Merge pull request #600 from wazuh/adapt-name-and-volumes

Replace Service name and volumes

Migration-to-Wazuh-4.3.md

@@ -0,0 +1,328 @@
+# Opendistro data migration to Wazuh indexer on docker. 
+This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments.
+The example is migrating from v4.2.5 to v4.3.0.
+
+## Procedure
+Assuming that you have a v4.2.5 production deployment, perform the following steps.
+
+**1. Stop 4.2.5 environment**
+`docker-compose -f production-cluster.yml stop`
+
+**2. List Elastic volumesStop 4.2.5 environment**
+`docker volume ls --filter name='wazuh-docker_elastic-data'`
+
+**3. Inspect Elastic volume**
+`docker volume inspect wazuh-docker_elastic-data-1`
+
+**4. Run the volume create command:** create new Indexer and Wazuh Manager volumes using the `com.docker.compose.version` label value from the previous command.
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=wazuh-indexer-data-1 \
+           wazuh-docker_wazuh-indexer-data-1
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=wazuh-indexer-data-2 \
+           wazuh-docker_wazuh-indexer-data-2
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=wazuh-indexer-data-3 \
+           wazuh-docker_wazuh-indexer-data-3
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master_wazuh_api_configuration \
+           wazuh-docker_master_wazuh_api_configuration
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master_wazuh_etc \
+           wazuh-master_docker_wazuh_etc
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-logs \
+           wazuh-docker_master-wazuh-logs
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-queue \
+           wazuh-docker_master-wazuh-queue
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-var-multigroups \
+           wazuh-docker_master-wazuh-var-multigroups
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-integrations \
+           wazuh-docker_master-wazuh-integrations
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-active-response \
+           wazuh-docker_master-wazuh-active-response
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-agentless \
+           wazuh-docker_master-wazuh-agentless
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-wazuh-wodles \
+           wazuh-docker_master-wazuh-wodles
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-filebeat-etc \
+           wazuh-docker_master-filebeat-etc
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=master-filebeat-var \
+           wazuh-docker_master-filebeat-var
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker_wazuh_api_configuration \
+           wazuh-docker_worker_wazuh_api_configuration
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker_wazuh_etc \
+           wazuh-worker_docker_wazuh_etc
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-logs \
+           wazuh-docker_worker-wazuh-logs
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-queue \
+           wazuh-docker_worker-wazuh-queue
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-var-multigroups \
+           wazuh-docker_worker-wazuh-var-multigroups
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-integrations \
+           wazuh-docker_worker-wazuh-integrations
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-active-response \
+           wazuh-docker_worker-wazuh-active-response
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-agentless \
+           wazuh-docker_worker-wazuh-agentless
+```
+```
+docker volume create \
+           --label com.docker.compose.project=wazuh-docker \
+           --label com.docker.compose.version=1.25.0 \
+           --label com.docker.compose.volume=worker-wazuh-wodles \
+           wazuh-docker_worker-wazuh-wodles
+```
+**5. Copy the volume content from Elastic to Wazuh indexer volumes and old Wazuh Manager content to new volumes.**
+```
+docker container run --rm -it \
+           -v wazuh-docker_elastic-data-1:/from \
+           -v wazuh-docker_wazuh-indexer-data-1:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_elastic-data-2:/from \
+           -v wazuh-docker_wazuh-indexer-data-2:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_elastic-data-3:/from \
+           -v wazuh-docker_wazuh-indexer-data-3:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-api-configuration:/from \
+           -v wazuh-docker_master-wazuh-api-configuration:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-etc:/from \
+           -v wazuh-docker_master-wazuh-etc:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-logs:/from \
+           -v wazuh-docker_master-wazuh-logs:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-queue:/from \
+           -v wazuh-docker_master-wazuh-queue:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-var-multigroups:/from \
+           -v wazuh-docker_master-wazuh-var-multigroups:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-integrations:/from \
+           -v wazuh-docker_master-wazuh-integrations:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-active-response:/from \
+           -v wazuh-docker_master-wazuh-active-response:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-agentless:/from \
+           -v wazuh-docker_master-wazuh-agentless:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_ossec-wodles:/from \
+           -v wazuh-docker_master-wazuh-wodles:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_filebeat-etc:/from \
+           -v wazuh-docker_master-filebeat-etc:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_filebeat-var:/from \
+           -v wazuh-docker_master-filebeat-var:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-api-configuration:/from \
+           -v wazuh-docker_worker-wazuh-api-configuration:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-etc:/from \
+           -v wazuh-docker_worker-wazuh-etc:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-logs:/from \
+           -v wazuh-docker_worker-wazuh-logs:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-queue:/from \
+           -v wazuh-docker_worker-wazuh-queue:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-var-multigroups:/from \
+           -v wazuh-docker_worker-wazuh-var-multigroups:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-integrations:/from \
+           -v wazuh-docker_worker-wazuh-integrations:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-active-response:/from \
+           -v wazuh-docker_worker-wazuh-active-response:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-agentless:/from \
+           -v wazuh-docker_worker-wazuh-agentless:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+```
+docker container run --rm -it \
+           -v wazuh-docker_worker-ossec-wodles:/from \
+           -v wazuh-docker_worker-wazuh-wodles:/to \
+           alpine ash -c "cd /from ; cp -avp . /to"
+```
+**6. Delete the 4.2.5 environment.**
+`docker-compose -f production-cluster.yml down`
+
+**7. Start the 4.3 environment.**
+```
+git checkout 4.3
+docker-compose -f generate-indexer-certs.yml run --rm generator
+docker-compose -f production-cluster.yml up -d
+```
+
+**8. Check the access to Wazuh dashboard**: go to the Wazuh Dashboard WebUI and check if everything is working.

Migration-to-indexer-dashboard.md

@@ -1,69 +0,0 @@
-# Opendistro data migration to Wazuh indexer on docker. 
-This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments.
-The example is migrating from v4.2.5 to v4.3.0.
-
-## Procedure
-Assuming that you have a v4.2.5 production deployment, perform the following steps.
-
-**1. Stop 4.2.5 environment**
-`docker-compose -f production-cluster.yml stop`
-
-**2. List Elastic volumesStop 4.2.5 environment**
-`docker volume ls --filter name='wazuh-docker_elastic-data'`
-
-**3. Inspect Elastic volume**
-`docker volume inspect wazuh-docker_elastic-data-1`
-
-**4. Run the volume create command:** create 3 new Indexer volumes using the `com.docker.compose.version` label value from the previous command.
-```
-docker volume create \
-           --label com.docker.compose.project=wazuh-docker \
-           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=wazuh-indexer-data-1 \
-           wazuh-docker_wazuh-indexer-data-1
-```
-```
-docker volume create \
-           --label com.docker.compose.project=wazuh-docker \
-           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=wazuh-indexer-data-2 \
-           wazuh-docker_wazuh-indexer-data-2
-```
-```
-docker volume create \
-           --label com.docker.compose.project=wazuh-docker \
-           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=wazuh-indexer-data-3 \
-           wazuh-docker_wazuh-indexer-data-3
-```
-
-**5. Copy the volume content from Elastic to Wazuh indexer volumes.**
-```
-docker container run --rm -it \
-           -v wazuh-docker_elastic-data-1:/from \
-           -v wazuh-docker_wazuh-indexer-data-1:/to \
-           alpine ash -c "cd /from ; cp -av . /to"
-```
-```
-docker container run --rm -it \
-           -v wazuh-docker_elastic-data-2:/from \
-           -v wazuh-docker_wazuh-indexer-data-2:/to \
-           alpine ash -c "cd /from ; cp -av . /to"
-```
-```
-docker container run --rm -it \
-           -v wazuh-docker_elastic-data-3:/from \
-           -v wazuh-docker_wazuh-indexer-data-3:/to \
-           alpine ash -c "cd /from ; cp -av . /to"
-```
-
-**6. Delete the 4.2.5 environment.**
-`docker-compose -f production-cluster.yml down`
-
-**7. Start the 4.3 environment.**
-```
-git checkout 4.3
-docker-compose -f production-cluster.yml up -d
-```
-
-**8. Check the access to Wazuh dashboard**: go to the Wazuh Dashboard WebUI and check if everything is working.

README.md

@@ -39,7 +39,7 @@ API_USERNAME="wazuh"                                # Wazuh API username
 API_PASSWORD="wazuh"                                # Wazuh API password - Must comply with requirements
                                                     # (8+ length, uppercase, lowercase, specials chars)
 
-INDEXER_URL=https://wazuh1.indexer:9200             # Wazuh indexer URL
+INDEXER_URL=https://wazuh.indexer:9200             # Wazuh indexer URL
 INDEXER_USERNAME=admin                              # Wazuh indexer Username
 INDEXER_PASSWORD=admin                              # Wazuh indexer Password
 FILEBEAT_SSL_VERIFICATION_MODE=full                 # Filebeat SSL Verification mode (full or none)

build-wazuh-images.yml

@@ -13,27 +13,27 @@ services:
       - "514:514/udp"
       - "55000:55000"
     environment:
-      - INDEXER_URL=https://wazuh1.indexer:9200
+      - INDEXER_URL=https://wazuh.indexer:9200
       - INDEXER_USERNAME=admin
       - INDEXER_PASSWORD=admin
       - FILEBEAT_SSL_VERIFICATION_MODE=none
     volumes:
-      - ossec_api_configuration:/var/ossec/api/configuration
-      - ossec_etc:/var/ossec/etc
-      - ossec_logs:/var/ossec/logs
-      - ossec_queue:/var/ossec/queue
-      - ossec_var_multigroups:/var/ossec/var/multigroups
-      - ossec_integrations:/var/ossec/integrations
-      - ossec_active_response:/var/ossec/active-response/bin
-      - ossec_agentless:/var/ossec/agentless
-      - ossec_wodles:/var/ossec/wodles
+      - wazuh_api_configuration:/var/ossec/api/configuration
+      - wazuh_etc:/var/ossec/etc
+      - wazuh_logs:/var/ossec/logs
+      - wazuh_queue:/var/ossec/queue
+      - wazuh_var_multigroups:/var/ossec/var/multigroups
+      - wazuh_integrations:/var/ossec/integrations
+      - wazuh_active_response:/var/ossec/active-response/bin
+      - wazuh_agentless:/var/ossec/agentless
+      - wazuh_wodles:/var/ossec/wodles
       - filebeat_etc:/etc/filebeat
       - filebeat_var:/var/lib/filebeat
 
-  wazuh1.indexer:
+  wazuh.indexer:
     build: wazuh-indexer/
     image: wazuh/wazuh-indexer:4.3.0
-    hostname: wazuh1.indexer
+    hostname: wazuh.indexer
     restart: always
     ports:
       - "9200:9200"
@@ -60,20 +60,20 @@ services:
       - SERVER_SSL_ENABLED=false
       - WAZUH_API_URL=https://wazuh.manager
     depends_on:
-      - wazuh1.indexer
+      - wazuh.indexer
     links:
-      - wazuh1.indexer:wazuh1.indexer
+      - wazuh.indexer:wazuh.indexer
       - wazuh.manager:wazuh.manager
 
 volumes:
-  ossec_api_configuration:
-  ossec_etc:
-  ossec_logs:
-  ossec_queue:
-  ossec_var_multigroups:
-  ossec_integrations:
-  ossec_active_response:
-  ossec_agentless:
-  ossec_wodles:
+  wazuh_api_configuration:
+  wazuh_etc:
+  wazuh_logs:
+  wazuh_queue:
+  wazuh_var_multigroups:
+  wazuh_integrations:
+  wazuh_active_response:
+  wazuh_agentless:
+  wazuh_wodles:
   filebeat_etc:
   filebeat_var:

docker-compose.yml

@@ -12,26 +12,26 @@ services:
       - "514:514/udp"
       - "55000:55000"
     environment:
-      - INDEXER_URL=https://wazuh1.indexer:9200
+      - INDEXER_URL=https://wazuh.indexer:9200
       - INDEXER_USERNAME=admin
       - INDEXER_PASSWORD=admin
       - FILEBEAT_SSL_VERIFICATION_MODE=none
     volumes:
-      - ossec_api_configuration:/var/ossec/api/configuration
-      - ossec_etc:/var/ossec/etc
-      - ossec_logs:/var/ossec/logs
-      - ossec_queue:/var/ossec/queue
-      - ossec_var_multigroups:/var/ossec/var/multigroups
-      - ossec_integrations:/var/ossec/integrations
-      - ossec_active_response:/var/ossec/active-response/bin
-      - ossec_agentless:/var/ossec/agentless
-      - ossec_wodles:/var/ossec/wodles
+      - wazuh_api_configuration:/var/ossec/api/configuration
+      - wazuh_etc:/var/ossec/etc
+      - wazuh_logs:/var/ossec/logs
+      - wazuh_queue:/var/ossec/queue
+      - wazuh_var_multigroups:/var/ossec/var/multigroups
+      - wazuh_integrations:/var/ossec/integrations
+      - wazuh_active_response:/var/ossec/active-response/bin
+      - wazuh_agentless:/var/ossec/agentless
+      - wazuh_wodles:/var/ossec/wodles
       - filebeat_etc:/etc/filebeat
       - filebeat_var:/var/lib/filebeat
 
-  wazuh1.indexer:
+  wazuh.indexer:
     image: wazuh/wazuh-indexer:4.3.0
-    hostname: wazuh1.indexer
+    hostname: wazuh.indexer
     restart: always
     ports:
       - "9200:9200"
@@ -56,20 +56,20 @@ services:
       - INDEXER_PASSWORD=admin
       - WAZUH_API_URL=https://wazuh.manager
     depends_on:
-      - wazuh1.indexer
+      - wazuh.indexer
     links:
-      - wazuh1.indexer:wazuh1.indexer
+      - wazuh.indexer:wazuh.indexer
       - wazuh.manager:wazuh.manager
 
 volumes:
-  ossec_api_configuration:
-  ossec_etc:
-  ossec_logs:
-  ossec_queue:
-  ossec_var_multigroups:
-  ossec_integrations:
-  ossec_active_response:
-  ossec_agentless:
-  ossec_wodles:
+  wazuh_api_configuration:
+  wazuh_etc:
+  wazuh_logs:
+  wazuh_queue:
+  wazuh_var_multigroups:
+  wazuh_integrations:
+  wazuh_active_response:
+  wazuh_agentless:
+  wazuh_wodles:
   filebeat_etc:
   filebeat_var:

production-cluster.yml

@@ -21,17 +21,17 @@ services:
       - API_USERNAME=acme-user
       - API_PASSWORD=MyS3cr37P450r.*-
     volumes:
-      - ossec-api-configuration:/var/ossec/api/configuration
-      - ossec-etc:/var/ossec/etc
-      - ossec-logs:/var/ossec/logs
-      - ossec-queue:/var/ossec/queue
-      - ossec-var-multigroups:/var/ossec/var/multigroups
-      - ossec-integrations:/var/ossec/integrations
-      - ossec-active-response:/var/ossec/active-response/bin
-      - ossec-agentless:/var/ossec/agentless
-      - ossec-wodles:/var/ossec/wodles
-      - filebeat-etc:/etc/filebeat
-      - filebeat-var:/var/lib/filebeat
+      - master-wazuh-api-configuration:/var/ossec/api/configuration
+      - master-wazuh-etc:/var/ossec/etc
+      - master-wazuh-logs:/var/ossec/logs
+      - master-wazuh-queue:/var/ossec/queue
+      - master-wazuh-var-multigroups:/var/ossec/var/multigroups
+      - master-wazuh-integrations:/var/ossec/integrations
+      - master-wazuh-active-response:/var/ossec/active-response/bin
+      - master-wazuh-agentless:/var/ossec/agentless
+      - master-wazuh-wodles:/var/ossec/wodles
+      - master-filebeat-etc:/etc/filebeat
+      - master-filebeat-var:/var/lib/filebeat
       - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
       - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem:/etc/ssl/filebeat.pem
       - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem:/etc/ssl/filebeat.key
@@ -50,15 +50,15 @@ services:
       - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
       - SSL_KEY=/etc/ssl/filebeat.key
     volumes:
-      - worker-ossec-api-configuration:/var/ossec/api/configuration
-      - worker-ossec-etc:/var/ossec/etc
-      - worker-ossec-logs:/var/ossec/logs
-      - worker-ossec-queue:/var/ossec/queue
-      - worker-ossec-var-multigroups:/var/ossec/var/multigroups
-      - worker-ossec-integrations:/var/ossec/integrations
-      - worker-ossec-active-response:/var/ossec/active-response/bin
-      - worker-ossec-agentless:/var/ossec/agentless
-      - worker-ossec-wodles:/var/ossec/wodles
+      - worker-wazuh-api-configuration:/var/ossec/api/configuration
+      - worker-wazuh-etc:/var/ossec/etc
+      - worker-wazuh-logs:/var/ossec/logs
+      - worker-wazuh-queue:/var/ossec/queue
+      - worker-wazuh-var-multigroups:/var/ossec/var/multigroups
+      - worker-wazuh-integrations:/var/ossec/integrations
+      - worker-wazuh-active-response:/var/ossec/active-response/bin
+      - worker-wazuh-agentless:/var/ossec/agentless
+      - worker-wazuh-wodles:/var/ossec/wodles
       - worker-filebeat-etc:/etc/filebeat
       - worker-filebeat-var:/var/lib/filebeat
       - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
@@ -151,7 +151,7 @@ services:
       - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
       - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
       - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
-      - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/opensearch_dashboards.yml
+      - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
       - ./production_cluster/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
     depends_on:
       - wazuh1.indexer
@@ -178,26 +178,26 @@ services:
       - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro
 
 volumes:
-  ossec-api-configuration:
-  ossec-etc:
-  ossec-logs:
-  ossec-queue:
-  ossec-var-multigroups:
-  ossec-integrations:
-  ossec-active-response:
-  ossec-agentless:
-  ossec-wodles:
-  filebeat-etc:
-  filebeat-var:
-  worker-ossec-api-configuration:
-  worker-ossec-etc:
-  worker-ossec-logs:
-  worker-ossec-queue:
-  worker-ossec-var-multigroups:
-  worker-ossec-integrations:
-  worker-ossec-active-response:
-  worker-ossec-agentless:
-  worker-ossec-wodles:
+  master-wazuh-api-configuration:
+  master-wazuh-etc:
+  master-wazuh-logs:
+  master-wazuh-queue:
+  master-wazuh-var-multigroups:
+  master-wazuh-integrations:
+  master-wazuh-active-response:
+  master-wazuh-agentless:
+  master-wazuh-wodles:
+  master-filebeat-etc:
+  master-filebeat-var:
+  worker-wazuh-api-configuration:
+  worker-wazuh-etc:
+  worker-wazuh-logs:
+  worker-wazuh-queue:
+  worker-wazuh-var-multigroups:
+  worker-wazuh-integrations:
+  worker-wazuh-active-response:
+  worker-wazuh-agentless:
+  worker-wazuh-wodles:
   worker-filebeat-etc:
   worker-filebeat-var:
   wazuh-indexer-data-1:

wazuh-dashboard/config/opensearch_dashboards.yml

@@ -1,6 +1,6 @@
 server.host: 0.0.0.0
 server.port: 443
-opensearch.hosts: https://wazuh1.indexer:9200
+opensearch.hosts: https://wazuh.indexer:9200
 opensearch.ssl.verificationMode: none
 opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]
 opensearch_security.multitenancy.enabled: true

wazuh-indexer/config/opensearch.yml

@@ -1,5 +1,5 @@
 network.host: "0.0.0.0"
-node.name: "wazuh1.indexer"
+node.name: "wazuh.indexer"
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer
 discovery.type: single-node

wazuh-manager/config/filebeat.yml

@@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
 setup.ilm.enabled: false
 output.elasticsearch:
-  hosts: ['https://wazuh1.indexer:9200']
+  hosts: ['https://wazuh.indexer:9200']
   #username:
   #password:
   #ssl.verification_mode: