From 2efaf8c8d6330e35bf5d9ec7ab938c705a24ea92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Victor=20Ere=C3=B1=C3=BA?= <56500015+vcerenu@users.noreply.github.com> Date: Tue, 13 May 2025 01:01:03 +1000 Subject: [PATCH 01/13] Revert "Add wazuh agent test and push" --- .../Procedure_push_docker_images.yml | 4 +- .github/workflows/push.yml | 61 +++---------------- CHANGELOG.md | 1 - 3 files changed, 10 insertions(+), 56 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index 0c2ba934..b9eb62e5 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -14,7 +14,7 @@ on: required: true products: description: 'Comma-separated list of the image names to build and push' - default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer,wazuh-agent' + default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer' required: true filebeat_module_version: description: 'Filebeat module version' @@ -52,7 +52,7 @@ on: type: string products: description: 'Comma-separated list of the image names to build and push' - default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer,wazuh-agent' + default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer' required: true type: string filebeat_module_version: diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 8e508384..94bf3b7c 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -8,7 +8,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Install docker-compose run: | @@ -27,7 +27,6 @@ jobs: docker save wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-manager.tar docker save wazuh/wazuh-indexer:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-indexer.tar docker save wazuh/wazuh-dashboard:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar - docker save wazuh/wazuh-agent:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-agent.tar - name: Temporarily save Wazuh manager Docker image uses: actions/upload-artifact@v4 @@ -50,13 +49,6 @@ jobs: path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar retention-days: 1 - - name: Temporarily save Wazuh agent Docker image - uses: actions/upload-artifact@v4 - with: - name: docker-artifact-agent - path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-agent.tar - retention-days: 1 - - name: Install Goss uses: e1himself/goss-installation-action@v1.0.3 with: @@ -74,7 +66,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Install docker-compose run: | @@ -99,17 +91,12 @@ jobs: with: name: docker-artifact-dashboard - - name: Retrieve saved Wazuh agent Docker image - uses: actions/download-artifact@v4 - with: - name: docker-artifact-agent - - name: Docker load run: | docker load --input ./wazuh-indexer.tar docker load --input ./wazuh-dashboard.tar docker load --input ./wazuh-manager.tar - docker load --input ./wazuh-agent.tar + - name: Create single node certficates run: docker-compose -f single-node/generate-indexer-certs.yml run --rm generator @@ -198,20 +185,7 @@ jobs: exit 1 fi - - name: Modify Docker endpoint into Wazuh agent docker-compose.yml file - run: sed -i "s//$(ip addr show docker0 | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1)/g" wazuh-agent/docker-compose.yml - - - name: Start Wazuh agent - run: docker-compose -f wazuh-agent/docker-compose.yml up -d - - - name: Check Wazuh agent enrollment - run: | - sleep 20 - curl -k -s -X GET "https://localhost:55000/agents?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" - env: - TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true") - - - name: Check errors in ossec.log for Wazuh manager + - name: Check errors in ossec.log run: ./.github/single-node-log-check.sh check-multi-node: @@ -220,7 +194,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v3 - name: Install docker-compose run: | @@ -248,18 +222,12 @@ jobs: with: name: docker-artifact-indexer - - name: Retrieve saved Wazuh agent Docker image - uses: actions/download-artifact@v4 - with: - name: docker-artifact-agent - - name: Docker load run: | docker load --input ./wazuh-manager.tar docker load --input ./wazuh-indexer.tar docker load --input ./wazuh-dashboard.tar - docker load --input ./wazuh-agent.tar - rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar wazuh-agent.tar + rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar - name: Create multi node certficates run: docker-compose -f multi-node/generate-indexer-certs.yml run --rm generator @@ -366,18 +334,5 @@ jobs: exit 1 fi - - name: Modify Docker endpoint into Wazuh agent docker-compose.yml file - run: sed -i "s//$(ip addr show docker0 | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1)/g" wazuh-agent/docker-compose.yml - - - name: Start Wazuh agent - run: docker-compose -f wazuh-agent/docker-compose.yml up -d - - - name: Check Wazuh agent enrollment - run: | - sleep 20 - curl -k -s -X GET "https://localhost:55000/agents?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" - env: - TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true") - - - name: Check errors in ossec.log for Wazuh manager - run: ./.github/multi-node-log-check.sh + - name: Check errors in ossec.log + run: ./.github/multi-node-log-check.sh \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 83a54908..fabec1b3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,6 @@ All notable changes to this project will be documented in this file. ### Added -- Add wazuh agent test and push ([#1809](https://github.com/wazuh/wazuh-docker/pull/1809)) - Add Wazuh agent image build and deploy ([#1801](https://github.com/wazuh/wazuh-docker/pull/1801)) ### Changed From 6875c81bed78e39ec9397bd9063236964068fab5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Victor=20Ere=C3=B1=C3=BA?= <56500015+vcerenu@users.noreply.github.com> Date: Tue, 13 May 2025 01:04:03 +1000 Subject: [PATCH 02/13] Revert "Add Wazuh agent image build and deploy" --- CHANGELOG.md | 2 +- build-docker-images/build-images.yml | 10 - build-docker-images/wazuh-agent/Dockerfile | 36 ---- .../wazuh-agent/config/check_repository.sh | 15 -- .../config/etc/cont-init.d/0-wazuh-init | 90 -------- .../config/etc/cont-init.d/1-agent | 44 ---- .../config/etc/services.d/ossec-logs/run | 4 - wazuh-agent/config/wazuh-agent-conf | 194 ------------------ wazuh-agent/docker-compose.yml | 11 - 9 files changed, 1 insertion(+), 405 deletions(-) delete mode 100644 build-docker-images/wazuh-agent/Dockerfile delete mode 100644 build-docker-images/wazuh-agent/config/check_repository.sh delete mode 100644 build-docker-images/wazuh-agent/config/etc/cont-init.d/0-wazuh-init delete mode 100644 build-docker-images/wazuh-agent/config/etc/cont-init.d/1-agent delete mode 100644 build-docker-images/wazuh-agent/config/etc/services.d/ossec-logs/run delete mode 100644 wazuh-agent/config/wazuh-agent-conf delete mode 100644 wazuh-agent/docker-compose.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index fabec1b3..f64412d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file. ### Added -- Add Wazuh agent image build and deploy ([#1801](https://github.com/wazuh/wazuh-docker/pull/1801)) +- None ### Changed diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml index afa31d98..90fbb897 100644 --- a/build-docker-images/build-images.yml +++ b/build-docker-images/build-images.yml @@ -36,16 +36,6 @@ services: - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - wazuh.agent: - build: - context: wazuh-agent/ - args: - WAZUH_VERSION: ${WAZUH_VERSION} - WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION} - image: wazuh/wazuh-agent:${WAZUH_IMAGE_VERSION} - hostname: wazuh.agent - restart: always - wazuh.indexer: build: context: wazuh-indexer/ diff --git a/build-docker-images/wazuh-agent/Dockerfile b/build-docker-images/wazuh-agent/Dockerfile deleted file mode 100644 index 8a237787..00000000 --- a/build-docker-images/wazuh-agent/Dockerfile +++ /dev/null @@ -1,36 +0,0 @@ -# Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2) -FROM amazonlinux:2023 - -RUN rm /bin/sh && ln -s /bin/bash /bin/sh - -ARG WAZUH_VERSION -ARG WAZUH_TAG_REVISION -ARG S6_VERSION="v2.2.0.3" -ARG WAZUH_MANAGER='CHANGE_MANAGER_IP' -ARG WAZUH_MANAGER_PORT='CHANGE_MANAGER_PORT' -ARG WAZUH_REGISTRATION_SERVER='CHANGE_ENROLL_IP' -ARG WAZUH_REGISTRATION_PORT='CHANGE_ENROLL_PORT' -ARG WAZUH_AGENT_NAME='CHANGEE_AGENT_NAME' - -COPY config/check_repository.sh / - -RUN yum install curl-minimal tar gzip procps -y &&\ - yum clean all - -RUN chmod 775 /check_repository.sh -RUN source /check_repository.sh - -RUN yum install wazuh-agent-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all && \ - sed -i '//d' /var/ossec/etc/ossec.conf && \ - curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ - -o /tmp/s6-overlay-amd64.tar.gz && \ - tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \ - tar xzf /tmp/s6-overlay-amd64.tar.gz -C /usr ./bin && \ - rm /tmp/s6-overlay-amd64.tar.gz - -COPY config/etc/ /etc/ - -RUN rm /etc/yum.repos.d/wazuh.repo - -ENTRYPOINT [ "/init" ] diff --git a/build-docker-images/wazuh-agent/config/check_repository.sh b/build-docker-images/wazuh-agent/config/check_repository.sh deleted file mode 100644 index e49e69c2..00000000 --- a/build-docker-images/wazuh-agent/config/check_repository.sh +++ /dev/null @@ -1,15 +0,0 @@ -## variables -APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$) - -## check tag to use the correct repository -if [[ -n "${WAZUH_TAG}" ]]; then - APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH - GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-agent/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-agent/config/etc/cont-init.d/0-wazuh-init deleted file mode 100644 index 2fcf4a88..00000000 --- a/build-docker-images/wazuh-agent/config/etc/cont-init.d/0-wazuh-init +++ /dev/null @@ -1,90 +0,0 @@ -#!/usr/bin/with-contenv bash -# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) - -WAZUH_INSTALL_PATH=/var/ossec -WAZUH_CONFIG_MOUNT=/wazuh-config-mount -WAZUH_MANAGER_SERVER=$WAZUH_MANAGER_SERVER -WAZUH_MANAGER_PORT=${WAZUH_MANAGER_PORT:-"1514"} -WAZUH_REGISTRATION_SERVER=${WAZUH_REGISTRATION_SERVER:-$WAZUH_MANAGER_SERVER} -WAZUH_REGISTRATION_PORT=${WAZUH_REGISTRATION_PORT:-"1515"} -WAZUH_REGISTRATION_PASSWORD=$WAZUH_REGISTRATION_PASSWORD -WAZUH_AGENT_NAME=${WAZUH_AGENT_NAME:-"wazuh-agent-$HOSTNAME"} - -############################################################################## -# Aux functions -############################################################################## -print() { - echo -e $1 -} - -error_and_exit() { - echo "Error executing command: '$1'." - echo 'Exiting.' - exit 1 -} - -exec_cmd() { - eval $1 > /dev/null 2>&1 || error_and_exit "$1" -} - -exec_cmd_stdout() { - eval $1 2>&1 || error_and_exit "$1" -} - -############################################################################## -# Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect -# destination files permissions -# -# For example, to mount the file /var/ossec/data/etc/ossec.conf, mount it at -# $WAZUH_CONFIG_MOUNT/etc/ossec.conf in your container and this code will -# replace the ossec.conf file in /var/ossec/data/etc with yours. -############################################################################## - -mount_files() { - if [ -e "$WAZUH_CONFIG_MOUNT" ] - then - print "Identified Wazuh configuration files to mount..." - exec_cmd_stdout "cp --verbose -r $WAZUH_CONFIG_MOUNT/* $WAZUH_INSTALL_PATH" - else - print "No Wazuh configuration files to mount..." - fi -} - -############################################################################## -# Allow users to set the manager ip and port, enrollment ip and port and -# enroll dynamically on container start. -# -# To use this: -# 1. Create your own ossec.conf file -# 2. In your ossec.conf file, use the configuration -# 3. Mount your custom ossec.conf file at $WAZUH_CONFIG_MOUNT/etc/ossec.conf -############################################################################## - -set_manager_conn() { - echo "ossec.conf configuration" - sed -i "s#
CHANGE_MANAGER_IP
#
$WAZUH_MANAGER_SERVER
#g" ${WAZUH_INSTALL_PATH}/etc/ossec.conf - sed -i "s#CHANGE_MANAGER_PORT#$WAZUH_MANAGER_PORT#g" ${WAZUH_INSTALL_PATH}/etc/ossec.conf - sed -i "s#CHANGE_ENROLL_IP#$WAZUH_REGISTRATION_SERVER#g" ${WAZUH_INSTALL_PATH}/etc/ossec.conf - sed -i "s#CHANGE_ENROLL_PORT#$WAZUH_REGISTRATION_PORT#g" ${WAZUH_INSTALL_PATH}/etc/ossec.conf - sed -i "s#CHANGEE_AGENT_NAME#$WAZUH_AGENT_NAME#g" ${WAZUH_INSTALL_PATH}/etc/ossec.conf - [ -n "$WAZUH_REGISTRATION_PASSWORD" ] && \ - echo "$WAZUH_REGISTRATION_PASSWORD" > ${WAZUH_INSTALL_PATH}/etc/authd.pass && \ - chown root:wazuh ${WAZUH_INSTALL_PATH}/etc/authd.pass && \ - chmod 640 ${WAZUH_INSTALL_PATH}/etc/authd.pass -} - -############################################################################## -# Main function -############################################################################## - -main() { - - # Mount selected files (WAZUH_CONFIG_MOUNT) to container - mount_files - - # Configure agent variables - set_manager_conn - -} - -main diff --git a/build-docker-images/wazuh-agent/config/etc/cont-init.d/1-agent b/build-docker-images/wazuh-agent/config/etc/cont-init.d/1-agent deleted file mode 100644 index 076ac6ce..00000000 --- a/build-docker-images/wazuh-agent/config/etc/cont-init.d/1-agent +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/with-contenv bash - -############################################################################## -# Migration sequence -# Detect if there is a mounted volume on /wazuh-migration and copy the data -# to /var/ossec, finally it will create a flag ".migration-completed" inside -# the mounted volume -############################################################################## - -function __colortext() -{ - echo -e " \e[1;$2m$1\e[0m" -} - -function echogreen() -{ - echo $(__colortext "$1" "32") -} - -function echoyellow() -{ - echo $(__colortext "$1" "33") -} - -function echored() -{ - echo $(__colortext "$1" "31") -} - -function_entrypoint_scripts() { - # It will run every .sh script located in entrypoint-scripts folder in lexicographical order - if [ -d "/entrypoint-scripts/" ] - then - for script in `ls /entrypoint-scripts/*.sh | sort -n`; do - bash "$script" - done - fi -} - -# run entrypoint scripts -function_entrypoint_scripts - -# Start Wazuh -/var/ossec/bin/wazuh-control start diff --git a/build-docker-images/wazuh-agent/config/etc/services.d/ossec-logs/run b/build-docker-images/wazuh-agent/config/etc/services.d/ossec-logs/run deleted file mode 100644 index e96cba8f..00000000 --- a/build-docker-images/wazuh-agent/config/etc/services.d/ossec-logs/run +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/with-contenv sh - -# dumping ossec.log to standard output -exec tail -F /var/ossec/logs/ossec.log diff --git a/wazuh-agent/config/wazuh-agent-conf b/wazuh-agent/config/wazuh-agent-conf deleted file mode 100644 index 73a355f1..00000000 --- a/wazuh-agent/config/wazuh-agent-conf +++ /dev/null @@ -1,194 +0,0 @@ - - - - - -
CHANGE_MANAGER_IP
- CHANGE_MANAGER_PORT - tcp - - amzn, amzn2023 - 10 - 60 - yes - aes - - yes - CHANGE_ENROLL_IP - CHANGE_ENROLL_PORT - CHANGEE_AGENT_NAME - etc/authd.pass - - - - - - no - 5000 - 500 - - - - - no - yes - yes - yes - yes - yes - yes - yes - - - 43200 - - etc/shared/rootkit_files.txt - etc/shared/rootkit_trojans.txt - - yes - - /var/lib/containerd - /var/lib/docker/overlay2 - - - - yes - 1800 - 1d - yes - - wodles/java - wodles/ciscat - - - - - yes - yes - /var/log/osquery/osqueryd.results.log - /etc/osquery/osquery.conf - yes - - - - - no - 1h - yes - yes - yes - yes - yes - yes - yes - - - - 10 - - - - - yes - yes - 12h - yes - - - - - no - - - 43200 - - yes - - - /etc,/usr/bin,/usr/sbin - /bin,/sbin,/boot - - - /etc/mtab - /etc/hosts.deny - /etc/mail/statistics - /etc/random-seed - /etc/random.seed - /etc/adjtime - /etc/httpd/logs - /etc/utmpx - /etc/wtmpx - /etc/cups/certs - /etc/dumpdates - /etc/svc/volatile - - - .log$|.swp$ - - - /etc/ssl/private.key - - yes - yes - yes - yes - - - 10 - - - 50 - - - - yes - 5m - 10 - - - - - - command - df -P - 360 - - - - full_command - netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d - netstat listening ports - 360 - - - - full_command - last -n 20 - 360 - - - - - no - etc/wpk_root.pem - yes - - - - - plain - - - - - - - syslog - /var/ossec/logs/active-responses.log - - - diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml deleted file mode 100644 index 3912908f..00000000 --- a/wazuh-agent/docker-compose.yml +++ /dev/null @@ -1,11 +0,0 @@ -# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) -version: '3.7' - -services: - wazuh.agent: - image: wazuh/wazuh-agent:4.12.1 - restart: always - environment: - - WAZUH_MANAGER_SERVER= - volumes: - - ./config/wazuh-agent-conf:/wazuh-config-mount/etc/ossec.conf \ No newline at end of file From c4f225cb1b8f8a8c6b5c8b43ca18c112bb846ffd Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 29 May 2025 09:22:27 -0300 Subject: [PATCH 03/13] Remove 4.12.2 references from 4.13.0 branch --- CHANGELOG.md | 26 +++---------------- .../config/wazuh_indexer_ssl_certs/certs.yml | 24 +++++++++++++++++ 2 files changed, 28 insertions(+), 22 deletions(-) create mode 100644 multi-node/config/wazuh_indexer_ssl_certs/certs.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 154e2c80..94919027 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ All notable changes to this project will be documented in this file. ### Added - Added repository_bumper script. ([#1781](https://github.com/wazuh/wazuh-docker/pull/1781)) +- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) +- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) +- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) +- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) ### Changed @@ -20,28 +24,6 @@ All notable changes to this project will be documented in this file. - Remove default docker reference version from workflow ([#1761](https://github.com/wazuh/wazuh-docker/pull/1761)) - Remove 'stable' branch ocurrencies ([#1757](https://github.com/wazuh/wazuh-docker/pull/1757)) -## [4.12.2] - -### Added - -- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) -- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) -- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) -- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) - -### Changed - -- None - -### Fixed - -- None - -### Deleted - -- None - - ## [4.12.1] ### Added diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml new file mode 100644 index 00000000..f88f5f7f --- /dev/null +++ b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml @@ -0,0 +1,24 @@ +nodes: + # Wazuh indexer server nodes + indexer: + - name: wazuh1.indexer + ip: wazuh1.indexer + - name: wazuh2.indexer + ip: wazuh2.indexer + - name: wazuh3.indexer + ip: wazuh3.indexer + + # Wazuh server nodes + # Use node_type only with more than one Wazuh manager + server: + - name: wazuh.master + ip: wazuh.master + node_type: master + - name: wazuh.worker + ip: wazuh.worker + node_type: worker + + # Wazuh dashboard node + dashboard: + - name: wazuh.dashboard + ip: wazuh.dashboard \ No newline at end of file From d13127b5dec5af954689cfbf74570eaf013a44af Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 29 May 2025 09:23:59 -0300 Subject: [PATCH 04/13] Remove 4.12.2 references from 4.13.0 branch --- multi-node/config/wazuh_indexer_ssl_certs/certs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml index f88f5f7f..5c3f4f1d 100644 --- a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml +++ b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml @@ -21,4 +21,4 @@ nodes: # Wazuh dashboard node dashboard: - name: wazuh.dashboard - ip: wazuh.dashboard \ No newline at end of file + ip: wazuh.dashboard From 08bc37198f8754767f968ab51aa693987bed28d3 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 29 May 2025 09:25:52 -0300 Subject: [PATCH 05/13] Remove 4.12.2 references from 4.13.0 branch --- .../config/wazuh_indexer_ssl_certs/certs.yml | 24 ------------------- 1 file changed, 24 deletions(-) delete mode 100644 multi-node/config/wazuh_indexer_ssl_certs/certs.yml diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml deleted file mode 100644 index 5c3f4f1d..00000000 --- a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml +++ /dev/null @@ -1,24 +0,0 @@ -nodes: - # Wazuh indexer server nodes - indexer: - - name: wazuh1.indexer - ip: wazuh1.indexer - - name: wazuh2.indexer - ip: wazuh2.indexer - - name: wazuh3.indexer - ip: wazuh3.indexer - - # Wazuh server nodes - # Use node_type only with more than one Wazuh manager - server: - - name: wazuh.master - ip: wazuh.master - node_type: master - - name: wazuh.worker - ip: wazuh.worker - node_type: worker - - # Wazuh dashboard node - dashboard: - - name: wazuh.dashboard - ip: wazuh.dashboard From b3262414004a7efbd09a3c53d8c16611f9300344 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 29 May 2025 09:28:09 -0300 Subject: [PATCH 06/13] Remove 4.12.2 references from 4.14.0 branch --- CHANGELOG.md | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d4bc685f..64358839 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,10 @@ All notable changes to this project will be documented in this file. ### Added - Added repository_bumper script. ([#1781](https://github.com/wazuh/wazuh-docker/pull/1781)) +- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) +- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) +- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) +- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) ### Changed @@ -38,28 +42,6 @@ All notable changes to this project will be documented in this file. - Remove default docker reference version from workflow ([#1761](https://github.com/wazuh/wazuh-docker/pull/1761)) - Remove 'stable' branch ocurrencies ([#1757](https://github.com/wazuh/wazuh-docker/pull/1757)) -## [4.12.2] - -### Added - -- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) -- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) -- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) -- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) - -### Changed - -- None - -### Fixed - -- None - -### Deleted - -- None - - ## [4.12.1] ### Added From c32fa133e32ac6425b635ae4da439224a841c8bf Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 09:36:37 -0300 Subject: [PATCH 07/13] Bump 4.13.0 technical documentation --- README.md | 2 +- docs/dev/build-image.md | 4 ++-- docs/dev/introduction.md | 2 +- docs/dev/setup.md | 6 +++--- docs/ref/Introduction/description.md | 6 +++--- docs/ref/Introduction/introduction.md | 4 ++-- docs/ref/configuration/configuration-files.md | 2 +- docs/ref/configuration/configuration.md | 2 +- docs/ref/getting-started/deployment/deployment.md | 6 +++--- docs/ref/getting-started/getting-started.md | 6 +++--- docs/ref/getting-started/requirements.md | 2 +- docs/ref/glossary.md | 6 +++--- 12 files changed, 24 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 18e3a596..11293e86 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ The `wazuh/wazuh-docker` repository provides resources to deploy the Wazuh cyber ## Branch Convention - `main`: Developing and testing of new features. -- `X.Y.Z`: Version-specific branches (e.g., `4.12.2`, `4.11.0`, etc.). +- `X.Y.Z`: Version-specific branches (e.g., `4.13.0`, `4.12.0`, etc.). ## Documentation diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 58a7c734..a10e1e9b 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.12.2 +$ build-docker-images/build-images.sh -v 4.13.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.12.2. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.13.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/docs/dev/introduction.md b/docs/dev/introduction.md index 56e13df2..e639c535 100644 --- a/docs/dev/introduction.md +++ b/docs/dev/introduction.md @@ -1,6 +1,6 @@ # Development Guide - Introduction -Welcome to the Development Guide for Wazuh-docker version 4.12.2. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. +Welcome to the Development Guide for Wazuh-docker version 4.13.0. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. ## Purpose of This Guide diff --git a/docs/dev/setup.md b/docs/dev/setup.md index 3c9d37d5..5cee6d5f 100644 --- a/docs/dev/setup.md +++ b/docs/dev/setup.md @@ -1,6 +1,6 @@ # Development Guide - Setup Environment -This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.12.2). A proper setup is crucial for building images, running tests, and contributing effectively. +This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.13.0). A proper setup is crucial for building images, running tests, and contributing effectively. ## Prerequisites @@ -26,12 +26,12 @@ Before you begin, ensure your system meets the following requirements: Follow these steps to prepare your development environment: 1. **Clone the Repository**: - Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.12.2`. + Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.13.0`. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout 4.12.2 + git checkout 4.13.0 ``` 2. **Verify Docker Installation**: diff --git a/docs/ref/Introduction/description.md b/docs/ref/Introduction/description.md index 917fbfe1..3f478fdc 100644 --- a/docs/ref/Introduction/description.md +++ b/docs/ref/Introduction/description.md @@ -1,6 +1,6 @@ # Reference Manual - Description -This section provides a detailed description of Wazuh-docker (version 4.12.2), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. +This section provides a detailed description of Wazuh-docker (version 4.13.0), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. ## What is Wazuh? @@ -18,7 +18,7 @@ Wazuh-docker is a project that provides Docker images and `docker compose` confi ## Core Components in Wazuh-Docker -The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.12.2: +The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.13.0: 1. **Wazuh Manager**: - The central component that collects and analyzes data from deployed Wazuh agents. @@ -28,7 +28,7 @@ The Wazuh-Docker project typically provides images for the following core Wazuh 2. **Wazuh Indexer**: - A highly scalable, full-text search and analytics engine. - Based on OpenSearch (or historically Elasticsearch), it stores and indexes alerts and monitoring data generated by the Wazuh manager. - - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.12.2, this is typically an OpenSearch-based component. + - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.13.0, this is typically an OpenSearch-based component. 3. **Wazuh Dashboard**: - A flexible visualization tool based on OpenSearch Dashboards (or historically Kibana). diff --git a/docs/ref/Introduction/introduction.md b/docs/ref/Introduction/introduction.md index 486322e4..7c7881e2 100644 --- a/docs/ref/Introduction/introduction.md +++ b/docs/ref/Introduction/introduction.md @@ -1,6 +1,6 @@ # Reference Manual - Introduction -Welcome to the Reference Manual for Wazuh-Docker, version 4.12.2. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. +Welcome to the Reference Manual for Wazuh-Docker, version 4.13.0. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. ## Purpose of This Manual @@ -44,4 +44,4 @@ This manual is structured to help you find information efficiently: - If you need to customize your deployment, refer to the [Configuration](configuration/configuration.md) section. - For specific terms or concepts, consult the [Glossary](glossary.md). -This manual refers to version 4.12.2 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. +This manual refers to version 4.13.0 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md index 4689286f..07e6b0f8 100644 --- a/docs/ref/configuration/configuration-files.md +++ b/docs/ref/configuration/configuration-files.md @@ -29,4 +29,4 @@ ``` -Consult the official Wazuh documentation for version 4.12.2 for detailed information on all possible configuration parameters for each component. \ No newline at end of file +Consult the official Wazuh documentation for version 4.13.0 for detailed information on all possible configuration parameters for each component. \ No newline at end of file diff --git a/docs/ref/configuration/configuration.md b/docs/ref/configuration/configuration.md index dba9730e..b7d26444 100644 --- a/docs/ref/configuration/configuration.md +++ b/docs/ref/configuration/configuration.md @@ -1,6 +1,6 @@ # Reference Manual - Configuration -This section details how to configure your Wazuh-Docker deployment (version 4.12.2). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. +This section details how to configure your Wazuh-Docker deployment (version 4.13.0). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. ## Overview of Configuration Methods diff --git a/docs/ref/getting-started/deployment/deployment.md b/docs/ref/getting-started/deployment/deployment.md index c5d3e43f..00f8fd41 100644 --- a/docs/ref/getting-started/deployment/deployment.md +++ b/docs/ref/getting-started/deployment/deployment.md @@ -1,6 +1,6 @@ # Reference Manual - Deployment -This section provides detailed instructions for deploying Wazuh-Docker (version 4.12.2) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. +This section provides detailed instructions for deploying Wazuh-Docker (version 4.13.0) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. ## Overview of Deployment Options @@ -24,11 +24,11 @@ Ensure you have: - Met all the [System Requirements](ref/getting-started/requirements.md). - Installed Docker and Docker Compose on your host(s). -- Cloned the `wazuh-docker` repository (version `4.12.2`) or downloaded the necessary deployment files. +- Cloned the `wazuh-docker` repository (version `4.13.0`) or downloaded the necessary deployment files. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v4.13.0 ``` - Made a backup of any existing Wazuh data if you are migrating or upgrading. diff --git a/docs/ref/getting-started/getting-started.md b/docs/ref/getting-started/getting-started.md index 4744e477..d8297628 100644 --- a/docs/ref/getting-started/getting-started.md +++ b/docs/ref/getting-started/getting-started.md @@ -1,6 +1,6 @@ # Reference Manual - Getting Started -This section guides you through the initial steps to get your Wazuh-docker (version 4.12.2) environment up and running. We will cover the prerequisites and point you to the deployment instructions. +This section guides you through the initial steps to get your Wazuh-docker (version 4.13.0) environment up and running. We will cover the prerequisites and point you to the deployment instructions. ## Overview @@ -27,11 +27,11 @@ Before diving into the deployment, please ensure you have reviewed: Verify that your host system has sufficient RAM, CPU, and disk space. Ensure Docker and Docker Compose are installed and functioning correctly. 2. **Obtain Wazuh-docker Configuration**: - You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.12.2. + You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.13.0. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v4.13.0 # Navigate to the specific docker-compose directory, e.g., single-node or multi-node # cd docker-compose/single-node/ (example path) ``` diff --git a/docs/ref/getting-started/requirements.md b/docs/ref/getting-started/requirements.md index 180a315f..e13e2295 100644 --- a/docs/ref/getting-started/requirements.md +++ b/docs/ref/getting-started/requirements.md @@ -1,6 +1,6 @@ # Reference Manual - Requirements -Before deploying Wazuh-Docker (version 4.12.2), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. +Before deploying Wazuh-Docker (version 4.13.0), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. ## Host System Requirements diff --git a/docs/ref/glossary.md b/docs/ref/glossary.md index fb3e6445..2c1e8ba9 100644 --- a/docs/ref/glossary.md +++ b/docs/ref/glossary.md @@ -1,6 +1,6 @@ # Reference Manual - Glossary -This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.12.2). +This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.13.0). --- @@ -22,7 +22,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **D** -- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.12.2, this is typically OpenSearch Dashboards. +- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.13.0, this is typically OpenSearch Dashboards. - **Decoder**: A component in the Wazuh Manager that parses and extracts relevant information (fields) from raw log messages or event data. - **Docker**: An open platform for developing, shipping, and running applications inside containers. - **Docker Compose**: A tool for defining and running multi-container Docker applications. It uses a YAML file (`docker-compose.yml`) to configure the application's services, networks, and volumes. @@ -42,7 +42,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **I** -- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.12.2, this is typically OpenSearch. +- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.13.0, this is typically OpenSearch. **L** From 7ae41672230f029fbe874588c8238a5b58a261ac Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 09:47:37 -0300 Subject: [PATCH 08/13] Bump wazuh agent --- wazuh-agent/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index 3912908f..b4dc7d00 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.agent: - image: wazuh/wazuh-agent:4.12.1 + image: wazuh/wazuh-agent:4.13.0 restart: always environment: - WAZUH_MANAGER_SERVER= From aa46ce20794b3a7865c8e46df75caadd6d357d2e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 10:05:47 -0300 Subject: [PATCH 09/13] Bump 4.14.0 technical documentation --- README.md | 2 +- docs/dev/build-image.md | 4 ++-- docs/dev/introduction.md | 2 +- docs/dev/setup.md | 6 +++--- docs/ref/Introduction/description.md | 6 +++--- docs/ref/Introduction/introduction.md | 4 ++-- docs/ref/configuration/configuration-files.md | 2 +- docs/ref/configuration/configuration.md | 2 +- docs/ref/getting-started/deployment/deployment.md | 6 +++--- docs/ref/getting-started/getting-started.md | 6 +++--- docs/ref/getting-started/requirements.md | 2 +- docs/ref/glossary.md | 6 +++--- wazuh-agent/docker-compose.yml | 2 +- 13 files changed, 25 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 18e3a596..8440a4b3 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ The `wazuh/wazuh-docker` repository provides resources to deploy the Wazuh cyber ## Branch Convention - `main`: Developing and testing of new features. -- `X.Y.Z`: Version-specific branches (e.g., `4.12.2`, `4.11.0`, etc.). +- `X.Y.Z`: Version-specific branches (e.g., `4.14.0`, `4.13.0`, etc.). ## Documentation diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 58a7c734..7b7e3029 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.12.2 +$ build-docker-images/build-images.sh -v 4.14.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.12.2. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/docs/dev/introduction.md b/docs/dev/introduction.md index 56e13df2..a03aefaf 100644 --- a/docs/dev/introduction.md +++ b/docs/dev/introduction.md @@ -1,6 +1,6 @@ # Development Guide - Introduction -Welcome to the Development Guide for Wazuh-docker version 4.12.2. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. +Welcome to the Development Guide for Wazuh-docker version 4.14.0. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. ## Purpose of This Guide diff --git a/docs/dev/setup.md b/docs/dev/setup.md index 3c9d37d5..2f611777 100644 --- a/docs/dev/setup.md +++ b/docs/dev/setup.md @@ -1,6 +1,6 @@ # Development Guide - Setup Environment -This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.12.2). A proper setup is crucial for building images, running tests, and contributing effectively. +This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.14.0). A proper setup is crucial for building images, running tests, and contributing effectively. ## Prerequisites @@ -26,12 +26,12 @@ Before you begin, ensure your system meets the following requirements: Follow these steps to prepare your development environment: 1. **Clone the Repository**: - Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.12.2`. + Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.14.0`. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout 4.12.2 + git checkout v4.14.0 ``` 2. **Verify Docker Installation**: diff --git a/docs/ref/Introduction/description.md b/docs/ref/Introduction/description.md index 917fbfe1..058317e7 100644 --- a/docs/ref/Introduction/description.md +++ b/docs/ref/Introduction/description.md @@ -1,6 +1,6 @@ # Reference Manual - Description -This section provides a detailed description of Wazuh-docker (version 4.12.2), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. +This section provides a detailed description of Wazuh-docker (version 4.14.0), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. ## What is Wazuh? @@ -18,7 +18,7 @@ Wazuh-docker is a project that provides Docker images and `docker compose` confi ## Core Components in Wazuh-Docker -The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.12.2: +The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.14.0: 1. **Wazuh Manager**: - The central component that collects and analyzes data from deployed Wazuh agents. @@ -28,7 +28,7 @@ The Wazuh-Docker project typically provides images for the following core Wazuh 2. **Wazuh Indexer**: - A highly scalable, full-text search and analytics engine. - Based on OpenSearch (or historically Elasticsearch), it stores and indexes alerts and monitoring data generated by the Wazuh manager. - - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.12.2, this is typically an OpenSearch-based component. + - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.14.0, this is typically an OpenSearch-based component. 3. **Wazuh Dashboard**: - A flexible visualization tool based on OpenSearch Dashboards (or historically Kibana). diff --git a/docs/ref/Introduction/introduction.md b/docs/ref/Introduction/introduction.md index 486322e4..957fd9bb 100644 --- a/docs/ref/Introduction/introduction.md +++ b/docs/ref/Introduction/introduction.md @@ -1,6 +1,6 @@ # Reference Manual - Introduction -Welcome to the Reference Manual for Wazuh-Docker, version 4.12.2. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. +Welcome to the Reference Manual for Wazuh-Docker, version 4.14.0. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. ## Purpose of This Manual @@ -44,4 +44,4 @@ This manual is structured to help you find information efficiently: - If you need to customize your deployment, refer to the [Configuration](configuration/configuration.md) section. - For specific terms or concepts, consult the [Glossary](glossary.md). -This manual refers to version 4.12.2 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. +This manual refers to version 4.14.0 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md index 4689286f..4f842bba 100644 --- a/docs/ref/configuration/configuration-files.md +++ b/docs/ref/configuration/configuration-files.md @@ -29,4 +29,4 @@ ``` -Consult the official Wazuh documentation for version 4.12.2 for detailed information on all possible configuration parameters for each component. \ No newline at end of file +Consult the official Wazuh documentation for version 4.14.0 for detailed information on all possible configuration parameters for each component. \ No newline at end of file diff --git a/docs/ref/configuration/configuration.md b/docs/ref/configuration/configuration.md index dba9730e..07b5d11c 100644 --- a/docs/ref/configuration/configuration.md +++ b/docs/ref/configuration/configuration.md @@ -1,6 +1,6 @@ # Reference Manual - Configuration -This section details how to configure your Wazuh-Docker deployment (version 4.12.2). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. +This section details how to configure your Wazuh-Docker deployment (version 4.14.0). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. ## Overview of Configuration Methods diff --git a/docs/ref/getting-started/deployment/deployment.md b/docs/ref/getting-started/deployment/deployment.md index c5d3e43f..b6d685ff 100644 --- a/docs/ref/getting-started/deployment/deployment.md +++ b/docs/ref/getting-started/deployment/deployment.md @@ -1,6 +1,6 @@ # Reference Manual - Deployment -This section provides detailed instructions for deploying Wazuh-Docker (version 4.12.2) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. +This section provides detailed instructions for deploying Wazuh-Docker (version 4.14.0) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. ## Overview of Deployment Options @@ -24,11 +24,11 @@ Ensure you have: - Met all the [System Requirements](ref/getting-started/requirements.md). - Installed Docker and Docker Compose on your host(s). -- Cloned the `wazuh-docker` repository (version `4.12.2`) or downloaded the necessary deployment files. +- Cloned the `wazuh-docker` repository (version `4.14.0`) or downloaded the necessary deployment files. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v4.14.0 ``` - Made a backup of any existing Wazuh data if you are migrating or upgrading. diff --git a/docs/ref/getting-started/getting-started.md b/docs/ref/getting-started/getting-started.md index 4744e477..7e76bf9a 100644 --- a/docs/ref/getting-started/getting-started.md +++ b/docs/ref/getting-started/getting-started.md @@ -1,6 +1,6 @@ # Reference Manual - Getting Started -This section guides you through the initial steps to get your Wazuh-docker (version 4.12.2) environment up and running. We will cover the prerequisites and point you to the deployment instructions. +This section guides you through the initial steps to get your Wazuh-docker (version 4.14.0) environment up and running. We will cover the prerequisites and point you to the deployment instructions. ## Overview @@ -27,11 +27,11 @@ Before diving into the deployment, please ensure you have reviewed: Verify that your host system has sufficient RAM, CPU, and disk space. Ensure Docker and Docker Compose are installed and functioning correctly. 2. **Obtain Wazuh-docker Configuration**: - You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.12.2. + You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.14.0. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v4.14.0 # Navigate to the specific docker-compose directory, e.g., single-node or multi-node # cd docker-compose/single-node/ (example path) ``` diff --git a/docs/ref/getting-started/requirements.md b/docs/ref/getting-started/requirements.md index 180a315f..b006acdc 100644 --- a/docs/ref/getting-started/requirements.md +++ b/docs/ref/getting-started/requirements.md @@ -1,6 +1,6 @@ # Reference Manual - Requirements -Before deploying Wazuh-Docker (version 4.12.2), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. +Before deploying Wazuh-Docker (version 4.14.0), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. ## Host System Requirements diff --git a/docs/ref/glossary.md b/docs/ref/glossary.md index fb3e6445..fb8d3ed6 100644 --- a/docs/ref/glossary.md +++ b/docs/ref/glossary.md @@ -1,6 +1,6 @@ # Reference Manual - Glossary -This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.12.2). +This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.14.0). --- @@ -22,7 +22,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **D** -- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.12.2, this is typically OpenSearch Dashboards. +- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.14.0, this is typically OpenSearch Dashboards. - **Decoder**: A component in the Wazuh Manager that parses and extracts relevant information (fields) from raw log messages or event data. - **Docker**: An open platform for developing, shipping, and running applications inside containers. - **Docker Compose**: A tool for defining and running multi-container Docker applications. It uses a YAML file (`docker-compose.yml`) to configure the application's services, networks, and volumes. @@ -42,7 +42,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **I** -- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.12.2, this is typically OpenSearch. +- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.14.0, this is typically OpenSearch. **L** diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index 3912908f..46243742 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.agent: - image: wazuh/wazuh-agent:4.12.1 + image: wazuh/wazuh-agent:4.14.0 restart: always environment: - WAZUH_MANAGER_SERVER= From b23ae2f4cc6db21eac57fd79c20b4fa6755e4411 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 10:33:50 -0300 Subject: [PATCH 10/13] Bump revision and image tag for rc1 stage --- VERSION.json | 2 +- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/VERSION.json b/VERSION.json index 116fc47a..8e062521 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { "version": "4.12.1", - "stage": "alpha0" + "stage": "rc1" } diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 7896aa85..d99fa623 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.12.1 + image: wazuh/wazuh-manager:4.12.1-rc1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.12.1 + image: wazuh/wazuh-manager:4.12.1-rc1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.12.1 + image: wazuh/wazuh-indexer:4.12.1-rc1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.12.1 + image: wazuh/wazuh-indexer:4.12.1-rc1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.12.1 + image: wazuh/wazuh-indexer:4.12.1-rc1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.12.1 + image: wazuh/wazuh-dashboard:4.12.1-rc1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 607a7ef8..bc1f949b 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.12.1 + image: wazuh/wazuh-manager:4.12.1-rc1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.12.1 + image: wazuh/wazuh-indexer:4.12.1-rc1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.12.1 + image: wazuh/wazuh-dashboard:4.12.1-rc1 hostname: wazuh.dashboard restart: always ports: From 0cf60da585f9f6be17903e9ccdeeae6f4e7a8aa7 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 10:53:10 -0300 Subject: [PATCH 11/13] Revert image tag --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index d99fa623..7896aa85 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.12.1-rc1 + image: wazuh/wazuh-manager:4.12.1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.12.1-rc1 + image: wazuh/wazuh-manager:4.12.1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.12.1-rc1 + image: wazuh/wazuh-indexer:4.12.1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.12.1-rc1 + image: wazuh/wazuh-indexer:4.12.1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.12.1-rc1 + image: wazuh/wazuh-indexer:4.12.1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.12.1-rc1 + image: wazuh/wazuh-dashboard:4.12.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index bc1f949b..607a7ef8 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.12.1-rc1 + image: wazuh/wazuh-manager:4.12.1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.12.1-rc1 + image: wazuh/wazuh-indexer:4.12.1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.12.1-rc1 + image: wazuh/wazuh-dashboard:4.12.1 hostname: wazuh.dashboard restart: always ports: From 44aa64c81f4918847103dd2f52625b90e25815f2 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 5 Jun 2025 15:54:04 -0300 Subject: [PATCH 12/13] Fixes some merge differences --- .github/workflows/push.yml | 3 +-- build-docker-images/wazuh-agent/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 45dcd540..0d036999 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -101,7 +101,6 @@ jobs: docker load --input ./wazuh-manager.tar docker load --input ./wazuh-agent.tar - - name: Create single node certficates run: docker compose -f single-node/generate-indexer-certs.yml run --rm generator @@ -202,7 +201,7 @@ jobs: env: TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true") - - name: Check errors in ossec.log + - name: Check errors in ossec.log for Wazuh manager run: ./.github/single-node-log-check.sh check-multi-node: diff --git a/build-docker-images/wazuh-agent/Dockerfile b/build-docker-images/wazuh-agent/Dockerfile index 9056a469..8a237787 100644 --- a/build-docker-images/wazuh-agent/Dockerfile +++ b/build-docker-images/wazuh-agent/Dockerfile @@ -33,4 +33,4 @@ COPY config/etc/ /etc/ RUN rm /etc/yum.repos.d/wazuh.repo -ENTRYPOINT [ "/init" ] \ No newline at end of file +ENTRYPOINT [ "/init" ] From beaf93d9ab3e3c5daed0619d512054787d3c91c7 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Thu, 5 Jun 2025 15:55:38 -0300 Subject: [PATCH 13/13] Moved wazuh-agent.conf file --- .../wazuh-agent => wazuh-agent}/config/wazuh-agent-conf | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {build-docker-images/wazuh-agent => wazuh-agent}/config/wazuh-agent-conf (100%) diff --git a/build-docker-images/wazuh-agent/config/wazuh-agent-conf b/wazuh-agent/config/wazuh-agent-conf similarity index 100% rename from build-docker-images/wazuh-agent/config/wazuh-agent-conf rename to wazuh-agent/config/wazuh-agent-conf