diff --git a/.env b/.env index df92e2d3..8f5d52ff 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=4.8.1 -WAZUH_IMAGE_VERSION=4.8.1 +WAZUH_VERSION=4.9.0 +WAZUH_IMAGE_VERSION=4.9.0 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=4.8.1 +FILEBEAT_TEMPLATE_BRANCH=4.9.0 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz WAZUH_UI_REVISION=1 diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 50b54fc2..a2ee17aa 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.8.1-1 + - 4.9.0-1 port: tcp:1514: listening: true diff --git a/CHANGELOG.md b/CHANGELOG.md index 01ab8ddd..1d704b3b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,16 @@ # Change Log All notable changes to this project will be documented in this file. +## Wazuh Docker v4.9.0 +### Added + +- Update Wazuh to version [4.9.0](https://github.com/wazuh/wazuh/blob/v4.9.0/CHANGELOG.md#v490) + +## Wazuh Docker v4.8.2 +### Added + +- Update Wazuh to version [4.8.2](https://github.com/wazuh/wazuh/blob/v4.8.2/CHANGELOG.md#v482) + ## Wazuh Docker v4.8.1 ### Added diff --git a/README.md b/README.md index d6f33a93..7c6c3a3d 100644 --- a/README.md +++ b/README.md @@ -8,19 +8,19 @@ In this repository you will find the containers to run: * Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS -* Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. +* Wazuh dashboard: provides a web user interface to browse through alert data and allows you to visualize the agents configuration and status. * Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** The folder `build-docker-images` contains a README explaining how to build the Wazuh images and the necessary assets. The folder `indexer-certs-creator` contains a README explaining how to create the certificates creator tool and the necessary assets. The folder `single-node` contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard. -The folder `multi-node` contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexer, and one Wazuh dashboard. +The folder `multi-node` contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexers, and one Wazuh dashboard. ## Documentation * [Wazuh full documentation](http://documentation.wazuh.com) * [Wazuh documentation for Docker](https://documentation.wazuh.com/current/docker/index.html) -* [Docker hub](https://hub.docker.com/u/wazuh) +* [Docker Hub](https://hub.docker.com/u/wazuh) ### Setup SSL certificate @@ -38,7 +38,7 @@ Default values are included when available. ``` API_USERNAME="wazuh-wui" # Wazuh API username API_PASSWORD="MyS3cr37P450r.*-" # Wazuh API password - Must comply with requirements - # (8+ length, uppercase, lowercase, specials chars) + # (8+ length, uppercase, lowercase, special chars) INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL INDEXER_USERNAME=admin # Wazuh indexer Username @@ -53,8 +53,8 @@ SSL_KEY="" # Path of Filebeat SSL Key ``` PATTERN="wazuh-alerts-*" # Default index pattern to use -CHECKS_PATTERN=true # Defines which checks must to be consider by the healthcheck -CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must to be true or false +CHECKS_PATTERN=true # Defines which checks must be considered by the healthcheck +CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must be true or false CHECKS_API=true CHECKS_SETUP=true @@ -190,12 +190,14 @@ WAZUH_MONITORING_REPLICAS=0 ## ## Branches * `master` branch contains the latest code, be aware of possible bugs on this branch. -* `stable` branch on correspond to the last Wazuh stable version. +* `stable` branch corresponds to the last Wazuh stable version. ## Compatibility Matrix | Wazuh version | ODFE | XPACK | |---------------|---------|--------| +| v4.9.0 | | | +| v4.8.2 | | | | v4.8.1 | | | | v4.8.0 | | | | v4.7.5 | | | @@ -255,7 +257,7 @@ These Docker containers are based on: * "deviantony" dockerfiles which can be found at [https://github.com/deviantony/docker-elk](https://github.com/deviantony/docker-elk) * "xetus-oss" dockerfiles, which can be found at [https://github.com/xetus-oss/docker-ossec-server](https://github.com/xetus-oss/docker-ossec-server) -We thank you them and everyone else who has contributed to this project. +We thank them and everyone else who has contributed to this project. ## License and copyright diff --git a/VERSION b/VERSION index f57527d2..a25e5cee 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-DOCKER_VERSION="4.8.1" -REVISION="40813" +WAZUH-DOCKER_VERSION="4.9.0" +REVISION="40900" diff --git a/build-docker-images/README.md b/build-docker-images/README.md index 2d527418..d4c5b4ff 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.8.1 +$ build-docker-images/build-images.sh -v 4.9.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.8.1. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.9.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index f537c447..6d1833a8 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,4 +1,4 @@ -WAZUH_IMAGE_VERSION=4.8.1 +WAZUH_IMAGE_VERSION=4.9.0 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') WAZUH_TAG_REVISION=1 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') @@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="4.8.1" +WAZUH_IMAGE_VERSION="4.9.0" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.4" diff --git a/build-docker-images/wazuh-dashboard/config/config.sh b/build-docker-images/wazuh-dashboard/config/config.sh index 79306721..3f5dd902 100644 --- a/build-docker-images/wazuh-dashboard/config/config.sh +++ b/build-docker-images/wazuh-dashboard/config/config.sh @@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config ## Variables CERT_TOOL=wazuh-certs-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.8/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.8/ +PACKAGES_URL=https://packages.wazuh.com/4.9/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 2768f157..67e66fd7 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -53,8 +53,8 @@ tar -xf ${INDEXER_FILE} ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.8/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.8/ +PACKAGES_URL=https://packages.wazuh.com/4.9/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager index 0bd90fd6..9e9aa995 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager @@ -93,6 +93,7 @@ EOF if /var/ossec/framework/python/bin/python3 /var/ossec/framework/scripts/create_user.py; then # remove json if exit code is 0 rm /var/ossec/api/configuration/admin.json + rm /var/ossec/framework/scripts/create_user.py else echored "There was an error configuring the API user" # terminate container to avoid unpredictable behavior diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 5d5e5d6c..db6e0e78 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -8,8 +8,8 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.8/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.8/ +PACKAGES_URL=https://packages.wazuh.com/4.9/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.9/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 145af9fb..cdc62601 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.9.0 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 03255d88..799c027a 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.9.0 hostname: wazuh.dashboard restart: always ports: