afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,360 Commits 1 Branch 0 Tags 3.5 MiB
e532e214d5
Commit Graph

517 Commits

Author SHA1 Message Date
Jose M
7371e73920 Update default variables for sca configuration 2019-09-27 13:38:45 +02:00
Manuel J. Bernal
af115d73a2
Merge pull request #247 from wazuh/3.10.2_7.3.2-release 
Wazuh Release 3.10.2 7.3.2
 2019-09-25 16:22:24 +02:00
Jose M
7441930081 Add default filebeat module variables 2019-09-25 11:49:56 +02:00
Jose M
a0d4967b1f Add filebeat_module_folder to default variables 2019-09-25 09:48:07 +02:00
Jose M
5646848266 Bump version to 3.10.2_7.3.2 2019-09-25 09:14:31 +02:00
Manuel Gutierrez
534704f115 Fix linting errors on vars 2019-09-24 12:47:28 +02:00
Jose M
d6979b772e Merge 3.10.2_7.3.2 into ellk-security-dev 2019-09-24 09:37:31 +02:00
Jose M
58b3b734be Bump version to 3.10.0_7.3.2 2019-09-16 18:10:28 +02:00
Jose M
fe23f2a97d Update Elastic templates for Elasticsearch and Filebeat 2019-09-16 18:09:12 +02:00
Jose M
d3784b4727 Fix conditionals longer than 160 characters to pass linting tests. 2019-09-09 17:14:10 +02:00
Jose M
bb591ee466 Remove traling whitespace on line 12 to fix ansible-linting error. 2019-09-09 17:13:33 +02:00
Jose M
3669df071f Merge branch '3.10_7.3.0' into 233-fix-windows-agent-installation 2019-09-09 17:03:34 +02:00
Jose M
ded355809e Remove brackets from "register_key" variable to fix the brackets problem in the installation task. 2019-09-09 13:27:22 +02:00
Jose M
78ca9ff616 Remove hardcoding of wazuh-agent 'product_id' 2019-09-09 13:09:51 +02:00
Jose M
d1246627ff Update wazuh-agent windows handler for restarting 2019-09-09 13:08:38 +02:00
Jose M
8f856eea7d Updated default attributes for windows agent. Added register_key. Removed quotes from path 2019-09-09 13:07:52 +02:00
Jose M
be977fa9ac Update task handler naming to a more explicit message 2019-09-09 13:07:03 +02:00
Jose M
1ad5763e00 Add verification for the wazuh directory path. 2019-09-09 13:06:42 +02:00
Jose M
a52d5e540c Modify registration task to use new fact "wazuh_agent_win_auth_path" 2019-09-09 13:05:40 +02:00
Jose M
ea69b7fc9b Update Wazuh installation tasks. Added Product key to avoid reinstalling Agent 2019-09-09 13:04:45 +02:00
Jose M
9f84bfe15a Update Windows x86 and x64 path detection. Added fact for authd. 2019-09-09 13:03:03 +02:00
Jose M
a0ca5739be Merge remote-tracking branch 'origin/3.10_7.3.0' into fix-228 2019-09-05 13:08:51 +02:00
Jose M
4ce3a0e5d7 Fix conditionals for Amazon Linux in Manager and Filebeat 2019-09-05 12:05:42 +02:00
Manuel J. Bernal
88585a2e80
Merge pull request #227 from joey1a2b3c/fix-ar-inconsistency 
Fix typo in var-ossec-etc-ossec-agent.conf.j2
 2019-09-04 11:22:54 +02:00
Joey Wong
06a3f2712c Fix typo in var-ossec-etc-ossec-agent.conf.j2 2019-09-03 14:19:31 -06:00
Joey Wong
fdc2cdb309 Fix typo in var-ossec-etc-ossec-agent.conf.j2 2019-09-03 14:06:30 -06:00
Manuel J. Bernal
0fae235246
Merge pull request #223 from wazuh/3.10_7.3.0_issue_220 
Improvements for Molecule tests
 2019-08-23 16:02:38 +02:00
Rshad Zhran
53d96c18d3 deleted testing tasks 2019-08-23 15:19:21 +02:00
Rshad Zhran
726a8962c5 adapted kibana test 2019-08-23 11:00:47 +02:00
Rshad Zhran
e1b084c1a7 Adding hash_behaviour: merge in order not to override the default variables 2019-08-22 16:26:07 +02:00
Manuel J. Bernal
8922cdfe7b
Merge pull request #222 from moodymob/patch-1 
Update var-ossec-etc-ossec-agent.conf.j2
 2019-08-22 12:50:06 +02:00
Apely
36d3cbee4a
Update var-ossec-etc-ossec-agent.conf.j2 
Hi, it seems that ansible_os_family is too specific for syscheck. Ex: Debian strech ( ansible_os_family == Debian )
 2019-08-22 12:33:45 +02:00
Rshad Zhran
defd2ab2f8 added a worker test 2019-08-22 11:15:33 +02:00
Rshad Zhran
cd090d63eb removed basename, adapted paths, fixed Pipefile 2019-08-19 15:18:51 +02:00
Rshad Zhran
c295ac2ea4 bump version for 3.9.5_7.2.1 2019-08-19 13:34:36 +02:00
Rshad Zhran
cae6e96be6 changing default variables values 2019-08-16 14:43:29 +02:00
Rshad Zhran
2b7bf881ae improved the tasks of filebeat module installation and fixed idempotence errors 2019-08-16 11:54:51 +02:00
Rshad Zhran
da005fea58 removed Java installation tasks for SysV systems 2019-08-16 10:27:42 +02:00
Rshad Zhran
69427edea6 initial changes 2019-08-09 16:45:23 +02:00
Jose M
fb76622080 Add import to 2019-08-08 17:44:08 +02:00
Jose M
bb0c79c455 Update filebeat template 2019-08-08 17:43:57 +02:00
Jose M
b2876d15e4 Update attributes, remove rsync parameters. 2019-08-08 17:43:30 +02:00
manuasir
c171f3905b Bump version 2019-08-07 12:00:39 +02:00
Jose M
9580056b74 Fix naming on xpack security conditionals 2019-07-31 01:16:36 +02:00
Jose M
0cc4838e1d Copy certificates from master now depends on xpack enabled 2019-07-31 00:51:49 +02:00
Jose M
9734ac2304 Remove check_certs_permission parameter 2019-07-31 00:50:17 +02:00
Jose M
af6e5cb816 Merge 3.9.4_7.2.0 2019-07-30 18:15:32 +02:00
Jose M
c6e14f23a0 Update Filebeat certificate imports 2019-07-30 17:44:37 +02:00
Jose M
a305d4ff6f Add Filebeat default parameter 2019-07-30 17:37:05 +02:00
Manuel J. Bernal
8d267f5a5b
Merge pull request #204 from ionphractal/use-tcp 
Use tcp for all connections
 2019-07-24 12:02:32 +02:00
Jani Heikkinen
8db9700f02 added wazuh_agent_nat boolean variable for agents behind nat 2019-07-18 09:00:39 +00:00
Rshad Zhran
14cd09a034 version bumping .. 2019-07-17 13:27:43 +02:00
Rshad Zhran
2150d71a60 changing permissions 2019-07-17 12:21:19 +02:00
Michael Both
9605280db0 Use tcp for all connections 2019-07-15 14:32:19 +02:00
rshad
873e9759ae Versioning and Ansible-Linting fixes are introduced to wazuh-agent and filebeat installations and testings 2019-07-12 13:06:02 +00:00
rshad
5d006cbc3a adapted wazuh-manager installation so it takes into account the package version - Differentiating between CentOS/RedHat and Debian 2019-07-09 15:31:38 +00:00
rshad
a48169d53f modified molecule.yml for wazuh-agent and elasticsearch - Lint 2019-07-08 09:27:01 +00:00
manuasir
76372da8d9 Fetching tests and workarounds 2019-07-04 12:23:59 +02:00
manuasir
6609cc9aa7 Modifying variable names 2019-07-04 12:05:37 +02:00
Jose M
72894d4a25 Fix conditions error on ES, Kibana and Filebeat 2019-07-03 14:09:46 +02:00
Jose M
4539f368b6 Add certificate imports and fix folder permissions to filebeat 2019-07-02 19:09:36 +02:00
Jose M
7924f89dc2 Update filebeat default variables 2019-07-02 19:09:17 +02:00
Jose M
3ff5a194df Update Filebeat for XPack Security 2019-07-01 15:51:23 +02:00
Jose M
6cffed9218 Add required default attributes XPack in Filebeat. 2019-07-01 15:50:48 +02:00
Devin Roark
72ccac8518 ignore check mode for async roles 2019-06-27 09:32:10 -04:00
manuasir
eb66e7d4cb Passing tests 2019-06-14 17:12:49 +02:00
Manuel J. Bernal
7619b44426 Added changes for ELK 7 2019-06-12 21:11:12 +02:00
manuasir
3ac36b05f8 Deleted Logstash and added new Filebeat.yml template 2019-06-06 17:24:18 +02:00
Manuel J. Bernal
bfc3d4e4e1 Bump version 2019-05-21 21:05:44 +02:00
Werner Dijkerman
4658fe7a4e Fix merge issue 2019-05-06 19:07:24 +02:00
Werner Dijkerman
a3425d04ac Added comments in tests;Added some skip tasks 2019-05-06 18:56:14 +02:00
manuasir
3c56b74d1e Bump version. 2019-04-30 18:07:30 +02:00
jm404
cd3fcc7857 Fixed linting problems for molecule tests. 2019-04-30 17:00:44 +02:00
jm404
bcd535351b Adding openjdk repository for Ubuntu 14.04. 2019-04-30 16:59:29 +02:00
jm404
2716f2c7bf Fixed conflicts. 2019-04-29 17:42:48 +02:00
Werner Dijkerman
06589471f0 Fixed typo 2019-04-29 15:57:22 +02:00
Werner Dijkerman
af758690a1 Added molecule test for the Wazuh Agent 2019-04-27 15:26:18 +02:00
l
9e22760911 Fixing whitespaces 2019-04-24 17:41:27 +02:00
l
b84aecfa67 Fixing syntax error at Debian tasks 2019-04-24 17:30:40 +02:00
l
a29eb8faf4 Using OpenJDK for cis-cat and for elastic at Debian based distros 2019-04-24 16:45:29 +02:00
Werner Dijkerman
fa7a5e6b91 Added some tests with Testinfra 2019-04-16 20:36:31 +02:00
Werner Dijkerman
41f7be184e Added retries for tasks that work with "3rd" party services 2019-04-16 19:16:54 +02:00
Werner Dijkerman
dc8438401f Added where possible the wazuh-manager role idempotent. Have to disable this because of issue #107 2019-04-16 19:09:36 +02:00
Werner Dijkerman
8291e4ab9f Added a successful installation on provided Docker containers with Molecule 2019-04-15 21:52:08 +02:00
Manuel J. Bernal
1c4b87b60e
Merge branch '3.9' into add-molecule-tests 2019-04-15 11:05:27 +02:00
Manuel J. Bernal
96012df2fc
Merge branch '3.9' into active_response 2019-04-04 10:45:17 +02:00
l
ce4665ef3e Fixing default active response 2019-04-04 10:22:33 +02:00
Manuel J. Bernal
deaffd9c8e
Merge pull request #159 from kravietz/email_fix 
Email fix
 2019-04-03 15:02:31 +02:00
l
29301b0044 Adding alias to agent config file template 2019-04-03 12:20:59 +02:00
Manuel J. Bernal
07dacae92d
Merge pull request #110 from wazuh/3.7-concurrent-packages 
Installing concurrent apt packages
 2019-04-01 17:30:30 +02:00
l
a9344cf181 Using list instead of iterating over one to install packages 2019-04-01 12:23:48 +02:00
Manuel J. Bernal
968e7f8206
Merge pull request #146 from perryk/fix_couple_warning_pk1 
Fix a couple of minor warnings from default 3.8 manager role
 2019-03-28 18:08:10 +01:00
Pawel Krawczyk
7381dc8b2b Fix wazuh_manager_config.email_notification 
There's no need for a complicated if..then condition here since the
value is expected to be yes/no only
 2019-03-22 00:03:42 +00:00
joschneid
0256b529f1 make debian repos customizable 2019-03-01 14:29:02 +01:00
joschneid
6f16326905 debian repo keys with pgp keyserver 2019-03-01 14:28:02 +01:00
Pawel Krawczyk
f96ab0a317 Add flag to accept remote commands from manager 
Without this flag the agent will not accept any system check
commands (`command` and `full_command`) configured in the Wazuh
Manager settings to cascade down to agents.
 2019-02-20 13:31:24 +00:00
Pawel Krawczyk
bcd327280e Do not report virtual filesystems in df 
Tell `df` not to report on virtual filesystems such as `squashfs` (used
by `snapd` and always at 100%), `tmpfs` (memory-only) and `devtmpfs`
(used by `udev`)
 2019-02-18 13:01:42 +00:00
Pawel Krawczyk
81058daf1b Replace netstat with ss 
The `ss` program is now the official replacement for `netstat` which
is deprecated in most Linux distributions. Also replace the messy sed
rules which do not work on all versions with a clean command-line that
just displays the key information that does **not** change on every
command run (e.g. PID) resulting in false positives.
 2019-02-18 12:59:48 +00:00
Pawel Krawczyk
68cd434466 do no include syscheck section if not defined 2019-02-17 20:03:40 +00:00
Pawel Krawczyk
a94038201a typo 2019-02-17 20:03:30 +00:00
Pawel Krawczyk
58a76a8c08 Enable active-response section 
As of now the whole active-response section was commented out and
inactive
 2019-02-17 00:16:31 +00:00
jjediny
e1aeff0fd6 adding back .yamllint pretask and results 2019-02-11 23:31:38 -05:00
joschneid
6e880f7dab wrong fact for possible syscheck directories 2019-02-07 15:21:33 +01:00
joschneid
c90df8318e
Merge branch 'stable' into stable 2019-02-07 14:35:29 +01:00
AlfonsoRBJ
2030751eac Update to Wazuh version v3.8.2 2019-01-30 17:02:33 +01:00
AlfonsoRBJ
a0b3fae9d2 Update to Wazuh version 3.8.1 (#148) 2019-01-24 15:09:45 +01:00
joschneid
9a78142137 changed keyserver for better performance 2019-01-24 09:08:44 +01:00
joschneid
59c3fe0e4b make debian repos customizable 2019-01-24 09:01:16 +01:00
joschneid
82693e34f1 debian repo keys with pgp keyserver 2019-01-24 08:42:57 +01:00
Perry Kollmorgen
1b51b2dc11 Fix warning from vul_detector config for Redhat Feed Name #145 
The value for the Redhat Feed Name in the ossec.conf template no longer
requires a version. i.e the value should be "redhat" rather "redhat-7"
or similar.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/wodle-vuln-detector.html#feed
https://github.com/wazuh/wazuh/pull/2137
 2019-01-21 09:12:35 +10:00
Perry Kollmorgen
72b0f672d6 Fix warning from cluster interval option in defaults #145 
The interval option in the cluster section in the defaults has been
depreciated and no longer requires to be set.

https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/cluster.html#interval
 2019-01-21 09:10:45 +10:00
AlfonsoRBJ
df95a75b6b
Merge pull request #143 from wazuh/PR-java-path 
Fix oracle java cookies
 2019-01-18 16:35:59 +01:00
cadoming
37bfa5be17 3.8 release 2019-01-18 15:11:40 +00:00
Carlos Dominguez
d4b2de38de
delete save file 2019-01-17 17:03:17 +01:00
cadoming
949aa7f043 adapt new version (3.8.0-6.5.4) 2019-01-17 15:42:11 +00:00
cadoming
61260986c0 fixed java path 2019-01-16 16:16:06 +00:00
Carlos Dominguez
236e76f73d Fixes typos (#130) 2019-01-14 09:19:02 +01:00
Carlos Dominguez
e97a0ff7a3 Labels configuration (#135) 2019-01-14 09:12:09 +01:00
Carlos Dominguez
59008bda4d delete useless files (#137) 2019-01-14 09:07:47 +01:00
Carlos Dominguez
492c25eeaf
Merge pull request #133 from singuliere/agent-cleanup 
cleanup: move redundant tags to the outer block
 2019-01-11 15:20:05 +01:00
Carlos Dominguez
21fbe85010
Merge pull request #132 from paulcalabro/master 
wazuh_manager_fqdn is a scalar not a sequence
 2019-01-11 15:16:52 +01:00
singuliere
7cce8e9490
make agent registration delegate_to configurable 
Registering to the API requires the port 55000 of the wazuh manager is
open. Depending on the firewall policy, it may be true from the
ansible controller, reason why it was delegated to localhost in the
original implementation at 6cb6d3bda8

The role should be more flexible and allow for the API call to be made
from the ansible controller or the host.

Implementation note: although it would be more elegant to use omit
instead of inventory_hostname, it is not possible because of an
ansible bug at this time https://github.com/ansible/ansible/issues/26009

Fixes: https://github.com/wazuh/wazuh-ansible/issues/126

Signed-off-by: singuliere <singuliere@autistici.org>
 2019-01-10 17:24:23 +01:00
Carlos Dominguez
e644b1e231
Merge pull request #120 from saez0pub/3.7 
FIX multiple remote connection
 2019-01-10 13:18:17 +01:00
Carlos Dominguez
02736e1ab3
Merge branch '3.7' into Issue_78-windows_ossec_conf 2019-01-10 13:11:03 +01:00
Carlos Dominguez
c50d2b3828
Merge pull request #117 from wazuh/Issue_91-single_agent_name 
Custom name for single agent registration
 2019-01-10 12:09:46 +01:00
singuliere
d33b5c90c3
cleanup: move redundant tags to the outer block 2019-01-10 10:01:06 +01:00
Paul Calabro
0565486e6d
wazuh_manager_fqdn is a sequence not a scalar 
Updated to `~` to reflect a null string, similar to [] for an empty sequence.
 2019-01-09 20:51:48 -07:00
Jean Prat
1e2e1f1f30
FIX multiple remote connection 2019-01-04 16:26:26 +01:00
cadoming
620bf04835 ossec.conf for windows agents 2019-01-03 09:35:40 +00:00
Paul Calabro
204ad3c6ff Fixed a couple linting issues with yamllint and ansible-review (#111) 
- yamllint: "truthy value should be true or false"
   (Docs: https://github.com/adrienverge/yamllint/blob/master/yamllint/rules/truthy.py)
- ansible-review: "WARN: Best practice "Use YAML format for tasks and handlers rather than key=value" not met:"
  (Docs: 2aacd7462f/lib/ansiblereview/tasks.py)
 2018-12-27 12:57:24 +01:00
Carlos Dominguez
e94a0cf473 change installation directory (#116) 2018-12-27 12:52:27 +01:00
cadoming
b5dd470c2c custom name for single agent registration 2018-12-27 10:49:34 +00:00
AlfonsoRBJ
2d8283d560
Merge branch '3.7' into Issue_95-default_configuration 2018-12-20 18:20:43 +01:00
Carlos Dominguez
e6ba94d4b9 exception reload systemd task (#114) 2018-12-20 17:58:55 +01:00
manuasir
96390a2d46 Installing apt packages concurrently, related #109 2018-12-19 10:22:40 +01:00
cadoming
1cc33d7266 cdb_lists.yml update 2018-12-14 10:54:59 +00:00
root
852d5909eb os_family localfiles 2018-12-13 13:42:15 +00:00
root
23aeeffff2 default configuration update v1 2018-12-13 10:59:13 +00:00
Luis Gil Guijarro
139b1988fe Add authlog fix to localfile (#99) 2018-12-10 18:39:23 +01:00
cadoming
794beeae15 custom_ruleset relative path 2018-12-10 11:02:37 +00:00
cadoming
50b5e774de fix defaults/main.yml 2018-12-05 12:56:15 +00:00
cadoming
c226c6f44d Moved custom_ruleset files 2018-12-05 12:01:36 +00:00
AlfonsoRBJ
28d6ecae5d
Merge branch '3.7' into Issue-77_conflict_configurations 2018-11-16 12:30:00 +01:00
AlfonsoRBJ
1369b3df41
Merge branch '3.7' into Issue-34_local_internal_options 2018-11-16 12:20:42 +01:00
AlfonsoRBJ
99a6a3d6b0
Merge branch '3.7' into Issue-88_version_windows_installer 2018-11-16 11:38:34 +01:00
cadoming
bdf913453e Added windows task 2018-11-16 10:34:41 +00:00
cadoming
f2b3ac68bb agent configuration and monitoring 2018-11-15 12:16:05 +00:00
cadoming
6fe87697f1 Changed windows agent version 2018-11-15 10:40:57 +00:00
cadoming
8ef5e65eb7 include template local_internal_options.conf 2018-11-14 12:13:58 +00:00
cadoming
5c1f2ed783 clean old code for windows agent 2018-11-14 10:39:25 +00:00
AlfonsoRBJ
62938ff894
Merge pull request #71 from wazuh/Amazon-Linux-support 
Support for Amazon Linux added
 2018-11-12 16:41:29 +01:00
AlfonsoRBJ
d36fdb8f4f
Merge pull request #84 from wazuh/ISSUE_83 
include logall_json label
 2018-11-12 16:11:24 +01:00
AlfonsoRBJ
fcf7bf4b00
Merge pull request #79 from wazuh/PR-54_new_structure 
client.keys registration triggers
 2018-11-12 14:13:04 +01:00
root
4f2a080eb3 include logall_json label 2018-11-12 11:05:49 +00:00
AlfonsoRBJ
cf11aea81a
Merge pull request #81 from wazuh/PR-62_add_local_rules 
adding custom rules/decoders files
 2018-11-09 16:29:03 +01:00
root
87cd7c214f adding custom rules/decoders files 2018-11-09 10:35:52 +00:00
root
1007255e4a change syntax erros 2018-11-07 12:17:28 +00:00
root
ea7b685633 new changes 2018-11-07 12:11:44 +00:00
root
5c3b767f34 API configuration 2018-11-07 11:34:02 +00:00
root
5298084a62 client.keys registration triggers 2018-11-06 10:48:02 +00:00
AlfonsoRBJ
52084d66d5
Merge pull request #76 from wazuh/PR-55_new_structure 
validate agent.conf in manager
 2018-11-02 17:42:19 +01:00
AlfonsoRBJ
3d4e3ff67b
Merge pull request #75 from wazuh/PR-52_new_structure 
active_response_disable configuration
 2018-11-02 17:19:49 +01:00
root
539f94d9c1 validate agent.conf in manager 2018-11-02 10:31:00 +00:00
root
33e9150dcd active_response_disable configuration 2018-10-31 11:50:37 +00:00
root
dcd7b1a6fd agent and manager grouping task 2018-10-31 10:49:45 +00:00
AlfonsoRBJ
2c4c6fc59c Support for Amazon Linux added 
Logstash bug fixed for single server installation on Amazon Linux
 2018-10-19 16:40:13 +02:00
Jesús Linares
1bd21e381b
Restructure repository (#66) 2018-10-04 12:40:10 +02:00