +02:00
Manuel J. Bernal
07dacae92d
Merge pull request #110 from wazuh/3.7-concurrent-packages 
Installing concurrent apt packages
 2019-04-01 17:30:30 +02:00
l
7e284b8dd4 Using apt list at kibana 2019-04-01 12:59:39 +02:00
l
a9344cf181 Using list instead of iterating over one to install packages 2019-04-01 12:23:48 +02:00
Manuel J. Bernal
968e7f8206
Merge pull request #146 from perryk/fix_couple_warning_pk1 
Fix a couple of minor warnings from default 3.8 manager role
 2019-03-28 18:08:10 +01:00
Pawel Krawczyk
7381dc8b2b Fix wazuh_manager_config.email_notification 
There's no need for a complicated if..then condition here since the
value is expected to be yes/no only
 2019-03-22 00:03:42 +00:00
Pawel Krawczyk
f96ab0a317 Add flag to accept remote commands from manager 
Without this flag the agent will not accept any system check
commands (`command` and `full_command`) configured in the Wazuh
Manager settings to cascade down to agents.
 2019-02-20 13:31:24 +00:00
Pawel Krawczyk
bcd327280e Do not report virtual filesystems in df 
Tell `df` not to report on virtual filesystems such as `squashfs` (used
by `snapd` and always at 100%), `tmpfs` (memory-only) and `devtmpfs`
(used by `udev`)
 2019-02-18 13:01:42 +00:00
Pawel Krawczyk
81058daf1b Replace netstat with ss 
The `ss` program is now the official replacement for `netstat` which
is deprecated in most Linux distributions. Also replace the messy sed
rules which do not work on all versions with a clean command-line that
just displays the key information that does **not** change on every
command run (e.g. PID) resulting in false positives.
 2019-02-18 12:59:48 +00:00
Pawel Krawczyk
68cd434466 do no include syscheck section if not defined 2019-02-17 20:03:40 +00:00
Pawel Krawczyk
a94038201a typo 2019-02-17 20:03:30 +00:00
Pawel Krawczyk
58a76a8c08 Enable active-response section 
As of now the whole active-response section was commented out and
inactive
 2019-02-17 00:16:31 +00:00
jjediny
e1aeff0fd6 adding back .yamllint pretask and results 2019-02-11 23:31:38 -05:00
jjediny
451792356c initial minimal working molecule testing suite with circleci WIP for https://github.com/wazuh/wazuh-ansible/issues/138 2019-02-10 13:19:45 -05:00
AlfonsoRBJ
2030751eac Update to Wazuh version v3.8.2 2019-01-30 17:02:33 +01:00
AlfonsoRBJ
a0b3fae9d2 Update to Wazuh version 3.8.1 (#148) 2019-01-24 15:09:45 +01:00
Perry Kollmorgen
1b51b2dc11 Fix warning from vul_detector config for Redhat Feed Name #145 
The value for the Redhat Feed Name in the ossec.conf template no longer
requires a version. i.e the value should be "redhat" rather "redhat-7"
or similar.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/wodle-vuln-detector.html#feed
https://github.com/wazuh/wazuh/pull/2137
 2019-01-21 09:12:35 +10:00
Perry Kollmorgen
72b0f672d6 Fix warning from cluster interval option in defaults #145 
The interval option in the cluster section in the defaults has been
depreciated and no longer requires to be set.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/cluster.html#interval
 2019-01-21 09:10:45 +10:00
AlfonsoRBJ
df95a75b6b
Merge pull request #143 from wazuh/PR-java-path 
Fix oracle java cookies
 2019-01-18 16:35:59 +01:00
cadoming
37bfa5be17 3.8 release 2019-01-18 15:11:40 +00:00
Carlos Dominguez
d4b2de38de
delete save file 2019-01-17 17:03:17 +01:00
cadoming
949aa7f043 adapt new version (3.8.0-6.5.4) 2019-01-17 15:42:11 +00:00
cadoming
61260986c0 fixed java path 2019-01-16 16:16:06 +00:00
Carlos Dominguez
236e76f73d Fixes typos (#130) 2019-01-14 09:19:02 +01:00