Merge branch '4.4' into merge-43-into-44

2025-11-16 03:42:00 +00:00 · 2023-04-28 12:11:05 -03:00
parent 095d878b04 27850dd2ce
commit c7d4edde40
26 changed files with 195 additions and 117 deletions
--- a/.env
+++ b/.env
@@ -1,3 +1,3 @@
-WAZUH_VERSION=4.3.11
+WAZUH_VERSION=4.4.1
-WAZUH_IMAGE_VERSION=4.3.11
+WAZUH_IMAGE_VERSION=4.4.1
 WAZUH_TAG_REVISION=1
--- a/.github/.goss.yaml
+++ b/.github/.goss.yaml
@@ -56,7 +56,7 @@ package:
  wazuh-manager:
    installed: true
    versions:
-    - 4.3.11-1
+    - 4.4.1-1
 port:
  tcp:1514:
    listening: true
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -126,7 +126,7 @@ jobs:
    - name: Check documents into wazuh-alerts index
      run: |
-       docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_doc/_search" -u admin:SecretPassword -k -s | jq -r ".hits.total.value"`"
+       docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
       if [[ $docs -gt 100 ]]; then
        echo "wazuh-alerts index documents: ${docs}"
       else
@@ -250,8 +250,8 @@ jobs:
    - name: Check documents into wazuh-alerts index
      run: |
-       docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_doc/_search" -u admin:SecretPassword -k -s | jq -r ".hits.total.value"`"
+       docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
-       if [[ $docs -gt 200 ]]; then
+       if [[ $docs -gt 100 ]]; then
        echo "wazuh-alerts index documents: ${docs}"
       else
        echo "wazuh-alerts index documents: ${docs}"
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,10 +1,20 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 ## Wazuh Docker v4.4.1
 ### Added
 - Update Wazuh to version [4.4.1](https://github.com/wazuh/wazuh/blob/v4.4.1/CHANGELOG.md#v441)
 ## Wazuh Docker v4.4.0
 ### Added
 - Update Wazuh to version [4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
 ## Wazuh Docker v4.3.11
 ### Added
- Update Wazuh to version [4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4310)
+- Update Wazuh to version [4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4311)
 ## Wazuh Docker v4.3.10
 ### Added
--- a/README.md
+++ b/README.md
@@ -195,6 +195,8 @@ WAZUH_MONITORING_REPLICAS=0         ##
 | Wazuh version | ODFE    | XPACK  |
 |---------------|---------|--------|
 | v4.4.1        |         |        |
 | v4.4.0        |         |        |
 | v4.3.11       |         |        |
 | v4.3.10       |         |        |
 | v4.3.9        |         |        |
--- a/4
+++ b/4
@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="4.3.11"
+WAZUH-DOCKER_VERSION="4.4.1"
-REVISION="40324"
+REVISION="40406"
--- a/build-docker-images/build-images.sh
+++ b/build-docker-images/build-images.sh
@@ -1,4 +1,4 @@
-WAZUH_IMAGE_VERSION=4.3.11
+WAZUH_IMAGE_VERSION=4.4.1
 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
 WAZUH_TAG_REVISION=1
 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
--- a/build-docker-images/wazuh-dashboard/config/config.sh
+++ b/build-docker-images/wazuh-dashboard/config/config.sh
@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.3/
+PACKAGES_URL=https://packages.wazuh.com/4.4/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
--- a/build-docker-images/wazuh-dashboard/config/dl_base.sh
+++ b/build-docker-images/wazuh-dashboard/config/dl_base.sh
@@ -1,12 +1,25 @@
-WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') && \
+REPOSITORY="packages.wazuh.com/4.x"
-WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g') && \
+WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
 MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
 MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
 MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
 MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
 MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
 MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
-
+## check version to use the correct repository
-if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
+if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
- REPOSITORY="packages.wazuh.com"
+  REPOSITORY="packages-dev.wazuh.com/pre-release"
-else 
+elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
- REPOSITORY="packages-dev.wazuh.com"
+  if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
    REPOSITORY="packages-dev.wazuh.com/pre-release"
  elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
    if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
      REPOSITORY="packages-dev.wazuh.com/pre-release"
    fi
  fi
 fi
-curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz
+
 curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz
 tar -xf wazuh-dashboard-base.tar.xz --directory  $INSTALL_DIR --strip-components=1
--- a/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh
+++ b/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh
@@ -1,11 +1,24 @@
-## Variables
+## variables
-WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g')
+WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
-WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
+WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
-## If wazuh manager exists in apt dev repository, change variables, if not exit 1
+MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
-if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
+MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
-  WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
+MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
-else
+MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
 MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
 MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
 ## check version to use the correct repository
 if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
  WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
 elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
  if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
    WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
  elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
    if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
      WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
    fi
  fi
 fi
 # Install Wazuh App
--- a/build-docker-images/wazuh-indexer/Dockerfile
+++ b/build-docker-images/wazuh-indexer/Dockerfile
@@ -59,14 +59,15 @@ COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/s
 COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d
 COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d
 RUN chown -R 1000:1000 /usr/share/wazuh-indexer
 RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \
    mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \
    mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \
    mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \
-    chmod 700 /usr/share/wazuh-indexer/config && \
+    chmod 700 /usr/share/wazuh-indexer && \
-    chmod 600 /usr/share/wazuh-indexer/config/jvm.options && \
+    chmod 600 /usr/share/wazuh-indexer/jvm.options && \
-    chmod 600 /usr/share/wazuh-indexer/config/opensearch.yml
+    chmod 600 /usr/share/wazuh-indexer/opensearch.yml
 USER wazuh-indexer
--- a/build-docker-images/wazuh-indexer/config/config.sh
+++ b/build-docker-images/wazuh-indexer/config/config.sh
@@ -4,8 +4,6 @@ export DH_OPTIONS
 export NAME=wazuh-indexer
 export TARGET_DIR=${CURDIR}/debian/${NAME}
 export WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
 export WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g')
 # Package build options
 export USER=${NAME}
@@ -15,7 +13,7 @@ export LOG_DIR=/var/log/${NAME}
 export LIB_DIR=/var/lib/${NAME}
 export PID_DIR=/run/${NAME}
 export INSTALLATION_DIR=/usr/share/${NAME}
-export CONFIG_DIR=${INSTALLATION_DIR}/config
+export CONFIG_DIR=${INSTALLATION_DIR}
 export BASE_DIR=${NAME}-*
 export INDEXER_FILE=wazuh-indexer-base.tar.xz
 export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz
@@ -23,13 +21,31 @@ export REPO_DIR=/unattended_installer
 rm -rf ${INSTALLATION_DIR}/
-if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
+## variables
- REPOSITORY="packages.wazuh.com"
+REPOSITORY="packages.wazuh.com/4.x"
-else
+WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
- REPOSITORY="packages-dev.wazuh.com"
+MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
 MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
 MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
 MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
 MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
 MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
 ## check version to use the correct repository
 if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
  REPOSITORY="packages-dev.wazuh.com/pre-release"
 elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
  if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
    REPOSITORY="packages-dev.wazuh.com/pre-release"
  elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
    if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
      REPOSITORY="packages-dev.wazuh.com/pre-release"
    fi
  fi
 fi
-curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/base/${BASE_FILE}
+
 curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/${BASE_FILE}
 tar -xf ${INDEXER_FILE}
 ## TOOLS
@@ -37,8 +53,8 @@ tar -xf ${INDEXER_FILE}
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.3/
+PACKAGES_URL=https://packages.wazuh.com/4.4/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
@@ -77,6 +93,7 @@ chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A
 # copy to target
 mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}
 mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
 mkdir -p ${TARGET_DIR}${CONFIG_DIR}
 mkdir -p ${TARGET_DIR}${LIB_DIR}
 mkdir -p ${TARGET_DIR}${LOG_DIR}
@@ -101,9 +118,9 @@ cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR}
 cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
 cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
 # Copy Wazuh's config files for the security plugin
-cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
+cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
+cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
+cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
 cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
 # Copy Wazuh indexer's certificates
 cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem
--- a/build-docker-images/wazuh-indexer/config/entrypoint.sh
+++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh
@@ -6,7 +6,7 @@ umask 0002
 export USER=wazuh-indexer
 export INSTALLATION_DIR=/usr/share/wazuh-indexer
-export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}/config
+export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}
 export JAVA_HOME=${INSTALLATION_DIR}/jdk
 export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
 export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
@@ -59,7 +59,7 @@ if [[ -f bin/opensearch-users ]]; then
  # enabled, but we have no way of knowing which node we are yet. We'll just
  # honor the variable if it's present.
  if [[ -n "$INDEXER_PASSWORD" ]]; then
-    [[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
+    [[ -f /usr/share/wazuh-indexer/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
    if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then
      # keystore is unencrypted
      if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then
@@ -84,10 +84,10 @@ if [[ "$(id -u)" == "0" ]]; then
 fi
-if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
+#if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
  # run securityadmin.sh for single node with CACERT, CERT and KEY parameter
-  nohup /securityadmin.sh &
+#  nohup /securityadmin.sh &
-  touch "/var/lib/wazuh-indexer/.flag"
+#  touch "/var/lib/wazuh-indexer/.flag"
-fi
+#fi
 run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD"
--- a/build-docker-images/wazuh-indexer/config/opensearch.yml
+++ b/build-docker-images/wazuh-indexer/config/opensearch.yml
@@ -4,12 +4,12 @@ path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer
 discovery.type: single-node
 compatibility.override_main_response_version: true
-plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem
+plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
-plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem
+plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
-plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
-plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem
+plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
-plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem
+plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
-plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
 plugins.security.ssl.http.enabled: true
 plugins.security.ssl.transport.enforce_hostname_verification: false
 plugins.security.ssl.transport.resolve_hostname: false
--- a/build-docker-images/wazuh-indexer/config/securityadmin.sh
+++ b/build-docker-images/wazuh-indexer/config/securityadmin.sh
@@ -1,3 +1,3 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 sleep 30
-bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert  $CACERT -cert $CERT -key $KEY -p 9300 -icl
+bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/opensearch-security/ -nhnv -cacert  $CACERT -cert $CERT -key $KEY -p 9200 -icl
--- a/build-docker-images/wazuh-manager/Dockerfile
+++ b/build-docker-images/wazuh-manager/Dockerfile
@@ -5,7 +5,7 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh
 ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
-ARG TEMPLATE_VERSION=4.3
+ARG TEMPLATE_VERSION=4.4
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"
--- a/build-docker-images/wazuh-manager/config/check_repository.sh
+++ b/build-docker-images/wazuh-manager/config/check_repository.sh
@@ -1,13 +1,29 @@
-## Variables
+## variables
-WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g')
+APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
-WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
+REPOSITORY="deb https://packages.wazuh.com/4.x/apt/ stable main"
-## If wazuh manager exists in apt dev repository, change variables, if not exit 1
+WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
-if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
+MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
-  APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
+MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
-  REPOSITORY="deb https://packages.wazuh.com/4.x/apt/ stable main"
+MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
-else
+MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
 MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
 MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
 ## check version to use the correct repository
 if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
  APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
  REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
 elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
  if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
    APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
    REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
  elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
    if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
      APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
      REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
    fi
  fi
 fi
 apt-key adv --fetch-keys ${APT_KEY}
 echo ${REPOSITORY} | tee -a /etc/apt/sources.list.d/wazuh.list
--- a/indexer-certs-creator/config/entrypoint.sh
+++ b/indexer-certs-creator/config/entrypoint.sh
@@ -8,8 +8,8 @@
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.3/
+PACKAGES_URL=https://packages.wazuh.com/4.4/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
--- a/multi-node/Migration-to-Wazuh-4.4.md
+++ b/multi-node/Migration-to-Wazuh-4.4.md
@@ -1,6 +1,6 @@
 # Opendistro data migration to Wazuh indexer on docker.
 This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments.
-The example is migrating from v4.2 to v4.3.
+The example is migrating from v4.2 to v4.4.
 ## Procedure
 Assuming that you have a v4.2 production deployment, perform the following steps.
@@ -350,9 +350,9 @@ docker container run --rm -it \
           alpine ash -c "cd /from ; cp -avp . /to"
 ```
-**7. Start the 4.3 environment.**
+**7. Start the 4.4 environment.**
 ```
-git checkout 4.3
+git checkout 4.4
 cd multi-node
 docker-compose -f generate-indexer-certs.yml run --rm generator
 docker-compose up -d
--- a/multi-node/docker-compose.yml
+++ b/multi-node/docker-compose.yml
@@ -3,7 +3,7 @@ version: '3.7'
 services:
  wazuh.master:
-    image: wazuh/wazuh-manager:4.3.11
+    image: wazuh/wazuh-manager:4.4.1
    hostname: wazuh.master
    restart: always
    ports:
@@ -38,7 +38,7 @@ services:
      - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh.worker:
-    image: wazuh/wazuh-manager:4.3.11
+    image: wazuh/wazuh-manager:4.4.1
    hostname: wazuh.worker
    restart: always
    environment:
@@ -67,7 +67,7 @@ services:
      - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh1.indexer:
-    image: wazuh/wazuh-indexer:4.3.11
+    image: wazuh/wazuh-indexer:4.4.1
    hostname: wazuh1.indexer
    restart: always
    ports:
@@ -84,16 +84,16 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data-1:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.pem
-      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
+      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
-      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
+      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
-      - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh2.indexer:
-    image: wazuh/wazuh-indexer:4.3.11
+    image: wazuh/wazuh-indexer:4.4.1
    hostname: wazuh2.indexer
    restart: always
    environment:
@@ -108,14 +108,14 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data-2:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.pem
-      - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh3.indexer:
-    image: wazuh/wazuh-indexer:4.3.11
+    image: wazuh/wazuh-indexer:4.4.1
    hostname: wazuh3.indexer
    restart: always
    environment:
@@ -130,14 +130,14 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data-3:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.pem
-      - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.3.11
+    image: wazuh/wazuh-dashboard:4.4.1
    hostname: wazuh.dashboard
    restart: always
    ports:
@@ -147,6 +147,8 @@ services:
      - WAZUH_API_URL="https://wazuh.master"
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
      - DASHBOARD_USERNAME=kibanaserver
      - DASHBOARD_PASSWORD=kibanaserver
    volumes:
      - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
      - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
--- a/single-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/single-node/config/wazuh_cluster/wazuh_manager.conf
@@ -331,11 +331,11 @@
    <name>wazuh</name>
    <node_name>node01</node_name>
    <node_type>master</node_type>
-    <key></key>
+    <key>aa093264ef885029653eea20dfcf51ae</key>
    <port>1516</port>
    <bind_addr>0.0.0.0</bind_addr>
    <nodes>
-        <node>NODE_IP</node>
+        <node>wazuh.manager</node>
    </nodes>
    <hidden>no</hidden>
    <disabled>yes</disabled>
--- a/single-node/config/wazuh_indexer/wazuh.indexer.yml
+++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml
@@ -3,13 +3,15 @@ node.name: "wazuh.indexer"
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer
 discovery.type: single-node
 http.port: 9200-9299
 transport.tcp.port: 9300-9399
 compatibility.override_main_response_version: true
-plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem
+plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key
+plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
-plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
-plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem
+plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key
+plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
-plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
 plugins.security.ssl.http.enabled: true
 plugins.security.ssl.transport.enforce_hostname_verification: false
 plugins.security.ssl.transport.resolve_hostname: false
--- a/single-node/docker-compose.yml
+++ b/single-node/docker-compose.yml
@@ -3,7 +3,7 @@ version: '3.7'
 services:
  wazuh.manager:
-    image: wazuh/wazuh-manager:4.3.11
+    image: wazuh/wazuh-manager:4.4.1
    hostname: wazuh.manager
    restart: always
    ports:
@@ -39,7 +39,7 @@ services:
      - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh.indexer:
-    image: wazuh/wazuh-indexer:4.3.11
+    image: wazuh/wazuh-indexer:4.4.1
    hostname: wazuh.indexer
    restart: always
    ports:
@@ -55,16 +55,16 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
+      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
-      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
+      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
-      - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.3.11
+    image: wazuh/wazuh-dashboard:4.4.1
    hostname: wazuh.dashboard
    restart: always
    ports:
@@ -73,6 +73,8 @@ services:
      - INDEXER_USERNAME=admin
      - INDEXER_PASSWORD=SecretPassword
      - WAZUH_API_URL=https://wazuh.manager
      - DASHBOARD_USERNAME=kibanaserver
      - DASHBOARD_PASSWORD=kibanaserver
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
    volumes:
`@@ -1,2 +1,2 @@`
	`WAZUH-DOCKER_VERSION="4.3.11"`	`WAZUH-DOCKER_VERSION="4.4.1"`
	`REVISION="40324"`	`REVISION="40406"`