From 54c5c643dae9718057cbd941e3ff4f70ef82b8b9 Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez <1380243+xr09@users.noreply.github.com> Date: Mon, 1 Jun 2020 12:22:02 +0200 Subject: [PATCH 1/5] Save agentless state --- wazuh/config/data_dirs.env | 1 + 1 file changed, 1 insertion(+) diff --git a/wazuh/config/data_dirs.env b/wazuh/config/data_dirs.env index 1cf3020a..e6735069 100644 --- a/wazuh/config/data_dirs.env +++ b/wazuh/config/data_dirs.env @@ -3,5 +3,6 @@ DATA_DIRS[((i++))]="api/configuration" DATA_DIRS[((i++))]="etc" DATA_DIRS[((i++))]="logs" DATA_DIRS[((i++))]="queue" +DATA_DIRS[((i++))]="agentless" DATA_DIRS[((i++))]="var/multigroups" export DATA_DIRS From 489bd01f36be156bbdaf285b214a532e3389500f Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez <1380243+xr09@users.noreply.github.com> Date: Mon, 1 Jun 2020 12:52:06 +0200 Subject: [PATCH 2/5] Set 750 permissions for agentless dir --- wazuh/config/00-wazuh.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/wazuh/config/00-wazuh.sh b/wazuh/config/00-wazuh.sh index d4ffe63b..ed477f52 100644 --- a/wazuh/config/00-wazuh.sh +++ b/wazuh/config/00-wazuh.sh @@ -128,6 +128,7 @@ sed -i 's/to_be_replaced_by_hostname<\/node_name>/'"${HOST trap "ossec_shutdown; exit" SIGINT SIGTERM chmod -R g+rw ${DATA_PATH} +chmod 750 /var/ossec/agentless/* ############################################################################## # Interpret any passed arguments (via docker command to this entrypoint) as From 9536ff596379daf6423d2eb2dfd3c2a44a401f1a Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez <1380243+xr09@users.noreply.github.com> Date: Thu, 18 Jun 2020 18:27:48 +0200 Subject: [PATCH 3/5] Add HTTP auth to curl if required --- kibana/config/kibana_settings.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/kibana/config/kibana_settings.sh b/kibana/config/kibana_settings.sh index 29956117..cd00fa6c 100644 --- a/kibana/config/kibana_settings.sh +++ b/kibana/config/kibana_settings.sh @@ -44,7 +44,12 @@ else kibana_ip="kibana" fi -while [[ "$(curl -XGET -I -s -o /dev/null -w ''%{http_code}'' $kibana_ip:5601/status)" != "200" ]]; do +# Add auth headers if required +if [ "$ELASTICSEARCH_USERNAME" != "" ] && [ "$ELASTICSEARCH_PASSWORD" != "" ]; then + curl_auth="-u $ELASTICSEARCH_USERNAME:$ELASTICSEARCH_PASSWORD" +fi + +while [[ "$(curl $curl_auth -XGET -I -s -o /dev/null -w ''%{http_code}'' $kibana_ip:5601/status)" != "200" ]]; do echo "Waiting for Kibana API. Sleeping 5 seconds" sleep 5 done From 2921d67de15c04b707d26189fb194971ce9cae8f Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez <1380243+xr09@users.noreply.github.com> Date: Tue, 23 Jun 2020 12:43:40 +0200 Subject: [PATCH 4/5] Bump versions to 3.13.0_7.7.1 --- CHANGELOG.md | 11 +++++++++++ VERSION | 4 ++-- docker-compose.yml | 8 ++++---- elasticsearch/Dockerfile | 4 ++-- kibana/Dockerfile | 6 +++--- wazuh/Dockerfile | 6 +++--- 6 files changed, 25 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6bbbdeff..6439df87 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,17 @@ # Change Log All notable changes to this project will be documented in this file. +## Wazuh Docker v3.13.0_7.7.1 + +### Added + +- Update to Wazuh version 3.13.3_7.7.1 + +### Fixed + +- Save agentless state ([@xr09](https://github.com/xr09)) [#350](https://github.com/wazuh/wazuh-docker/pull/350) +- Use HTTP credentials for service check when required ([@xr09](https://github.com/xr09)) [#356](https://github.com/wazuh/wazuh-docker/pull/356) + ## Wazuh Docker v3.12.3_7.6.2 ### Added diff --git a/VERSION b/VERSION index d402417e..762f5a4b 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-DOCKER_VERSION="3.12.3_7.6.2" -REVISION="31230" +WAZUH-DOCKER_VERSION="3.13.0_7.7.1" +REVISION="31300" diff --git a/docker-compose.yml b/docker-compose.yml index 51feef72..d1788599 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '2' services: wazuh: - image: wazuh/wazuh:3.12.3_7.6.2 + image: wazuh/wazuh:3.13.0_7.7.1 hostname: wazuh-manager restart: always ports: @@ -13,7 +13,7 @@ services: - "55000:55000" elasticsearch: - image: wazuh/wazuh-elasticsearch:3.12.3_7.6.2 + image: wazuh/wazuh-elasticsearch:3.13.0_7.7.1 hostname: elasticsearch restart: always ports: @@ -30,7 +30,7 @@ services: mem_limit: 2g kibana: - image: wazuh/wazuh-kibana:3.12.3_7.6.2 + image: wazuh/wazuh-kibana:3.13.0_7.7.1 hostname: kibana restart: always depends_on: @@ -40,7 +40,7 @@ services: - wazuh:wazuh nginx: - image: wazuh/wazuh-nginx:3.12.3_7.6.2 + image: wazuh/wazuh-nginx:3.13.0_7.7.1 hostname: nginx restart: always environment: diff --git a/elasticsearch/Dockerfile b/elasticsearch/Dockerfile index beaa8aa9..61ed11e1 100644 --- a/elasticsearch/Dockerfile +++ b/elasticsearch/Dockerfile @@ -1,5 +1,5 @@ # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2) -ARG ELASTIC_VERSION=7.6.2 +ARG ELASTIC_VERSION=7.7.1 FROM docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION} ARG ELASTIC_VERSION ARG S3_PLUGIN_URL="https://artifacts.elastic.co/downloads/elasticsearch-plugins/repository-s3/repository-s3-${ELASTIC_VERSION}.zip" @@ -16,7 +16,7 @@ ENV XPACK_ML="true" ENV ENABLE_CONFIGURE_S3="false" -ARG TEMPLATE_VERSION=v3.12.3 +ARG TEMPLATE_VERSION=v3.13.0 # Elasticearch cluster configuration environment variables # If ELASTIC_CLUSTER is set to "true" the following variables will be added to the Elasticsearch configuration diff --git a/kibana/Dockerfile b/kibana/Dockerfile index 3dd5fe6e..584e1589 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -1,8 +1,8 @@ # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2) -FROM docker.elastic.co/kibana/kibana:7.6.2 +FROM docker.elastic.co/kibana/kibana:7.7.1 USER kibana -ARG ELASTIC_VERSION=7.6.2 -ARG WAZUH_VERSION=3.12.3 +ARG ELASTIC_VERSION=7.7.1 +ARG WAZUH_VERSION=3.13.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana diff --git a/wazuh/Dockerfile b/wazuh/Dockerfile index 348dc32f..05c4c41e 100644 --- a/wazuh/Dockerfile +++ b/wazuh/Dockerfile @@ -1,14 +1,14 @@ # Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2) FROM phusion/baseimage:latest -ARG FILEBEAT_VERSION=7.6.2 +ARG FILEBEAT_VERSION=7.7.1 -ARG WAZUH_VERSION=3.12.3-1 +ARG WAZUH_VERSION=3.13.0-1 ENV API_USER="foo" \ API_PASS="bar" -ARG TEMPLATE_VERSION="v3.12.3" +ARG TEMPLATE_VERSION="v3.13.0" # Set repositories. RUN set -x && echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list && \ From 77b163bf10f08a6d029ae7ff3e0cfcfa4564526a Mon Sep 17 00:00:00 2001 From: Manuel Gutierrez <1380243+xr09@users.noreply.github.com> Date: Tue, 23 Jun 2020 14:20:04 +0200 Subject: [PATCH 5/5] Check if xpack is enabled --- elasticsearch/config/load_settings.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/elasticsearch/config/load_settings.sh b/elasticsearch/config/load_settings.sh index 014a54b1..5aeedb9c 100644 --- a/elasticsearch/config/load_settings.sh +++ b/elasticsearch/config/load_settings.sh @@ -38,7 +38,7 @@ if [ $ENABLE_CONFIGURE_S3 ]; then fi - +if [ ${ENABLED_XPACK} = "true" ]; then curl -XPUT "$el_url/_cluster/settings" ${auth} -H 'Content-Type: application/json' -d' { "persistent": { @@ -46,6 +46,7 @@ curl -XPUT "$el_url/_cluster/settings" ${auth} -H 'Content-Type: application/jso } } ' +fi # Set cluster delayed timeout when node falls curl -X PUT "$el_url/_all/_settings" -H 'Content-Type: application/json' -d'