diff --git a/README.md b/README.md index f1c5d6e3..2934e600 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ API_USERNAME="wazuh" # Wazuh API username API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements # (8+ length, uppercase, lowercase, specials chars) -INDEXER_URL=https://wazuh1.indexer:9700 # Wazuh indexer URL +INDEXER_URL=https://wazuh1.indexer:9200 # Wazuh indexer URL INDEXER_USERNAME=admin # Wazuh indexer Username INDEXER_PASSWORD=admin # Wazuh indexer Password FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) @@ -102,7 +102,7 @@ ADMIN_PRIVILEGES=true # App privileges │   │   ├── wazuh_manager.conf │   │   └── wazuh_worker.conf │   ├── wazuh_dashboard -│   │   └── dashboard.yml +│   │   └── opensearch_dashboard.yml │   ├── wazuh-indexer │   │   ├── internal_users.yml │   │   ├── opensearch.yml @@ -116,7 +116,7 @@ ADMIN_PRIVILEGES=true # App privileges ├── VERSION ├── wazuh-dashboard │   ├── config -│   │   ├── dashboard.yml +│   │   ├── opensearch_dashboard.yml │   │   ├── entrypoint.sh │   │   ├── wazuh_app_config.sh │   │   └── wazuh.yml diff --git a/build-wazuh-images.yml b/build-wazuh-images.yml index e5af8246..e6ec7ed7 100644 --- a/build-wazuh-images.yml +++ b/build-wazuh-images.yml @@ -13,7 +13,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -36,7 +36,7 @@ services: hostname: wazuh1.indexer restart: always ports: - - "9700:9700" + - "9200:9200" environment: - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: diff --git a/docker-compose.yml b/docker-compose.yml index f0fc7f15..49515e47 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -34,7 +34,7 @@ services: hostname: wazuh1.indexer restart: always ports: - - "9700:9700" + - "9200:9200" environment: - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: diff --git a/production-cluster.yml b/production-cluster.yml index c2d14aa1..bf8448fd 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -11,7 +11,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -42,7 +42,7 @@ services: hostname: wazuh.worker restart: always environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -71,7 +71,7 @@ services: hostname: wazuh1.indexer restart: always ports: - - "9700:9700" + - "9200:9200" environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - "bootstrap.memory_lock=true" @@ -141,7 +141,7 @@ services: hostname: wazuh.dashboard restart: always environment: - - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700" + - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - WAZUH_API_URL="https://wazuh.master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- @@ -149,7 +149,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml + - ./production_cluster/wazuh_dashboard/opensearch_dashboard.yml:/etc/wazuh-dashboard/opensearch_dashboard.yml depends_on: - wazuh1.indexer links: diff --git a/production_cluster/wazuh-indexer/wazuh1.indexer.yml b/production_cluster/wazuh-indexer/wazuh1.indexer.yml index d8c33040..6cbf52df 100644 --- a/production_cluster/wazuh-indexer/wazuh1.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh1.indexer.yml @@ -9,8 +9,6 @@ discovery.seed_hosts: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer -http.port: 9700-9799 -transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer diff --git a/production_cluster/wazuh-indexer/wazuh2.indexer.yml b/production_cluster/wazuh-indexer/wazuh2.indexer.yml index 37e09c2e..d4fb85d9 100644 --- a/production_cluster/wazuh-indexer/wazuh2.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh2.indexer.yml @@ -9,8 +9,6 @@ discovery.seed_hosts: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer -http.port: 9700-9799 -transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer diff --git a/production_cluster/wazuh-indexer/wazuh3.indexer.yml b/production_cluster/wazuh-indexer/wazuh3.indexer.yml index f3df5540..2eb2b9b1 100644 --- a/production_cluster/wazuh-indexer/wazuh3.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh3.indexer.yml @@ -9,8 +9,6 @@ discovery.seed_hosts: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer -http.port: 9700-9799 -transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer diff --git a/production_cluster/wazuh_dashboard/dashboard.yml b/production_cluster/wazuh_dashboard/opensearch_dashboard.yml similarity index 92% rename from production_cluster/wazuh_dashboard/dashboard.yml rename to production_cluster/wazuh_dashboard/opensearch_dashboard.yml index b079cc16..f7a27b1c 100644 --- a/production_cluster/wazuh_dashboard/dashboard.yml +++ b/production_cluster/wazuh_dashboard/opensearch_dashboard.yml @@ -1,6 +1,6 @@ server.host: 0.0.0.0 server.port: 443 -opensearch.hosts: https://wazuh1.indexer:9700 +opensearch.hosts: https://wazuh1.indexer:9200 opensearch.ssl.verificationMode: certificate opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 528dfa9c..d19c83b6 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -15,7 +15,7 @@ COPY config/entrypoint.sh / COPY config/wazuh_app_config.sh / -COPY config/dashboard.yml /etc/wazuh-dashboard/ +COPY config/opensearch_dashboard.yml /etc/wazuh-dashboard/ COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ @@ -23,7 +23,7 @@ RUN chmod 700 /entrypoint.sh RUN chmod 700 /wazuh_app_config.sh -RUN chown 101:101 /etc/wazuh-dashboard/dashboard.yml && chmod 664 /etc/wazuh-dashboard/dashboard.yml +RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboard.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboard.yml RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 4d34f7e0..82b7911d 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -7,4 +7,4 @@ /wazuh_app_config.sh -runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/dashboard.yml" +runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboard.yml" diff --git a/wazuh-dashboard/config/dashboard.yml b/wazuh-dashboard/config/opensearch_dashboard.yml similarity index 93% rename from wazuh-dashboard/config/dashboard.yml rename to wazuh-dashboard/config/opensearch_dashboard.yml index ffd1257a..e63def82 100644 --- a/wazuh-dashboard/config/dashboard.yml +++ b/wazuh-dashboard/config/opensearch_dashboard.yml @@ -1,6 +1,6 @@ server.host: 0.0.0.0 server.port: 443 -opensearch.hosts: https://wazuh1.indexer:9700 +opensearch.hosts: https://wazuh1.indexer:9200 opensearch.ssl.verificationMode: none opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] opensearch_security.multitenancy.enabled: true diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 59514c3c..14c49358 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -64,7 +64,7 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer # Services ports -EXPOSE 9700 +EXPOSE 9200 ENTRYPOINT ["/entrypoint.sh"] diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml index 1ef919cc..e7fda548 100644 --- a/wazuh-indexer/config/opensearch.yml +++ b/wazuh-indexer/config/opensearch.yml @@ -1,7 +1,5 @@ network.host: "0.0.0.0" node.name: "wazuh1.indexer" -http.port: 9700-9799 -transport.tcp.port: 9800-9899 path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node diff --git a/wazuh-indexer/config/securityadmin.sh b/wazuh-indexer/config/securityadmin.sh index 0283ae8d..f9a5bb10 100644 --- a/wazuh-indexer/config/securityadmin.sh +++ b/wazuh-indexer/config/securityadmin.sh @@ -1,3 +1,3 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) sleep 30 -bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9800 -icl \ No newline at end of file +bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9300 -icl \ No newline at end of file diff --git a/wazuh-manager/config/filebeat.yml b/wazuh-manager/config/filebeat.yml index a1f25710..37003366 100644 --- a/wazuh-manager/config/filebeat.yml +++ b/wazuh-manager/config/filebeat.yml @@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh' setup.template.overwrite: true setup.ilm.enabled: false output.elasticsearch: - hosts: ['https://wazuh1.indexer:9700'] + hosts: ['https://wazuh1.indexer:9200'] #username: #password: #ssl.verification_mode: