afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,496 Commits 1 Branch 0 Tags 3.5 MiB
8b26658374
Commit Graph

885 Commits

Author SHA1 Message Date
Manuel J. Bernal
1b50c4cb40
Merge pull request #451 from wazuh/pr-426-kibana_extra_ssl_option 
Add kibana extra ssl option
 2020-07-22 11:26:50 +02:00
Manuel J. Bernal
3b87adf8a3
Merge pull request #194 from dsroark-dt/async_ignore_check_mode 
ignore check mode for async tasks
 2020-07-21 19:06:05 +02:00
Pablo Escobar
81c2df4fff
add a variable to define elasticsearch.ssl.verificationMode in kibana 2020-07-20 13:23:05 +02:00
Pablo Escobar
5603faa1f2
added new ssl option for kibana 2020-07-20 13:23:05 +02:00
Manuel J. Bernal
dd77cb9c20 Added condition to ossec.conf template 2020-07-16 18:26:16 +02:00
manuasir
c05d045043 Merge branch 'devel' into fix-agent-default-vars 2020-07-16 18:04:34 +02:00
Manuel J. Bernal
a6ad44e4b9 Added new options to agent's ossec.conf 2020-07-16 18:03:54 +02:00
Manuel Gutierrez
ff8caa8995
Use variable for kibana conf path 2020-07-16 16:09:27 +02:00
amardrbarbar
186301a12e Fix kibana optimization for debian 10 2020-07-16 14:42:53 +02:00
manuasir
954f3d9070 Merge branch 'devel' into wazuh_release_3.13.1_7.8.0 2020-07-14 16:29:27 +02:00
Manuel Gutierrez
f51b55860b
Use single variable for opendistro version 2020-07-14 16:23:08 +02:00
Manuel Gutierrez
6443e3a08c
Use explicit path for kibana.yml 2020-07-14 16:20:59 +02:00
Manuel Gutierrez
bbcbd02fd6
Avoid sudo on local_actions 2020-07-14 16:20:52 +02:00
Manuel J. Bernal
882780de2c Added new ossec.conf settings 2020-07-14 13:02:07 +02:00
Manuel J. Bernal
970b03a9f2 Bump version 2020-07-14 12:53:55 +02:00
Manuel J. Bernal
ece42099fe
Merge pull request #443 from wazuh/opendistro-demo 
Update Opendistro tasks
 2020-07-06 20:15:09 +02:00
Manuel Gutierrez
d486e42605
Fix condition check 2020-07-06 15:54:22 +02:00
Manuel Gutierrez
3a63c27f9d
Fix Ansible linting errors 2020-07-03 20:06:02 +02:00
Manuel Gutierrez
81f8703749
Use opendistro_http_port variable 2020-07-03 20:04:10 +02:00
Jose M
5a845d69f1 Add vars and conditionals to control certs generation and installation 2020-06-30 19:22:42 +02:00
Hadrien
d6f3d91a46
update check on windows wazuh_agent_authd.agent_name's definition 2020-06-29 18:54:37 +02:00
Jose M
2ad6d87ef7 Add default cluster and discovery node 2020-06-29 17:27:23 +02:00
Jose M
d7339ee6fe Add generate-certs to local_actions.yml tasks 2020-06-29 15:48:51 +02:00
Jose M
70f534693e
Fix syntax error on filebeat.yml.j2 2020-06-26 13:10:38 +02:00
Jose M
4b8f519256
Make filebeat.yml use node name instaed of inventory_hostname 2020-06-26 13:04:26 +02:00
Jose M
c72ac56b39
Make certs import for Filebeat use 'filebeat_node_name' var 2020-06-26 12:51:29 +02:00
Jose M
2adca9533e
Import root-ca.pem for Kibana and configure it in kibana.yml 2020-06-26 12:49:40 +02:00
Jose M
799827aa88
Fix syntax error in local_certs_path 2020-06-26 11:26:47 +02:00
Jose M
19bf669183
Fix syntax error in Kibana.yml template 2020-06-26 11:20:38 +02:00
Jose M
eab58033b7
Change local_certs_path for Kibana and Filebeat 2020-06-26 11:14:02 +02:00
Jose M
89178df8e9
Make Opendistro Kibana flexible version 2020-06-26 11:11:33 +02:00
Jose M
539f1930df
Make certs import task for Kibana use kibana_node_name 2020-06-26 10:53:36 +02:00
Jose M
4050cef2be
Check if certs already exists and skip the generation 2020-06-25 17:23:44 +02:00
Jose M
6427c5b4cc
Change local_certs_path to : ./opendistro/certificates 2020-06-25 17:17:02 +02:00
Jose M
2403031b6a
Add status code 201 to create user task 2020-06-25 13:34:21 +02:00
Jose M
77c75476f4
Fix body format in Create custom user task for OD 2020-06-25 13:16:53 +02:00
Jose M
65b0dc8ad5
Fix sintax on OD custom user creation task 2020-06-25 13:03:04 +02:00
Jose M
87f5eb61b9
Add tasks compatibility with private and public addresses 2020-06-25 12:53:57 +02:00
Jose M
9e9fd386f0
Update hashing tasks 2020-06-25 12:37:39 +02:00
Jose M
3c723a94ef
Update conditional in Wait for Elasticsaarch API (Opendistro) 2020-06-25 12:13:35 +02:00
Jose M
3c40f81939
Add task to check API using private IP 2020-06-25 12:10:49 +02:00
Jose M
282e3959eb
Fix h parameter in securityadmin.sh execution task 2020-06-25 11:54:12 +02:00
Jose M
9bedd8ad95
Add task to create a custom user 2020-06-25 11:39:02 +02:00
Jose M
d1a08c1a3f
Change ip to inventory_hostname in Wait for ES API task 2020-06-25 11:38:54 +02:00
Jose M
383d9beec1
Reorganize ES Opendistro vars 2020-06-25 11:38:32 +02:00
Jose M
2ec2cd39fa
Disable bootstrap memmory lock 2020-06-24 18:40:01 +02:00
Jose M
ccbc8f5213
Fix sintax on security_actions.yml 2020-06-24 17:48:20 +02:00
Jose M
d4895f41c4
Make security_actions.yml work with different node names 2020-06-24 17:39:42 +02:00
Jose M
f4942e58da
Add elasticsearch_lower_disk_requirements var 2020-06-24 17:03:26 +02:00
Jose M
0c9d77790e
Add elasticsearch_ne_ingest var to defaults 2020-06-24 16:58:15 +02:00
Jose M
f47d4b446f
Add elasticsearch_node_data variable 2020-06-24 16:52:16 +02:00
Jose M
abd9514f14
Fix Opendistro elasticsearch.yml syntax error 2020-06-24 16:41:14 +02:00
Jose M
ab601a52f3
Format fixes 2020-06-24 16:38:20 +02:00
Jose M
f355044a51
Update openjdk install task for Amazon Linux hosts 2020-06-24 16:38:08 +02:00
Jose M
10f3d22464
Install amazon-linux-extras before OpenJDK on Amazon Linux hosts 2020-06-24 16:17:07 +02:00
Jose M
9aa083ff2e
Update opendistro_kibana.yml.j2 template 2020-06-24 15:48:10 +02:00
Jose M
4c0d16c304
Change variables in Opendistro Elasticsearch configuration file 2020-06-24 11:22:00 +02:00
Jose M
acc248f5d0
Change tlsconfig.yml.j2 to render the template using the instances var 2020-06-24 10:01:15 +02:00
Jose M
7642d7feb5
Make local_certs_path relative to playbook path 2020-06-24 10:00:52 +02:00
Zenidd
d82d1b51d1 Adding variable to parametrize elastic template URL 2020-06-23 17:19:37 +02:00
Zenidd
600dd40896 Adding dynamic template fetch to filebeat-oss 2020-06-23 17:03:33 +02:00
Zenidd
eb276a1f73 Handlers refactor 2020-06-23 17:01:32 +02:00
Zenidd
d907793953 Bump to version v3.13.0_7.7.1 2020-06-23 16:51:53 +02:00
Manuel J. Bernal
f5af77811d
Merge pull request #423 from wazuh/feature-422-fix-filebeat-module-var 
Test #422 fix filebeat module
 2020-06-19 19:00:51 +02:00
Manuel J. Bernal
575ddae995
Merge branch 'devel' into feature-422-fix-filebeat-module-var 2020-06-19 16:28:38 +02:00
Manuel J. Bernal
2212adb5bf
Merge branch 'devel' into wazuh-agent-fixes 2020-06-19 16:25:09 +02:00
Manuel J. Bernal
37dfb5fe12 Resolving conflicts 2020-06-19 12:49:59 +02:00
Manuel J. Bernal
6c630f27d5 Resolved conflicts 2020-06-19 12:46:09 +02:00
Manuel J. Bernal
cac89f1137
Merge pull request #433 from pescobar/add_elastic_option_path.repo 
Add support to configure path.repo option in ES. Required for backups/snapshots
 2020-06-18 18:21:33 +02:00
Manuel J. Bernal
356f232411
Merge pull request #424 from wazuh/feature-kibana-opendistro 
OpenDistro: Kibana + Filebeat-oss
 2020-06-18 18:04:49 +02:00
Jani Heikkine
7a7def1626 add support to configure path.repo option required for backups/snapshots 2020-06-18 17:14:06 +02:00
Manuel Gutierrez
9246d7d694
Merge pull request #429 from wazuh/PR425 
Merge PR425
 2020-06-18 11:46:13 +02:00
Manuel Gutierrez
517fc31932
Merge branch 'master' into devel 2020-06-17 11:03:06 +02:00
Manuel Gutierrez
76f2442cbe
Always prevent become for local tasks 2020-06-16 17:33:48 +02:00
Manuel Gutierrez
a3ef437df4
Use relative path by default for certs 2020-06-16 17:33:36 +02:00
Manuel Gutierrez
0b456a25f0
Remove flag to allow exec on deleted cert 2020-06-12 17:38:17 +02:00
Manuel Gutierrez
68cfc2fb10
Remove extra include_tasks 2020-06-12 17:37:02 +02:00
Manuel Gutierrez
bbbc656985
Make cert generation idempotent 2020-06-12 17:36:18 +02:00
Manuel Gutierrez
be21ad434e
Disable multitenancy until 3.13 fix 2020-06-12 13:20:23 +02:00
Manuel Gutierrez
473decb3fd
Use elasticsearch_network_host 2020-06-11 19:02:40 +02:00
Manuel Gutierrez
1a5f74eec0
Use group es_cluster 2020-06-10 19:01:33 +02:00
Manuel Gutierrez
1062cddf06
Use variable kibana_opendistro_security 2020-06-10 19:01:09 +02:00
Manuel J. Bernal
79d58c3917 Added support for Filebeat-oss and several improvements 2020-06-04 21:17:33 +02:00
Zenidd
668eaacf96 Replacing root owner with ossec for local decoders/rules 2020-05-29 12:25:18 +02:00
Manuel J. Bernal
f21a7e9c1c - Refactoring security local actions 
- Added Filebeat OSS repositories
 2020-05-26 21:06:16 +02:00
Manuel J. Bernal
44ca014cc1 Trim spaces 2020-05-26 16:10:41 +02:00
Pablo Escobar
3d94c5d159 remove unneded option changed_when 2020-05-23 13:46:49 +02:00
Pablo Escobar
5d211c3b41 apply kibana certs permissions in a single task 2020-05-23 13:22:00 +02:00
Pablo Escobar
d9f7e79b7d always use 0770 for the certs folder 2020-05-23 13:20:19 +02:00
Pablo Escobar
c11cdfcf05 only execute kibana optimization during initial installation 2020-05-23 01:40:26 +02:00
Pablo Escobar
57c2a9bb76 fix permissions for kibana 2020-05-23 01:23:25 +02:00
Pablo Escobar
18d69f8b67 fix for kibana 2020-05-23 00:48:38 +02:00
Pablo Escobar
be973340ad allow elasticsearch to readh the ca file 2020-05-23 00:18:10 +02:00
Pablo Escobar
f43b885dc8 fix permission override and broken idempotence 2020-05-22 19:28:05 +02:00
Manuel J. Bernal
930125cc86 WIP: First Kibana working approach 2020-05-21 22:32:36 +02:00
Manuel J. Bernal
fdc3b0f55c Lint changes 2020-05-14 18:13:53 +02:00
Manuel J. Bernal
253f05b323
Merge pull request #422 from pescobar/filebeat_role_fix_var_override 
fix override of var "filebeat_module_folder"
 2020-05-14 17:12:52 +02:00
Pablo Escobar
6073873837 apply permissions 0755 2020-05-13 15:53:43 +02:00
Pablo Escobar
e7bcd54a91 remove leftover debug line 2020-05-13 14:32:09 +02:00
Pablo Escobar
3d74c3a3c3 fix override of var filebeat_module_folder 2020-05-13 13:44:40 +02:00
Manuel J. Bernal
8b278f316b
Merge branch 'feature-126-delegate-registration' into 126-agent-registration 2020-05-12 21:47:29 +02:00
Jose M. Garcia
aa4f6a01c9
Merge pull request #417 from wazuh/feature-opendistro 
Open Distro for Elasticsearch deployment
 2020-05-11 17:34:03 +02:00
Manuel J. Bernal
eb9925a901 Fixed variables and renamed files 2020-05-11 15:18:11 +02:00
Manuel J. Bernal
9742c4984c Changed task description 2020-05-11 13:56:03 +02:00
Manuel J. Bernal
cf14f400ba Linting and improving variables 2020-05-08 20:44:30 +02:00
Jose M
459ac46310
Fix API from sources installation conditional 2020-05-08 20:05:28 +02:00
Manuel J. Bernal
a2fe75775e Added new variables 2020-05-08 18:43:01 +02:00
Manuel J. Bernal
9152d07ac1 When statement at block level 2020-05-08 15:56:00 +02:00
Manuel J. Bernal
8fd6849275 Tasks in YAML format 2020-05-08 15:55:13 +02:00
Manuel J. Bernal
d7be137e6e Ansible linting compliant variables 2020-05-08 15:54:23 +02:00
Manuel J. Bernal
3c6e08c7cf Modified task, from shell to command module 2020-05-08 14:43:30 +02:00
Manuel J. Bernal
e83c6f8d86 Refactor of production ready actions 2020-05-07 20:03:39 +02:00
Manuel J. Bernal
0c04b22b0f Checking API status 2020-05-07 19:12:43 +02:00
Manuel J. Bernal
77c30c3bf0 Added Kibana admin password 2020-05-07 14:50:01 +02:00
Manuel J. Bernal
5fd4988a88 Fixed typo 2020-05-07 14:40:58 +02:00
Manuel J. Bernal
e899b1c602 WIP: Testing first secured cluster deployment 2020-05-06 17:33:53 +02:00
Jose M
100ea616ed
Remove alert_new_files from ossec.conf template 2020-05-01 20:08:50 +02:00
Jose M
12090632a7
Delete "alert_new_files" occurrences 2020-04-30 17:01:24 +02:00
Jose M
e354359e38
Update Agent Windows MD5 2020-04-30 12:25:55 +02:00
Jose M
883ef93af7
Bump version to 3.12.3_7.6.2 2020-04-30 12:22:59 +02:00
Manuel J. Bernal
7269b15041 Modified several variables 2020-04-29 18:01:11 +02:00
Manuel J. Bernal
34920f5fe5 Added task to check if root ca already exist 2020-04-29 17:27:34 +02:00
Manuel J. Bernal
7e47b561e0 Added internal_users template 2020-04-29 16:51:49 +02:00
Manuel J. Bernal
ae160cf6c3 Decoupled local actions and updated SearchGuard certificate generator binary 2020-04-29 15:54:29 +02:00
Manuel J. Bernal
53ad5c62cc Fixed unzip task and added templates 2020-04-27 15:26:13 +02:00
Manuel J. Bernal
a543fc7ed1 Added condition disabled in AWS S3 block 2020-04-27 14:31:06 +02:00
Manuel J. Bernal
d1242dbea9
Merge pull request #276 from limitup/3.10.2_7.3.2 
Update Manager templates for integrations
 2020-04-27 14:20:28 +02:00
Manuel J. Bernal
d0c4bac3ab
Merge pull request #412 from wazuh/bugfix-411-kibana-optimize 
Update Kibana optimize task parameters and command
 2020-04-27 14:07:24 +02:00
Manuel J. Bernal
b91ea1c6aa Fixed register install 2020-04-27 14:00:49 +02:00
Manuel J. Bernal
7bed850905 Changes tasks 2020-04-24 18:07:37 +02:00
Jose M
c6354e2ddc
Update Kibana optimize task parameters and command 2020-04-20 16:36:04 +02:00
Manuel J. Bernal
903e5d53d1
Merge pull request #402 from wazuh/feature-345-oracle2openjdk 
Replacing Oracle Java with OpenJDK 1.8
 2020-04-15 13:38:59 +02:00
Jose M
a69d632468
Merge branch 'devel' 2020-04-14 19:44:08 +02:00
Jose M
ddde86e0a9
Add changed_when:False and update permissions on Wazuh Plugin 2020-04-14 16:02:34 +02:00
Jose M
d50f89b233
Update Kibana optimize fodler permissions and onwer 2020-04-14 13:58:13 +02:00
Zenidd
a8d24ff3f8 Removing precise from default vuln-detector config 2020-04-13 13:46:11 +02:00
Zenidd
0c328081e7 Bump version to 3.12.2-7.6.2 2020-04-13 10:35:12 +02:00
Christos Pollalis
ae40cb4582 Split "Copy CA, SSL key and cert for authd" task 
of the wazuh-agent playbook to allow one to perform either manager
or agent verification, or both.
 2020-04-11 18:26:13 +03:00
Christos Pollalis
f6e020631e Make agent registration via the rest API idempotent 
Check whether an error was returned by the HTTP POST to the `agents/`
endpoint before invoking `/var/ossec/bin/manage_agents` in order to
register a new agent.

It seems like that if an agent has already been registered under the
given name, the HTTP POST will return an error that'll cause the next
task, which is meant to retrieve the agent information, to be skipped.
That'll cause the agent registration task to fail in return. Instead,
this change will cause the aforementioned task to be skipped, too. So,
if an agent has already been successfully registered and the playbook
is re-run, it'll run all the way to the end.

If anything goes wrong (during the registration process) and the agent
fails to start, the `restart wazuh-agent` handler will still fail.
 2020-04-11 02:15:42 +03:00
Manuel J. Bernal
b57623b916 Bump MD5 hash 2020-04-08 19:59:52 +02:00
Manuel J. Bernal
6b3f04f32c Bump version 2020-04-08 19:56:44 +02:00
Manuel J. Bernal
9fc2b1e3c4 Added opendistro tasks and templates 2020-04-08 17:38:44 +02:00
Zenidd
6e12764ff5 Setting optimize --max-old-space-size default value to 2048mb 2020-04-08 14:06:53 +02:00
Manuel J. Bernal
dbeb8b31fb First OpenDistro default installation 2020-04-07 18:54:12 +02:00
Zenidd
584950532f Replacing Oracle Java with OpenJDK 1.8 2020-04-07 11:41:00 +02:00
Zenidd
2d8029d6bf Removing python-cryptography module 2020-04-07 10:20:33 +02:00
Zenidd
488508815b Removing owner:group and permissions masks to be idempotence compliant 2020-04-06 15:39:33 +02:00
Manuel J. Bernal
605ec63caf Removed duplicated block 2020-04-02 15:03:08 +02:00
Jose M. Garcia
67305df536
Merge branch 'devel' into async_ignore_check_mode 2020-03-31 12:37:53 +02:00
Jose M. Garcia
05955a89d6
Merge branch 'devel' into feature-387-kibana-app-changes 2020-03-26 14:52:28 +01:00