update dashboard.yml and indexer ports

README.md

@@ -39,7 +39,7 @@ API_USERNAME="wazuh"                                # Wazuh API username
 API_PASSWORD="wazuh"                                # Wazuh API password - Must comply with requirements
                                                     # (8+ length, uppercase, lowercase, specials chars)
 
-INDEXER_URL=https://wazuh1.indexer:9700             # Wazuh indexer URL
+INDEXER_URL=https://wazuh1.indexer:9200             # Wazuh indexer URL
 INDEXER_USERNAME=admin                              # Wazuh indexer Username
 INDEXER_PASSWORD=admin                              # Wazuh indexer Password
 FILEBEAT_SSL_VERIFICATION_MODE=full                 # Filebeat SSL Verification mode (full or none)
@@ -102,7 +102,7 @@ ADMIN_PRIVILEGES=true               # App privileges
 │   │   ├── wazuh_manager.conf
 │   │   └── wazuh_worker.conf
 │   ├── wazuh_dashboard
-│   │   └── dashboard.yml
+│   │   └── opensearch_dashboard.yml
 │   ├── wazuh-indexer
 │   │   ├── internal_users.yml
 │   │   ├── opensearch.yml
@@ -116,7 +116,7 @@ ADMIN_PRIVILEGES=true               # App privileges
 ├── VERSION
 ├── wazuh-dashboard
 │   ├── config
-│   │   ├── dashboard.yml
+│   │   ├── opensearch_dashboard.yml
 │   │   ├── entrypoint.sh
 │   │   ├── wazuh_app_config.sh
 │   │   └── wazuh.yml

build-wazuh-images.yml

@@ -13,7 +13,7 @@ services:
       - "514:514/udp"
       - "55000:55000"
     environment:
-      - INDEXER_URL=https://wazuh1.indexer:9700
+      - INDEXER_URL=https://wazuh1.indexer:9200
       - INDEXER_USERNAME=admin
       - INDEXER_PASSWORD=admin
       - FILEBEAT_SSL_VERIFICATION_MODE=none
@@ -36,7 +36,7 @@ services:
     hostname: wazuh1.indexer
     restart: always
     ports:
-      - "9700:9700"
+      - "9200:9200"
     environment:
       - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
     ulimits:

docker-compose.yml

@@ -12,7 +12,7 @@ services:
       - "514:514/udp"
       - "55000:55000"
     environment:
-      - INDEXER_URL=https://wazuh1.indexer:9700
+      - INDEXER_URL=https://wazuh1.indexer:9200
       - INDEXER_USERNAME=admin
       - INDEXER_PASSWORD=admin
       - FILEBEAT_SSL_VERIFICATION_MODE=none
@@ -34,7 +34,7 @@ services:
     hostname: wazuh1.indexer
     restart: always
     ports:
-      - "9700:9700"
+      - "9200:9200"
     environment:
       - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
     ulimits:

production-cluster.yml

@@ -11,7 +11,7 @@ services:
       - "514:514/udp"
       - "55000:55000"
     environment:
-      - INDEXER_URL=https://wazuh1.indexer:9700
+      - INDEXER_URL=https://wazuh1.indexer:9200
       - INDEXER_USERNAME=admin
       - INDEXER_PASSWORD=SecretPassword
       - FILEBEAT_SSL_VERIFICATION_MODE=full
@@ -42,7 +42,7 @@ services:
     hostname: wazuh.worker
     restart: always
     environment:
-      - INDEXER_URL=https://wazuh1.indexer:9700
+      - INDEXER_URL=https://wazuh1.indexer:9200
       - INDEXER_USERNAME=admin
       - INDEXER_PASSWORD=SecretPassword
       - FILEBEAT_SSL_VERIFICATION_MODE=full
@@ -71,7 +71,7 @@ services:
     hostname: wazuh1.indexer
     restart: always
     ports:
-      - "9700:9700"
+      - "9200:9200"
     environment:
       - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
       - "bootstrap.memory_lock=true"
@@ -141,7 +141,7 @@ services:
     hostname: wazuh.dashboard
     restart: always
     environment:
-      - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700"
+      - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200"
       - WAZUH_API_URL="https://wazuh.master"
       - API_USERNAME=acme-user
       - API_PASSWORD=MyS3cr37P450r.*-
@@ -149,7 +149,7 @@ services:
       - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem
       - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem
       - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem
-      - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml
+      - ./production_cluster/wazuh_dashboard/opensearch_dashboard.yml:/etc/wazuh-dashboard/opensearch_dashboard.yml
     depends_on:
       - wazuh1.indexer
     links:

production_cluster/wazuh-indexer/wazuh1.indexer.yml

@@ -9,8 +9,6 @@ discovery.seed_hosts:
         - wazuh1.indexer
         - wazuh2.indexer
         - wazuh3.indexer
-http.port: 9700-9799
-transport.tcp.port: 9800-9899
 node.max_local_storage_nodes: "3"
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer

production_cluster/wazuh-indexer/wazuh2.indexer.yml

@@ -9,8 +9,6 @@ discovery.seed_hosts:
         - wazuh1.indexer
         - wazuh2.indexer
         - wazuh3.indexer
-http.port: 9700-9799
-transport.tcp.port: 9800-9899
 node.max_local_storage_nodes: "3"
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer

production_cluster/wazuh-indexer/wazuh3.indexer.yml

@@ -9,8 +9,6 @@ discovery.seed_hosts:
         - wazuh1.indexer
         - wazuh2.indexer
         - wazuh3.indexer
-http.port: 9700-9799
-transport.tcp.port: 9800-9899
 node.max_local_storage_nodes: "3"
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer

production_cluster/wazuh_dashboard/opensearch_dashboard.yml

@@ -1,6 +1,6 @@
 server.host: 0.0.0.0
 server.port: 443
-opensearch.hosts: https://wazuh1.indexer:9700
+opensearch.hosts: https://wazuh1.indexer:9200
 opensearch.ssl.verificationMode: certificate
 opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
 opensearch_security.multitenancy.enabled: false

wazuh-dashboard/Dockerfile

@@ -15,7 +15,7 @@ COPY config/entrypoint.sh /
 
 COPY config/wazuh_app_config.sh /
 
-COPY config/dashboard.yml /etc/wazuh-dashboard/
+COPY config/opensearch_dashboard.yml /etc/wazuh-dashboard/
 
 COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/
 
@@ -23,7 +23,7 @@ RUN chmod 700 /entrypoint.sh
 
 RUN chmod 700 /wazuh_app_config.sh
 
-RUN chown 101:101 /etc/wazuh-dashboard/dashboard.yml && chmod 664 /etc/wazuh-dashboard/dashboard.yml
+RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboard.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboard.yml
 
 RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config
 

wazuh-dashboard/config/entrypoint.sh

@@ -7,4 +7,4 @@
 
 /wazuh_app_config.sh
 
-runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/dashboard.yml"
+runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboard.yml"

wazuh-dashboard/config/opensearch_dashboard.yml

@@ -1,6 +1,6 @@
 server.host: 0.0.0.0
 server.port: 443
-opensearch.hosts: https://wazuh1.indexer:9700
+opensearch.hosts: https://wazuh1.indexer:9200
 opensearch.ssl.verificationMode: none
 opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]
 opensearch_security.multitenancy.enabled: true

wazuh-indexer/Dockerfile

@@ -64,7 +64,7 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer &&
     mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer
 
 # Services ports
-EXPOSE 9700
+EXPOSE 9200
 
 
 ENTRYPOINT ["/entrypoint.sh"]

wazuh-indexer/config/opensearch.yml

@@ -1,7 +1,5 @@
 network.host: "0.0.0.0"
 node.name: "wazuh1.indexer"
-http.port: 9700-9799
-transport.tcp.port: 9800-9899
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer
 discovery.type: single-node

wazuh-indexer/config/securityadmin.sh

@@ -1,3 +1,3 @@
 # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 sleep 30
-bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert  $CACERT -cert $CERT -key $KEY -p 9800 -icl
+bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert  $CACERT -cert $CERT -key $KEY -p 9300 -icl

wazuh-manager/config/filebeat.yml

@@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
 setup.ilm.enabled: false
 output.elasticsearch:
-  hosts: ['https://wazuh1.indexer:9700']
+  hosts: ['https://wazuh1.indexer:9200']
   #username:
   #password:
   #ssl.verification_mode: